| |
| |||||||
Log-Analyse und Auswertung: Malwarebytes zeigt Funde an auf PC vom VaterWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
19.07.2017, 10:11
| #1 |
 |  Malwarebytes zeigt Funde an auf PC vom Vater hallo ihr Lieben, gestern half mir bereits Matthias bei meinem Laptop, nun zeigt der PC von meinem Vater bei Malwarebytes Funde an. Könnt ihr mir bzw. ihm wieder helfen? Malwarebytes: Code:
ATTFilter Malwarebytes
www.malwarebytes.com
-Protokolldetails-
Scan-Datum: 19.07.17
Scan-Zeit: 10:13
Protokolldatei: malwarebytes.txt
Administrator: Ja
-Softwaredaten-
Version: 3.0.6.1469
Komponentenversion: 1.0.103
Version des Aktualisierungspakets: 1.0.2396
Lizenz: Kostenlos
-Systemdaten-
Betriebssystem: Windows 10
CPU: x64
Dateisystem: NTFS
Benutzer: Siggi-PC\Siggi
-Scan-Übersicht-
Scan-Typ: Bedrohungs-Scan
Ergebnis: Abgeschlossen
Gescannte Objekte: 507596
Abgelaufene Zeit: 18 Min., 33 Sek.
-Scan-Optionen-
Speicher: Aktiviert
Start: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Aktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert
-Scan-Details-
Prozess: 0
(keine bösartigen Elemente erkannt)
Modul: 0
(keine bösartigen Elemente erkannt)
Registrierungsschlüssel: 6
PUP.Optional.IFEO, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\SKYPE.EXE, In Quarantäne, [9792], [239345],1.0.2396
PUP.Optional.IFEO, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\SKYPE.EXE, In Quarantäne, [9792], [239345],1.0.2396
RiskWare.IFEOHijack, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\CHROME.EXE, In Quarantäne, [722], [249055],1.0.2396
PUP.Optional.IFEO, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\TEAMVIEWER.EXE, In Quarantäne, [9792], [239351],1.0.2396
RiskWare.IFEOHijack, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\CHROME.EXE, In Quarantäne, [722], [249055],1.0.2396
PUP.Optional.IFEO, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\TEAMVIEWER.EXE, In Quarantäne, [9792], [239351],1.0.2396
Registrierungswert: 6
PUP.Optional.IFEO, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\SKYPE.EXE|DEBUGGER, In Quarantäne, [9792], [239345],1.0.2396
PUP.Optional.IFEO, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\SKYPE.EXE|DEBUGGER, In Quarantäne, [9792], [239345],1.0.2396
RiskWare.IFEOHijack, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\CHROME.EXE|DEBUGGER, In Quarantäne, [722], [249055],1.0.2396
PUP.Optional.IFEO, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\TEAMVIEWER.EXE|DEBUGGER, In Quarantäne, [9792], [239351],1.0.2396
RiskWare.IFEOHijack, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\CHROME.EXE|DEBUGGER, In Quarantäne, [722], [249055],1.0.2396
PUP.Optional.IFEO, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\TEAMVIEWER.EXE|DEBUGGER, In Quarantäne, [9792], [239351],1.0.2396
Registrierungsdaten: 0
(keine bösartigen Elemente erkannt)
Daten-Stream: 0
(keine bösartigen Elemente erkannt)
Ordner: 0
(keine bösartigen Elemente erkannt)
Datei: 0
(keine bösartigen Elemente erkannt)
Physischer Sektor: 0
(keine bösartigen Elemente erkannt)
(end)
Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 18-07-2017
durchgeführt von Siggi (Administrator) auf SIGGI-PC (19-07-2017 11:05:09)
Gestartet von C:\Users\Siggi\Desktop
Geladene Profile: Siggi (Verfügbare Profile: Siggi & Administrator & DefaultAppPool)
Platform: Windows 10 Pro Version 1607 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\WINDOWS\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(G DATA Software AG) C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe
(NVIDIA Corporation) C:\WINDOWS\System32\nvvsvc.exe
(G Data Software AG) C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKWCtlx64.exe
(G DATA Software AG) C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe
(G DATA Software AG) C:\Program Files (x86)\G Data\InternetSecurity\AVKBackup\AVKBackupService.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe
(Microsoft Corporation) C:\WINDOWS\System32\mqsvc.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe
(Michal Trojnara) C:\Program Files (x86)\stunnel\bin\stunnel.exe
(Nalpeiron Ltd.) C:\WINDOWS\SysWOW64\nlssrv32.exe
(Protexis Inc.) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
(Microsoft Corporation) C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(G Data Software AG) C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFwSvcx64.exe
(Microsoft Corporation) C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesApp64.exe
(G DATA Software AG) C:\Program Files (x86)\G Data\InternetSecurity\AVKTray\AVKTray.exe
(G DATA Software AG) C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFirewallTray.exe
(G DATA Software AG) C:\Program Files (x86)\Common Files\G Data\AVKProxy\GDKBFltExe32.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avguix.exe
(Microsoft Corporation) C:\WINDOWS\System32\vds.exe
(Microsoft Corporation) C:\WINDOWS\System32\InstallAgent.exe
(Microsoft Corporation) C:\WINDOWS\System32\InstallAgentUserBroker.exe
(Microsoft Corporation) C:\WINDOWS\System32\smartscreen.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(G DATA Software AG) C:\Program Files (x86)\Common Files\G Data\AVKProxy\GDKBFltSur64.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation) C:\WINDOWS\ImmersiveControlPanel\SystemSettings.exe
==================== Registry (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [472984 2013-06-03] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [G Data ASM] => C:\Program Files (x86)\G DATA\InternetSecurity\DelayLoader\AutorunDelayLoader.exe [442856 2017-06-08] (G DATA Software AG)
HKLM-x32\...\Run: [AvgUi] => C:\Program Files (x86)\AVG\Framework\Common\avguirna.exe [240400 2016-12-06] (AVG Technologies CZ, s.r.o.)
HKLM\...\Winlogon: [Userinit] C:\Windows\System32\userinit.exe,c:\program files (x86)\g data\internetsecurity\avkkid\avkcks.exe,
IFEO: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\AcroRd32.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\actioncammoviecreator.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\adobe air application installer.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\consumer_cpl.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\desktopshortcut_6e16623549f34dfaa1021e86675abd11.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\excel.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\hostingmanager.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\msoxmled.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\mstore.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\offdiag.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\ois.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\onenote.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\onenotem.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\pmbbrowser.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\pmbinit.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\powerpnt.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\prefutil.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\programmenushortcu_6e16623549f34dfaa1021e86675abd11.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\startupshortcut_6e16623549f34dfaa1021e86675abd11.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\winword.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
SSODL: EldosMountNotificator-cbfs5 - {36E77381-D390-4622-B570-E6BB8BE669A9} - C:\WINDOWS\system32\cbfsMntNtf5.dll (EldoS Corporation)
SSODL-x32: EldosMountNotificator-cbfs5 - {36E77381-D390-4622-B570-E6BB8BE669A9} - C:\WINDOWS\SysWOW64\cbfsMntNtf5.dll (EldoS Corporation)
Startup: C:\Users\Siggi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Telekom Hosting Manager.lnk [2017-04-20]
ShortcutTarget: Telekom Hosting Manager.lnk -> C:\Program Files\Telekom\Telekom Hosting Manager\HostingManager.exe (Deutsche Telekom AG)
Startup: C:\Users\Siggi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Z Cinema.lnk [2016-07-22]
ShortcutTarget: Z Cinema.lnk -> C:\Users\Siggi\AppData\Roaming\Microsoft\Installer\{6E166235-49F3-4DFA-A102-1E86675ABD11}\StartupShortcut_6E16623549F34DFAA1021E86675ABD11.exe (Macrovision Corporation)
GroupPolicy: Beschränkung <==== ACHTUNG
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{08536f8b-cf5c-4c23-bc90-f5eafdf61c54}: [DhcpNameServer] 0.0.0.0
Tcpip\..\Interfaces\{354f3174-9170-4742-9093-966c7b43f1ab}: [DhcpNameServer] 0.0.0.0
Tcpip\..\Interfaces\{D201511E-653C-4065-91AE-A347124A873B}: [DhcpNameServer] 0.0.0.0
Tcpip\..\Interfaces\{e51692d9-6dc9-4d89-a023-d55cd16e0531}: [DhcpNameServer] 192.168.2.1
Internet Explorer:
==================
HKU\S-1-5-21-2441953047-3725558795-4123501198-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://de.yahoo.com/?fr=yset_ie_syc_oracle&type=orcl_hpset
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2441953047-3725558795-4123501198-1001 -> {445BC4F7-F1D0-43F9-BF31-C8479D85BF02} URL = hxxp://go.web.de/tb/ie_searchplugin/?q={searchTerms}&enc=UTF-8
SearchScopes: HKU\S-1-5-21-2441953047-3725558795-4123501198-1001 -> {769E16E6-6B87-4EF3-9691-15AD1A84707D} URL = hxxp://go.1und1.de/tb/ie_searchplugin/?q={searchTerms}&enc=UTF-8
SearchScopes: HKU\S-1-5-21-2441953047-3725558795-4123501198-1001 -> {AE63A9B2-5258-45B6-9416-143F95A601F6} URL = hxxp://go.gmx.de/tb/ie_searchplugin/?q={searchTerms}&enc=UTF-8
SearchScopes: HKU\S-1-5-21-2441953047-3725558795-4123501198-1001 -> {DADBACC7-BC79-4803-9936-645B4E9A55AB} URL = hxxp://go.mail.com/tb/en-us/ie_searchplugin/?q={searchTerms}&enc=UTF-8
SearchScopes: HKU\S-1-5-21-2441953047-3725558795-4123501198-1001 -> {FE795473-12B7-4B26-9A36-8DA743D61DD9} URL = hxxps://de.search.yahoo.com/search?p={searchTerms}&intl=de&fr=yset_ie_syc_oracle&type=orcl_default&partnerexternal-oracle=external-oracle
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_131\bin\ssv.dll [2017-05-21] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_131\bin\jp2ssv.dll [2017-05-21] (Oracle Corporation)
FireFox:
========
FF DefaultProfile: lvuepr2z.default-1493229345721
FF ProfilePath: C:\Users\Siggi\AppData\Roaming\Mozilla\Firefox\Profiles\lvuepr2z.default-1493229345721 [2017-07-19]
FF Homepage: Mozilla\Firefox\Profiles\lvuepr2z.default-1493229345721 -> hxxp://www.siggi-hasenthal.de/
FF Extension: (Adblock Plus) - C:\Users\Siggi\AppData\Roaming\Mozilla\Firefox\Profiles\lvuepr2z.default-1493229345721\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2017-06-08]
FF HKU\S-1-5-21-2441953047-3725558795-4123501198-1001\...\Firefox\Extensions: [cliqz@cliqz.com] - C:\Users\Siggi\AppData\Roaming\Mozilla\Firefox\Profiles\wioilx3e.default\extensions\cliqz@cliqz.com => nicht gefunden
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_26_0_0_131.dll [2017-06-17] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin: @wacom.com/wtPlugin,version=2.1.0.7 -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom)
FF Plugin: wacom.com/WacomTabletPlugin -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_26_0_0_131.dll [2017-06-17] ()
FF Plugin-x32: @java.com/DTPlugin,version=11.131.2 -> C:\Program Files (x86)\Java\jre1.8.0_131\bin\dtplugin\npDeployJava1.dll [2017-05-21] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.131.2 -> C:\Program Files (x86)\Java\jre1.8.0_131\bin\plugin2\npjp2.dll [2017-05-21] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll [2010-04-26] (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2016-11-14] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2016-11-14] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-05-23] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-05-23] (Google Inc.)
FF Plugin-x32: @wacom.com/wtPlugin,version=2.1.0.7 -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2016-12-17] (Adobe Systems Inc.)
FF Plugin-x32: wacom.com/WacomTabletPlugin -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom)
Chrome:
=======
CHR DefaultProfile: Default
CHR StartupUrls: Default -> "hxxp://www.siggi-hasenthal.de/"
CHR DefaultSearchURL: Default -> hxxps://de.search.yahoo.com/search?p={searchTerms}&fr=yset_chr_syc_oracle&type=default
CHR DefaultSearchKeyword: Default -> Yahoo
CHR DefaultSuggestURL: Default -> hxxps://de.search.yahoo.com/sugg/ie?output=fxjson&command={searchTerms}&nResults=10
CHR Profile: C:\Users\Siggi\AppData\Local\Google\Chrome\User Data\Default [2017-07-15]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Siggi\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-04-15]
CHR Extension: (Chrome Media Router) - C:\Users\Siggi\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-07-15]
CHR HKLM-x32\...\Chrome\Extension: [ibbfklbaljofpaanmpaeadejijfdddco] - hxxps://clients2.google.com/service/update2/crx
==================== Dienste (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 avgsvc; C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe [1146128 2016-12-06] (AVG Technologies CZ, s.r.o.)
R2 AVKProxy; C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe [5017224 2017-06-23] (G DATA Software AG)
R2 AVKWCtl; C:\Program Files (x86)\G DATA\InternetSecurity\AVK\AVKWCtlx64.exe [3328112 2017-06-08] (G Data Software AG)
S4 chip1click; C:\Program Files (x86)\Chip Digital GmbH\chip1click\chip 1-click installer.exe [91136 2016-10-27] (Chip Digital GmbH) [Datei ist nicht signiert]
R2 GDBackupSvc; C:\Program Files (x86)\G DATA\InternetSecurity\AVKBackup\AVKBackupService.exe [3997160 2017-06-23] (G DATA Software AG)
R3 GDFwSvc; C:\Program Files (x86)\G DATA\InternetSecurity\Firewall\GDFwSvcx64.exe [3419552 2017-06-08] (G Data Software AG)
R3 GDScan; C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe [884328 2017-06-08] (G DATA Software AG)
S4 HGESVR; C:\Program Files\Telekom\Telekom Hosting Manager\HGE.Service.exe [18232 2013-03-18] (Deutsche Telekom AG)
R3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [4355024 2017-01-20] (Malwarebytes)
R2 nlsX86cc; C:\Windows\SysWOW64\nlssrv32.exe [66560 2011-09-22] (Nalpeiron Ltd.) [Datei ist nicht signiert]
S4 PMBDeviceInfoProvider; C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe [506960 2015-12-26] (Sony Corporation)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [2889896 2016-09-15] (Microsoft Corporation)
R2 stunnel; C:\Program Files (x86)\stunnel\bin\stunnel.exe [200192 2016-07-17] (Michal Trojnara) [Datei ist nicht signiert]
S4 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [10883824 2017-03-17] (TeamViewer GmbH)
R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe [5906704 2017-02-21] (AVG Technologies CZ, s.r.o.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347320 2017-04-28] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103712 2017-04-28] (Microsoft Corporation)
S4 WTabletServiceCon; C:\Program Files\Tablet\Pen\WTabletServiceCon.exe [656664 2014-08-19] (Wacom Technology, Corp.)
S4 AVKService; "C:\Program Files (x86)\G DATA\InternetSecurity\AVK\AVKService.exe" [X]
===================== Treiber (Nicht auf der Ausnahmeliste) ======================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
S3 anvsnddrv; C:\WINDOWS\system32\drivers\anvsnddrv.sys [33872 2012-05-17] (AnvSoft Inc.)
R1 cbfs5; C:\WINDOWS\system32\drivers\cbfs5.sys [416448 2014-01-23] (EldoS Corporation)
S3 flex1500; C:\WINDOWS\System32\drivers\flex1500.sys [265312 2012-11-29] (Jungo)
S3 flex1500; C:\Windows\SysWOW64\drivers\flex1500.sys [265312 2012-11-29] (Jungo)
R0 GDBehave; C:\WINDOWS\System32\drivers\GDBehave.sys [200728 2017-07-14] (G Data Software AG)
S0 GDElam; C:\WINDOWS\System32\DRIVERS\GDElam.sys [117904 2016-04-21] (G Data Software AG)
R3 GDKBB; C:\WINDOWS\system32\drivers\GDKBB64.sys [46104 2017-07-14] (G Data Software AG)
R3 GDKBFlt; C:\WINDOWS\system32\drivers\GDKBFlt64.sys [38984 2017-07-14] (G DATA Software AG)
R1 GDMnIcpt; C:\Windows\system32\drivers\MiniIcpt.sys [309784 2017-07-14] (G Data Software AG)
R3 GDPkIcpt; C:\Windows\system32\drivers\PktIcpt.sys [162328 2017-07-14] (G Data Software AG)
R1 gdwfpcd; C:\WINDOWS\System32\drivers\gdwfpcd64.sys [86584 2017-07-14] (G DATA Software AG)
R1 GRD; C:\Windows\system32\drivers\GRD.sys [116296 2016-12-06] (G Data Software)
R1 HookCentre; C:\Windows\system32\drivers\HookCentre.sys [157720 2017-07-14] (G Data Software AG)
S3 libusb0; C:\WINDOWS\System32\DRIVERS\libusb0.sys [52832 2014-08-25] (hxxp://libusb-win32.sourceforge.net)
S3 libusbK; C:\WINDOWS\System32\DRIVERS\libusbK.sys [47200 2014-08-25] (hxxp://libusb-win32.sourceforge.net)
R0 MBAMSwissArmy; C:\WINDOWS\System32\drivers\MBAMSwissArmy.sys [251832 2017-07-19] (Malwarebytes)
S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
R0 PxHlpa64; C:\WINDOWS\System32\Drivers\PxHlpa64.sys [56336 2013-07-19] (Corel Corporation)
R1 RrNetCapFilterDriver; C:\WINDOWS\system32\DRIVERS\RrNetCapFilterDriver.sys [34608 2017-01-25] (Audials AG)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [589824 2016-07-16] (Realtek )
R3 SKYNET; C:\WINDOWS\System32\drivers\SkyNET_AMD64.SYS [617048 2010-05-10] (TechniSat Digital, S.A.)
R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesDriver64.sys [32304 2016-06-01] (AVG Netherlands B.V.)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)
R3 ZCinema_TSHD_x64; C:\WINDOWS\system32\drivers\ZCinema_SRS_amd64.sys [21648 2007-08-22] (SRS Labs, Inc.)
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2017-07-19 11:00 - 2017-07-19 11:02 - 00059089 _____ C:\Users\Siggi\Desktop\Addition.txt
2017-07-19 10:57 - 2017-07-19 11:05 - 00019220 _____ C:\Users\Siggi\Desktop\FRST.txt
2017-07-19 10:55 - 2017-07-19 10:56 - 02382336 _____ (Farbar) C:\Users\Siggi\Desktop\FRST64.exe
2017-07-19 10:54 - 2017-07-19 10:54 - 02382336 _____ (Farbar) C:\Users\Siggi\Downloads\FRST64.exe
2017-07-19 10:52 - 2017-07-19 10:52 - 00003142 _____ C:\Users\Siggi\Desktop\malwarebytes.txt
2017-07-14 07:17 - 2017-07-14 07:17 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\G DATA INTERNET SECURITY
2017-07-12 11:55 - 2017-07-07 09:29 - 05686272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2017-07-12 11:55 - 2017-07-07 08:54 - 02997248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2017-07-12 11:55 - 2017-07-07 08:53 - 02483200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2017-07-12 11:55 - 2017-07-07 08:52 - 01599488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2017-07-12 11:55 - 2017-06-21 09:28 - 01504056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2017-07-12 11:55 - 2017-06-21 09:27 - 01431232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2017-07-12 11:55 - 2017-06-21 09:27 - 00116576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudExperienceHostCommon.dll
2017-07-12 11:55 - 2017-06-21 09:01 - 00141824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Radios.dll
2017-07-12 11:55 - 2017-06-21 09:00 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDeviceRegistration.dll
2017-07-12 11:55 - 2017-06-21 08:59 - 00285184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.BlockedShutdown.dll
2017-07-12 11:55 - 2017-06-21 08:59 - 00123904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.HostName.dll
2017-07-12 11:55 - 2017-06-21 08:58 - 00129024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.SerialCommunication.dll
2017-07-12 11:55 - 2017-06-21 08:58 - 00094208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryClient.dll
2017-07-12 11:55 - 2017-06-21 08:58 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.ServiceDiscovery.Dnssd.dll
2017-07-12 11:55 - 2017-06-21 08:56 - 00374784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.LowLevel.dll
2017-07-12 11:55 - 2017-06-21 08:56 - 00315904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Gaming.XboxLive.Storage.dll
2017-07-12 11:55 - 2017-06-21 08:56 - 00237056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SyncSettings.dll
2017-07-12 11:55 - 2017-06-21 08:56 - 00231936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.LockScreen.dll
2017-07-12 11:55 - 2017-06-21 08:56 - 00180224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
2017-07-12 11:55 - 2017-06-21 08:56 - 00113152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Lights.dll
2017-07-12 11:55 - 2017-06-21 08:55 - 00557568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll
2017-07-12 11:55 - 2017-06-21 08:55 - 00117760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AuthBroker.dll
2017-07-12 11:55 - 2017-06-21 08:55 - 00115712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Core.dll
2017-07-12 11:55 - 2017-06-21 08:54 - 00609280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Import.dll
2017-07-12 11:55 - 2017-06-21 08:54 - 00298496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2017-07-12 11:55 - 2017-06-21 08:54 - 00223232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgentUserBroker.exe
2017-07-12 11:55 - 2017-06-21 08:53 - 00431616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\efswrt.dll
2017-07-12 11:55 - 2017-06-21 08:53 - 00332288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Bluetooth.dll
2017-07-12 11:55 - 2017-06-21 08:53 - 00284672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apprepsync.dll
2017-07-12 11:55 - 2017-06-21 08:53 - 00218624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WwaApi.dll
2017-07-12 11:55 - 2017-06-21 08:53 - 00175616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Scanners.dll
2017-07-12 11:55 - 2017-06-21 08:53 - 00125952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apprepapi.dll
2017-07-12 11:55 - 2017-06-21 08:52 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Picker.dll
2017-07-12 11:55 - 2017-06-21 08:51 - 00314368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Usb.dll
2017-07-12 11:55 - 2017-06-21 08:50 - 00857600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EmailApis.dll
2017-07-12 11:55 - 2017-06-21 08:48 - 02333184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmSvc.dll
2017-07-12 11:55 - 2017-06-21 08:44 - 00795648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MiracastReceiver.dll
2017-07-12 11:55 - 2017-06-21 08:44 - 00343040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToDevice.dll
2017-07-12 11:55 - 2017-06-21 08:43 - 00653312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.AccountsControl.dll
2017-07-12 11:55 - 2017-06-21 08:43 - 00468992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.InkControls.dll
2017-07-12 11:55 - 2017-06-21 08:40 - 00895488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Streaming.dll
2017-07-12 11:55 - 2017-06-21 08:40 - 00675840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.dll
2017-07-12 11:55 - 2017-06-21 08:40 - 00220672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToReceiver.dll
2017-07-12 11:55 - 2017-06-21 08:38 - 01221120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Audio.dll
2017-07-12 11:55 - 2017-06-21 08:37 - 00357376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Geolocation.dll
2017-07-12 11:55 - 2017-06-21 08:37 - 00103936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Devices.dll
2017-07-12 11:55 - 2017-06-21 08:36 - 01988096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2017-07-12 11:55 - 2017-06-21 08:35 - 01656320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Perception.dll
2017-07-12 11:55 - 2017-06-21 08:35 - 01232384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Maps.dll
2017-07-12 11:55 - 2017-06-21 08:35 - 00598528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.dll
2017-07-12 11:55 - 2017-06-21 08:35 - 00589312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Sensors.dll
2017-07-12 11:55 - 2017-06-21 08:34 - 00654336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MbaeApiPublic.dll
2017-07-12 11:55 - 2017-06-21 08:34 - 00542208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.Connectivity.dll
2017-07-12 11:55 - 2017-03-04 08:20 - 00426496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Wallet.dll
2017-07-12 11:55 - 2017-03-04 08:19 - 00498688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mbsmsapi.dll
2017-07-12 11:55 - 2016-10-05 11:15 - 00141312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dialclient.dll
2017-07-12 11:55 - 2016-09-15 18:58 - 00092672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Background.SystemEventsBroker.dll
2017-07-12 11:54 - 2017-07-07 09:49 - 00340824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2017-07-12 11:54 - 2017-07-07 09:46 - 00781152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2017-07-12 11:54 - 2017-07-07 09:45 - 02263832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2017-07-12 11:54 - 2017-07-07 09:44 - 00108896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys
2017-07-12 11:54 - 2017-07-07 09:40 - 20967840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2017-07-12 11:54 - 2017-07-07 09:37 - 00468320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netio.sys
2017-07-12 11:54 - 2017-07-07 09:37 - 00118112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tdx.sys
2017-07-12 11:54 - 2017-07-07 09:29 - 02759712 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2017-07-12 11:54 - 2017-07-07 09:29 - 00857440 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2017-07-12 11:54 - 2017-07-07 09:24 - 22220856 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2017-07-12 11:54 - 2017-07-07 09:23 - 00241504 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHost.dll
2017-07-12 11:54 - 2017-07-07 09:20 - 00059904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\l2gpstore.dll
2017-07-12 11:54 - 2017-07-07 09:19 - 00081408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2017-07-12 11:54 - 2017-07-07 09:19 - 00025088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eapprovp.dll
2017-07-12 11:54 - 2017-07-07 09:18 - 02532192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2017-07-12 11:54 - 2017-07-07 09:18 - 00450560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastls.dll
2017-07-12 11:54 - 2017-07-07 09:18 - 00210432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\onex.dll
2017-07-12 11:54 - 2017-07-07 09:18 - 00057400 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsass.exe
2017-07-12 11:54 - 2017-07-07 09:17 - 00118784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\raschap.dll
2017-07-12 11:54 - 2017-07-07 09:14 - 00270336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2017-07-12 11:54 - 2017-07-07 09:14 - 00126464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
2017-07-12 11:54 - 2017-07-07 09:13 - 00364544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupShim.dll
2017-07-12 11:54 - 2017-07-07 09:13 - 00310272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Wldap32.dll
2017-07-12 11:54 - 2017-07-07 09:11 - 00340480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2017-07-12 11:54 - 2017-07-07 09:10 - 00755200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2017-07-12 11:54 - 2017-07-07 09:09 - 00637952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SmartcardCredentialProvider.dll
2017-07-12 11:54 - 2017-07-07 09:09 - 00506368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2017-07-12 11:54 - 2017-07-07 09:06 - 18364928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2017-07-12 11:54 - 2017-07-07 09:06 - 07626752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2017-07-12 11:54 - 2017-07-07 09:05 - 19414528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2017-07-12 11:54 - 2017-07-07 09:03 - 00337408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msinfo32.exe
2017-07-12 11:54 - 2017-07-07 09:02 - 01313280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wdc.dll
2017-07-12 11:54 - 2017-07-07 09:00 - 12187136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2017-07-12 11:54 - 2017-07-07 09:00 - 00476160 _____ (Microsoft® Windows® Operating System) C:\WINDOWS\SysWOW64\wvc.dll
2017-07-12 11:54 - 2017-07-07 08:57 - 00691712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2017-07-12 11:54 - 2017-07-07 08:56 - 06035456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2017-07-12 11:54 - 2017-07-07 08:55 - 04423680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll
2017-07-12 11:54 - 2017-07-07 08:55 - 03664896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2017-07-12 11:54 - 2017-07-07 08:55 - 01571840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2017-07-12 11:54 - 2017-07-07 08:54 - 02027008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2017-07-12 11:54 - 2017-07-07 08:52 - 04561408 _____ (Microsoft) C:\WINDOWS\SysWOW64\dbgeng.dll
2017-07-12 11:54 - 2017-07-07 08:52 - 01413632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OpcServices.dll
2017-07-12 11:54 - 2017-07-07 08:48 - 00071680 _____ (Microsoft Corporation) C:\WINDOWS\system32\l2gpstore.dll
2017-07-12 11:54 - 2017-07-07 08:48 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\eapprovp.dll
2017-07-12 11:54 - 2017-07-07 08:46 - 00231424 _____ (Microsoft Corporation) C:\WINDOWS\system32\shutdownux.dll
2017-07-12 11:54 - 2017-07-07 08:45 - 00223744 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2017-07-12 11:54 - 2017-07-07 08:44 - 00502784 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastls.dll
2017-07-12 11:54 - 2017-07-07 08:44 - 00238592 _____ (Microsoft Corporation) C:\WINDOWS\system32\onex.dll
2017-07-12 11:54 - 2017-07-07 08:44 - 00137728 _____ (Microsoft Corporation) C:\WINDOWS\system32\raschap.dll
2017-07-12 11:54 - 2017-07-07 08:43 - 00387584 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2017-07-12 11:54 - 2017-07-07 08:43 - 00088576 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2017-07-12 11:54 - 2017-07-07 08:39 - 00282624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb10.sys
2017-07-12 11:54 - 2017-07-07 08:35 - 01397760 _____ (Microsoft Corporation) C:\WINDOWS\system32\wdc.dll
2017-07-12 11:54 - 2017-07-07 08:33 - 00576000 _____ (Microsoft® Windows® Operating System) C:\WINDOWS\system32\wvc.dll
2017-07-12 11:54 - 2017-07-07 08:30 - 13090816 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2017-07-12 11:54 - 2017-07-07 08:28 - 02096640 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2017-07-12 11:54 - 2017-07-07 08:28 - 00759296 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2017-07-12 11:54 - 2017-07-07 08:27 - 08120832 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2017-07-12 11:54 - 2017-07-07 08:24 - 04744704 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2017-07-12 11:54 - 2017-07-07 08:24 - 01783296 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2017-07-12 11:54 - 2017-07-07 08:24 - 01513472 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2017-07-12 11:54 - 2017-07-06 06:29 - 00690008 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcp120_clr0400.dll
2017-07-12 11:54 - 2017-06-22 08:17 - 00987840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcr120_clr0400.dll
2017-07-12 11:54 - 2017-06-22 08:17 - 00485576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcp120_clr0400.dll
2017-07-12 11:54 - 2017-06-21 10:18 - 01470816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppVEntSubsystems32.dll
2017-07-12 11:54 - 2017-06-21 09:54 - 00603488 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContentDeliveryManager.Utilities.dll
2017-07-12 11:54 - 2017-06-21 09:53 - 00794928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Shell.Broker.dll
2017-07-12 11:54 - 2017-06-21 09:52 - 02213760 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2017-07-12 11:54 - 2017-06-21 09:52 - 00774224 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2017-07-12 11:54 - 2017-06-21 09:52 - 00088416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\scmbus.sys
2017-07-12 11:54 - 2017-06-21 09:52 - 00081760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\stornvme.sys
2017-07-12 11:54 - 2017-06-21 09:51 - 02255712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2017-07-12 11:54 - 2017-06-21 09:42 - 01573280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2017-07-12 11:54 - 2017-06-21 09:42 - 00601712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2017-07-12 11:54 - 2017-06-21 09:41 - 01706488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2017-07-12 11:54 - 2017-06-21 09:39 - 02048496 _____ C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2017-07-12 11:54 - 2017-06-21 09:38 - 07220192 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2017-07-12 11:54 - 2017-06-21 09:38 - 01860288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2017-07-12 11:54 - 2017-06-21 09:38 - 00790752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll
2017-07-12 11:54 - 2017-06-21 09:36 - 00557408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2017-07-12 11:54 - 2017-06-21 09:36 - 00129888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBSTOR.SYS
2017-07-12 11:54 - 2017-06-21 09:33 - 00408600 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsmf.dll
2017-07-12 11:54 - 2017-06-21 09:33 - 00092512 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2017-07-12 11:54 - 2017-06-21 09:32 - 08169024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2017-07-12 11:54 - 2017-06-21 09:32 - 04260576 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2017-07-12 11:54 - 2017-06-21 09:32 - 01983408 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2017-07-12 11:54 - 2017-06-21 09:32 - 01702392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
2017-07-12 11:54 - 2017-06-21 09:32 - 01072248 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetcore.dll
2017-07-12 11:54 - 2017-06-21 09:31 - 00160096 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostBroker.dll
2017-07-12 11:54 - 2017-06-21 09:30 - 00869848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmCoreR.dll
2017-07-12 11:54 - 2017-06-21 09:30 - 00196960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ifsutil.dll
2017-07-12 11:54 - 2017-06-21 09:29 - 05722320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2017-07-12 11:54 - 2017-06-21 09:28 - 02277288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll
2017-07-12 11:54 - 2017-06-21 09:28 - 00524776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2017-07-12 11:54 - 2017-06-21 09:28 - 00170960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
2017-07-12 11:54 - 2017-06-21 09:27 - 01122344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dcomp.dll
2017-07-12 11:54 - 2017-06-21 09:27 - 00975744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll
2017-07-12 11:54 - 2017-06-21 09:27 - 00861024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2017-07-12 11:54 - 2017-06-21 09:27 - 00549088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SHCore.dll
2017-07-12 11:54 - 2017-06-21 09:26 - 00387864 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpps.dll
2017-07-12 11:54 - 2017-06-21 09:25 - 02168288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2017-07-12 11:54 - 2017-06-21 09:25 - 01980776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2017-07-12 11:54 - 2017-06-21 09:24 - 00846560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll
2017-07-12 11:54 - 2017-06-21 09:24 - 00154432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntmarta.dll
2017-07-12 11:54 - 2017-06-21 09:22 - 00361104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsmf.dll
2017-07-12 11:54 - 2017-06-21 09:21 - 06665440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2017-07-12 11:54 - 2017-06-21 09:21 - 04023552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2017-07-12 11:54 - 2017-06-21 09:21 - 01845512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2017-07-12 11:54 - 2017-06-21 09:21 - 01557808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll
2017-07-12 11:54 - 2017-06-21 09:21 - 01277856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll
2017-07-12 11:54 - 2017-06-21 09:21 - 00952416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2017-07-12 11:54 - 2017-06-21 09:21 - 00374448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFPlay.dll
2017-07-12 11:54 - 2017-06-21 09:20 - 01360464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetsrc.dll
2017-07-12 11:54 - 2017-06-21 09:20 - 00981888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetcore.dll
2017-07-12 11:54 - 2017-06-21 09:20 - 00962768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2017-07-12 11:54 - 2017-06-21 09:20 - 00312472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mftranscode.dll
2017-07-12 11:54 - 2017-06-21 09:19 - 04312248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2017-07-12 11:54 - 2017-06-21 09:06 - 00372736 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXTaskFactory.dll
2017-07-12 11:54 - 2017-06-21 09:04 - 01631232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Resources.dll
2017-07-12 11:54 - 2017-06-21 09:04 - 01631232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll
2017-07-12 11:54 - 2017-06-21 09:04 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\odbcconf.dll
2017-07-12 11:54 - 2017-06-21 09:03 - 00013312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rootmdm.sys
2017-07-12 11:54 - 2017-06-21 09:02 - 00237568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.Diagnostics.dll
2017-07-12 11:54 - 2017-06-21 09:02 - 00124928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\scmdisk0101.sys
2017-07-12 11:54 - 2017-06-21 09:02 - 00124416 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2017-07-12 11:54 - 2017-06-21 09:02 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\odbcconf.dll
2017-07-12 11:54 - 2017-06-21 09:01 - 00185344 _____ (Microsoft Corporation) C:\WINDOWS\system32\DisplayManager.dll
2017-07-12 11:54 - 2017-06-21 09:01 - 00138752 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEDataLayerHelpers.dll
2017-07-12 11:54 - 2017-06-21 09:00 - 00519168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ngccredprov.dll
2017-07-12 11:54 - 2017-06-21 09:00 - 00295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\unimdm.tsp
2017-07-12 11:54 - 2017-06-21 09:00 - 00233984 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProvisioningHandlers.dll
2017-07-12 11:54 - 2017-06-21 09:00 - 00193536 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinRtTracing.dll
2017-07-12 11:54 - 2017-06-21 09:00 - 00143360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\uudf.dll
2017-07-12 11:54 - 2017-06-21 09:00 - 00138240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DisplayManager.dll
2017-07-12 11:54 - 2017-06-21 09:00 - 00114688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Background.SystemEventsBroker.dll
2017-07-12 11:54 - 2017-06-21 09:00 - 00113664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.ServiceDiscovery.Dnssd.dll
2017-07-12 11:54 - 2017-06-21 08:59 - 00467968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Gaming.XboxLive.Storage.dll
2017-07-12 11:54 - 2017-06-21 08:59 - 00255488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\unimdm.tsp
2017-07-12 11:54 - 2017-06-21 08:59 - 00177664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.Diagnostics.dll
2017-07-12 11:54 - 2017-06-21 08:59 - 00149504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Core.dll
2017-07-12 11:54 - 2017-06-21 08:59 - 00137216 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdlrecover.exe
2017-07-12 11:54 - 2017-06-21 08:59 - 00097792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.System.SystemManagement.dll
2017-07-12 11:54 - 2017-06-21 08:58 - 00418304 _____ C:\WINDOWS\system32\Windows.Perception.Stub.dll
2017-07-12 11:54 - 2017-06-21 08:58 - 00211968 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2017-07-12 11:54 - 2017-06-21 08:58 - 00136192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinRtTracing.dll
2017-07-12 11:54 - 2017-06-21 08:58 - 00059904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.System.UserDeviceAssociation.dll
2017-07-12 11:54 - 2017-06-21 08:57 - 00505856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.WiFiDirect.dll
2017-07-12 11:54 - 2017-06-21 08:57 - 00418304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.BlockedShutdown.dll
2017-07-12 11:54 - 2017-06-21 08:57 - 00360448 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpencom.dll
2017-07-12 11:54 - 2017-06-21 08:57 - 00171520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.SerialCommunication.dll
2017-07-12 11:54 - 2017-06-21 08:57 - 00144896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Lights.dll
2017-07-12 11:54 - 2017-06-21 08:57 - 00142336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.WiFi.dll
2017-07-12 11:54 - 2017-06-21 08:57 - 00122880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sendmail.dll
2017-07-12 11:54 - 2017-06-21 08:57 - 00088576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDeviceRegistration.Ngc.dll
2017-07-12 11:54 - 2017-06-21 08:56 - 01507840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.FaceAnalysis.dll
2017-07-12 11:54 - 2017-06-21 08:56 - 00912384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.SmartCards.dll
2017-07-12 11:54 - 2017-06-21 08:56 - 00748544 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2017-07-12 11:54 - 2017-06-21 08:56 - 00719872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdiWiFi.sys
2017-07-12 11:54 - 2017-06-21 08:56 - 00590336 _____ (Microsoft Corporation) C:\WINDOWS\system32\efswrt.dll
2017-07-12 11:54 - 2017-06-21 08:56 - 00568320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.LowLevel.dll
2017-07-12 11:54 - 2017-06-21 08:56 - 00392192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Gaming.Input.dll
2017-07-12 11:54 - 2017-06-21 08:56 - 00299520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataAccountApis.dll
2017-07-12 11:54 - 2017-06-21 08:56 - 00260608 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgentUserBroker.exe
2017-07-12 11:54 - 2017-06-21 08:56 - 00216576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Scanners.dll
2017-07-12 11:54 - 2017-06-21 08:56 - 00203776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\credprovhost.dll
2017-07-12 11:54 - 2017-06-21 08:56 - 00184320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserMgrProxy.dll
2017-07-12 11:54 - 2017-06-21 08:55 - 00561664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Wallet.dll
2017-07-12 11:54 - 2017-06-21 08:55 - 00533504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FXSCOMEX.dll
2017-07-12 11:54 - 2017-06-21 08:55 - 00456192 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiobj.dll
2017-07-12 11:54 - 2017-06-21 08:55 - 00404992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dsreg.dll
2017-07-12 11:54 - 2017-06-21 08:55 - 00358912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.dll
2017-07-12 11:54 - 2017-06-21 08:55 - 00349184 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2017-07-12 11:54 - 2017-06-21 08:55 - 00310784 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncSettings.dll
2017-07-12 11:54 - 2017-06-21 08:55 - 00265728 _____ C:\WINDOWS\SysWOW64\Windows.Perception.Stub.dll
2017-07-12 11:54 - 2017-06-21 08:55 - 00252416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Identity.Provider.dll
2017-07-12 11:54 - 2017-06-21 08:55 - 00020480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\regsvr32.exe
2017-07-12 11:54 - 2017-06-21 08:54 - 01159680 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblGameSave.dll
2017-07-12 11:54 - 2017-06-21 08:54 - 00949248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.PointOfService.dll
2017-07-12 11:54 - 2017-06-21 08:54 - 00671744 _____ (Microsoft Corporation) C:\WINDOWS\system32\mbsmsapi.dll
2017-07-12 11:54 - 2017-06-21 08:54 - 00574976 _____ (Microsoft Corporation) C:\WINDOWS\system32\tileobjserver.dll
2017-07-12 11:54 - 2017-06-21 08:54 - 00483840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.AllJoyn.dll
2017-07-12 11:54 - 2017-06-21 08:54 - 00472064 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Bluetooth.dll
2017-07-12 11:54 - 2017-06-21 08:54 - 00337408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Picker.dll
2017-07-12 11:54 - 2017-06-21 08:54 - 00245760 _____ (Microsoft Corporation) C:\WINDOWS\system32\WwaApi.dll
2017-07-12 11:54 - 2017-06-21 08:54 - 00141824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\easwrt.dll
2017-07-12 11:54 - 2017-06-21 08:53 - 00642048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.InkControls.dll
2017-07-12 11:54 - 2017-06-21 08:53 - 00437248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Usb.dll
2017-07-12 11:54 - 2017-06-21 08:53 - 00390656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredProvDataModel.dll
2017-07-12 11:54 - 2017-06-21 08:53 - 00386048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.WiFiDirect.dll
2017-07-12 11:54 - 2017-06-21 08:53 - 00325120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleacc.dll
2017-07-12 11:54 - 2017-06-21 08:53 - 00284160 _____ (Microsoft Corporation) C:\WINDOWS\system32\AboveLockAppHost.dll
2017-07-12 11:54 - 2017-06-21 08:53 - 00271360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\deviceaccess.dll
2017-07-12 11:54 - 2017-06-21 08:53 - 00202752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.HumanInterfaceDevice.dll
2017-07-12 11:54 - 2017-06-21 08:53 - 00201728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExecModelClient.dll
2017-07-12 11:54 - 2017-06-21 08:53 - 00185856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Identity.Provider.dll
2017-07-12 11:54 - 2017-06-21 08:52 - 06288384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2017-07-12 11:54 - 2017-06-21 08:52 - 00963584 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebcamUi.dll
2017-07-12 11:54 - 2017-06-21 08:52 - 00410112 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevicesFlowBroker.dll
2017-07-12 11:54 - 2017-06-21 08:52 - 00352256 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsDocumentTargetPrint.dll
2017-07-12 11:54 - 2017-06-21 08:52 - 00331264 _____ (Microsoft Corporation) C:\WINDOWS\system32\NgcCtnrSvc.dll
2017-07-12 11:54 - 2017-06-21 08:52 - 00182784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BioCredProv.dll
2017-07-12 11:54 - 2017-06-21 08:51 - 00846336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WebcamUi.dll
2017-07-12 11:54 - 2017-06-21 08:51 - 00747520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Ocr.dll
2017-07-12 11:54 - 2017-06-21 08:51 - 00284672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.dll
2017-07-12 11:54 - 2017-06-21 08:51 - 00258048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsDocumentTargetPrint.dll
2017-07-12 11:54 - 2017-06-21 08:50 - 01167360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certutil.exe
2017-07-12 11:54 - 2017-06-21 08:50 - 00529920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StructuredQuery.dll
2017-07-12 11:54 - 2017-06-21 08:50 - 00297472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
2017-07-12 11:54 - 2017-06-21 08:50 - 00238080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AboveLockAppHost.dll
2017-07-12 11:54 - 2017-06-21 08:49 - 03778048 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2017-07-12 11:54 - 2017-06-21 08:49 - 02104320 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll
2017-07-12 11:54 - 2017-06-21 08:49 - 01403392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Editing.dll
2017-07-12 11:54 - 2017-06-21 08:49 - 00500224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.Printing.dll
2017-07-12 11:54 - 2017-06-21 08:49 - 00458752 _____ (Microsoft Corporation) C:\WINDOWS\system32\RTMediaFrame.dll
2017-07-12 11:54 - 2017-06-21 08:49 - 00295936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.dll
2017-07-12 11:54 - 2017-06-21 08:49 - 00288256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CryptoWinRT.dll
2017-07-12 11:54 - 2017-06-21 08:49 - 00175616 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.DeviceEncryptionHandlers.dll
2017-07-12 11:54 - 2017-06-21 08:49 - 00169984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Energy.dll
2017-07-12 11:54 - 2017-06-21 08:48 - 00395264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmenrollengine.dll
2017-07-12 11:54 - 2017-06-21 08:48 - 00336384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\azroleui.dll
2017-07-12 11:54 - 2017-06-21 08:47 - 13873664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2017-07-12 11:54 - 2017-06-21 08:47 - 07655424 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2017-07-12 11:54 - 2017-06-21 08:47 - 01105408 _____ (Microsoft Corporation) C:\WINDOWS\system32\MiracastReceiver.dll
2017-07-12 11:54 - 2017-06-21 08:47 - 00442368 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToDevice.dll
2017-07-12 11:54 - 2017-06-21 08:46 - 04615168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2017-07-12 11:54 - 2017-06-21 08:46 - 01908224 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2017-07-12 11:54 - 2017-06-21 08:46 - 01323008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_fs.dll
2017-07-12 11:54 - 2017-06-21 08:46 - 01137152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_health.dll
2017-07-12 11:54 - 2017-06-21 08:46 - 01077760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Editing.dll
2017-07-12 11:54 - 2017-06-21 08:46 - 00627200 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpaceControl.dll
2017-07-12 11:54 - 2017-06-21 08:46 - 00355328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RTMediaFrame.dll
2017-07-12 11:54 - 2017-06-21 08:46 - 00187904 _____ (Microsoft Corporation) C:\WINDOWS\system32\dialclient.dll
2017-07-12 11:54 - 2017-06-21 08:45 - 00891904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\autochk.exe
2017-07-12 11:54 - 2017-06-21 08:45 - 00471552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.BackgroundMediaPlayback.dll
2017-07-12 11:54 - 2017-06-21 08:45 - 00313856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2017-07-12 11:54 - 2017-06-21 08:45 - 00102400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\uexfat.dll
2017-07-12 11:54 - 2017-06-21 08:44 - 00535040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\untfs.dll
2017-07-12 11:54 - 2017-06-21 08:44 - 00136704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ufat.dll
2017-07-12 11:54 - 2017-06-21 08:44 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fdProxy.dll
2017-07-12 11:54 - 2017-06-21 08:43 - 01534464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.Printing.3D.dll
2017-07-12 11:54 - 2017-06-21 08:43 - 01217024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Audio.dll
2017-07-12 11:54 - 2017-06-21 08:43 - 00713216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpnapps.dll
2017-07-12 11:54 - 2017-06-21 08:43 - 00035328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cnvfat.dll
2017-07-12 11:54 - 2017-06-21 08:42 - 03307008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2017-07-12 11:54 - 2017-06-21 08:42 - 02749440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mispace.dll
2017-07-12 11:54 - 2017-06-21 08:42 - 00853504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\autofmt.exe
2017-07-12 11:54 - 2017-06-21 08:42 - 00779776 _____ (Microsoft Corporation) C:\WINDOWS\system32\cscui.dll
2017-07-12 11:54 - 2017-06-21 08:42 - 00525312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LogonController.dll
2017-07-12 11:54 - 2017-06-21 08:42 - 00470016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Playback.BackgroundMediaPlayer.dll
2017-07-12 11:54 - 2017-06-21 08:42 - 00380416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\uReFSv1.dll
2017-07-12 11:54 - 2017-06-21 08:41 - 03400704 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2017-07-12 11:54 - 2017-06-21 08:41 - 01255936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll
2017-07-12 11:54 - 2017-06-21 08:41 - 01080320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Ocr.dll
2017-07-12 11:54 - 2017-06-21 08:41 - 00983040 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcsvc.dll
2017-07-12 11:54 - 2017-06-21 08:41 - 00459776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Playback.MediaPlayer.dll
2017-07-12 11:54 - 2017-06-21 08:40 - 02641920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2017-07-12 11:54 - 2017-06-21 08:40 - 02154496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\storagewmi.dll
2017-07-12 11:54 - 2017-06-21 08:40 - 01891328 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnidui.dll
2017-07-12 11:54 - 2017-06-21 08:40 - 00901120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Bluetooth.dll
2017-07-12 11:54 - 2017-06-21 08:40 - 00611328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Printing.dll
2017-07-12 11:54 - 2017-06-21 08:40 - 00090624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll
2017-07-12 11:54 - 2017-06-21 08:39 - 08076288 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2017-07-12 11:54 - 2017-06-21 08:39 - 02538496 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2017-07-12 11:54 - 2017-06-21 08:39 - 00816640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
2017-07-12 11:54 - 2017-06-21 08:39 - 00546304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\uReFS.dll
2017-07-12 11:54 - 2017-06-21 08:39 - 00134144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ErrorDetails.dll
2017-07-12 11:54 - 2017-06-21 08:38 - 03733504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_47.dll
2017-07-12 11:54 - 2017-06-21 08:38 - 03520512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xpsrchvw.exe
2017-07-12 11:54 - 2017-06-21 08:38 - 02695680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2017-07-12 11:54 - 2017-06-21 08:38 - 02424320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Perception.dll
2017-07-12 11:54 - 2017-06-21 08:38 - 01984000 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2017-07-12 11:54 - 2017-06-21 08:38 - 01275392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Bluetooth.dll
2017-07-12 11:54 - 2017-06-21 08:38 - 00908800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
2017-07-12 11:54 - 2017-06-21 08:38 - 00886272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2017-07-12 11:54 - 2017-06-21 08:38 - 00877056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\autoconv.exe
2017-07-12 11:54 - 2017-06-21 08:38 - 00846336 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApiPublic.dll
2017-07-12 11:54 - 2017-06-21 08:38 - 00765440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Sensors.dll
2017-07-12 11:54 - 2017-06-21 08:38 - 00753152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\imapi2fs.dll
2017-07-12 11:54 - 2017-06-21 08:38 - 00709120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CPFilters.dll
2017-07-12 11:54 - 2017-06-21 08:37 - 07468544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2017-07-12 11:54 - 2017-06-21 08:37 - 06109696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll
2017-07-12 11:54 - 2017-06-21 08:37 - 00400384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToManager.dll
2017-07-12 11:54 - 2017-06-21 08:36 - 02648576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CertEnroll.dll
2017-07-12 11:54 - 2017-06-21 08:36 - 01424896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Maps.dll
2017-07-12 11:54 - 2017-06-21 08:36 - 01247232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Globalization.dll
2017-07-12 11:54 - 2017-06-21 08:36 - 00903680 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2017-07-12 11:54 - 2017-06-21 08:36 - 00701952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Connectivity.dll
2017-07-12 11:54 - 2017-06-21 08:35 - 04149248 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2017-07-12 11:54 - 2017-06-21 08:35 - 02740224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll
2017-07-12 11:54 - 2017-06-21 08:35 - 02682880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netshell.dll
2017-07-12 11:54 - 2017-06-21 08:35 - 01369088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Phone.dll
2017-07-12 11:54 - 2017-06-21 08:35 - 01170944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Speech.dll
2017-07-12 11:54 - 2017-06-21 08:35 - 00827904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll
2017-07-12 11:54 - 2017-06-21 08:35 - 00732160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MsSpellCheckingFacility.dll
2017-07-12 11:54 - 2017-06-21 08:35 - 00348160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Midi.dll
2017-07-12 11:54 - 2017-06-21 08:34 - 03299840 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstsc.exe
2017-07-12 11:54 - 2017-06-21 08:34 - 01886720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
2017-07-12 11:54 - 2017-06-21 08:34 - 00773120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2017-07-12 11:54 - 2017-06-21 08:34 - 00711168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll
2017-07-12 11:54 - 2017-06-21 08:34 - 00621056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll
2017-07-12 11:54 - 2017-06-21 08:34 - 00566784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ShareHost.dll
2017-07-12 11:54 - 2017-06-21 08:34 - 00179712 _____ (Microsoft Corporation) C:\WINDOWS\system32\tssrvlic.dll
2017-07-12 11:54 - 2017-06-21 08:33 - 01170944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Phone.dll
2017-07-12 11:54 - 2017-06-21 08:33 - 01013248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.Http.dll
2017-07-12 11:54 - 2017-06-21 08:33 - 00751104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.BackgroundTransfer.dll
2017-07-12 11:54 - 2017-06-21 08:33 - 00691200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2017-07-12 11:54 - 2017-06-21 08:33 - 00439296 _____ (Microsoft Corporation) C:\WINDOWS\system32\wksprt.exe
2017-07-12 11:54 - 2017-06-21 08:33 - 00048128 _____ (Microsoft Corporation) C:\WINDOWS\system32\tlscsp.dll
2017-07-12 11:54 - 2017-06-21 08:32 - 01556992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2017-07-12 11:54 - 2017-06-21 08:32 - 00353280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TextInputFramework.dll
2017-07-12 11:54 - 2017-06-21 08:31 - 03106304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstsc.exe
2017-07-12 11:54 - 2017-06-21 08:30 - 00038912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tlscsp.dll
2017-07-12 11:54 - 2017-06-21 08:10 - 00483840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2017-07-12 11:54 - 2017-06-20 04:42 - 00993632 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcr120_clr0400.dll
2017-07-12 11:54 - 2017-05-23 06:58 - 00448576 _____ C:\WINDOWS\system32\ApnDatabase.xml
2017-07-12 11:54 - 2017-03-04 09:10 - 00360040 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2017-07-12 11:54 - 2017-03-04 08:56 - 00263472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Storage.ApplicationData.dll
2017-07-12 11:54 - 2017-03-04 08:28 - 00279552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.HumanInterfaceDevice.dll
2017-07-12 11:54 - 2017-03-04 08:26 - 00307200 _____ (Microsoft Corporation) C:\WINDOWS\system32\PrintDialogs3D.dll
2017-07-12 11:54 - 2017-03-04 08:23 - 01145856 _____ (Microsoft Corporation) C:\WINDOWS\system32\EmailApis.dll
2017-07-12 11:54 - 2017-03-04 08:23 - 00583680 _____ (Microsoft Corporation) C:\WINDOWS\system32\PrintDialogs.dll
2017-07-12 11:54 - 2017-03-04 08:21 - 01243136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.FaceAnalysis.dll
2017-07-12 11:54 - 2017-03-04 08:21 - 00670208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.PointOfService.dll
2017-07-12 11:54 - 2017-03-04 08:20 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2017-07-12 11:54 - 2017-03-04 08:20 - 00562176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.SmartCards.dll
2017-07-12 11:54 - 2017-03-04 08:20 - 00206336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vaultcli.dll
2017-07-12 11:54 - 2017-03-04 08:18 - 00525824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintDialogs.dll
2017-07-12 11:54 - 2017-03-04 08:17 - 00864256 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnapps.dll
2017-07-12 11:54 - 2017-03-04 08:16 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2017-07-12 11:54 - 2017-03-04 08:15 - 01078784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.dll
2017-07-12 11:54 - 2017-03-04 08:14 - 00279552 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToReceiver.dll
2017-07-12 11:54 - 2017-03-04 08:12 - 04596224 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsrchvw.exe
2017-07-12 11:54 - 2017-03-04 08:02 - 02138112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll
2017-07-12 11:54 - 2016-10-15 05:45 - 01790464 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationFramework.dll
2017-07-12 11:54 - 2016-09-15 18:47 - 00134656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Energy.dll
2017-07-12 11:54 - 2016-08-27 07:12 - 00244816 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2017-07-12 11:53 - 2017-07-07 09:42 - 07781720 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2017-07-12 11:53 - 2017-07-07 09:40 - 00376672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2017-07-12 11:53 - 2017-07-07 09:32 - 00404824 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2017-07-12 11:53 - 2017-07-07 09:28 - 00223584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2017-07-12 11:53 - 2017-07-07 09:23 - 01600624 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2017-07-12 11:53 - 2017-07-07 09:18 - 01100120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys
2017-07-12 11:53 - 2017-07-07 08:58 - 07217152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2017-07-12 11:53 - 2017-07-07 08:51 - 22569984 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2017-07-12 11:53 - 2017-07-07 08:49 - 00115200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bridge.sys
2017-07-12 11:53 - 2017-07-07 08:47 - 00201728 _____ (Microsoft Corporation) C:\WINDOWS\system32\ScDeviceEnum.dll
2017-07-12 11:53 - 2017-07-07 08:46 - 00052224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpipreg.sys
2017-07-12 11:53 - 2017-07-07 08:45 - 00488960 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupShim.dll
2017-07-12 11:53 - 2017-07-07 08:45 - 00289792 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeveloperOptionsSettingsHandlers.dll
2017-07-12 11:53 - 2017-07-07 08:45 - 00276992 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2017-07-12 11:53 - 2017-07-07 08:44 - 00193536 _____ (Microsoft Corporation) C:\WINDOWS\system32\certprop.dll
2017-07-12 11:53 - 2017-07-07 08:44 - 00147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll
2017-07-12 11:53 - 2017-07-07 08:44 - 00139264 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2017-07-12 11:53 - 2017-07-07 08:43 - 01081856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2017-07-12 11:53 - 2017-07-07 08:43 - 00431616 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpAXHolder.dll
2017-07-12 11:53 - 2017-07-07 08:42 - 00805888 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2017-07-12 11:53 - 2017-07-07 08:42 - 00352256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wldap32.dll
2017-07-12 11:53 - 2017-07-07 08:36 - 00369664 _____ (Microsoft Corporation) C:\WINDOWS\system32\msinfo32.exe
2017-07-12 11:53 - 2017-07-07 08:34 - 09131008 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2017-07-12 11:53 - 2017-07-07 08:31 - 23676416 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2017-07-12 11:53 - 2017-07-07 08:29 - 04749824 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2017-07-12 11:53 - 2017-07-07 08:29 - 00932864 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2017-07-12 11:53 - 2017-07-07 08:28 - 00927744 _____ (Microsoft Corporation) C:\WINDOWS\system32\SmartcardCredentialProvider.dll
2017-07-12 11:53 - 2017-07-07 08:28 - 00589312 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2017-07-12 11:53 - 2017-07-07 08:25 - 04708864 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
2017-07-12 11:53 - 2017-07-07 08:24 - 05388800 _____ (Microsoft) C:\WINDOWS\system32\dbgeng.dll
2017-07-12 11:53 - 2017-07-07 08:24 - 03615744 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2017-07-12 11:53 - 2017-07-07 08:24 - 02895872 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2017-07-12 11:53 - 2017-07-07 08:24 - 02217472 _____ (Microsoft Corporation) C:\WINDOWS\system32\OpcServices.dll
2017-07-12 11:53 - 2017-07-07 08:22 - 01826816 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2017-07-12 11:53 - 2017-06-21 09:56 - 01405280 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntSubsystemController.dll
2017-07-12 11:53 - 2017-06-21 09:55 - 02170720 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntSubsystems64.dll
2017-07-12 11:53 - 2017-06-21 09:54 - 01669984 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVIntegration.dll
2017-07-12 11:53 - 2017-06-21 09:54 - 00822624 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVClient.exe
2017-07-12 11:53 - 2017-06-21 09:54 - 00813408 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntStreamingManager.dll
2017-07-12 11:53 - 2017-06-21 09:54 - 00758624 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVOrchestration.dll
2017-07-12 11:53 - 2017-06-21 09:54 - 00704352 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntVirtualization.dll
2017-07-12 11:53 - 2017-06-21 09:54 - 00696160 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVPublishing.dll
2017-07-12 11:53 - 2017-06-21 09:54 - 00565088 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVCatalog.dll
2017-07-12 11:53 - 2017-06-21 09:54 - 00406368 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVScripting.dll
2017-07-12 11:53 - 2017-06-21 09:52 - 01886344 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2017-07-12 11:53 - 2017-06-21 09:51 - 00434528 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2017-07-12 11:53 - 2017-06-21 09:50 - 00126304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mup.sys
2017-07-12 11:53 - 2017-06-21 09:48 - 02681200 _____ C:\WINDOWS\system32\CoreUIComponents.dll
2017-07-12 11:53 - 2017-06-21 09:47 - 00764392 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2017-07-12 11:53 - 2017-06-21 09:40 - 01069720 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2017-07-12 11:53 - 2017-06-21 09:40 - 00328008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Storage.ApplicationData.dll
2017-07-12 11:53 - 2017-06-21 09:40 - 00224096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ifsutil.dll
2017-07-12 11:53 - 2017-06-21 09:38 - 01738560 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2017-07-12 11:53 - 2017-06-21 09:37 - 02446704 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2017-07-12 11:53 - 2017-06-21 09:37 - 01369240 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcomp.dll
2017-07-12 11:53 - 2017-06-21 09:37 - 01157008 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2017-07-12 11:53 - 2017-06-21 09:37 - 00146784 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostCommon.dll
2017-07-12 11:53 - 2017-06-21 09:36 - 00624048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2017-07-12 11:53 - 2017-06-21 09:35 - 02915704 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2017-07-12 11:53 - 2017-06-21 09:35 - 01267512 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2017-07-12 11:53 - 2017-06-21 09:31 - 04674360 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2017-07-12 11:53 - 2017-06-21 09:31 - 01277824 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2017-07-12 11:53 - 2017-06-21 09:03 - 00167936 _____ (Microsoft Corporation) C:\WINDOWS\system32\uudf.dll
2017-07-12 11:53 - 2017-06-21 09:02 - 00124416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.System.SystemManagement.dll
2017-07-12 11:53 - 2017-06-21 09:01 - 00156160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Family.Client.dll
2017-07-12 11:53 - 2017-06-21 09:01 - 00108032 _____ (Microsoft Corporation) C:\WINDOWS\system32\Family.Authentication.dll
2017-07-12 11:53 - 2017-06-21 09:01 - 00015872 _____ (Microsoft Corporation) C:\WINDOWS\system32\snmptrap.exe
2017-07-12 11:53 - 2017-06-21 09:00 - 00259072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Family.SyncEngine.dll
2017-07-12 11:53 - 2017-06-21 09:00 - 00224256 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_SignInOptions.dll
2017-07-12 11:53 - 2017-06-21 09:00 - 00193536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.WiFi.dll
2017-07-12 11:53 - 2017-06-21 09:00 - 00148480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.System.Profile.RetailInfo.dll
2017-07-12 11:53 - 2017-06-21 09:00 - 00082432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.System.UserDeviceAssociation.dll
2017-07-12 11:53 - 2017-06-21 09:00 - 00073216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryBroker.dll
2017-07-12 11:53 - 2017-06-21 08:59 - 00196096 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDeviceRegistration.dll
2017-07-12 11:53 - 2017-06-21 08:59 - 00182272 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceDirectoryClient.dll
2017-07-12 11:53 - 2017-06-21 08:59 - 00136192 _____ (Microsoft Corporation) C:\WINDOWS\system32\sendmail.dll
2017-07-12 11:53 - 2017-06-21 08:59 - 00122880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryClient.dll
2017-07-12 11:53 - 2017-06-21 08:59 - 00101888 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDeviceRegistration.Ngc.dll
2017-07-12 11:53 - 2017-06-21 08:59 - 00082944 _____ (Microsoft Corporation) C:\WINDOWS\system32\KdsCli.dll
2017-07-12 11:53 - 2017-06-21 08:58 - 00547840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Gaming.Input.dll
2017-07-12 11:53 - 2017-06-21 08:58 - 00257024 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudDomainJoinDataModelServer.dll
2017-07-12 11:53 - 2017-06-21 08:58 - 00224768 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpd_ci.dll
2017-07-12 11:53 - 2017-06-21 08:58 - 00186368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Radios.dll
2017-07-12 11:53 - 2017-06-21 08:58 - 00144896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dfsc.sys
2017-07-12 11:53 - 2017-06-21 08:57 - 00651264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.AllJoyn.dll
2017-07-12 11:53 - 2017-06-21 08:57 - 00243712 _____ (Microsoft Corporation) C:\WINDOWS\system32\credprovhost.dll
2017-07-12 11:53 - 2017-06-21 08:57 - 00157696 _____ (Microsoft Corporation) C:\WINDOWS\system32\XamlTileRender.dll
2017-07-12 11:53 - 2017-06-21 08:57 - 00087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpdbusenum.dll
2017-07-12 11:53 - 2017-06-21 08:56 - 00852480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Import.dll
2017-07-12 11:53 - 2017-06-21 08:56 - 00379904 _____ (Microsoft Corporation) C:\WINDOWS\system32\apprepsync.dll
2017-07-12 11:53 - 2017-06-21 08:56 - 00324608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.LockScreen.dll
2017-07-12 11:53 - 2017-06-21 08:56 - 00268800 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserMgrProxy.dll
2017-07-12 11:53 - 2017-06-21 08:56 - 00267264 _____ (Microsoft Corporation) C:\WINDOWS\system32\vaultcli.dll
2017-07-12 11:53 - 2017-06-21 08:55 - 00407552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2017-07-12 11:53 - 2017-06-21 08:55 - 00176128 _____ (Microsoft Corporation) C:\WINDOWS\system32\apprepapi.dll
2017-07-12 11:53 - 2017-06-21 08:54 - 00247808 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExecModelClient.dll
2017-07-12 11:53 - 2017-06-21 08:54 - 00168960 _____ (Microsoft Corporation) C:\WINDOWS\system32\easwrt.dll
2017-07-12 11:53 - 2017-06-21 08:53 - 01010176 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2017-07-12 11:53 - 2017-06-21 08:53 - 00425984 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
2017-07-12 11:53 - 2017-06-21 08:53 - 00339968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.dll
2017-07-12 11:53 - 2017-06-21 08:53 - 00329728 _____ (Microsoft Corporation) C:\WINDOWS\system32\deviceaccess.dll
2017-07-12 11:53 - 2017-06-21 08:52 - 17198592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2017-07-12 11:53 - 2017-06-21 08:52 - 00956416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2017-07-12 11:53 - 2017-06-21 08:52 - 00896512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.AccountsControl.dll
2017-07-12 11:53 - 2017-06-21 08:52 - 00775168 _____ (Microsoft Corporation) C:\WINDOWS\system32\GamePanel.exe
2017-07-12 11:53 - 2017-06-21 08:52 - 00560128 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppReadiness.dll
2017-07-12 11:53 - 2017-06-21 08:51 - 00634368 _____ (Microsoft Corporation) C:\WINDOWS\system32\StructuredQuery.dll
2017-07-12 11:53 - 2017-06-21 08:51 - 00410112 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2017-07-12 11:53 - 2017-06-21 08:50 - 01054208 _____ (Microsoft Corporation) C:\WINDOWS\system32\qmgr.dll
2017-07-12 11:53 - 2017-06-21 08:50 - 00661504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll
2017-07-12 11:53 - 2017-06-21 08:49 - 01913856 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_fs.dll
2017-07-12 11:53 - 2017-06-21 08:49 - 01584128 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_health.dll
2017-07-12 11:53 - 2017-06-21 08:48 - 00968192 _____ (Microsoft Corporation) C:\WINDOWS\system32\autochk.exe
2017-07-12 11:53 - 2017-06-21 08:48 - 00112640 _____ (Microsoft Corporation) C:\WINDOWS\system32\uexfat.dll
2017-07-12 11:53 - 2017-06-21 08:47 - 00574976 _____ (Microsoft Corporation) C:\WINDOWS\system32\untfs.dll
2017-07-12 11:53 - 2017-06-21 08:47 - 00152064 _____ (Microsoft Corporation) C:\WINDOWS\system32\ufat.dll
2017-07-12 11:53 - 2017-06-21 08:47 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\fdProxy.dll
2017-07-12 11:53 - 2017-06-21 08:46 - 03290112 _____ (Microsoft Corporation) C:\WINDOWS\system32\mispace.dll
2017-07-12 11:53 - 2017-06-21 08:46 - 00925184 _____ (Microsoft Corporation) C:\WINDOWS\system32\autofmt.exe
2017-07-12 11:53 - 2017-06-21 08:46 - 00516608 _____ (Microsoft Corporation) C:\WINDOWS\system32\uReFSv1.dll
2017-07-12 11:53 - 2017-06-21 08:46 - 00039424 _____ (Microsoft Corporation) C:\WINDOWS\system32\cnvfat.dll
2017-07-12 11:53 - 2017-06-21 08:45 - 02861056 _____ (Microsoft Corporation) C:\WINDOWS\system32\storagewmi.dll
2017-07-12 11:53 - 2017-06-21 08:44 - 00588288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidprov.dll
2017-07-12 11:53 - 2017-06-21 08:44 - 00167936 _____ (Microsoft Corporation) C:\WINDOWS\system32\ErrorDetails.dll
2017-07-12 11:53 - 2017-06-21 08:43 - 00961536 _____ (Microsoft Corporation) C:\WINDOWS\system32\imapi2fs.dll
2017-07-12 11:53 - 2017-06-21 08:43 - 00953344 _____ (Microsoft Corporation) C:\WINDOWS\system32\autoconv.exe
2017-07-12 11:53 - 2017-06-21 08:43 - 00628736 _____ (Microsoft Corporation) C:\WINDOWS\system32\uReFS.dll
2017-07-12 11:53 - 2017-06-21 08:43 - 00130560 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpaceAgent.exe
2017-07-12 11:53 - 2017-06-21 08:42 - 00981504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.OnlineId.dll
2017-07-12 11:53 - 2017-06-21 08:42 - 00539136 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToManager.dll
2017-07-12 11:53 - 2017-06-21 08:42 - 00467968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Geolocation.dll
2017-07-12 11:53 - 2017-06-21 08:42 - 00139776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Devices.dll
2017-07-12 11:53 - 2017-06-21 08:42 - 00079360 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationFrameworkInternalPS.dll
2017-07-12 11:53 - 2017-06-21 08:41 - 02279424 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2017-07-12 11:53 - 2017-06-21 08:41 - 01692160 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2017-07-12 11:53 - 2017-06-21 08:41 - 01359872 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModel.dll
2017-07-12 11:53 - 2017-06-21 08:41 - 01021440 _____ (Microsoft Corporation) C:\WINDOWS\system32\usermgr.dll
2017-07-12 11:53 - 2017-06-21 08:41 - 00945664 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll
2017-07-12 11:53 - 2017-06-21 08:41 - 00913920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.dll
2017-07-12 11:53 - 2017-06-21 08:41 - 00460800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Midi.dll
2017-07-12 11:53 - 2017-06-21 08:40 - 04474368 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_47.dll
2017-07-12 11:53 - 2017-06-21 08:40 - 01586176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Globalization.dll
2017-07-12 11:53 - 2017-06-21 08:40 - 01421824 _____ (Microsoft Corporation) C:\WINDOWS\system32\certutil.exe
2017-07-12 11:53 - 2017-06-21 08:40 - 00886784 _____ (Microsoft Corporation) C:\WINDOWS\system32\CPFilters.dll
2017-07-12 11:53 - 2017-06-21 08:40 - 00376832 _____ (Microsoft Corporation) C:\WINDOWS\system32\CryptoWinRT.dll
2017-07-12 11:53 - 2017-06-21 08:39 - 02916864 _____ (Microsoft Corporation) C:\WINDOWS\system32\CertEnroll.dll
2017-07-12 11:53 - 2017-06-21 08:39 - 02208768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Printing.3D.dll
2017-07-12 11:53 - 2017-06-21 08:39 - 01643008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.dll
2017-07-12 11:53 - 2017-06-21 08:39 - 01490432 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2017-07-12 11:53 - 2017-06-21 08:39 - 00971264 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll
2017-07-12 11:53 - 2017-06-21 08:39 - 00673792 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2017-07-12 11:53 - 2017-06-21 08:38 - 05611008 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll
2017-07-12 11:53 - 2017-06-21 08:37 - 00875520 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2017-07-12 11:53 - 2017-06-21 08:37 - 00774656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.dll
2017-07-12 11:53 - 2017-06-21 08:37 - 00735744 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2017-07-12 11:53 - 2017-06-21 08:37 - 00716800 _____ (Microsoft Corporation) C:\WINDOWS\system32\ShareHost.dll
2017-07-12 11:53 - 2017-06-21 08:36 - 02318848 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2017-07-12 11:53 - 2017-06-21 08:36 - 00881152 _____ (Microsoft Corporation) C:\WINDOWS\system32\MsSpellCheckingFacility.dll
2017-07-12 11:53 - 2017-06-21 08:36 - 00180224 _____ (Microsoft Corporation) C:\WINDOWS\system32\enrollmentapi.dll
2017-07-12 11:53 - 2017-06-21 08:35 - 01726976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2017-07-12 11:53 - 2017-06-21 08:35 - 01328640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.Http.dll
2017-07-12 11:53 - 2017-06-21 08:35 - 00924672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.BackgroundTransfer.dll
2017-07-12 11:53 - 2017-06-21 08:34 - 01121280 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2017-07-12 11:53 - 2017-06-21 08:34 - 00035328 _____ (Microsoft Corporation) C:\WINDOWS\system32\spaceman.exe
2017-07-12 11:53 - 2017-03-04 08:27 - 00391168 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleacc.dll
2017-07-12 11:53 - 2017-03-04 08:19 - 01589760 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdtctm.dll
2017-07-12 11:53 - 2016-10-05 11:32 - 00146432 _____ (Microsoft Corporation) C:\WINDOWS\system32\AuthBroker.dll
2017-07-07 20:01 - 2017-07-07 20:01 - 00000000 ____D C:\Users\Siggi\AppData\Local\UNP
2017-07-07 19:41 - 2017-07-07 19:42 - 00000000 ____D C:\Program Files\UNP
2017-07-07 19:41 - 2017-07-07 19:41 - 00000000 ____D C:\WINDOWS\system32\UNP
2017-07-02 18:04 - 2017-07-02 18:05 - 00460850 _____ C:\Users\Siggi\Downloads\bayernatlas.de.pdf
2017-07-01 10:43 - 2017-07-01 10:43 - 11287004 _____ C:\Users\Siggi\Downloads\20031120100303437_bh59-00335c-04_ge.pdf
2017-06-28 14:26 - 2017-06-28 14:27 - 07180216 _____ (Piriform Ltd) C:\Users\Siggi\Downloads\ccsetup531_slim.exe
2017-06-24 08:45 - 2017-06-24 08:47 - 00187351 _____ C:\Users\Siggi\Desktop\Wie Goldgräber und Hobbyschatzsucher bei Ausgrabungen helfen - SPIEGEL ONLINE.htm
2017-06-24 08:45 - 2017-06-24 08:45 - 00000000 ____D C:\Users\Siggi\Desktop\Wie Goldgräber und Hobbyschatzsucher bei Ausgrabungen helfen - SPIEGEL ONLINE-Dateien
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2017-07-19 11:05 - 2015-07-04 18:22 - 00000000 ____D C:\FRST
2017-07-19 11:03 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\AppReadiness
2017-07-19 11:01 - 2016-09-25 10:19 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2017-07-19 10:50 - 2017-04-07 14:14 - 00251832 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2017-07-19 10:47 - 2016-10-20 20:41 - 00000000 ____D C:\Users\Siggi\AppData\LocalLow\Mozilla
2017-07-19 10:43 - 2017-02-14 11:36 - 00001024 _____ C:\.rnd
2017-07-19 10:43 - 2016-09-25 11:10 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-07-19 10:43 - 2016-09-25 10:23 - 00000000 ____D C:\ProgramData\NVIDIA
2017-07-19 10:42 - 2016-07-16 08:04 - 00524288 _____ C:\WINDOWS\system32\config\BBI
2017-07-19 10:09 - 2017-01-03 16:03 - 00000883 _____ C:\Users\Siggi\Desktop\Wswin32.exe - Verknüpfung.lnk
2017-07-19 10:01 - 2016-08-23 17:01 - 00000000 ____D C:\Foto
2017-07-19 08:14 - 2016-09-25 10:32 - 00000000 ____D C:\Users\Siggi
2017-07-19 07:27 - 2016-09-25 10:32 - 00000000 ____D C:\Users\DefaultAppPool
2017-07-19 07:27 - 2016-09-25 10:32 - 00000000 ____D C:\Users\Administrator
2017-07-19 07:25 - 2016-07-16 13:47 - 00000000 ___HD C:\Program Files\WindowsApps
2017-07-19 07:04 - 2016-07-16 08:04 - 00032768 _____ C:\WINDOWS\system32\config\ELAM
2017-07-18 20:40 - 2016-09-25 11:10 - 00003668 _____ C:\WINDOWS\System32\Tasks\AVG EUpdate Task
2017-07-17 19:39 - 2016-10-24 12:06 - 00001147 _____ C:\Users\Siggi\Desktop\DVBViewer.exe - Verknüpfung.lnk
2017-07-17 18:44 - 2017-03-09 20:42 - 00000000 ____D C:\Users\Siggi\Documents\WISO Konto Online
2017-07-16 20:03 - 2016-10-20 18:07 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2017-07-16 08:43 - 2016-07-16 13:45 - 00000000 ____D C:\WINDOWS\INF
2017-07-15 19:42 - 2016-09-25 11:10 - 00003616 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2017-07-15 19:42 - 2016-09-25 11:10 - 00003392 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2017-07-15 18:26 - 2016-09-25 10:29 - 06341960 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-07-15 18:26 - 2016-07-17 00:51 - 03072750 _____ C:\WINDOWS\system32\perfh007.dat
2017-07-15 18:26 - 2016-07-17 00:51 - 00840852 _____ C:\WINDOWS\system32\perfc007.dat
2017-07-15 18:08 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\rescache
2017-07-14 07:23 - 2015-09-07 11:19 - 00162328 _____ (G Data Software AG) C:\WINDOWS\system32\Drivers\PktIcpt.sys
2017-07-14 07:17 - 2015-09-07 11:35 - 00002057 _____ C:\Users\Public\Desktop\G DATA INTERNET SECURITY.lnk
2017-07-14 07:17 - 2015-09-07 11:19 - 00046104 _____ (G Data Software AG) C:\WINDOWS\system32\Drivers\GDKBB64.sys
2017-07-14 07:17 - 2015-09-07 11:19 - 00038984 _____ (G DATA Software AG) C:\WINDOWS\system32\Drivers\GDKBFlt64.sys
2017-07-14 07:17 - 2014-01-03 22:29 - 00000000 ____D C:\ProgramData\G Data
2017-07-14 07:16 - 2015-09-07 11:18 - 00086584 _____ (G DATA Software AG) C:\WINDOWS\system32\Drivers\gdwfpcd64.sys
2017-07-14 07:16 - 2015-09-07 11:17 - 00157720 _____ (G Data Software AG) C:\WINDOWS\system32\Drivers\HookCentre.sys
2017-07-14 07:15 - 2015-09-07 11:17 - 00309784 _____ (G Data Software AG) C:\WINDOWS\system32\Drivers\MiniIcpt.sys
2017-07-14 07:15 - 2015-09-07 11:17 - 00200728 _____ (G Data Software AG) C:\WINDOWS\system32\Drivers\GDBehave.sys
2017-07-12 15:38 - 2016-04-27 07:55 - 00000000 __RHD C:\Users\Public\AccountPictures
2017-07-12 15:32 - 2016-09-25 10:19 - 00413472 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2017-07-12 15:26 - 2016-07-16 13:47 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2017-07-12 15:26 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\oobe
2017-07-12 15:26 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\appraiser
2017-07-12 15:26 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\ShellExperiences
2017-07-12 15:26 - 2016-07-16 13:47 - 00000000 ____D C:\Program Files\Windows Photo Viewer
2017-07-12 15:26 - 2016-07-16 13:47 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2017-07-12 12:34 - 2016-07-16 13:36 - 00000000 ____D C:\WINDOWS\CbsTemp
2017-07-12 12:11 - 2014-01-03 20:11 - 00000000 ____D C:\WINDOWS\system32\MRT
2017-07-12 12:04 - 2014-01-03 20:11 - 135225752 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-07-12 10:17 - 2017-04-11 08:50 - 00003094 _____ C:\WINDOWS\System32\Tasks\Java Platform SE Auto Updater
2017-07-12 10:17 - 2016-09-25 11:26 - 00002824 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task
2017-07-12 10:17 - 2016-09-25 11:10 - 00002090 _____ C:\WINDOWS\System32\Tasks\SidebarExecute
2017-07-12 07:41 - 2016-07-16 13:43 - 00157696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\enrollmentapi.dll
2017-07-11 10:02 - 2014-02-01 12:52 - 00000000 ____D C:\Users\Siggi\AppData\Local\Corel
2017-07-10 11:58 - 2016-09-25 11:10 - 00003542 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2017-07-10 11:27 - 2017-04-20 18:49 - 00003878 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player PPAPI Notifier
2017-07-10 11:26 - 2017-05-26 21:24 - 00003560 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2017-07-02 16:15 - 2014-01-03 19:53 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2017-06-30 16:46 - 2016-07-16 13:49 - 00835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2017-06-30 16:46 - 2016-07-16 13:49 - 00177656 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2017-06-30 15:22 - 2016-06-30 18:21 - 00000000 ____D C:\Program Files\Mozilla Firefox
2017-06-30 07:01 - 2014-01-05 15:49 - 00000000 ____D C:\ProgramData\Skype
2017-06-28 20:04 - 2017-03-17 11:33 - 00000000 ___RD C:\Program Files (x86)\Skype
2017-06-28 17:07 - 2017-05-19 19:00 - 00000000 ___HD C:\Users\Siggi\Desktop\[Originaldateien]
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2016-01-09 13:05 - 2016-06-11 16:32 - 0000027 _____ () C:\Users\Siggi\AppData\Roaming\AVSDVDPlayer.m3u
2014-05-03 16:05 - 2014-05-03 16:05 - 0000000 _____ () C:\Users\Siggi\AppData\Roaming\gdfw.log
2014-05-03 16:04 - 2015-09-07 11:17 - 0001952 _____ () C:\Users\Siggi\AppData\Roaming\gdscan.log
2014-11-02 12:21 - 2017-02-20 15:10 - 0000600 _____ () C:\Users\Siggi\AppData\Roaming\winscp.rnd
2015-09-24 11:43 - 2016-05-08 14:36 - 0001062 _____ () C:\Users\Siggi\AppData\Local\62ddddf9d461bd9633b86dd3c75a2286
2015-09-27 15:30 - 2016-09-26 16:02 - 0001062 _____ () C:\Users\Siggi\AppData\Local\998087a8e589f390f0b710fed8b8c1bf
2015-08-13 17:30 - 2015-10-02 19:58 - 0000950 _____ () C:\Users\Siggi\AppData\Local\c59be68b03be09f9dbe3e1c49acbe573
2014-01-05 15:25 - 2016-04-26 14:33 - 0030208 _____ () C:\Users\Siggi\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-12-21 17:21 - 2015-03-15 17:06 - 0000600 _____ () C:\Users\Siggi\AppData\Local\PUTTY.RND
2016-11-04 11:02 - 2016-11-04 11:02 - 0004591 _____ () C:\Users\Siggi\AppData\Local\recently-used.xbel
2016-07-25 15:43 - 2016-08-05 15:20 - 0007602 _____ () C:\Users\Siggi\AppData\Local\resmon.resmoncfg
2014-02-01 12:51 - 2016-07-22 16:57 - 0000900 ___SH () C:\ProgramData\KGyGaAvL.sys
2017-03-09 20:42 - 2017-03-09 20:42 - 0000116 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.400.32.bc
2014-02-15 14:51 - 2014-02-15 14:51 - 0012698 _____ () C:\ProgramData\ndhlopzv.syn
2015-01-23 22:32 - 2015-01-23 22:32 - 0004974 _____ () C:\ProgramData\vnjjireq.zmg
==================== Bamital & volsnap ======================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2017-07-15 12:14
==================== Ende von FRST.txt ============================
|
|
20.07.2017, 09:06
| #2 |
| | Malwarebytes zeigt Funde an auf PC vom Vater und add:
__________________Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 18-07-2017
durchgeführt von Siggi (19-07-2017 11:06:41)
Gestartet von C:\Users\Siggi\Desktop
Windows 10 Pro Version 1607 (X64) (2016-09-25 09:16:30)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-2441953047-3725558795-4123501198-500 - Administrator - Disabled) => C:\Users\Administrator
DefaultAccount (S-1-5-21-2441953047-3725558795-4123501198-503 - Limited - Disabled)
Gast (S-1-5-21-2441953047-3725558795-4123501198-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2441953047-3725558795-4123501198-1002 - Limited - Enabled)
Siggi (S-1-5-21-2441953047-3725558795-4123501198-1001 - Administrator - Enabled) => C:\Users\Siggi
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: G DATA INTERNET SECURITY (Enabled - Up to date) {A9C56A9B-ECCD-57EA-78F6-92511DA1C885}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: G DATA INTERNET SECURITY (Disabled - Up to date) {12A48B7F-CAF7-5864-4246-A92366268238}
FW: G*DATA Personal Firewall (Enabled) {91FEEBBE-A6A2-56B2-53A9-3B64E3728FFE}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
8GadgetPack (HKLM-x32\...\{F60DAD2D-8625-4467-AE01-EA0382187621}) (Version: 19.0.0 - Helmut Buhler)
ACDSee 19 (HKLM\...\{F36C6194-6306-43D8-8775-8267BC77FF65}) (Version: 19.3.0.506 - ACD Systems International Inc.)
ACDSee Pro 7 (64-bit) (HKLM\...\{D2A6EC54-CB46-49E4-A6FC-A9179F9D9D12}) (Version: 7.1.169 - ACD Systems International Inc.)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 22.0.0.153 - Adobe Systems Incorporated)
Adobe Community Help (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.5.23 - Adobe Systems Incorporated.)
Adobe Flash Player 26 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 26.0.0.131 - Adobe Systems Incorporated)
Adobe Flash Player 26 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 26.0.0.131 - Adobe Systems Incorporated)
Adobe Photoshop Elements 12 (HKLM-x32\...\Adobe Photoshop Elements 12) (Version: 12.0 - Adobe Systems Incorporated)
Adobe Photoshop Lightroom 5.3 64-bit (HKLM\...\{2DD71ACB-552D-402C-9529-7906ACB95C30}) (Version: 5.3.1 - Adobe Systems Incorporated)
Adobe Premiere Elements 12 (HKLM\...\{4016464A-0C3E-4070-8293-5D7F0D8EAE3A}) (Version: 12.0 - Adobe Systems Incorporated) Hidden
Adobe Premiere Elements 12 (HKLM\...\PremElem120) (Version: 12.0 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.19) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.19 - Adobe Systems Incorporated)
Ahnenforschung DeLuxe (HKLM-x32\...\Ahnenforschung DeLuxe) (Version: - )
Apple Software Update (HKLM-x32\...\{6956856F-B6B3-4BE0-BA0B-8F495BE32033}) (Version: 2.1.1.116 - Apple Inc.)
Ashampoo Burning Studio FREE v.1.14.5 (HKLM-x32\...\{91B33C97-91F8-FFB3-581B-BC952C901685}_is1) (Version: 1.14.5 - Ashampoo GmbH & Co. KG)
Ashampoo Photo Commander 10 v.10.2.1 (HKLM-x32\...\{C92AB6F1-4B66-808A-D77C-25EF81C0176A}_is1) (Version: 10.2.1 - Ashampoo GmbH & Co. KG)
Audials (HKLM-x32\...\{942EDCE4-79EE-409E-9E7C-6EC236C037AC}) (Version: 10.3.34300.0 - Audials AG)
Audials (HKLM-x32\...\{97DDF4B1-4BA6-40B3-AFBE-6080F08D540A}) (Version: 17.0.30797.9700 - Audials AG)
AVG (HKLM\...\AvgZen) (Version: 1.116.3.1052 - AVG Technologies)
AVG PC TuneUp (HKLM-x32\...\{149D912F-03DB-4895-913E-820CB11965C0}) (Version: 16.74.1 - AVG Technologies) Hidden
AVG PC TuneUp (HKLM-x32\...\AVG PC TuneUp) (Version: 16.74.2.60831 - AVG Technologies)
AVG Zen (HKLM\...\{219E7C4A-0902-4CD4-82B8-EF908BF3198E}) (Version: 1.116.2 - AVG Technologies) Hidden
AVS Audio Converter 8.0 (HKLM-x32\...\AVS Audio Converter_is1) (Version: 8.0.1.540 - Online Media Technologies Ltd.)
AVS Audio Editor 7.2 (HKLM-x32\...\AVS Audio Editor_is1) (Version: 7.2.2.488 - Online Media Technologies Ltd.)
AVS Audio Recorder 4.0 (HKLM-x32\...\AVS Audio Recorder_is1) (Version: 4.0.2.22 - Online Media Technologies Ltd.)
AVS Disc Creator 5.2.7 (HKLM-x32\...\AVS Disc Creator_is1) (Version: 5.2.7.541 - Online Media Technologies Ltd.)
AVS DVD Authoring (HKLM-x32\...\AVS DVD Authoring_is1) (Version: - Online Media Technologies Ltd.)
AVS DVD Player version 2.4 (HKLM-x32\...\AVS DVD Player_is1) (Version: - Online Media Technologies Ltd.)
AVS Update Manager 1.0 (HKLM-x32\...\AVS Update Manager_is1) (Version: - Online Media Technologies Ltd.)
AVS Video Converter 9.1 (HKLM-x32\...\AVS4YOU Video Converter 7_is1) (Version: 9.1.2.571 - Online Media Technologies Ltd.)
AVS Video Editor 6.5 (HKLM-x32\...\AVS Video Editor_is1) (Version: 6.5.1.246 - Online Media Technologies Ltd.)
AVS Video Recorder 2.4 (HKLM-x32\...\AVS Video Recorder_is1) (Version: - Online Media Technologies Ltd.)
AVS4YOU Software Navigator 1.2 (HKLM-x32\...\AVS4YOU Software Navigator_is1) (Version: - Online Media Technologies Ltd.)
Camera Support Core Library (HKLM-x32\...\{A1D0D14A-B776-4907-BC00-5149F2298086}) (Version: 7.3.0.4 - Canon) Hidden
Camera Window DVC (HKLM-x32\...\{A2EB8F2E-6D9B-4F8B-96EB-F976D33F416F}) (Version: 5.4.4 - Canon) Hidden
Camera Window MC (HKLM-x32\...\{36C65B50-37BA-4467-AAD5-0523EFDF6F62}) (Version: 5.4.3 - Canon) Hidden
CameraHelperMsi (HKLM-x32\...\{15634701-BACE-4449-8B25-1567DA8C9FD3}) (Version: 13.51.815.0 - Logitech) Hidden
Canon Camera Support Core Library (HKLM-x32\...\InstallShield_{A1D0D14A-B776-4907-BC00-5149F2298086}) (Version: 7.3.0.4 - Canon)
Canon Camera WIA Driver (HKLM-x32\...\{33CF7CDF-9805-4500-9CC7-D19D52AD63C4}) (Version: 5.6 - Canon) Hidden
Canon Camera Window DC_DV 5 for ZoomBrowser EX (HKLM-x32\...\InstallShield_{A2EB8F2E-6D9B-4F8B-96EB-F976D33F416F}) (Version: 5.4.4 - Canon)
Canon Camera Window MC 5 for ZoomBrowser EX (HKLM-x32\...\InstallShield_{36C65B50-37BA-4467-AAD5-0523EFDF6F62}) (Version: 5.4.3 - Canon)
Canon EOS Kiss_N REBEL_XT 350D WIA Driver (HKLM-x32\...\InstallShield_{33CF7CDF-9805-4500-9CC7-D19D52AD63C4}) (Version: 5.6 - Canon)
CANON iMAGE GATEWAY Task (HKLM-x32\...\{33711828-7194-4446-8C05-0DC0E59A0C1B}) (Version: 1.0.0.23 - Canon) Hidden
CANON iMAGE GATEWAY Task for ZoomBrowser EX (HKLM-x32\...\InstallShield_{33711828-7194-4446-8C05-0DC0E59A0C1B}) (Version: 1.0.0.23 - Canon)
Canon Internet Library for ZoomBrowser EX (HKLM-x32\...\InstallShield_{D0E8C34D-19D2-49FD-A900-88DEB788FF86}) (Version: 1.4.0 - Canon Inc.)
Canon MP Navigator EX 2.1 (HKLM-x32\...\MP Navigator EX 2.1) (Version: - )
Canon MX320 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MX320_series) (Version: - Canon Inc.)
Canon PhotoRecord (HKLM-x32\...\{BBBC2B89-E193-4348-A83C-C8DD8210A4AC}) (Version: 02.02.03002 - Cisra)
Canon RAW Image Task for ZoomBrowser EX (HKLM-x32\...\InstallShield_{BAA43DA2-B6C5-46EC-B163-0E8EEAF975A4}) (Version: 2.2 - Canon)
Canon Utilities Digital Photo Professional (HKLM-x32\...\Digital Photo Professional) (Version: 3.14.47.0 - Canon Inc.)
Canon Utilities Digital Photo Professional 2.0 (HKLM-x32\...\{17BF3045-AB1D-4048-8356-6C584B83565E}) (Version: 2.0 - Canon) Hidden
Canon Utilities Digital Photo Professional 2.0 (HKLM-x32\...\InstallShield_{17BF3045-AB1D-4048-8356-6C584B83565E}) (Version: 2.0 - Canon)
Canon Utilities EOS Capture 1.5 (HKLM-x32\...\InstallShield_{589D17BB-C997-48C0-BCD2-CC8DC3375FE8}) (Version: 1.5 - Canon)
Canon Utilities EOS Lens Registration Tool (HKLM-x32\...\EOS Lens Registration Tool) (Version: 1.3.0.1 - Canon Inc.)
Canon Utilities EOS Utility 2 (HKLM-x32\...\EOS Utility 2) (Version: 2.14.20.0 - Canon Inc.)
Canon Utilities EOS Web Service Registration Tool (HKLM-x32\...\EOS Web Service Registration Tool) (Version: 1.2.10.0 - Canon Inc.)
Canon Utilities PhotoStitch 3.1 (HKLM-x32\...\InstallShield_{874E44F3-B9A7-4AA1-B4BA-83E5684ED9C6}) (Version: 3.1.16 - Canon)
Canon ZoomBrowser EX (E) (HKLM-x32\...\{C1D76D7A-F3BB-47EA-A746-5B1E2FFC1DF2}) (Version: 5.05.0000 - Canon)
CBH-2012 (HKLM-x32\...\{E7E877BE-A17B-4E5A-B8E4-3B893C03BB1B}) (Version: 4.1.SP1 - LN-Systems)
chip 1-click download service (HKLM-x32\...\{503CA94E-0834-4CEE-AD92-BA17AF4E809A}) (Version: 3.6.9.0 - Chip Digital GmbH)
CLIQZ (HKLM-x32\...\{5A0C0737-6AFE-4DC6-A8B4-6DFE509ACD75}_is1) (Version: 1.0.44 - CLIQZ.com)
COLOR projects 4 elements (64-Bit) (HKLM\...\COLOR_PROJECTS_4_2_C935FDA1_is1) (Version: 4.41 - Franzis Verlag GmbH)
COLOR projects premium (64-Bit) (HKLM\...\COLOR_PROJECTS_1_2_C935FDA1_is1) (Version: 1.14 - Franzis Verlag GmbH)
ComproFM 2 (HKLM-x32\...\{9EA404D2-5A5E-4A44-94E3-B8B148F7BCBC}) (Version: 2.20.500 - )
Corel Paint Shop Pro Photo X2 (HKLM-x32\...\{64E72FB1-2343-4977-B4A8-262CD53D0BD3}) (Version: 12.50.0001 - Corel Corporation)
Cut Out 3.0 pro (64bits) (HKLM\...\Cut Out pro(64bits)_is1) (Version: - Franzis.de)
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
DHTML Editing Component (HKLM-x32\...\{2EA870FA-585F-4187-903D-CB9FFD21E2E0}) (Version: 6.02.0001 - Microsoft Corporation)
Dream Aquarium (HKLM-x32\...\DreamAqua) (Version: - )
DVBViewer Pro (HKLM-x32\...\DVBViewer Pro_is1) (Version: 5.3.2 - CM&V)
DVBViewer TE2 (HKLM-x32\...\DVBViewer TE2_is1) (Version: - CM&V)
DVD Shrink 3.2 deutsch (DeCSS-frei) (HKLM-x32\...\DVD Shrink DE_is1) (Version: - DVD Shrink)
Dynamic-Photo HDR 4.7 (HKLM-x32\...\Dynamic-Photo HDR 4_is1) (Version: - Mediachance)
EasyWeather (HKLM-x32\...\{CE1B03BC-3C99-4580-A2AC-A41DB9B83378}) (Version: - 1.0)
Elements 10 Organizer (HKLM-x32\...\{22D3A614-482C-444A-932C-9DA1B8ECDFD2}) (Version: 10.0 - Ihr Firmenname) Hidden
Elements 12 Organizer (HKLM-x32\...\{9D80A7B7-DC01-485D-AE93-710D559B5C56}) (Version: 12.0 - Ihr Firmenname) Hidden
EOS Capture 1.5 (HKLM-x32\...\{589D17BB-C997-48C0-BCD2-CC8DC3375FE8}) (Version: 1.5 - Canon) Hidden
erLT (HKLM-x32\...\{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}) (Version: 1.20.138.34 - Logitech, Inc.) Hidden
FastStone Image Viewer 5.7 (HKLM-x32\...\FastStone Image Viewer) (Version: 5.7 - FastStone Soft)
FlexRadio Systems PowerSDR v2.6.4 (HKLM-x32\...\{F700F67B-8F6F-48EF-98EE-CF5CF62ABEA2}_is1) (Version: 2.6.4 - FlexRadio Systems)
FMW 1 (HKLM\...\{DC2A8E3D-D5E1-4837-A2E0-C308100AC412}) (Version: 1.143.3 - AVG Technologies) Hidden
Fotogalerie (HKLM-x32\...\{41BF4A3B-D60A-4E92-883F-C88C8C157261}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
FUJIFILM MyFinePix Studio 1.1 (HKLM-x32\...\FinePix Genie_is1) (Version: - )
G DATA INTERNET SECURITY (HKLM-x32\...\G DATA INTERNET SECURITY) (Version: 25.4.0.1 - G DATA Software AG)
GeoSetter 3.4.16 (HKLM-x32\...\GeoSetter_is1) (Version: - Friedemann Schmidt)
GIMP 2.8.10 (HKLM\...\GIMP-2_is1) (Version: 2.8.10 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 58.0.3029.110 - Google Inc.)
Google Earth (HKLM-x32\...\{F6430171-B86B-4639-839E-374913E7911D}) (Version: 7.1.8.3036 - Google)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.5 - Google Inc.) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden
Ham Radio Deluxe (HKLM-x32\...\{4DF979D5-464C-4926-AF73-54C1C219F06A}) (Version: 5.24.0.36 - HRD Software, LLC)
Harrys Filters 4.0 (Plugin) (HKLM\...\Harrys Filters 4.0 (Plugin)_is1) (Version: - The Plugin Site)
Hauppauge WinTV 7 (HKLM-x32\...\Hauppauge WinTV 7) (Version: v7.0.30237 (CD 2.6) - Hauppauge Computer Works)
HDR projects darkroom (64-Bit) (HKLM\...\HDR_PROJECTS_2_0_3BF7CE82_is1) (Version: 2.26 - Franzis Verlag GmbH)
HDR Projects platin (64-Bit) (HKLM\...\HDR Projects platin_is1) (Version: 1.23 - Franzis Verlag GmbH)
Internet Library (HKLM-x32\...\{D0E8C34D-19D2-49FD-A900-88DEB788FF86}) (Version: 1.4.0 - Canon Inc.) Hidden
Java 8 Update 131 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180131F0}) (Version: 8.0.1310.11 - Oracle Corporation)
LAV Filters 0.69 (HKLM-x32\...\lavfilters_is1) (Version: 0.69 - Hendrik Leppkes)
Logitech Webcam-Software (HKLM-x32\...\{D40EB009-0499-459c-A8AF-C9C110766215}) (Version: 2.51 - Logitech Inc.)
Luminance HDR 2.4.0 (HKLM-x32\...\{7020FC34-6E04-4858-924D-354B28CB2402}_is1) (Version: - Luminance HDR Dev Team)
MainConcept DTV Decoder Pro (HKLM-x32\...\{793FCE60-DE5E-4977-A942-A7B69A45B17D}) (Version: 1.5.0.2 - MainConcept GmbH)
Malwarebytes Version 3.0.6.1469 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.0.6.1469 - Malwarebytes)
MergeModule_x64 (HKLM\...\{12DCC5A7-0100-4433-B4FF-217A3C5DC83B}) (Version: 9.3.00 - Sony Corporation) Hidden
MergeModule_x86 (HKLM-x32\...\{DD7721BB-CF1C-4DC9-AD87-8D5FB75413B7}) (Version: 9.3.00 - Sony Corporation) Hidden
MicroCapture Pro 2.2 (HKLM-x32\...\MicroCapture Pro) (Version: 2.2 - winmax)
Microsoft Camera Codec Pack (HKLM-x32\...\{968AE11C-EDF7-4D18-B416-848DA26EADFA}) (Version: 6.3.9723.0 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (HKLM-x32\...\HOMESTUDENTR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Live Add-in 1.5 (HKLM-x32\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Rechner-Plus (HKLM-x32\...\{437C19B3-7E20-4E39-B868-CA6BAA820E1C}) (Version: 1.0.0 - Microsoft)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 (HKLM\...\{D285FC5F-3021-32E9-9C59-24CA325BDC5C}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022.218 (HKLM-x32\...\{E503B4BF-F7BB-3D5F-8BC8-F694B1CFF942}) (Version: 9.0.21022.218 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Movie Maker (HKLM-x32\...\{70C91B91-61E8-4D06-86D6-A9DCC291983A}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{DD67BE4B-7E62-4215-AFA3-F123A800A389}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 54.0.1 (x64 de) (HKLM\...\Mozilla Firefox 54.0.1 (x64 de)) (Version: 54.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 54.0.1.6388 - Mozilla)
Mozilla Thunderbird 50.0 (x86 en-US) (HKLM-x32\...\Mozilla Thunderbird 50.0 (x86 en-US)) (Version: 50.0 - Mozilla)
Mozilla Thunderbird 55.0 (x86 en-US) (HKU\S-1-5-21-2441953047-3725558795-4123501198-1001\...\Mozilla Thunderbird 55.0 (x86 en-US)) (Version: 55.0 - Mozilla)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
Neat Image v7.4.0 Demo Standalone (32-bit) (HKLM-x32\...\Neat Image Standalone (32-bit)_is1) (Version: - Neat Image team, ABSoft)
NEAT projects professional (64-Bit) (HKLM\...\NEAT_PROJECTS_1_3_Df337A2C_is1) (Version: 1.12 - Franzis Verlag GmbH)
Nik Collection (HKLM-x32\...\Nik Collection) (Version: 1.2.11 - Google)
NVIDIA 3D Vision Treiber 342.01 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 342.01 - NVIDIA Corporation)
NVIDIA Grafiktreiber 342.01 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 342.01 - NVIDIA Corporation)
NVIDIA Update 10.4.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 10.4.0 - NVIDIA Corporation)
Online-Banking+ (HKLM-x32\...\{B1B03833-939A-43D3-ADA5-E4088E6AFD5D}) (Version: 15.2.1.18 - Buhl Data Service GmbH) Hidden
Online-Banking+ (HKLM-x32\...\Online-Banking+) (Version: - Buhl Data Service GmbH)
PC Camer@N (HKLM-x32\...\{68AD7668-834F-49BC-94AB-28F94A5D93D5}) (Version: 0.1.3.8 - Teconet) Hidden
PC Camer@N (HKLM-x32\...\InstallShield_{68AD7668-834F-49BC-94AB-28F94A5D93D5}) (Version: 0.1.3.8 - Teconet)
Pcr1k Mini (HKLM-x32\...\ST6UNST #1) (Version: - )
PC-WELT-Fix-it-Pack 2.0 (HKLM\...\{CD349D32-0976-4AB5-9616-82717033D2C8}_is1) (Version: - IDG Magazine Media GmbH)
Phase 5 HTML-Editor (HKLM-x32\...\{20B1B020-DEAE-48D1-9960-D4C3185D758B}) (Version: 5.6.2.3 - Systemberatung Schommer)
PhotoPad Foto-Editor (HKLM-x32\...\PhotoPad) (Version: 2.41 - NCH Software)
PhotoStitch (HKLM-x32\...\{874E44F3-B9A7-4AA1-B4BA-83E5684ED9C6}) (Version: 3.1.16 - Canon) Hidden
PlayMemories Home (HKLM-x32\...\{94F4815B-755A-4FFA-AFDC-EE8FE776981E}) (Version: 5.1.00.12260 - Sony Corporation)
PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
PMB_ModeEditor (HKLM-x32\...\{D5318740-B088-4B1A-B6A8-1F90A172CCD1}) (Version: 9.3.00 - Sony Corporation) Hidden
PMB_ServiceUploader (HKLM-x32\...\{E7FDF11C-12BB-4D6F-9B6D-F8E488C776DC}) (Version: 10.1.00 - Sony Corporation) Hidden
ProgDVB (HKLM\...\ProgDVB) (Version: - )
PSE12 STI Installer (HKLM-x32\...\{11F9A376-342F-4297-82DA-1F6EA8ED4B6B}) (Version: 12.0 - Adobe Systems Incorporated) Hidden
QuickTime (HKLM-x32\...\{1451DE6B-ABE1-4F62-BE9A-B363A17588A2}) (Version: 7.65.17.80 - Apple Inc.)
RAF (HKLM-x32\...\{E6B43401-E818-4961-AFED-118DD8E87642}) (Version: 1.00.0001 - FUJIFILM Corporation)
RAW Image Task 2.2 (HKLM-x32\...\{BAA43DA2-B6C5-46EC-B163-0E8EEAF975A4}) (Version: 2.2 - Canon) Hidden
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
Saal Design Software (HKLM-x32\...\{0C52FDB3-C8A1-E686-5A87-85F3EC2259D4}) (Version: 4.0 - Saal Digital Fotoservice GmbH) Hidden
Saal Design Software (HKLM-x32\...\SaalDesignSoftware) (Version: 4.0 - Saal Digital Fotoservice GmbH)
Serif PhotoPlus X5 (HKLM-x32\...\{617E7009-0C50-4178-B0E2-F9D66DC8A582}) (Version: 15.0.1.011 - Serif (Europe) Ltd)
Silicon Laboratories CP210x VCP Drivers for Windows 2000/XP/2003 Server/Vista (HKLM-x32\...\{E4EE41CD-85AD-41DC-A93D-CA73A3BE981B}) (Version: 4.40 - Silicon Laboratories, Inc.)
SILVER projects premium (64-Bit) (HKLM\...\SILVER_PROJECTS_1_2_28B15F1D_is1) (Version: 1.14 - Franzis Verlag GmbH)
Skype™ 7.38 (HKLM-x32\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.38.101 - Skype Technologies S.A.)
stunnel installed for AllUsers (HKLM-x32\...\stunnel) (Version: 5.35 - Michal Trojnara)
TeamSpeak 2 RC2 (HKLM-x32\...\Teamspeak 2 RC2_is1) (Version: 2.0.32.60 - Dominating Bytes Design)
TeamViewer 12 (HKLM-x32\...\TeamViewer) (Version: 12.0.75813 - TeamViewer)
TechniSat DVB-PC TV Star (HKLM-x32\...\{D032A7F0-8B5C-4603-8B46-235025D5F9C1}) (Version: 4.3.3 - TechniSat)
Technisat DVB-VC80 Redistributable Modules (HKLM-x32\...\{134007CC-7026-46C2-B46F-40D9FD2AF385}) (Version: 1.0.0 - Technisat)
Telekom Hosting Manager (HKLM\...\Telekom Hosting Manager) (Version: 1.1.6.0 - Telekom)
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 8.50 - Ghisler Software GmbH)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0407-0000-0000000FF1CE}_HOMESTUDENTR_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version: - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0407-0000-0000000FF1CE}_HOMESTUDENTR_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version: - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0407-0000-0000000FF1CE}_HOMESTUDENTR_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version: - Microsoft)
USB2.0 PC Camera (HKLM-x32\...\{417D86A0-89FE-4308-B172-45B74DCE6F8F}) (Version: 2.2.0.0 - aveotek)
Videoload (HKU\S-1-5-21-2441953047-3725558795-4123501198-1001\...\3923177984.wcps.t-online.de) (Version: - wcps.t-online.de)
VideoMate DVB-T / DAB / ISDBT USB Driver (HKLM-x32\...\{9B56D73E-CBC7-4499-ACED-9ECCA72AE52C}) (Version: 86.1.1012.2010 - )
VisionGS PE (HKLM-x32\...\VisionGS PE_is1) (Version: - bluepath GmbH)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
Wacom (HKLM\...\Pen Tablet Driver) (Version: 5.3.5-3 - Wacom Technology Corp.)
WeatherLink 6.0.3 (HKLM-x32\...\{E344C807-7DE0-4CC2-81BB-1F895CF8CBDF}) (Version: 6.0.3 - Davis Instruments Corp.)
WebTablet FB Plugin 32 bit (HKLM-x32\...\Wacom WebTabletPlugin for Internet Explorer and Netscape) (Version: 2.1.0.7 - Wacom Technology Corp.)
WebTablet FB Plugin 64 bit (HKLM\...\Wacom WebTabletPlugin for Internet Explorer and Netscape) (Version: 2.1.0.7 - Wacom Technology Corp.)
Windows 10 Update and Privacy Settings (HKLM\...\{4DFCD818-036A-4229-A67D-CF17DC461D92}) (Version: 1.0.14.0 - Microsoft Corporation)
Windows 10-Upgrade-Assistent (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.17387 - Microsoft Corporation)
Windows Desktop Gadgets (HKLM\...\Windows Desktop Gadgets_is1) (Version: 2.0 - hxxp://gadgetsrevived.com)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
Windows-Treiberpaket - ZC-700W Webcam Driver (01/01/2007 6.0.0.1) (HKLM\...\10222FE57D88FE4CF0DE52CB1422B3E85424F890) (Version: 01/01/2007 6.0.0.1 - )
Windows-Treiberpaket - Silicon Laboratories (silabenm) Ports (10/18/2013 6.6.1.0) (HKLM\...\F92C2D6CB4EA0EE558BDF5F8BDD69083DFC62179) (Version: 10/18/2013 6.6.1.0 - Silicon Laboratories)
WinRAR 5.40 beta 2 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.40.2 - win.rar GmbH)
WinSCP 5.7.7 (HKLM-x32\...\winscp3_is1) (Version: 5.7.7 - Martin Prikryl)
WISO Konto Online Plus 365 (HKLM-x32\...\{FF192B78-55F6-4B80-860F-33E428FA16E3}) (Version: 22.0.0.0 - Buhl Data Service GmbH) Hidden
WISO Konto Online Plus 365 (HKLM-x32\...\WISO Konto Online Plus 365) (Version: - Buhl Data Service GmbH)
WsWin V2.98.0 - 2015-08-31 (HKLM-x32\...\PC-Wetterstation_is1) (Version: 2.98.0 - Werner Krenn)
WXtoImg (HKLM-x32\...\WXtoImg) (Version: - )
Yahoo Search Set (HKLM-x32\...\Yahoo! SearchSet) (Version: - Yahoo Inc.)
Z Cinema (HKLM\...\{6E166235-49F3-4DFA-A102-1E86675ABD11}) (Version: 1.0.0 - Logitech)
ZC-700W Webcam (HKLM-x32\...\{E398E7CC-30B8-4D63-B07B-741163A12565}) (Version: 100.000.070814 - ZC-700W)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
CustomCLSID: HKU\S-1-5-21-2441953047-3725558795-4123501198-1001_Classes\CLSID\{0E7BE950-4ACC-47CB-834B-41A8B96BBFF9}\InprocServer32 -> C:\Users\Siggi\AppData\Local\Microsoft\Windows Sidebar\Gadgets\Sidebar7.gadget\Release\Sidebar7.64.dll (Helmut Buhler)
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> Keine Datei
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> Keine Datei
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> Keine Datei
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> Keine Datei
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> Keine Datei
ShellIconOverlayIdentifiers: [EldosIconOverlay-cbfs5] -> {1B916AD7-FB63-41F5-B564-5931F0D120E6} => C:\WINDOWS\system32\cbfsMntNtf5.dll [2014-01-23] (EldoS Corporation)
ShellIconOverlayIdentifiers: [HGE Overlay 0 (Upload)] -> {6AE3859C-AB0D-49EC-A7C2-3631D96C6EE5} => C:\WINDOWS\system32\HGE.ShellExtension.dll [2013-03-18] (Deutsche Telekom AG)
ShellIconOverlayIdentifiers: [HGE Overlay 1 (Transfer)] -> {E4E8FAD2-90BC-41fe-8851-F70EB11E6875} => C:\WINDOWS\system32\HGE.ShellExtension.dll [2013-03-18] (Deutsche Telekom AG)
ShellIconOverlayIdentifiers: [HGE Overlay 2 (Finished)] -> {B9C00A72-09B3-4f53-B8B9-7349D04D65F7} => C:\WINDOWS\system32\HGE.ShellExtension.dll [2013-03-18] (Deutsche Telekom AG)
ShellIconOverlayIdentifiers: [HGE Overlay 3 (Selected)] -> {8F153B5F-6763-4d81-9A78-26CC7750EF2A} => C:\WINDOWS\system32\HGE.ShellExtension.dll [2013-03-18] (Deutsche Telekom AG)
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> Keine Datei
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> Keine Datei
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> Keine Datei
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> Keine Datei
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> Keine Datei
ShellIconOverlayIdentifiers-x32: [EldosIconOverlay-cbfs5] -> {1B916AD7-FB63-41F5-B564-5931F0D120E6} => C:\WINDOWS\SysWOW64\cbfsMntNtf5.dll [2014-01-23] (EldoS Corporation)
ContextMenuHandlers01: [AVG Shredder Shell Extension] -> {4858E7D9-8E12-45a3-B6A3-1CD128C9D403} => C:\Program Files (x86)\AVG\AVG PC TuneUp\SDShelEx-x64.dll [2017-02-21] (AVG Technologies CZ, s.r.o.)
ContextMenuHandlers01: [AVK9CM] -> {CAF4C320-32F5-11D3-A222-004095200FF2} => C:\Program Files (x86)\G DATA\InternetSecurity\AVK\ShellExt64.dll [2017-06-08] (G DATA Software AG)
ContextMenuHandlers01: [HgeContextMenu] -> {62C509D3-D882-4A21-8358-E75DEFF6CB25} => C:\WINDOWS\system32\HGE.ShellExtension.dll [2013-03-18] (Deutsche Telekom AG)
ContextMenuHandlers01: [PicaViewCtxMenuShlExt] -> {F3CBBA61-EE3F-4D6D-B1C6-B3474E579936} => C:\Program Files\Common Files\ACD Systems\PicaView\ACDSeePV.dll [2015-10-08] (ACD Systems International Inc.)
ContextMenuHandlers01: [ShellConverter] -> {30A4E07E-068A-4d91-8F05-691283A1336B} => C:\Program Files (x86)\Common Files\AVSMedia\ActiveX\AVSShellConverter64.dll [2015-04-06] (Online Media Technologies Ltd.)
ContextMenuHandlers03: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-01-20] (Malwarebytes)
ContextMenuHandlers03: [Reisswolf] -> {1F0F1EE7-36B9-11D2-8985-0080ADA96E9B} => C:\Program Files (x86)\G DATA\InternetSecurity\Shredder\Reisswlf64.dll [2017-06-08] (G DATA Software AG)
ContextMenuHandlers04: [AVG Disk Space Explorer Shell Extension] -> {4838CD50-7E5D-4811-9B17-C47A85539F28} => C:\Program Files (x86)\AVG\AVG PC TuneUp\DseShExt-x64.dll [2017-02-21] (AVG Technologies CZ, s.r.o.)
ContextMenuHandlers04: [AVG Shredder Shell Extension] -> {4858E7D9-8E12-45a3-B6A3-1CD128C9D403} => C:\Program Files (x86)\AVG\AVG PC TuneUp\SDShelEx-x64.dll [2017-02-21] (AVG Technologies CZ, s.r.o.)
ContextMenuHandlers04: [HgeContextMenu] -> {62C509D3-D882-4A21-8358-E75DEFF6CB25} => C:\WINDOWS\system32\HGE.ShellExtension.dll [2013-03-18] (Deutsche Telekom AG)
ContextMenuHandlers05: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2016-11-14] (NVIDIA Corporation)
ContextMenuHandlers06: [AVK9CM] -> {CAF4C320-32F5-11D3-A222-004095200FF2} => C:\Program Files (x86)\G DATA\InternetSecurity\AVK\ShellExt64.dll [2017-06-08] (G DATA Software AG)
ContextMenuHandlers06: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-01-20] (Malwarebytes)
ContextMenuHandlers06: [Reisswolf] -> {1F0F1EE7-36B9-11D2-8985-0080ADA96E9B} => C:\Program Files (x86)\G DATA\InternetSecurity\Shredder\Reisswlf64.dll [2017-06-08] (G DATA Software AG)
ContextMenuHandlers5_S-1-5-21-2441953047-3725558795-4123501198-1001: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => -> Keine Datei
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {07458051-D8AB-43BD-ACF2-D44E84A67815} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {09392749-0A12-4DCF-ABD4-5D6F5F2AADC6} - System32\Tasks\{0B247F87-A701-4440-9339-F1875EE95FCD} => C:\Windows\system32\pcalua.exe -a D:\CEP_2.0_Complete_Win_DE.exe -d D:\
Task: {0A0AD880-9540-47F7-91AD-76FF1026E894} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {0A0DDAB3-802E-4F77-8371-476DABB16F4A} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {0A2A53DA-24DA-460A-91AC-AF521E86EF60} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {11DAABBF-5D98-470B-ADB7-F51F117032FB} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {1388E89C-D4FD-41EF-A194-A4AE588C4D8A} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-04-25] (Adobe Systems Incorporated)
Task: {15F6C957-E06F-4550-A456-686F4F28C4AC} - System32\Tasks\AVGPCTuneUp_Task_BkGndMaintenance => C:\Program Files (x86)\AVG\AVG PC TuneUp\tuscanx.exe [2017-02-21] (AVG Technologies CZ, s.r.o.)
Task: {1C6BF7D0-4B35-4FD7-993D-F665DF4E3960} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\WINDOWS\ehome\ehrec.exe
Task: {400CA01C-1EEA-46AE-BE53-2E7A986C8F90} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\WINDOWS\ehome\ehrec.exe
Task: {41174F5C-DB56-441D-83CA-CF51200087AD} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {411B0972-E529-4F89-A24B-103E41E1BBC5} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {4A1EE791-9499-4969-B4EF-60F39984A9D6} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {4AF8A682-BEC1-4A52-A250-61D78829CFF0} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {4F0A61A4-655B-47E3-8AD6-74E41B74C724} - System32\Tasks\{E0A07D66-864F-44B4-8DEF-5754405773DE} => C:\Windows\system32\pcalua.exe -a C:\Users\Siggi\Downloads\MDVS51LE_SR1(1).exe -d C:\Users\Siggi\Downloads
Task: {58407670-E10E-43E6-BAFE-D8287E6AC0CA} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {5ABD9620-FE0E-4F0F-A46B-0C2A9B642C8C} - System32\Tasks\Java Platform SE Auto Updater => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2017-03-15] (Oracle Corporation)
Task: {6968DAEA-E639-4D3B-A1C7-1ED4C05E2971} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {6A245795-611F-4EA0-B3FA-715A0FC9ED0D} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\WINDOWS\ehome\mcupdate.exe
Task: {71BDCFF0-8A63-4C94-BCB7-B7439D012E74} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {7927F907-FDEA-4513-A758-49F1F3730B1C} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2008-07-30] (Apple Inc.)
Task: {7D35FDE0-0A71-4D47-B255-F4396AA2B062} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {812B89ED-7B35-4A10-8AFA-5A6C4F3D8532} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {884B76E2-D343-404E-83CB-16F6B2AF8317} - System32\Tasks\OneDrive Standalone Update Task => C:\Users\Siggi\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\OneDriveStandaloneUpdater.exe
Task: {8EF2BC47-6A7B-4D41-BF41-E4830B00800F} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {92ADAB95-CA69-4BFF-9CFB-779A442B291F} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-06-17] (Adobe Systems Incorporated)
Task: {931AA313-0CB9-47E4-AB4D-BA55394CBB99} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {9624B254-4386-4A7A-A8FE-EE2961A19647} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {9D71E7E4-4BFC-4F4F-9205-FBD50E471BF5} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\WINDOWS\ehome\mcupdate.exe
Task: {A237C3FE-C1FE-4F33-8681-662ABB0B583E} - System32\Tasks\{1A1FA7F6-1890-4D31-8874-9602DACB72B0} => D:\CEP_2.0_Complete_Win_DE.exe
Task: {A29B961A-C7B5-42F8-B13F-AE49A4BD9DBA} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {AEA72503-E0CA-4153-B295-ACF3D1B7123D} - System32\Tasks\{3F9514FB-C8A3-49B9-8A8F-02E9AF1A6DBE} => C:\Windows\system32\pcalua.exe -a G:\unetbootin-windows-608\unetbootin-windows-608.exe -d G:\unetbootin-windows-608
Task: {B4B4AB71-2A43-4550-8807-3F79D36FBFFD} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {BC32F5C5-572A-4A21-8C37-B1837E79C55B} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\WINDOWS\ehome\MCUpdate.exe
Task: {C4B9A9D6-1D56-4A0D-89DD-E327BA7DC51B} - System32\Tasks\SidebarExecute => C:\Program Files (x86)\Windows Sidebar\sidebar.exe [2013-10-02] (Microsoft Corporation)
Task: {DBC6E009-CDE7-4E3E-A9F9-7B6ADC3C59DA} - System32\Tasks\AVG EUpdate Task => avgsetupx.exe
Task: {E44F740D-679D-42A1-AA32-FDE297A2A779} - System32\Tasks\AdobeAAMUpdater-1.0-Siggi-PC-Siggi => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2013-06-03] (Adobe Systems Incorporated)
Task: {E510889C-EC05-4A83-987A-BCFAF6994150} - System32\Tasks\{C3EE8CFC-80D2-4565-BF7E-C332DE34E4F2} => D:\CEP_2.0_Complete_Win_DE.exe
Task: {E6B2E88C-6B9F-42CD-B1DE-584AE4243094} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {EB5EDA2A-6003-46DE-8489-8E22A06BF3DD} - System32\Tasks\{89F4780C-152F-4B56-871F-DA7F8D01A46F} => C:\Windows\system32\pcalua.exe -a H:\SetupOnlineBankingPlus(1).exe -d H:\
Task: {F8A75EC6-71B0-4756-8834-97A95DDB4518} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_26_0_0_131_pepper.exe [2017-06-17] (Adobe Systems Incorporated)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
==================== Verknüpfungen & WMI ========================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
Shortcut: C:\Users\Siggi\Favorites\Downloadseite von NCH Software.lnk -> hxxp://www.nchsoftware.com/de/index.htm
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2016-07-16 13:42 - 2016-07-16 13:42 - 00231424 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2017-07-12 11:53 - 2017-06-21 09:48 - 02681200 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2016-09-25 10:23 - 2016-11-14 13:15 - 00135224 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2017-06-08 05:54 - 2017-06-08 05:54 - 00554984 _____ () C:\Program Files (x86)\Common Files\G Data\AVKProxy\PktIcpt2x64.dll
2016-09-26 12:28 - 2016-09-07 06:56 - 00134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll
2017-03-14 21:39 - 2017-03-04 08:31 - 00474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll
2017-04-07 14:14 - 2017-04-15 09:06 - 02271520 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\PoliciesControllerImpl.dll
2013-11-30 20:54 - 2013-11-30 20:54 - 00067072 _____ () C:\Program Files (x86)\stunnel\bin\ZLIB1.dll
2016-05-03 19:26 - 2016-05-03 19:26 - 00024064 _____ () C:\Program Files (x86)\stunnel\engines\capi.dll
2016-12-02 19:27 - 2016-12-02 19:26 - 48920064 _____ () C:\Program Files (x86)\AVG\UiDll\2623\libcef.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
AlternateDataStreams: C:\ProgramData:BDSDRMHK [64]
AlternateDataStreams: C:\WINDOWS:nlsPreferences [0]
AlternateDataStreams: C:\Users\All Users:BDSDRMHK [64]
AlternateDataStreams: C:\ProgramData\Anwendungsdaten:BDSDRMHK [64]
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2015-10-30 09:24 - 2016-10-29 17:59 - 00000824 _____ C:\WINDOWS\system32\Drivers\etc\hosts
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-2441953047-3725558795-4123501198-1001\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\theme1\img13.jpg
DNS Servers: 192.168.2.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
mpsdrv => Firewall Dienst läuft nicht.
MpsSvc => Firewall Dienst läuft nicht.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
MSCONFIG\Services: AdobeActiveFileMonitor10.0 => 2
MSCONFIG\Services: AdobeActiveFileMonitor12.0 => 2
MSCONFIG\Services: AdobeARMservice => 2
MSCONFIG\Services: ehRecvr => 2
MSCONFIG\Services: ehSched => 2
MSCONFIG\Services: Fax => 3
MSCONFIG\Services: gupdate => 2
MSCONFIG\Services: gupdatem => 3
MSCONFIG\Services: HauppaugeTVServer => 2
MSCONFIG\Services: MpsSvc => 2
MSCONFIG\Services: TeamViewer9 => 2
MSCONFIG\Services: WinDefend => 2
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^ComproRemote.lnk => C:\Windows\pss\ComproRemote.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^ComproSchedulerDTV.lnk => C:\Windows\pss\ComproSchedulerDTV.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Server4PC.lnk => C:\Windows\pss\Server4PC.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^Siggi^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^EOS Utility.lnk => C:\Windows\pss\EOS Utility.lnk.Startup
MSCONFIG\startupfolder: C:^Users^Siggi^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^simplicheck.lnk => C:\Windows\pss\simplicheck.lnk.Startup
MSCONFIG\startupfolder: C:^Users^Siggi^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^WeatherLink 6.0.3.exe.lnk => C:\Windows\pss\WeatherLink 6.0.3.exe.lnk.Startup
MSCONFIG\startupreg: ACDSeeCommander19 => C:\Program Files (x86)\ACD Systems\ACDSee\19.0\ACDSeeCommander19.exe
MSCONFIG\startupreg: ACSW17DE => "G:\Program Files (x86)\ACDSee\17.0\acdIDInTouch2.exe"
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
MSCONFIG\startupreg: CAHeadless => F:\Program Files (x86)\Adobe\Elements 12 Organizer\CAHeadless\ElementsAutoAnalyzer.exe
MSCONFIG\startupreg: CCleaner Monitoring => "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
MSCONFIG\startupreg: Corel File Shell Monitor => G:\Program Files (x86)\Corel\Corel Paint Shop Pro Photo X2\CorelIOMonitor.exe
MSCONFIG\startupreg: Corel Photo Downloader => "C:\Program Files (x86)\Common Files\Corel\Corel PhotoDownloader\Corel Photo Downloader.exe" -startup
MSCONFIG\startupreg: LWS => C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe -hide
MSCONFIG\startupreg: NvBackend => "C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
MSCONFIG\startupreg: PMBVolumeWatcher => C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe /SysAutoRun
MSCONFIG\startupreg: ProgLauncher => G:\Program Files\ProgDVB\ProgLauncher.exe
HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run: => "WindowsDefender"
HKLM\...\StartupApproved\Run: => "ACPW07DE"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKU\S-1-5-21-2441953047-3725558795-4123501198-1001\...\StartupApproved\StartupFolder: => "Z Cinema.lnk"
HKU\S-1-5-21-2441953047-3725558795-4123501198-1001\...\StartupApproved\StartupFolder: => "Telekom Hosting Manager.lnk"
HKU\S-1-5-21-2441953047-3725558795-4123501198-1001\...\StartupApproved\StartupFolder: => "Sidebar520.lnk"
HKU\S-1-5-21-2441953047-3725558795-4123501198-1001\...\StartupApproved\StartupFolder: => "OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk"
HKU\S-1-5-21-2441953047-3725558795-4123501198-1001\...\StartupApproved\StartupFolder: => "Sidebar265.lnk"
HKU\S-1-5-21-2441953047-3725558795-4123501198-1001\...\StartupApproved\Run: => "CCleaner Monitoring"
HKU\S-1-5-21-2441953047-3725558795-4123501198-1001\...\StartupApproved\Run: => "ACDSeeCommander19"
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [{A25CBC86-965E-43CD-BFF1-857E2EDC6C11}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{C35471EF-00D1-4793-B648-0DF6CFFCEBFD}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{3A30E356-37D5-4FCD-B7E9-937897D579CB}] => (Allow) G:\Program Files (x86)\WinTV\WinTV7\WinTV7.exe
FirewallRules: [{0D5D93A8-DC21-4642-8F2A-5131835A1419}] => (Allow) G:\Program Files (x86)\WinTV\WinTV7\WinTV7.exe
FirewallRules: [{323568BB-4FC9-498D-A020-4EDD2D2E7BC0}] => (Allow) G:\Program Files (x86)\WinTV\WinTV7\WinTV7.exe
FirewallRules: [{7F2C76AA-475E-4BE4-97E4-74EDEAA8E24B}] => (Allow) G:\Program Files (x86)\WinTV\WinTV7\WinTV7.exe
FirewallRules: [{06E7D0CC-172C-48C8-94A7-472EC1C6AFEC}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{34E2A8D4-9B0D-4C1A-B945-7E15AE933436}] => (Allow) G:\Program Files (x86)\Audials\Audials 10\Audials.exe
FirewallRules: [{EEE8F83A-2431-4D90-B303-2C86114D8FE5}] => (Allow) LPort=12972
FirewallRules: [{28C2F037-B922-487F-99C4-3182B8E32641}] => (Allow) LPort=14714
FirewallRules: [{00697237-A114-44B6-BBD0-FE6E2603E836}] => (Allow) LPort=31931
FirewallRules: [{C1C4D3F1-D8A3-442C-8DFE-0C85ABA4C129}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{988CE59E-9A1E-4E8B-BD06-5B8A6FB06DFF}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{3243F948-64DE-4B1F-8FC5-DFD155D37CED}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{81F4CEE6-D3C5-402D-9315-7307B09AB7B0}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{0ED700D8-6ECE-4A06-9DA6-DD066C6BBA7D}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{320EA1FD-8BB0-48DC-A1E4-D74E6155A4E9}] => (Allow) LPort=2869
FirewallRules: [{731AE74B-DC32-47D9-B782-6E8E6EE210D8}] => (Allow) LPort=1900
==================== Wiederherstellungspunkte =========================
15-07-2017 18:04:19 Geplanter Prüfpunkt
16-07-2017 19:00:16 Windows-Sicherung
Überprüfen Sie den "winmgmt" Dienst oder reparieren Sie den WMI.
==================== Fehlerhafte Geräte im Gerätemanager =============
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (07/19/2017 10:50:07 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Siggi-PC)
Description: Bei der Aktivierung der App „Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI“ ist folgender Fehler aufgetreten: -2147024894. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
Error: (07/19/2017 10:45:15 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Siggi-PC)
Description: Bei der Aktivierung der App „Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI“ ist folgender Fehler aufgetreten: -2147024894. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
Error: (07/19/2017 10:45:13 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Siggi-PC)
Description: Bei der Aktivierung der App „Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI“ ist folgender Fehler aufgetreten: -2147024894. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
Error: (07/19/2017 10:45:11 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Siggi-PC)
Description: Bei der Aktivierung der App „Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI“ ist folgender Fehler aufgetreten: -2147024894. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
Error: (07/19/2017 10:45:09 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Siggi-PC)
Description: Bei der Aktivierung der App „Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI“ ist folgender Fehler aufgetreten: -2147024894. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
Error: (07/19/2017 10:45:07 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Siggi-PC)
Description: Bei der Aktivierung der App „Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI“ ist folgender Fehler aufgetreten: -2147024894. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
Error: (07/19/2017 10:45:06 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Siggi-PC)
Description: Bei der Aktivierung der App „Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI“ ist folgender Fehler aufgetreten: -2147024894. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
Error: (07/19/2017 10:45:05 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Siggi-PC)
Description: Bei der Aktivierung der App „Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI“ ist folgender Fehler aufgetreten: -2147024894. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
Error: (07/19/2017 10:12:24 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Siggi-PC)
Description: Bei der Aktivierung der App „Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI“ ist folgender Fehler aufgetreten: -2147024894. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
Error: (07/19/2017 10:11:14 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Siggi-PC)
Description: Bei der Aktivierung der App „Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI“ ist folgender Fehler aufgetreten: -2147024894. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
Systemfehler:
=============
Error: (07/19/2017 11:03:09 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80073d0a fehlgeschlagen: MSN Weather
Error: (07/19/2017 11:03:03 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80073d0a fehlgeschlagen: Microsoft Photos
Error: (07/19/2017 11:02:51 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80073d0a fehlgeschlagen: Windows Camera
Error: (07/19/2017 10:58:36 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80073d0a fehlgeschlagen: Mail and Calendar
Error: (07/19/2017 10:57:57 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80073d0a fehlgeschlagen: Movies & TV
Error: (07/19/2017 10:56:19 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80073d0a fehlgeschlagen: Twitter
Error: (07/19/2017 10:55:09 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80073d0a fehlgeschlagen: Windows Voice Recorder
Error: (07/19/2017 10:54:40 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80073d0a fehlgeschlagen: Microsoft Solitaire Collection
Error: (07/19/2017 10:53:59 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80073d0a fehlgeschlagen: Windows Calculator
Error: (07/19/2017 10:53:43 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80073d0a fehlgeschlagen: OneNote
CodeIntegrity:
===================================
Date: 2017-07-13 13:21:49.455
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2017-07-13 13:16:22.209
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\WINDOWS\assembly\GAC\Microsoft.StdFormat\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.StdFormat.dll that did not meet the Microsoft signing level requirements.
Date: 2017-07-13 13:16:22.114
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\WINDOWS\assembly\GAC\ADODB\7.0.3300.0__b03f5f7f11d50a3a\ADODB.dll that did not meet the Microsoft signing level requirements.
Date: 2017-07-13 13:16:22.019
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\WINDOWS\assembly\GAC\MSDATASRC\7.0.3300.0__b03f5f7f11d50a3a\MSDATASRC.dll that did not meet the Microsoft signing level requirements.
Date: 2017-07-13 13:16:21.899
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\WINDOWS\assembly\GAC\Microsoft.StdFormat\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.StdFormat.dll that did not meet the Microsoft signing level requirements.
Date: 2017-07-13 13:16:21.866
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\WINDOWS\assembly\GAC\ADODB\7.0.3300.0__b03f5f7f11d50a3a\ADODB.dll that did not meet the Microsoft signing level requirements.
Date: 2017-07-13 13:16:21.835
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\WINDOWS\assembly\GAC\MSDATASRC\7.0.3300.0__b03f5f7f11d50a3a\MSDATASRC.dll that did not meet the Microsoft signing level requirements.
Date: 2017-07-13 13:16:19.933
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\WINDOWS\assembly\GAC\stdole\7.0.3300.0__b03f5f7f11d50a3a\stdole.dll that did not meet the Microsoft signing level requirements.
Date: 2017-07-13 13:16:19.314
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\WINDOWS\assembly\GAC\stdole\7.0.3300.0__b03f5f7f11d50a3a\stdole.dll that did not meet the Microsoft signing level requirements.
Date: 2017-07-13 13:05:31.446
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\WINDOWS\assembly\GAC\Microsoft.StdFormat\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.StdFormat.dll that did not meet the Microsoft signing level requirements.
==================== Speicherinformationen ===========================
Prozessor: AMD Athlon(tm) 64 X2 Dual Core Processor 5200+
Prozentuale Nutzung des RAM: 54%
Installierter physikalischer RAM: 4095.3 MB
Verfügbarer physikalischer RAM: 1869.57 MB
Summe virtueller Speicher: 8191.3 MB
Verfügbarer virtueller Speicher: 5205.96 MB
==================== Laufwerke ================================
Drive c: (OS) (Fixed) (Total:930.96 GB) (Free:825.45 GB) NTFS
Drive g: (DATA) (Fixed) (Total:298.02 GB) (Free:37.05 GB) FAT32
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 0BE5E7CA)
Partition 1: (Active) - (Size=102 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=931 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=450 MB) - (Type=27)
========================================================
Disk: 1 (MBR Code: Windows XP) (Size: 298.1 GB) (Disk ID: 2AA4DA24)
Partition 1: (Not Active) - (Size=298.1 GB) - (Type=0C)
==================== Ende von Addition.txt ============================
|
|
20.07.2017, 19:38
| #3 |
| /// TB-Ausbilder   | Malwarebytes zeigt Funde an auf PC vom Vater Mein Name ist Matthias und ich werde dir bei der Bereinigung deines Computers helfen. Um die Bereinigung möchlichst effektiv und schnell gestalten zu können, bitte ich um Beachtung der folgenden Hinweise:
Bitte arbeite alle Schritte in der vorgegebenen Reihefolge nacheinander ab und poste alle Logdateien in CODE-Tags:  So funktioniert es:Posten in CODE-Tags Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert deinem Helfer massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu groß für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
Danke für deine Mitarbeit! Downloade dir bitte  TDSSKiller.exe und speichere diese Datei auf dem Desktop
|
|
20.07.2017, 19:58
| #4 |
| | Malwarebytes zeigt Funde an auf PC vom Vater hallo Matthias, hat nichts gefunden. Code:
ATTFilter 20:57:22.0309 0x04f0 TDSS rootkit removing tool 3.1.0.15 Apr 18 2017 11:34:02
20:57:26.0903 0x04f0 ============================================================
20:57:26.0903 0x04f0 Current date / time: 2017/07/20 20:57:26.0903
20:57:26.0903 0x04f0 SystemInfo:
20:57:26.0903 0x04f0
20:57:26.0903 0x04f0 OS Version: 10.0.14393 ServicePack: 0.0
20:57:26.0903 0x04f0 Product type: Workstation
20:57:26.0903 0x04f0 ComputerName: SIGGI-PC
20:57:26.0903 0x04f0 UserName: Siggi
20:57:26.0903 0x04f0 Windows directory: C:\WINDOWS
20:57:26.0903 0x04f0 System windows directory: C:\WINDOWS
20:57:26.0903 0x04f0 Running under WOW64
20:57:26.0903 0x04f0 Processor architecture: Intel x64
20:57:26.0903 0x04f0 Number of processors: 2
20:57:26.0903 0x04f0 Page size: 0x1000
20:57:26.0903 0x04f0 Boot type: Normal boot
20:57:26.0903 0x04f0 CodeIntegrityOptions = 0x00000001
20:57:26.0903 0x04f0 ============================================================
20:57:27.0262 0x04f0 KLMD registered as C:\WINDOWS\system32\drivers\72766668.sys
20:57:27.0262 0x04f0 KLMD ARK init status: drvProperties = 0xFFF00, osBuild = 14393.1480, osProperties = 0x19
20:57:27.0371 0x04f0 System UUID: {96483C86-B7EC-7290-8977-E649CD0C4CB0}
20:57:27.0778 0x04f0 Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 ( 931.51 Gb ), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
20:57:27.0809 0x04f0 Drive \Device\Harddisk1\DR1 - Size: 0x4A85D56000 ( 298.09 Gb ), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
20:57:27.0825 0x04f0 ============================================================
20:57:27.0825 0x04f0 \Device\Harddisk0\DR0:
20:57:27.0825 0x04f0 MBR partitions:
20:57:27.0825 0x04f0 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3EC1, BlocksNum 0x32FCD
20:57:27.0825 0x04f0 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x36E8E, BlocksNum 0x745EDB33
20:57:27.0825 0x04f0 \Device\Harddisk1\DR1:
20:57:27.0825 0x04f0 MBR partitions:
20:57:27.0825 0x04f0 \Device\Harddisk1\DR1\Partition1: MBR, Type 0xC, StartLBA 0x3F, BlocksNum 0x2542D682
20:57:27.0825 0x04f0 ============================================================
20:57:27.0840 0x04f0 C: <-> \Device\Harddisk0\DR0\Partition2
20:57:27.0840 0x04f0 G: <-> \Device\Harddisk1\DR1\Partition1
20:57:27.0840 0x04f0 ============================================================
20:57:27.0840 0x04f0 Initialize success
20:57:27.0840 0x04f0 ============================================================
|
|
20.07.2017, 20:12
| #5 |
| /// TB-Ausbilder | Malwarebytes zeigt Funde an auf PC vom Vater Die Logdatei ist unvollständig. |
|
20.07.2017, 20:14
| #6 |
| | Malwarebytes zeigt Funde an auf PC vom Vater er zeigt nur: no founds an bin dann auf den Report, und das war das |
|
20.07.2017, 20:15
| #7 |
| /// TB-Ausbilder | Malwarebytes zeigt Funde an auf PC vom Vater Servus, Schritt 1 Downloade Dir bitte AdwCleaner auf deinen Desktop (Bebilderte Anleitung).
Schritt 2
Schritt 3 Downloade Dir bitte Malwarebytes Anti-Malware 3 (Bebilderte Anleitung)
Schritt 4
Bitte poste mit deiner nächsten Antwort
|
|
20.07.2017, 20:21
| #8 |
| | Malwarebytes zeigt Funde an auf PC vom Vater Hallo Matthias, hatten mal geschaut, bei meinem Dad ist schon die 3. Version drauf von Malwarebytes. die zweier nicht mehr. mach mit Addware nun weiter |
|
20.07.2017, 20:23
| #9 | |
| /// TB-Ausbilder | Malwarebytes zeigt Funde an auf PC vom VaterZitat:
|
|
20.07.2017, 21:14
| #10 |
| | Malwarebytes zeigt Funde an auf PC vom Vater reicht dann die Aktualisierung oder komplett deinstallieren und das removal-Tool benutzen? addware: Code:
ATTFilter # AdwCleaner 7.0.0.0 - Logfile created on Thu Jul 20 19:30:10 2017
# Updated on 2017/17/07 by Malwarebytes
# Running on Windows 10 Pro (X64)
# Mode: clean
# Support: https://www.malwarebytes.com/support
***** [ Services ] *****
No malicious services deleted.
***** [ Folders ] *****
Deleted: C:\Users\Siggi\AppData\Local\YSearchUtil
Deleted: C:\Program Files (x86)\Yahoo!\yset
Deleted: C:\Program Files (x86)\Chip Digital GmbH
***** [ Files ] *****
No malicious files deleted.
***** [ DLL ] *****
No malicious DLLs cleaned.
***** [ WMI ] *****
No malicious WMI cleaned.
***** [ Shortcuts ] *****
No malicious shortcuts cleaned.
***** [ Tasks ] *****
No malicious tasks deleted.
***** [ Registry ] *****
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Yahoo! SearchSet
Deleted: [Value] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext|DisableAddonLoadTimePerformanceNotifications
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries deleted.
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries deleted.
*************************
::Tracing keys deleted
::Winsock settings cleared
::Prefetch files deleted
::Proxy settings cleared
::IE policies deleted
::Chrome policies deleted
::Additional Actions: 0
*************************
C:/AdwCleaner/AdwCleaner[S0].txt - [1305 B] - [2017/7/20 19:27:56]
########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt ##########
Code:
ATTFilter Malwarebytes
www.malwarebytes.com
-Protokolldetails-
Scan-Datum: 20.07.17
Scan-Zeit: 21:38
Protokolldatei: malware.txt
Administrator: Ja
-Softwaredaten-
Version: 3.0.6.1469
Komponentenversion: 1.0.103
Version des Aktualisierungspakets: 1.0.2405
Lizenz: Kostenlos
-Systemdaten-
Betriebssystem: Windows 10
CPU: x64
Dateisystem: NTFS
Benutzer: Siggi-PC\Siggi
-Scan-Übersicht-
Scan-Typ: Bedrohungs-Scan
Ergebnis: Abgeschlossen
Gescannte Objekte: 508111
Abgelaufene Zeit: 21 Min., 59 Sek.
-Scan-Optionen-
Speicher: Aktiviert
Start: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Aktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert
-Scan-Details-
Prozess: 0
(keine bösartigen Elemente erkannt)
Modul: 0
(keine bösartigen Elemente erkannt)
Registrierungsschlüssel: 0
(keine bösartigen Elemente erkannt)
Registrierungswert: 0
(keine bösartigen Elemente erkannt)
Registrierungsdaten: 0
(keine bösartigen Elemente erkannt)
Daten-Stream: 0
(keine bösartigen Elemente erkannt)
Ordner: 0
(keine bösartigen Elemente erkannt)
Datei: 0
(keine bösartigen Elemente erkannt)
Physischer Sektor: 0
(keine bösartigen Elemente erkannt)
(end)
Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 18-07-2017
durchgeführt von Siggi (Administrator) auf SIGGI-PC (20-07-2017 22:05:25)
Gestartet von C:\Users\Siggi\Desktop
Geladene Profile: Siggi (Verfügbare Profile: Siggi & Administrator & DefaultAppPool)
Platform: Windows 10 Pro Version 1607 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\WINDOWS\System32\nvvsvc.exe
(G DATA Software AG) C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\WINDOWS\System32\nvvsvc.exe
(G Data Software AG) C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKWCtlx64.exe
(G DATA Software AG) C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe
(Microsoft Corporation) C:\WINDOWS\System32\mqsvc.exe
(Nalpeiron Ltd.) C:\WINDOWS\SysWOW64\nlssrv32.exe
(Protexis Inc.) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
(Michal Trojnara) C:\Program Files (x86)\stunnel\bin\stunnel.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe
(Microsoft Corporation) C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(G Data Software AG) C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFwSvcx64.exe
(Microsoft Corporation) C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesApp64.exe
(G DATA Software AG) C:\Program Files (x86)\G Data\InternetSecurity\AVKTray\AVKTray.exe
(G DATA Software AG) C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFirewallTray.exe
(G DATA Software AG) C:\Program Files (x86)\Common Files\G Data\AVKProxy\GDKBFltExe32.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avguix.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(G DATA Software AG) C:\Program Files (x86)\Common Files\G Data\AVKProxy\GDKBFltSur64.exe
(Microsoft Corporation) C:\WINDOWS\System32\InstallAgent.exe
(Microsoft Corporation) C:\WINDOWS\System32\InstallAgentUserBroker.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbam.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation) C:\WINDOWS\System32\CompatTelRunner.exe
(Microsoft Corporation) C:\WINDOWS\System32\smartscreen.exe
(Microsoft Corporation) C:\WINDOWS\System32\dllhost.exe
(Microsoft Corporation) C:\WINDOWS\System32\dllhost.exe
==================== Registry (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [472984 2013-06-03] (Adobe Systems Incorporated)
HKLM\...\Run: [ACPW07DE] => C:\Program Files\ACD Systems\ACDSee Pro\7.0\acdIDInTouch2.exe [2076616 2016-04-15] (ACD Systems)
HKLM-x32\...\Run: [G Data ASM] => C:\Program Files (x86)\G DATA\InternetSecurity\DelayLoader\AutorunDelayLoader.exe [442856 2017-06-08] (G DATA Software AG)
HKLM-x32\...\Run: [AvgUi] => C:\Program Files (x86)\AVG\Framework\Common\avguirna.exe [240400 2016-12-06] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2017-03-15] (Oracle Corporation)
HKLM\...\Winlogon: [Userinit] C:\Windows\System32\userinit.exe,,
HKU\S-1-5-21-2441953047-3725558795-4123501198-1001\...\Run: [ACDSeeCommander19] => C:\Program Files (x86)\ACD Systems\ACDSee\19.0\ACDSeeCommander19.exe [2956472 2016-07-22] ()
IFEO: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\AcroRd32.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\actioncammoviecreator.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\adobe air application installer.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\consumer_cpl.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\desktopshortcut_6e16623549f34dfaa1021e86675abd11.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\excel.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\hostingmanager.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\msoxmled.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\mstore.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\offdiag.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\ois.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\onenote.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\onenotem.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\pmbbrowser.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\pmbinit.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\powerpnt.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\prefutil.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\programmenushortcu_6e16623549f34dfaa1021e86675abd11.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\startupshortcut_6e16623549f34dfaa1021e86675abd11.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\winword.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
SSODL: EldosMountNotificator-cbfs5 - {36E77381-D390-4622-B570-E6BB8BE669A9} - C:\WINDOWS\system32\cbfsMntNtf5.dll (EldoS Corporation)
SSODL-x32: EldosMountNotificator-cbfs5 - {36E77381-D390-4622-B570-E6BB8BE669A9} - C:\WINDOWS\SysWOW64\cbfsMntNtf5.dll (EldoS Corporation)
Startup: C:\Users\Siggi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\EOS Utility.lnk [2017-07-20]
ShortcutTarget: EOS Utility.lnk -> C:\Program Files (x86)\Canon\EOS Utility\EOS Utility.exe (Canon INC.)
Startup: C:\Users\Siggi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk [2017-07-20]
ShortcutTarget: OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk -> G:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)
Startup: C:\Users\Siggi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Telekom Hosting Manager.lnk [2017-04-20]
ShortcutTarget: Telekom Hosting Manager.lnk -> C:\Program Files\Telekom\Telekom Hosting Manager\HostingManager.exe (Deutsche Telekom AG)
Startup: C:\Users\Siggi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Z Cinema.lnk [2016-07-22]
ShortcutTarget: Z Cinema.lnk -> C:\Users\Siggi\AppData\Roaming\Microsoft\Installer\{6E166235-49F3-4DFA-A102-1E86675ABD11}\StartupShortcut_6E16623549F34DFAA1021E86675ABD11.exe (Macrovision Corporation)
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{08536f8b-cf5c-4c23-bc90-f5eafdf61c54}: [DhcpNameServer] 0.0.0.0
Tcpip\..\Interfaces\{354f3174-9170-4742-9093-966c7b43f1ab}: [DhcpNameServer] 0.0.0.0
Tcpip\..\Interfaces\{D201511E-653C-4065-91AE-A347124A873B}: [DhcpNameServer] 0.0.0.0
Tcpip\..\Interfaces\{e51692d9-6dc9-4d89-a023-d55cd16e0531}: [DhcpNameServer] 192.168.2.1
Internet Explorer:
==================
HKU\S-1-5-21-2441953047-3725558795-4123501198-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://de.yahoo.com/?fr=yset_ie_syc_oracle&type=orcl_hpset
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2441953047-3725558795-4123501198-1001 -> {445BC4F7-F1D0-43F9-BF31-C8479D85BF02} URL = hxxp://go.web.de/tb/ie_searchplugin/?q={searchTerms}&enc=UTF-8
SearchScopes: HKU\S-1-5-21-2441953047-3725558795-4123501198-1001 -> {769E16E6-6B87-4EF3-9691-15AD1A84707D} URL = hxxp://go.1und1.de/tb/ie_searchplugin/?q={searchTerms}&enc=UTF-8
SearchScopes: HKU\S-1-5-21-2441953047-3725558795-4123501198-1001 -> {AE63A9B2-5258-45B6-9416-143F95A601F6} URL = hxxp://go.gmx.de/tb/ie_searchplugin/?q={searchTerms}&enc=UTF-8
SearchScopes: HKU\S-1-5-21-2441953047-3725558795-4123501198-1001 -> {DADBACC7-BC79-4803-9936-645B4E9A55AB} URL = hxxp://go.mail.com/tb/en-us/ie_searchplugin/?q={searchTerms}&enc=UTF-8
SearchScopes: HKU\S-1-5-21-2441953047-3725558795-4123501198-1001 -> {FE795473-12B7-4B26-9A36-8DA743D61DD9} URL = hxxps://de.search.yahoo.com/search?p={searchTerms}&intl=de&fr=yset_ie_syc_oracle&type=orcl_default&partnerexternal-oracle=external-oracle
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_131\bin\ssv.dll [2017-05-21] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_131\bin\jp2ssv.dll [2017-05-21] (Oracle Corporation)
FireFox:
========
FF DefaultProfile: lvuepr2z.default-1493229345721
FF ProfilePath: C:\Users\Siggi\AppData\Roaming\Mozilla\Firefox\Profiles\lvuepr2z.default-1493229345721 [2017-07-20]
FF Homepage: Mozilla\Firefox\Profiles\lvuepr2z.default-1493229345721 -> hxxp://www.siggi-hasenthal.de/
FF Extension: (Adblock Plus) - C:\Users\Siggi\AppData\Roaming\Mozilla\Firefox\Profiles\lvuepr2z.default-1493229345721\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2017-06-08]
FF HKU\S-1-5-21-2441953047-3725558795-4123501198-1001\...\Firefox\Extensions: [cliqz@cliqz.com] - C:\Users\Siggi\AppData\Roaming\Mozilla\Firefox\Profiles\wioilx3e.default\extensions\cliqz@cliqz.com => nicht gefunden
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_26_0_0_131.dll [2017-06-17] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin: @wacom.com/wtPlugin,version=2.1.0.7 -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom)
FF Plugin: wacom.com/WacomTabletPlugin -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_26_0_0_131.dll [2017-06-17] ()
FF Plugin-x32: @java.com/DTPlugin,version=11.131.2 -> C:\Program Files (x86)\Java\jre1.8.0_131\bin\dtplugin\npDeployJava1.dll [2017-05-21] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.131.2 -> C:\Program Files (x86)\Java\jre1.8.0_131\bin\plugin2\npjp2.dll [2017-05-21] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll [2010-04-26] (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2016-11-14] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2016-11-14] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-05-23] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-05-23] (Google Inc.)
FF Plugin-x32: @wacom.com/wtPlugin,version=2.1.0.7 -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2016-12-17] (Adobe Systems Inc.)
FF Plugin-x32: wacom.com/WacomTabletPlugin -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom)
Chrome:
=======
CHR DefaultProfile: Default
CHR StartupUrls: Default -> "hxxp://www.siggi-hasenthal.de/"
CHR DefaultSearchURL: Default -> hxxps://de.search.yahoo.com/search?p={searchTerms}&fr=yset_chr_syc_oracle&type=default
CHR DefaultSearchKeyword: Default -> Yahoo
CHR DefaultSuggestURL: Default -> hxxps://de.search.yahoo.com/sugg/ie?output=fxjson&command={searchTerms}&nResults=10
CHR Profile: C:\Users\Siggi\AppData\Local\Google\Chrome\User Data\Default [2017-07-20]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Siggi\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-04-15]
CHR Extension: (Chrome Media Router) - C:\Users\Siggi\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-07-15]
CHR HKLM-x32\...\Chrome\Extension: [ibbfklbaljofpaanmpaeadejijfdddco] - hxxps://clients2.google.com/service/update2/crx
==================== Dienste (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 avgsvc; C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe [1146128 2016-12-06] (AVG Technologies CZ, s.r.o.)
R2 AVKProxy; C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe [5017224 2017-06-23] (G DATA Software AG)
R2 AVKWCtl; C:\Program Files (x86)\G DATA\InternetSecurity\AVK\AVKWCtlx64.exe [3328112 2017-06-08] (G Data Software AG)
S3 GDBackupSvc; C:\Program Files (x86)\G DATA\InternetSecurity\AVKBackup\AVKBackupService.exe [3997160 2017-06-23] (G DATA Software AG)
R3 GDFwSvc; C:\Program Files (x86)\G DATA\InternetSecurity\Firewall\GDFwSvcx64.exe [3419552 2017-06-08] (G Data Software AG)
R3 GDScan; C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe [884328 2017-06-08] (G DATA Software AG)
S4 HGESVR; C:\Program Files\Telekom\Telekom Hosting Manager\HGE.Service.exe [18232 2013-03-18] (Deutsche Telekom AG)
R3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [4355024 2017-01-20] (Malwarebytes)
R2 nlsX86cc; C:\Windows\SysWOW64\nlssrv32.exe [66560 2011-09-22] (Nalpeiron Ltd.) [Datei ist nicht signiert]
S4 PMBDeviceInfoProvider; C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe [506960 2015-12-26] (Sony Corporation)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [2889896 2016-09-15] (Microsoft Corporation)
R2 stunnel; C:\Program Files (x86)\stunnel\bin\stunnel.exe [200192 2016-07-17] (Michal Trojnara) [Datei ist nicht signiert]
S4 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [10883824 2017-03-17] (TeamViewer GmbH)
R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe [5906704 2017-02-21] (AVG Technologies CZ, s.r.o.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347320 2017-04-28] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103712 2017-04-28] (Microsoft Corporation)
S4 WTabletServiceCon; C:\Program Files\Tablet\Pen\WTabletServiceCon.exe [656664 2014-08-19] (Wacom Technology, Corp.)
S4 chip1click; "C:\Program Files (x86)\Chip Digital GmbH\chip1click\chip 1-click installer.exe" [X]
===================== Treiber (Nicht auf der Ausnahmeliste) ======================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
S3 anvsnddrv; C:\WINDOWS\system32\drivers\anvsnddrv.sys [33872 2012-05-17] (AnvSoft Inc.)
R1 cbfs5; C:\WINDOWS\system32\drivers\cbfs5.sys [416448 2014-01-23] (EldoS Corporation)
S3 flex1500; C:\WINDOWS\System32\drivers\flex1500.sys [265312 2012-11-29] (Jungo)
S3 flex1500; C:\Windows\SysWOW64\drivers\flex1500.sys [265312 2012-11-29] (Jungo)
R0 GDBehave; C:\WINDOWS\System32\drivers\GDBehave.sys [200728 2017-07-20] (G Data Software AG)
S0 GDElam; C:\WINDOWS\System32\DRIVERS\GDElam.sys [117904 2017-02-20] (G Data Software AG)
R3 GDKBB; C:\WINDOWS\system32\drivers\GDKBB64.sys [46104 2017-07-20] (G Data Software AG)
R3 GDKBFlt; C:\WINDOWS\system32\drivers\GDKBFlt64.sys [38984 2017-07-20] (G DATA Software AG)
R1 GDMnIcpt; C:\WINDOWS\system32\drivers\MiniIcpt.sys [309784 2017-07-20] (G Data Software AG)
R3 GDPkIcpt; C:\WINDOWS\system32\drivers\PktIcpt.sys [162328 2017-07-20] (G Data Software AG)
R1 gdwfpcd; C:\WINDOWS\System32\drivers\gdwfpcd64.sys [86584 2017-07-20] (G DATA Software AG)
S3 GRD; C:\WINDOWS\system32\drivers\GRD.sys [125640 2017-07-20] (G Data Software)
R1 HookCentre; C:\WINDOWS\system32\drivers\HookCentre.sys [157720 2017-07-20] (G Data Software AG)
S3 libusb0; C:\WINDOWS\System32\DRIVERS\libusb0.sys [52832 2014-08-25] (hxxp://libusb-win32.sourceforge.net)
S3 libusbK; C:\WINDOWS\System32\DRIVERS\libusbK.sys [47200 2014-08-25] (hxxp://libusb-win32.sourceforge.net)
R0 MBAMSwissArmy; C:\WINDOWS\System32\drivers\MBAMSwissArmy.sys [251832 2017-07-20] (Malwarebytes)
S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
R0 PxHlpa64; C:\WINDOWS\System32\Drivers\PxHlpa64.sys [56336 2013-07-19] (Corel Corporation)
R1 RrNetCapFilterDriver; C:\WINDOWS\system32\DRIVERS\RrNetCapFilterDriver.sys [34608 2017-01-25] (Audials AG)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [589824 2016-07-16] (Realtek )
R3 SKYNET; C:\WINDOWS\System32\drivers\SkyNET_AMD64.SYS [617048 2010-05-10] (TechniSat Digital, S.A.)
R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesDriver64.sys [32304 2016-06-01] (AVG Netherlands B.V.)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)
R3 ZCinema_TSHD_x64; C:\WINDOWS\system32\drivers\ZCinema_SRS_amd64.sys [21648 2007-08-22] (SRS Labs, Inc.)
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2017-07-20 22:03 - 2017-07-20 22:03 - 00001235 _____ C:\Users\Siggi\Desktop\malware.txt
2017-07-20 21:24 - 2017-07-20 21:30 - 00000000 ____D C:\AdwCleaner
2017-07-20 21:23 - 2017-07-20 21:24 - 08162248 _____ (Malwarebytes) C:\Users\Siggi\Desktop\adwcleaner_7.0.0.0.exe
2017-07-20 20:57 - 2017-07-20 21:07 - 00005352 _____ C:\TDSSKiller.3.1.0.15_20.07.2017_20.57.22_log.txt
2017-07-20 20:45 - 2017-07-20 20:55 - 00275474 _____ C:\TDSSKiller.3.1.0.15_20.07.2017_20.45.50_log.txt
2017-07-20 20:45 - 2017-07-20 20:45 - 04922400 _____ (AO Kaspersky Lab) C:\Users\Siggi\Desktop\tdsskiller.exe
2017-07-20 17:10 - 2017-07-20 17:36 - 00000000 ____D C:\Users\Siggi\Desktop\2017_07_20
2017-07-20 14:07 - 2017-07-20 14:07 - 00125640 _____ (G Data Software) C:\WINDOWS\system32\Drivers\GRD.sys
2017-07-20 14:07 - 2017-07-20 14:07 - 00037544 _____ (G DATA Software) C:\WINDOWS\system32\Drivers\GdPhyMem.sys
2017-07-20 08:13 - 2017-07-20 08:13 - 00002133 _____ C:\Users\Public\Desktop\G DATA INTERNET SECURITY.lnk
2017-07-20 08:13 - 2017-07-20 08:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\G DATA INTERNET SECURITY
2017-07-20 08:12 - 2017-07-20 08:12 - 00086584 _____ (G DATA Software AG) C:\WINDOWS\system32\Drivers\gdwfpcd64.sys
2017-07-20 08:12 - 2017-07-20 08:12 - 00046104 _____ (G Data Software AG) C:\WINDOWS\system32\Drivers\GDKBB64.sys
2017-07-20 08:12 - 2017-07-20 08:12 - 00038984 _____ (G DATA Software AG) C:\WINDOWS\system32\Drivers\GDKBFlt64.sys
2017-07-20 08:10 - 2017-07-20 08:10 - 00309784 _____ (G Data Software AG) C:\WINDOWS\system32\Drivers\MiniIcpt.sys
2017-07-20 08:10 - 2017-07-20 08:10 - 00200728 _____ (G Data Software AG) C:\WINDOWS\system32\Drivers\GDBehave.sys
2017-07-20 08:10 - 2017-07-20 08:10 - 00162328 _____ (G Data Software AG) C:\WINDOWS\system32\Drivers\PktIcpt.sys
2017-07-20 08:10 - 2017-07-20 08:10 - 00157720 _____ (G Data Software AG) C:\WINDOWS\system32\Drivers\HookCentre.sys
2017-07-20 07:31 - 2017-07-20 07:32 - 14890128 _____ (G DATA Software AG) C:\Users\Siggi\Downloads\GDATA_INTERNETSECURITY_WEB_WEU.exe
2017-07-19 10:57 - 2017-07-20 22:06 - 00019977 _____ C:\Users\Siggi\Desktop\FRST.txt
2017-07-19 10:55 - 2017-07-19 10:56 - 02382336 _____ (Farbar) C:\Users\Siggi\Desktop\FRST64.exe
2017-07-19 10:54 - 2017-07-19 10:54 - 02382336 _____ (Farbar) C:\Users\Siggi\Downloads\FRST64.exe
2017-07-19 10:52 - 2017-07-19 10:52 - 00003142 _____ C:\Users\Siggi\Desktop\malwarebytes.txt
2017-07-12 11:55 - 2017-07-07 09:29 - 05686272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2017-07-12 11:55 - 2017-07-07 08:54 - 02997248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2017-07-12 11:55 - 2017-07-07 08:53 - 02483200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2017-07-12 11:55 - 2017-07-07 08:52 - 01599488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2017-07-12 11:55 - 2017-06-21 09:28 - 01504056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2017-07-12 11:55 - 2017-06-21 09:27 - 01431232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2017-07-12 11:55 - 2017-06-21 09:27 - 00116576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudExperienceHostCommon.dll
2017-07-12 11:55 - 2017-06-21 09:01 - 00141824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Radios.dll
2017-07-12 11:55 - 2017-06-21 09:00 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDeviceRegistration.dll
2017-07-12 11:55 - 2017-06-21 08:59 - 00285184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.BlockedShutdown.dll
2017-07-12 11:55 - 2017-06-21 08:59 - 00123904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.HostName.dll
2017-07-12 11:55 - 2017-06-21 08:58 - 00129024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.SerialCommunication.dll
2017-07-12 11:55 - 2017-06-21 08:58 - 00094208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryClient.dll
2017-07-12 11:55 - 2017-06-21 08:58 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.ServiceDiscovery.Dnssd.dll
2017-07-12 11:55 - 2017-06-21 08:56 - 00374784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.LowLevel.dll
2017-07-12 11:55 - 2017-06-21 08:56 - 00315904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Gaming.XboxLive.Storage.dll
2017-07-12 11:55 - 2017-06-21 08:56 - 00237056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SyncSettings.dll
2017-07-12 11:55 - 2017-06-21 08:56 - 00231936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.LockScreen.dll
2017-07-12 11:55 - 2017-06-21 08:56 - 00180224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
2017-07-12 11:55 - 2017-06-21 08:56 - 00113152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Lights.dll
2017-07-12 11:55 - 2017-06-21 08:55 - 00557568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll
2017-07-12 11:55 - 2017-06-21 08:55 - 00117760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AuthBroker.dll
2017-07-12 11:55 - 2017-06-21 08:55 - 00115712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Core.dll
2017-07-12 11:55 - 2017-06-21 08:54 - 00609280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Import.dll
2017-07-12 11:55 - 2017-06-21 08:54 - 00298496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2017-07-12 11:55 - 2017-06-21 08:54 - 00223232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgentUserBroker.exe
2017-07-12 11:55 - 2017-06-21 08:53 - 00431616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\efswrt.dll
2017-07-12 11:55 - 2017-06-21 08:53 - 00332288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Bluetooth.dll
2017-07-12 11:55 - 2017-06-21 08:53 - 00284672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apprepsync.dll
2017-07-12 11:55 - 2017-06-21 08:53 - 00218624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WwaApi.dll
2017-07-12 11:55 - 2017-06-21 08:53 - 00175616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Scanners.dll
2017-07-12 11:55 - 2017-06-21 08:53 - 00125952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apprepapi.dll
2017-07-12 11:55 - 2017-06-21 08:52 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Picker.dll
2017-07-12 11:55 - 2017-06-21 08:51 - 00314368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Usb.dll
2017-07-12 11:55 - 2017-06-21 08:50 - 00857600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EmailApis.dll
2017-07-12 11:55 - 2017-06-21 08:48 - 02333184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmSvc.dll
2017-07-12 11:55 - 2017-06-21 08:44 - 00795648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MiracastReceiver.dll
2017-07-12 11:55 - 2017-06-21 08:44 - 00343040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToDevice.dll
2017-07-12 11:55 - 2017-06-21 08:43 - 00653312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.AccountsControl.dll
2017-07-12 11:55 - 2017-06-21 08:43 - 00468992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.InkControls.dll
2017-07-12 11:55 - 2017-06-21 08:40 - 00895488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Streaming.dll
2017-07-12 11:55 - 2017-06-21 08:40 - 00675840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.dll
2017-07-12 11:55 - 2017-06-21 08:40 - 00220672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToReceiver.dll
2017-07-12 11:55 - 2017-06-21 08:38 - 01221120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Audio.dll
2017-07-12 11:55 - 2017-06-21 08:37 - 00357376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Geolocation.dll
2017-07-12 11:55 - 2017-06-21 08:37 - 00103936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Devices.dll
2017-07-12 11:55 - 2017-06-21 08:36 - 01988096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2017-07-12 11:55 - 2017-06-21 08:35 - 01656320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Perception.dll
2017-07-12 11:55 - 2017-06-21 08:35 - 01232384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Maps.dll
2017-07-12 11:55 - 2017-06-21 08:35 - 00598528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.dll
2017-07-12 11:55 - 2017-06-21 08:35 - 00589312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Sensors.dll
2017-07-12 11:55 - 2017-06-21 08:34 - 00654336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MbaeApiPublic.dll
2017-07-12 11:55 - 2017-06-21 08:34 - 00542208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.Connectivity.dll
2017-07-12 11:55 - 2017-03-04 08:20 - 00426496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Wallet.dll
2017-07-12 11:55 - 2017-03-04 08:19 - 00498688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mbsmsapi.dll
2017-07-12 11:55 - 2016-10-05 11:15 - 00141312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dialclient.dll
2017-07-12 11:55 - 2016-09-15 18:58 - 00092672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Background.SystemEventsBroker.dll
2017-07-12 11:54 - 2017-07-07 09:49 - 00340824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2017-07-12 11:54 - 2017-07-07 09:46 - 00781152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2017-07-12 11:54 - 2017-07-07 09:45 - 02263832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2017-07-12 11:54 - 2017-07-07 09:44 - 00108896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys
2017-07-12 11:54 - 2017-07-07 09:40 - 20967840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2017-07-12 11:54 - 2017-07-07 09:37 - 00468320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netio.sys
2017-07-12 11:54 - 2017-07-07 09:37 - 00118112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tdx.sys
2017-07-12 11:54 - 2017-07-07 09:29 - 02759712 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2017-07-12 11:54 - 2017-07-07 09:29 - 00857440 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2017-07-12 11:54 - 2017-07-07 09:24 - 22220856 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2017-07-12 11:54 - 2017-07-07 09:23 - 00241504 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHost.dll
2017-07-12 11:54 - 2017-07-07 09:20 - 00059904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\l2gpstore.dll
2017-07-12 11:54 - 2017-07-07 09:19 - 00081408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2017-07-12 11:54 - 2017-07-07 09:19 - 00025088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eapprovp.dll
2017-07-12 11:54 - 2017-07-07 09:18 - 02532192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2017-07-12 11:54 - 2017-07-07 09:18 - 00450560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastls.dll
2017-07-12 11:54 - 2017-07-07 09:18 - 00210432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\onex.dll
2017-07-12 11:54 - 2017-07-07 09:18 - 00057400 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsass.exe
2017-07-12 11:54 - 2017-07-07 09:17 - 00118784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\raschap.dll
2017-07-12 11:54 - 2017-07-07 09:14 - 00270336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2017-07-12 11:54 - 2017-07-07 09:14 - 00126464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
2017-07-12 11:54 - 2017-07-07 09:13 - 00364544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupShim.dll
2017-07-12 11:54 - 2017-07-07 09:13 - 00310272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Wldap32.dll
2017-07-12 11:54 - 2017-07-07 09:11 - 00340480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2017-07-12 11:54 - 2017-07-07 09:10 - 00755200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2017-07-12 11:54 - 2017-07-07 09:09 - 00637952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SmartcardCredentialProvider.dll
2017-07-12 11:54 - 2017-07-07 09:09 - 00506368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2017-07-12 11:54 - 2017-07-07 09:06 - 18364928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2017-07-12 11:54 - 2017-07-07 09:06 - 07626752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2017-07-12 11:54 - 2017-07-07 09:05 - 19414528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2017-07-12 11:54 - 2017-07-07 09:03 - 00337408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msinfo32.exe
2017-07-12 11:54 - 2017-07-07 09:02 - 01313280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wdc.dll
2017-07-12 11:54 - 2017-07-07 09:00 - 12187136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2017-07-12 11:54 - 2017-07-07 09:00 - 00476160 _____ (Microsoft® Windows® Operating System) C:\WINDOWS\SysWOW64\wvc.dll
2017-07-12 11:54 - 2017-07-07 08:57 - 00691712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2017-07-12 11:54 - 2017-07-07 08:56 - 06035456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2017-07-12 11:54 - 2017-07-07 08:55 - 04423680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll
2017-07-12 11:54 - 2017-07-07 08:55 - 03664896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2017-07-12 11:54 - 2017-07-07 08:55 - 01571840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2017-07-12 11:54 - 2017-07-07 08:54 - 02027008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2017-07-12 11:54 - 2017-07-07 08:52 - 04561408 _____ (Microsoft) C:\WINDOWS\SysWOW64\dbgeng.dll
2017-07-12 11:54 - 2017-07-07 08:52 - 01413632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OpcServices.dll
2017-07-12 11:54 - 2017-07-07 08:48 - 00071680 _____ (Microsoft Corporation) C:\WINDOWS\system32\l2gpstore.dll
2017-07-12 11:54 - 2017-07-07 08:48 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\eapprovp.dll
2017-07-12 11:54 - 2017-07-07 08:46 - 00231424 _____ (Microsoft Corporation) C:\WINDOWS\system32\shutdownux.dll
2017-07-12 11:54 - 2017-07-07 08:45 - 00223744 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2017-07-12 11:54 - 2017-07-07 08:44 - 00502784 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastls.dll
2017-07-12 11:54 - 2017-07-07 08:44 - 00238592 _____ (Microsoft Corporation) C:\WINDOWS\system32\onex.dll
2017-07-12 11:54 - 2017-07-07 08:44 - 00137728 _____ (Microsoft Corporation) C:\WINDOWS\system32\raschap.dll
2017-07-12 11:54 - 2017-07-07 08:43 - 00387584 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2017-07-12 11:54 - 2017-07-07 08:43 - 00088576 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2017-07-12 11:54 - 2017-07-07 08:39 - 00282624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb10.sys
2017-07-12 11:54 - 2017-07-07 08:35 - 01397760 _____ (Microsoft Corporation) C:\WINDOWS\system32\wdc.dll
2017-07-12 11:54 - 2017-07-07 08:33 - 00576000 _____ (Microsoft® Windows® Operating System) C:\WINDOWS\system32\wvc.dll
2017-07-12 11:54 - 2017-07-07 08:30 - 13090816 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2017-07-12 11:54 - 2017-07-07 08:28 - 02096640 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2017-07-12 11:54 - 2017-07-07 08:28 - 00759296 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2017-07-12 11:54 - 2017-07-07 08:27 - 08120832 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2017-07-12 11:54 - 2017-07-07 08:24 - 04744704 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2017-07-12 11:54 - 2017-07-07 08:24 - 01783296 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2017-07-12 11:54 - 2017-07-07 08:24 - 01513472 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2017-07-12 11:54 - 2017-07-06 06:29 - 00690008 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcp120_clr0400.dll
2017-07-12 11:54 - 2017-06-22 08:17 - 00987840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcr120_clr0400.dll
2017-07-12 11:54 - 2017-06-22 08:17 - 00485576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcp120_clr0400.dll
2017-07-12 11:54 - 2017-06-21 10:18 - 01470816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppVEntSubsystems32.dll
2017-07-12 11:54 - 2017-06-21 09:54 - 00603488 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContentDeliveryManager.Utilities.dll
2017-07-12 11:54 - 2017-06-21 09:53 - 00794928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Shell.Broker.dll
2017-07-12 11:54 - 2017-06-21 09:52 - 02213760 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2017-07-12 11:54 - 2017-06-21 09:52 - 00774224 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2017-07-12 11:54 - 2017-06-21 09:52 - 00088416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\scmbus.sys
2017-07-12 11:54 - 2017-06-21 09:52 - 00081760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\stornvme.sys
2017-07-12 11:54 - 2017-06-21 09:51 - 02255712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2017-07-12 11:54 - 2017-06-21 09:42 - 01573280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2017-07-12 11:54 - 2017-06-21 09:42 - 00601712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2017-07-12 11:54 - 2017-06-21 09:41 - 01706488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2017-07-12 11:54 - 2017-06-21 09:39 - 02048496 _____ C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2017-07-12 11:54 - 2017-06-21 09:38 - 07220192 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2017-07-12 11:54 - 2017-06-21 09:38 - 01860288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2017-07-12 11:54 - 2017-06-21 09:38 - 00790752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll
2017-07-12 11:54 - 2017-06-21 09:36 - 00557408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2017-07-12 11:54 - 2017-06-21 09:36 - 00129888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBSTOR.SYS
2017-07-12 11:54 - 2017-06-21 09:33 - 00408600 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsmf.dll
2017-07-12 11:54 - 2017-06-21 09:33 - 00092512 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2017-07-12 11:54 - 2017-06-21 09:32 - 08169024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2017-07-12 11:54 - 2017-06-21 09:32 - 04260576 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2017-07-12 11:54 - 2017-06-21 09:32 - 01983408 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2017-07-12 11:54 - 2017-06-21 09:32 - 01702392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
2017-07-12 11:54 - 2017-06-21 09:32 - 01072248 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetcore.dll
2017-07-12 11:54 - 2017-06-21 09:31 - 00160096 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostBroker.dll
2017-07-12 11:54 - 2017-06-21 09:30 - 00869848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmCoreR.dll
2017-07-12 11:54 - 2017-06-21 09:30 - 00196960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ifsutil.dll
2017-07-12 11:54 - 2017-06-21 09:29 - 05722320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2017-07-12 11:54 - 2017-06-21 09:28 - 02277288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll
2017-07-12 11:54 - 2017-06-21 09:28 - 00524776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2017-07-12 11:54 - 2017-06-21 09:28 - 00170960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
2017-07-12 11:54 - 2017-06-21 09:27 - 01122344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dcomp.dll
2017-07-12 11:54 - 2017-06-21 09:27 - 00975744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll
2017-07-12 11:54 - 2017-06-21 09:27 - 00861024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2017-07-12 11:54 - 2017-06-21 09:27 - 00549088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SHCore.dll
2017-07-12 11:54 - 2017-06-21 09:26 - 00387864 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpps.dll
2017-07-12 11:54 - 2017-06-21 09:25 - 02168288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2017-07-12 11:54 - 2017-06-21 09:25 - 01980776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2017-07-12 11:54 - 2017-06-21 09:24 - 00846560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll
2017-07-12 11:54 - 2017-06-21 09:24 - 00154432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntmarta.dll
2017-07-12 11:54 - 2017-06-21 09:22 - 00361104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsmf.dll
2017-07-12 11:54 - 2017-06-21 09:21 - 06665440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2017-07-12 11:54 - 2017-06-21 09:21 - 04023552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2017-07-12 11:54 - 2017-06-21 09:21 - 01845512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2017-07-12 11:54 - 2017-06-21 09:21 - 01557808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll
2017-07-12 11:54 - 2017-06-21 09:21 - 01277856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll
2017-07-12 11:54 - 2017-06-21 09:21 - 00952416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2017-07-12 11:54 - 2017-06-21 09:21 - 00374448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFPlay.dll
2017-07-12 11:54 - 2017-06-21 09:20 - 01360464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetsrc.dll
2017-07-12 11:54 - 2017-06-21 09:20 - 00981888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetcore.dll
2017-07-12 11:54 - 2017-06-21 09:20 - 00962768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2017-07-12 11:54 - 2017-06-21 09:20 - 00312472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mftranscode.dll
2017-07-12 11:54 - 2017-06-21 09:19 - 04312248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2017-07-12 11:54 - 2017-06-21 09:06 - 00372736 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXTaskFactory.dll
2017-07-12 11:54 - 2017-06-21 09:04 - 01631232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Resources.dll
2017-07-12 11:54 - 2017-06-21 09:04 - 01631232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll
2017-07-12 11:54 - 2017-06-21 09:04 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\odbcconf.dll
2017-07-12 11:54 - 2017-06-21 09:03 - 00013312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rootmdm.sys
2017-07-12 11:54 - 2017-06-21 09:02 - 00237568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.Diagnostics.dll
2017-07-12 11:54 - 2017-06-21 09:02 - 00124928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\scmdisk0101.sys
2017-07-12 11:54 - 2017-06-21 09:02 - 00124416 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2017-07-12 11:54 - 2017-06-21 09:02 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\odbcconf.dll
2017-07-12 11:54 - 2017-06-21 09:01 - 00185344 _____ (Microsoft Corporation) C:\WINDOWS\system32\DisplayManager.dll
2017-07-12 11:54 - 2017-06-21 09:01 - 00138752 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEDataLayerHelpers.dll
2017-07-12 11:54 - 2017-06-21 09:00 - 00519168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ngccredprov.dll
2017-07-12 11:54 - 2017-06-21 09:00 - 00295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\unimdm.tsp
2017-07-12 11:54 - 2017-06-21 09:00 - 00233984 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProvisioningHandlers.dll
2017-07-12 11:54 - 2017-06-21 09:00 - 00193536 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinRtTracing.dll
2017-07-12 11:54 - 2017-06-21 09:00 - 00143360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\uudf.dll
2017-07-12 11:54 - 2017-06-21 09:00 - 00138240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DisplayManager.dll
2017-07-12 11:54 - 2017-06-21 09:00 - 00114688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Background.SystemEventsBroker.dll
2017-07-12 11:54 - 2017-06-21 09:00 - 00113664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.ServiceDiscovery.Dnssd.dll
2017-07-12 11:54 - 2017-06-21 08:59 - 00467968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Gaming.XboxLive.Storage.dll
2017-07-12 11:54 - 2017-06-21 08:59 - 00255488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\unimdm.tsp
2017-07-12 11:54 - 2017-06-21 08:59 - 00177664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.Diagnostics.dll
2017-07-12 11:54 - 2017-06-21 08:59 - 00149504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Core.dll
2017-07-12 11:54 - 2017-06-21 08:59 - 00137216 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdlrecover.exe
2017-07-12 11:54 - 2017-06-21 08:59 - 00097792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.System.SystemManagement.dll
2017-07-12 11:54 - 2017-06-21 08:58 - 00418304 _____ C:\WINDOWS\system32\Windows.Perception.Stub.dll
2017-07-12 11:54 - 2017-06-21 08:58 - 00211968 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2017-07-12 11:54 - 2017-06-21 08:58 - 00136192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinRtTracing.dll
2017-07-12 11:54 - 2017-06-21 08:58 - 00059904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.System.UserDeviceAssociation.dll
2017-07-12 11:54 - 2017-06-21 08:57 - 00505856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.WiFiDirect.dll
2017-07-12 11:54 - 2017-06-21 08:57 - 00418304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.BlockedShutdown.dll
2017-07-12 11:54 - 2017-06-21 08:57 - 00360448 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpencom.dll
2017-07-12 11:54 - 2017-06-21 08:57 - 00171520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.SerialCommunication.dll
2017-07-12 11:54 - 2017-06-21 08:57 - 00144896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Lights.dll
2017-07-12 11:54 - 2017-06-21 08:57 - 00142336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.WiFi.dll
2017-07-12 11:54 - 2017-06-21 08:57 - 00122880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sendmail.dll
2017-07-12 11:54 - 2017-06-21 08:57 - 00088576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDeviceRegistration.Ngc.dll
2017-07-12 11:54 - 2017-06-21 08:56 - 01507840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.FaceAnalysis.dll
2017-07-12 11:54 - 2017-06-21 08:56 - 00912384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.SmartCards.dll
2017-07-12 11:54 - 2017-06-21 08:56 - 00748544 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2017-07-12 11:54 - 2017-06-21 08:56 - 00719872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdiWiFi.sys
2017-07-12 11:54 - 2017-06-21 08:56 - 00590336 _____ (Microsoft Corporation) C:\WINDOWS\system32\efswrt.dll
2017-07-12 11:54 - 2017-06-21 08:56 - 00568320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.LowLevel.dll
2017-07-12 11:54 - 2017-06-21 08:56 - 00392192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Gaming.Input.dll
2017-07-12 11:54 - 2017-06-21 08:56 - 00299520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataAccountApis.dll
2017-07-12 11:54 - 2017-06-21 08:56 - 00260608 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgentUserBroker.exe
2017-07-12 11:54 - 2017-06-21 08:56 - 00216576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Scanners.dll
2017-07-12 11:54 - 2017-06-21 08:56 - 00203776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\credprovhost.dll
2017-07-12 11:54 - 2017-06-21 08:56 - 00184320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserMgrProxy.dll
2017-07-12 11:54 - 2017-06-21 08:55 - 00561664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Wallet.dll
2017-07-12 11:54 - 2017-06-21 08:55 - 00533504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FXSCOMEX.dll
2017-07-12 11:54 - 2017-06-21 08:55 - 00456192 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiobj.dll
2017-07-12 11:54 - 2017-06-21 08:55 - 00404992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dsreg.dll
2017-07-12 11:54 - 2017-06-21 08:55 - 00358912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.dll
2017-07-12 11:54 - 2017-06-21 08:55 - 00349184 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2017-07-12 11:54 - 2017-06-21 08:55 - 00310784 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncSettings.dll
2017-07-12 11:54 - 2017-06-21 08:55 - 00265728 _____ C:\WINDOWS\SysWOW64\Windows.Perception.Stub.dll
2017-07-12 11:54 - 2017-06-21 08:55 - 00252416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Identity.Provider.dll
2017-07-12 11:54 - 2017-06-21 08:55 - 00020480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\regsvr32.exe
2017-07-12 11:54 - 2017-06-21 08:54 - 01159680 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblGameSave.dll
2017-07-12 11:54 - 2017-06-21 08:54 - 00949248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.PointOfService.dll
2017-07-12 11:54 - 2017-06-21 08:54 - 00671744 _____ (Microsoft Corporation) C:\WINDOWS\system32\mbsmsapi.dll
2017-07-12 11:54 - 2017-06-21 08:54 - 00574976 _____ (Microsoft Corporation) C:\WINDOWS\system32\tileobjserver.dll
2017-07-12 11:54 - 2017-06-21 08:54 - 00483840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.AllJoyn.dll
2017-07-12 11:54 - 2017-06-21 08:54 - 00472064 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Bluetooth.dll
2017-07-12 11:54 - 2017-06-21 08:54 - 00337408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Picker.dll
2017-07-12 11:54 - 2017-06-21 08:54 - 00245760 _____ (Microsoft Corporation) C:\WINDOWS\system32\WwaApi.dll
2017-07-12 11:54 - 2017-06-21 08:54 - 00141824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\easwrt.dll
2017-07-12 11:54 - 2017-06-21 08:53 - 00642048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.InkControls.dll
2017-07-12 11:54 - 2017-06-21 08:53 - 00437248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Usb.dll
2017-07-12 11:54 - 2017-06-21 08:53 - 00390656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredProvDataModel.dll
2017-07-12 11:54 - 2017-06-21 08:53 - 00386048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.WiFiDirect.dll
2017-07-12 11:54 - 2017-06-21 08:53 - 00325120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleacc.dll
2017-07-12 11:54 - 2017-06-21 08:53 - 00284160 _____ (Microsoft Corporation) C:\WINDOWS\system32\AboveLockAppHost.dll
2017-07-12 11:54 - 2017-06-21 08:53 - 00271360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\deviceaccess.dll
2017-07-12 11:54 - 2017-06-21 08:53 - 00202752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.HumanInterfaceDevice.dll
2017-07-12 11:54 - 2017-06-21 08:53 - 00201728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExecModelClient.dll
2017-07-12 11:54 - 2017-06-21 08:53 - 00185856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Identity.Provider.dll
2017-07-12 11:54 - 2017-06-21 08:52 - 06288384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2017-07-12 11:54 - 2017-06-21 08:52 - 00963584 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebcamUi.dll
2017-07-12 11:54 - 2017-06-21 08:52 - 00410112 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevicesFlowBroker.dll
2017-07-12 11:54 - 2017-06-21 08:52 - 00352256 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsDocumentTargetPrint.dll
2017-07-12 11:54 - 2017-06-21 08:52 - 00331264 _____ (Microsoft Corporation) C:\WINDOWS\system32\NgcCtnrSvc.dll
2017-07-12 11:54 - 2017-06-21 08:52 - 00182784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BioCredProv.dll
2017-07-12 11:54 - 2017-06-21 08:51 - 00846336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WebcamUi.dll
2017-07-12 11:54 - 2017-06-21 08:51 - 00747520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Ocr.dll
2017-07-12 11:54 - 2017-06-21 08:51 - 00284672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.dll
2017-07-12 11:54 - 2017-06-21 08:51 - 00258048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsDocumentTargetPrint.dll
2017-07-12 11:54 - 2017-06-21 08:50 - 01167360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certutil.exe
2017-07-12 11:54 - 2017-06-21 08:50 - 00529920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StructuredQuery.dll
2017-07-12 11:54 - 2017-06-21 08:50 - 00297472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
2017-07-12 11:54 - 2017-06-21 08:50 - 00238080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AboveLockAppHost.dll
2017-07-12 11:54 - 2017-06-21 08:49 - 03778048 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2017-07-12 11:54 - 2017-06-21 08:49 - 02104320 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll
2017-07-12 11:54 - 2017-06-21 08:49 - 01403392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Editing.dll
2017-07-12 11:54 - 2017-06-21 08:49 - 00500224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.Printing.dll
2017-07-12 11:54 - 2017-06-21 08:49 - 00458752 _____ (Microsoft Corporation) C:\WINDOWS\system32\RTMediaFrame.dll
2017-07-12 11:54 - 2017-06-21 08:49 - 00295936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.dll
2017-07-12 11:54 - 2017-06-21 08:49 - 00288256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CryptoWinRT.dll
2017-07-12 11:54 - 2017-06-21 08:49 - 00175616 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.DeviceEncryptionHandlers.dll
2017-07-12 11:54 - 2017-06-21 08:49 - 00169984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Energy.dll
2017-07-12 11:54 - 2017-06-21 08:48 - 00395264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmenrollengine.dll
2017-07-12 11:54 - 2017-06-21 08:48 - 00336384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\azroleui.dll
2017-07-12 11:54 - 2017-06-21 08:47 - 13873664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2017-07-12 11:54 - 2017-06-21 08:47 - 07655424 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2017-07-12 11:54 - 2017-06-21 08:47 - 01105408 _____ (Microsoft Corporation) C:\WINDOWS\system32\MiracastReceiver.dll
2017-07-12 11:54 - 2017-06-21 08:47 - 00442368 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToDevice.dll
2017-07-12 11:54 - 2017-06-21 08:46 - 04615168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2017-07-12 11:54 - 2017-06-21 08:46 - 01908224 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2017-07-12 11:54 - 2017-06-21 08:46 - 01323008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_fs.dll
2017-07-12 11:54 - 2017-06-21 08:46 - 01137152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_health.dll
2017-07-12 11:54 - 2017-06-21 08:46 - 01077760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Editing.dll
2017-07-12 11:54 - 2017-06-21 08:46 - 00627200 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpaceControl.dll
2017-07-12 11:54 - 2017-06-21 08:46 - 00355328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RTMediaFrame.dll
2017-07-12 11:54 - 2017-06-21 08:46 - 00187904 _____ (Microsoft Corporation) C:\WINDOWS\system32\dialclient.dll
2017-07-12 11:54 - 2017-06-21 08:45 - 00891904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\autochk.exe
2017-07-12 11:54 - 2017-06-21 08:45 - 00471552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.BackgroundMediaPlayback.dll
2017-07-12 11:54 - 2017-06-21 08:45 - 00313856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2017-07-12 11:54 - 2017-06-21 08:45 - 00102400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\uexfat.dll
2017-07-12 11:54 - 2017-06-21 08:44 - 00535040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\untfs.dll
2017-07-12 11:54 - 2017-06-21 08:44 - 00136704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ufat.dll
2017-07-12 11:54 - 2017-06-21 08:44 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fdProxy.dll
2017-07-12 11:54 - 2017-06-21 08:43 - 01534464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.Printing.3D.dll
2017-07-12 11:54 - 2017-06-21 08:43 - 01217024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Audio.dll
2017-07-12 11:54 - 2017-06-21 08:43 - 00713216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpnapps.dll
2017-07-12 11:54 - 2017-06-21 08:43 - 00035328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cnvfat.dll
2017-07-12 11:54 - 2017-06-21 08:42 - 03307008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2017-07-12 11:54 - 2017-06-21 08:42 - 02749440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mispace.dll
2017-07-12 11:54 - 2017-06-21 08:42 - 00853504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\autofmt.exe
2017-07-12 11:54 - 2017-06-21 08:42 - 00779776 _____ (Microsoft Corporation) C:\WINDOWS\system32\cscui.dll
2017-07-12 11:54 - 2017-06-21 08:42 - 00525312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LogonController.dll
2017-07-12 11:54 - 2017-06-21 08:42 - 00470016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Playback.BackgroundMediaPlayer.dll
2017-07-12 11:54 - 2017-06-21 08:42 - 00380416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\uReFSv1.dll
2017-07-12 11:54 - 2017-06-21 08:41 - 03400704 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2017-07-12 11:54 - 2017-06-21 08:41 - 01255936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll
2017-07-12 11:54 - 2017-06-21 08:41 - 01080320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Ocr.dll
2017-07-12 11:54 - 2017-06-21 08:41 - 00983040 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcsvc.dll
2017-07-12 11:54 - 2017-06-21 08:41 - 00459776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Playback.MediaPlayer.dll
2017-07-12 11:54 - 2017-06-21 08:40 - 02641920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2017-07-12 11:54 - 2017-06-21 08:40 - 02154496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\storagewmi.dll
2017-07-12 11:54 - 2017-06-21 08:40 - 01891328 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnidui.dll
2017-07-12 11:54 - 2017-06-21 08:40 - 00901120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Bluetooth.dll
2017-07-12 11:54 - 2017-06-21 08:40 - 00611328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Printing.dll
2017-07-12 11:54 - 2017-06-21 08:40 - 00090624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll
2017-07-12 11:54 - 2017-06-21 08:39 - 08076288 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2017-07-12 11:54 - 2017-06-21 08:39 - 02538496 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2017-07-12 11:54 - 2017-06-21 08:39 - 00816640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
2017-07-12 11:54 - 2017-06-21 08:39 - 00546304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\uReFS.dll
2017-07-12 11:54 - 2017-06-21 08:39 - 00134144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ErrorDetails.dll
2017-07-12 11:54 - 2017-06-21 08:38 - 03733504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_47.dll
2017-07-12 11:54 - 2017-06-21 08:38 - 03520512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xpsrchvw.exe
2017-07-12 11:54 - 2017-06-21 08:38 - 02695680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2017-07-12 11:54 - 2017-06-21 08:38 - 02424320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Perception.dll
2017-07-12 11:54 - 2017-06-21 08:38 - 01984000 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2017-07-12 11:54 - 2017-06-21 08:38 - 01275392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Bluetooth.dll
2017-07-12 11:54 - 2017-06-21 08:38 - 00908800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
2017-07-12 11:54 - 2017-06-21 08:38 - 00886272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2017-07-12 11:54 - 2017-06-21 08:38 - 00877056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\autoconv.exe
2017-07-12 11:54 - 2017-06-21 08:38 - 00846336 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApiPublic.dll
2017-07-12 11:54 - 2017-06-21 08:38 - 00765440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Sensors.dll
2017-07-12 11:54 - 2017-06-21 08:38 - 00753152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\imapi2fs.dll
2017-07-12 11:54 - 2017-06-21 08:38 - 00709120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CPFilters.dll
2017-07-12 11:54 - 2017-06-21 08:37 - 07468544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2017-07-12 11:54 - 2017-06-21 08:37 - 06109696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll
2017-07-12 11:54 - 2017-06-21 08:37 - 00400384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToManager.dll
2017-07-12 11:54 - 2017-06-21 08:36 - 02648576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CertEnroll.dll
2017-07-12 11:54 - 2017-06-21 08:36 - 01424896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Maps.dll
2017-07-12 11:54 - 2017-06-21 08:36 - 01247232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Globalization.dll
2017-07-12 11:54 - 2017-06-21 08:36 - 00903680 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2017-07-12 11:54 - 2017-06-21 08:36 - 00701952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Connectivity.dll
2017-07-12 11:54 - 2017-06-21 08:35 - 04149248 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2017-07-12 11:54 - 2017-06-21 08:35 - 02740224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll
2017-07-12 11:54 - 2017-06-21 08:35 - 02682880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netshell.dll
2017-07-12 11:54 - 2017-06-21 08:35 - 01369088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Phone.dll
2017-07-12 11:54 - 2017-06-21 08:35 - 01170944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Speech.dll
2017-07-12 11:54 - 2017-06-21 08:35 - 00827904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll
2017-07-12 11:54 - 2017-06-21 08:35 - 00732160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MsSpellCheckingFacility.dll
2017-07-12 11:54 - 2017-06-21 08:35 - 00348160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Midi.dll
2017-07-12 11:54 - 2017-06-21 08:34 - 03299840 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstsc.exe
2017-07-12 11:54 - 2017-06-21 08:34 - 01886720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
2017-07-12 11:54 - 2017-06-21 08:34 - 00773120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2017-07-12 11:54 - 2017-06-21 08:34 - 00711168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll
2017-07-12 11:54 - 2017-06-21 08:34 - 00621056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll
2017-07-12 11:54 - 2017-06-21 08:34 - 00566784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ShareHost.dll
2017-07-12 11:54 - 2017-06-21 08:34 - 00179712 _____ (Microsoft Corporation) C:\WINDOWS\system32\tssrvlic.dll
2017-07-12 11:54 - 2017-06-21 08:33 - 01170944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Phone.dll
2017-07-12 11:54 - 2017-06-21 08:33 - 01013248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.Http.dll
2017-07-12 11:54 - 2017-06-21 08:33 - 00751104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.BackgroundTransfer.dll
2017-07-12 11:54 - 2017-06-21 08:33 - 00691200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2017-07-12 11:54 - 2017-06-21 08:33 - 00439296 _____ (Microsoft Corporation) C:\WINDOWS\system32\wksprt.exe
2017-07-12 11:54 - 2017-06-21 08:33 - 00048128 _____ (Microsoft Corporation) C:\WINDOWS\system32\tlscsp.dll
2017-07-12 11:54 - 2017-06-21 08:32 - 01556992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2017-07-12 11:54 - 2017-06-21 08:32 - 00353280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TextInputFramework.dll
2017-07-12 11:54 - 2017-06-21 08:31 - 03106304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstsc.exe
2017-07-12 11:54 - 2017-06-21 08:30 - 00038912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tlscsp.dll
2017-07-12 11:54 - 2017-06-21 08:10 - 00483840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2017-07-12 11:54 - 2017-06-20 04:42 - 00993632 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcr120_clr0400.dll
2017-07-12 11:54 - 2017-05-23 06:58 - 00448576 _____ C:\WINDOWS\system32\ApnDatabase.xml
2017-07-12 11:54 - 2017-03-04 09:10 - 00360040 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2017-07-12 11:54 - 2017-03-04 08:56 - 00263472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Storage.ApplicationData.dll
2017-07-12 11:54 - 2017-03-04 08:28 - 00279552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.HumanInterfaceDevice.dll
2017-07-12 11:54 - 2017-03-04 08:26 - 00307200 _____ (Microsoft Corporation) C:\WINDOWS\system32\PrintDialogs3D.dll
2017-07-12 11:54 - 2017-03-04 08:23 - 01145856 _____ (Microsoft Corporation) C:\WINDOWS\system32\EmailApis.dll
2017-07-12 11:54 - 2017-03-04 08:23 - 00583680 _____ (Microsoft Corporation) C:\WINDOWS\system32\PrintDialogs.dll
2017-07-12 11:54 - 2017-03-04 08:21 - 01243136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.FaceAnalysis.dll
2017-07-12 11:54 - 2017-03-04 08:21 - 00670208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.PointOfService.dll
2017-07-12 11:54 - 2017-03-04 08:20 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2017-07-12 11:54 - 2017-03-04 08:20 - 00562176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.SmartCards.dll
2017-07-12 11:54 - 2017-03-04 08:20 - 00206336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vaultcli.dll
2017-07-12 11:54 - 2017-03-04 08:18 - 00525824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintDialogs.dll
2017-07-12 11:54 - 2017-03-04 08:17 - 00864256 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnapps.dll
2017-07-12 11:54 - 2017-03-04 08:16 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2017-07-12 11:54 - 2017-03-04 08:15 - 01078784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.dll
2017-07-12 11:54 - 2017-03-04 08:14 - 00279552 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToReceiver.dll
2017-07-12 11:54 - 2017-03-04 08:12 - 04596224 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsrchvw.exe
2017-07-12 11:54 - 2017-03-04 08:02 - 02138112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll
2017-07-12 11:54 - 2016-10-15 05:45 - 01790464 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationFramework.dll
2017-07-12 11:54 - 2016-09-15 18:47 - 00134656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Energy.dll
2017-07-12 11:54 - 2016-08-27 07:12 - 00244816 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2017-07-12 11:53 - 2017-07-07 09:42 - 07781720 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2017-07-12 11:53 - 2017-07-07 09:40 - 00376672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2017-07-12 11:53 - 2017-07-07 09:32 - 00404824 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2017-07-12 11:53 - 2017-07-07 09:28 - 00223584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2017-07-12 11:53 - 2017-07-07 09:23 - 01600624 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2017-07-12 11:53 - 2017-07-07 09:18 - 01100120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys
2017-07-12 11:53 - 2017-07-07 08:58 - 07217152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2017-07-12 11:53 - 2017-07-07 08:51 - 22569984 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2017-07-12 11:53 - 2017-07-07 08:49 - 00115200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bridge.sys
2017-07-12 11:53 - 2017-07-07 08:47 - 00201728 _____ (Microsoft Corporation) C:\WINDOWS\system32\ScDeviceEnum.dll
2017-07-12 11:53 - 2017-07-07 08:46 - 00052224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpipreg.sys
2017-07-12 11:53 - 2017-07-07 08:45 - 00488960 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupShim.dll
2017-07-12 11:53 - 2017-07-07 08:45 - 00289792 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeveloperOptionsSettingsHandlers.dll
2017-07-12 11:53 - 2017-07-07 08:45 - 00276992 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2017-07-12 11:53 - 2017-07-07 08:44 - 00193536 _____ (Microsoft Corporation) C:\WINDOWS\system32\certprop.dll
2017-07-12 11:53 - 2017-07-07 08:44 - 00147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll
2017-07-12 11:53 - 2017-07-07 08:44 - 00139264 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2017-07-12 11:53 - 2017-07-07 08:43 - 01081856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2017-07-12 11:53 - 2017-07-07 08:43 - 00431616 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpAXHolder.dll
2017-07-12 11:53 - 2017-07-07 08:42 - 00805888 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2017-07-12 11:53 - 2017-07-07 08:42 - 00352256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wldap32.dll
2017-07-12 11:53 - 2017-07-07 08:36 - 00369664 _____ (Microsoft Corporation) C:\WINDOWS\system32\msinfo32.exe
2017-07-12 11:53 - 2017-07-07 08:34 - 09131008 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2017-07-12 11:53 - 2017-07-07 08:31 - 23676416 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2017-07-12 11:53 - 2017-07-07 08:29 - 04749824 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2017-07-12 11:53 - 2017-07-07 08:29 - 00932864 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2017-07-12 11:53 - 2017-07-07 08:28 - 00927744 _____ (Microsoft Corporation) C:\WINDOWS\system32\SmartcardCredentialProvider.dll
2017-07-12 11:53 - 2017-07-07 08:28 - 00589312 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2017-07-12 11:53 - 2017-07-07 08:25 - 04708864 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
2017-07-12 11:53 - 2017-07-07 08:24 - 05388800 _____ (Microsoft) C:\WINDOWS\system32\dbgeng.dll
2017-07-12 11:53 - 2017-07-07 08:24 - 03615744 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2017-07-12 11:53 - 2017-07-07 08:24 - 02895872 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2017-07-12 11:53 - 2017-07-07 08:24 - 02217472 _____ (Microsoft Corporation) C:\WINDOWS\system32\OpcServices.dll
2017-07-12 11:53 - 2017-07-07 08:22 - 01826816 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2017-07-12 11:53 - 2017-06-21 09:56 - 01405280 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntSubsystemController.dll
2017-07-12 11:53 - 2017-06-21 09:55 - 02170720 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntSubsystems64.dll
2017-07-12 11:53 - 2017-06-21 09:54 - 01669984 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVIntegration.dll
2017-07-12 11:53 - 2017-06-21 09:54 - 00822624 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVClient.exe
2017-07-12 11:53 - 2017-06-21 09:54 - 00813408 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntStreamingManager.dll
2017-07-12 11:53 - 2017-06-21 09:54 - 00758624 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVOrchestration.dll
2017-07-12 11:53 - 2017-06-21 09:54 - 00704352 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntVirtualization.dll
2017-07-12 11:53 - 2017-06-21 09:54 - 00696160 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVPublishing.dll
2017-07-12 11:53 - 2017-06-21 09:54 - 00565088 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVCatalog.dll
2017-07-12 11:53 - 2017-06-21 09:54 - 00406368 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVScripting.dll
2017-07-12 11:53 - 2017-06-21 09:52 - 01886344 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2017-07-12 11:53 - 2017-06-21 09:51 - 00434528 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2017-07-12 11:53 - 2017-06-21 09:50 - 00126304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mup.sys
2017-07-12 11:53 - 2017-06-21 09:48 - 02681200 _____ C:\WINDOWS\system32\CoreUIComponents.dll
2017-07-12 11:53 - 2017-06-21 09:47 - 00764392 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2017-07-12 11:53 - 2017-06-21 09:40 - 01069720 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2017-07-12 11:53 - 2017-06-21 09:40 - 00328008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Storage.ApplicationData.dll
2017-07-12 11:53 - 2017-06-21 09:40 - 00224096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ifsutil.dll
2017-07-12 11:53 - 2017-06-21 09:38 - 01738560 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2017-07-12 11:53 - 2017-06-21 09:37 - 02446704 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2017-07-12 11:53 - 2017-06-21 09:37 - 01369240 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcomp.dll
2017-07-12 11:53 - 2017-06-21 09:37 - 01157008 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2017-07-12 11:53 - 2017-06-21 09:37 - 00146784 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostCommon.dll
2017-07-12 11:53 - 2017-06-21 09:36 - 00624048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2017-07-12 11:53 - 2017-06-21 09:35 - 02915704 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2017-07-12 11:53 - 2017-06-21 09:35 - 01267512 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2017-07-12 11:53 - 2017-06-21 09:31 - 04674360 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2017-07-12 11:53 - 2017-06-21 09:31 - 01277824 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2017-07-12 11:53 - 2017-06-21 09:03 - 00167936 _____ (Microsoft Corporation) C:\WINDOWS\system32\uudf.dll
2017-07-12 11:53 - 2017-06-21 09:02 - 00124416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.System.SystemManagement.dll
2017-07-12 11:53 - 2017-06-21 09:01 - 00156160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Family.Client.dll
2017-07-12 11:53 - 2017-06-21 09:01 - 00108032 _____ (Microsoft Corporation) C:\WINDOWS\system32\Family.Authentication.dll
2017-07-12 11:53 - 2017-06-21 09:01 - 00015872 _____ (Microsoft Corporation) C:\WINDOWS\system32\snmptrap.exe
2017-07-12 11:53 - 2017-06-21 09:00 - 00259072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Family.SyncEngine.dll
2017-07-12 11:53 - 2017-06-21 09:00 - 00224256 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_SignInOptions.dll
2017-07-12 11:53 - 2017-06-21 09:00 - 00193536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.WiFi.dll
2017-07-12 11:53 - 2017-06-21 09:00 - 00148480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.System.Profile.RetailInfo.dll
2017-07-12 11:53 - 2017-06-21 09:00 - 00082432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.System.UserDeviceAssociation.dll
2017-07-12 11:53 - 2017-06-21 09:00 - 00073216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryBroker.dll
2017-07-12 11:53 - 2017-06-21 08:59 - 00196096 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDeviceRegistration.dll
2017-07-12 11:53 - 2017-06-21 08:59 - 00182272 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceDirectoryClient.dll
2017-07-12 11:53 - 2017-06-21 08:59 - 00136192 _____ (Microsoft Corporation) C:\WINDOWS\system32\sendmail.dll
2017-07-12 11:53 - 2017-06-21 08:59 - 00122880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryClient.dll
2017-07-12 11:53 - 2017-06-21 08:59 - 00101888 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDeviceRegistration.Ngc.dll
2017-07-12 11:53 - 2017-06-21 08:59 - 00082944 _____ (Microsoft Corporation) C:\WINDOWS\system32\KdsCli.dll
2017-07-12 11:53 - 2017-06-21 08:58 - 00547840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Gaming.Input.dll
2017-07-12 11:53 - 2017-06-21 08:58 - 00257024 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudDomainJoinDataModelServer.dll
2017-07-12 11:53 - 2017-06-21 08:58 - 00224768 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpd_ci.dll
2017-07-12 11:53 - 2017-06-21 08:58 - 00186368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Radios.dll
2017-07-12 11:53 - 2017-06-21 08:58 - 00144896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dfsc.sys
2017-07-12 11:53 - 2017-06-21 08:57 - 00651264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.AllJoyn.dll
2017-07-12 11:53 - 2017-06-21 08:57 - 00243712 _____ (Microsoft Corporation) C:\WINDOWS\system32\credprovhost.dll
2017-07-12 11:53 - 2017-06-21 08:57 - 00157696 _____ (Microsoft Corporation) C:\WINDOWS\system32\XamlTileRender.dll
2017-07-12 11:53 - 2017-06-21 08:57 - 00087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpdbusenum.dll
2017-07-12 11:53 - 2017-06-21 08:56 - 00852480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Import.dll
2017-07-12 11:53 - 2017-06-21 08:56 - 00379904 _____ (Microsoft Corporation) C:\WINDOWS\system32\apprepsync.dll
2017-07-12 11:53 - 2017-06-21 08:56 - 00324608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.LockScreen.dll
2017-07-12 11:53 - 2017-06-21 08:56 - 00268800 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserMgrProxy.dll
2017-07-12 11:53 - 2017-06-21 08:56 - 00267264 _____ (Microsoft Corporation) C:\WINDOWS\system32\vaultcli.dll
2017-07-12 11:53 - 2017-06-21 08:55 - 00407552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2017-07-12 11:53 - 2017-06-21 08:55 - 00176128 _____ (Microsoft Corporation) C:\WINDOWS\system32\apprepapi.dll
2017-07-12 11:53 - 2017-06-21 08:54 - 00247808 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExecModelClient.dll
2017-07-12 11:53 - 2017-06-21 08:54 - 00168960 _____ (Microsoft Corporation) C:\WINDOWS\system32\easwrt.dll
2017-07-12 11:53 - 2017-06-21 08:53 - 01010176 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2017-07-12 11:53 - 2017-06-21 08:53 - 00425984 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
2017-07-12 11:53 - 2017-06-21 08:53 - 00339968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.dll
2017-07-12 11:53 - 2017-06-21 08:53 - 00329728 _____ (Microsoft Corporation) C:\WINDOWS\system32\deviceaccess.dll
2017-07-12 11:53 - 2017-06-21 08:52 - 17198592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2017-07-12 11:53 - 2017-06-21 08:52 - 00956416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2017-07-12 11:53 - 2017-06-21 08:52 - 00896512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.AccountsControl.dll
2017-07-12 11:53 - 2017-06-21 08:52 - 00775168 _____ (Microsoft Corporation) C:\WINDOWS\system32\GamePanel.exe
2017-07-12 11:53 - 2017-06-21 08:52 - 00560128 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppReadiness.dll
2017-07-12 11:53 - 2017-06-21 08:51 - 00634368 _____ (Microsoft Corporation) C:\WINDOWS\system32\StructuredQuery.dll
2017-07-12 11:53 - 2017-06-21 08:51 - 00410112 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2017-07-12 11:53 - 2017-06-21 08:50 - 01054208 _____ (Microsoft Corporation) C:\WINDOWS\system32\qmgr.dll
2017-07-12 11:53 - 2017-06-21 08:50 - 00661504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll
2017-07-12 11:53 - 2017-06-21 08:49 - 01913856 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_fs.dll
2017-07-12 11:53 - 2017-06-21 08:49 - 01584128 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_health.dll
2017-07-12 11:53 - 2017-06-21 08:48 - 00968192 _____ (Microsoft Corporation) C:\WINDOWS\system32\autochk.exe
2017-07-12 11:53 - 2017-06-21 08:48 - 00112640 _____ (Microsoft Corporation) C:\WINDOWS\system32\uexfat.dll
2017-07-12 11:53 - 2017-06-21 08:47 - 00574976 _____ (Microsoft Corporation) C:\WINDOWS\system32\untfs.dll
2017-07-12 11:53 - 2017-06-21 08:47 - 00152064 _____ (Microsoft Corporation) C:\WINDOWS\system32\ufat.dll
2017-07-12 11:53 - 2017-06-21 08:47 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\fdProxy.dll
2017-07-12 11:53 - 2017-06-21 08:46 - 03290112 _____ (Microsoft Corporation) C:\WINDOWS\system32\mispace.dll
2017-07-12 11:53 - 2017-06-21 08:46 - 00925184 _____ (Microsoft Corporation) C:\WINDOWS\system32\autofmt.exe
2017-07-12 11:53 - 2017-06-21 08:46 - 00516608 _____ (Microsoft Corporation) C:\WINDOWS\system32\uReFSv1.dll
2017-07-12 11:53 - 2017-06-21 08:46 - 00039424 _____ (Microsoft Corporation) C:\WINDOWS\system32\cnvfat.dll
2017-07-12 11:53 - 2017-06-21 08:45 - 02861056 _____ (Microsoft Corporation) C:\WINDOWS\system32\storagewmi.dll
2017-07-12 11:53 - 2017-06-21 08:44 - 00588288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidprov.dll
2017-07-12 11:53 - 2017-06-21 08:44 - 00167936 _____ (Microsoft Corporation) C:\WINDOWS\system32\ErrorDetails.dll
2017-07-12 11:53 - 2017-06-21 08:43 - 00961536 _____ (Microsoft Corporation) C:\WINDOWS\system32\imapi2fs.dll
2017-07-12 11:53 - 2017-06-21 08:43 - 00953344 _____ (Microsoft Corporation) C:\WINDOWS\system32\autoconv.exe
2017-07-12 11:53 - 2017-06-21 08:43 - 00628736 _____ (Microsoft Corporation) C:\WINDOWS\system32\uReFS.dll
2017-07-12 11:53 - 2017-06-21 08:43 - 00130560 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpaceAgent.exe
2017-07-12 11:53 - 2017-06-21 08:42 - 00981504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.OnlineId.dll
2017-07-12 11:53 - 2017-06-21 08:42 - 00539136 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToManager.dll
2017-07-12 11:53 - 2017-06-21 08:42 - 00467968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Geolocation.dll
2017-07-12 11:53 - 2017-06-21 08:42 - 00139776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Devices.dll
2017-07-12 11:53 - 2017-06-21 08:42 - 00079360 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationFrameworkInternalPS.dll
2017-07-12 11:53 - 2017-06-21 08:41 - 02279424 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2017-07-12 11:53 - 2017-06-21 08:41 - 01692160 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2017-07-12 11:53 - 2017-06-21 08:41 - 01359872 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModel.dll
2017-07-12 11:53 - 2017-06-21 08:41 - 01021440 _____ (Microsoft Corporation) C:\WINDOWS\system32\usermgr.dll
2017-07-12 11:53 - 2017-06-21 08:41 - 00945664 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll
2017-07-12 11:53 - 2017-06-21 08:41 - 00913920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.dll
2017-07-12 11:53 - 2017-06-21 08:41 - 00460800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Midi.dll
2017-07-12 11:53 - 2017-06-21 08:40 - 04474368 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_47.dll
2017-07-12 11:53 - 2017-06-21 08:40 - 01586176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Globalization.dll
2017-07-12 11:53 - 2017-06-21 08:40 - 01421824 _____ (Microsoft Corporation) C:\WINDOWS\system32\certutil.exe
2017-07-12 11:53 - 2017-06-21 08:40 - 00886784 _____ (Microsoft Corporation) C:\WINDOWS\system32\CPFilters.dll
2017-07-12 11:53 - 2017-06-21 08:40 - 00376832 _____ (Microsoft Corporation) C:\WINDOWS\system32\CryptoWinRT.dll
2017-07-12 11:53 - 2017-06-21 08:39 - 02916864 _____ (Microsoft Corporation) C:\WINDOWS\system32\CertEnroll.dll
2017-07-12 11:53 - 2017-06-21 08:39 - 02208768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Printing.3D.dll
2017-07-12 11:53 - 2017-06-21 08:39 - 01643008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.dll
2017-07-12 11:53 - 2017-06-21 08:39 - 01490432 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2017-07-12 11:53 - 2017-06-21 08:39 - 00971264 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll
2017-07-12 11:53 - 2017-06-21 08:39 - 00673792 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2017-07-12 11:53 - 2017-06-21 08:38 - 05611008 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll
2017-07-12 11:53 - 2017-06-21 08:37 - 00875520 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2017-07-12 11:53 - 2017-06-21 08:37 - 00774656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.dll
2017-07-12 11:53 - 2017-06-21 08:37 - 00735744 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2017-07-12 11:53 - 2017-06-21 08:37 - 00716800 _____ (Microsoft Corporation) C:\WINDOWS\system32\ShareHost.dll
2017-07-12 11:53 - 2017-06-21 08:36 - 02318848 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2017-07-12 11:53 - 2017-06-21 08:36 - 00881152 _____ (Microsoft Corporation) C:\WINDOWS\system32\MsSpellCheckingFacility.dll
2017-07-12 11:53 - 2017-06-21 08:36 - 00180224 _____ (Microsoft Corporation) C:\WINDOWS\system32\enrollmentapi.dll
2017-07-12 11:53 - 2017-06-21 08:35 - 01726976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2017-07-12 11:53 - 2017-06-21 08:35 - 01328640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.Http.dll
2017-07-12 11:53 - 2017-06-21 08:35 - 00924672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.BackgroundTransfer.dll
2017-07-12 11:53 - 2017-06-21 08:34 - 01121280 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2017-07-12 11:53 - 2017-06-21 08:34 - 00035328 _____ (Microsoft Corporation) C:\WINDOWS\system32\spaceman.exe
2017-07-12 11:53 - 2017-03-04 08:27 - 00391168 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleacc.dll
2017-07-12 11:53 - 2017-03-04 08:19 - 01589760 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdtctm.dll
2017-07-12 11:53 - 2016-10-05 11:32 - 00146432 _____ (Microsoft Corporation) C:\WINDOWS\system32\AuthBroker.dll
2017-07-07 20:01 - 2017-07-07 20:01 - 00000000 ____D C:\Users\Siggi\AppData\Local\UNP
2017-07-07 19:41 - 2017-07-07 19:42 - 00000000 ____D C:\Program Files\UNP
2017-07-07 19:41 - 2017-07-07 19:41 - 00000000 ____D C:\WINDOWS\system32\UNP
2017-07-02 18:04 - 2017-07-02 18:05 - 00460850 _____ C:\Users\Siggi\Downloads\bayernatlas.de.pdf
2017-07-01 10:43 - 2017-07-01 10:43 - 11287004 _____ C:\Users\Siggi\Downloads\20031120100303437_bh59-00335c-04_ge.pdf
2017-06-28 14:26 - 2017-06-28 14:27 - 07180216 _____ (Piriform Ltd) C:\Users\Siggi\Downloads\ccsetup531_slim.exe
2017-06-24 08:45 - 2017-06-24 08:47 - 00187351 _____ C:\Users\Siggi\Desktop\Wie Goldgräber und Hobbyschatzsucher bei Ausgrabungen helfen - SPIEGEL ONLINE.htm
2017-06-24 08:45 - 2017-06-24 08:45 - 00000000 ____D C:\Users\Siggi\Desktop\Wie Goldgräber und Hobbyschatzsucher bei Ausgrabungen helfen - SPIEGEL ONLINE-Dateien
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2017-07-20 22:05 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\AppReadiness
2017-07-20 22:05 - 2015-07-04 18:22 - 00000000 ____D C:\FRST
2017-07-20 21:55 - 2016-09-25 10:19 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2017-07-20 21:36 - 2017-04-07 14:14 - 00251832 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2017-07-20 21:34 - 2016-10-20 20:41 - 00000000 ____D C:\Users\Siggi\AppData\LocalLow\Mozilla
2017-07-20 21:31 - 2017-02-14 11:36 - 00001024 _____ C:\.rnd
2017-07-20 21:31 - 2016-09-25 11:10 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-07-20 21:31 - 2016-09-25 10:23 - 00000000 ____D C:\ProgramData\NVIDIA
2017-07-20 21:30 - 2016-07-16 08:04 - 00524288 _____ C:\WINDOWS\system32\config\BBI
2017-07-20 21:29 - 2017-05-21 18:51 - 00000000 ____D C:\Program Files (x86)\Yahoo!
2017-07-20 21:29 - 2014-08-14 15:55 - 00000008 __RSH C:\ProgramData\ntuser.pol
2017-07-20 21:03 - 2016-07-16 08:04 - 00032768 _____ C:\WINDOWS\system32\config\ELAM
2017-07-20 16:15 - 2016-09-25 10:32 - 00000000 ____D C:\Users\Siggi
2017-07-20 14:57 - 2017-01-03 16:03 - 00000883 _____ C:\Users\Siggi\Desktop\Wswin32.exe - Verknüpfung.lnk
2017-07-20 08:14 - 2014-01-03 22:29 - 00000000 ____D C:\ProgramData\G Data
2017-07-20 08:09 - 2016-07-16 13:47 - 00000000 ___HD C:\WINDOWS\ELAMBKUP
2017-07-20 08:04 - 2014-01-03 22:31 - 00000000 ____D C:\Program Files (x86)\G Data
2017-07-20 07:35 - 2016-07-16 13:47 - 00000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs
2017-07-20 07:35 - 2016-07-16 13:47 - 00000000 ___SD C:\WINDOWS\SysWOW64\Configuration
2017-07-20 07:35 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\SysWOW64\setup
2017-07-20 07:35 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\SysWOW64\oobe
2017-07-20 07:35 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\SysWOW64\MUI
2017-07-20 07:35 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\SysWOW64\Macromed
2017-07-20 07:35 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\SysWOW64\inetsrv
2017-07-20 07:35 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\SysWOW64\IME
2017-07-20 07:35 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\SysWOW64\Com
2017-07-20 07:19 - 2016-07-16 13:47 - 00000000 ___HD C:\Program Files\WindowsApps
2017-07-20 06:54 - 2016-09-25 11:10 - 00003668 _____ C:\WINDOWS\System32\Tasks\AVG EUpdate Task
2017-07-19 18:58 - 2017-02-20 07:31 - 00000000 ____D C:\Users\Siggi\Desktop\Programme1
2017-07-19 10:01 - 2016-08-23 17:01 - 00000000 ____D C:\Foto
2017-07-19 07:27 - 2016-09-25 10:32 - 00000000 ____D C:\Users\DefaultAppPool
2017-07-19 07:27 - 2016-09-25 10:32 - 00000000 ____D C:\Users\Administrator
2017-07-17 19:39 - 2016-10-24 12:06 - 00001147 _____ C:\Users\Siggi\Desktop\DVBViewer.exe - Verknüpfung.lnk
2017-07-17 18:44 - 2017-03-09 20:42 - 00000000 ____D C:\Users\Siggi\Documents\WISO Konto Online
2017-07-16 20:03 - 2016-10-20 18:07 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2017-07-16 08:43 - 2016-07-16 13:45 - 00000000 ____D C:\WINDOWS\INF
2017-07-15 19:42 - 2016-09-25 11:10 - 00003616 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2017-07-15 19:42 - 2016-09-25 11:10 - 00003392 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2017-07-15 18:26 - 2016-09-25 10:29 - 06341960 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-07-15 18:26 - 2016-07-17 00:51 - 03072750 _____ C:\WINDOWS\system32\perfh007.dat
2017-07-15 18:26 - 2016-07-17 00:51 - 00840852 _____ C:\WINDOWS\system32\perfc007.dat
2017-07-15 18:08 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\rescache
2017-07-12 15:38 - 2016-04-27 07:55 - 00000000 __RHD C:\Users\Public\AccountPictures
2017-07-12 15:32 - 2016-09-25 10:19 - 00413472 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2017-07-12 15:26 - 2016-07-16 13:47 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2017-07-12 15:26 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\oobe
2017-07-12 15:26 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\appraiser
2017-07-12 15:26 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\ShellExperiences
2017-07-12 15:26 - 2016-07-16 13:47 - 00000000 ____D C:\Program Files\Windows Photo Viewer
2017-07-12 15:26 - 2016-07-16 13:47 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2017-07-12 12:34 - 2016-07-16 13:36 - 00000000 ____D C:\WINDOWS\CbsTemp
2017-07-12 12:11 - 2014-01-03 20:11 - 00000000 ____D C:\WINDOWS\system32\MRT
2017-07-12 12:04 - 2014-01-03 20:11 - 135225752 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-07-12 10:17 - 2017-04-11 08:50 - 00003094 _____ C:\WINDOWS\System32\Tasks\Java Platform SE Auto Updater
2017-07-12 10:17 - 2016-09-25 11:26 - 00002824 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task
2017-07-12 10:17 - 2016-09-25 11:10 - 00002090 _____ C:\WINDOWS\System32\Tasks\SidebarExecute
2017-07-12 07:41 - 2016-07-16 13:43 - 00157696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\enrollmentapi.dll
2017-07-11 10:02 - 2014-02-01 12:52 - 00000000 ____D C:\Users\Siggi\AppData\Local\Corel
2017-07-10 11:58 - 2016-09-25 11:10 - 00003542 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2017-07-10 11:27 - 2017-04-20 18:49 - 00003878 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player PPAPI Notifier
2017-07-10 11:26 - 2017-05-26 21:24 - 00003560 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2017-07-02 16:15 - 2014-01-03 19:53 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2017-06-30 16:46 - 2016-07-16 13:49 - 00835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2017-06-30 16:46 - 2016-07-16 13:49 - 00177656 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2017-06-30 15:22 - 2016-06-30 18:21 - 00000000 ____D C:\Program Files\Mozilla Firefox
2017-06-30 07:01 - 2014-01-05 15:49 - 00000000 ____D C:\ProgramData\Skype
2017-06-28 20:04 - 2017-03-17 11:33 - 00000000 ___RD C:\Program Files (x86)\Skype
2017-06-28 17:07 - 2017-05-19 19:00 - 00000000 ___HD C:\Users\Siggi\Desktop\[Originaldateien]
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2016-01-09 13:05 - 2016-06-11 16:32 - 0000027 _____ () C:\Users\Siggi\AppData\Roaming\AVSDVDPlayer.m3u
2014-05-03 16:05 - 2014-05-03 16:05 - 0000000 _____ () C:\Users\Siggi\AppData\Roaming\gdfw.log
2014-05-03 16:04 - 2017-07-20 08:10 - 0002731 _____ () C:\Users\Siggi\AppData\Roaming\gdscan.log
2014-11-02 12:21 - 2017-02-20 15:10 - 0000600 _____ () C:\Users\Siggi\AppData\Roaming\winscp.rnd
2015-09-24 11:43 - 2016-05-08 14:36 - 0001062 _____ () C:\Users\Siggi\AppData\Local\62ddddf9d461bd9633b86dd3c75a2286
2015-09-27 15:30 - 2016-09-26 16:02 - 0001062 _____ () C:\Users\Siggi\AppData\Local\998087a8e589f390f0b710fed8b8c1bf
2015-08-13 17:30 - 2015-10-02 19:58 - 0000950 _____ () C:\Users\Siggi\AppData\Local\c59be68b03be09f9dbe3e1c49acbe573
2014-01-05 15:25 - 2016-04-26 14:33 - 0030208 _____ () C:\Users\Siggi\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-12-21 17:21 - 2015-03-15 17:06 - 0000600 _____ () C:\Users\Siggi\AppData\Local\PUTTY.RND
2016-11-04 11:02 - 2016-11-04 11:02 - 0004591 _____ () C:\Users\Siggi\AppData\Local\recently-used.xbel
2016-07-25 15:43 - 2016-08-05 15:20 - 0007602 _____ () C:\Users\Siggi\AppData\Local\resmon.resmoncfg
2014-02-01 12:51 - 2016-07-22 16:57 - 0000900 ___SH () C:\ProgramData\KGyGaAvL.sys
2017-03-09 20:42 - 2017-03-09 20:42 - 0000116 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.400.32.bc
2014-02-15 14:51 - 2014-02-15 14:51 - 0012698 _____ () C:\ProgramData\ndhlopzv.syn
2015-01-23 22:32 - 2015-01-23 22:32 - 0004974 _____ () C:\ProgramData\vnjjireq.zmg
==================== Bamital & volsnap ======================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2017-07-15 12:14
==================== Ende von FRST.txt ============================
|
|
21.07.2017, 20:14
| #11 |
| | Malwarebytes zeigt Funde an auf PC vom Vater und add: Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 18-07-2017
durchgeführt von Siggi (20-07-2017 22:08:23)
Gestartet von C:\Users\Siggi\Desktop
Windows 10 Pro Version 1607 (X64) (2016-09-25 09:16:30)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-2441953047-3725558795-4123501198-500 - Administrator - Disabled) => C:\Users\Administrator
DefaultAccount (S-1-5-21-2441953047-3725558795-4123501198-503 - Limited - Disabled)
Gast (S-1-5-21-2441953047-3725558795-4123501198-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2441953047-3725558795-4123501198-1002 - Limited - Enabled)
Siggi (S-1-5-21-2441953047-3725558795-4123501198-1001 - Administrator - Enabled) => C:\Users\Siggi
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: G DATA INTERNET SECURITY (Enabled - Up to date) {A9C56A9B-ECCD-57EA-78F6-92511DA1C885}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: G*DATA Personal Firewall (Enabled) {91FEEBBE-A6A2-56B2-53A9-3B64E3728FFE}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
8GadgetPack (HKLM-x32\...\{F60DAD2D-8625-4467-AE01-EA0382187621}) (Version: 19.0.0 - Helmut Buhler)
ACDSee 19 (HKLM\...\{F36C6194-6306-43D8-8775-8267BC77FF65}) (Version: 19.3.0.506 - ACD Systems International Inc.)
ACDSee Pro 7 (64-bit) (HKLM\...\{D2A6EC54-CB46-49E4-A6FC-A9179F9D9D12}) (Version: 7.1.169 - ACD Systems International Inc.)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 22.0.0.153 - Adobe Systems Incorporated)
Adobe Community Help (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.5.23 - Adobe Systems Incorporated.)
Adobe Flash Player 26 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 26.0.0.131 - Adobe Systems Incorporated)
Adobe Flash Player 26 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 26.0.0.131 - Adobe Systems Incorporated)
Adobe Photoshop Elements 12 (HKLM-x32\...\Adobe Photoshop Elements 12) (Version: 12.0 - Adobe Systems Incorporated)
Adobe Photoshop Lightroom 5.3 64-bit (HKLM\...\{2DD71ACB-552D-402C-9529-7906ACB95C30}) (Version: 5.3.1 - Adobe Systems Incorporated)
Adobe Premiere Elements 12 (HKLM\...\{4016464A-0C3E-4070-8293-5D7F0D8EAE3A}) (Version: 12.0 - Adobe Systems Incorporated) Hidden
Adobe Premiere Elements 12 (HKLM\...\PremElem120) (Version: 12.0 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.19) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.19 - Adobe Systems Incorporated)
Ahnenforschung DeLuxe (HKLM-x32\...\Ahnenforschung DeLuxe) (Version: - )
Apple Software Update (HKLM-x32\...\{6956856F-B6B3-4BE0-BA0B-8F495BE32033}) (Version: 2.1.1.116 - Apple Inc.)
Ashampoo Burning Studio FREE v.1.14.5 (HKLM-x32\...\{91B33C97-91F8-FFB3-581B-BC952C901685}_is1) (Version: 1.14.5 - Ashampoo GmbH & Co. KG)
Ashampoo Photo Commander 10 v.10.2.1 (HKLM-x32\...\{C92AB6F1-4B66-808A-D77C-25EF81C0176A}_is1) (Version: 10.2.1 - Ashampoo GmbH & Co. KG)
Audials (HKLM-x32\...\{942EDCE4-79EE-409E-9E7C-6EC236C037AC}) (Version: 10.3.34300.0 - Audials AG)
Audials (HKLM-x32\...\{97DDF4B1-4BA6-40B3-AFBE-6080F08D540A}) (Version: 17.0.30797.9700 - Audials AG)
AVG (HKLM\...\AvgZen) (Version: 1.116.3.1052 - AVG Technologies)
AVG PC TuneUp (HKLM-x32\...\{149D912F-03DB-4895-913E-820CB11965C0}) (Version: 16.74.1 - AVG Technologies) Hidden
AVG PC TuneUp (HKLM-x32\...\AVG PC TuneUp) (Version: 16.74.2.60831 - AVG Technologies)
AVG Zen (HKLM\...\{219E7C4A-0902-4CD4-82B8-EF908BF3198E}) (Version: 1.116.2 - AVG Technologies) Hidden
AVS Audio Converter 8.0 (HKLM-x32\...\AVS Audio Converter_is1) (Version: 8.0.1.540 - Online Media Technologies Ltd.)
AVS Audio Editor 7.2 (HKLM-x32\...\AVS Audio Editor_is1) (Version: 7.2.2.488 - Online Media Technologies Ltd.)
AVS Audio Recorder 4.0 (HKLM-x32\...\AVS Audio Recorder_is1) (Version: 4.0.2.22 - Online Media Technologies Ltd.)
AVS Disc Creator 5.2.7 (HKLM-x32\...\AVS Disc Creator_is1) (Version: 5.2.7.541 - Online Media Technologies Ltd.)
AVS DVD Authoring (HKLM-x32\...\AVS DVD Authoring_is1) (Version: - Online Media Technologies Ltd.)
AVS DVD Player version 2.4 (HKLM-x32\...\AVS DVD Player_is1) (Version: - Online Media Technologies Ltd.)
AVS Update Manager 1.0 (HKLM-x32\...\AVS Update Manager_is1) (Version: - Online Media Technologies Ltd.)
AVS Video Converter 9.1 (HKLM-x32\...\AVS4YOU Video Converter 7_is1) (Version: 9.1.2.571 - Online Media Technologies Ltd.)
AVS Video Editor 6.5 (HKLM-x32\...\AVS Video Editor_is1) (Version: 6.5.1.246 - Online Media Technologies Ltd.)
AVS Video Recorder 2.4 (HKLM-x32\...\AVS Video Recorder_is1) (Version: - Online Media Technologies Ltd.)
AVS4YOU Software Navigator 1.2 (HKLM-x32\...\AVS4YOU Software Navigator_is1) (Version: - Online Media Technologies Ltd.)
Camera Support Core Library (HKLM-x32\...\{A1D0D14A-B776-4907-BC00-5149F2298086}) (Version: 7.3.0.4 - Canon) Hidden
Camera Window DVC (HKLM-x32\...\{A2EB8F2E-6D9B-4F8B-96EB-F976D33F416F}) (Version: 5.4.4 - Canon) Hidden
Camera Window MC (HKLM-x32\...\{36C65B50-37BA-4467-AAD5-0523EFDF6F62}) (Version: 5.4.3 - Canon) Hidden
CameraHelperMsi (HKLM-x32\...\{15634701-BACE-4449-8B25-1567DA8C9FD3}) (Version: 13.51.815.0 - Logitech) Hidden
Canon Camera Support Core Library (HKLM-x32\...\InstallShield_{A1D0D14A-B776-4907-BC00-5149F2298086}) (Version: 7.3.0.4 - Canon)
Canon Camera WIA Driver (HKLM-x32\...\{33CF7CDF-9805-4500-9CC7-D19D52AD63C4}) (Version: 5.6 - Canon) Hidden
Canon Camera Window DC_DV 5 for ZoomBrowser EX (HKLM-x32\...\InstallShield_{A2EB8F2E-6D9B-4F8B-96EB-F976D33F416F}) (Version: 5.4.4 - Canon)
Canon Camera Window MC 5 for ZoomBrowser EX (HKLM-x32\...\InstallShield_{36C65B50-37BA-4467-AAD5-0523EFDF6F62}) (Version: 5.4.3 - Canon)
Canon EOS Kiss_N REBEL_XT 350D WIA Driver (HKLM-x32\...\InstallShield_{33CF7CDF-9805-4500-9CC7-D19D52AD63C4}) (Version: 5.6 - Canon)
CANON iMAGE GATEWAY Task (HKLM-x32\...\{33711828-7194-4446-8C05-0DC0E59A0C1B}) (Version: 1.0.0.23 - Canon) Hidden
CANON iMAGE GATEWAY Task for ZoomBrowser EX (HKLM-x32\...\InstallShield_{33711828-7194-4446-8C05-0DC0E59A0C1B}) (Version: 1.0.0.23 - Canon)
Canon Internet Library for ZoomBrowser EX (HKLM-x32\...\InstallShield_{D0E8C34D-19D2-49FD-A900-88DEB788FF86}) (Version: 1.4.0 - Canon Inc.)
Canon MP Navigator EX 2.1 (HKLM-x32\...\MP Navigator EX 2.1) (Version: - )
Canon MX320 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MX320_series) (Version: - Canon Inc.)
Canon PhotoRecord (HKLM-x32\...\{BBBC2B89-E193-4348-A83C-C8DD8210A4AC}) (Version: 02.02.03002 - Cisra)
Canon RAW Image Task for ZoomBrowser EX (HKLM-x32\...\InstallShield_{BAA43DA2-B6C5-46EC-B163-0E8EEAF975A4}) (Version: 2.2 - Canon)
Canon Utilities Digital Photo Professional (HKLM-x32\...\Digital Photo Professional) (Version: 3.14.47.0 - Canon Inc.)
Canon Utilities Digital Photo Professional 2.0 (HKLM-x32\...\{17BF3045-AB1D-4048-8356-6C584B83565E}) (Version: 2.0 - Canon) Hidden
Canon Utilities Digital Photo Professional 2.0 (HKLM-x32\...\InstallShield_{17BF3045-AB1D-4048-8356-6C584B83565E}) (Version: 2.0 - Canon)
Canon Utilities EOS Capture 1.5 (HKLM-x32\...\InstallShield_{589D17BB-C997-48C0-BCD2-CC8DC3375FE8}) (Version: 1.5 - Canon)
Canon Utilities EOS Lens Registration Tool (HKLM-x32\...\EOS Lens Registration Tool) (Version: 1.3.0.1 - Canon Inc.)
Canon Utilities EOS Utility 2 (HKLM-x32\...\EOS Utility 2) (Version: 2.14.20.0 - Canon Inc.)
Canon Utilities EOS Web Service Registration Tool (HKLM-x32\...\EOS Web Service Registration Tool) (Version: 1.2.10.0 - Canon Inc.)
Canon Utilities PhotoStitch 3.1 (HKLM-x32\...\InstallShield_{874E44F3-B9A7-4AA1-B4BA-83E5684ED9C6}) (Version: 3.1.16 - Canon)
Canon ZoomBrowser EX (E) (HKLM-x32\...\{C1D76D7A-F3BB-47EA-A746-5B1E2FFC1DF2}) (Version: 5.05.0000 - Canon)
CBH-2012 (HKLM-x32\...\{E7E877BE-A17B-4E5A-B8E4-3B893C03BB1B}) (Version: 4.1.SP1 - LN-Systems)
chip 1-click download service (HKLM-x32\...\{503CA94E-0834-4CEE-AD92-BA17AF4E809A}) (Version: 3.6.9.0 - Chip Digital GmbH)
CLIQZ (HKLM-x32\...\{5A0C0737-6AFE-4DC6-A8B4-6DFE509ACD75}_is1) (Version: 1.0.44 - CLIQZ.com)
COLOR projects 4 elements (64-Bit) (HKLM\...\COLOR_PROJECTS_4_2_C935FDA1_is1) (Version: 4.41 - Franzis Verlag GmbH)
COLOR projects premium (64-Bit) (HKLM\...\COLOR_PROJECTS_1_2_C935FDA1_is1) (Version: 1.14 - Franzis Verlag GmbH)
ComproFM 2 (HKLM-x32\...\{9EA404D2-5A5E-4A44-94E3-B8B148F7BCBC}) (Version: 2.20.500 - )
Corel Paint Shop Pro Photo X2 (HKLM-x32\...\{64E72FB1-2343-4977-B4A8-262CD53D0BD3}) (Version: 12.50.0001 - Corel Corporation)
Cut Out 3.0 pro (64bits) (HKLM\...\Cut Out pro(64bits)_is1) (Version: - Franzis.de)
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
DHTML Editing Component (HKLM-x32\...\{2EA870FA-585F-4187-903D-CB9FFD21E2E0}) (Version: 6.02.0001 - Microsoft Corporation)
Dream Aquarium (HKLM-x32\...\DreamAqua) (Version: - )
DVBViewer Pro (HKLM-x32\...\DVBViewer Pro_is1) (Version: 5.3.2 - CM&V)
DVBViewer TE2 (HKLM-x32\...\DVBViewer TE2_is1) (Version: - CM&V)
DVD Shrink 3.2 deutsch (DeCSS-frei) (HKLM-x32\...\DVD Shrink DE_is1) (Version: - DVD Shrink)
Dynamic-Photo HDR 4.7 (HKLM-x32\...\Dynamic-Photo HDR 4_is1) (Version: - Mediachance)
EasyWeather (HKLM-x32\...\{CE1B03BC-3C99-4580-A2AC-A41DB9B83378}) (Version: - 1.0)
Elements 10 Organizer (HKLM-x32\...\{22D3A614-482C-444A-932C-9DA1B8ECDFD2}) (Version: 10.0 - Ihr Firmenname) Hidden
Elements 12 Organizer (HKLM-x32\...\{9D80A7B7-DC01-485D-AE93-710D559B5C56}) (Version: 12.0 - Ihr Firmenname) Hidden
EOS Capture 1.5 (HKLM-x32\...\{589D17BB-C997-48C0-BCD2-CC8DC3375FE8}) (Version: 1.5 - Canon) Hidden
erLT (HKLM-x32\...\{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}) (Version: 1.20.138.34 - Logitech, Inc.) Hidden
FastStone Image Viewer 5.7 (HKLM-x32\...\FastStone Image Viewer) (Version: 5.7 - FastStone Soft)
FlexRadio Systems PowerSDR v2.6.4 (HKLM-x32\...\{F700F67B-8F6F-48EF-98EE-CF5CF62ABEA2}_is1) (Version: 2.6.4 - FlexRadio Systems)
FMW 1 (HKLM\...\{DC2A8E3D-D5E1-4837-A2E0-C308100AC412}) (Version: 1.143.3 - AVG Technologies) Hidden
Fotogalerie (HKLM-x32\...\{41BF4A3B-D60A-4E92-883F-C88C8C157261}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
FUJIFILM MyFinePix Studio 1.1 (HKLM-x32\...\FinePix Genie_is1) (Version: - )
G DATA INTERNET SECURITY (HKLM-x32\...\G DATA INTERNET SECURITY) (Version: 25.4.0.1 - G DATA Software AG)
GeoSetter 3.4.16 (HKLM-x32\...\GeoSetter_is1) (Version: - Friedemann Schmidt)
GIMP 2.8.10 (HKLM\...\GIMP-2_is1) (Version: 2.8.10 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 58.0.3029.110 - Google Inc.)
Google Earth (HKLM-x32\...\{F6430171-B86B-4639-839E-374913E7911D}) (Version: 7.1.8.3036 - Google)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.5 - Google Inc.) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden
Ham Radio Deluxe (HKLM-x32\...\{4DF979D5-464C-4926-AF73-54C1C219F06A}) (Version: 5.24.0.36 - HRD Software, LLC)
Harrys Filters 4.0 (Plugin) (HKLM\...\Harrys Filters 4.0 (Plugin)_is1) (Version: - The Plugin Site)
Hauppauge WinTV 7 (HKLM-x32\...\Hauppauge WinTV 7) (Version: v7.0.30237 (CD 2.6) - Hauppauge Computer Works)
HDR projects darkroom (64-Bit) (HKLM\...\HDR_PROJECTS_2_0_3BF7CE82_is1) (Version: 2.26 - Franzis Verlag GmbH)
HDR Projects platin (64-Bit) (HKLM\...\HDR Projects platin_is1) (Version: 1.23 - Franzis Verlag GmbH)
Internet Library (HKLM-x32\...\{D0E8C34D-19D2-49FD-A900-88DEB788FF86}) (Version: 1.4.0 - Canon Inc.) Hidden
Java 8 Update 131 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180131F0}) (Version: 8.0.1310.11 - Oracle Corporation)
LAV Filters 0.69 (HKLM-x32\...\lavfilters_is1) (Version: 0.69 - Hendrik Leppkes)
Logitech Webcam-Software (HKLM-x32\...\{D40EB009-0499-459c-A8AF-C9C110766215}) (Version: 2.51 - Logitech Inc.)
Luminance HDR 2.4.0 (HKLM-x32\...\{7020FC34-6E04-4858-924D-354B28CB2402}_is1) (Version: - Luminance HDR Dev Team)
MainConcept DTV Decoder Pro (HKLM-x32\...\{793FCE60-DE5E-4977-A942-A7B69A45B17D}) (Version: 1.5.0.2 - MainConcept GmbH)
Malwarebytes Version 3.0.6.1469 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.0.6.1469 - Malwarebytes)
MergeModule_x64 (HKLM\...\{12DCC5A7-0100-4433-B4FF-217A3C5DC83B}) (Version: 9.3.00 - Sony Corporation) Hidden
MergeModule_x86 (HKLM-x32\...\{DD7721BB-CF1C-4DC9-AD87-8D5FB75413B7}) (Version: 9.3.00 - Sony Corporation) Hidden
MicroCapture Pro 2.2 (HKLM-x32\...\MicroCapture Pro) (Version: 2.2 - winmax)
Microsoft Camera Codec Pack (HKLM-x32\...\{968AE11C-EDF7-4D18-B416-848DA26EADFA}) (Version: 6.3.9723.0 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (HKLM-x32\...\HOMESTUDENTR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Live Add-in 1.5 (HKLM-x32\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Rechner-Plus (HKLM-x32\...\{437C19B3-7E20-4E39-B868-CA6BAA820E1C}) (Version: 1.0.0 - Microsoft)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 (HKLM\...\{D285FC5F-3021-32E9-9C59-24CA325BDC5C}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022.218 (HKLM-x32\...\{E503B4BF-F7BB-3D5F-8BC8-F694B1CFF942}) (Version: 9.0.21022.218 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Movie Maker (HKLM-x32\...\{70C91B91-61E8-4D06-86D6-A9DCC291983A}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{DD67BE4B-7E62-4215-AFA3-F123A800A389}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 54.0.1 (x64 de) (HKLM\...\Mozilla Firefox 54.0.1 (x64 de)) (Version: 54.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 54.0.1.6388 - Mozilla)
Mozilla Thunderbird 50.0 (x86 en-US) (HKLM-x32\...\Mozilla Thunderbird 50.0 (x86 en-US)) (Version: 50.0 - Mozilla)
Mozilla Thunderbird 55.0 (x86 en-US) (HKU\S-1-5-21-2441953047-3725558795-4123501198-1001\...\Mozilla Thunderbird 55.0 (x86 en-US)) (Version: 55.0 - Mozilla)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
Neat Image v7.4.0 Demo Standalone (32-bit) (HKLM-x32\...\Neat Image Standalone (32-bit)_is1) (Version: - Neat Image team, ABSoft)
NEAT projects professional (64-Bit) (HKLM\...\NEAT_PROJECTS_1_3_Df337A2C_is1) (Version: 1.12 - Franzis Verlag GmbH)
Nik Collection (HKLM-x32\...\Nik Collection) (Version: 1.2.11 - Google)
NVIDIA 3D Vision Treiber 342.01 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 342.01 - NVIDIA Corporation)
NVIDIA Grafiktreiber 342.01 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 342.01 - NVIDIA Corporation)
NVIDIA Update 10.4.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 10.4.0 - NVIDIA Corporation)
Online-Banking+ (HKLM-x32\...\{B1B03833-939A-43D3-ADA5-E4088E6AFD5D}) (Version: 15.2.1.18 - Buhl Data Service GmbH) Hidden
Online-Banking+ (HKLM-x32\...\Online-Banking+) (Version: - Buhl Data Service GmbH)
PC Camer@N (HKLM-x32\...\{68AD7668-834F-49BC-94AB-28F94A5D93D5}) (Version: 0.1.3.8 - Teconet) Hidden
PC Camer@N (HKLM-x32\...\InstallShield_{68AD7668-834F-49BC-94AB-28F94A5D93D5}) (Version: 0.1.3.8 - Teconet)
Pcr1k Mini (HKLM-x32\...\ST6UNST #1) (Version: - )
PC-WELT-Fix-it-Pack 2.0 (HKLM\...\{CD349D32-0976-4AB5-9616-82717033D2C8}_is1) (Version: - IDG Magazine Media GmbH)
Phase 5 HTML-Editor (HKLM-x32\...\{20B1B020-DEAE-48D1-9960-D4C3185D758B}) (Version: 5.6.2.3 - Systemberatung Schommer)
PhotoPad Foto-Editor (HKLM-x32\...\PhotoPad) (Version: 2.41 - NCH Software)
PhotoStitch (HKLM-x32\...\{874E44F3-B9A7-4AA1-B4BA-83E5684ED9C6}) (Version: 3.1.16 - Canon) Hidden
PlayMemories Home (HKLM-x32\...\{94F4815B-755A-4FFA-AFDC-EE8FE776981E}) (Version: 5.1.00.12260 - Sony Corporation)
PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
PMB_ModeEditor (HKLM-x32\...\{D5318740-B088-4B1A-B6A8-1F90A172CCD1}) (Version: 9.3.00 - Sony Corporation) Hidden
PMB_ServiceUploader (HKLM-x32\...\{E7FDF11C-12BB-4D6F-9B6D-F8E488C776DC}) (Version: 10.1.00 - Sony Corporation) Hidden
ProgDVB (HKLM\...\ProgDVB) (Version: - )
PSE12 STI Installer (HKLM-x32\...\{11F9A376-342F-4297-82DA-1F6EA8ED4B6B}) (Version: 12.0 - Adobe Systems Incorporated) Hidden
QuickTime (HKLM-x32\...\{1451DE6B-ABE1-4F62-BE9A-B363A17588A2}) (Version: 7.65.17.80 - Apple Inc.)
RAF (HKLM-x32\...\{E6B43401-E818-4961-AFED-118DD8E87642}) (Version: 1.00.0001 - FUJIFILM Corporation)
RAW Image Task 2.2 (HKLM-x32\...\{BAA43DA2-B6C5-46EC-B163-0E8EEAF975A4}) (Version: 2.2 - Canon) Hidden
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
Saal Design Software (HKLM-x32\...\{0C52FDB3-C8A1-E686-5A87-85F3EC2259D4}) (Version: 4.0 - Saal Digital Fotoservice GmbH) Hidden
Saal Design Software (HKLM-x32\...\SaalDesignSoftware) (Version: 4.0 - Saal Digital Fotoservice GmbH)
Serif PhotoPlus X5 (HKLM-x32\...\{617E7009-0C50-4178-B0E2-F9D66DC8A582}) (Version: 15.0.1.011 - Serif (Europe) Ltd)
Silicon Laboratories CP210x VCP Drivers for Windows 2000/XP/2003 Server/Vista (HKLM-x32\...\{E4EE41CD-85AD-41DC-A93D-CA73A3BE981B}) (Version: 4.40 - Silicon Laboratories, Inc.)
SILVER projects premium (64-Bit) (HKLM\...\SILVER_PROJECTS_1_2_28B15F1D_is1) (Version: 1.14 - Franzis Verlag GmbH)
Skype™ 7.38 (HKLM-x32\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.38.101 - Skype Technologies S.A.)
stunnel installed for AllUsers (HKLM-x32\...\stunnel) (Version: 5.35 - Michal Trojnara)
TeamSpeak 2 RC2 (HKLM-x32\...\Teamspeak 2 RC2_is1) (Version: 2.0.32.60 - Dominating Bytes Design)
TeamViewer 12 (HKLM-x32\...\TeamViewer) (Version: 12.0.75813 - TeamViewer)
TechniSat DVB-PC TV Star (HKLM-x32\...\{D032A7F0-8B5C-4603-8B46-235025D5F9C1}) (Version: 4.3.3 - TechniSat)
Technisat DVB-VC80 Redistributable Modules (HKLM-x32\...\{134007CC-7026-46C2-B46F-40D9FD2AF385}) (Version: 1.0.0 - Technisat)
Telekom Hosting Manager (HKLM\...\Telekom Hosting Manager) (Version: 1.1.6.0 - Telekom)
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 8.50 - Ghisler Software GmbH)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0407-0000-0000000FF1CE}_HOMESTUDENTR_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version: - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0407-0000-0000000FF1CE}_HOMESTUDENTR_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version: - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0407-0000-0000000FF1CE}_HOMESTUDENTR_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version: - Microsoft)
USB2.0 PC Camera (HKLM-x32\...\{417D86A0-89FE-4308-B172-45B74DCE6F8F}) (Version: 2.2.0.0 - aveotek)
Videoload (HKU\S-1-5-21-2441953047-3725558795-4123501198-1001\...\3923177984.wcps.t-online.de) (Version: - wcps.t-online.de)
VideoMate DVB-T / DAB / ISDBT USB Driver (HKLM-x32\...\{9B56D73E-CBC7-4499-ACED-9ECCA72AE52C}) (Version: 86.1.1012.2010 - )
VisionGS PE (HKLM-x32\...\VisionGS PE_is1) (Version: - bluepath GmbH)
Wacom (HKLM\...\Pen Tablet Driver) (Version: 5.3.5-3 - Wacom Technology Corp.)
WeatherLink 6.0.3 (HKLM-x32\...\{E344C807-7DE0-4CC2-81BB-1F895CF8CBDF}) (Version: 6.0.3 - Davis Instruments Corp.)
WebTablet FB Plugin 32 bit (HKLM-x32\...\Wacom WebTabletPlugin for Internet Explorer and Netscape) (Version: 2.1.0.7 - Wacom Technology Corp.)
WebTablet FB Plugin 64 bit (HKLM\...\Wacom WebTabletPlugin for Internet Explorer and Netscape) (Version: 2.1.0.7 - Wacom Technology Corp.)
Windows 10 Update and Privacy Settings (HKLM\...\{4DFCD818-036A-4229-A67D-CF17DC461D92}) (Version: 1.0.14.0 - Microsoft Corporation)
Windows 10-Upgrade-Assistent (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.17387 - Microsoft Corporation)
Windows Desktop Gadgets (HKLM\...\Windows Desktop Gadgets_is1) (Version: 2.0 - hxxp://gadgetsrevived.com)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
Windows-Treiberpaket - ZC-700W Webcam Driver (01/01/2007 6.0.0.1) (HKLM\...\10222FE57D88FE4CF0DE52CB1422B3E85424F890) (Version: 01/01/2007 6.0.0.1 - )
Windows-Treiberpaket - Silicon Laboratories (silabenm) Ports (10/18/2013 6.6.1.0) (HKLM\...\F92C2D6CB4EA0EE558BDF5F8BDD69083DFC62179) (Version: 10/18/2013 6.6.1.0 - Silicon Laboratories)
WinRAR 5.40 beta 2 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.40.2 - win.rar GmbH)
WinSCP 5.7.7 (HKLM-x32\...\winscp3_is1) (Version: 5.7.7 - Martin Prikryl)
WISO Konto Online Plus 365 (HKLM-x32\...\{FF192B78-55F6-4B80-860F-33E428FA16E3}) (Version: 22.0.0.0 - Buhl Data Service GmbH) Hidden
WISO Konto Online Plus 365 (HKLM-x32\...\WISO Konto Online Plus 365) (Version: - Buhl Data Service GmbH)
WsWin V2.98.0 - 2015-08-31 (HKLM-x32\...\PC-Wetterstation_is1) (Version: 2.98.0 - Werner Krenn)
WXtoImg (HKLM-x32\...\WXtoImg) (Version: - )
Z Cinema (HKLM\...\{6E166235-49F3-4DFA-A102-1E86675ABD11}) (Version: 1.0.0 - Logitech)
ZC-700W Webcam (HKLM-x32\...\{E398E7CC-30B8-4D63-B07B-741163A12565}) (Version: 100.000.070814 - ZC-700W)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
CustomCLSID: HKU\S-1-5-21-2441953047-3725558795-4123501198-1001_Classes\CLSID\{0E7BE950-4ACC-47CB-834B-41A8B96BBFF9}\InprocServer32 -> C:\Users\Siggi\AppData\Local\Microsoft\Windows Sidebar\Gadgets\Sidebar7.gadget\Release\Sidebar7.64.dll (Helmut Buhler)
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> Keine Datei
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> Keine Datei
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> Keine Datei
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> Keine Datei
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> Keine Datei
ShellIconOverlayIdentifiers: [EldosIconOverlay-cbfs5] -> {1B916AD7-FB63-41F5-B564-5931F0D120E6} => C:\WINDOWS\system32\cbfsMntNtf5.dll [2014-01-23] (EldoS Corporation)
ShellIconOverlayIdentifiers: [HGE Overlay 0 (Upload)] -> {6AE3859C-AB0D-49EC-A7C2-3631D96C6EE5} => C:\WINDOWS\system32\HGE.ShellExtension.dll [2013-03-18] (Deutsche Telekom AG)
ShellIconOverlayIdentifiers: [HGE Overlay 1 (Transfer)] -> {E4E8FAD2-90BC-41fe-8851-F70EB11E6875} => C:\WINDOWS\system32\HGE.ShellExtension.dll [2013-03-18] (Deutsche Telekom AG)
ShellIconOverlayIdentifiers: [HGE Overlay 2 (Finished)] -> {B9C00A72-09B3-4f53-B8B9-7349D04D65F7} => C:\WINDOWS\system32\HGE.ShellExtension.dll [2013-03-18] (Deutsche Telekom AG)
ShellIconOverlayIdentifiers: [HGE Overlay 3 (Selected)] -> {8F153B5F-6763-4d81-9A78-26CC7750EF2A} => C:\WINDOWS\system32\HGE.ShellExtension.dll [2013-03-18] (Deutsche Telekom AG)
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> Keine Datei
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> Keine Datei
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> Keine Datei
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> Keine Datei
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> Keine Datei
ShellIconOverlayIdentifiers-x32: [EldosIconOverlay-cbfs5] -> {1B916AD7-FB63-41F5-B564-5931F0D120E6} => C:\WINDOWS\SysWOW64\cbfsMntNtf5.dll [2014-01-23] (EldoS Corporation)
ContextMenuHandlers01: [AVG Shredder Shell Extension] -> {4858E7D9-8E12-45a3-B6A3-1CD128C9D403} => C:\Program Files (x86)\AVG\AVG PC TuneUp\SDShelEx-x64.dll [2017-02-21] (AVG Technologies CZ, s.r.o.)
ContextMenuHandlers01: [AVK9CM] -> {CAF4C320-32F5-11D3-A222-004095200FF2} => C:\Program Files (x86)\G DATA\InternetSecurity\AVK\ShellExt64.dll [2017-06-08] (G DATA Software AG)
ContextMenuHandlers01: [HgeContextMenu] -> {62C509D3-D882-4A21-8358-E75DEFF6CB25} => C:\WINDOWS\system32\HGE.ShellExtension.dll [2013-03-18] (Deutsche Telekom AG)
ContextMenuHandlers01: [PicaViewCtxMenuShlExt] -> {F3CBBA61-EE3F-4D6D-B1C6-B3474E579936} => C:\Program Files\Common Files\ACD Systems\PicaView\ACDSeePV.dll [2015-10-08] (ACD Systems International Inc.)
ContextMenuHandlers01: [ShellConverter] -> {30A4E07E-068A-4d91-8F05-691283A1336B} => C:\Program Files (x86)\Common Files\AVSMedia\ActiveX\AVSShellConverter64.dll [2015-04-06] (Online Media Technologies Ltd.)
ContextMenuHandlers03: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-01-20] (Malwarebytes)
ContextMenuHandlers03: [Reisswolf] -> {1F0F1EE7-36B9-11D2-8985-0080ADA96E9B} => C:\Program Files (x86)\G DATA\InternetSecurity\Shredder\Reisswlf64.dll [2017-06-08] (G DATA Software AG)
ContextMenuHandlers04: [AVG Disk Space Explorer Shell Extension] -> {4838CD50-7E5D-4811-9B17-C47A85539F28} => C:\Program Files (x86)\AVG\AVG PC TuneUp\DseShExt-x64.dll [2017-02-21] (AVG Technologies CZ, s.r.o.)
ContextMenuHandlers04: [AVG Shredder Shell Extension] -> {4858E7D9-8E12-45a3-B6A3-1CD128C9D403} => C:\Program Files (x86)\AVG\AVG PC TuneUp\SDShelEx-x64.dll [2017-02-21] (AVG Technologies CZ, s.r.o.)
ContextMenuHandlers04: [HgeContextMenu] -> {62C509D3-D882-4A21-8358-E75DEFF6CB25} => C:\WINDOWS\system32\HGE.ShellExtension.dll [2013-03-18] (Deutsche Telekom AG)
ContextMenuHandlers05: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2016-11-14] (NVIDIA Corporation)
ContextMenuHandlers06: [AVK9CM] -> {CAF4C320-32F5-11D3-A222-004095200FF2} => C:\Program Files (x86)\G DATA\InternetSecurity\AVK\ShellExt64.dll [2017-06-08] (G DATA Software AG)
ContextMenuHandlers06: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-01-20] (Malwarebytes)
ContextMenuHandlers06: [Reisswolf] -> {1F0F1EE7-36B9-11D2-8985-0080ADA96E9B} => C:\Program Files (x86)\G DATA\InternetSecurity\Shredder\Reisswlf64.dll [2017-06-08] (G DATA Software AG)
ContextMenuHandlers5_S-1-5-21-2441953047-3725558795-4123501198-1001: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => -> Keine Datei
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {07458051-D8AB-43BD-ACF2-D44E84A67815} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {09392749-0A12-4DCF-ABD4-5D6F5F2AADC6} - System32\Tasks\{0B247F87-A701-4440-9339-F1875EE95FCD} => C:\Windows\system32\pcalua.exe -a D:\CEP_2.0_Complete_Win_DE.exe -d D:\
Task: {0A0AD880-9540-47F7-91AD-76FF1026E894} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {0A0DDAB3-802E-4F77-8371-476DABB16F4A} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {0A2A53DA-24DA-460A-91AC-AF521E86EF60} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {11DAABBF-5D98-470B-ADB7-F51F117032FB} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {1388E89C-D4FD-41EF-A194-A4AE588C4D8A} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-04-25] (Adobe Systems Incorporated)
Task: {15F6C957-E06F-4550-A456-686F4F28C4AC} - System32\Tasks\AVGPCTuneUp_Task_BkGndMaintenance => C:\Program Files (x86)\AVG\AVG PC TuneUp\tuscanx.exe [2017-02-21] (AVG Technologies CZ, s.r.o.)
Task: {1C6BF7D0-4B35-4FD7-993D-F665DF4E3960} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\WINDOWS\ehome\ehrec.exe
Task: {400CA01C-1EEA-46AE-BE53-2E7A986C8F90} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\WINDOWS\ehome\ehrec.exe
Task: {41174F5C-DB56-441D-83CA-CF51200087AD} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {411B0972-E529-4F89-A24B-103E41E1BBC5} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {4A1EE791-9499-4969-B4EF-60F39984A9D6} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {4AF8A682-BEC1-4A52-A250-61D78829CFF0} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {4F0A61A4-655B-47E3-8AD6-74E41B74C724} - System32\Tasks\{E0A07D66-864F-44B4-8DEF-5754405773DE} => C:\Windows\system32\pcalua.exe -a C:\Users\Siggi\Downloads\MDVS51LE_SR1(1).exe -d C:\Users\Siggi\Downloads
Task: {58407670-E10E-43E6-BAFE-D8287E6AC0CA} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {5ABD9620-FE0E-4F0F-A46B-0C2A9B642C8C} - System32\Tasks\Java Platform SE Auto Updater => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2017-03-15] (Oracle Corporation)
Task: {6968DAEA-E639-4D3B-A1C7-1ED4C05E2971} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {6A245795-611F-4EA0-B3FA-715A0FC9ED0D} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\WINDOWS\ehome\mcupdate.exe
Task: {71BDCFF0-8A63-4C94-BCB7-B7439D012E74} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {7927F907-FDEA-4513-A758-49F1F3730B1C} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2008-07-30] (Apple Inc.)
Task: {7D35FDE0-0A71-4D47-B255-F4396AA2B062} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {812B89ED-7B35-4A10-8AFA-5A6C4F3D8532} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {884B76E2-D343-404E-83CB-16F6B2AF8317} - System32\Tasks\OneDrive Standalone Update Task => C:\Users\Siggi\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\OneDriveStandaloneUpdater.exe
Task: {8EF2BC47-6A7B-4D41-BF41-E4830B00800F} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {92ADAB95-CA69-4BFF-9CFB-779A442B291F} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-06-17] (Adobe Systems Incorporated)
Task: {931AA313-0CB9-47E4-AB4D-BA55394CBB99} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {9624B254-4386-4A7A-A8FE-EE2961A19647} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {9D71E7E4-4BFC-4F4F-9205-FBD50E471BF5} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\WINDOWS\ehome\mcupdate.exe
Task: {A237C3FE-C1FE-4F33-8681-662ABB0B583E} - System32\Tasks\{1A1FA7F6-1890-4D31-8874-9602DACB72B0} => D:\CEP_2.0_Complete_Win_DE.exe
Task: {A29B961A-C7B5-42F8-B13F-AE49A4BD9DBA} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {AEA72503-E0CA-4153-B295-ACF3D1B7123D} - System32\Tasks\{3F9514FB-C8A3-49B9-8A8F-02E9AF1A6DBE} => C:\Windows\system32\pcalua.exe -a G:\unetbootin-windows-608\unetbootin-windows-608.exe -d G:\unetbootin-windows-608
Task: {B4B4AB71-2A43-4550-8807-3F79D36FBFFD} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {BC32F5C5-572A-4A21-8C37-B1837E79C55B} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\WINDOWS\ehome\MCUpdate.exe
Task: {C4B9A9D6-1D56-4A0D-89DD-E327BA7DC51B} - System32\Tasks\SidebarExecute => C:\Program Files (x86)\Windows Sidebar\sidebar.exe [2013-10-02] (Microsoft Corporation)
Task: {DBC6E009-CDE7-4E3E-A9F9-7B6ADC3C59DA} - System32\Tasks\AVG EUpdate Task => avgsetupx.exe
Task: {E44F740D-679D-42A1-AA32-FDE297A2A779} - System32\Tasks\AdobeAAMUpdater-1.0-Siggi-PC-Siggi => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2013-06-03] (Adobe Systems Incorporated)
Task: {E510889C-EC05-4A83-987A-BCFAF6994150} - System32\Tasks\{C3EE8CFC-80D2-4565-BF7E-C332DE34E4F2} => D:\CEP_2.0_Complete_Win_DE.exe
Task: {E6B2E88C-6B9F-42CD-B1DE-584AE4243094} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {EB5EDA2A-6003-46DE-8489-8E22A06BF3DD} - System32\Tasks\{89F4780C-152F-4B56-871F-DA7F8D01A46F} => C:\Windows\system32\pcalua.exe -a H:\SetupOnlineBankingPlus(1).exe -d H:\
Task: {F8A75EC6-71B0-4756-8834-97A95DDB4518} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_26_0_0_131_pepper.exe [2017-06-17] (Adobe Systems Incorporated)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
==================== Verknüpfungen & WMI ========================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
Shortcut: C:\Users\Siggi\Favorites\Downloadseite von NCH Software.lnk -> hxxp://www.nchsoftware.com/de/index.htm
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2016-07-16 13:42 - 2016-07-16 13:42 - 00231424 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2017-07-12 11:53 - 2017-06-21 09:48 - 02681200 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2016-09-25 10:23 - 2016-11-14 13:15 - 00135224 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2017-06-08 05:54 - 2017-06-08 05:54 - 00554984 _____ () C:\Program Files (x86)\Common Files\G Data\AVKProxy\PktIcpt2x64.dll
2016-09-26 12:28 - 2016-09-07 06:56 - 00134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll
2017-03-14 21:39 - 2017-03-04 08:31 - 00474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll
2017-04-07 14:14 - 2017-04-15 09:06 - 02271520 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\PoliciesControllerImpl.dll
2013-11-30 20:54 - 2013-11-30 20:54 - 00067072 _____ () C:\Program Files (x86)\stunnel\bin\ZLIB1.dll
2016-05-03 19:26 - 2016-05-03 19:26 - 00024064 _____ () C:\Program Files (x86)\stunnel\engines\capi.dll
2016-12-02 19:27 - 2016-12-02 19:26 - 48920064 _____ () C:\Program Files (x86)\AVG\UiDll\2623\libcef.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
AlternateDataStreams: C:\ProgramData:BDSDRMHK [64]
AlternateDataStreams: C:\WINDOWS:nlsPreferences [0]
AlternateDataStreams: C:\Users\All Users:BDSDRMHK [64]
AlternateDataStreams: C:\ProgramData\Anwendungsdaten:BDSDRMHK [64]
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2015-10-30 09:24 - 2016-10-29 17:59 - 00000824 _____ C:\WINDOWS\system32\Drivers\etc\hosts
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-2441953047-3725558795-4123501198-1001\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\theme1\img13.jpg
DNS Servers: 192.168.2.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
mpsdrv => Firewall Dienst läuft nicht.
MpsSvc => Firewall Dienst läuft nicht.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
MSCONFIG\Services: AdobeActiveFileMonitor10.0 => 2
MSCONFIG\Services: AdobeActiveFileMonitor12.0 => 2
MSCONFIG\Services: AdobeARMservice => 2
MSCONFIG\Services: ehRecvr => 2
MSCONFIG\Services: ehSched => 2
MSCONFIG\Services: Fax => 3
MSCONFIG\Services: gupdate => 2
MSCONFIG\Services: gupdatem => 3
MSCONFIG\Services: HauppaugeTVServer => 2
MSCONFIG\Services: MpsSvc => 2
MSCONFIG\Services: TeamViewer9 => 2
MSCONFIG\Services: WinDefend => 2
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^ComproRemote.lnk => C:\Windows\pss\ComproRemote.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^ComproSchedulerDTV.lnk => C:\Windows\pss\ComproSchedulerDTV.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Server4PC.lnk => C:\Windows\pss\Server4PC.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^Siggi^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^EOS Utility.lnk => C:\Windows\pss\EOS Utility.lnk.Startup
MSCONFIG\startupfolder: C:^Users^Siggi^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^simplicheck.lnk => C:\Windows\pss\simplicheck.lnk.Startup
MSCONFIG\startupfolder: C:^Users^Siggi^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^WeatherLink 6.0.3.exe.lnk => C:\Windows\pss\WeatherLink 6.0.3.exe.lnk.Startup
MSCONFIG\startupreg: ACDSeeCommander19 => C:\Program Files (x86)\ACD Systems\ACDSee\19.0\ACDSeeCommander19.exe
MSCONFIG\startupreg: ACSW17DE => "G:\Program Files (x86)\ACDSee\17.0\acdIDInTouch2.exe"
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
MSCONFIG\startupreg: CAHeadless => F:\Program Files (x86)\Adobe\Elements 12 Organizer\CAHeadless\ElementsAutoAnalyzer.exe
MSCONFIG\startupreg: CCleaner Monitoring => "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
MSCONFIG\startupreg: Corel File Shell Monitor => G:\Program Files (x86)\Corel\Corel Paint Shop Pro Photo X2\CorelIOMonitor.exe
MSCONFIG\startupreg: Corel Photo Downloader => "C:\Program Files (x86)\Common Files\Corel\Corel PhotoDownloader\Corel Photo Downloader.exe" -startup
MSCONFIG\startupreg: LWS => C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe -hide
MSCONFIG\startupreg: NvBackend => "C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
MSCONFIG\startupreg: PMBVolumeWatcher => C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe /SysAutoRun
MSCONFIG\startupreg: ProgLauncher => G:\Program Files\ProgDVB\ProgLauncher.exe
HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run: => "WindowsDefender"
HKLM\...\StartupApproved\Run: => "ACPW07DE"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKU\S-1-5-21-2441953047-3725558795-4123501198-1001\...\StartupApproved\StartupFolder: => "Z Cinema.lnk"
HKU\S-1-5-21-2441953047-3725558795-4123501198-1001\...\StartupApproved\StartupFolder: => "Telekom Hosting Manager.lnk"
HKU\S-1-5-21-2441953047-3725558795-4123501198-1001\...\StartupApproved\StartupFolder: => "Sidebar520.lnk"
HKU\S-1-5-21-2441953047-3725558795-4123501198-1001\...\StartupApproved\StartupFolder: => "OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk"
HKU\S-1-5-21-2441953047-3725558795-4123501198-1001\...\StartupApproved\StartupFolder: => "EOS Utility.lnk"
HKU\S-1-5-21-2441953047-3725558795-4123501198-1001\...\StartupApproved\StartupFolder: => "Sidebar265.lnk"
HKU\S-1-5-21-2441953047-3725558795-4123501198-1001\...\StartupApproved\Run: => "CCleaner Monitoring"
HKU\S-1-5-21-2441953047-3725558795-4123501198-1001\...\StartupApproved\Run: => "ACDSeeCommander19"
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [{A25CBC86-965E-43CD-BFF1-857E2EDC6C11}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{C35471EF-00D1-4793-B648-0DF6CFFCEBFD}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{3A30E356-37D5-4FCD-B7E9-937897D579CB}] => (Allow) G:\Program Files (x86)\WinTV\WinTV7\WinTV7.exe
FirewallRules: [{0D5D93A8-DC21-4642-8F2A-5131835A1419}] => (Allow) G:\Program Files (x86)\WinTV\WinTV7\WinTV7.exe
FirewallRules: [{323568BB-4FC9-498D-A020-4EDD2D2E7BC0}] => (Allow) G:\Program Files (x86)\WinTV\WinTV7\WinTV7.exe
FirewallRules: [{7F2C76AA-475E-4BE4-97E4-74EDEAA8E24B}] => (Allow) G:\Program Files (x86)\WinTV\WinTV7\WinTV7.exe
FirewallRules: [{06E7D0CC-172C-48C8-94A7-472EC1C6AFEC}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{34E2A8D4-9B0D-4C1A-B945-7E15AE933436}] => (Allow) G:\Program Files (x86)\Audials\Audials 10\Audials.exe
FirewallRules: [{EEE8F83A-2431-4D90-B303-2C86114D8FE5}] => (Allow) LPort=12972
FirewallRules: [{28C2F037-B922-487F-99C4-3182B8E32641}] => (Allow) LPort=14714
FirewallRules: [{00697237-A114-44B6-BBD0-FE6E2603E836}] => (Allow) LPort=31931
FirewallRules: [{C1C4D3F1-D8A3-442C-8DFE-0C85ABA4C129}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{988CE59E-9A1E-4E8B-BD06-5B8A6FB06DFF}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{3243F948-64DE-4B1F-8FC5-DFD155D37CED}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{81F4CEE6-D3C5-402D-9315-7307B09AB7B0}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{0ED700D8-6ECE-4A06-9DA6-DD066C6BBA7D}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{320EA1FD-8BB0-48DC-A1E4-D74E6155A4E9}] => (Allow) LPort=2869
FirewallRules: [{731AE74B-DC32-47D9-B782-6E8E6EE210D8}] => (Allow) LPort=1900
==================== Wiederherstellungspunkte =========================
16-07-2017 19:00:16 Windows-Sicherung
20-07-2017 07:47:59 Removed Visual Studio 2012 x64 Redistributables
Überprüfen Sie den "winmgmt" Dienst oder reparieren Sie den WMI.
==================== Fehlerhafte Geräte im Gerätemanager =============
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (07/20/2017 09:32:52 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Siggi-PC)
Description: Bei der Aktivierung der App „Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI“ ist folgender Fehler aufgetreten: -2147024894. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
Error: (07/20/2017 09:32:50 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Siggi-PC)
Description: Bei der Aktivierung der App „Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI“ ist folgender Fehler aufgetreten: -2147024894. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
Error: (07/20/2017 09:32:48 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Siggi-PC)
Description: Bei der Aktivierung der App „Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI“ ist folgender Fehler aufgetreten: -2147024894. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
Error: (07/20/2017 09:32:46 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Siggi-PC)
Description: Bei der Aktivierung der App „Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI“ ist folgender Fehler aufgetreten: -2147024894. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
Error: (07/20/2017 09:32:40 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Siggi-PC)
Description: Bei der Aktivierung der App „Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI“ ist folgender Fehler aufgetreten: -2147024894. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
Error: (07/20/2017 09:32:40 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Siggi-PC)
Description: Bei der Aktivierung der App „Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI“ ist folgender Fehler aufgetreten: -2147024894. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
Error: (07/20/2017 09:32:08 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Siggi-PC)
Description: Bei der Aktivierung der App „Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI“ ist folgender Fehler aufgetreten: -2147024894. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
Error: (07/20/2017 09:18:27 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Siggi-PC)
Description: Bei der Aktivierung der App „Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI“ ist folgender Fehler aufgetreten: -2147024894. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
Error: (07/20/2017 09:17:08 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Siggi-PC)
Description: Bei der Aktivierung der App „Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI“ ist folgender Fehler aufgetreten: -2147024894. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
Error: (07/20/2017 09:09:32 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Siggi-PC)
Description: Bei der Aktivierung der App „Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI“ ist folgender Fehler aufgetreten: -2147024894. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
Systemfehler:
=============
Error: (07/20/2017 10:05:09 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80073d0a fehlgeschlagen: Mail and Calendar
Error: (07/20/2017 10:04:56 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80073d0a fehlgeschlagen: OneNote
Error: (07/20/2017 10:04:41 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80073d0a fehlgeschlagen: Windows Calculator
Error: (07/20/2017 10:02:33 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80073d0a fehlgeschlagen: MSN Sports
Error: (07/20/2017 10:01:15 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80073d0a fehlgeschlagen: MSN News
Error: (07/20/2017 10:01:04 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80073d0a fehlgeschlagen: Windows Maps
Error: (07/20/2017 09:59:50 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80073d0a fehlgeschlagen: Get Office
Error: (07/20/2017 09:39:48 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80073d0a fehlgeschlagen: Sway
Error: (07/20/2017 09:37:21 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80073d0a fehlgeschlagen: Xbox Identity Provider
Error: (07/20/2017 09:37:11 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80073d0a fehlgeschlagen: Store
CodeIntegrity:
===================================
Date: 2017-07-13 13:21:49.455
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2017-07-13 13:16:22.209
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\WINDOWS\assembly\GAC\Microsoft.StdFormat\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.StdFormat.dll that did not meet the Microsoft signing level requirements.
Date: 2017-07-13 13:16:22.114
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\WINDOWS\assembly\GAC\ADODB\7.0.3300.0__b03f5f7f11d50a3a\ADODB.dll that did not meet the Microsoft signing level requirements.
Date: 2017-07-13 13:16:22.019
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\WINDOWS\assembly\GAC\MSDATASRC\7.0.3300.0__b03f5f7f11d50a3a\MSDATASRC.dll that did not meet the Microsoft signing level requirements.
Date: 2017-07-13 13:16:21.899
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\WINDOWS\assembly\GAC\Microsoft.StdFormat\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.StdFormat.dll that did not meet the Microsoft signing level requirements.
Date: 2017-07-13 13:16:21.866
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\WINDOWS\assembly\GAC\ADODB\7.0.3300.0__b03f5f7f11d50a3a\ADODB.dll that did not meet the Microsoft signing level requirements.
Date: 2017-07-13 13:16:21.835
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\WINDOWS\assembly\GAC\MSDATASRC\7.0.3300.0__b03f5f7f11d50a3a\MSDATASRC.dll that did not meet the Microsoft signing level requirements.
Date: 2017-07-13 13:16:19.933
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\WINDOWS\assembly\GAC\stdole\7.0.3300.0__b03f5f7f11d50a3a\stdole.dll that did not meet the Microsoft signing level requirements.
Date: 2017-07-13 13:16:19.314
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\WINDOWS\assembly\GAC\stdole\7.0.3300.0__b03f5f7f11d50a3a\stdole.dll that did not meet the Microsoft signing level requirements.
Date: 2017-07-13 13:05:31.446
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\WINDOWS\assembly\GAC\Microsoft.StdFormat\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.StdFormat.dll that did not meet the Microsoft signing level requirements.
==================== Speicherinformationen ===========================
Prozessor: AMD Athlon(tm) 64 X2 Dual Core Processor 5200+
Prozentuale Nutzung des RAM: 69%
Installierter physikalischer RAM: 4095.3 MB
Verfügbarer physikalischer RAM: 1244.46 MB
Summe virtueller Speicher: 8191.3 MB
Verfügbarer virtueller Speicher: 4245.93 MB
==================== Laufwerke ================================
Drive c: (OS) (Fixed) (Total:930.96 GB) (Free:824.97 GB) NTFS
Drive g: (DATA) (Fixed) (Total:298.02 GB) (Free:37.05 GB) FAT32
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 0BE5E7CA)
Partition 1: (Active) - (Size=102 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=931 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=450 MB) - (Type=27)
========================================================
Disk: 1 (MBR Code: Windows XP) (Size: 298.1 GB) (Disk ID: 2AA4DA24)
Partition 1: (Not Active) - (Size=298.1 GB) - (Type=0C)
==================== Ende von Addition.txt ============================
Vielen Dank bis jetzt von meinem Vater. Müsste noch was gemacht werden? |
|
21.07.2017, 23:44
| #12 |
| /// TB-Ausbilder | Malwarebytes zeigt Funde an auf PC vom Vater Servus, AdwCleaner bitte nochmal, die Datenbank war veraltet. Dann noch FRST bitte. |
|
22.07.2017, 09:17
| #13 |
| | Malwarebytes zeigt Funde an auf PC vom Vater hab den addwarecleaner nochmal komplett deinstalliert und geshreddert, jetzt nochmal neu gedownloadet. der hat auch Aktualisierung Datenbank angezeigt. hier das Ergebnis: Code:
ATTFilter # AdwCleaner 7.0.0.0 - Logfile created on Sat Jul 22 07:59:43 2017
# Updated on 2017/17/07 by Malwarebytes
# Running on Windows 10 Pro (X64)
# Mode: clean
# Support: https://www.malwarebytes.com/support
***** [ Services ] *****
No malicious services deleted.
***** [ Folders ] *****
No malicious folders deleted.
***** [ Files ] *****
No malicious files deleted.
***** [ DLL ] *****
No malicious DLLs cleaned.
***** [ WMI ] *****
No malicious WMI cleaned.
***** [ Shortcuts ] *****
No malicious shortcuts cleaned.
***** [ Tasks ] *****
No malicious tasks deleted.
***** [ Registry ] *****
No malicious registry entries deleted.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries deleted.
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries deleted.
*************************
::Tracing keys deleted
::Winsock settings cleared
::Prefetch files deleted
::Proxy settings cleared
::IE policies deleted
::Chrome policies deleted
::Additional Actions: 0
*************************
C:/AdwCleaner/AdwCleaner[S0].txt - [944 B] - [2017/7/22 7:57:29]
########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt ##########
Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 18-07-2017
durchgeführt von Siggi (Administrator) auf SIGGI-PC (22-07-2017 10:11:25)
Gestartet von C:\Users\Siggi\Desktop
Geladene Profile: Siggi (Verfügbare Profile: Siggi & Administrator & DefaultAppPool)
Platform: Windows 10 Pro Version 1607 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\WINDOWS\System32\nvvsvc.exe
(G DATA Software AG) C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\WINDOWS\System32\nvvsvc.exe
(G Data Software AG) C:\Program Files (x86)\G Data\InternetSecurity\AVK\AVKWCtlx64.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe
(G DATA Software AG) C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe
(Microsoft Corporation) C:\WINDOWS\System32\mqsvc.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe
(Nalpeiron Ltd.) C:\WINDOWS\SysWOW64\nlssrv32.exe
(Protexis Inc.) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
(Michal Trojnara) C:\Program Files (x86)\stunnel\bin\stunnel.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe
(Microsoft Corporation) C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(G Data Software AG) C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFwSvcx64.exe
(Microsoft Corporation) C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesApp64.exe
(G DATA Software AG) C:\Program Files (x86)\G Data\InternetSecurity\Firewall\GDFirewallTray.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avguix.exe
(G DATA Software AG) C:\Program Files (x86)\G Data\InternetSecurity\AVKTray\AVKTray.exe
(G DATA Software AG) C:\Program Files (x86)\Common Files\G Data\AVKProxy\GDKBFltExe32.exe
(Microsoft Corporation) C:\WINDOWS\System32\InstallAgent.exe
(Microsoft Corporation) C:\WINDOWS\System32\InstallAgentUserBroker.exe
(Microsoft Corporation) C:\WINDOWS\System32\smartscreen.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\plugin-container.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(G DATA Software AG) C:\Program Files (x86)\Common Files\G Data\AVKProxy\GDKBFltSur64.exe
(Microsoft Corporation) C:\WINDOWS\System32\dllhost.exe
==================== Registry (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [472984 2013-06-03] (Adobe Systems Incorporated)
HKLM\...\Run: [ACPW07DE] => C:\Program Files\ACD Systems\ACDSee Pro\7.0\acdIDInTouch2.exe [2076616 2016-04-15] (ACD Systems)
HKLM-x32\...\Run: [G Data ASM] => C:\Program Files (x86)\G DATA\InternetSecurity\DelayLoader\AutorunDelayLoader.exe [442856 2017-06-08] (G DATA Software AG)
HKLM-x32\...\Run: [AvgUi] => C:\Program Files (x86)\AVG\Framework\Common\avguirna.exe [240400 2016-12-06] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2017-03-15] (Oracle Corporation)
HKLM\...\Winlogon: [Userinit] C:\Windows\System32\userinit.exe,,
HKU\S-1-5-21-2441953047-3725558795-4123501198-1001\...\Run: [ACDSeeCommander19] => C:\Program Files (x86)\ACD Systems\ACDSee\19.0\ACDSeeCommander19.exe [2956472 2016-07-22] ()
IFEO: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\AcroRd32.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\adobe air application installer.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\consumer_cpl.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\excel.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\hostingmanager.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\msoxmled.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\mstore.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\offdiag.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\ois.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\onenote.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\onenotem.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\powerpnt.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\prefutil.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\winword.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
SSODL: EldosMountNotificator-cbfs5 - {36E77381-D390-4622-B570-E6BB8BE669A9} - C:\WINDOWS\system32\cbfsMntNtf5.dll (EldoS Corporation)
SSODL-x32: EldosMountNotificator-cbfs5 - {36E77381-D390-4622-B570-E6BB8BE669A9} - C:\WINDOWS\SysWOW64\cbfsMntNtf5.dll (EldoS Corporation)
Startup: C:\Users\Siggi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\EOS Utility.lnk [2017-07-20]
ShortcutTarget: EOS Utility.lnk -> C:\Program Files (x86)\Canon\EOS Utility\EOS Utility.exe (Canon INC.)
Startup: C:\Users\Siggi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk [2017-07-20]
ShortcutTarget: OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk -> G:\Program Files (x86)\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)
Startup: C:\Users\Siggi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Telekom Hosting Manager.lnk [2017-04-20]
ShortcutTarget: Telekom Hosting Manager.lnk -> C:\Program Files\Telekom\Telekom Hosting Manager\HostingManager.exe (Deutsche Telekom AG)
Startup: C:\Users\Siggi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Z Cinema.lnk [2016-07-22]
ShortcutTarget: Z Cinema.lnk -> C:\Users\Siggi\AppData\Roaming\Microsoft\Installer\{6E166235-49F3-4DFA-A102-1E86675ABD11}\StartupShortcut_6E16623549F34DFAA1021E86675ABD11.exe (Macrovision Corporation)
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{08536f8b-cf5c-4c23-bc90-f5eafdf61c54}: [DhcpNameServer] 0.0.0.0
Tcpip\..\Interfaces\{354f3174-9170-4742-9093-966c7b43f1ab}: [DhcpNameServer] 0.0.0.0
Tcpip\..\Interfaces\{D201511E-653C-4065-91AE-A347124A873B}: [DhcpNameServer] 0.0.0.0
Tcpip\..\Interfaces\{e51692d9-6dc9-4d89-a023-d55cd16e0531}: [DhcpNameServer] 192.168.2.1
Internet Explorer:
==================
HKU\S-1-5-21-2441953047-3725558795-4123501198-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://de.yahoo.com/?fr=yset_ie_syc_oracle&type=orcl_hpset
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2441953047-3725558795-4123501198-1001 -> {445BC4F7-F1D0-43F9-BF31-C8479D85BF02} URL = hxxp://go.web.de/tb/ie_searchplugin/?q={searchTerms}&enc=UTF-8
SearchScopes: HKU\S-1-5-21-2441953047-3725558795-4123501198-1001 -> {769E16E6-6B87-4EF3-9691-15AD1A84707D} URL = hxxp://go.1und1.de/tb/ie_searchplugin/?q={searchTerms}&enc=UTF-8
SearchScopes: HKU\S-1-5-21-2441953047-3725558795-4123501198-1001 -> {AE63A9B2-5258-45B6-9416-143F95A601F6} URL = hxxp://go.gmx.de/tb/ie_searchplugin/?q={searchTerms}&enc=UTF-8
SearchScopes: HKU\S-1-5-21-2441953047-3725558795-4123501198-1001 -> {DADBACC7-BC79-4803-9936-645B4E9A55AB} URL = hxxp://go.mail.com/tb/en-us/ie_searchplugin/?q={searchTerms}&enc=UTF-8
SearchScopes: HKU\S-1-5-21-2441953047-3725558795-4123501198-1001 -> {FE795473-12B7-4B26-9A36-8DA743D61DD9} URL = hxxps://de.search.yahoo.com/search?p={searchTerms}&intl=de&fr=yset_ie_syc_oracle&type=orcl_default&partnerexternal-oracle=external-oracle
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_131\bin\ssv.dll [2017-05-21] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_131\bin\jp2ssv.dll [2017-05-21] (Oracle Corporation)
FireFox:
========
FF DefaultProfile: lvuepr2z.default-1493229345721
FF ProfilePath: C:\Users\Siggi\AppData\Roaming\Mozilla\Firefox\Profiles\lvuepr2z.default-1493229345721 [2017-07-22]
FF Homepage: Mozilla\Firefox\Profiles\lvuepr2z.default-1493229345721 -> hxxp://www.siggi-hasenthal.de/
FF NetworkProxy: Mozilla\Firefox\Profiles\lvuepr2z.default-1493229345721 -> type", 0
FF Extension: (ProxTube) - C:\Users\Siggi\AppData\Roaming\Mozilla\Firefox\Profiles\lvuepr2z.default-1493229345721\Extensions\ich@maltegoetz.de.xpi [2017-07-21]
FF Extension: (Adblock Plus) - C:\Users\Siggi\AppData\Roaming\Mozilla\Firefox\Profiles\lvuepr2z.default-1493229345721\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2017-06-08]
FF HKU\S-1-5-21-2441953047-3725558795-4123501198-1001\...\Firefox\Extensions: [cliqz@cliqz.com] - C:\Users\Siggi\AppData\Roaming\Mozilla\Firefox\Profiles\wioilx3e.default\extensions\cliqz@cliqz.com => nicht gefunden
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_26_0_0_131.dll [2017-06-17] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin: @wacom.com/wtPlugin,version=2.1.0.7 -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom)
FF Plugin: wacom.com/WacomTabletPlugin -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_26_0_0_131.dll [2017-06-17] ()
FF Plugin-x32: @java.com/DTPlugin,version=11.131.2 -> C:\Program Files (x86)\Java\jre1.8.0_131\bin\dtplugin\npDeployJava1.dll [2017-05-21] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.131.2 -> C:\Program Files (x86)\Java\jre1.8.0_131\bin\plugin2\npjp2.dll [2017-05-21] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll [2010-04-26] (Microsoft Corp.)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2016-11-14] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2016-11-14] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-05-23] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-05-23] (Google Inc.)
FF Plugin-x32: @wacom.com/wtPlugin,version=2.1.0.7 -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2016-12-17] (Adobe Systems Inc.)
FF Plugin-x32: wacom.com/WacomTabletPlugin -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom)
Chrome:
=======
CHR DefaultProfile: Default
CHR StartupUrls: Default -> "hxxp://www.siggi-hasenthal.de/"
CHR DefaultSearchURL: Default -> hxxps://de.search.yahoo.com/search?p={searchTerms}&fr=yset_chr_syc_oracle&type=default
CHR DefaultSearchKeyword: Default -> Yahoo
CHR DefaultSuggestURL: Default -> hxxps://de.search.yahoo.com/sugg/ie?output=fxjson&command={searchTerms}&nResults=10
CHR Profile: C:\Users\Siggi\AppData\Local\Google\Chrome\User Data\Default [2017-07-22]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Siggi\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-04-15]
CHR Extension: (Chrome Media Router) - C:\Users\Siggi\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-07-21]
CHR HKLM-x32\...\Chrome\Extension: [ibbfklbaljofpaanmpaeadejijfdddco] - hxxps://clients2.google.com/service/update2/crx
==================== Dienste (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 avgsvc; C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe [1146128 2016-12-06] (AVG Technologies CZ, s.r.o.)
R2 AVKProxy; C:\Program Files (x86)\Common Files\G Data\AVKProxy\AVKProxy.exe [5017224 2017-06-23] (G DATA Software AG)
R2 AVKWCtl; C:\Program Files (x86)\G DATA\InternetSecurity\AVK\AVKWCtlx64.exe [3328112 2017-06-08] (G Data Software AG)
S3 GDBackupSvc; C:\Program Files (x86)\G DATA\InternetSecurity\AVKBackup\AVKBackupService.exe [3997160 2017-06-23] (G DATA Software AG)
R3 GDFwSvc; C:\Program Files (x86)\G DATA\InternetSecurity\Firewall\GDFwSvcx64.exe [3419552 2017-06-08] (G Data Software AG)
R3 GDScan; C:\Program Files (x86)\Common Files\G Data\GDScan\GDScan.exe [884328 2017-06-08] (G DATA Software AG)
S4 HGESVR; C:\Program Files\Telekom\Telekom Hosting Manager\HGE.Service.exe [18232 2013-03-18] (Deutsche Telekom AG)
S3 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [4355024 2017-01-20] (Malwarebytes)
R2 nlsX86cc; C:\Windows\SysWOW64\nlssrv32.exe [66560 2011-09-22] (Nalpeiron Ltd.) [Datei ist nicht signiert]
R2 PMBDeviceInfoProvider; C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe [506960 2015-12-26] (Sony Corporation)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [2889896 2016-09-15] (Microsoft Corporation)
R2 stunnel; C:\Program Files (x86)\stunnel\bin\stunnel.exe [200192 2016-07-17] (Michal Trojnara) [Datei ist nicht signiert]
S4 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [10883824 2017-03-17] (TeamViewer GmbH)
R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe [5906704 2017-02-21] (AVG Technologies CZ, s.r.o.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347320 2017-04-28] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103712 2017-04-28] (Microsoft Corporation)
S4 WTabletServiceCon; C:\Program Files\Tablet\Pen\WTabletServiceCon.exe [656664 2014-08-19] (Wacom Technology, Corp.)
===================== Treiber (Nicht auf der Ausnahmeliste) ======================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
S3 anvsnddrv; C:\WINDOWS\system32\drivers\anvsnddrv.sys [33872 2012-05-17] (AnvSoft Inc.)
R1 cbfs5; C:\WINDOWS\system32\drivers\cbfs5.sys [416448 2014-01-23] (EldoS Corporation)
S3 flex1500; C:\WINDOWS\System32\drivers\flex1500.sys [265312 2012-11-29] (Jungo)
S3 flex1500; C:\Windows\SysWOW64\drivers\flex1500.sys [265312 2012-11-29] (Jungo)
R0 GDBehave; C:\WINDOWS\System32\drivers\GDBehave.sys [200728 2017-07-20] (G Data Software AG)
S0 GDElam; C:\WINDOWS\System32\DRIVERS\GDElam.sys [117904 2017-02-20] (G Data Software AG)
R3 GDKBB; C:\WINDOWS\system32\drivers\GDKBB64.sys [46104 2017-07-20] (G Data Software AG)
R3 GDKBFlt; C:\WINDOWS\system32\drivers\GDKBFlt64.sys [38984 2017-07-20] (G DATA Software AG)
R1 GDMnIcpt; C:\WINDOWS\system32\drivers\MiniIcpt.sys [309784 2017-07-20] (G Data Software AG)
R3 GDPkIcpt; C:\WINDOWS\system32\drivers\PktIcpt.sys [162328 2017-07-20] (G Data Software AG)
R1 gdwfpcd; C:\WINDOWS\System32\drivers\gdwfpcd64.sys [86584 2017-07-20] (G DATA Software AG)
S3 GRD; C:\WINDOWS\system32\drivers\GRD.sys [125640 2017-07-20] (G Data Software)
R1 HookCentre; C:\WINDOWS\system32\drivers\HookCentre.sys [157720 2017-07-20] (G Data Software AG)
S3 libusb0; C:\WINDOWS\System32\DRIVERS\libusb0.sys [52832 2014-08-25] (hxxp://libusb-win32.sourceforge.net)
S3 libusbK; C:\WINDOWS\System32\DRIVERS\libusbK.sys [47200 2014-08-25] (hxxp://libusb-win32.sourceforge.net)
R0 MBAMSwissArmy; C:\WINDOWS\System32\drivers\MBAMSwissArmy.sys [251832 2017-07-20] (Malwarebytes)
S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
R0 PxHlpa64; C:\WINDOWS\System32\Drivers\PxHlpa64.sys [56336 2013-07-19] (Corel Corporation)
R1 RrNetCapFilterDriver; C:\WINDOWS\system32\DRIVERS\RrNetCapFilterDriver.sys [34608 2017-01-25] (Audials AG)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [589824 2016-07-16] (Realtek )
S3 SKYNET; C:\WINDOWS\System32\drivers\SkyNET_AMD64.SYS [617048 2010-05-10] (TechniSat Digital, S.A.)
R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesDriver64.sys [32304 2016-06-01] (AVG Netherlands B.V.)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)
R3 ZCinema_TSHD_x64; C:\WINDOWS\system32\drivers\ZCinema_SRS_amd64.sys [21648 2007-08-22] (SRS Labs, Inc.)
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2017-07-22 09:52 - 2017-07-22 09:59 - 00000000 ____D C:\AdwCleaner
2017-07-22 09:52 - 2017-07-22 09:52 - 08162248 _____ (Malwarebytes) C:\Users\Siggi\Desktop\adwcleaner_7.0.0.0.exe
2017-07-21 07:26 - 2017-07-21 07:26 - 00005352 _____ C:\TDSSKiller.3.1.0.15_21.07.2017_07.26.30_log.txt
2017-07-20 22:03 - 2017-07-20 22:03 - 00001235 _____ C:\Users\Siggi\Desktop\malware.txt
2017-07-20 20:57 - 2017-07-20 21:07 - 00005352 _____ C:\TDSSKiller.3.1.0.15_20.07.2017_20.57.22_log.txt
2017-07-20 20:45 - 2017-07-20 20:55 - 00275474 _____ C:\TDSSKiller.3.1.0.15_20.07.2017_20.45.50_log.txt
2017-07-20 20:45 - 2017-07-20 20:45 - 04922400 _____ (AO Kaspersky Lab) C:\Users\Siggi\Desktop\tdsskiller.exe
2017-07-20 17:10 - 2017-07-20 17:36 - 00000000 ____D C:\Users\Siggi\Desktop\2017_07_20
2017-07-20 14:07 - 2017-07-20 14:07 - 00125640 _____ (G Data Software) C:\WINDOWS\system32\Drivers\GRD.sys
2017-07-20 14:07 - 2017-07-20 14:07 - 00037544 _____ (G DATA Software) C:\WINDOWS\system32\Drivers\GdPhyMem.sys
2017-07-20 08:13 - 2017-07-20 08:13 - 00002133 _____ C:\Users\Public\Desktop\G DATA INTERNET SECURITY.lnk
2017-07-20 08:13 - 2017-07-20 08:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\G DATA INTERNET SECURITY
2017-07-20 08:12 - 2017-07-20 08:12 - 00086584 _____ (G DATA Software AG) C:\WINDOWS\system32\Drivers\gdwfpcd64.sys
2017-07-20 08:12 - 2017-07-20 08:12 - 00046104 _____ (G Data Software AG) C:\WINDOWS\system32\Drivers\GDKBB64.sys
2017-07-20 08:12 - 2017-07-20 08:12 - 00038984 _____ (G DATA Software AG) C:\WINDOWS\system32\Drivers\GDKBFlt64.sys
2017-07-20 08:10 - 2017-07-20 08:10 - 00309784 _____ (G Data Software AG) C:\WINDOWS\system32\Drivers\MiniIcpt.sys
2017-07-20 08:10 - 2017-07-20 08:10 - 00200728 _____ (G Data Software AG) C:\WINDOWS\system32\Drivers\GDBehave.sys
2017-07-20 08:10 - 2017-07-20 08:10 - 00162328 _____ (G Data Software AG) C:\WINDOWS\system32\Drivers\PktIcpt.sys
2017-07-20 08:10 - 2017-07-20 08:10 - 00157720 _____ (G Data Software AG) C:\WINDOWS\system32\Drivers\HookCentre.sys
2017-07-20 07:31 - 2017-07-20 07:32 - 14890128 _____ (G DATA Software AG) C:\Users\Siggi\Downloads\GDATA_INTERNETSECURITY_WEB_WEU.exe
2017-07-19 10:57 - 2017-07-22 10:12 - 00019230 _____ C:\Users\Siggi\Desktop\FRST.txt
2017-07-19 10:55 - 2017-07-19 10:56 - 02382336 _____ (Farbar) C:\Users\Siggi\Desktop\FRST64.exe
2017-07-19 10:54 - 2017-07-19 10:54 - 02382336 _____ (Farbar) C:\Users\Siggi\Downloads\FRST64.exe
2017-07-19 10:52 - 2017-07-19 10:52 - 00003142 _____ C:\Users\Siggi\Desktop\malwarebytes.txt
2017-07-12 11:55 - 2017-07-07 09:29 - 05686272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2017-07-12 11:55 - 2017-07-07 08:54 - 02997248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2017-07-12 11:55 - 2017-07-07 08:53 - 02483200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2017-07-12 11:55 - 2017-07-07 08:52 - 01599488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2017-07-12 11:55 - 2017-06-21 09:28 - 01504056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2017-07-12 11:55 - 2017-06-21 09:27 - 01431232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2017-07-12 11:55 - 2017-06-21 09:27 - 00116576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudExperienceHostCommon.dll
2017-07-12 11:55 - 2017-06-21 09:01 - 00141824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Radios.dll
2017-07-12 11:55 - 2017-06-21 09:00 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDeviceRegistration.dll
2017-07-12 11:55 - 2017-06-21 08:59 - 00285184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.BlockedShutdown.dll
2017-07-12 11:55 - 2017-06-21 08:59 - 00123904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.HostName.dll
2017-07-12 11:55 - 2017-06-21 08:58 - 00129024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.SerialCommunication.dll
2017-07-12 11:55 - 2017-06-21 08:58 - 00094208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryClient.dll
2017-07-12 11:55 - 2017-06-21 08:58 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.ServiceDiscovery.Dnssd.dll
2017-07-12 11:55 - 2017-06-21 08:56 - 00374784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.LowLevel.dll
2017-07-12 11:55 - 2017-06-21 08:56 - 00315904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Gaming.XboxLive.Storage.dll
2017-07-12 11:55 - 2017-06-21 08:56 - 00237056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SyncSettings.dll
2017-07-12 11:55 - 2017-06-21 08:56 - 00231936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.LockScreen.dll
2017-07-12 11:55 - 2017-06-21 08:56 - 00180224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
2017-07-12 11:55 - 2017-06-21 08:56 - 00113152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Lights.dll
2017-07-12 11:55 - 2017-06-21 08:55 - 00557568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll
2017-07-12 11:55 - 2017-06-21 08:55 - 00117760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AuthBroker.dll
2017-07-12 11:55 - 2017-06-21 08:55 - 00115712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Core.dll
2017-07-12 11:55 - 2017-06-21 08:54 - 00609280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Import.dll
2017-07-12 11:55 - 2017-06-21 08:54 - 00298496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2017-07-12 11:55 - 2017-06-21 08:54 - 00223232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgentUserBroker.exe
2017-07-12 11:55 - 2017-06-21 08:53 - 00431616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\efswrt.dll
2017-07-12 11:55 - 2017-06-21 08:53 - 00332288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Bluetooth.dll
2017-07-12 11:55 - 2017-06-21 08:53 - 00284672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apprepsync.dll
2017-07-12 11:55 - 2017-06-21 08:53 - 00218624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WwaApi.dll
2017-07-12 11:55 - 2017-06-21 08:53 - 00175616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Scanners.dll
2017-07-12 11:55 - 2017-06-21 08:53 - 00125952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apprepapi.dll
2017-07-12 11:55 - 2017-06-21 08:52 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Picker.dll
2017-07-12 11:55 - 2017-06-21 08:51 - 00314368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Usb.dll
2017-07-12 11:55 - 2017-06-21 08:50 - 00857600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EmailApis.dll
2017-07-12 11:55 - 2017-06-21 08:48 - 02333184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmSvc.dll
2017-07-12 11:55 - 2017-06-21 08:44 - 00795648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MiracastReceiver.dll
2017-07-12 11:55 - 2017-06-21 08:44 - 00343040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToDevice.dll
2017-07-12 11:55 - 2017-06-21 08:43 - 00653312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.AccountsControl.dll
2017-07-12 11:55 - 2017-06-21 08:43 - 00468992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.InkControls.dll
2017-07-12 11:55 - 2017-06-21 08:40 - 00895488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Streaming.dll
2017-07-12 11:55 - 2017-06-21 08:40 - 00675840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.dll
2017-07-12 11:55 - 2017-06-21 08:40 - 00220672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToReceiver.dll
2017-07-12 11:55 - 2017-06-21 08:38 - 01221120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Audio.dll
2017-07-12 11:55 - 2017-06-21 08:37 - 00357376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Geolocation.dll
2017-07-12 11:55 - 2017-06-21 08:37 - 00103936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Devices.dll
2017-07-12 11:55 - 2017-06-21 08:36 - 01988096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2017-07-12 11:55 - 2017-06-21 08:35 - 01656320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Perception.dll
2017-07-12 11:55 - 2017-06-21 08:35 - 01232384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Maps.dll
2017-07-12 11:55 - 2017-06-21 08:35 - 00598528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.dll
2017-07-12 11:55 - 2017-06-21 08:35 - 00589312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Sensors.dll
2017-07-12 11:55 - 2017-06-21 08:34 - 00654336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MbaeApiPublic.dll
2017-07-12 11:55 - 2017-06-21 08:34 - 00542208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.Connectivity.dll
2017-07-12 11:55 - 2017-03-04 08:20 - 00426496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Wallet.dll
2017-07-12 11:55 - 2017-03-04 08:19 - 00498688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mbsmsapi.dll
2017-07-12 11:55 - 2016-10-05 11:15 - 00141312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dialclient.dll
2017-07-12 11:55 - 2016-09-15 18:58 - 00092672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Background.SystemEventsBroker.dll
2017-07-12 11:54 - 2017-07-07 09:49 - 00340824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2017-07-12 11:54 - 2017-07-07 09:46 - 00781152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2017-07-12 11:54 - 2017-07-07 09:45 - 02263832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2017-07-12 11:54 - 2017-07-07 09:44 - 00108896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys
2017-07-12 11:54 - 2017-07-07 09:40 - 20967840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2017-07-12 11:54 - 2017-07-07 09:37 - 00468320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netio.sys
2017-07-12 11:54 - 2017-07-07 09:37 - 00118112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tdx.sys
2017-07-12 11:54 - 2017-07-07 09:29 - 02759712 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2017-07-12 11:54 - 2017-07-07 09:29 - 00857440 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2017-07-12 11:54 - 2017-07-07 09:24 - 22220856 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2017-07-12 11:54 - 2017-07-07 09:23 - 00241504 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHost.dll
2017-07-12 11:54 - 2017-07-07 09:20 - 00059904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\l2gpstore.dll
2017-07-12 11:54 - 2017-07-07 09:19 - 00081408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2017-07-12 11:54 - 2017-07-07 09:19 - 00025088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eapprovp.dll
2017-07-12 11:54 - 2017-07-07 09:18 - 02532192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2017-07-12 11:54 - 2017-07-07 09:18 - 00450560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastls.dll
2017-07-12 11:54 - 2017-07-07 09:18 - 00210432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\onex.dll
2017-07-12 11:54 - 2017-07-07 09:18 - 00057400 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsass.exe
2017-07-12 11:54 - 2017-07-07 09:17 - 00118784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\raschap.dll
2017-07-12 11:54 - 2017-07-07 09:14 - 00270336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2017-07-12 11:54 - 2017-07-07 09:14 - 00126464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
2017-07-12 11:54 - 2017-07-07 09:13 - 00364544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupShim.dll
2017-07-12 11:54 - 2017-07-07 09:13 - 00310272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Wldap32.dll
2017-07-12 11:54 - 2017-07-07 09:11 - 00340480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2017-07-12 11:54 - 2017-07-07 09:10 - 00755200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2017-07-12 11:54 - 2017-07-07 09:09 - 00637952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SmartcardCredentialProvider.dll
2017-07-12 11:54 - 2017-07-07 09:09 - 00506368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2017-07-12 11:54 - 2017-07-07 09:06 - 18364928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2017-07-12 11:54 - 2017-07-07 09:06 - 07626752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2017-07-12 11:54 - 2017-07-07 09:05 - 19414528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2017-07-12 11:54 - 2017-07-07 09:03 - 00337408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msinfo32.exe
2017-07-12 11:54 - 2017-07-07 09:02 - 01313280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wdc.dll
2017-07-12 11:54 - 2017-07-07 09:00 - 12187136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2017-07-12 11:54 - 2017-07-07 09:00 - 00476160 _____ (Microsoft® Windows® Operating System) C:\WINDOWS\SysWOW64\wvc.dll
2017-07-12 11:54 - 2017-07-07 08:57 - 00691712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2017-07-12 11:54 - 2017-07-07 08:56 - 06035456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2017-07-12 11:54 - 2017-07-07 08:55 - 04423680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll
2017-07-12 11:54 - 2017-07-07 08:55 - 03664896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2017-07-12 11:54 - 2017-07-07 08:55 - 01571840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2017-07-12 11:54 - 2017-07-07 08:54 - 02027008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2017-07-12 11:54 - 2017-07-07 08:52 - 04561408 _____ (Microsoft) C:\WINDOWS\SysWOW64\dbgeng.dll
2017-07-12 11:54 - 2017-07-07 08:52 - 01413632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OpcServices.dll
2017-07-12 11:54 - 2017-07-07 08:48 - 00071680 _____ (Microsoft Corporation) C:\WINDOWS\system32\l2gpstore.dll
2017-07-12 11:54 - 2017-07-07 08:48 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\eapprovp.dll
2017-07-12 11:54 - 2017-07-07 08:46 - 00231424 _____ (Microsoft Corporation) C:\WINDOWS\system32\shutdownux.dll
2017-07-12 11:54 - 2017-07-07 08:45 - 00223744 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2017-07-12 11:54 - 2017-07-07 08:44 - 00502784 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastls.dll
2017-07-12 11:54 - 2017-07-07 08:44 - 00238592 _____ (Microsoft Corporation) C:\WINDOWS\system32\onex.dll
2017-07-12 11:54 - 2017-07-07 08:44 - 00137728 _____ (Microsoft Corporation) C:\WINDOWS\system32\raschap.dll
2017-07-12 11:54 - 2017-07-07 08:43 - 00387584 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2017-07-12 11:54 - 2017-07-07 08:43 - 00088576 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2017-07-12 11:54 - 2017-07-07 08:39 - 00282624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb10.sys
2017-07-12 11:54 - 2017-07-07 08:35 - 01397760 _____ (Microsoft Corporation) C:\WINDOWS\system32\wdc.dll
2017-07-12 11:54 - 2017-07-07 08:33 - 00576000 _____ (Microsoft® Windows® Operating System) C:\WINDOWS\system32\wvc.dll
2017-07-12 11:54 - 2017-07-07 08:30 - 13090816 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2017-07-12 11:54 - 2017-07-07 08:28 - 02096640 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2017-07-12 11:54 - 2017-07-07 08:28 - 00759296 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2017-07-12 11:54 - 2017-07-07 08:27 - 08120832 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2017-07-12 11:54 - 2017-07-07 08:24 - 04744704 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2017-07-12 11:54 - 2017-07-07 08:24 - 01783296 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2017-07-12 11:54 - 2017-07-07 08:24 - 01513472 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2017-07-12 11:54 - 2017-07-06 06:29 - 00690008 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcp120_clr0400.dll
2017-07-12 11:54 - 2017-06-22 08:17 - 00987840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcr120_clr0400.dll
2017-07-12 11:54 - 2017-06-22 08:17 - 00485576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcp120_clr0400.dll
2017-07-12 11:54 - 2017-06-21 10:18 - 01470816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppVEntSubsystems32.dll
2017-07-12 11:54 - 2017-06-21 09:54 - 00603488 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContentDeliveryManager.Utilities.dll
2017-07-12 11:54 - 2017-06-21 09:53 - 00794928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Shell.Broker.dll
2017-07-12 11:54 - 2017-06-21 09:52 - 02213760 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2017-07-12 11:54 - 2017-06-21 09:52 - 00774224 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2017-07-12 11:54 - 2017-06-21 09:52 - 00088416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\scmbus.sys
2017-07-12 11:54 - 2017-06-21 09:52 - 00081760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\stornvme.sys
2017-07-12 11:54 - 2017-06-21 09:51 - 02255712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2017-07-12 11:54 - 2017-06-21 09:42 - 01573280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2017-07-12 11:54 - 2017-06-21 09:42 - 00601712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2017-07-12 11:54 - 2017-06-21 09:41 - 01706488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2017-07-12 11:54 - 2017-06-21 09:39 - 02048496 _____ C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2017-07-12 11:54 - 2017-06-21 09:38 - 07220192 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2017-07-12 11:54 - 2017-06-21 09:38 - 01860288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2017-07-12 11:54 - 2017-06-21 09:38 - 00790752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll
2017-07-12 11:54 - 2017-06-21 09:36 - 00557408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2017-07-12 11:54 - 2017-06-21 09:36 - 00129888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBSTOR.SYS
2017-07-12 11:54 - 2017-06-21 09:33 - 00408600 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsmf.dll
2017-07-12 11:54 - 2017-06-21 09:33 - 00092512 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2017-07-12 11:54 - 2017-06-21 09:32 - 08169024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2017-07-12 11:54 - 2017-06-21 09:32 - 04260576 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2017-07-12 11:54 - 2017-06-21 09:32 - 01983408 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2017-07-12 11:54 - 2017-06-21 09:32 - 01702392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
2017-07-12 11:54 - 2017-06-21 09:32 - 01072248 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetcore.dll
2017-07-12 11:54 - 2017-06-21 09:31 - 00160096 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostBroker.dll
2017-07-12 11:54 - 2017-06-21 09:30 - 00869848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmCoreR.dll
2017-07-12 11:54 - 2017-06-21 09:30 - 00196960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ifsutil.dll
2017-07-12 11:54 - 2017-06-21 09:29 - 05722320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2017-07-12 11:54 - 2017-06-21 09:28 - 02277288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll
2017-07-12 11:54 - 2017-06-21 09:28 - 00524776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2017-07-12 11:54 - 2017-06-21 09:28 - 00170960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
2017-07-12 11:54 - 2017-06-21 09:27 - 01122344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dcomp.dll
2017-07-12 11:54 - 2017-06-21 09:27 - 00975744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll
2017-07-12 11:54 - 2017-06-21 09:27 - 00861024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2017-07-12 11:54 - 2017-06-21 09:27 - 00549088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SHCore.dll
2017-07-12 11:54 - 2017-06-21 09:26 - 00387864 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpps.dll
2017-07-12 11:54 - 2017-06-21 09:25 - 02168288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2017-07-12 11:54 - 2017-06-21 09:25 - 01980776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2017-07-12 11:54 - 2017-06-21 09:24 - 00846560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll
2017-07-12 11:54 - 2017-06-21 09:24 - 00154432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntmarta.dll
2017-07-12 11:54 - 2017-06-21 09:22 - 00361104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsmf.dll
2017-07-12 11:54 - 2017-06-21 09:21 - 06665440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2017-07-12 11:54 - 2017-06-21 09:21 - 04023552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2017-07-12 11:54 - 2017-06-21 09:21 - 01845512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2017-07-12 11:54 - 2017-06-21 09:21 - 01557808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll
2017-07-12 11:54 - 2017-06-21 09:21 - 01277856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll
2017-07-12 11:54 - 2017-06-21 09:21 - 00952416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2017-07-12 11:54 - 2017-06-21 09:21 - 00374448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFPlay.dll
2017-07-12 11:54 - 2017-06-21 09:20 - 01360464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetsrc.dll
2017-07-12 11:54 - 2017-06-21 09:20 - 00981888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetcore.dll
2017-07-12 11:54 - 2017-06-21 09:20 - 00962768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2017-07-12 11:54 - 2017-06-21 09:20 - 00312472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mftranscode.dll
2017-07-12 11:54 - 2017-06-21 09:19 - 04312248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2017-07-12 11:54 - 2017-06-21 09:06 - 00372736 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXTaskFactory.dll
2017-07-12 11:54 - 2017-06-21 09:04 - 01631232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Resources.dll
2017-07-12 11:54 - 2017-06-21 09:04 - 01631232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll
2017-07-12 11:54 - 2017-06-21 09:04 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\odbcconf.dll
2017-07-12 11:54 - 2017-06-21 09:03 - 00013312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rootmdm.sys
2017-07-12 11:54 - 2017-06-21 09:02 - 00237568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.Diagnostics.dll
2017-07-12 11:54 - 2017-06-21 09:02 - 00124928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\scmdisk0101.sys
2017-07-12 11:54 - 2017-06-21 09:02 - 00124416 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2017-07-12 11:54 - 2017-06-21 09:02 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\odbcconf.dll
2017-07-12 11:54 - 2017-06-21 09:01 - 00185344 _____ (Microsoft Corporation) C:\WINDOWS\system32\DisplayManager.dll
2017-07-12 11:54 - 2017-06-21 09:01 - 00138752 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEDataLayerHelpers.dll
2017-07-12 11:54 - 2017-06-21 09:00 - 00519168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ngccredprov.dll
2017-07-12 11:54 - 2017-06-21 09:00 - 00295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\unimdm.tsp
2017-07-12 11:54 - 2017-06-21 09:00 - 00233984 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProvisioningHandlers.dll
2017-07-12 11:54 - 2017-06-21 09:00 - 00193536 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinRtTracing.dll
2017-07-12 11:54 - 2017-06-21 09:00 - 00143360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\uudf.dll
2017-07-12 11:54 - 2017-06-21 09:00 - 00138240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DisplayManager.dll
2017-07-12 11:54 - 2017-06-21 09:00 - 00114688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Background.SystemEventsBroker.dll
2017-07-12 11:54 - 2017-06-21 09:00 - 00113664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.ServiceDiscovery.Dnssd.dll
2017-07-12 11:54 - 2017-06-21 08:59 - 00467968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Gaming.XboxLive.Storage.dll
2017-07-12 11:54 - 2017-06-21 08:59 - 00255488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\unimdm.tsp
2017-07-12 11:54 - 2017-06-21 08:59 - 00177664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.Diagnostics.dll
2017-07-12 11:54 - 2017-06-21 08:59 - 00149504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Core.dll
2017-07-12 11:54 - 2017-06-21 08:59 - 00137216 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdlrecover.exe
2017-07-12 11:54 - 2017-06-21 08:59 - 00097792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.System.SystemManagement.dll
2017-07-12 11:54 - 2017-06-21 08:58 - 00418304 _____ C:\WINDOWS\system32\Windows.Perception.Stub.dll
2017-07-12 11:54 - 2017-06-21 08:58 - 00211968 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2017-07-12 11:54 - 2017-06-21 08:58 - 00136192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinRtTracing.dll
2017-07-12 11:54 - 2017-06-21 08:58 - 00059904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.System.UserDeviceAssociation.dll
2017-07-12 11:54 - 2017-06-21 08:57 - 00505856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.WiFiDirect.dll
2017-07-12 11:54 - 2017-06-21 08:57 - 00418304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.BlockedShutdown.dll
2017-07-12 11:54 - 2017-06-21 08:57 - 00360448 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpencom.dll
2017-07-12 11:54 - 2017-06-21 08:57 - 00171520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.SerialCommunication.dll
2017-07-12 11:54 - 2017-06-21 08:57 - 00144896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Lights.dll
2017-07-12 11:54 - 2017-06-21 08:57 - 00142336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.WiFi.dll
2017-07-12 11:54 - 2017-06-21 08:57 - 00122880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sendmail.dll
2017-07-12 11:54 - 2017-06-21 08:57 - 00088576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDeviceRegistration.Ngc.dll
2017-07-12 11:54 - 2017-06-21 08:56 - 01507840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.FaceAnalysis.dll
2017-07-12 11:54 - 2017-06-21 08:56 - 00912384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.SmartCards.dll
2017-07-12 11:54 - 2017-06-21 08:56 - 00748544 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2017-07-12 11:54 - 2017-06-21 08:56 - 00719872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdiWiFi.sys
2017-07-12 11:54 - 2017-06-21 08:56 - 00590336 _____ (Microsoft Corporation) C:\WINDOWS\system32\efswrt.dll
2017-07-12 11:54 - 2017-06-21 08:56 - 00568320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.LowLevel.dll
2017-07-12 11:54 - 2017-06-21 08:56 - 00392192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Gaming.Input.dll
2017-07-12 11:54 - 2017-06-21 08:56 - 00299520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataAccountApis.dll
2017-07-12 11:54 - 2017-06-21 08:56 - 00260608 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgentUserBroker.exe
2017-07-12 11:54 - 2017-06-21 08:56 - 00216576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Scanners.dll
2017-07-12 11:54 - 2017-06-21 08:56 - 00203776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\credprovhost.dll
2017-07-12 11:54 - 2017-06-21 08:56 - 00184320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserMgrProxy.dll
2017-07-12 11:54 - 2017-06-21 08:55 - 00561664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Wallet.dll
2017-07-12 11:54 - 2017-06-21 08:55 - 00533504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FXSCOMEX.dll
2017-07-12 11:54 - 2017-06-21 08:55 - 00456192 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiobj.dll
2017-07-12 11:54 - 2017-06-21 08:55 - 00404992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dsreg.dll
2017-07-12 11:54 - 2017-06-21 08:55 - 00358912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.dll
2017-07-12 11:54 - 2017-06-21 08:55 - 00349184 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2017-07-12 11:54 - 2017-06-21 08:55 - 00310784 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncSettings.dll
2017-07-12 11:54 - 2017-06-21 08:55 - 00265728 _____ C:\WINDOWS\SysWOW64\Windows.Perception.Stub.dll
2017-07-12 11:54 - 2017-06-21 08:55 - 00252416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Identity.Provider.dll
2017-07-12 11:54 - 2017-06-21 08:55 - 00020480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\regsvr32.exe
2017-07-12 11:54 - 2017-06-21 08:54 - 01159680 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblGameSave.dll
2017-07-12 11:54 - 2017-06-21 08:54 - 00949248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.PointOfService.dll
2017-07-12 11:54 - 2017-06-21 08:54 - 00671744 _____ (Microsoft Corporation) C:\WINDOWS\system32\mbsmsapi.dll
2017-07-12 11:54 - 2017-06-21 08:54 - 00574976 _____ (Microsoft Corporation) C:\WINDOWS\system32\tileobjserver.dll
2017-07-12 11:54 - 2017-06-21 08:54 - 00483840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.AllJoyn.dll
2017-07-12 11:54 - 2017-06-21 08:54 - 00472064 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Bluetooth.dll
2017-07-12 11:54 - 2017-06-21 08:54 - 00337408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Picker.dll
2017-07-12 11:54 - 2017-06-21 08:54 - 00245760 _____ (Microsoft Corporation) C:\WINDOWS\system32\WwaApi.dll
2017-07-12 11:54 - 2017-06-21 08:54 - 00141824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\easwrt.dll
2017-07-12 11:54 - 2017-06-21 08:53 - 00642048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.InkControls.dll
2017-07-12 11:54 - 2017-06-21 08:53 - 00437248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Usb.dll
2017-07-12 11:54 - 2017-06-21 08:53 - 00390656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredProvDataModel.dll
2017-07-12 11:54 - 2017-06-21 08:53 - 00386048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.WiFiDirect.dll
2017-07-12 11:54 - 2017-06-21 08:53 - 00325120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleacc.dll
2017-07-12 11:54 - 2017-06-21 08:53 - 00284160 _____ (Microsoft Corporation) C:\WINDOWS\system32\AboveLockAppHost.dll
2017-07-12 11:54 - 2017-06-21 08:53 - 00271360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\deviceaccess.dll
2017-07-12 11:54 - 2017-06-21 08:53 - 00202752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.HumanInterfaceDevice.dll
2017-07-12 11:54 - 2017-06-21 08:53 - 00201728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExecModelClient.dll
2017-07-12 11:54 - 2017-06-21 08:53 - 00185856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Identity.Provider.dll
2017-07-12 11:54 - 2017-06-21 08:52 - 06288384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2017-07-12 11:54 - 2017-06-21 08:52 - 00963584 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebcamUi.dll
2017-07-12 11:54 - 2017-06-21 08:52 - 00410112 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevicesFlowBroker.dll
2017-07-12 11:54 - 2017-06-21 08:52 - 00352256 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsDocumentTargetPrint.dll
2017-07-12 11:54 - 2017-06-21 08:52 - 00331264 _____ (Microsoft Corporation) C:\WINDOWS\system32\NgcCtnrSvc.dll
2017-07-12 11:54 - 2017-06-21 08:52 - 00182784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BioCredProv.dll
2017-07-12 11:54 - 2017-06-21 08:51 - 00846336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WebcamUi.dll
2017-07-12 11:54 - 2017-06-21 08:51 - 00747520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Ocr.dll
2017-07-12 11:54 - 2017-06-21 08:51 - 00284672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.dll
2017-07-12 11:54 - 2017-06-21 08:51 - 00258048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsDocumentTargetPrint.dll
2017-07-12 11:54 - 2017-06-21 08:50 - 01167360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certutil.exe
2017-07-12 11:54 - 2017-06-21 08:50 - 00529920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StructuredQuery.dll
2017-07-12 11:54 - 2017-06-21 08:50 - 00297472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
2017-07-12 11:54 - 2017-06-21 08:50 - 00238080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AboveLockAppHost.dll
2017-07-12 11:54 - 2017-06-21 08:49 - 03778048 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2017-07-12 11:54 - 2017-06-21 08:49 - 02104320 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll
2017-07-12 11:54 - 2017-06-21 08:49 - 01403392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Editing.dll
2017-07-12 11:54 - 2017-06-21 08:49 - 00500224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.Printing.dll
2017-07-12 11:54 - 2017-06-21 08:49 - 00458752 _____ (Microsoft Corporation) C:\WINDOWS\system32\RTMediaFrame.dll
2017-07-12 11:54 - 2017-06-21 08:49 - 00295936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.dll
2017-07-12 11:54 - 2017-06-21 08:49 - 00288256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CryptoWinRT.dll
2017-07-12 11:54 - 2017-06-21 08:49 - 00175616 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.DeviceEncryptionHandlers.dll
2017-07-12 11:54 - 2017-06-21 08:49 - 00169984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Energy.dll
2017-07-12 11:54 - 2017-06-21 08:48 - 00395264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmenrollengine.dll
2017-07-12 11:54 - 2017-06-21 08:48 - 00336384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\azroleui.dll
2017-07-12 11:54 - 2017-06-21 08:47 - 13873664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2017-07-12 11:54 - 2017-06-21 08:47 - 07655424 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2017-07-12 11:54 - 2017-06-21 08:47 - 01105408 _____ (Microsoft Corporation) C:\WINDOWS\system32\MiracastReceiver.dll
2017-07-12 11:54 - 2017-06-21 08:47 - 00442368 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToDevice.dll
2017-07-12 11:54 - 2017-06-21 08:46 - 04615168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2017-07-12 11:54 - 2017-06-21 08:46 - 01908224 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2017-07-12 11:54 - 2017-06-21 08:46 - 01323008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_fs.dll
2017-07-12 11:54 - 2017-06-21 08:46 - 01137152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_health.dll
2017-07-12 11:54 - 2017-06-21 08:46 - 01077760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Editing.dll
2017-07-12 11:54 - 2017-06-21 08:46 - 00627200 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpaceControl.dll
2017-07-12 11:54 - 2017-06-21 08:46 - 00355328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RTMediaFrame.dll
2017-07-12 11:54 - 2017-06-21 08:46 - 00187904 _____ (Microsoft Corporation) C:\WINDOWS\system32\dialclient.dll
2017-07-12 11:54 - 2017-06-21 08:45 - 00891904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\autochk.exe
2017-07-12 11:54 - 2017-06-21 08:45 - 00471552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.BackgroundMediaPlayback.dll
2017-07-12 11:54 - 2017-06-21 08:45 - 00313856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2017-07-12 11:54 - 2017-06-21 08:45 - 00102400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\uexfat.dll
2017-07-12 11:54 - 2017-06-21 08:44 - 00535040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\untfs.dll
2017-07-12 11:54 - 2017-06-21 08:44 - 00136704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ufat.dll
2017-07-12 11:54 - 2017-06-21 08:44 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fdProxy.dll
2017-07-12 11:54 - 2017-06-21 08:43 - 01534464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.Printing.3D.dll
2017-07-12 11:54 - 2017-06-21 08:43 - 01217024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Audio.dll
2017-07-12 11:54 - 2017-06-21 08:43 - 00713216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpnapps.dll
2017-07-12 11:54 - 2017-06-21 08:43 - 00035328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cnvfat.dll
2017-07-12 11:54 - 2017-06-21 08:42 - 03307008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2017-07-12 11:54 - 2017-06-21 08:42 - 02749440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mispace.dll
2017-07-12 11:54 - 2017-06-21 08:42 - 00853504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\autofmt.exe
2017-07-12 11:54 - 2017-06-21 08:42 - 00779776 _____ (Microsoft Corporation) C:\WINDOWS\system32\cscui.dll
2017-07-12 11:54 - 2017-06-21 08:42 - 00525312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LogonController.dll
2017-07-12 11:54 - 2017-06-21 08:42 - 00470016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Playback.BackgroundMediaPlayer.dll
2017-07-12 11:54 - 2017-06-21 08:42 - 00380416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\uReFSv1.dll
2017-07-12 11:54 - 2017-06-21 08:41 - 03400704 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2017-07-12 11:54 - 2017-06-21 08:41 - 01255936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll
2017-07-12 11:54 - 2017-06-21 08:41 - 01080320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Ocr.dll
2017-07-12 11:54 - 2017-06-21 08:41 - 00983040 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcsvc.dll
2017-07-12 11:54 - 2017-06-21 08:41 - 00459776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Playback.MediaPlayer.dll
2017-07-12 11:54 - 2017-06-21 08:40 - 02641920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2017-07-12 11:54 - 2017-06-21 08:40 - 02154496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\storagewmi.dll
2017-07-12 11:54 - 2017-06-21 08:40 - 01891328 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnidui.dll
2017-07-12 11:54 - 2017-06-21 08:40 - 00901120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Bluetooth.dll
2017-07-12 11:54 - 2017-06-21 08:40 - 00611328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Printing.dll
2017-07-12 11:54 - 2017-06-21 08:40 - 00090624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll
2017-07-12 11:54 - 2017-06-21 08:39 - 08076288 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2017-07-12 11:54 - 2017-06-21 08:39 - 02538496 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2017-07-12 11:54 - 2017-06-21 08:39 - 00816640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
2017-07-12 11:54 - 2017-06-21 08:39 - 00546304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\uReFS.dll
2017-07-12 11:54 - 2017-06-21 08:39 - 00134144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ErrorDetails.dll
2017-07-12 11:54 - 2017-06-21 08:38 - 03733504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_47.dll
2017-07-12 11:54 - 2017-06-21 08:38 - 03520512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xpsrchvw.exe
2017-07-12 11:54 - 2017-06-21 08:38 - 02695680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2017-07-12 11:54 - 2017-06-21 08:38 - 02424320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Perception.dll
2017-07-12 11:54 - 2017-06-21 08:38 - 01984000 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2017-07-12 11:54 - 2017-06-21 08:38 - 01275392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Bluetooth.dll
2017-07-12 11:54 - 2017-06-21 08:38 - 00908800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
2017-07-12 11:54 - 2017-06-21 08:38 - 00886272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2017-07-12 11:54 - 2017-06-21 08:38 - 00877056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\autoconv.exe
2017-07-12 11:54 - 2017-06-21 08:38 - 00846336 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApiPublic.dll
2017-07-12 11:54 - 2017-06-21 08:38 - 00765440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Sensors.dll
2017-07-12 11:54 - 2017-06-21 08:38 - 00753152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\imapi2fs.dll
2017-07-12 11:54 - 2017-06-21 08:38 - 00709120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CPFilters.dll
2017-07-12 11:54 - 2017-06-21 08:37 - 07468544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2017-07-12 11:54 - 2017-06-21 08:37 - 06109696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll
2017-07-12 11:54 - 2017-06-21 08:37 - 00400384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToManager.dll
2017-07-12 11:54 - 2017-06-21 08:36 - 02648576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CertEnroll.dll
2017-07-12 11:54 - 2017-06-21 08:36 - 01424896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Maps.dll
2017-07-12 11:54 - 2017-06-21 08:36 - 01247232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Globalization.dll
2017-07-12 11:54 - 2017-06-21 08:36 - 00903680 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2017-07-12 11:54 - 2017-06-21 08:36 - 00701952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Connectivity.dll
2017-07-12 11:54 - 2017-06-21 08:35 - 04149248 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2017-07-12 11:54 - 2017-06-21 08:35 - 02740224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll
2017-07-12 11:54 - 2017-06-21 08:35 - 02682880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netshell.dll
2017-07-12 11:54 - 2017-06-21 08:35 - 01369088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Phone.dll
2017-07-12 11:54 - 2017-06-21 08:35 - 01170944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Speech.dll
2017-07-12 11:54 - 2017-06-21 08:35 - 00827904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll
2017-07-12 11:54 - 2017-06-21 08:35 - 00732160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MsSpellCheckingFacility.dll
2017-07-12 11:54 - 2017-06-21 08:35 - 00348160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Midi.dll
2017-07-12 11:54 - 2017-06-21 08:34 - 03299840 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstsc.exe
2017-07-12 11:54 - 2017-06-21 08:34 - 01886720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
2017-07-12 11:54 - 2017-06-21 08:34 - 00773120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2017-07-12 11:54 - 2017-06-21 08:34 - 00711168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll
2017-07-12 11:54 - 2017-06-21 08:34 - 00621056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll
2017-07-12 11:54 - 2017-06-21 08:34 - 00566784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ShareHost.dll
2017-07-12 11:54 - 2017-06-21 08:34 - 00179712 _____ (Microsoft Corporation) C:\WINDOWS\system32\tssrvlic.dll
2017-07-12 11:54 - 2017-06-21 08:33 - 01170944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Phone.dll
2017-07-12 11:54 - 2017-06-21 08:33 - 01013248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.Http.dll
2017-07-12 11:54 - 2017-06-21 08:33 - 00751104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.BackgroundTransfer.dll
2017-07-12 11:54 - 2017-06-21 08:33 - 00691200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2017-07-12 11:54 - 2017-06-21 08:33 - 00439296 _____ (Microsoft Corporation) C:\WINDOWS\system32\wksprt.exe
2017-07-12 11:54 - 2017-06-21 08:33 - 00048128 _____ (Microsoft Corporation) C:\WINDOWS\system32\tlscsp.dll
2017-07-12 11:54 - 2017-06-21 08:32 - 01556992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2017-07-12 11:54 - 2017-06-21 08:32 - 00353280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TextInputFramework.dll
2017-07-12 11:54 - 2017-06-21 08:31 - 03106304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstsc.exe
2017-07-12 11:54 - 2017-06-21 08:30 - 00038912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tlscsp.dll
2017-07-12 11:54 - 2017-06-21 08:10 - 00483840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2017-07-12 11:54 - 2017-06-20 04:42 - 00993632 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcr120_clr0400.dll
2017-07-12 11:54 - 2017-05-23 06:58 - 00448576 _____ C:\WINDOWS\system32\ApnDatabase.xml
2017-07-12 11:54 - 2017-03-04 09:10 - 00360040 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2017-07-12 11:54 - 2017-03-04 08:56 - 00263472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Storage.ApplicationData.dll
2017-07-12 11:54 - 2017-03-04 08:28 - 00279552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.HumanInterfaceDevice.dll
2017-07-12 11:54 - 2017-03-04 08:26 - 00307200 _____ (Microsoft Corporation) C:\WINDOWS\system32\PrintDialogs3D.dll
2017-07-12 11:54 - 2017-03-04 08:23 - 01145856 _____ (Microsoft Corporation) C:\WINDOWS\system32\EmailApis.dll
2017-07-12 11:54 - 2017-03-04 08:23 - 00583680 _____ (Microsoft Corporation) C:\WINDOWS\system32\PrintDialogs.dll
2017-07-12 11:54 - 2017-03-04 08:21 - 01243136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.FaceAnalysis.dll
2017-07-12 11:54 - 2017-03-04 08:21 - 00670208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.PointOfService.dll
2017-07-12 11:54 - 2017-03-04 08:20 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2017-07-12 11:54 - 2017-03-04 08:20 - 00562176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.SmartCards.dll
2017-07-12 11:54 - 2017-03-04 08:20 - 00206336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vaultcli.dll
2017-07-12 11:54 - 2017-03-04 08:18 - 00525824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintDialogs.dll
2017-07-12 11:54 - 2017-03-04 08:17 - 00864256 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnapps.dll
2017-07-12 11:54 - 2017-03-04 08:16 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2017-07-12 11:54 - 2017-03-04 08:15 - 01078784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.dll
2017-07-12 11:54 - 2017-03-04 08:14 - 00279552 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToReceiver.dll
2017-07-12 11:54 - 2017-03-04 08:12 - 04596224 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsrchvw.exe
2017-07-12 11:54 - 2017-03-04 08:02 - 02138112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll
2017-07-12 11:54 - 2016-10-15 05:45 - 01790464 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationFramework.dll
2017-07-12 11:54 - 2016-09-15 18:47 - 00134656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Energy.dll
2017-07-12 11:54 - 2016-08-27 07:12 - 00244816 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2017-07-12 11:53 - 2017-07-07 09:42 - 07781720 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2017-07-12 11:53 - 2017-07-07 09:40 - 00376672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2017-07-12 11:53 - 2017-07-07 09:32 - 00404824 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2017-07-12 11:53 - 2017-07-07 09:28 - 00223584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2017-07-12 11:53 - 2017-07-07 09:23 - 01600624 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2017-07-12 11:53 - 2017-07-07 09:18 - 01100120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys
2017-07-12 11:53 - 2017-07-07 08:58 - 07217152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2017-07-12 11:53 - 2017-07-07 08:51 - 22569984 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2017-07-12 11:53 - 2017-07-07 08:49 - 00115200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bridge.sys
2017-07-12 11:53 - 2017-07-07 08:47 - 00201728 _____ (Microsoft Corporation) C:\WINDOWS\system32\ScDeviceEnum.dll
2017-07-12 11:53 - 2017-07-07 08:46 - 00052224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpipreg.sys
2017-07-12 11:53 - 2017-07-07 08:45 - 00488960 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupShim.dll
2017-07-12 11:53 - 2017-07-07 08:45 - 00289792 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeveloperOptionsSettingsHandlers.dll
2017-07-12 11:53 - 2017-07-07 08:45 - 00276992 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2017-07-12 11:53 - 2017-07-07 08:44 - 00193536 _____ (Microsoft Corporation) C:\WINDOWS\system32\certprop.dll
2017-07-12 11:53 - 2017-07-07 08:44 - 00147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll
2017-07-12 11:53 - 2017-07-07 08:44 - 00139264 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2017-07-12 11:53 - 2017-07-07 08:43 - 01081856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2017-07-12 11:53 - 2017-07-07 08:43 - 00431616 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpAXHolder.dll
2017-07-12 11:53 - 2017-07-07 08:42 - 00805888 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2017-07-12 11:53 - 2017-07-07 08:42 - 00352256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wldap32.dll
2017-07-12 11:53 - 2017-07-07 08:36 - 00369664 _____ (Microsoft Corporation) C:\WINDOWS\system32\msinfo32.exe
2017-07-12 11:53 - 2017-07-07 08:34 - 09131008 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2017-07-12 11:53 - 2017-07-07 08:31 - 23676416 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2017-07-12 11:53 - 2017-07-07 08:29 - 04749824 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2017-07-12 11:53 - 2017-07-07 08:29 - 00932864 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2017-07-12 11:53 - 2017-07-07 08:28 - 00927744 _____ (Microsoft Corporation) C:\WINDOWS\system32\SmartcardCredentialProvider.dll
2017-07-12 11:53 - 2017-07-07 08:28 - 00589312 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2017-07-12 11:53 - 2017-07-07 08:25 - 04708864 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
2017-07-12 11:53 - 2017-07-07 08:24 - 05388800 _____ (Microsoft) C:\WINDOWS\system32\dbgeng.dll
2017-07-12 11:53 - 2017-07-07 08:24 - 03615744 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2017-07-12 11:53 - 2017-07-07 08:24 - 02895872 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2017-07-12 11:53 - 2017-07-07 08:24 - 02217472 _____ (Microsoft Corporation) C:\WINDOWS\system32\OpcServices.dll
2017-07-12 11:53 - 2017-07-07 08:22 - 01826816 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2017-07-12 11:53 - 2017-06-21 09:56 - 01405280 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntSubsystemController.dll
2017-07-12 11:53 - 2017-06-21 09:55 - 02170720 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntSubsystems64.dll
2017-07-12 11:53 - 2017-06-21 09:54 - 01669984 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVIntegration.dll
2017-07-12 11:53 - 2017-06-21 09:54 - 00822624 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVClient.exe
2017-07-12 11:53 - 2017-06-21 09:54 - 00813408 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntStreamingManager.dll
2017-07-12 11:53 - 2017-06-21 09:54 - 00758624 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVOrchestration.dll
2017-07-12 11:53 - 2017-06-21 09:54 - 00704352 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntVirtualization.dll
2017-07-12 11:53 - 2017-06-21 09:54 - 00696160 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVPublishing.dll
2017-07-12 11:53 - 2017-06-21 09:54 - 00565088 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVCatalog.dll
2017-07-12 11:53 - 2017-06-21 09:54 - 00406368 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVScripting.dll
2017-07-12 11:53 - 2017-06-21 09:52 - 01886344 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2017-07-12 11:53 - 2017-06-21 09:51 - 00434528 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2017-07-12 11:53 - 2017-06-21 09:50 - 00126304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mup.sys
2017-07-12 11:53 - 2017-06-21 09:48 - 02681200 _____ C:\WINDOWS\system32\CoreUIComponents.dll
2017-07-12 11:53 - 2017-06-21 09:47 - 00764392 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2017-07-12 11:53 - 2017-06-21 09:40 - 01069720 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2017-07-12 11:53 - 2017-06-21 09:40 - 00328008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Storage.ApplicationData.dll
2017-07-12 11:53 - 2017-06-21 09:40 - 00224096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ifsutil.dll
2017-07-12 11:53 - 2017-06-21 09:38 - 01738560 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2017-07-12 11:53 - 2017-06-21 09:37 - 02446704 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2017-07-12 11:53 - 2017-06-21 09:37 - 01369240 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcomp.dll
2017-07-12 11:53 - 2017-06-21 09:37 - 01157008 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2017-07-12 11:53 - 2017-06-21 09:37 - 00146784 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostCommon.dll
2017-07-12 11:53 - 2017-06-21 09:36 - 00624048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2017-07-12 11:53 - 2017-06-21 09:35 - 02915704 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2017-07-12 11:53 - 2017-06-21 09:35 - 01267512 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2017-07-12 11:53 - 2017-06-21 09:31 - 04674360 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2017-07-12 11:53 - 2017-06-21 09:31 - 01277824 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2017-07-12 11:53 - 2017-06-21 09:03 - 00167936 _____ (Microsoft Corporation) C:\WINDOWS\system32\uudf.dll
2017-07-12 11:53 - 2017-06-21 09:02 - 00124416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.System.SystemManagement.dll
2017-07-12 11:53 - 2017-06-21 09:01 - 00156160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Family.Client.dll
2017-07-12 11:53 - 2017-06-21 09:01 - 00108032 _____ (Microsoft Corporation) C:\WINDOWS\system32\Family.Authentication.dll
2017-07-12 11:53 - 2017-06-21 09:01 - 00015872 _____ (Microsoft Corporation) C:\WINDOWS\system32\snmptrap.exe
2017-07-12 11:53 - 2017-06-21 09:00 - 00259072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Family.SyncEngine.dll
2017-07-12 11:53 - 2017-06-21 09:00 - 00224256 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_SignInOptions.dll
2017-07-12 11:53 - 2017-06-21 09:00 - 00193536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.WiFi.dll
2017-07-12 11:53 - 2017-06-21 09:00 - 00148480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.System.Profile.RetailInfo.dll
2017-07-12 11:53 - 2017-06-21 09:00 - 00082432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.System.UserDeviceAssociation.dll
2017-07-12 11:53 - 2017-06-21 09:00 - 00073216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryBroker.dll
2017-07-12 11:53 - 2017-06-21 08:59 - 00196096 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDeviceRegistration.dll
2017-07-12 11:53 - 2017-06-21 08:59 - 00182272 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceDirectoryClient.dll
2017-07-12 11:53 - 2017-06-21 08:59 - 00136192 _____ (Microsoft Corporation) C:\WINDOWS\system32\sendmail.dll
2017-07-12 11:53 - 2017-06-21 08:59 - 00122880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryClient.dll
2017-07-12 11:53 - 2017-06-21 08:59 - 00101888 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDeviceRegistration.Ngc.dll
2017-07-12 11:53 - 2017-06-21 08:59 - 00082944 _____ (Microsoft Corporation) C:\WINDOWS\system32\KdsCli.dll
2017-07-12 11:53 - 2017-06-21 08:58 - 00547840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Gaming.Input.dll
2017-07-12 11:53 - 2017-06-21 08:58 - 00257024 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudDomainJoinDataModelServer.dll
2017-07-12 11:53 - 2017-06-21 08:58 - 00224768 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpd_ci.dll
2017-07-12 11:53 - 2017-06-21 08:58 - 00186368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Radios.dll
2017-07-12 11:53 - 2017-06-21 08:58 - 00144896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dfsc.sys
2017-07-12 11:53 - 2017-06-21 08:57 - 00651264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.AllJoyn.dll
2017-07-12 11:53 - 2017-06-21 08:57 - 00243712 _____ (Microsoft Corporation) C:\WINDOWS\system32\credprovhost.dll
2017-07-12 11:53 - 2017-06-21 08:57 - 00157696 _____ (Microsoft Corporation) C:\WINDOWS\system32\XamlTileRender.dll
2017-07-12 11:53 - 2017-06-21 08:57 - 00087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpdbusenum.dll
2017-07-12 11:53 - 2017-06-21 08:56 - 00852480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Import.dll
2017-07-12 11:53 - 2017-06-21 08:56 - 00379904 _____ (Microsoft Corporation) C:\WINDOWS\system32\apprepsync.dll
2017-07-12 11:53 - 2017-06-21 08:56 - 00324608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.LockScreen.dll
2017-07-12 11:53 - 2017-06-21 08:56 - 00268800 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserMgrProxy.dll
2017-07-12 11:53 - 2017-06-21 08:56 - 00267264 _____ (Microsoft Corporation) C:\WINDOWS\system32\vaultcli.dll
2017-07-12 11:53 - 2017-06-21 08:55 - 00407552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2017-07-12 11:53 - 2017-06-21 08:55 - 00176128 _____ (Microsoft Corporation) C:\WINDOWS\system32\apprepapi.dll
2017-07-12 11:53 - 2017-06-21 08:54 - 00247808 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExecModelClient.dll
2017-07-12 11:53 - 2017-06-21 08:54 - 00168960 _____ (Microsoft Corporation) C:\WINDOWS\system32\easwrt.dll
2017-07-12 11:53 - 2017-06-21 08:53 - 01010176 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2017-07-12 11:53 - 2017-06-21 08:53 - 00425984 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
2017-07-12 11:53 - 2017-06-21 08:53 - 00339968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.dll
2017-07-12 11:53 - 2017-06-21 08:53 - 00329728 _____ (Microsoft Corporation) C:\WINDOWS\system32\deviceaccess.dll
2017-07-12 11:53 - 2017-06-21 08:52 - 17198592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2017-07-12 11:53 - 2017-06-21 08:52 - 00956416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2017-07-12 11:53 - 2017-06-21 08:52 - 00896512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.AccountsControl.dll
2017-07-12 11:53 - 2017-06-21 08:52 - 00775168 _____ (Microsoft Corporation) C:\WINDOWS\system32\GamePanel.exe
2017-07-12 11:53 - 2017-06-21 08:52 - 00560128 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppReadiness.dll
2017-07-12 11:53 - 2017-06-21 08:51 - 00634368 _____ (Microsoft Corporation) C:\WINDOWS\system32\StructuredQuery.dll
2017-07-12 11:53 - 2017-06-21 08:51 - 00410112 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2017-07-12 11:53 - 2017-06-21 08:50 - 01054208 _____ (Microsoft Corporation) C:\WINDOWS\system32\qmgr.dll
2017-07-12 11:53 - 2017-06-21 08:50 - 00661504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll
2017-07-12 11:53 - 2017-06-21 08:49 - 01913856 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_fs.dll
2017-07-12 11:53 - 2017-06-21 08:49 - 01584128 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_health.dll
2017-07-12 11:53 - 2017-06-21 08:48 - 00968192 _____ (Microsoft Corporation) C:\WINDOWS\system32\autochk.exe
2017-07-12 11:53 - 2017-06-21 08:48 - 00112640 _____ (Microsoft Corporation) C:\WINDOWS\system32\uexfat.dll
2017-07-12 11:53 - 2017-06-21 08:47 - 00574976 _____ (Microsoft Corporation) C:\WINDOWS\system32\untfs.dll
2017-07-12 11:53 - 2017-06-21 08:47 - 00152064 _____ (Microsoft Corporation) C:\WINDOWS\system32\ufat.dll
2017-07-12 11:53 - 2017-06-21 08:47 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\fdProxy.dll
2017-07-12 11:53 - 2017-06-21 08:46 - 03290112 _____ (Microsoft Corporation) C:\WINDOWS\system32\mispace.dll
2017-07-12 11:53 - 2017-06-21 08:46 - 00925184 _____ (Microsoft Corporation) C:\WINDOWS\system32\autofmt.exe
2017-07-12 11:53 - 2017-06-21 08:46 - 00516608 _____ (Microsoft Corporation) C:\WINDOWS\system32\uReFSv1.dll
2017-07-12 11:53 - 2017-06-21 08:46 - 00039424 _____ (Microsoft Corporation) C:\WINDOWS\system32\cnvfat.dll
2017-07-12 11:53 - 2017-06-21 08:45 - 02861056 _____ (Microsoft Corporation) C:\WINDOWS\system32\storagewmi.dll
2017-07-12 11:53 - 2017-06-21 08:44 - 00588288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidprov.dll
2017-07-12 11:53 - 2017-06-21 08:44 - 00167936 _____ (Microsoft Corporation) C:\WINDOWS\system32\ErrorDetails.dll
2017-07-12 11:53 - 2017-06-21 08:43 - 00961536 _____ (Microsoft Corporation) C:\WINDOWS\system32\imapi2fs.dll
2017-07-12 11:53 - 2017-06-21 08:43 - 00953344 _____ (Microsoft Corporation) C:\WINDOWS\system32\autoconv.exe
2017-07-12 11:53 - 2017-06-21 08:43 - 00628736 _____ (Microsoft Corporation) C:\WINDOWS\system32\uReFS.dll
2017-07-12 11:53 - 2017-06-21 08:43 - 00130560 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpaceAgent.exe
2017-07-12 11:53 - 2017-06-21 08:42 - 00981504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.OnlineId.dll
2017-07-12 11:53 - 2017-06-21 08:42 - 00539136 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToManager.dll
2017-07-12 11:53 - 2017-06-21 08:42 - 00467968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Geolocation.dll
2017-07-12 11:53 - 2017-06-21 08:42 - 00139776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Devices.dll
2017-07-12 11:53 - 2017-06-21 08:42 - 00079360 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationFrameworkInternalPS.dll
2017-07-12 11:53 - 2017-06-21 08:41 - 02279424 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2017-07-12 11:53 - 2017-06-21 08:41 - 01692160 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2017-07-12 11:53 - 2017-06-21 08:41 - 01359872 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModel.dll
2017-07-12 11:53 - 2017-06-21 08:41 - 01021440 _____ (Microsoft Corporation) C:\WINDOWS\system32\usermgr.dll
2017-07-12 11:53 - 2017-06-21 08:41 - 00945664 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll
2017-07-12 11:53 - 2017-06-21 08:41 - 00913920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.dll
2017-07-12 11:53 - 2017-06-21 08:41 - 00460800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Midi.dll
2017-07-12 11:53 - 2017-06-21 08:40 - 04474368 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_47.dll
2017-07-12 11:53 - 2017-06-21 08:40 - 01586176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Globalization.dll
2017-07-12 11:53 - 2017-06-21 08:40 - 01421824 _____ (Microsoft Corporation) C:\WINDOWS\system32\certutil.exe
2017-07-12 11:53 - 2017-06-21 08:40 - 00886784 _____ (Microsoft Corporation) C:\WINDOWS\system32\CPFilters.dll
2017-07-12 11:53 - 2017-06-21 08:40 - 00376832 _____ (Microsoft Corporation) C:\WINDOWS\system32\CryptoWinRT.dll
2017-07-12 11:53 - 2017-06-21 08:39 - 02916864 _____ (Microsoft Corporation) C:\WINDOWS\system32\CertEnroll.dll
2017-07-12 11:53 - 2017-06-21 08:39 - 02208768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Printing.3D.dll
2017-07-12 11:53 - 2017-06-21 08:39 - 01643008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.dll
2017-07-12 11:53 - 2017-06-21 08:39 - 01490432 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2017-07-12 11:53 - 2017-06-21 08:39 - 00971264 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll
2017-07-12 11:53 - 2017-06-21 08:39 - 00673792 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2017-07-12 11:53 - 2017-06-21 08:38 - 05611008 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll
2017-07-12 11:53 - 2017-06-21 08:37 - 00875520 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2017-07-12 11:53 - 2017-06-21 08:37 - 00774656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.dll
2017-07-12 11:53 - 2017-06-21 08:37 - 00735744 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2017-07-12 11:53 - 2017-06-21 08:37 - 00716800 _____ (Microsoft Corporation) C:\WINDOWS\system32\ShareHost.dll
2017-07-12 11:53 - 2017-06-21 08:36 - 02318848 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2017-07-12 11:53 - 2017-06-21 08:36 - 00881152 _____ (Microsoft Corporation) C:\WINDOWS\system32\MsSpellCheckingFacility.dll
2017-07-12 11:53 - 2017-06-21 08:36 - 00180224 _____ (Microsoft Corporation) C:\WINDOWS\system32\enrollmentapi.dll
2017-07-12 11:53 - 2017-06-21 08:35 - 01726976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2017-07-12 11:53 - 2017-06-21 08:35 - 01328640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.Http.dll
2017-07-12 11:53 - 2017-06-21 08:35 - 00924672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.BackgroundTransfer.dll
2017-07-12 11:53 - 2017-06-21 08:34 - 01121280 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2017-07-12 11:53 - 2017-06-21 08:34 - 00035328 _____ (Microsoft Corporation) C:\WINDOWS\system32\spaceman.exe
2017-07-12 11:53 - 2017-03-04 08:27 - 00391168 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleacc.dll
2017-07-12 11:53 - 2017-03-04 08:19 - 01589760 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdtctm.dll
2017-07-12 11:53 - 2016-10-05 11:32 - 00146432 _____ (Microsoft Corporation) C:\WINDOWS\system32\AuthBroker.dll
2017-07-07 20:01 - 2017-07-07 20:01 - 00000000 ____D C:\Users\Siggi\AppData\Local\UNP
2017-07-07 19:41 - 2017-07-07 19:42 - 00000000 ____D C:\Program Files\UNP
2017-07-07 19:41 - 2017-07-07 19:41 - 00000000 ____D C:\WINDOWS\system32\UNP
2017-07-02 18:04 - 2017-07-02 18:05 - 00460850 _____ C:\Users\Siggi\Downloads\bayernatlas.de.pdf
2017-07-01 10:43 - 2017-07-01 10:43 - 11287004 _____ C:\Users\Siggi\Downloads\20031120100303437_bh59-00335c-04_ge.pdf
2017-06-28 14:26 - 2017-06-28 14:27 - 07180216 _____ (Piriform Ltd) C:\Users\Siggi\Downloads\ccsetup531_slim.exe
2017-06-24 08:45 - 2017-06-24 08:47 - 00187351 _____ C:\Users\Siggi\Desktop\Wie Goldgräber und Hobbyschatzsucher bei Ausgrabungen helfen - SPIEGEL ONLINE.htm
2017-06-24 08:45 - 2017-06-24 08:45 - 00000000 ____D C:\Users\Siggi\Desktop\Wie Goldgräber und Hobbyschatzsucher bei Ausgrabungen helfen - SPIEGEL ONLINE-Dateien
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2017-07-22 10:12 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\AppReadiness
2017-07-22 10:11 - 2015-07-04 18:22 - 00000000 ____D C:\FRST
2017-07-22 10:07 - 2016-10-20 20:41 - 00000000 ____D C:\Users\Siggi\AppData\LocalLow\Mozilla
2017-07-22 10:05 - 2016-07-16 13:47 - 00000000 ___HD C:\Program Files\WindowsApps
2017-07-22 10:01 - 2017-02-14 11:36 - 00001024 _____ C:\.rnd
2017-07-22 10:01 - 2016-09-25 11:10 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-07-22 10:01 - 2016-09-25 10:23 - 00000000 ____D C:\ProgramData\NVIDIA
2017-07-22 10:00 - 2016-07-16 08:04 - 00524288 _____ C:\WINDOWS\system32\config\BBI
2017-07-22 09:59 - 2016-09-25 10:32 - 00000000 ____D C:\Users\Siggi
2017-07-22 09:42 - 2016-09-25 10:19 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2017-07-22 09:08 - 2016-07-16 08:04 - 00032768 _____ C:\WINDOWS\system32\config\ELAM
2017-07-22 08:18 - 2017-01-03 16:03 - 00000883 _____ C:\Users\Siggi\Desktop\Wswin32.exe - Verknüpfung.lnk
2017-07-22 08:09 - 2016-09-25 11:10 - 00003668 _____ C:\WINDOWS\System32\Tasks\AVG EUpdate Task
2017-07-21 10:13 - 2016-08-23 17:01 - 00000000 ____D C:\Foto
2017-07-20 21:36 - 2017-04-07 14:14 - 00251832 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2017-07-20 21:29 - 2017-05-21 18:51 - 00000000 ____D C:\Program Files (x86)\Yahoo!
2017-07-20 21:29 - 2014-08-14 15:55 - 00000008 __RSH C:\ProgramData\ntuser.pol
2017-07-20 08:14 - 2014-01-03 22:29 - 00000000 ____D C:\ProgramData\G Data
2017-07-20 08:09 - 2016-07-16 13:47 - 00000000 ___HD C:\WINDOWS\ELAMBKUP
2017-07-20 08:04 - 2014-01-03 22:31 - 00000000 ____D C:\Program Files (x86)\G Data
2017-07-20 07:35 - 2016-07-16 13:47 - 00000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs
2017-07-20 07:35 - 2016-07-16 13:47 - 00000000 ___SD C:\WINDOWS\SysWOW64\Configuration
2017-07-20 07:35 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\SysWOW64\setup
2017-07-20 07:35 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\SysWOW64\oobe
2017-07-20 07:35 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\SysWOW64\MUI
2017-07-20 07:35 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\SysWOW64\Macromed
2017-07-20 07:35 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\SysWOW64\inetsrv
2017-07-20 07:35 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\SysWOW64\IME
2017-07-20 07:35 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\SysWOW64\Com
2017-07-19 18:58 - 2017-02-20 07:31 - 00000000 ____D C:\Users\Siggi\Desktop\Programme1
2017-07-19 07:27 - 2016-09-25 10:32 - 00000000 ____D C:\Users\DefaultAppPool
2017-07-19 07:27 - 2016-09-25 10:32 - 00000000 ____D C:\Users\Administrator
2017-07-17 19:39 - 2016-10-24 12:06 - 00001147 _____ C:\Users\Siggi\Desktop\DVBViewer.exe - Verknüpfung.lnk
2017-07-17 18:44 - 2017-03-09 20:42 - 00000000 ____D C:\Users\Siggi\Documents\WISO Konto Online
2017-07-16 20:03 - 2016-10-20 18:07 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2017-07-16 08:43 - 2016-07-16 13:45 - 00000000 ____D C:\WINDOWS\INF
2017-07-15 19:42 - 2016-09-25 11:10 - 00003616 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2017-07-15 19:42 - 2016-09-25 11:10 - 00003392 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2017-07-15 18:26 - 2016-09-25 10:29 - 06341960 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-07-15 18:26 - 2016-07-17 00:51 - 03072750 _____ C:\WINDOWS\system32\perfh007.dat
2017-07-15 18:26 - 2016-07-17 00:51 - 00840852 _____ C:\WINDOWS\system32\perfc007.dat
2017-07-15 18:08 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\rescache
2017-07-12 15:38 - 2016-04-27 07:55 - 00000000 __RHD C:\Users\Public\AccountPictures
2017-07-12 15:32 - 2016-09-25 10:19 - 00413472 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2017-07-12 15:26 - 2016-07-16 13:47 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2017-07-12 15:26 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\oobe
2017-07-12 15:26 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\appraiser
2017-07-12 15:26 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\ShellExperiences
2017-07-12 15:26 - 2016-07-16 13:47 - 00000000 ____D C:\Program Files\Windows Photo Viewer
2017-07-12 15:26 - 2016-07-16 13:47 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2017-07-12 12:34 - 2016-07-16 13:36 - 00000000 ____D C:\WINDOWS\CbsTemp
2017-07-12 12:11 - 2014-01-03 20:11 - 00000000 ____D C:\WINDOWS\system32\MRT
2017-07-12 12:04 - 2014-01-03 20:11 - 135225752 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-07-12 10:17 - 2017-04-11 08:50 - 00003094 _____ C:\WINDOWS\System32\Tasks\Java Platform SE Auto Updater
2017-07-12 10:17 - 2016-09-25 11:26 - 00002824 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task
2017-07-12 10:17 - 2016-09-25 11:10 - 00002090 _____ C:\WINDOWS\System32\Tasks\SidebarExecute
2017-07-12 07:41 - 2016-07-16 13:43 - 00157696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\enrollmentapi.dll
2017-07-11 10:02 - 2014-02-01 12:52 - 00000000 ____D C:\Users\Siggi\AppData\Local\Corel
2017-07-10 11:58 - 2016-09-25 11:10 - 00003542 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2017-07-10 11:27 - 2017-04-20 18:49 - 00003878 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player PPAPI Notifier
2017-07-10 11:26 - 2017-05-26 21:24 - 00003560 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2017-07-02 16:15 - 2014-01-03 19:53 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2017-06-30 16:46 - 2016-07-16 13:49 - 00835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2017-06-30 16:46 - 2016-07-16 13:49 - 00177656 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2017-06-30 15:22 - 2016-06-30 18:21 - 00000000 ____D C:\Program Files\Mozilla Firefox
2017-06-30 07:01 - 2014-01-05 15:49 - 00000000 ____D C:\ProgramData\Skype
2017-06-28 20:04 - 2017-03-17 11:33 - 00000000 ___RD C:\Program Files (x86)\Skype
2017-06-28 17:07 - 2017-05-19 19:00 - 00000000 ___HD C:\Users\Siggi\Desktop\[Originaldateien]
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2016-01-09 13:05 - 2016-06-11 16:32 - 0000027 _____ () C:\Users\Siggi\AppData\Roaming\AVSDVDPlayer.m3u
2014-05-03 16:05 - 2014-05-03 16:05 - 0000000 _____ () C:\Users\Siggi\AppData\Roaming\gdfw.log
2014-05-03 16:04 - 2017-07-20 08:10 - 0002731 _____ () C:\Users\Siggi\AppData\Roaming\gdscan.log
2014-11-02 12:21 - 2017-02-20 15:10 - 0000600 _____ () C:\Users\Siggi\AppData\Roaming\winscp.rnd
2015-09-24 11:43 - 2016-05-08 14:36 - 0001062 _____ () C:\Users\Siggi\AppData\Local\62ddddf9d461bd9633b86dd3c75a2286
2015-09-27 15:30 - 2016-09-26 16:02 - 0001062 _____ () C:\Users\Siggi\AppData\Local\998087a8e589f390f0b710fed8b8c1bf
2015-08-13 17:30 - 2015-10-02 19:58 - 0000950 _____ () C:\Users\Siggi\AppData\Local\c59be68b03be09f9dbe3e1c49acbe573
2014-01-05 15:25 - 2016-04-26 14:33 - 0030208 _____ () C:\Users\Siggi\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-12-21 17:21 - 2015-03-15 17:06 - 0000600 _____ () C:\Users\Siggi\AppData\Local\PUTTY.RND
2016-11-04 11:02 - 2016-11-04 11:02 - 0004591 _____ () C:\Users\Siggi\AppData\Local\recently-used.xbel
2016-07-25 15:43 - 2016-08-05 15:20 - 0007602 _____ () C:\Users\Siggi\AppData\Local\resmon.resmoncfg
2014-02-01 12:51 - 2016-07-22 16:57 - 0000900 ___SH () C:\ProgramData\KGyGaAvL.sys
2017-03-09 20:42 - 2017-03-09 20:42 - 0000116 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.400.32.bc
2014-02-15 14:51 - 2014-02-15 14:51 - 0012698 _____ () C:\ProgramData\ndhlopzv.syn
2015-01-23 22:32 - 2015-01-23 22:32 - 0004974 _____ () C:\ProgramData\vnjjireq.zmg
==================== Bamital & volsnap ======================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2017-07-15 12:14
==================== Ende von FRST.txt ============================
|
|
22.07.2017, 09:18
| #14 |
| | Malwarebytes zeigt Funde an auf PC vom Vater add: Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 18-07-2017
durchgeführt von Siggi (22-07-2017 10:14:39)
Gestartet von C:\Users\Siggi\Desktop
Windows 10 Pro Version 1607 (X64) (2016-09-25 09:16:30)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-2441953047-3725558795-4123501198-500 - Administrator - Disabled) => C:\Users\Administrator
DefaultAccount (S-1-5-21-2441953047-3725558795-4123501198-503 - Limited - Disabled)
Gast (S-1-5-21-2441953047-3725558795-4123501198-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2441953047-3725558795-4123501198-1002 - Limited - Enabled)
Siggi (S-1-5-21-2441953047-3725558795-4123501198-1001 - Administrator - Enabled) => C:\Users\Siggi
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: G DATA INTERNET SECURITY (Enabled - Up to date) {A9C56A9B-ECCD-57EA-78F6-92511DA1C885}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: G*DATA Personal Firewall (Enabled) {91FEEBBE-A6A2-56B2-53A9-3B64E3728FFE}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
8GadgetPack (HKLM-x32\...\{F60DAD2D-8625-4467-AE01-EA0382187621}) (Version: 19.0.0 - Helmut Buhler)
ACDSee 19 (HKLM\...\{F36C6194-6306-43D8-8775-8267BC77FF65}) (Version: 19.3.0.506 - ACD Systems International Inc.)
ACDSee Pro 7 (64-bit) (HKLM\...\{D2A6EC54-CB46-49E4-A6FC-A9179F9D9D12}) (Version: 7.1.169 - ACD Systems International Inc.)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 22.0.0.153 - Adobe Systems Incorporated)
Adobe Community Help (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.5.23 - Adobe Systems Incorporated.)
Adobe Flash Player 26 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 26.0.0.131 - Adobe Systems Incorporated)
Adobe Flash Player 26 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 26.0.0.131 - Adobe Systems Incorporated)
Adobe Photoshop Elements 12 (HKLM-x32\...\Adobe Photoshop Elements 12) (Version: 12.0 - Adobe Systems Incorporated)
Adobe Photoshop Lightroom 5.3 64-bit (HKLM\...\{2DD71ACB-552D-402C-9529-7906ACB95C30}) (Version: 5.3.1 - Adobe Systems Incorporated)
Adobe Premiere Elements 12 (HKLM\...\{4016464A-0C3E-4070-8293-5D7F0D8EAE3A}) (Version: 12.0 - Adobe Systems Incorporated) Hidden
Adobe Premiere Elements 12 (HKLM\...\PremElem120) (Version: 12.0 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.19) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.19 - Adobe Systems Incorporated)
Ahnenforschung DeLuxe (HKLM-x32\...\Ahnenforschung DeLuxe) (Version: - )
Apple Software Update (HKLM-x32\...\{6956856F-B6B3-4BE0-BA0B-8F495BE32033}) (Version: 2.1.1.116 - Apple Inc.)
Ashampoo Burning Studio FREE v.1.14.5 (HKLM-x32\...\{91B33C97-91F8-FFB3-581B-BC952C901685}_is1) (Version: 1.14.5 - Ashampoo GmbH & Co. KG)
Ashampoo Photo Commander 10 v.10.2.1 (HKLM-x32\...\{C92AB6F1-4B66-808A-D77C-25EF81C0176A}_is1) (Version: 10.2.1 - Ashampoo GmbH & Co. KG)
Audials (HKLM-x32\...\{942EDCE4-79EE-409E-9E7C-6EC236C037AC}) (Version: 10.3.34300.0 - Audials AG)
Audials (HKLM-x32\...\{97DDF4B1-4BA6-40B3-AFBE-6080F08D540A}) (Version: 17.0.30797.9700 - Audials AG)
AVG (HKLM\...\AvgZen) (Version: 1.116.3.1052 - AVG Technologies)
AVG PC TuneUp (HKLM-x32\...\{149D912F-03DB-4895-913E-820CB11965C0}) (Version: 16.74.1 - AVG Technologies) Hidden
AVG PC TuneUp (HKLM-x32\...\AVG PC TuneUp) (Version: 16.74.2.60831 - AVG Technologies)
AVG Zen (HKLM\...\{219E7C4A-0902-4CD4-82B8-EF908BF3198E}) (Version: 1.116.2 - AVG Technologies) Hidden
AVS Audio Converter 8.0 (HKLM-x32\...\AVS Audio Converter_is1) (Version: 8.0.1.540 - Online Media Technologies Ltd.)
AVS Audio Editor 7.2 (HKLM-x32\...\AVS Audio Editor_is1) (Version: 7.2.2.488 - Online Media Technologies Ltd.)
AVS Audio Recorder 4.0 (HKLM-x32\...\AVS Audio Recorder_is1) (Version: 4.0.2.22 - Online Media Technologies Ltd.)
AVS Disc Creator 5.2.7 (HKLM-x32\...\AVS Disc Creator_is1) (Version: 5.2.7.541 - Online Media Technologies Ltd.)
AVS DVD Authoring (HKLM-x32\...\AVS DVD Authoring_is1) (Version: - Online Media Technologies Ltd.)
AVS DVD Player version 2.4 (HKLM-x32\...\AVS DVD Player_is1) (Version: - Online Media Technologies Ltd.)
AVS Update Manager 1.0 (HKLM-x32\...\AVS Update Manager_is1) (Version: - Online Media Technologies Ltd.)
AVS Video Converter 9.1 (HKLM-x32\...\AVS4YOU Video Converter 7_is1) (Version: 9.1.2.571 - Online Media Technologies Ltd.)
AVS Video Editor 6.5 (HKLM-x32\...\AVS Video Editor_is1) (Version: 6.5.1.246 - Online Media Technologies Ltd.)
AVS Video Recorder 2.4 (HKLM-x32\...\AVS Video Recorder_is1) (Version: - Online Media Technologies Ltd.)
AVS4YOU Software Navigator 1.2 (HKLM-x32\...\AVS4YOU Software Navigator_is1) (Version: - Online Media Technologies Ltd.)
Camera Support Core Library (HKLM-x32\...\{A1D0D14A-B776-4907-BC00-5149F2298086}) (Version: 7.3.0.4 - Canon) Hidden
Camera Window DVC (HKLM-x32\...\{A2EB8F2E-6D9B-4F8B-96EB-F976D33F416F}) (Version: 5.4.4 - Canon) Hidden
Camera Window MC (HKLM-x32\...\{36C65B50-37BA-4467-AAD5-0523EFDF6F62}) (Version: 5.4.3 - Canon) Hidden
CameraHelperMsi (HKLM-x32\...\{15634701-BACE-4449-8B25-1567DA8C9FD3}) (Version: 13.51.815.0 - Logitech) Hidden
Canon Camera Support Core Library (HKLM-x32\...\InstallShield_{A1D0D14A-B776-4907-BC00-5149F2298086}) (Version: 7.3.0.4 - Canon)
Canon Camera WIA Driver (HKLM-x32\...\{33CF7CDF-9805-4500-9CC7-D19D52AD63C4}) (Version: 5.6 - Canon) Hidden
Canon Camera Window DC_DV 5 for ZoomBrowser EX (HKLM-x32\...\InstallShield_{A2EB8F2E-6D9B-4F8B-96EB-F976D33F416F}) (Version: 5.4.4 - Canon)
Canon Camera Window MC 5 for ZoomBrowser EX (HKLM-x32\...\InstallShield_{36C65B50-37BA-4467-AAD5-0523EFDF6F62}) (Version: 5.4.3 - Canon)
Canon EOS Kiss_N REBEL_XT 350D WIA Driver (HKLM-x32\...\InstallShield_{33CF7CDF-9805-4500-9CC7-D19D52AD63C4}) (Version: 5.6 - Canon)
CANON iMAGE GATEWAY Task (HKLM-x32\...\{33711828-7194-4446-8C05-0DC0E59A0C1B}) (Version: 1.0.0.23 - Canon) Hidden
CANON iMAGE GATEWAY Task for ZoomBrowser EX (HKLM-x32\...\InstallShield_{33711828-7194-4446-8C05-0DC0E59A0C1B}) (Version: 1.0.0.23 - Canon)
Canon Internet Library for ZoomBrowser EX (HKLM-x32\...\InstallShield_{D0E8C34D-19D2-49FD-A900-88DEB788FF86}) (Version: 1.4.0 - Canon Inc.)
Canon MP Navigator EX 2.1 (HKLM-x32\...\MP Navigator EX 2.1) (Version: - )
Canon MX320 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MX320_series) (Version: - Canon Inc.)
Canon PhotoRecord (HKLM-x32\...\{BBBC2B89-E193-4348-A83C-C8DD8210A4AC}) (Version: 02.02.03002 - Cisra)
Canon RAW Image Task for ZoomBrowser EX (HKLM-x32\...\InstallShield_{BAA43DA2-B6C5-46EC-B163-0E8EEAF975A4}) (Version: 2.2 - Canon)
Canon Utilities Digital Photo Professional (HKLM-x32\...\Digital Photo Professional) (Version: 3.14.47.0 - Canon Inc.)
Canon Utilities Digital Photo Professional 2.0 (HKLM-x32\...\{17BF3045-AB1D-4048-8356-6C584B83565E}) (Version: 2.0 - Canon) Hidden
Canon Utilities Digital Photo Professional 2.0 (HKLM-x32\...\InstallShield_{17BF3045-AB1D-4048-8356-6C584B83565E}) (Version: 2.0 - Canon)
Canon Utilities EOS Capture 1.5 (HKLM-x32\...\InstallShield_{589D17BB-C997-48C0-BCD2-CC8DC3375FE8}) (Version: 1.5 - Canon)
Canon Utilities EOS Lens Registration Tool (HKLM-x32\...\EOS Lens Registration Tool) (Version: 1.3.0.1 - Canon Inc.)
Canon Utilities EOS Utility 2 (HKLM-x32\...\EOS Utility 2) (Version: 2.14.20.0 - Canon Inc.)
Canon Utilities EOS Web Service Registration Tool (HKLM-x32\...\EOS Web Service Registration Tool) (Version: 1.2.10.0 - Canon Inc.)
Canon Utilities PhotoStitch 3.1 (HKLM-x32\...\InstallShield_{874E44F3-B9A7-4AA1-B4BA-83E5684ED9C6}) (Version: 3.1.16 - Canon)
Canon ZoomBrowser EX (E) (HKLM-x32\...\{C1D76D7A-F3BB-47EA-A746-5B1E2FFC1DF2}) (Version: 5.05.0000 - Canon)
CBH-2012 (HKLM-x32\...\{E7E877BE-A17B-4E5A-B8E4-3B893C03BB1B}) (Version: 4.1.SP1 - LN-Systems)
chip 1-click download service (HKLM-x32\...\{503CA94E-0834-4CEE-AD92-BA17AF4E809A}) (Version: 3.6.9.0 - Chip Digital GmbH)
CLIQZ (HKLM-x32\...\{5A0C0737-6AFE-4DC6-A8B4-6DFE509ACD75}_is1) (Version: 1.0.44 - CLIQZ.com)
COLOR projects 4 elements (64-Bit) (HKLM\...\COLOR_PROJECTS_4_2_C935FDA1_is1) (Version: 4.41 - Franzis Verlag GmbH)
COLOR projects premium (64-Bit) (HKLM\...\COLOR_PROJECTS_1_2_C935FDA1_is1) (Version: 1.14 - Franzis Verlag GmbH)
ComproFM 2 (HKLM-x32\...\{9EA404D2-5A5E-4A44-94E3-B8B148F7BCBC}) (Version: 2.20.500 - )
Corel Paint Shop Pro Photo X2 (HKLM-x32\...\{64E72FB1-2343-4977-B4A8-262CD53D0BD3}) (Version: 12.50.0001 - Corel Corporation)
Cut Out 3.0 pro (64bits) (HKLM\...\Cut Out pro(64bits)_is1) (Version: - Franzis.de)
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
DHTML Editing Component (HKLM-x32\...\{2EA870FA-585F-4187-903D-CB9FFD21E2E0}) (Version: 6.02.0001 - Microsoft Corporation)
Dream Aquarium (HKLM-x32\...\DreamAqua) (Version: - )
DVBViewer Pro (HKLM-x32\...\DVBViewer Pro_is1) (Version: 5.3.2 - CM&V)
DVBViewer TE2 (HKLM-x32\...\DVBViewer TE2_is1) (Version: - CM&V)
DVD Shrink 3.2 deutsch (DeCSS-frei) (HKLM-x32\...\DVD Shrink DE_is1) (Version: - DVD Shrink)
Dynamic-Photo HDR 4.7 (HKLM-x32\...\Dynamic-Photo HDR 4_is1) (Version: - Mediachance)
EasyWeather (HKLM-x32\...\{CE1B03BC-3C99-4580-A2AC-A41DB9B83378}) (Version: - 1.0)
Elements 10 Organizer (HKLM-x32\...\{22D3A614-482C-444A-932C-9DA1B8ECDFD2}) (Version: 10.0 - Ihr Firmenname) Hidden
Elements 12 Organizer (HKLM-x32\...\{9D80A7B7-DC01-485D-AE93-710D559B5C56}) (Version: 12.0 - Ihr Firmenname) Hidden
EOS Capture 1.5 (HKLM-x32\...\{589D17BB-C997-48C0-BCD2-CC8DC3375FE8}) (Version: 1.5 - Canon) Hidden
erLT (HKLM-x32\...\{3EE9BCAE-E9A9-45E5-9B1C-83A4D357E05C}) (Version: 1.20.138.34 - Logitech, Inc.) Hidden
FastStone Image Viewer 5.7 (HKLM-x32\...\FastStone Image Viewer) (Version: 5.7 - FastStone Soft)
FlexRadio Systems PowerSDR v2.6.4 (HKLM-x32\...\{F700F67B-8F6F-48EF-98EE-CF5CF62ABEA2}_is1) (Version: 2.6.4 - FlexRadio Systems)
FMW 1 (HKLM\...\{DC2A8E3D-D5E1-4837-A2E0-C308100AC412}) (Version: 1.143.3 - AVG Technologies) Hidden
Fotogalerie (HKLM-x32\...\{41BF4A3B-D60A-4E92-883F-C88C8C157261}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
FUJIFILM MyFinePix Studio 1.1 (HKLM-x32\...\FinePix Genie_is1) (Version: - )
G DATA INTERNET SECURITY (HKLM-x32\...\G DATA INTERNET SECURITY) (Version: 25.4.0.1 - G DATA Software AG)
GeoSetter 3.4.16 (HKLM-x32\...\GeoSetter_is1) (Version: - Friedemann Schmidt)
GIMP 2.8.10 (HKLM\...\GIMP-2_is1) (Version: 2.8.10 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 58.0.3029.110 - Google Inc.)
Google Earth (HKLM-x32\...\{F6430171-B86B-4639-839E-374913E7911D}) (Version: 7.1.8.3036 - Google)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.5 - Google Inc.) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden
Ham Radio Deluxe (HKLM-x32\...\{4DF979D5-464C-4926-AF73-54C1C219F06A}) (Version: 5.24.0.36 - HRD Software, LLC)
Harrys Filters 4.0 (Plugin) (HKLM\...\Harrys Filters 4.0 (Plugin)_is1) (Version: - The Plugin Site)
Hauppauge WinTV 7 (HKLM-x32\...\Hauppauge WinTV 7) (Version: v7.0.30237 (CD 2.6) - Hauppauge Computer Works)
HDR projects darkroom (64-Bit) (HKLM\...\HDR_PROJECTS_2_0_3BF7CE82_is1) (Version: 2.26 - Franzis Verlag GmbH)
HDR Projects platin (64-Bit) (HKLM\...\HDR Projects platin_is1) (Version: 1.23 - Franzis Verlag GmbH)
Internet Library (HKLM-x32\...\{D0E8C34D-19D2-49FD-A900-88DEB788FF86}) (Version: 1.4.0 - Canon Inc.) Hidden
Java 8 Update 131 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180131F0}) (Version: 8.0.1310.11 - Oracle Corporation)
LAV Filters 0.69 (HKLM-x32\...\lavfilters_is1) (Version: 0.69 - Hendrik Leppkes)
Logitech Webcam-Software (HKLM-x32\...\{D40EB009-0499-459c-A8AF-C9C110766215}) (Version: 2.51 - Logitech Inc.)
Luminance HDR 2.4.0 (HKLM-x32\...\{7020FC34-6E04-4858-924D-354B28CB2402}_is1) (Version: - Luminance HDR Dev Team)
MainConcept DTV Decoder Pro (HKLM-x32\...\{793FCE60-DE5E-4977-A942-A7B69A45B17D}) (Version: 1.5.0.2 - MainConcept GmbH)
Malwarebytes Version 3.0.6.1469 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.0.6.1469 - Malwarebytes)
MergeModule_x64 (HKLM\...\{12DCC5A7-0100-4433-B4FF-217A3C5DC83B}) (Version: 9.3.00 - Sony Corporation) Hidden
MergeModule_x86 (HKLM-x32\...\{DD7721BB-CF1C-4DC9-AD87-8D5FB75413B7}) (Version: 9.3.00 - Sony Corporation) Hidden
MicroCapture Pro 2.2 (HKLM-x32\...\MicroCapture Pro) (Version: 2.2 - winmax)
Microsoft Camera Codec Pack (HKLM-x32\...\{968AE11C-EDF7-4D18-B416-848DA26EADFA}) (Version: 6.3.9723.0 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (HKLM-x32\...\HOMESTUDENTR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Live Add-in 1.5 (HKLM-x32\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Rechner-Plus (HKLM-x32\...\{437C19B3-7E20-4E39-B868-CA6BAA820E1C}) (Version: 1.0.0 - Microsoft)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 (HKLM\...\{D285FC5F-3021-32E9-9C59-24CA325BDC5C}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022.218 (HKLM-x32\...\{E503B4BF-F7BB-3D5F-8BC8-F694B1CFF942}) (Version: 9.0.21022.218 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Movie Maker (HKLM-x32\...\{70C91B91-61E8-4D06-86D6-A9DCC291983A}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{DD67BE4B-7E62-4215-AFA3-F123A800A389}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 54.0.1 (x64 de) (HKLM\...\Mozilla Firefox 54.0.1 (x64 de)) (Version: 54.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 54.0.1.6388 - Mozilla)
Mozilla Thunderbird 50.0 (x86 en-US) (HKLM-x32\...\Mozilla Thunderbird 50.0 (x86 en-US)) (Version: 50.0 - Mozilla)
Mozilla Thunderbird 55.0 (x86 en-US) (HKU\S-1-5-21-2441953047-3725558795-4123501198-1001\...\Mozilla Thunderbird 55.0 (x86 en-US)) (Version: 55.0 - Mozilla)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
Neat Image v7.4.0 Demo Standalone (32-bit) (HKLM-x32\...\Neat Image Standalone (32-bit)_is1) (Version: - Neat Image team, ABSoft)
NEAT projects professional (64-Bit) (HKLM\...\NEAT_PROJECTS_1_3_Df337A2C_is1) (Version: 1.12 - Franzis Verlag GmbH)
Nik Collection (HKLM-x32\...\Nik Collection) (Version: 1.2.11 - Google)
NVIDIA 3D Vision Treiber 342.01 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 342.01 - NVIDIA Corporation)
NVIDIA Grafiktreiber 342.01 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 342.01 - NVIDIA Corporation)
NVIDIA Update 10.4.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 10.4.0 - NVIDIA Corporation)
Online-Banking+ (HKLM-x32\...\{B1B03833-939A-43D3-ADA5-E4088E6AFD5D}) (Version: 15.2.1.18 - Buhl Data Service GmbH) Hidden
Online-Banking+ (HKLM-x32\...\Online-Banking+) (Version: - Buhl Data Service GmbH)
PC Camer@N (HKLM-x32\...\{68AD7668-834F-49BC-94AB-28F94A5D93D5}) (Version: 0.1.3.8 - Teconet) Hidden
PC Camer@N (HKLM-x32\...\InstallShield_{68AD7668-834F-49BC-94AB-28F94A5D93D5}) (Version: 0.1.3.8 - Teconet)
Pcr1k Mini (HKLM-x32\...\ST6UNST #1) (Version: - )
PC-WELT-Fix-it-Pack 2.0 (HKLM\...\{CD349D32-0976-4AB5-9616-82717033D2C8}_is1) (Version: - IDG Magazine Media GmbH)
Phase 5 HTML-Editor (HKLM-x32\...\{20B1B020-DEAE-48D1-9960-D4C3185D758B}) (Version: 5.6.2.3 - Systemberatung Schommer)
PhotoPad Foto-Editor (HKLM-x32\...\PhotoPad) (Version: 2.41 - NCH Software)
PhotoStitch (HKLM-x32\...\{874E44F3-B9A7-4AA1-B4BA-83E5684ED9C6}) (Version: 3.1.16 - Canon) Hidden
PlayMemories Home (HKLM-x32\...\{94F4815B-755A-4FFA-AFDC-EE8FE776981E}) (Version: 5.1.00.12260 - Sony Corporation)
PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
PMB_ModeEditor (HKLM-x32\...\{D5318740-B088-4B1A-B6A8-1F90A172CCD1}) (Version: 9.3.00 - Sony Corporation) Hidden
PMB_ServiceUploader (HKLM-x32\...\{E7FDF11C-12BB-4D6F-9B6D-F8E488C776DC}) (Version: 10.1.00 - Sony Corporation) Hidden
ProgDVB (HKLM\...\ProgDVB) (Version: - )
PSE12 STI Installer (HKLM-x32\...\{11F9A376-342F-4297-82DA-1F6EA8ED4B6B}) (Version: 12.0 - Adobe Systems Incorporated) Hidden
QuickTime (HKLM-x32\...\{1451DE6B-ABE1-4F62-BE9A-B363A17588A2}) (Version: 7.65.17.80 - Apple Inc.)
RAF (HKLM-x32\...\{E6B43401-E818-4961-AFED-118DD8E87642}) (Version: 1.00.0001 - FUJIFILM Corporation)
RAW Image Task 2.2 (HKLM-x32\...\{BAA43DA2-B6C5-46EC-B163-0E8EEAF975A4}) (Version: 2.2 - Canon) Hidden
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
Saal Design Software (HKLM-x32\...\{0C52FDB3-C8A1-E686-5A87-85F3EC2259D4}) (Version: 4.0 - Saal Digital Fotoservice GmbH) Hidden
Saal Design Software (HKLM-x32\...\SaalDesignSoftware) (Version: 4.0 - Saal Digital Fotoservice GmbH)
Serif PhotoPlus X5 (HKLM-x32\...\{617E7009-0C50-4178-B0E2-F9D66DC8A582}) (Version: 15.0.1.011 - Serif (Europe) Ltd)
Silicon Laboratories CP210x VCP Drivers for Windows 2000/XP/2003 Server/Vista (HKLM-x32\...\{E4EE41CD-85AD-41DC-A93D-CA73A3BE981B}) (Version: 4.40 - Silicon Laboratories, Inc.)
SILVER projects premium (64-Bit) (HKLM\...\SILVER_PROJECTS_1_2_28B15F1D_is1) (Version: 1.14 - Franzis Verlag GmbH)
Skype™ 7.38 (HKLM-x32\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.38.101 - Skype Technologies S.A.)
stunnel installed for AllUsers (HKLM-x32\...\stunnel) (Version: 5.35 - Michal Trojnara)
TeamSpeak 2 RC2 (HKLM-x32\...\Teamspeak 2 RC2_is1) (Version: 2.0.32.60 - Dominating Bytes Design)
TeamViewer 12 (HKLM-x32\...\TeamViewer) (Version: 12.0.75813 - TeamViewer)
TechniSat DVB-PC TV Star (HKLM-x32\...\{D032A7F0-8B5C-4603-8B46-235025D5F9C1}) (Version: 4.3.3 - TechniSat)
Technisat DVB-VC80 Redistributable Modules (HKLM-x32\...\{134007CC-7026-46C2-B46F-40D9FD2AF385}) (Version: 1.0.0 - Technisat)
Telekom Hosting Manager (HKLM\...\Telekom Hosting Manager) (Version: 1.1.6.0 - Telekom)
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 8.50 - Ghisler Software GmbH)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0407-0000-0000000FF1CE}_HOMESTUDENTR_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version: - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0407-0000-0000000FF1CE}_HOMESTUDENTR_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version: - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0407-0000-0000000FF1CE}_HOMESTUDENTR_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version: - Microsoft)
USB2.0 PC Camera (HKLM-x32\...\{417D86A0-89FE-4308-B172-45B74DCE6F8F}) (Version: 2.2.0.0 - aveotek)
Videoload (HKU\S-1-5-21-2441953047-3725558795-4123501198-1001\...\3923177984.wcps.t-online.de) (Version: - wcps.t-online.de)
VideoMate DVB-T / DAB / ISDBT USB Driver (HKLM-x32\...\{9B56D73E-CBC7-4499-ACED-9ECCA72AE52C}) (Version: 86.1.1012.2010 - )
VisionGS PE (HKLM-x32\...\VisionGS PE_is1) (Version: - bluepath GmbH)
Wacom (HKLM\...\Pen Tablet Driver) (Version: 5.3.5-3 - Wacom Technology Corp.)
WeatherLink 6.0.3 (HKLM-x32\...\{E344C807-7DE0-4CC2-81BB-1F895CF8CBDF}) (Version: 6.0.3 - Davis Instruments Corp.)
WebTablet FB Plugin 32 bit (HKLM-x32\...\Wacom WebTabletPlugin for Internet Explorer and Netscape) (Version: 2.1.0.7 - Wacom Technology Corp.)
WebTablet FB Plugin 64 bit (HKLM\...\Wacom WebTabletPlugin for Internet Explorer and Netscape) (Version: 2.1.0.7 - Wacom Technology Corp.)
Windows 10 Update and Privacy Settings (HKLM\...\{4DFCD818-036A-4229-A67D-CF17DC461D92}) (Version: 1.0.14.0 - Microsoft Corporation)
Windows 10-Upgrade-Assistent (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.17387 - Microsoft Corporation)
Windows Desktop Gadgets (HKLM\...\Windows Desktop Gadgets_is1) (Version: 2.0 - hxxp://gadgetsrevived.com)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
Windows-Treiberpaket - ZC-700W Webcam Driver (01/01/2007 6.0.0.1) (HKLM\...\10222FE57D88FE4CF0DE52CB1422B3E85424F890) (Version: 01/01/2007 6.0.0.1 - )
Windows-Treiberpaket - Silicon Laboratories (silabenm) Ports (10/18/2013 6.6.1.0) (HKLM\...\F92C2D6CB4EA0EE558BDF5F8BDD69083DFC62179) (Version: 10/18/2013 6.6.1.0 - Silicon Laboratories)
WinRAR 5.40 beta 2 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.40.2 - win.rar GmbH)
WinSCP 5.7.7 (HKLM-x32\...\winscp3_is1) (Version: 5.7.7 - Martin Prikryl)
WISO Konto Online Plus 365 (HKLM-x32\...\{FF192B78-55F6-4B80-860F-33E428FA16E3}) (Version: 22.0.0.0 - Buhl Data Service GmbH) Hidden
WISO Konto Online Plus 365 (HKLM-x32\...\WISO Konto Online Plus 365) (Version: - Buhl Data Service GmbH)
WsWin V2.98.0 - 2015-08-31 (HKLM-x32\...\PC-Wetterstation_is1) (Version: 2.98.0 - Werner Krenn)
WXtoImg (HKLM-x32\...\WXtoImg) (Version: - )
Z Cinema (HKLM\...\{6E166235-49F3-4DFA-A102-1E86675ABD11}) (Version: 1.0.0 - Logitech)
ZC-700W Webcam (HKLM-x32\...\{E398E7CC-30B8-4D63-B07B-741163A12565}) (Version: 100.000.070814 - ZC-700W)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
CustomCLSID: HKU\S-1-5-21-2441953047-3725558795-4123501198-1001_Classes\CLSID\{0E7BE950-4ACC-47CB-834B-41A8B96BBFF9}\InprocServer32 -> C:\Users\Siggi\AppData\Local\Microsoft\Windows Sidebar\Gadgets\Sidebar7.gadget\Release\Sidebar7.64.dll (Helmut Buhler)
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> Keine Datei
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> Keine Datei
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> Keine Datei
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> Keine Datei
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> Keine Datei
ShellIconOverlayIdentifiers: [EldosIconOverlay-cbfs5] -> {1B916AD7-FB63-41F5-B564-5931F0D120E6} => C:\WINDOWS\system32\cbfsMntNtf5.dll [2014-01-23] (EldoS Corporation)
ShellIconOverlayIdentifiers: [HGE Overlay 0 (Upload)] -> {6AE3859C-AB0D-49EC-A7C2-3631D96C6EE5} => C:\WINDOWS\system32\HGE.ShellExtension.dll [2013-03-18] (Deutsche Telekom AG)
ShellIconOverlayIdentifiers: [HGE Overlay 1 (Transfer)] -> {E4E8FAD2-90BC-41fe-8851-F70EB11E6875} => C:\WINDOWS\system32\HGE.ShellExtension.dll [2013-03-18] (Deutsche Telekom AG)
ShellIconOverlayIdentifiers: [HGE Overlay 2 (Finished)] -> {B9C00A72-09B3-4f53-B8B9-7349D04D65F7} => C:\WINDOWS\system32\HGE.ShellExtension.dll [2013-03-18] (Deutsche Telekom AG)
ShellIconOverlayIdentifiers: [HGE Overlay 3 (Selected)] -> {8F153B5F-6763-4d81-9A78-26CC7750EF2A} => C:\WINDOWS\system32\HGE.ShellExtension.dll [2013-03-18] (Deutsche Telekom AG)
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> Keine Datei
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> Keine Datei
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> Keine Datei
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> Keine Datei
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> Keine Datei
ShellIconOverlayIdentifiers-x32: [EldosIconOverlay-cbfs5] -> {1B916AD7-FB63-41F5-B564-5931F0D120E6} => C:\WINDOWS\SysWOW64\cbfsMntNtf5.dll [2014-01-23] (EldoS Corporation)
ContextMenuHandlers01: [AVG Shredder Shell Extension] -> {4858E7D9-8E12-45a3-B6A3-1CD128C9D403} => C:\Program Files (x86)\AVG\AVG PC TuneUp\SDShelEx-x64.dll [2017-02-21] (AVG Technologies CZ, s.r.o.)
ContextMenuHandlers01: [AVK9CM] -> {CAF4C320-32F5-11D3-A222-004095200FF2} => C:\Program Files (x86)\G DATA\InternetSecurity\AVK\ShellExt64.dll [2017-06-08] (G DATA Software AG)
ContextMenuHandlers01: [HgeContextMenu] -> {62C509D3-D882-4A21-8358-E75DEFF6CB25} => C:\WINDOWS\system32\HGE.ShellExtension.dll [2013-03-18] (Deutsche Telekom AG)
ContextMenuHandlers01: [PicaViewCtxMenuShlExt] -> {F3CBBA61-EE3F-4D6D-B1C6-B3474E579936} => C:\Program Files\Common Files\ACD Systems\PicaView\ACDSeePV.dll [2015-10-08] (ACD Systems International Inc.)
ContextMenuHandlers01: [ShellConverter] -> {30A4E07E-068A-4d91-8F05-691283A1336B} => C:\Program Files (x86)\Common Files\AVSMedia\ActiveX\AVSShellConverter64.dll [2015-04-06] (Online Media Technologies Ltd.)
ContextMenuHandlers03: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-01-20] (Malwarebytes)
ContextMenuHandlers03: [Reisswolf] -> {1F0F1EE7-36B9-11D2-8985-0080ADA96E9B} => C:\Program Files (x86)\G DATA\InternetSecurity\Shredder\Reisswlf64.dll [2017-06-08] (G DATA Software AG)
ContextMenuHandlers04: [AVG Disk Space Explorer Shell Extension] -> {4838CD50-7E5D-4811-9B17-C47A85539F28} => C:\Program Files (x86)\AVG\AVG PC TuneUp\DseShExt-x64.dll [2017-02-21] (AVG Technologies CZ, s.r.o.)
ContextMenuHandlers04: [AVG Shredder Shell Extension] -> {4858E7D9-8E12-45a3-B6A3-1CD128C9D403} => C:\Program Files (x86)\AVG\AVG PC TuneUp\SDShelEx-x64.dll [2017-02-21] (AVG Technologies CZ, s.r.o.)
ContextMenuHandlers04: [HgeContextMenu] -> {62C509D3-D882-4A21-8358-E75DEFF6CB25} => C:\WINDOWS\system32\HGE.ShellExtension.dll [2013-03-18] (Deutsche Telekom AG)
ContextMenuHandlers05: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2016-11-14] (NVIDIA Corporation)
ContextMenuHandlers06: [AVK9CM] -> {CAF4C320-32F5-11D3-A222-004095200FF2} => C:\Program Files (x86)\G DATA\InternetSecurity\AVK\ShellExt64.dll [2017-06-08] (G DATA Software AG)
ContextMenuHandlers06: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-01-20] (Malwarebytes)
ContextMenuHandlers06: [Reisswolf] -> {1F0F1EE7-36B9-11D2-8985-0080ADA96E9B} => C:\Program Files (x86)\G DATA\InternetSecurity\Shredder\Reisswlf64.dll [2017-06-08] (G DATA Software AG)
ContextMenuHandlers5_S-1-5-21-2441953047-3725558795-4123501198-1001: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => -> Keine Datei
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {07458051-D8AB-43BD-ACF2-D44E84A67815} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {09392749-0A12-4DCF-ABD4-5D6F5F2AADC6} - System32\Tasks\{0B247F87-A701-4440-9339-F1875EE95FCD} => C:\Windows\system32\pcalua.exe -a D:\CEP_2.0_Complete_Win_DE.exe -d D:\
Task: {0A0AD880-9540-47F7-91AD-76FF1026E894} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {0A0DDAB3-802E-4F77-8371-476DABB16F4A} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {0A2A53DA-24DA-460A-91AC-AF521E86EF60} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {11DAABBF-5D98-470B-ADB7-F51F117032FB} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {1388E89C-D4FD-41EF-A194-A4AE588C4D8A} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-04-25] (Adobe Systems Incorporated)
Task: {15F6C957-E06F-4550-A456-686F4F28C4AC} - System32\Tasks\AVGPCTuneUp_Task_BkGndMaintenance => C:\Program Files (x86)\AVG\AVG PC TuneUp\tuscanx.exe [2017-02-21] (AVG Technologies CZ, s.r.o.)
Task: {1C6BF7D0-4B35-4FD7-993D-F665DF4E3960} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\WINDOWS\ehome\ehrec.exe
Task: {400CA01C-1EEA-46AE-BE53-2E7A986C8F90} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\WINDOWS\ehome\ehrec.exe
Task: {41174F5C-DB56-441D-83CA-CF51200087AD} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {411B0972-E529-4F89-A24B-103E41E1BBC5} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {4A1EE791-9499-4969-B4EF-60F39984A9D6} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {4AF8A682-BEC1-4A52-A250-61D78829CFF0} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {4F0A61A4-655B-47E3-8AD6-74E41B74C724} - System32\Tasks\{E0A07D66-864F-44B4-8DEF-5754405773DE} => C:\Windows\system32\pcalua.exe -a C:\Users\Siggi\Downloads\MDVS51LE_SR1(1).exe -d C:\Users\Siggi\Downloads
Task: {58407670-E10E-43E6-BAFE-D8287E6AC0CA} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {5ABD9620-FE0E-4F0F-A46B-0C2A9B642C8C} - System32\Tasks\Java Platform SE Auto Updater => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2017-03-15] (Oracle Corporation)
Task: {6968DAEA-E639-4D3B-A1C7-1ED4C05E2971} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {6A245795-611F-4EA0-B3FA-715A0FC9ED0D} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\WINDOWS\ehome\mcupdate.exe
Task: {71BDCFF0-8A63-4C94-BCB7-B7439D012E74} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {7927F907-FDEA-4513-A758-49F1F3730B1C} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2008-07-30] (Apple Inc.)
Task: {7D35FDE0-0A71-4D47-B255-F4396AA2B062} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {812B89ED-7B35-4A10-8AFA-5A6C4F3D8532} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {884B76E2-D343-404E-83CB-16F6B2AF8317} - System32\Tasks\OneDrive Standalone Update Task => C:\Users\Siggi\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\OneDriveStandaloneUpdater.exe
Task: {8EF2BC47-6A7B-4D41-BF41-E4830B00800F} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {92ADAB95-CA69-4BFF-9CFB-779A442B291F} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-06-17] (Adobe Systems Incorporated)
Task: {931AA313-0CB9-47E4-AB4D-BA55394CBB99} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {9624B254-4386-4A7A-A8FE-EE2961A19647} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {9D71E7E4-4BFC-4F4F-9205-FBD50E471BF5} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\WINDOWS\ehome\mcupdate.exe
Task: {A237C3FE-C1FE-4F33-8681-662ABB0B583E} - System32\Tasks\{1A1FA7F6-1890-4D31-8874-9602DACB72B0} => D:\CEP_2.0_Complete_Win_DE.exe
Task: {A29B961A-C7B5-42F8-B13F-AE49A4BD9DBA} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {AEA72503-E0CA-4153-B295-ACF3D1B7123D} - System32\Tasks\{3F9514FB-C8A3-49B9-8A8F-02E9AF1A6DBE} => C:\Windows\system32\pcalua.exe -a G:\unetbootin-windows-608\unetbootin-windows-608.exe -d G:\unetbootin-windows-608
Task: {B4B4AB71-2A43-4550-8807-3F79D36FBFFD} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {BC32F5C5-572A-4A21-8C37-B1837E79C55B} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\WINDOWS\ehome\MCUpdate.exe
Task: {C4B9A9D6-1D56-4A0D-89DD-E327BA7DC51B} - System32\Tasks\SidebarExecute => C:\Program Files (x86)\Windows Sidebar\sidebar.exe [2013-10-02] (Microsoft Corporation)
Task: {DBC6E009-CDE7-4E3E-A9F9-7B6ADC3C59DA} - System32\Tasks\AVG EUpdate Task => avgsetupx.exe
Task: {E44F740D-679D-42A1-AA32-FDE297A2A779} - System32\Tasks\AdobeAAMUpdater-1.0-Siggi-PC-Siggi => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2013-06-03] (Adobe Systems Incorporated)
Task: {E510889C-EC05-4A83-987A-BCFAF6994150} - System32\Tasks\{C3EE8CFC-80D2-4565-BF7E-C332DE34E4F2} => D:\CEP_2.0_Complete_Win_DE.exe
Task: {E6B2E88C-6B9F-42CD-B1DE-584AE4243094} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {EB5EDA2A-6003-46DE-8489-8E22A06BF3DD} - System32\Tasks\{89F4780C-152F-4B56-871F-DA7F8D01A46F} => C:\Windows\system32\pcalua.exe -a H:\SetupOnlineBankingPlus(1).exe -d H:\
Task: {F8A75EC6-71B0-4756-8834-97A95DDB4518} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_26_0_0_131_pepper.exe [2017-06-17] (Adobe Systems Incorporated)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
==================== Verknüpfungen & WMI ========================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
Shortcut: C:\Users\Siggi\Favorites\Downloadseite von NCH Software.lnk -> hxxp://www.nchsoftware.com/de/index.htm
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2016-07-16 13:42 - 2016-07-16 13:42 - 00231424 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2017-07-12 11:53 - 2017-06-21 09:48 - 02681200 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2016-09-25 10:23 - 2016-11-14 13:15 - 00135224 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2017-06-08 05:54 - 2017-06-08 05:54 - 00554984 _____ () C:\Program Files (x86)\Common Files\G Data\AVKProxy\PktIcpt2x64.dll
2016-09-26 12:28 - 2016-09-07 06:56 - 00134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll
2017-03-14 21:39 - 2017-03-04 08:31 - 00474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll
2017-06-17 08:47 - 2017-06-17 08:47 - 27688448 _____ () C:\WINDOWS\system32\Macromed\Flash\NPSWF64_26_0_0_131.dll
2013-11-30 20:54 - 2013-11-30 20:54 - 00067072 _____ () C:\Program Files (x86)\stunnel\bin\ZLIB1.dll
2016-05-03 19:26 - 2016-05-03 19:26 - 00024064 _____ () C:\Program Files (x86)\stunnel\engines\capi.dll
2016-12-02 19:27 - 2016-12-02 19:26 - 48920064 _____ () C:\Program Files (x86)\AVG\UiDll\2623\libcef.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
AlternateDataStreams: C:\ProgramData:BDSDRMHK [64]
AlternateDataStreams: C:\WINDOWS:nlsPreferences [0]
AlternateDataStreams: C:\Users\All Users:BDSDRMHK [64]
AlternateDataStreams: C:\ProgramData\Anwendungsdaten:BDSDRMHK [64]
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2015-10-30 09:24 - 2016-10-29 17:59 - 00000824 _____ C:\WINDOWS\system32\Drivers\etc\hosts
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-2441953047-3725558795-4123501198-1001\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\theme1\img13.jpg
DNS Servers: 192.168.2.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
mpsdrv => Firewall Dienst läuft nicht.
MpsSvc => Firewall Dienst läuft nicht.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
MSCONFIG\Services: AdobeActiveFileMonitor10.0 => 2
MSCONFIG\Services: AdobeActiveFileMonitor12.0 => 2
MSCONFIG\Services: AdobeARMservice => 2
MSCONFIG\Services: ehRecvr => 2
MSCONFIG\Services: ehSched => 2
MSCONFIG\Services: Fax => 3
MSCONFIG\Services: gupdate => 2
MSCONFIG\Services: gupdatem => 3
MSCONFIG\Services: HauppaugeTVServer => 2
MSCONFIG\Services: MpsSvc => 2
MSCONFIG\Services: TeamViewer9 => 2
MSCONFIG\Services: WinDefend => 2
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^ComproRemote.lnk => C:\Windows\pss\ComproRemote.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^ComproSchedulerDTV.lnk => C:\Windows\pss\ComproSchedulerDTV.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Server4PC.lnk => C:\Windows\pss\Server4PC.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^Siggi^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^EOS Utility.lnk => C:\Windows\pss\EOS Utility.lnk.Startup
MSCONFIG\startupfolder: C:^Users^Siggi^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^simplicheck.lnk => C:\Windows\pss\simplicheck.lnk.Startup
MSCONFIG\startupfolder: C:^Users^Siggi^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^WeatherLink 6.0.3.exe.lnk => C:\Windows\pss\WeatherLink 6.0.3.exe.lnk.Startup
MSCONFIG\startupreg: ACDSeeCommander19 => C:\Program Files (x86)\ACD Systems\ACDSee\19.0\ACDSeeCommander19.exe
MSCONFIG\startupreg: ACSW17DE => "G:\Program Files (x86)\ACDSee\17.0\acdIDInTouch2.exe"
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
MSCONFIG\startupreg: CAHeadless => F:\Program Files (x86)\Adobe\Elements 12 Organizer\CAHeadless\ElementsAutoAnalyzer.exe
MSCONFIG\startupreg: CCleaner Monitoring => "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
MSCONFIG\startupreg: Corel File Shell Monitor => G:\Program Files (x86)\Corel\Corel Paint Shop Pro Photo X2\CorelIOMonitor.exe
MSCONFIG\startupreg: Corel Photo Downloader => "C:\Program Files (x86)\Common Files\Corel\Corel PhotoDownloader\Corel Photo Downloader.exe" -startup
MSCONFIG\startupreg: LWS => C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe -hide
MSCONFIG\startupreg: NvBackend => "C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
MSCONFIG\startupreg: PMBVolumeWatcher => C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe /SysAutoRun
MSCONFIG\startupreg: ProgLauncher => G:\Program Files\ProgDVB\ProgLauncher.exe
HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run: => "WindowsDefender"
HKLM\...\StartupApproved\Run: => "ACPW07DE"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKU\S-1-5-21-2441953047-3725558795-4123501198-1001\...\StartupApproved\StartupFolder: => "Telekom Hosting Manager.lnk"
HKU\S-1-5-21-2441953047-3725558795-4123501198-1001\...\StartupApproved\StartupFolder: => "Sidebar520.lnk"
HKU\S-1-5-21-2441953047-3725558795-4123501198-1001\...\StartupApproved\StartupFolder: => "OneNote 2007 Bildschirmausschnitt- und Startprogramm.lnk"
HKU\S-1-5-21-2441953047-3725558795-4123501198-1001\...\StartupApproved\StartupFolder: => "EOS Utility.lnk"
HKU\S-1-5-21-2441953047-3725558795-4123501198-1001\...\StartupApproved\StartupFolder: => "Sidebar265.lnk"
HKU\S-1-5-21-2441953047-3725558795-4123501198-1001\...\StartupApproved\Run: => "CCleaner Monitoring"
HKU\S-1-5-21-2441953047-3725558795-4123501198-1001\...\StartupApproved\Run: => "ACDSeeCommander19"
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [{A25CBC86-965E-43CD-BFF1-857E2EDC6C11}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{C35471EF-00D1-4793-B648-0DF6CFFCEBFD}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{3A30E356-37D5-4FCD-B7E9-937897D579CB}] => (Allow) G:\Program Files (x86)\WinTV\WinTV7\WinTV7.exe
FirewallRules: [{0D5D93A8-DC21-4642-8F2A-5131835A1419}] => (Allow) G:\Program Files (x86)\WinTV\WinTV7\WinTV7.exe
FirewallRules: [{323568BB-4FC9-498D-A020-4EDD2D2E7BC0}] => (Allow) G:\Program Files (x86)\WinTV\WinTV7\WinTV7.exe
FirewallRules: [{7F2C76AA-475E-4BE4-97E4-74EDEAA8E24B}] => (Allow) G:\Program Files (x86)\WinTV\WinTV7\WinTV7.exe
FirewallRules: [{06E7D0CC-172C-48C8-94A7-472EC1C6AFEC}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{34E2A8D4-9B0D-4C1A-B945-7E15AE933436}] => (Allow) G:\Program Files (x86)\Audials\Audials 10\Audials.exe
FirewallRules: [{EEE8F83A-2431-4D90-B303-2C86114D8FE5}] => (Allow) LPort=12972
FirewallRules: [{28C2F037-B922-487F-99C4-3182B8E32641}] => (Allow) LPort=14714
FirewallRules: [{00697237-A114-44B6-BBD0-FE6E2603E836}] => (Allow) LPort=31931
FirewallRules: [{C1C4D3F1-D8A3-442C-8DFE-0C85ABA4C129}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{988CE59E-9A1E-4E8B-BD06-5B8A6FB06DFF}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{3243F948-64DE-4B1F-8FC5-DFD155D37CED}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{81F4CEE6-D3C5-402D-9315-7307B09AB7B0}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{0ED700D8-6ECE-4A06-9DA6-DD066C6BBA7D}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{320EA1FD-8BB0-48DC-A1E4-D74E6155A4E9}] => (Allow) LPort=2869
FirewallRules: [{731AE74B-DC32-47D9-B782-6E8E6EE210D8}] => (Allow) LPort=1900
==================== Wiederherstellungspunkte =========================
20-07-2017 07:47:59 Removed Visual Studio 2012 x64 Redistributables
Überprüfen Sie den "winmgmt" Dienst oder reparieren Sie den WMI.
==================== Fehlerhafte Geräte im Gerätemanager =============
Name: TechniSat DVB-PC TV Star PCI
Description: TechniSat DVB-PC TV Star PCI
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: TechniSat Digital
Service: SKYNET
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (07/22/2017 10:07:02 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Siggi-PC)
Description: Bei der Aktivierung der App „Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI“ ist folgender Fehler aufgetreten: -2147024894. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
Error: (07/22/2017 10:02:10 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Siggi-PC)
Description: Bei der Aktivierung der App „Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI“ ist folgender Fehler aufgetreten: -2147024894. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
Error: (07/22/2017 10:02:08 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Siggi-PC)
Description: Bei der Aktivierung der App „Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI“ ist folgender Fehler aufgetreten: -2147024894. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
Error: (07/22/2017 10:02:06 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Siggi-PC)
Description: Bei der Aktivierung der App „Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI“ ist folgender Fehler aufgetreten: -2147024894. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
Error: (07/22/2017 10:02:04 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Siggi-PC)
Description: Bei der Aktivierung der App „Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI“ ist folgender Fehler aufgetreten: -2147024894. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
Error: (07/22/2017 10:02:02 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Siggi-PC)
Description: Bei der Aktivierung der App „Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI“ ist folgender Fehler aufgetreten: -2147024894. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
Error: (07/22/2017 10:02:02 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Siggi-PC)
Description: Bei der Aktivierung der App „Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI“ ist folgender Fehler aufgetreten: -2147024894. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
Error: (07/22/2017 10:02:00 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Siggi-PC)
Description: Bei der Aktivierung der App „Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI“ ist folgender Fehler aufgetreten: -2147024894. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
Error: (07/22/2017 09:51:21 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Siggi-PC)
Description: Bei der Aktivierung der App „Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI“ ist folgender Fehler aufgetreten: -2147024894. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
Error: (07/22/2017 09:51:01 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Siggi-PC)
Description: Bei der Aktivierung der App „Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI“ ist folgender Fehler aufgetreten: -2147024894. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
Systemfehler:
=============
Error: (07/22/2017 10:15:33 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80073d0a fehlgeschlagen: Twitter
Error: (07/22/2017 10:12:53 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80073d0a fehlgeschlagen: MSN News
Error: (07/22/2017 10:10:42 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80073d0a fehlgeschlagen: Mail and Calendar
Error: (07/22/2017 10:10:10 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80073d0a fehlgeschlagen: MSN Sports
Error: (07/22/2017 10:09:57 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80073d0a fehlgeschlagen: MSN Money
Error: (07/22/2017 10:09:10 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80073d0a fehlgeschlagen: Sway
Error: (07/22/2017 10:08:23 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80073d0a fehlgeschlagen: Microsoft Tips
Error: (07/22/2017 10:07:42 AM) (Source: DCOM) (EventID: 10016) (User: Siggi-PC)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "Siggi-PC\Siggi" (SID: S-1-5-21-2441953047-3725558795-4123501198-1001) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{9E175B6D-F52A-11D8-B9A5-505054503030}
und der APPID
{9E175B9C-F52A-11D8-B9A5-505054503030}
im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.
Error: (07/22/2017 10:07:41 AM) (Source: DCOM) (EventID: 10016) (User: Siggi-PC)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "Siggi-PC\Siggi" (SID: S-1-5-21-2441953047-3725558795-4123501198-1001) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{9E175B6D-F52A-11D8-B9A5-505054503030}
und der APPID
{9E175B9C-F52A-11D8-B9A5-505054503030}
im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.
Error: (07/22/2017 10:07:41 AM) (Source: DCOM) (EventID: 10016) (User: Siggi-PC)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "Siggi-PC\Siggi" (SID: S-1-5-21-2441953047-3725558795-4123501198-1001) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{9E175B6D-F52A-11D8-B9A5-505054503030}
und der APPID
{9E175B9C-F52A-11D8-B9A5-505054503030}
im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.
CodeIntegrity:
===================================
Date: 2017-07-13 13:21:49.455
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2017-07-13 13:16:22.209
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\WINDOWS\assembly\GAC\Microsoft.StdFormat\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.StdFormat.dll that did not meet the Microsoft signing level requirements.
Date: 2017-07-13 13:16:22.114
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\WINDOWS\assembly\GAC\ADODB\7.0.3300.0__b03f5f7f11d50a3a\ADODB.dll that did not meet the Microsoft signing level requirements.
Date: 2017-07-13 13:16:22.019
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\WINDOWS\assembly\GAC\MSDATASRC\7.0.3300.0__b03f5f7f11d50a3a\MSDATASRC.dll that did not meet the Microsoft signing level requirements.
Date: 2017-07-13 13:16:21.899
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\WINDOWS\assembly\GAC\Microsoft.StdFormat\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.StdFormat.dll that did not meet the Microsoft signing level requirements.
Date: 2017-07-13 13:16:21.866
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\WINDOWS\assembly\GAC\ADODB\7.0.3300.0__b03f5f7f11d50a3a\ADODB.dll that did not meet the Microsoft signing level requirements.
Date: 2017-07-13 13:16:21.835
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\WINDOWS\assembly\GAC\MSDATASRC\7.0.3300.0__b03f5f7f11d50a3a\MSDATASRC.dll that did not meet the Microsoft signing level requirements.
Date: 2017-07-13 13:16:19.933
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\WINDOWS\assembly\GAC\stdole\7.0.3300.0__b03f5f7f11d50a3a\stdole.dll that did not meet the Microsoft signing level requirements.
Date: 2017-07-13 13:16:19.314
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\WINDOWS\assembly\GAC\stdole\7.0.3300.0__b03f5f7f11d50a3a\stdole.dll that did not meet the Microsoft signing level requirements.
Date: 2017-07-13 13:05:31.446
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\WINDOWS\assembly\GAC\Microsoft.StdFormat\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.StdFormat.dll that did not meet the Microsoft signing level requirements.
==================== Speicherinformationen ===========================
Prozessor: AMD Athlon(tm) 64 X2 Dual Core Processor 5200+
Prozentuale Nutzung des RAM: 57%
Installierter physikalischer RAM: 4095.3 MB
Verfügbarer physikalischer RAM: 1759.14 MB
Summe virtueller Speicher: 8191.3 MB
Verfügbarer virtueller Speicher: 5219.36 MB
==================== Laufwerke ================================
Drive c: (OS) (Fixed) (Total:930.96 GB) (Free:825.91 GB) NTFS
Drive e: (EOS_DIGITAL) (Removable) (Total:7.46 GB) (Free:7.46 GB) FAT32
Drive g: (DATA) (Fixed) (Total:298.02 GB) (Free:37.05 GB) FAT32
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 0BE5E7CA)
Partition 1: (Active) - (Size=102 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=931 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=450 MB) - (Type=27)
========================================================
Disk: 1 (MBR Code: Windows XP) (Size: 298.1 GB) (Disk ID: 2AA4DA24)
Partition 1: (Not Active) - (Size=298.1 GB) - (Type=0C)
========================================================
Disk: 2 (Size: 7.5 GB) (Disk ID: 00000000)
Partition: GPT.
==================== Ende von Addition.txt ============================
|
|
22.07.2017, 13:05
| #15 |
| /// TB-Ausbilder | Malwarebytes zeigt Funde an auf PC vom Vater Servus, Lade Dir bitte von hier  Revo Uninstaller (alternativ portable Revo Uninstaller) herunter.
Anschließend nochmal FRST bitte. |
|
| Themen zu Malwarebytes zeigt Funde an auf PC vom Vater |
| bereits, bösartige, code, elemente, erkannt, file, funde, image, laptop, liebe, lieben, malwarebytes, meinem, microsoft, objekte, quara, quarantäne, skype.exe, vater, windows |
dann auf 
und dann auf 
. 
Linear-Darstellung
