Verdacht auf Trojaner Win10

jetztnestull · 17.09.2017, 18:57

Guten Abend,
Ich habe seit kurzem einen seltsamen Prozess namens "program" im Taskmanager unter Autostart. Ich habe den Autostart des Prozesses deaktiviert, denke aber nicht das dies reicht. Ich habe auch generell das Gefühl es würde sich ein Trojaner auf meinem Laptop befinden, da er langsamer geworden ist.

FRST.TXT

FRST Logfile:

Code:

ATTFilter

Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 17-09-2017
durchgeführt von Marc (Administrator) auf LAPTOP-E5S4SKF9 (17-09-2017 19:50:37)
Gestartet von C:\Users\Marc\Pictures\criplling memes
Geladene Profile: Marc (Verfügbare Profile: Marc)
Platform: Windows 10 Home Version 1703 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_82119d956c80af5a\igfxCUIService.exe
(Intel Corporation) C:\Windows\System32\IntelSSTAPO\ParameterService\ParameterService.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Seiko Epson Corporation) C:\Windows\System32\escsvc64.exe
(Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_82119d956c80af5a\IntelCpHDCPSvc.exe
(Nuance Communications, Inc.) C:\Program Files (x86)\Common Files\Nuance\dgnsvc.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
() C:\Program Files (x86)\Intel Driver Update Utility\SUR\SurSvc.exe
(Windows (R) Win 7 DDK provider) C:\Windows\System32\AdminService.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_82119d956c80af5a\IntelCpHeciSvc.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Nuance Communications, Inc.) C:\Program Files (x86)\Common Files\Nuance\loggerservice.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_82119d956c80af5a\igfxEM.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.5\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.5\GoogleCrashHandler64.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersServer.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\QASvc.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\QAMsg.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\QAEvent.exe
(Akamai Technologies, Inc.) C:\Users\Marc\AppData\Local\Akamai\netsession_win.exe
(Akamai Technologies, Inc.) C:\Users\Marc\AppData\Local\Akamai\netsession_win.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe
() C:\Program Files (x86)\Acer\Care Center\ACCStd.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.19.856.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
() C:\Program Files (x86)\TunnelBear\TunnelBear.Maintenance.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.SecHealthUI_cw5n1h2txyewy\SecHealthUI.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbam.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Corporation) C:\Windows\System32\Speech_OneCore\common\SpeechRuntime.exe
(Microsoft Corporation) C:\Windows\System32\Taskmgr.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe

==================== Registry (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [629152 2017-03-18] (Microsoft Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [16475392 2016-06-03] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_TrueHarmony] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1454336 2016-06-03] (Realtek Semiconductor)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [320584 2016-05-31] (Intel Corporation)
HKLM\...\Run: [MouseDriver] => C:\Windows\system32\TiltWheelMouse.exe [241152 2013-04-09] (Pixart Imaging Inc)
HKLM-x32\...\Run: [ISUSPM] => C:\ProgramData\FLEXnet\Connect\11\\isuspm.exe [2075480 2013-06-24] (Flexera Software LLC.)
HKLM-x32\...\Run: [DNS7reminder] => "C:\Program Files (x86)\Nuance\NaturallySpeaking15\Ereg\Ereg.exe" -r "C:\ProgramData\Nuance\NaturallySpeaking15\Ereg.ini"
HKU\S-1-5-21-721633766-3456424319-3093112155-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [9105112 2016-11-15] (Piriform Ltd)
HKU\S-1-5-21-721633766-3456424319-3093112155-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3071776 2017-09-07] (Valve Corporation)
HKU\S-1-5-21-721633766-3456424319-3093112155-1001\...\Run: [Ghost Control] => D:\Programme\Ghost Control\ghost.exe [1991616 2010-10-27] (N.R.S.)
HKU\S-1-5-21-721633766-3456424319-3093112155-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [27793888 2017-05-05] (Skype Technologies S.A.)
HKU\S-1-5-21-721633766-3456424319-3093112155-1001\...\Run: [EPLTarget\P0000000000000000] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YATIM1E.EXE [298560 2013-12-16] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-721633766-3456424319-3093112155-1001\...\Run: [EPLTarget\P0000000000000001] => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YATIM1E.EXE [298560 2013-12-16] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-721633766-3456424319-3093112155-1001\...\Run: [Akamai NetSession Interface] => C:\Users\Marc\AppData\Local\Akamai\netsession_win.exe [4490200 2017-01-03] (Akamai Technologies, Inc.)
HKU\S-1-5-21-721633766-3456424319-3093112155-1001\...\Run: [ISUSPM] => C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe [2075480 2013-06-24] (Flexera Software LLC.)
HKU\S-1-5-21-721633766-3456424319-3093112155-1001\...\Run: [OpenVPN-GUI] => C:\Program Files\OpenVPN\bin\openvpn-gui.exe
GroupPolicy: Beschränkung <==== ACHTUNG

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{36d57d14-9a4f-4202-9113-600e5b7ccd91}: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{5426d1b7-cf53-4fec-9408-bf5b39142afa}: [DhcpNameServer] 172.18.10.1
Tcpip\..\Interfaces\{647575bc-0e78-4642-8dce-ba8815405b73}: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{b468e4ba-0475-408d-8b88-cd7cdd3d951a}: [DhcpNameServer] 192.168.2.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = 
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page = 
HKU\S-1-5-21-721633766-3456424319-3093112155-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.acer15.msn.com/?pc=ACTE
HKU\S-1-5-21-721633766-3456424319-3093112155-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.acer15.msn.com/?pc=ACTE
SearchScopes: HKU\S-1-5-21-721633766-3456424319-3093112155-1001 -> DefaultScope {EC265DF2-9BA3-4FF9-96E8-B8F31C66DA7F} URL = 
SearchScopes: HKU\S-1-5-21-721633766-3456424319-3093112155-1001 -> {EC265DF2-9BA3-4FF9-96E8-B8F31C66DA7F} URL = 
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2017-09-03] (Microsoft Corporation)
BHO: Dragon Web Extension For Internet Explorer -> {609C0837-8DD3-4F9B-AAC5-446F36BC0353} -> C:\Program Files (x86)\Nuance\NaturallySpeaking15\Program\x64\dgnriaie_x64.dll [2016-08-23] (Nuance Communications, Inc.)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2017-09-03] (Microsoft Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2017-09-03] (Microsoft Corporation)
BHO-x32: Dragon Web Extension For Internet Explorer -> {609C0837-8DD3-4F9B-AAC5-446F36BC0353} -> C:\Program Files (x86)\Nuance\NaturallySpeaking15\Program\dgnriaie.dll [2016-08-23] (Nuance Communications, Inc.)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\Office16\GROOVEEX.DLL [2017-09-03] (Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-09-03] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-09-03] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-09-03] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-09-03] (Microsoft Corporation)

Edge: 
======
Edge Extension: (AdBlock) -> EdgeExtension_BetaFishAdBlock_c1wakc4j0nefm => C:\Program Files\WindowsApps\BetaFish.AdBlock_2.2.0.0_neutral__c1wakc4j0nefm [2017-08-12]

FireFox:
========
FF ProfilePath: C:\Users\Marc\AppData\Roaming\Mozilla\Firefox\Profiles\aneucimv.default-1481643216534 [2017-09-17]
FF Extension: (Nimbus Screen Capture) - C:\Users\Marc\AppData\Roaming\Mozilla\Firefox\Profiles\aneucimv.default-1481643216534\Extensions\nimbusscreencaptureff@everhelper.me.xpi [2017-09-07]
FF Extension: (Adblock Plus) - C:\Users\Marc\AppData\Roaming\Mozilla\Firefox\Profiles\aneucimv.default-1481643216534\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2017-06-10]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_27_0_0_130.dll [2017-09-13] ()
FF Plugin: nuance.com/DgnRia2_x86_64 -> C:\Program Files (x86)\Nuance\NaturallySpeaking15\Program\x64\npDgnRia2_x64.dll [2016-08-23] (Nuance Communications, Inc.)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_27_0_0_130.dll [2017-09-13] ()
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2017-09-03] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2017-09-03] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-29] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-29] (Google Inc.)
FF Plugin-x32: nuance.com/DgnRia2 -> C:\Program Files (x86)\Nuance\NaturallySpeaking15\Program\npDgnRia2.dll [2016-08-23] (Nuance Communications, Inc.)

Chrome: 
=======
CHR Profile: C:\Users\Marc\AppData\Local\Google\Chrome\User Data\Default [2017-09-17]
CHR Extension: (Google Docs) - C:\Users\Marc\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-11-29]
CHR Extension: (Google Drive) - C:\Users\Marc\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-11-29]
CHR Extension: (Simple Adblock) - C:\Users\Marc\AppData\Local\Google\Chrome\User Data\Default\Extensions\bddmkopdadodhbodbjkegieoeoccnpcg [2017-06-25]
CHR Extension: (Adguard Werbeblocker) - C:\Users\Marc\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnkhhnnamicmpeenaelnjfhikgbkllg [2017-08-11]
CHR Extension: (YouTube) - C:\Users\Marc\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-11-29]
CHR Extension: (Adblock Plus) - C:\Users\Marc\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2017-07-15]
CHR Extension: (Google Tabellen) - C:\Users\Marc\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-11-29]
CHR Extension: (Google Docs Offline) - C:\Users\Marc\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-11-29]
CHR Extension: (AdBlock) - C:\Users\Marc\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2017-08-11]
CHR Extension: (F.B.(FluffBusting)Purity) - C:\Users\Marc\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmkinhboiljjkhaknpaeaicmdjhagpep [2017-09-16]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Marc\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-08-22]
CHR Extension: (Google Mail) - C:\Users\Marc\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-11-29]
CHR Extension: (Chrome Media Router) - C:\Users\Marc\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-08-09]
CHR HKLM-x32\...\Chrome\Extension: [pbjikboenpfhbbejgkoklgkhjpfogcam] - hxxps://clients2.google.com/service/update2/crx

==================== Dienste (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2246256 2017-05-18] (Adobe Systems, Incorporated)
S3 BRSptStub; C:\ProgramData\BitRaider\BRSptStub.exe [363208 2017-05-10] (BitRaider, LLC)
R2 CCDMonitorService; C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe [2267352 2016-08-30] (Acer Incorporated)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [4424384 2017-08-28] (Microsoft Corporation)
R2 DragonLoggerService; C:\Program Files (x86)\Common Files\Nuance\loggerservice.exe [166280 2016-08-23] (Nuance Communications, Inc.)
R2 EpsonScanSvc; C:\WINDOWS\system32\EscSvc64.exe [144560 2012-05-17] (Seiko Epson Corporation)
S3 ESRV_SVC_WILLAMETTE; C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\esrv_svc.exe [416408 2016-06-08] ()
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [17992 2016-05-31] (Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [974632 2016-02-19] (Intel(R) Corporation)
R3 Intel(R) Security Assist; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe [335872 2016-03-02] (Intel Corporation) [Datei ist nicht signiert]
R2 IntelSSTSvc; C:\WINDOWS\system32\IntelSSTAPO\ParameterService\ParameterService.exe [26592 2016-03-04] (Intel Corporation)
S2 isaHelperSvc; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe [8704 2016-03-02] (Intel Corporation) [Datei ist nicht signiert]
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [215328 2016-05-16] (Intel Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6058960 2017-08-21] (Malwarebytes)
R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [458176 2016-12-29] (NVIDIA Corporation)
R3 QASvc; C:\Program Files\Acer\Acer Quick Access\QASvc.exe [476904 2015-02-03] (Acer Incorporated)
R2 SystemUsageReportSvc_WILLAMETTE; C:\Program Files (x86)\Intel Driver Update Utility\SUR\SurSvc.exe [117400 2016-06-08] ()
R2 TunnelBearMaintenance; C:\Program Files (x86)\TunnelBear\TunnelBear.Maintenance.exe [37248 2017-09-06] ()
S3 USER_ESRV_SVC_WILLAMETTE; C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\esrv_svc.exe [416408 2016-06-08] ()
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [342264 2017-03-18] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [102816 2017-07-11] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ======================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S3 BRDriver64_1_3_3_E02B25FC; C:\ProgramData\BitRaider\support\1.3.3\E02B25FC\BRDriver64.sys [78088 2017-05-10] (BitRaider)
R0 dcrypt; C:\WINDOWS\System32\drivers\dcrypt.sys [210632 2014-07-09] ()
R3 ETDI2C; C:\WINDOWS\system32\DRIVERS\ETDI2C.sys [183896 2016-03-24] (ELAN Microelectronic Corp.)
S3 EverestDriver; C:\Program Files (x86)\Lavalys\EVEREST Ultimate Edition\kerneld.amd64 [26752 2010-03-31] ()
R3 LMDriver; C:\WINDOWS\System32\drivers\LMDriver.sys [21344 2016-05-23] (Acer Incorporated)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [253888 2017-09-16] (Malwarebytes)
R1 MpKslb9d9c503; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{1D6ADD05-28F7-4F01-890A-F2B320C384C4}\MpKslb9d9c503.sys [44928 2017-09-17] (Microsoft Corporation)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nvacwu.inf_amd64_31f4ef4821269ebb\nvlddmkm.sys [14190520 2017-01-17] (NVIDIA Corporation)
S3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [47760 2015-12-18] (NVIDIA Corporation)
R3 RadioShim; C:\WINDOWS\System32\drivers\RadioShim.sys [14688 2016-05-23] (Acer Incorporated)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [935168 2015-11-19] (Realtek )
R3 RTSPER; C:\WINDOWS\system32\DRIVERS\RtsPer.sys [769752 2015-12-18] (Realsil Semiconductor Corporation)
S3 SDFRd; C:\WINDOWS\System32\drivers\SDFRd.sys [31128 2017-03-18] ()
S3 semav6msr64; C:\Windows\system32\drivers\semav6msr64.sys [21984 2015-06-04] ()
S3 tap-tb-0901; C:\WINDOWS\System32\drivers\tap-tb-0901.sys [38656 2017-09-06] (The OpenVPN Project)
S3 t_mouse.sys; C:\WINDOWS\system32\DRIVERS\t_mouse.sys [6144 2013-04-09] ()
S0 WdBoot; C:\WINDOWS\System32\drivers\WdBoot.sys [44632 2017-03-18] (Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\WdFilter.sys [294816 2017-03-18] (Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [121248 2017-03-18] (Microsoft Corporation)
S3 xhunter1; C:\WINDOWS\xhunter1.sys [37344 2017-09-12] (Wellbia.com Co., Ltd.)

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2017-09-17 19:50 - 2017-09-17 19:50 - 000000000 ____D C:\FRST
2017-09-17 18:50 - 2017-09-17 18:50 - 000041800 _____ (Sysinternals - www.sysinternals.com) C:\WINDOWS\system32\Drivers\PROCEXP152.SYS
2017-09-17 17:04 - 2017-09-17 17:27 - 000000000 ____D C:\Program Files (x86)\TunnelBear
2017-09-17 17:04 - 2017-09-17 17:04 - 000002032 _____ C:\Users\Public\Desktop\TunnelBear.lnk
2017-09-17 17:04 - 2017-09-17 17:04 - 000000000 ____D C:\Users\Marc\AppData\Roaming\TunnelBear
2017-09-17 17:04 - 2017-09-17 17:04 - 000000000 ____D C:\Users\Marc\AppData\Local\IsolatedStorage
2017-09-17 17:04 - 2017-09-17 17:04 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TunnelBear
2017-09-17 17:02 - 2017-09-17 17:03 - 065461936 _____ (TunnelBear) C:\Users\Marc\Downloads\TunnelBear-Installer.exe
2017-09-16 14:27 - 2017-09-16 14:27 - 000009593 _____ C:\Users\Marc\Downloads\vpngate_vpn603827003.opengw.net_tcp_1764.ovpn
2017-09-16 14:14 - 2017-09-16 14:14 - 000000000 ____D C:\Users\Marc\OpenVPN
2017-09-16 14:12 - 2017-09-16 14:13 - 003453240 _____ C:\Users\Marc\Downloads\openvpn-install-2.4.3-I601.exe
2017-09-13 18:54 - 2017-09-17 18:15 - 000001315 _____ C:\Users\Marc\AppData\Roaming\SAS7_000.DAT
2017-09-13 18:51 - 2017-09-13 18:51 - 000000000 ____D C:\Users\Marc\AppData\Roaming\FLEXnet
2017-09-13 18:49 - 2017-09-13 18:49 - 000002815 _____ C:\Users\Public\Desktop\Dragon.lnk
2017-09-13 18:49 - 2017-09-13 18:49 - 000001919 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Software Updates.lnk
2017-09-13 18:49 - 2017-09-13 18:49 - 000000000 ____D C:\Users\Marc\AppData\Roaming\Nuance
2017-09-13 18:49 - 2017-09-13 18:49 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dragon
2017-09-13 18:48 - 2017-09-13 18:48 - 000000000 ____D C:\ProgramData\Nuance
2017-09-13 18:48 - 2017-09-13 18:48 - 000000000 ____D C:\ProgramData\Macrovision
2017-09-13 18:48 - 2017-09-13 18:48 - 000000000 ____D C:\ProgramData\FLEXnet
2017-09-13 18:48 - 2017-09-13 18:48 - 000000000 ____D C:\Program Files (x86)\Nuance
2017-09-13 18:39 - 2017-09-13 18:41 - 000000000 ____D C:\Users\Marc\Desktop\dragon
2017-09-13 16:53 - 2017-09-05 07:30 - 000287648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2017-09-13 16:53 - 2017-09-05 07:21 - 000189344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2017-09-13 16:53 - 2017-09-05 07:12 - 001409048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2017-09-13 16:53 - 2017-09-05 07:12 - 001292880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2017-09-13 16:53 - 2017-09-05 07:12 - 000627080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2017-09-13 16:53 - 2017-09-05 07:12 - 000081176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32u.dll
2017-09-13 16:53 - 2017-09-05 06:53 - 001839872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2017-09-13 16:53 - 2017-09-05 06:52 - 002259760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2017-09-13 16:53 - 2017-09-05 06:50 - 004330920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\setupapi.dll
2017-09-13 16:53 - 2017-09-05 06:46 - 004471888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2017-09-13 16:53 - 2017-09-05 06:45 - 005821496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2017-09-13 16:53 - 2017-09-05 06:45 - 002476712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10warp.dll
2017-09-13 16:53 - 2017-09-05 06:45 - 002166808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2017-09-13 16:53 - 2017-09-05 06:45 - 000750496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2017-09-13 16:53 - 2017-09-05 06:45 - 000085784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredentialUIBroker.exe
2017-09-13 16:53 - 2017-09-05 06:44 - 000569264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SHCore.dll
2017-09-13 16:53 - 2017-09-05 06:43 - 000611096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2017-09-13 16:53 - 2017-09-05 06:43 - 000359560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Faultrep.dll
2017-09-13 16:53 - 2017-09-05 06:43 - 000280480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFault.exe
2017-09-13 16:53 - 2017-09-05 06:43 - 000169376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wermgr.exe
2017-09-13 16:53 - 2017-09-05 06:43 - 000042456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tbs.dll
2017-09-13 16:53 - 2017-09-05 06:42 - 002330520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2017-09-13 16:53 - 2017-09-05 06:42 - 000703056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll
2017-09-13 16:53 - 2017-09-05 06:42 - 000519680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2017-09-13 16:53 - 2017-09-05 06:42 - 000291904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wevtapi.dll
2017-09-13 16:53 - 2017-09-05 06:42 - 000182688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2017-09-13 16:53 - 2017-09-05 06:41 - 020373408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2017-09-13 16:53 - 2017-09-05 06:41 - 006761560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2017-09-13 16:53 - 2017-09-05 06:41 - 004671832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2017-09-13 16:53 - 2017-09-05 06:41 - 001106904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfds.dll
2017-09-13 16:53 - 2017-09-05 06:41 - 001013912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvproc.dll
2017-09-13 16:53 - 2017-09-05 06:40 - 000052768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\appidapi.dll
2017-09-13 16:53 - 2017-09-05 06:37 - 000583160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2017-09-13 16:53 - 2017-09-05 06:28 - 000071680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbser.sys
2017-09-13 16:53 - 2017-09-05 06:28 - 000039424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\buttonconverter.sys
2017-09-13 16:53 - 2017-09-05 06:27 - 000128000 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2017-09-13 16:53 - 2017-09-05 06:26 - 002953216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2017-09-13 16:53 - 2017-09-05 06:26 - 000404480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werui.dll
2017-09-13 16:53 - 2017-09-05 06:26 - 000130560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthpan.sys
2017-09-13 16:53 - 2017-09-05 06:26 - 000107008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidbth.sys
2017-09-13 16:53 - 2017-09-05 06:25 - 013844480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2017-09-13 16:53 - 2017-09-05 06:25 - 001448960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2017-09-13 16:53 - 2017-09-05 06:25 - 000293376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32k.sys
2017-09-13 16:53 - 2017-09-05 06:25 - 000154624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWWIN.EXE
2017-09-13 16:53 - 2017-09-05 06:24 - 002199552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Resources.dll
2017-09-13 16:53 - 2017-09-05 06:23 - 000025088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\odbcconf.dll
2017-09-13 16:53 - 2017-09-05 06:22 - 000742912 _____ (Microsoft Corporation) C:\WINDOWS\system32\nshwfp.dll
2017-09-13 16:53 - 2017-09-05 06:22 - 000079872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
2017-09-13 16:53 - 2017-09-05 06:21 - 006728704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2017-09-13 16:53 - 2017-09-05 06:21 - 001178624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Vpn.dll
2017-09-13 16:53 - 2017-09-05 06:21 - 000123904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srpapi.dll
2017-09-13 16:53 - 2017-09-05 06:21 - 000062464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntprint.exe
2017-09-13 16:53 - 2017-09-05 06:20 - 000370176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2017-09-13 16:53 - 2017-09-05 06:19 - 000364032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2017-09-13 16:53 - 2017-09-05 06:19 - 000311296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntprint.dll
2017-09-13 16:53 - 2017-09-05 06:19 - 000181760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authz.dll
2017-09-13 16:53 - 2017-09-05 06:19 - 000134656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dinput.dll
2017-09-13 16:53 - 2017-09-05 06:18 - 000524288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ngccredprov.dll
2017-09-13 16:53 - 2017-09-05 06:18 - 000471040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TpmCoreProvisioning.dll
2017-09-13 16:53 - 2017-09-05 06:18 - 000452608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasplap.dll
2017-09-13 16:53 - 2017-09-05 06:18 - 000175104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dinput8.dll
2017-09-13 16:53 - 2017-09-05 06:18 - 000100352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasman.dll
2017-09-13 16:53 - 2017-09-05 06:17 - 000918528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.Vpn.dll
2017-09-13 16:53 - 2017-09-05 06:17 - 000852480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasgcw.dll
2017-09-13 16:53 - 2017-09-05 06:17 - 000586240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nshwfp.dll
2017-09-13 16:53 - 2017-09-05 06:17 - 000307712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cryptngc.dll
2017-09-13 16:53 - 2017-09-05 06:16 - 005961728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2017-09-13 16:53 - 2017-09-05 06:16 - 000844288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasdlg.dll
2017-09-13 16:53 - 2017-09-05 06:16 - 000563200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdh.dll
2017-09-13 16:53 - 2017-09-05 06:16 - 000357888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActivationManager.dll
2017-09-13 16:53 - 2017-09-05 06:16 - 000257024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Phoneutil.dll
2017-09-13 16:53 - 2017-09-05 06:15 - 001248768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll
2017-09-13 16:53 - 2017-09-05 06:15 - 000657408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netlogon.dll
2017-09-13 16:53 - 2017-09-05 06:15 - 000636416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll
2017-09-13 16:53 - 2017-09-05 06:15 - 000430592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2017-09-13 16:53 - 2017-09-05 06:15 - 000223744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shdocvw.dll
2017-09-13 16:53 - 2017-09-05 06:14 - 000754176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2017-09-13 16:53 - 2017-09-05 06:14 - 000590336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PCPKsp.dll
2017-09-13 16:53 - 2017-09-05 06:14 - 000476160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dsreg.dll
2017-09-13 16:53 - 2017-09-05 06:13 - 007598080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2017-09-13 16:53 - 2017-09-05 06:13 - 000050176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cldapi.dll
2017-09-13 16:53 - 2017-09-05 06:12 - 005225984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2017-09-13 16:53 - 2017-09-05 06:12 - 002859520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2017-09-13 16:53 - 2017-09-05 06:12 - 000899584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll
2017-09-13 16:53 - 2017-09-05 06:11 - 003667456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_47.dll
2017-09-13 16:53 - 2017-09-05 06:11 - 001355264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OpcServices.dll
2017-09-13 16:53 - 2017-09-05 06:11 - 001060352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsPrint.dll
2017-09-13 16:53 - 2017-09-05 06:11 - 001019904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2017-09-13 16:53 - 2017-09-05 06:11 - 000787456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2017-09-13 16:53 - 2017-09-05 06:10 - 004559360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll
2017-09-13 16:53 - 2017-09-05 06:10 - 001627136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2017-09-13 16:53 - 2017-09-05 06:10 - 000761344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasapi32.dll
2017-09-13 16:53 - 2017-09-05 06:10 - 000431616 _____ (Microsoft Corporation) C:\WINDOWS\system32\BthHFSrv.dll
2017-09-13 16:53 - 2017-09-05 06:06 - 000221696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wisp.dll
2017-09-13 16:53 - 2017-09-05 06:06 - 000089088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll
2017-09-13 16:53 - 2017-09-05 06:04 - 000175616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RstrtMgr.dll
2017-09-13 16:53 - 2017-09-05 06:04 - 000057856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offreg.dll
2017-09-13 16:52 - 2017-09-05 07:31 - 001596592 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2017-09-13 16:52 - 2017-09-05 07:31 - 001346112 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2017-09-13 16:52 - 2017-09-05 07:31 - 001147296 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2017-09-13 16:52 - 2017-09-05 07:31 - 001024928 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2017-09-13 16:52 - 2017-09-05 07:31 - 000821664 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.exe
2017-09-13 16:52 - 2017-09-05 07:31 - 000750560 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2017-09-13 16:52 - 2017-09-05 07:31 - 000115792 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32u.dll
2017-09-13 16:52 - 2017-09-05 07:27 - 002399728 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2017-09-13 16:52 - 2017-09-05 07:27 - 000136096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecdd.sys
2017-09-13 16:52 - 2017-09-05 07:26 - 008319904 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2017-09-13 16:52 - 2017-09-05 07:26 - 001930840 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2017-09-13 16:52 - 2017-09-05 07:25 - 002969880 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreUIComponents.dll
2017-09-13 16:52 - 2017-09-05 07:25 - 000159648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\partmgr.sys
2017-09-13 16:52 - 2017-09-05 07:24 - 000923040 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2017-09-13 16:52 - 2017-09-05 07:24 - 000519584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netio.sys
2017-09-13 16:52 - 2017-09-05 07:23 - 004462120 _____ (Microsoft Corporation) C:\WINDOWS\system32\setupapi.dll
2017-09-13 16:52 - 2017-09-05 07:23 - 001242528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2017-09-13 16:52 - 2017-09-05 07:20 - 001057824 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2017-09-13 16:52 - 2017-09-05 07:19 - 004848960 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2017-09-13 16:52 - 2017-09-05 07:19 - 002443168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2017-09-13 16:52 - 2017-09-05 07:18 - 007326128 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2017-09-13 16:52 - 2017-09-05 07:18 - 005477096 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneCoreUAPCommonProxyStub.dll
2017-09-13 16:52 - 2017-09-05 07:18 - 002972552 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10warp.dll
2017-09-13 16:52 - 2017-09-05 07:18 - 002647224 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2017-09-13 16:52 - 2017-09-05 07:18 - 001668344 _____ (Microsoft Corporation) C:\WINDOWS\system32\propsys.dll
2017-09-13 16:52 - 2017-09-05 07:18 - 000820128 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2017-09-13 16:52 - 2017-09-05 07:18 - 000685512 _____ (Microsoft Corporation) C:\WINDOWS\system32\SHCore.dll
2017-09-13 16:52 - 2017-09-05 07:18 - 000212384 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2017-09-13 16:52 - 2017-09-05 07:17 - 000316320 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFault.exe
2017-09-13 16:52 - 2017-09-05 07:16 - 001320344 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpx.dll
2017-09-13 16:52 - 2017-09-05 07:16 - 000872472 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipSVC.dll
2017-09-13 16:52 - 2017-09-05 07:16 - 000724200 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2017-09-13 16:52 - 2017-09-05 07:16 - 000715168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fvevol.sys
2017-09-13 16:52 - 2017-09-05 07:16 - 000546208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2017-09-13 16:52 - 2017-09-05 07:16 - 000410168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Faultrep.dll
2017-09-13 16:52 - 2017-09-05 07:16 - 000228256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2017-09-13 16:52 - 2017-09-05 07:16 - 000182688 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe
2017-09-13 16:52 - 2017-09-05 07:16 - 000049720 _____ (Microsoft Corporation) C:\WINDOWS\system32\tbs.dll
2017-09-13 16:52 - 2017-09-05 07:15 - 003116184 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2017-09-13 16:52 - 2017-09-05 07:15 - 000871448 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
2017-09-13 16:52 - 2017-09-05 07:15 - 000654976 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2017-09-13 16:52 - 2017-09-05 07:15 - 000381824 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtapi.dll
2017-09-13 16:52 - 2017-09-05 07:15 - 000257440 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2017-09-13 16:52 - 2017-09-05 07:14 - 021352656 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2017-09-13 16:52 - 2017-09-05 07:14 - 007907344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2017-09-13 16:52 - 2017-09-05 07:14 - 004708504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2017-09-13 16:52 - 2017-09-05 07:14 - 001146176 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfds.dll
2017-09-13 16:52 - 2017-09-05 07:14 - 000958664 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll
2017-09-13 16:52 - 2017-09-05 07:14 - 000254176 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2017-09-13 16:52 - 2017-09-05 07:14 - 000094624 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2017-09-13 16:52 - 2017-09-05 07:13 - 001619816 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2017-09-13 16:52 - 2017-09-05 07:13 - 000064680 _____ (Microsoft Corporation) C:\WINDOWS\system32\appidapi.dll
2017-09-13 16:52 - 2017-09-05 07:11 - 002675104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2017-09-13 16:52 - 2017-09-05 07:11 - 000610720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afd.sys
2017-09-13 16:52 - 2017-09-05 07:11 - 000387936 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpps.dll
2017-09-13 16:52 - 2017-09-05 06:53 - 001620880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2017-09-13 16:52 - 2017-09-05 06:45 - 023679488 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2017-09-13 16:52 - 2017-09-05 06:31 - 003668992 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2017-09-13 16:52 - 2017-09-05 06:30 - 001639936 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2017-09-13 16:52 - 2017-09-05 06:30 - 001275904 _____ (Microsoft Corporation) C:\WINDOWS\system32\werconcpl.dll
2017-09-13 16:52 - 2017-09-05 06:30 - 000584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbonRes.dll
2017-09-13 16:52 - 2017-09-05 06:30 - 000463360 _____ (Microsoft Corporation) C:\WINDOWS\system32\werui.dll
2017-09-13 16:52 - 2017-09-05 06:30 - 000447488 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2017-09-13 16:52 - 2017-09-05 06:30 - 000184320 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWWIN.EXE
2017-09-13 16:52 - 2017-09-05 06:30 - 000093184 _____ (Microsoft Corporation) C:\WINDOWS\system32\wercplsupport.dll
2017-09-13 16:52 - 2017-09-05 06:30 - 000089088 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrvext.dll
2017-09-13 16:52 - 2017-09-05 06:30 - 000077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsqmcons.exe
2017-09-13 16:52 - 2017-09-05 06:29 - 000037376 _____ (Microsoft Corporation) C:\WINDOWS\system32\SEMgrPS.dll
2017-09-13 16:52 - 2017-09-05 06:28 - 017371136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2017-09-13 16:52 - 2017-09-05 06:28 - 002199552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll
2017-09-13 16:52 - 2017-09-05 06:27 - 007931392 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2017-09-13 16:52 - 2017-09-05 06:27 - 000133632 _____ (Microsoft Corporation) C:\WINDOWS\system32\CfgSPCellular.dll
2017-09-13 16:52 - 2017-09-05 06:27 - 000131584 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseAPNCsp.dll
2017-09-13 16:52 - 2017-09-05 06:27 - 000104960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\UcmCx.sys
2017-09-13 16:52 - 2017-09-05 06:27 - 000095232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2017-09-13 16:52 - 2017-09-05 06:27 - 000090112 _____ (Microsoft Corporation) C:\WINDOWS\system32\datamarketsvc.dll
2017-09-13 16:52 - 2017-09-05 06:27 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
2017-09-13 16:52 - 2017-09-05 06:27 - 000029696 _____ (Microsoft Corporation) C:\WINDOWS\system32\odbcconf.dll
2017-09-13 16:52 - 2017-09-05 06:26 - 000499712 _____ (Microsoft Corporation) C:\WINDOWS\system32\nltest.exe
2017-09-13 16:52 - 2017-09-05 06:26 - 000156160 _____ (Microsoft Corporation) C:\WINDOWS\system32\csplte.dll
2017-09-13 16:52 - 2017-09-05 06:26 - 000142848 _____ (Microsoft Corporation) C:\WINDOWS\system32\srpapi.dll
2017-09-13 16:52 - 2017-09-05 06:26 - 000124928 _____ (Microsoft Corporation) C:\WINDOWS\system32\httpprxm.dll
2017-09-13 16:52 - 2017-09-05 06:26 - 000113152 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhosdeployment.dll
2017-09-13 16:52 - 2017-09-05 06:26 - 000084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll
2017-09-13 16:52 - 2017-09-05 06:26 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntprint.exe
2017-09-13 16:52 - 2017-09-05 06:26 - 000022016 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnpinst.exe
2017-09-13 16:52 - 2017-09-05 06:25 - 000584192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbonRes.dll
2017-09-13 16:52 - 2017-09-05 06:25 - 000527872 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2017-09-13 16:52 - 2017-09-05 06:25 - 000064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll
2017-09-13 16:52 - 2017-09-05 06:25 - 000043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmTasks.dll
2017-09-13 16:52 - 2017-09-05 06:25 - 000043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nsiproxy.sys
2017-09-13 16:52 - 2017-09-05 06:24 - 000457728 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2017-09-13 16:52 - 2017-09-05 06:24 - 000385536 _____ (Microsoft Corporation) C:\WINDOWS\system32\tpmvsc.dll
2017-09-13 16:52 - 2017-09-05 06:24 - 000353280 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntprint.dll
2017-09-13 16:52 - 2017-09-05 06:24 - 000334336 _____ (Microsoft Corporation) C:\WINDOWS\system32\wc_storage.dll
2017-09-13 16:52 - 2017-09-05 06:24 - 000274432 _____ (Microsoft Corporation) C:\WINDOWS\system32\authz.dll
2017-09-13 16:52 - 2017-09-05 06:24 - 000182272 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcrecovery.dll
2017-09-13 16:52 - 2017-09-05 06:24 - 000160768 _____ (Microsoft Corporation) C:\WINDOWS\system32\dinput.dll
2017-09-13 16:52 - 2017-09-05 06:24 - 000109056 _____ (Microsoft Corporation) C:\WINDOWS\system32\dab.dll
2017-09-13 16:52 - 2017-09-05 06:24 - 000096256 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2017-09-13 16:52 - 2017-09-05 06:23 - 020509184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2017-09-13 16:52 - 2017-09-05 06:23 - 000739840 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneProviders.dll
2017-09-13 16:52 - 2017-09-05 06:23 - 000450048 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcdedit.exe
2017-09-13 16:52 - 2017-09-05 06:23 - 000433664 _____ (Microsoft Corporation) C:\WINDOWS\system32\msIso.dll
2017-09-13 16:52 - 2017-09-05 06:23 - 000305152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netbt.sys
2017-09-13 16:52 - 2017-09-05 06:23 - 000140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2017-09-13 16:52 - 2017-09-05 06:23 - 000138752 _____ (Microsoft Corporation) C:\WINDOWS\system32\appinfo.dll
2017-09-13 16:52 - 2017-09-05 06:23 - 000128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasman.dll
2017-09-13 16:52 - 2017-09-05 06:23 - 000107008 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcpopkeysrv.dll
2017-09-13 16:52 - 2017-09-05 06:22 - 023684608 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2017-09-13 16:52 - 2017-09-05 06:22 - 000640512 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngccredprov.dll
2017-09-13 16:52 - 2017-09-05 06:22 - 000556032 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmCoreProvisioning.dll
2017-09-13 16:52 - 2017-09-05 06:22 - 000527360 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
2017-09-13 16:52 - 2017-09-05 06:22 - 000477696 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasplap.dll
2017-09-13 16:52 - 2017-09-05 06:22 - 000458752 _____ (Microsoft Corporation) C:\WINDOWS\system32\NgcCtnr.dll
2017-09-13 16:52 - 2017-09-05 06:22 - 000413184 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2017-09-13 16:52 - 2017-09-05 06:22 - 000388096 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2017-09-13 16:52 - 2017-09-05 06:22 - 000329728 _____ (Microsoft Corporation) C:\WINDOWS\system32\RasMediaManager.dll
2017-09-13 16:52 - 2017-09-05 06:22 - 000327168 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinBioDataModel.dll
2017-09-13 16:52 - 2017-09-05 06:22 - 000274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2017-09-13 16:52 - 2017-09-05 06:22 - 000225792 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2017-09-13 16:52 - 2017-09-05 06:22 - 000213504 _____ (Microsoft Corporation) C:\WINDOWS\system32\dinput8.dll
2017-09-13 16:52 - 2017-09-05 06:22 - 000173568 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetpp.dll
2017-09-13 16:52 - 2017-09-05 06:22 - 000165888 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll
2017-09-13 16:52 - 2017-09-05 06:21 - 001051136 _____ (Microsoft Corporation) C:\WINDOWS\system32\nettrace.dll
2017-09-13 16:52 - 2017-09-05 06:21 - 000946688 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasgcw.dll
2017-09-13 16:52 - 2017-09-05 06:21 - 000773120 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneService.dll
2017-09-13 16:52 - 2017-09-05 06:21 - 000691712 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdh.dll
2017-09-13 16:52 - 2017-09-05 06:21 - 000422400 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpAXHolder.dll
2017-09-13 16:52 - 2017-09-05 06:21 - 000408576 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptngc.dll
2017-09-13 16:52 - 2017-09-05 06:21 - 000312320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Phoneutil.dll
2017-09-13 16:52 - 2017-09-05 06:21 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll
2017-09-13 16:52 - 2017-09-05 06:20 - 007337472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2017-09-13 16:52 - 2017-09-05 06:20 - 001878016 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2017-09-13 16:52 - 2017-09-05 06:20 - 000925696 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll
2017-09-13 16:52 - 2017-09-05 06:20 - 000805888 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2017-09-13 16:52 - 2017-09-05 06:20 - 000546816 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2017-09-13 16:52 - 2017-09-05 06:20 - 000412160 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActivationManager.dll
2017-09-13 16:52 - 2017-09-05 06:20 - 000282112 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsrslvr.dll
2017-09-13 16:52 - 2017-09-05 06:20 - 000229888 _____ (Microsoft Corporation) C:\WINDOWS\system32\SIHClient.exe
2017-09-13 16:52 - 2017-09-05 06:19 - 019336192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2017-09-13 16:52 - 2017-09-05 06:19 - 001260544 _____ (Microsoft Corporation) C:\WINDOWS\system32\GamePanel.exe
2017-09-13 16:52 - 2017-09-05 06:19 - 001085440 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll
2017-09-13 16:52 - 2017-09-05 06:19 - 001028608 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2017-09-13 16:52 - 2017-09-05 06:19 - 000996864 _____ (Microsoft Corporation) C:\WINDOWS\system32\iphlpsvc.dll
2017-09-13 16:52 - 2017-09-05 06:19 - 000772096 _____ (Microsoft Corporation) C:\WINDOWS\system32\PCPKsp.dll
2017-09-13 16:52 - 2017-09-05 06:19 - 000772096 _____ (Microsoft Corporation) C:\WINDOWS\system32\netlogon.dll
2017-09-13 16:52 - 2017-09-05 06:19 - 000243712 _____ (Microsoft Corporation) C:\WINDOWS\system32\shdocvw.dll
2017-09-13 16:52 - 2017-09-05 06:19 - 000124928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
2017-09-13 16:52 - 2017-09-05 06:19 - 000080384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2017-09-13 16:52 - 2017-09-05 06:18 - 012801536 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2017-09-13 16:52 - 2017-09-05 06:18 - 004175872 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll
2017-09-13 16:52 - 2017-09-05 06:18 - 002078720 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2017-09-13 16:52 - 2017-09-05 06:18 - 000922112 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2017-09-13 16:52 - 2017-09-05 06:18 - 000921600 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasdlg.dll
2017-09-13 16:52 - 2017-09-05 06:18 - 000874496 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmans.dll
2017-09-13 16:52 - 2017-09-05 06:18 - 000864256 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll
2017-09-13 16:52 - 2017-09-05 06:18 - 000832000 _____ (Microsoft Corporation) C:\WINDOWS\system32\printfilterpipelinesvc.exe
2017-09-13 16:52 - 2017-09-05 06:18 - 000803328 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2017-09-13 16:52 - 2017-09-05 06:18 - 000752640 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2017-09-13 16:52 - 2017-09-05 06:18 - 000564736 _____ (Microsoft Corporation) C:\WINDOWS\system32\dsreg.dll
2017-09-13 16:52 - 2017-09-05 06:18 - 000491520 _____ (Microsoft Corporation) C:\WINDOWS\system32\NgcCtnrSvc.dll
2017-09-13 16:52 - 2017-09-05 06:18 - 000339968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2017-09-13 16:52 - 2017-09-05 06:18 - 000266240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2017-09-13 16:52 - 2017-09-05 06:18 - 000257024 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2017-09-13 16:52 - 2017-09-05 06:18 - 000176640 _____ (Microsoft Corporation) C:\WINDOWS\system32\wersvc.dll
2017-09-13 16:52 - 2017-09-05 06:18 - 000056832 _____ (Microsoft Corporation) C:\WINDOWS\system32\cldapi.dll
2017-09-13 16:52 - 2017-09-05 06:17 - 008213504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2017-09-13 16:52 - 2017-09-05 06:17 - 008207872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2017-09-13 16:52 - 2017-09-05 06:17 - 002765824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Shell.UnifiedTile.CuratedTileCollections.dll
2017-09-13 16:52 - 2017-09-05 06:17 - 001886208 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2017-09-13 16:52 - 2017-09-05 06:17 - 001397760 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2017-09-13 16:52 - 2017-09-05 06:17 - 000757760 _____ (Microsoft Corporation) C:\WINDOWS\system32\spoolsv.exe
2017-09-13 16:52 - 2017-09-05 06:16 - 002805248 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2017-09-13 16:52 - 2017-09-05 06:16 - 002680320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.CloudStore.dll
2017-09-13 16:52 - 2017-09-05 06:16 - 000440320 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.immersiveshell.serviceprovider.dll
2017-09-13 16:52 - 2017-09-05 06:16 - 000397312 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascustom.dll
2017-09-13 16:52 - 2017-09-05 06:16 - 000358400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2017-09-13 16:52 - 2017-09-05 06:15 - 004730368 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2017-09-13 16:52 - 2017-09-05 06:15 - 004396032 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_47.dll
2017-09-13 16:52 - 2017-09-05 06:15 - 003307008 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2017-09-13 16:52 - 2017-09-05 06:15 - 003059200 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2017-09-13 16:52 - 2017-09-05 06:15 - 002503680 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
2017-09-13 16:52 - 2017-09-05 06:15 - 002055680 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2017-09-13 16:52 - 2017-09-05 06:15 - 001736704 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll
2017-09-13 16:52 - 2017-09-05 06:15 - 001460224 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2017-09-13 16:52 - 2017-09-05 06:15 - 001293824 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2017-09-13 16:52 - 2017-09-05 06:15 - 001143296 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2017-09-13 16:52 - 2017-09-05 06:15 - 001077248 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll
2017-09-13 16:52 - 2017-09-05 06:15 - 000706560 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2017-09-13 16:52 - 2017-09-05 06:15 - 000664576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2017-09-13 16:52 - 2017-09-05 06:15 - 000232960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2017-09-13 16:52 - 2017-09-05 06:14 - 011887104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2017-09-13 16:52 - 2017-09-05 06:14 - 005557760 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll
2017-09-13 16:52 - 2017-09-05 06:14 - 002516480 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2017-09-13 16:52 - 2017-09-05 06:14 - 002445824 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2017-09-13 16:52 - 2017-09-05 06:14 - 002177024 _____ (Microsoft Corporation) C:\WINDOWS\system32\OpcServices.dll
2017-09-13 16:52 - 2017-09-05 06:14 - 002006528 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationFramework.dll
2017-09-13 16:52 - 2017-09-05 06:14 - 001657344 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsPrint.dll
2017-09-13 16:52 - 2017-09-05 06:14 - 001583616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2017-09-13 16:52 - 2017-09-05 06:14 - 001046016 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcsvc.dll
2017-09-13 16:52 - 2017-09-05 06:14 - 000986624 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2017-09-13 16:52 - 2017-09-05 06:14 - 000827904 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
2017-09-13 16:52 - 2017-09-05 06:14 - 000810496 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasapi32.dll
2017-09-13 16:52 - 2017-09-05 06:13 - 002009600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2017-09-13 16:52 - 2017-09-05 06:13 - 001802752 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2017-09-13 16:52 - 2017-09-05 06:13 - 000407040 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2017-09-13 16:52 - 2017-09-05 06:12 - 006265856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2017-09-13 16:52 - 2017-09-05 06:12 - 002153984 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll
2017-09-13 16:52 - 2017-09-05 06:11 - 003654656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2017-09-13 16:52 - 2017-09-05 06:11 - 001463296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2017-09-13 16:52 - 2017-09-05 06:11 - 000254976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys
2017-09-13 16:52 - 2017-09-05 06:09 - 000268288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wisp.dll
2017-09-13 16:52 - 2017-09-05 06:07 - 000201728 _____ (Microsoft Corporation) C:\WINDOWS\system32\RstrtMgr.dll
2017-09-13 16:52 - 2017-09-05 06:07 - 000061952 _____ (Microsoft Corporation) C:\WINDOWS\system32\vss_ps.dll
2017-09-13 16:52 - 2017-09-05 06:06 - 000078848 _____ (Microsoft Corporation) C:\WINDOWS\system32\offreg.dll
2017-09-13 16:52 - 2017-09-01 07:55 - 000031932 _____ C:\WINDOWS\system32\edgehtmlpluginpolicy.bin
2017-09-13 16:34 - 2017-09-13 16:34 - 000017695 _____ C:\Users\Marc\Downloads\[FreakTorrents.net]54E618AFD9B487EEA01185A15FE8C83A11E4200D (1).torrent
2017-09-13 00:02 - 2017-09-13 00:02 - 000086510 _____ C:\Users\Marc\Downloads\holdemresources_hu_equilibrium.zip
2017-09-11 23:05 - 2017-09-12 03:22 - 000037344 _____ (Wellbia.com Co., Ltd.) C:\WINDOWS\xhunter1.sys
2017-09-11 21:42 - 2017-09-11 21:42 - 000001677 _____ C:\Users\Marc\Desktop\S4 League.lnk
2017-09-11 21:42 - 2017-09-11 21:42 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\S4 League
2017-09-11 21:06 - 2017-09-11 21:06 - 000000000 ____D C:\Users\Marc\AppData\Local\Akamai
2017-09-11 21:05 - 2017-09-11 21:05 - 000578584 _____ (Aeria Games & Entertainment) C:\Users\Marc\Downloads\s4league_us_downloader.exe
2017-09-11 16:02 - 2017-09-11 16:02 - 000002055 _____ C:\ProgramData\Microsoft\Windows\Start Menu\PokerStars.eu.lnk
2017-09-11 16:02 - 2017-09-11 16:02 - 000002049 _____ C:\Users\Public\Desktop\PokerStars.eu.lnk
2017-09-11 16:02 - 2017-09-11 16:02 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PokerStars.EU
2017-09-11 16:01 - 2017-09-11 16:04 - 000000000 ____D C:\Program Files (x86)\PokerStars.EU
2017-09-11 15:55 - 2017-09-11 15:59 - 120204024 _____ (Rational Intellectual Holdings Ltd.) C:\Users\Marc\Downloads\PokerStarsInstallEU (2).exe
2017-09-08 21:30 - 2017-09-08 21:30 - 007897776 _____ (Tim Kosse) C:\Users\Marc\Downloads\FileZilla_3.27.1_win64-setup.exe
2017-09-08 21:30 - 2017-09-08 21:30 - 007075640 _____ (Tim Kosse) C:\Users\Marc\Downloads\FileZilla_3.26.2_win64-setup.exe
2017-09-07 12:12 - 2017-09-07 12:12 - 000000000 ____D C:\Users\Marc\AppData\Local\DBG
2017-09-06 22:52 - 2017-09-06 22:52 - 000000000 ____D C:\Users\Marc\AppData\Roaming\.mono
2017-09-06 22:52 - 2017-09-06 22:52 - 000000000 ____D C:\Users\Marc\AppData\Local\Colossal Order
2017-09-06 22:52 - 2017-09-06 22:52 - 000000000 ____D C:\ProgramData\.mono
2017-09-06 16:45 - 2017-09-06 16:45 - 000038656 _____ (The OpenVPN Project) C:\WINDOWS\system32\Drivers\tap-tb-0901.sys
2017-09-03 16:24 - 2017-09-03 16:24 - 000000149 _____ C:\Users\Marc\Downloads\284281-0_mp3_high.m3u
2017-09-02 16:23 - 2017-09-16 18:51 - 000253888 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2017-09-02 16:23 - 2017-09-16 18:51 - 000094144 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2017-09-02 16:23 - 2017-09-16 18:51 - 000045472 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2017-09-02 16:23 - 2017-09-02 16:23 - 000192960 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMChameleon.sys
2017-09-02 16:23 - 2017-09-02 16:23 - 000001916 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2017-09-02 16:23 - 2017-09-02 16:23 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2017-09-02 16:23 - 2017-08-24 11:27 - 000077440 _____ C:\WINDOWS\system32\Drivers\mbae64.sys
2017-09-02 04:41 - 2017-09-02 04:43 - 119336688 _____ (Rational Intellectual Holdings Ltd.) C:\Users\Marc\Downloads\PokerStarsInstallEU (1).exe
2017-08-30 17:14 - 2017-08-30 17:14 - 000010382 _____ C:\Users\Marc\Downloads\Ihre Retourenmarke.pdf
2017-08-27 07:37 - 2017-08-27 07:37 - 000066937 _____ C:\Users\Marc\Downloads\Konto_1032807867-Auszug_2017_004.PDF
2017-08-27 07:07 - 2017-08-27 07:07 - 000070046 _____ C:\Users\Marc\Downloads\Konto_1032439687-Auszug_2017_016.PDF
2017-08-27 07:07 - 2017-08-27 07:07 - 000066765 _____ C:\Users\Marc\Downloads\Konto_1032807867-Auszug_2017_005.PDF
2017-08-27 07:05 - 2017-08-27 07:05 - 000067862 _____ C:\Users\Marc\Downloads\20170822_Wertpapier_Aenderungsbestaetigung_fuer_DE0008232125_DEUTSCHE_LUFTHANSA_AG.PDF
2017-08-25 16:01 - 2017-08-25 16:01 - 000001007 _____ C:\Users\Public\Desktop\EPSON Scan.lnk
2017-08-25 16:01 - 2014-02-25 00:00 - 000466944 _____ (Seiko Epson Corporation) C:\WINDOWS\system32\esxw2ud.dll
2017-08-25 16:01 - 2012-05-17 00:00 - 000144560 _____ (Seiko Epson Corporation) C:\WINDOWS\system32\escsvc64.exe
2017-08-25 15:54 - 2017-08-25 15:54 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON Software
2017-08-25 15:52 - 2017-08-25 16:04 - 000000951 _____ C:\WINDOWS\Tasks\EPSON WF-2760 Series Update {68E8254B-F612-4C41-8893-CD52FBAD49A1}.job
2017-08-25 15:52 - 2017-08-25 15:52 - 000004150 _____ C:\WINDOWS\System32\Tasks\EPSON WF-2760 Series Update {68E8254B-F612-4C41-8893-CD52FBAD49A1}
2017-08-23 02:00 - 2017-08-23 02:00 - 000002296 _____ C:\Users\Marc\Downloads\WJE2wr_q20170822195818.zip
2017-08-21 03:44 - 2017-09-13 06:01 - 000004652 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player PPAPI Notifier
2017-08-21 03:01 - 2017-08-21 03:03 - 000002726 _____ C:\Users\Marc\Downloads\GA_log.txt
2017-08-21 02:59 - 2017-08-21 03:01 - 119336664 _____ (Rational Intellectual Holdings Ltd.) C:\Users\Marc\Downloads\PokerStarsInstallEU.exe

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2017-09-17 19:49 - 2016-11-28 17:02 - 000000000 ____D C:\Users\Marc\AppData\Roaming\Skype
2017-09-17 19:09 - 2017-08-12 22:23 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2017-09-17 18:47 - 2016-12-07 08:32 - 000000000 ____D C:\Users\Marc\AppData\LocalLow\Mozilla
2017-09-17 17:28 - 2017-01-10 00:24 - 000000000 ____D C:\Program Files (x86)\Steam
2017-09-17 17:27 - 2017-03-18 23:01 - 000000000 ____D C:\WINDOWS\INF
2017-09-17 17:04 - 2016-05-05 18:09 - 000000000 ____D C:\ProgramData\Package Cache
2017-09-17 16:39 - 2017-08-12 22:31 - 000004168 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{882D50A6-925B-4CF2-A990-2B3E317B6FFC}
2017-09-17 16:39 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\AppReadiness
2017-09-17 00:00 - 2017-01-16 15:43 - 000000000 ____D C:\Users\Marc\AppData\Local\PokerStars.EU
2017-09-16 23:04 - 2017-08-08 16:43 - 000000000 ____D C:\Users\Marc\Documents\My Games
2017-09-16 19:29 - 2017-08-12 22:25 - 000000000 ____D C:\Users\Marc
2017-09-16 18:57 - 2017-08-12 22:35 - 002441084 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-09-16 18:57 - 2017-03-20 06:35 - 001124236 _____ C:\WINDOWS\system32\perfh007.dat
2017-09-16 18:57 - 2017-03-20 06:35 - 000252118 _____ C:\WINDOWS\system32\perfc007.dat
2017-09-16 18:52 - 2016-11-28 17:00 - 000000000 __SHD C:\Users\Marc\IntelGraphicsProfiles
2017-09-16 18:51 - 2017-08-12 22:31 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-09-16 18:51 - 2017-08-12 22:23 - 000380520 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2017-09-16 18:51 - 2017-03-18 13:40 - 001048576 _____ C:\WINDOWS\system32\config\BBI
2017-09-15 22:46 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\rescache
2017-09-15 15:21 - 2017-03-18 23:03 - 000000000 ___HD C:\Program Files\WindowsApps
2017-09-13 19:12 - 2017-03-18 22:51 - 000000000 ____D C:\WINDOWS\CbsTemp
2017-09-13 18:46 - 2016-02-13 15:20 - 000000000 __RHD C:\Users\Public\AccountPictures
2017-09-13 18:44 - 2017-03-20 06:35 - 000000000 ____D C:\WINDOWS\system32\de
2017-09-13 18:44 - 2017-03-18 23:03 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2017-09-13 18:44 - 2017-03-18 23:03 - 000000000 ___SD C:\WINDOWS\system32\F12
2017-09-13 18:44 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2017-09-13 18:44 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2017-09-13 18:44 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\system32\setup
2017-09-13 18:44 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\ShellExperiences
2017-09-13 18:44 - 2017-03-18 23:03 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2017-09-13 18:44 - 2017-03-18 23:03 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2017-09-13 16:57 - 2016-11-28 20:36 - 000000000 ____D C:\WINDOWS\system32\MRT
2017-09-13 16:56 - 2016-11-28 20:36 - 138202976 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-09-13 06:01 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2017-09-13 06:01 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\system32\Macromed
2017-09-12 19:03 - 2016-11-28 17:00 - 000000000 ____D C:\Users\Marc\AppData\Local\VirtualStore
2017-09-09 05:55 - 2017-04-19 10:19 - 000000000 ____D C:\Users\Marc\AppData\Roaming\FileZilla
2017-09-09 04:05 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2017-09-09 03:06 - 2017-08-12 22:44 - 000003374 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-721633766-3456424319-3093112155-1001
2017-09-09 03:06 - 2017-08-12 22:44 - 000002429 _____ C:\Users\Marc\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2017-09-09 03:06 - 2016-11-28 17:02 - 000000000 ___RD C:\Users\Marc\OneDrive
2017-09-07 12:03 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\system32\NDF
2017-09-03 17:35 - 2016-08-23 18:49 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2017-09-03 05:41 - 2017-03-18 23:03 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2017-09-02 17:15 - 2017-03-18 23:06 - 000835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2017-09-02 17:15 - 2017-03-18 23:06 - 000177656 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2017-09-02 05:38 - 2017-06-28 19:43 - 000000000 ____D C:\Program Files\Mozilla Firefox
2017-09-02 05:38 - 2016-05-05 18:08 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2017-08-28 21:52 - 2016-11-29 05:14 - 000002268 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-08-28 21:52 - 2016-11-29 05:14 - 000002256 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2017-08-25 16:01 - 2017-07-11 17:23 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON
2017-08-25 16:00 - 2017-07-11 17:23 - 000000000 ____D C:\Program Files (x86)\epson
2017-08-25 15:55 - 2017-07-11 17:22 - 000000000 ____D C:\ProgramData\EPSON
2017-08-25 15:54 - 2017-07-11 17:24 - 000000000 ____D C:\Program Files (x86)\EPSON Software
2017-08-21 03:44 - 2017-08-12 22:31 - 000004440 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2017-08-21 03:44 - 2016-12-15 08:55 - 000000000 ____D C:\Users\Marc\AppData\Local\Adobe
2017-08-19 23:03 - 2016-12-06 22:09 - 000000000 ____D C:\Users\Marc\AppData\Local\ElevatedDiagnostics
2017-08-18 19:31 - 2016-12-02 16:04 - 000544424 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2017-09-13 18:54 - 2017-09-17 18:15 - 000001315 _____ () C:\Users\Marc\AppData\Roaming\SAS7_000.DAT
2016-12-06 19:25 - 2016-11-23 15:37 - 000000570 _____ () C:\Users\Marc\AppData\Local\TroubleshooterConfig.json
2017-08-12 22:24 - 2017-08-12 22:24 - 000000000 ____H () C:\ProgramData\DP45977C.lfl

==================== Bamital & volsnap ======================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert

LastRegBack: 2017-09-10 22:42

==================== Ende von FRST.txt ============================

--- --- ---

Addition.txt Part 1

Zitat:

Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 17-09-2017
durchgeführt von Marc (17-09-2017 19:51:19)
Gestartet von C:\Users\Marc\Pictures\criplling memes
Windows 10 Home Version 1703 (X64) (2017-08-12 20:34:03)
Start-Modus: Normal
==========================================================

==================== Konten: =============================

Administrator (S-1-5-21-721633766-3456424319-3093112155-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-721633766-3456424319-3093112155-503 - Limited - Disabled)
Gast (S-1-5-21-721633766-3456424319-3093112155-501 - Limited - Disabled)
Marc (S-1-5-21-721633766-3456424319-3093112155-1001 - Administrator - Enabled) => C:\Users\Marc

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

. . . (HKLM\...\{DB52A2D0-CAA1-4ED1-B122-29E7EDDE187F}) (Version: 2.1.28.3 - Intel) Hidden
. . . (HKLM-x32\...\{06DA421D-EE23-487D-878F-F0AF97EF69AD}) (Version: 2.6.1.4 - Intel) Hidden
7-Zip 16.04 (x64) (HKLM\...\7-Zip) (Version: 16.04 - Igor Pavlov)
Acer Care Center (HKLM\...\{1AF41E84-3408-499A-8C93-8891F0612719}) (Version: 2.00.3027 - Acer Incorporated)
Acer Configuration Manager (HKLM-x32\...\{414D554E-4453-454E-0201-000000016258}) (Version: 2.1.16258 - Acer)
Acer Quick Access (HKLM\...\{C1FA525F-D701-4B31-9D32-504FC0CF0B98}) (Version: 1.01.3023 - Acer Incorporated)
Acer System Information (HKLM-x32\...\{72199E33-4F2A-4B7F-8E25-95DDDD50A678}) (Version: 1.0.0 - Acer)
Adobe Flash Player 27 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 27.0.0.130 - Adobe Systems Incorporated)
Adobe Flash Player 27 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 27.0.0.130 - Adobe Systems Incorporated)
Akamai NetSession Interface (HKU\S-1-5-21-721633766-3456424319-3093112155-1001\...\Akamai) (Version: - Akamai Technologies, Inc)
Ansel (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Ansel) (Version: 375.95 - NVIDIA Corporation) Hidden
AOP Framework (HKLM-x32\...\{4A37A114-702F-4055-A4B6-16571D4A5353}) (Version: 3.22.2001.0 - Acer Incorporated)
ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: 2.12 - Michael Tippach)
AutoHotkey 1.1.25.01 (HKLM\...\AutoHotkey) (Version: 1.1.25.01 - Lexikos)
BitRaider Streaming Client (HKLM-x32\...\BitRaider Streaming Client) (Version: 1.3.3.4098 - BitRaider, LLC)
Call of Duty: Ghosts (HKLM\...\Steam App 209160) (Version: - Infinity Ward)
CCleaner (HKLM\...\CCleaner) (Version: 5.24 - Piriform)
Cities: Skylines (HKLM\...\Steam App 255710) (Version: - Colossal Order Ltd.)
cuties (HKU\S-1-5-21-721633766-3456424319-3093112155-1001\...\cuties) (Version: - )
CyberLink PowerDVD 12 (HKLM-x32\...\InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A}) (Version: 12.0.5917.02 - CyberLink Corp.)
DARK SOULS™ III (HKLM\...\Steam App 374320) (Version: - FromSoftware, Inc.)
Democracy 3 (HKLM\...\Steam App 245470) (Version: - Positech Games)
DiskCryptor 1.1 (HKLM\...\DiskCryptor_is1) (Version: 1.1 - hxxp://diskcryptor.net/)
Dragon 15 (HKLM-x32\...\{768AC460-237E-45B6-99B8-1DE6D0F391E8}) (Version: 15.00.000 - Nuance Communications Inc.)
DriverSetupUtility (HKLM\...\{2B51C83A-465D-4EA9-9CDC-1ED95ED09AC6}) (Version: 1.00.3015 - Acer Incorporated)
ELAN HIDI2C Filter Driver X64 13.6.5.2_WHQL (HKLM\...\Elantech) (Version: 13.6.5.2 - ELAN Microelectronic Corp.)
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version: - Seiko Epson Corporation)
Epson Software Updater (HKLM-x32\...\{B55DB65D-EF6E-4E04-89D5-B03603BF681B}) (Version: 4.4.5 - SEIKO EPSON CORPORATION)
EPSON WF-2760 Series Printer Uninstall (HKLM\...\EPSON WF-2760 Series) (Version: - Seiko Epson Corporation)
EVEREST Ultimate Edition v5.50 (HKLM-x32\...\EVEREST Ultimate Edition_is1) (Version: 5.50 - Lavalys, Inc.)
FileZilla Client 3.25.1 (HKLM-x32\...\FileZilla Client) (Version: 3.25.1 - Tim Kosse)
FL Studio 12 (HKLM-x32\...\FL Studio 12) (Version: - Image-Line)
FL Studio ASIO (HKLM-x32\...\FL Studio ASIO) (Version: - Image-Line)
Ghost Control 3.0.6 (HKLM-x32\...\Ghost Control_is1) (Version: - N.R.S.)
Git version 2.13.2 (HKLM\...\Git_is1) (Version: 2.13.2 - The Git Development Community)
Goat Simulator (HKLM\...\Steam App 265930) (Version: - Coffee Stain Studios)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 60.0.3112.113 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.5 - Google Inc.) Hidden
IL Download Manager (HKLM-x32\...\IL Download Manager) (Version: - Image-Line)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.5.0.1015 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 21.20.16.4534 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 15.0.0.1039 - Intel Corporation)
Intel(R) Serial IO (HKLM\...\{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}) (Version: 30.63.1620.3 - Intel Corporation)
Intel® Chipsatz-Gerätesoftware (HKLM-x32\...\{61a0f1f5-c77e-4992-ba85-029f93cd8d18}) (Version: 10.1.1.27 - Intel(R) Corporation) Hidden
Intel® Driver Update Utility (HKLM-x32\...\{fe2eebd3-ee15-4538-bb19-b627e3f2a911}) (Version: 2.6.1.4 - Intel)
Intel® Security Assist (HKLM-x32\...\{8B08DDA1-FDE7-4897-8EB6-E0B048A6D88B}) (Version: 1.0.1.618 - Intel Corporation)
Malwarebytes Version 3.2.2.2018 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.2.2.2018 - Malwarebytes)
Microsoft Office 365 - de-de (HKLM\...\O365HomePremRetail - de-de) (Version: 16.0.8326.2096 - Microsoft Corporation)
Microsoft Office Professional Plus 2016 - de-de (HKLM\...\ProPlusRetail - de-de) (Version: 16.0.8326.2096 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-721633766-3456424319-3093112155-1001\...\OneDriveSetup.exe) (Version: 17.3.6966.0824 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23506 (HKLM-x32\...\{3ee5e5bb-b7cc-4556-8861-a00a82977d6c}) (Version: 14.0.23506.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual Studio Code (HKLM-x32\...\{F8A2A208-72B3-4D61-95FC-8A65D340689B}_is1) (Version: 1.13.1 - Microsoft Corporation)
Mozilla Firefox 55.0.3 (x64 de) (HKLM\...\Mozilla Firefox 55.0.3 (x64 de)) (Version: 55.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 55.0.3.6445 - Mozilla)
Node.js (HKLM\...\{394C9E4A-F081-4147-BE9F-1EBB80EF996D}) (Version: 6.11.0 - Node.js Foundation)
Notepad++ (64-bit x64) (HKLM\...\Notepad++) (Version: 7.3.1 - Notepad++ Team)
NVIDIA Grafiktreiber 376.54 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 376.54 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.8326.2096 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.8326.2096 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.8326.2096 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0407-0000-0000000FF1CE}) (Version: 16.0.8326.2096 - Microsoft Corporation) Hidden
PokerStars.eu (HKLM-x32\...\PokerStars.eu) (Version: - PokerStars.eu)
Qualcomm Atheros 11ac Wireless LAN Installer (HKLM-x32\...\{20CA507E-24AA-4741-87CF-CC1B250790B7}) (Version: 11.0.10299 - Qualcomm Atheros)
Qualcomm Atheros Bluetooth Installer (64) (HKLM\...\{628988B4-3FA5-4EA6-BAA3-DA640F6718BD}) (Version: 10.0.0.191 - Qualcomm Atheros)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.10586.21287 - Realtek Semiconduct Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.6.1001.2015 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7836 - Realtek Semiconductor Corp.)
Recuva (HKLM\...\Recuva) (Version: 1.53 - Piriform)
Rocket League (HKLM\...\Steam App 252950) (Version: - Psyonix, Inc.)
S4 League Version 1362 (HKLM-x32\...\S4 League_is1) (Version: 1362 - Aeria Games)
Skype™ 7.35 (HKLM-x32\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.35.103 - Skype Technologies S.A.)
Star Wars: The Old Republic (HKLM-x32\...\{3B11D799-48E0-48ED-BFD7-EA655676D8BB}) (Version: 1.00 - Electronic Arts, Inc.)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Trove (HKLM\...\Steam App 304050) (Version: - Trion Worlds)
TunnelBear (HKLM-x32\...\{8092fbe5-9e59-4729-a5de-5bb6a64873cc}) (Version: 3.0.37.12 - TunnelBear)
TunnelBear (HKLM-x32\...\{ABC9BE61-B890-4100-BCA4-5AC3BF1F3CB5}) (Version: 3.0.37.12 - TunnelBear) Hidden
Vulkan Run Time Libraries 1.0.26.0 (HKLM\...\VulkanRT1.0.26.0) (Version: 1.0.26.0 - LunarG, Inc.)
Windows 10 Update and Privacy Settings (HKLM\...\{4DFCD818-036A-4229-A67D-CF17DC461D92}) (Version: 1.0.14.0 - Microsoft Corporation)
WinRAR 5.40 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.40.0 - win.rar GmbH)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

Verdacht auf Trojaner Win10

Log-Analyse und Auswertung: Verdacht auf Trojaner Win10

Verdacht auf Trojaner Win10

Ähnliche Themen: Verdacht auf Trojaner Win10