| |
| |||||||
Log-Analyse und Auswertung: windows10: AVIRA meldet Trojaner-FundWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
25.11.2017, 14:07
| #1 |
 |  windows10: AVIRA meldet Trojaner-Fund Hallo, seit einiger Zeit habe ich das Problem, dass Avira immer wieder Trojaner (TR/Drop.Agent.eozed; TR/Kryptik.stlqb) findet. Die gefundenen infizierten Dateien befinden sich immer in C:\Windows\Temp\ und werden direkt in die Quarantäne verschoben. Ich würde das Problem gerne beseitigen und mein System säubern. Vielen Dank vorab für Eure Hilfe. Anbei die logfiles (leider war das logfile von avguard zu groß - daher als Anhang): Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 24-11-2017 01
durchgeführt von Freddy (Administrator) auf FREDDY_LAPTOP (25-11-2017 12:56:53)
Gestartet von C:\Users\Freddy\Desktop\Trojan
Geladene Profile: Freddy (Verfügbare Profile: Freddy & Lydia)
Platform: Windows 10 Home Version 1709 16299.64 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: IE)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avguard.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Seiko Epson Corporation) C:\Windows\System32\escsvc64.exe
(Intel Corporation) C:\Windows\System32\ibtsiva.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe
(Geek Software GmbH) C:\Program Files (x86)\PDF24\pdf24.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgr.exe
(Sony Corporation) C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgrSub.exe
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\SUSSoundProxy.exe
(Sony Corporation) C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avshadow.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VAIOTM\VTSvc.exe
(Sony Corporation) C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Update\VUAgent.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\vim.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCService.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCAgent.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgrSub.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkClient.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCSystemTray.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\vim.exe
(Sony Corporation) C:\Program Files\Sony\NFC Connection Utility\NFCConnectionUtility.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VAIO Clip.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VAIOTM\VTUsr.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avgnt.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
(Sony Corporation) C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SHTtray.exe
(Microsoft Corporation) C:\Program Files\internet explorer\iexplore.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe
(Microsoft Corporation) C:\Windows\System32\prevhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
==================== Registry (Nicht auf der Ausnahmeliste) ===========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [630168 2017-09-29] (Microsoft Corporation)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3954368 2015-09-21] (Synaptics Incorporated)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Beschränkung <==== ACHTUNG
GroupPolicy: Beschränkung - Chrome <==== ACHTUNG
CHR HKLM\SOFTWARE\Policies\Google: Beschränkung <==== ACHTUNG
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{0a976dfa-6aa2-4604-8b44-ed8d20d585f6}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{459b27b5-d66e-418e-b849-9d691fb37683}: [DhcpNameServer] 192.168.178.1
Internet Explorer:
==================
HKU\S-1-5-21-3483465479-2191358556-2575146349-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.gmx.net/
HKU\S-1-5-21-3483465479-2191358556-2575146349-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://sony13.msn.com
SearchScopes: HKU\S-1-5-21-3483465479-2191358556-2575146349-1001 -> {6A8CC696-3745-4668-A38E-46E567058A8B} URL = hxxp://de.wikipedia.org/w/index.php?title=Spezial:Suche&search={searchTerms}
SearchScopes: HKU\S-1-5-21-3483465479-2191358556-2575146349-1001 -> {84F8B878-A832-4C05-9E3F-BB52FAD57D4C} URL = hxxp://rover.ebay.com/rover/1/707-37276-16609-27/4?mpre=hxxp://shop.ebay.de/?oemInLn=ieSrch-&_nkw={searchTerms}
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO: Easy Photo Print -> {9421DD08-935F-4701-A9CA-22DF90AC4EA6} -> C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll [2015-07-31] (Seiko Epson Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: E-Web Print -> {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} -> C:\Program Files (x86)\Epson Software\E-Web Print\ewps_tb.dll [2014-11-27] (SEIKO EPSON CORPORATION)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_131\bin\ssv.dll [2017-04-30] (Oracle Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_131\bin\jp2ssv.dll [2017-04-30] (Oracle Corporation)
Toolbar: HKLM - Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll [2015-07-31] (Seiko Epson Corporation)
Toolbar: HKLM-x32 - E-Web Print - {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} - C:\Program Files (x86)\Epson Software\E-Web Print\ewps_tb.dll [2014-11-27] (SEIKO EPSON CORPORATION)
DPF: HKLM-x32 {5AE58FCF-6F6A-49B2-B064-02492C66E3F4} hxxp://catalog.update.microsoft.com/v7/site/ClientControl/en/x86/MuCatalogWebControl.cab?1481937349192
FireFox:
========
FF HKLM\...\Firefox\Extensions: [{71C4618D-E9D5-4326-B9BC-A7F092D98B70}] - C:\WINDOWS\Installer\{732EF8AC-F655-479A-AC27-F5BC00B97AE3}\{71C4618D-E9D5-4326-B9BC-A7F092D98B70}.xpi
FF Extension: ( ) - C:\WINDOWS\Installer\{732EF8AC-F655-479A-AC27-F5BC00B97AE3}\{71C4618D-E9D5-4326-B9BC-A7F092D98B70}.xpi [2017-10-18]
FF HKLM-x32\...\Firefox\Extensions: [{71C4618D-E9D5-4326-B9BC-A7F092D98B70}] - C:\WINDOWS\Installer\{732EF8AC-F655-479A-AC27-F5BC00B97AE3}\{71C4618D-E9D5-4326-B9BC-A7F092D98B70}.xpi
FF Plugin: @java.com/DTPlugin,version=10.13.2 -> C:\WINDOWS\system32\npDeployJava1.dll [2013-08-08] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\Program Files\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=3.5.20 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-04-02] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-04-02] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.131.2 -> C:\Program Files (x86)\Java\jre1.8.0_131\bin\dtplugin\npDeployJava1.dll [2017-04-30] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.131.2 -> C:\Program Files (x86)\Java\jre1.8.0_131\bin\plugin2\npjp2.dll [2017-04-30] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\Program Files (x86)\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2017-11-01] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3483465479-2191358556-2575146349-1001: intel.com/AppUp -> C:\Program Files (x86)\Intel\IntelAppStore\bin\npAppUp.dll [2013-02-19] (Intel)
FF Plugin HKU\S-1-5-21-3483465479-2191358556-2575146349-1001: intel.com/AppUpx64 -> C:\Program Files (x86)\Intel\IntelAppStore\bin\npAppUp_x64.dll [2013-02-19] (Intel)
==================== Dienste (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
S2 AntiVirMailService; C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe [1128944 2017-11-18] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\Antivirus\sched.exe [490968 2017-11-18] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\Antivirus\avguard.exe [490968 2017-11-18] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe [1526832 2017-11-18] (Avira Operations GmbH & Co. KG)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2017-10-11] (Apple Inc.)
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [413592 2017-11-02] (Avira Operations GmbH & Co. KG)
R2 EpsonScanSvc; C:\WINDOWS\system32\EscSvc64.exe [144560 2012-05-17] (Seiko Epson Corporation)
R2 igfxCUIService2.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [373744 2016-11-01] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [731648 2013-02-13] (Intel(R) Corporation) [Datei ist nicht signiert]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [820184 2013-02-13] (Intel(R) Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-04-02] (Intel Corporation)
R2 Intel(R) Wireless Bluetooth(R) 4.0 Radio Management; C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe [157128 2013-09-27] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-04-02] (Intel Corporation)
S3 McAWFwk; C:\Program Files\Common Files\mcafee\actwiz\McAWFwk.exe [334608 2013-07-24] (McAfee, Inc.)
S3 NetworkSupport; C:\Program Files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkSupport.exe [629336 2013-09-28] (Sony Corporation)
R2 PDF24; C:\Program Files (x86)\PDF24\pdf24.exe [217736 2016-12-20] (Geek Software GmbH)
R2 PMBDeviceInfoProvider; C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe [481304 2013-11-21] (Sony Corporation)
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [255168 2015-09-21] (Synaptics Incorporated)
R2 VCFw; C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [972000 2013-01-06] (Sony Corporation)
R3 VUAgent; C:\Program Files\Sony\VAIO Update\vuagent.exe [1656600 2016-03-31] (Sony Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [355304 2017-09-29] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [105944 2017-09-29] (Microsoft Corporation)
R2 ibtsiva; %SystemRoot%\system32\ibtsiva [X]
===================== Treiber (Nicht auf der Ausnahmeliste) ======================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R0 avdevprot; C:\WINDOWS\System32\DRIVERS\avdevprot.sys [60920 2017-06-20] (Avira Operations GmbH & Co. KG)
R2 avgntflt; C:\WINDOWS\System32\DRIVERS\avgntflt.sys [176224 2017-10-07] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [167464 2017-09-05] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\WINDOWS\system32\DRIVERS\avkmgr.sys [44488 2017-03-31] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\WINDOWS\system32\DRIVERS\avnetflt.sys [88488 2017-03-31] (Avira Operations GmbH & Co. KG)
R0 avusbflt; C:\WINDOWS\System32\Drivers\avusbflt.sys [38048 2017-06-20] (Avira Operations GmbH & Co. KG)
R3 ibtusb; C:\WINDOWS\system32\DRIVERS\ibtusb.sys [230656 2016-12-12] (Intel Corporation)
R0 IntelHSWPcc; C:\WINDOWS\System32\drivers\IntelPcc.sys [77992 2013-11-28] (Intel Corporation)
S3 ISCT; C:\WINDOWS\System32\drivers\ISCTD64.sys [46568 2013-04-15] ()
R3 MEIx64; C:\WINDOWS\system32\DRIVERS\TeeDriverx64.sys [99288 2013-12-19] (Intel Corporation)
R3 NETwNb64; C:\WINDOWS\system32\DRIVERS\Netwbw02.sys [3525896 2016-11-09] (Intel Corporation)
S3 rtux64w10; C:\WINDOWS\System32\drivers\rtux64w10.sys [354624 2016-08-07] (Realtek )
R3 SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [51392 2015-09-21] (Synaptics Incorporated)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44608 2017-09-29] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [309144 2017-09-29] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [119192 2017-09-29] (Microsoft Corporation)
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2017-11-19 14:29 - 2017-10-25 10:11 - 017083904 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramCompositor.dll
2017-11-19 14:29 - 2017-10-25 10:11 - 000336896 _____ (Microsoft Corporation) C:\WINDOWS\system32\HolographicRuntimes.dll
2017-11-19 14:29 - 2017-10-25 10:09 - 021753344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Hydrogen.dll
2017-11-19 14:29 - 2017-10-25 09:57 - 000956416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Spectrum.exe
2017-11-19 14:29 - 2017-10-25 09:57 - 000882688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Mirage.Internal.dll
2017-11-19 14:29 - 2017-10-25 09:56 - 000665600 _____ (Microsoft Corporation) C:\WINDOWS\system32\DHolographicDisplay.dll
2017-11-19 14:29 - 2017-10-25 07:36 - 000618496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Mirage.Internal.dll
2017-11-19 14:29 - 2017-10-25 05:41 - 000362176 _____ (Microsoft Corporation) C:\WINDOWS\system32\BioIso.exe
2017-11-19 14:29 - 2017-10-25 05:40 - 001634288 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2017-11-19 14:29 - 2017-10-25 05:40 - 000612760 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2017-11-19 14:29 - 2017-10-25 05:40 - 000269696 _____ C:\WINDOWS\system32\FaceProcessorCore.dll
2017-11-19 14:29 - 2017-10-25 05:39 - 007831248 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10warp.dll
2017-11-19 14:29 - 2017-10-25 05:39 - 000479912 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64win.dll
2017-11-19 14:29 - 2017-10-25 05:39 - 000285080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2017-11-19 14:29 - 2017-10-25 05:37 - 001954048 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2017-11-19 14:29 - 2017-10-25 05:37 - 000610712 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2017-11-19 14:29 - 2017-10-25 05:36 - 008590744 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2017-11-19 14:29 - 2017-10-25 05:36 - 002400664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2017-11-19 14:29 - 2017-10-25 05:36 - 000187288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2017-11-19 14:29 - 2017-10-25 05:34 - 002573208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2017-11-19 14:29 - 2017-10-25 05:34 - 000839928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Perception.Stub.dll
2017-11-19 14:29 - 2017-10-25 05:34 - 000710920 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2017-11-19 14:29 - 2017-10-25 05:32 - 000559512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2017-11-19 14:29 - 2017-10-25 05:32 - 000147864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wcifs.sys
2017-11-19 14:29 - 2017-10-25 05:31 - 000436120 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostCommon.dll
2017-11-19 14:29 - 2017-10-25 05:31 - 000045464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storufs.sys
2017-11-19 14:29 - 2017-10-25 05:30 - 004487968 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2017-11-19 14:29 - 2017-10-25 05:30 - 000555416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2017-11-19 14:29 - 2017-10-25 05:29 - 002269080 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsrcsnk.dll
2017-11-19 14:29 - 2017-10-25 05:29 - 001507736 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2017-11-19 14:29 - 2017-10-25 05:29 - 000603920 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2017-11-19 14:29 - 2017-10-25 05:28 - 001170008 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2017-11-19 14:29 - 2017-10-25 05:27 - 006791472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2017-11-19 14:29 - 2017-10-25 05:27 - 001970520 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
2017-11-19 14:29 - 2017-10-25 05:27 - 001426152 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2017-11-19 14:29 - 2017-10-25 05:27 - 000374032 _____ (Microsoft Corporation) C:\WINDOWS\system32\vac.exe
2017-11-19 14:29 - 2017-10-25 05:24 - 000428952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2017-11-19 14:29 - 2017-10-25 05:20 - 002717392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2017-11-19 14:29 - 2017-10-25 04:52 - 001615720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2017-11-19 14:29 - 2017-10-25 04:50 - 001528904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2017-11-19 14:29 - 2017-10-25 04:36 - 025246208 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2017-11-19 14:29 - 2017-10-25 04:30 - 005615968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10warp.dll
2017-11-19 14:29 - 2017-10-25 04:30 - 000354200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudExperienceHostCommon.dll
2017-11-19 14:29 - 2017-10-25 04:28 - 004648528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2017-11-19 14:29 - 2017-10-25 04:28 - 001246432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
2017-11-19 14:29 - 2017-10-25 04:28 - 000982016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2017-11-19 14:29 - 2017-10-25 04:27 - 001454568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsrcsnk.dll
2017-11-19 14:29 - 2017-10-25 04:27 - 001377080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll
2017-11-19 14:29 - 2017-10-25 04:27 - 001015008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2017-11-19 14:29 - 2017-10-25 04:24 - 000506256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Perception.Stub.dll
2017-11-19 14:29 - 2017-10-25 04:22 - 006015200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2017-11-19 14:29 - 2017-10-25 04:22 - 002465848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2017-11-19 14:29 - 2017-10-25 04:19 - 003670016 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2017-11-19 14:29 - 2017-10-25 04:19 - 000097792 _____ C:\WINDOWS\system32\runexehelper.exe
2017-11-19 14:29 - 2017-10-25 04:18 - 000975872 _____ C:\WINDOWS\system32\FaceProcessor.dll
2017-11-19 14:29 - 2017-10-25 04:18 - 000328192 _____ (Microsoft Corporation) C:\WINDOWS\system32\AcGenral.dll
2017-11-19 14:29 - 2017-10-25 04:18 - 000301056 _____ (Microsoft Corporation) C:\WINDOWS\system32\AcLayers.dll
2017-11-19 14:29 - 2017-10-25 04:18 - 000135168 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_CapabilityAccess.dll
2017-11-19 14:29 - 2017-10-25 04:18 - 000095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\CapabilityAccessManagerClient.dll
2017-11-19 14:29 - 2017-10-25 04:18 - 000056320 _____ (Microsoft Corporation) C:\WINDOWS\system32\AcSpecfc.dll
2017-11-19 14:29 - 2017-10-25 04:16 - 023658496 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2017-11-19 14:29 - 2017-10-25 04:16 - 000227328 _____ (Microsoft Corporation) C:\WINDOWS\system32\CapabilityAccessManager.dll
2017-11-19 14:29 - 2017-10-25 04:16 - 000114688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\UcmCx.sys
2017-11-19 14:29 - 2017-10-25 04:16 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzres.dll
2017-11-19 14:29 - 2017-10-25 04:15 - 000140800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2017-11-19 14:29 - 2017-10-25 04:14 - 000541184 _____ (Microsoft Corporation) C:\WINDOWS\system32\HolographicExtensions.dll
2017-11-19 14:29 - 2017-10-25 04:14 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdrleakdiag.exe
2017-11-19 14:29 - 2017-10-25 04:13 - 013655552 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2017-11-19 14:29 - 2017-10-25 04:13 - 002972672 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
2017-11-19 14:29 - 2017-10-25 04:12 - 001015296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2017-11-19 14:29 - 2017-10-25 04:12 - 000708096 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2017-11-19 14:29 - 2017-10-25 04:12 - 000599040 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2017-11-19 14:29 - 2017-10-25 04:12 - 000568832 _____ (Microsoft Corporation) C:\WINDOWS\system32\TileDataRepository.dll
2017-11-19 14:29 - 2017-10-25 04:11 - 000768512 _____ (Microsoft Corporation) C:\WINDOWS\system32\PCPKsp.dll
2017-11-19 14:29 - 2017-10-25 04:10 - 008099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2017-11-19 14:29 - 2017-10-25 04:10 - 004742144 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2017-11-19 14:29 - 2017-10-25 04:10 - 001167360 _____ (Microsoft Corporation) C:\WINDOWS\system32\ISM.dll
2017-11-19 14:29 - 2017-10-25 04:09 - 002862080 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2017-11-19 14:29 - 2017-10-25 04:09 - 002106368 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2017-11-19 14:29 - 2017-10-25 04:09 - 001806336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.dll
2017-11-19 14:29 - 2017-10-25 04:09 - 000812032 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2017-11-19 14:29 - 2017-10-25 04:08 - 002905600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2017-11-19 14:29 - 2017-10-25 04:08 - 002781696 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2017-11-19 14:29 - 2017-10-25 04:08 - 002633216 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2017-11-19 14:29 - 2017-10-25 04:08 - 002392576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcGenral.dll
2017-11-19 14:29 - 2017-10-25 04:08 - 001667584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Input.Inking.dll
2017-11-19 14:29 - 2017-10-25 04:08 - 000654848 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2017-11-19 14:29 - 2017-10-25 04:08 - 000487424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcSpecfc.dll
2017-11-19 14:29 - 2017-10-25 04:08 - 000465408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2017-11-19 14:29 - 2017-10-25 04:07 - 018914304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2017-11-19 14:29 - 2017-10-25 04:07 - 003478016 _____ (Microsoft Corporation) C:\WINDOWS\system32\mispace.dll
2017-11-19 14:29 - 2017-10-25 04:07 - 001485824 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2017-11-19 14:29 - 2017-10-25 04:07 - 000685056 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2017-11-19 14:29 - 2017-10-25 04:07 - 000372224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcLayers.dll
2017-11-19 14:29 - 2017-10-25 04:07 - 000064512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CapabilityAccessManagerClient.dll
2017-11-19 14:29 - 2017-10-25 04:06 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tzres.dll
2017-11-19 14:29 - 2017-10-25 04:05 - 019339776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2017-11-19 14:29 - 2017-10-25 04:05 - 000106496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2017-11-19 14:29 - 2017-10-25 04:05 - 000022528 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdtcVSp1res.dll
2017-11-19 14:29 - 2017-10-25 04:04 - 000124928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\luafv.sys
2017-11-19 14:29 - 2017-10-25 04:04 - 000041984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdrleakdiag.exe
2017-11-19 14:29 - 2017-10-25 04:03 - 000450048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TileDataRepository.dll
2017-11-19 14:29 - 2017-10-25 04:02 - 000591872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PCPKsp.dll
2017-11-19 14:29 - 2017-10-25 04:01 - 012687360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2017-11-19 14:29 - 2017-10-25 04:01 - 000462848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2017-11-19 14:29 - 2017-10-25 03:59 - 003679232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2017-11-19 14:29 - 2017-10-25 03:59 - 000664576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2017-11-19 14:29 - 2017-10-25 03:58 - 002467840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2017-11-19 14:29 - 2017-10-25 03:58 - 001322496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Input.Inking.dll
2017-11-19 14:29 - 2017-10-25 03:58 - 001280000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Speech.dll
2017-11-19 14:29 - 2017-10-25 03:57 - 006035968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2017-11-19 14:29 - 2017-10-25 03:55 - 002864640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mispace.dll
2017-11-19 14:29 - 2017-10-25 03:54 - 000022528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msdtcVSp1res.dll
2017-11-19 14:29 - 2017-10-21 13:25 - 003313968 _____ C:\WINDOWS\system32\Windows.Mirage.dll
2017-11-19 14:29 - 2017-10-20 15:17 - 002474584 _____ C:\WINDOWS\SysWOW64\Windows.Mirage.dll
2017-11-19 14:29 - 2017-10-20 06:08 - 000339968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msexcl40.dll
2017-11-18 15:16 - 2017-11-18 15:16 - 000001193 _____ C:\Users\Public\Desktop\Avira.lnk
2017-11-18 09:24 - 2017-11-18 09:24 - 000000000 ____D C:\Users\Freddy\Documents\Telenot
2017-11-18 09:24 - 2017-11-18 09:24 - 000000000 ____D C:\Users\Freddy\AppData\Roaming\SumatraPDF
2017-11-18 09:24 - 2017-11-18 09:24 - 000000000 ____D C:\Users\Freddy\AppData\Local\Telenot
2017-11-18 09:24 - 2017-11-18 09:24 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Telenot
2017-11-18 09:24 - 2017-11-18 09:24 - 000000000 ____D C:\Program Files (x86)\Telenot
2017-11-11 15:31 - 2017-11-19 14:59 - 000000600 _____ C:\Users\Freddy\AppData\Local\PUTTY.RND
2017-11-11 15:06 - 2017-11-11 15:06 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud
2017-11-11 15:05 - 2017-11-11 15:05 - 000001816 _____ C:\Users\Public\Desktop\iTunes.lnk
2017-11-11 15:05 - 2017-11-11 15:05 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2017-11-11 15:05 - 2017-11-11 15:05 - 000000000 ____D C:\Program Files\iTunes
2017-11-11 15:05 - 2017-11-11 15:05 - 000000000 ____D C:\Program Files\iPod
2017-11-11 14:47 - 2017-11-11 14:47 - 000002395 _____ C:\Users\Freddy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Etcher.lnk
2017-11-11 14:47 - 2017-11-11 14:47 - 000000000 ____D C:\Users\Freddy\AppData\Roaming\etcher
2017-11-11 14:17 - 2017-11-18 15:45 - 000000000 ____D C:\Users\Freddy\Desktop\Raspberry
2017-11-06 08:25 - 2017-11-18 16:16 - 000000000 ____D C:\WINDOWS\Minidump
2017-11-05 16:49 - 2017-11-05 17:57 - 000000000 ____D C:\Users\Freddy\AppData\Roaming\vlc
2017-11-05 16:49 - 2017-11-05 16:49 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2017-11-05 16:49 - 2017-11-05 16:49 - 000000000 ____D C:\Program Files (x86)\VideoLAN
2017-10-28 11:11 - 2017-10-28 11:11 - 000000000 ____D C:\ProgramData\Microsoft OneDrive
2017-10-28 11:10 - 2017-10-28 11:10 - 000000000 ___HD C:\Users\Freddy\MicrosoftEdgeBackups
2017-10-28 11:09 - 2017-10-28 11:09 - 000000020 ___SH C:\Users\Freddy\ntuser.ini
2017-10-28 11:09 - 2017-10-28 11:09 - 000000000 ___RD C:\Users\Freddy\3D Objects
2017-10-28 11:09 - 2017-10-28 11:09 - 000000000 ____D C:\Users\WDAGUtilityAccount\AppData\Local\Packages
2017-10-28 11:09 - 2017-10-28 11:09 - 000000000 ____D C:\Users\WDAGUtilityAccount
2017-10-28 10:21 - 2017-11-11 14:57 - 000000000 ____D C:\Windows.old
2017-10-28 09:43 - 2017-10-28 09:43 - 000000000 ____D C:\ProgramData\USOShared
2017-10-28 09:37 - 2017-11-19 21:06 - 002088970 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-10-28 09:35 - 2017-11-25 12:54 - 000004170 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{66960764-C7A5-4C4F-8DA1-5400FDCC99F3}
2017-10-28 09:35 - 2017-11-19 21:02 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-10-28 09:35 - 2017-11-18 09:16 - 000004562 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2017-10-28 09:35 - 2017-11-05 12:12 - 000003208 _____ C:\WINDOWS\System32\Tasks\Avira SystrayStartTrigger
2017-10-28 09:35 - 2017-11-03 06:33 - 000003376 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3483465479-2191358556-2575146349-1001
2017-10-28 09:35 - 2017-10-28 09:43 - 000003374 _____ C:\WINDOWS\System32\Tasks\Avira_Antivirus_Systray
2017-10-28 09:35 - 2017-10-28 09:36 - 000011433 _____ C:\WINDOWS\diagwrn.xml
2017-10-28 09:35 - 2017-10-28 09:36 - 000011433 _____ C:\WINDOWS\diagerr.xml
2017-10-28 09:35 - 2017-10-28 09:35 - 000014400 _____ C:\WINDOWS\System32\Tasks\CoolKiller
2017-10-28 09:35 - 2017-10-28 09:35 - 000004018 _____ C:\WINDOWS\System32\Tasks\Clientlizenzdienst(ClipSVC)Mobile
2017-10-28 09:35 - 2017-10-28 09:35 - 000003498 _____ C:\WINDOWS\System32\Tasks\EPSON XP-520 Series Update {AA49A6FF-529B-4F6B-95BC-379A9FC14BB3}
2017-10-28 09:35 - 2017-10-28 09:35 - 000003498 _____ C:\WINDOWS\System32\Tasks\EPSON XP-520 Series Update {6B85294F-9774-45F0-A6EF-A7293D977B0D}
2017-10-28 09:35 - 2017-10-28 09:35 - 000003310 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{842A7FC2-BB01-4A85-A21F-8AF989AD34AA}
2017-10-28 09:35 - 2017-10-28 09:35 - 000003310 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{2606E4CA-31AC-4BC1-B652-80BFFB987F3E}
2017-10-28 09:35 - 2017-10-28 09:35 - 000002990 _____ C:\WINDOWS\System32\Tasks\updater
2017-10-28 09:35 - 2017-10-28 09:35 - 000002860 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3483465479-2191358556-2575146349-1006
2017-10-28 09:35 - 2017-10-28 09:35 - 000002752 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3483465479-2191358556-2575146349-1001
2017-10-28 09:35 - 2017-10-28 09:35 - 000002318 _____ C:\WINDOWS\System32\Tasks\CreateChoiceProcessTask
2017-10-28 09:35 - 2017-10-28 09:35 - 000002282 _____ C:\WINDOWS\System32\Tasks\aecbf87f4a6326ddc9ea0d5bd736b005
2017-10-28 09:35 - 2017-10-28 09:35 - 000002278 _____ C:\WINDOWS\System32\Tasks\AutoKMSDaily
2017-10-28 09:35 - 2017-10-28 09:35 - 000001918 _____ C:\WINDOWS\System32\Tasks\AutoKMS
2017-10-28 09:35 - 2017-10-28 09:35 - 000000000 ____D C:\WINDOWS\System32\Tasks\Sony Corporation
2017-10-28 09:35 - 2017-10-28 09:35 - 000000000 ____D C:\WINDOWS\System32\Tasks\OfficeSoftwareProtectionPlatform
2017-10-28 09:35 - 2017-10-28 09:35 - 000000000 ____D C:\WINDOWS\System32\Tasks\Apple
2017-10-28 09:30 - 2017-10-28 09:30 - 000001576 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2017-10-28 09:28 - 2017-10-28 11:56 - 000000000 ____D C:\Users\Freddy\AppData\Local\Packages
2017-10-28 09:28 - 2017-10-28 09:28 - 000000000 ____D C:\Users\Lydia.Freddy_Laptop.000\AppData\Local\Packages
2017-10-28 09:27 - 2017-11-06 08:25 - 000000000 ____D C:\Users\Freddy
2017-10-28 09:27 - 2017-11-05 17:01 - 000000000 ____D C:\Users\Lydia.Freddy_Laptop.000
2017-10-28 09:27 - 2017-10-28 09:27 - 000000000 _SHDL C:\Users\Lydia.Freddy_Laptop.000\Vorlagen
2017-10-28 09:27 - 2017-10-28 09:27 - 000000000 _SHDL C:\Users\Lydia.Freddy_Laptop.000\Startmenü
2017-10-28 09:27 - 2017-10-28 09:27 - 000000000 _SHDL C:\Users\Lydia.Freddy_Laptop.000\Netzwerkumgebung
2017-10-28 09:27 - 2017-10-28 09:27 - 000000000 _SHDL C:\Users\Lydia.Freddy_Laptop.000\Lokale Einstellungen
2017-10-28 09:27 - 2017-10-28 09:27 - 000000000 _SHDL C:\Users\Lydia.Freddy_Laptop.000\Eigene Dateien
2017-10-28 09:27 - 2017-10-28 09:27 - 000000000 _SHDL C:\Users\Lydia.Freddy_Laptop.000\Druckumgebung
2017-10-28 09:27 - 2017-10-28 09:27 - 000000000 _SHDL C:\Users\Lydia.Freddy_Laptop.000\Documents\Eigene Videos
2017-10-28 09:27 - 2017-10-28 09:27 - 000000000 _SHDL C:\Users\Lydia.Freddy_Laptop.000\Documents\Eigene Musik
2017-10-28 09:27 - 2017-10-28 09:27 - 000000000 _SHDL C:\Users\Lydia.Freddy_Laptop.000\Documents\Eigene Bilder
2017-10-28 09:27 - 2017-10-28 09:27 - 000000000 _SHDL C:\Users\Lydia.Freddy_Laptop.000\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2017-10-28 09:27 - 2017-10-28 09:27 - 000000000 _SHDL C:\Users\Lydia.Freddy_Laptop.000\AppData\Local\Verlauf
2017-10-28 09:27 - 2017-10-28 09:27 - 000000000 _SHDL C:\Users\Lydia.Freddy_Laptop.000\AppData\Local\Anwendungsdaten
2017-10-28 09:27 - 2017-10-28 09:27 - 000000000 _SHDL C:\Users\Lydia.Freddy_Laptop.000\Anwendungsdaten
2017-10-28 09:27 - 2017-10-28 09:27 - 000000000 _SHDL C:\Users\Freddy\Vorlagen
2017-10-28 09:27 - 2017-10-28 09:27 - 000000000 _SHDL C:\Users\Freddy\Startmenü
2017-10-28 09:27 - 2017-10-28 09:27 - 000000000 _SHDL C:\Users\Freddy\Netzwerkumgebung
2017-10-28 09:27 - 2017-10-28 09:27 - 000000000 _SHDL C:\Users\Freddy\Lokale Einstellungen
2017-10-28 09:27 - 2017-10-28 09:27 - 000000000 _SHDL C:\Users\Freddy\Eigene Dateien
2017-10-28 09:27 - 2017-10-28 09:27 - 000000000 _SHDL C:\Users\Freddy\Druckumgebung
2017-10-28 09:27 - 2017-10-28 09:27 - 000000000 _SHDL C:\Users\Freddy\Documents\Eigene Videos
2017-10-28 09:27 - 2017-10-28 09:27 - 000000000 _SHDL C:\Users\Freddy\Documents\Eigene Musik
2017-10-28 09:27 - 2017-10-28 09:27 - 000000000 _SHDL C:\Users\Freddy\Documents\Eigene Bilder
2017-10-28 09:27 - 2017-10-28 09:27 - 000000000 _SHDL C:\Users\Freddy\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2017-10-28 09:27 - 2017-10-28 09:27 - 000000000 _SHDL C:\Users\Freddy\AppData\Local\Verlauf
2017-10-28 09:27 - 2017-10-28 09:27 - 000000000 _SHDL C:\Users\Freddy\AppData\Local\Anwendungsdaten
2017-10-28 09:27 - 2017-10-28 09:27 - 000000000 _SHDL C:\Users\Freddy\Anwendungsdaten
2017-10-28 09:27 - 2016-11-01 23:05 - 000103952 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.DLL
2017-10-28 09:27 - 2016-11-01 23:05 - 000099848 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.DLL
2017-10-28 09:26 - 2017-09-29 14:41 - 002241024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2017-10-28 09:24 - 2017-11-19 22:54 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2017-10-28 09:24 - 2017-11-19 21:02 - 000416528 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2017-10-28 08:58 - 2017-10-07 17:06 - 000176224 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avgntflt.sys
2017-10-28 08:58 - 2017-09-05 23:18 - 000167464 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avipbb.sys
2017-10-28 08:58 - 2017-06-20 09:41 - 000060920 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avdevprot.sys
2017-10-28 08:58 - 2017-06-20 09:41 - 000038048 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avusbflt.sys
2017-10-28 08:58 - 2017-03-31 06:37 - 000088488 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avnetflt.sys
2017-10-28 08:58 - 2017-03-31 06:37 - 000044488 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avkmgr.sys
2017-10-28 08:57 - 2017-10-28 10:21 - 000000000 ____D C:\WINDOWS\system32\config\bbimigrate
2017-10-28 08:53 - 2017-10-28 08:57 - 000000000 ____D C:\WINDOWS\ServiceProfiles
2017-10-28 08:49 - 2017-10-28 08:49 - 005906264 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll
2017-10-28 08:49 - 2017-10-28 08:49 - 003334144 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2017-10-28 08:49 - 2017-10-28 08:49 - 002869248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2017-10-28 08:49 - 2017-10-28 08:49 - 001856000 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2017-10-28 08:49 - 2017-10-28 08:49 - 001822208 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2017-10-28 08:49 - 2017-10-28 08:49 - 001664000 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2017-10-28 08:49 - 2017-10-28 08:49 - 001641536 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2017-10-28 08:49 - 2017-10-28 08:49 - 001587200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2017-10-28 08:49 - 2017-10-28 08:49 - 001559552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2017-10-28 08:49 - 2017-10-28 08:49 - 001554216 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2017-10-28 08:49 - 2017-10-28 08:49 - 001547264 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2017-10-28 08:49 - 2017-10-28 08:49 - 001470976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2017-10-28 08:49 - 2017-10-28 08:49 - 001463856 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2017-10-28 08:49 - 2017-10-28 08:49 - 001436432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2017-10-28 08:49 - 2017-10-28 08:49 - 001323840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2017-10-28 08:49 - 2017-10-28 08:49 - 001261864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll
2017-10-28 08:49 - 2017-10-28 08:49 - 001200024 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2017-10-28 08:49 - 2017-10-28 08:49 - 001053592 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2017-10-28 08:49 - 2017-10-28 08:49 - 000925184 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll
2017-10-28 08:49 - 2017-10-28 08:49 - 000778936 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2017-10-28 08:49 - 2017-10-28 08:49 - 000739696 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll
2017-10-28 08:49 - 2017-10-28 08:49 - 000726016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2017-10-28 08:49 - 2017-10-28 08:49 - 000677280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2017-10-28 08:49 - 2017-10-28 08:49 - 000665088 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmCoreProvisioning.dll
2017-10-28 08:49 - 2017-10-28 08:49 - 000649304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2017-10-28 08:49 - 2017-10-28 08:49 - 000640512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mswstr10.dll
2017-10-28 08:49 - 2017-10-28 08:49 - 000597160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll
2017-10-28 08:49 - 2017-10-28 08:49 - 000566272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TpmCoreProvisioning.dll
2017-10-28 08:49 - 2017-10-28 08:49 - 000542208 _____ (Microsoft Corporation) C:\WINDOWS\system32\FirewallAPI.dll
2017-10-28 08:49 - 2017-10-28 08:49 - 000529408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nwifi.sys
2017-10-28 08:49 - 2017-10-28 08:49 - 000478208 _____ (Microsoft Corporation) C:\WINDOWS\system32\NgcCtnr.dll
2017-10-28 08:49 - 2017-10-28 08:49 - 000464416 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcryptprimitives.dll
2017-10-28 08:49 - 2017-10-28 08:49 - 000461312 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansec.dll
2017-10-28 08:49 - 2017-10-28 08:49 - 000442880 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptngc.dll
2017-10-28 08:49 - 2017-10-28 08:49 - 000422912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys
2017-10-28 08:49 - 2017-10-28 08:49 - 000418712 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2017-10-28 08:49 - 2017-10-28 08:49 - 000374784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FirewallAPI.dll
2017-10-28 08:49 - 2017-10-28 08:49 - 000373656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2017-10-28 08:49 - 2017-10-28 08:49 - 000353688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2017-10-28 08:49 - 2017-10-28 08:49 - 000326144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cryptngc.dll
2017-10-28 08:49 - 2017-10-28 08:49 - 000285696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb10.sys
2017-10-28 08:49 - 2017-10-28 08:49 - 000246168 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2017-10-28 08:49 - 2017-10-28 08:49 - 000232344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2017-10-28 08:49 - 2017-10-28 08:49 - 000184984 _____ (Microsoft Corporation) C:\WINDOWS\system32\sspicli.dll
2017-10-28 08:49 - 2017-10-28 08:49 - 000177664 _____ (Microsoft Corporation) C:\WINDOWS\system32\t2embed.dll
2017-10-28 08:49 - 2017-10-28 08:49 - 000139672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecdd.sys
2017-10-28 08:49 - 2017-10-28 08:49 - 000136192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\t2embed.dll
2017-10-28 08:49 - 2017-10-28 08:49 - 000123520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sspicli.dll
2017-10-28 08:49 - 2017-10-28 08:49 - 000086016 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblAuthTokenBrokerExt.dll
2017-10-28 08:49 - 2017-10-28 08:49 - 000070656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XblAuthTokenBrokerExt.dll
2017-10-28 08:49 - 2017-10-28 08:49 - 000060824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\urscx01000.sys
2017-10-28 08:49 - 2017-10-28 08:49 - 000058880 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmTasks.dll
2017-10-28 08:49 - 2017-10-28 08:49 - 000057344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\UcmUcsi.sys
2017-10-28 08:49 - 2017-10-28 08:49 - 000034816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BasicRender.sys
2017-10-28 08:49 - 2017-10-28 08:49 - 000028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\sspisrv.dll
2017-10-28 08:49 - 2017-10-28 08:49 - 000008704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjint40.dll
2017-10-28 08:42 - 2017-10-28 10:21 - 000000000 ____D C:\Program Files (x86)\MSBuild
2017-10-28 08:42 - 2017-10-28 08:42 - 000000000 ____D C:\WINDOWS\SysWOW64\XPSViewer
2017-10-28 08:42 - 2017-10-28 08:42 - 000000000 ____D C:\Program Files\Reference Assemblies
2017-10-28 08:42 - 2017-10-28 08:42 - 000000000 ____D C:\Program Files\MSBuild
2017-10-28 08:42 - 2017-10-28 08:42 - 000000000 ____D C:\Program Files (x86)\Reference Assemblies
2017-10-28 08:41 - 2017-10-28 08:41 - 001166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
2017-10-28 08:41 - 2017-10-28 08:41 - 000778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll
2017-10-28 08:41 - 2017-10-28 08:41 - 000124624 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2017-10-28 08:41 - 2017-10-28 08:41 - 000103120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2017-10-28 08:41 - 2017-10-28 08:41 - 000035456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2017-10-28 08:41 - 2017-10-28 08:41 - 000035456 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2017-10-28 08:29 - 2017-10-28 08:29 - 000008192 _____ C:\WINDOWS\system32\config\userdiff
2017-10-28 07:46 - 2017-10-28 11:09 - 000000000 ___DC C:\WINDOWS\Panther
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2017-11-25 12:56 - 2017-09-26 19:54 - 000000000 ____D C:\FRST
2017-11-25 12:56 - 2017-09-26 08:13 - 000000000 ____D C:\Users\Freddy\Desktop\Trojan
2017-11-25 12:55 - 2017-09-29 14:46 - 000000000 ___HD C:\Program Files\WindowsApps
2017-11-25 12:55 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\AppReadiness
2017-11-25 12:54 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\DeliveryOptimization
2017-11-25 12:50 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2017-11-25 12:50 - 2017-06-05 09:32 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2017-11-25 12:50 - 2016-12-17 10:57 - 000000000 __SHD C:\Users\Freddy\IntelGraphicsProfiles
2017-11-19 21:06 - 2017-09-30 15:35 - 000934190 _____ C:\WINDOWS\system32\perfh007.dat
2017-11-19 21:06 - 2017-09-30 15:35 - 000198934 _____ C:\WINDOWS\system32\perfc007.dat
2017-11-19 21:05 - 2017-09-29 14:44 - 000000000 ____D C:\WINDOWS\INF
2017-11-19 21:02 - 2017-09-29 09:45 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2017-11-19 21:01 - 2017-09-29 14:46 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2017-11-19 21:01 - 2017-09-29 14:46 - 000000000 ___SD C:\WINDOWS\system32\F12
2017-11-19 21:01 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\TextInput
2017-11-19 21:01 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2017-11-19 21:01 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2017-11-19 21:01 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\system32\appraiser
2017-11-19 21:01 - 2017-09-29 09:45 - 000000000 ____D C:\WINDOWS\system32\Dism
2017-11-19 14:31 - 2017-09-29 14:37 - 000000000 ____D C:\WINDOWS\CbsTemp
2017-11-18 15:27 - 2017-01-02 15:07 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2017-11-18 15:16 - 2013-08-08 11:02 - 000000000 ____D C:\ProgramData\Package Cache
2017-11-18 09:16 - 2013-08-08 11:30 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2017-11-14 00:29 - 2017-02-25 09:02 - 000025400 _____ C:\Users\Freddy\Desktop\160115_to do Haus.xlsx
2017-11-12 11:17 - 2016-01-16 19:15 - 000000000 ___RD C:\Users\Freddy\iCloudDrive
2017-11-11 15:05 - 2016-12-17 01:49 - 000000000 ____D C:\WINDOWS\SysWOW64\sda
2017-11-05 18:03 - 2016-12-17 10:07 - 000000000 ____D C:\Users\Freddy\AppData\Local\ElevatedDiagnostics
2017-11-05 16:40 - 2014-02-28 20:34 - 000000000 ____D C:\Users\Freddy\AppData\Roaming\Sony Corporation
2017-11-05 16:33 - 2016-01-16 19:15 - 000000000 ____D C:\Users\Freddy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\iCloud
2017-11-04 08:09 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\appcompat
2017-11-04 02:25 - 2017-09-29 14:49 - 000835568 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2017-11-04 02:25 - 2017-09-29 14:49 - 000177648 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2017-11-03 07:46 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\rescache
2017-11-03 06:33 - 2016-12-17 10:49 - 000002433 _____ C:\Users\Freddy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2017-11-03 06:33 - 2016-12-17 10:49 - 000000000 ___RD C:\Users\Freddy\OneDrive
2017-10-28 11:09 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\Registration
2017-10-28 11:09 - 2016-12-17 10:47 - 000000000 ____D C:\Users\Freddy\AppData\Local\TileDataLayer
2017-10-28 11:09 - 2014-02-28 20:27 - 000000000 __RHD C:\Users\Public\AccountPictures
2017-10-28 10:23 - 2017-09-29 14:46 - 000028672 _____ C:\WINDOWS\system32\config\BCD-Template
2017-10-28 10:21 - 2017-09-30 15:34 - 000000000 ____D C:\WINDOWS\SysWOW64\sysprep
2017-10-28 10:21 - 2017-09-29 14:49 - 000000000 ____D C:\WINDOWS\Setup
2017-10-28 10:21 - 2017-09-29 14:46 - 000000000 ___SD C:\WINDOWS\Downloaded Program Files
2017-10-28 10:21 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\SysWOW64\GroupPolicy
2017-10-28 10:21 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\system32\WinBioDatabase
2017-10-28 10:21 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\system32\spool
2017-10-28 10:21 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\system32\oobe
2017-10-28 10:21 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\system32\NDF
2017-10-28 10:21 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\system32\InputMethod
2017-10-28 10:21 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\Resources
2017-10-28 10:21 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\InputMethod
2017-10-28 10:21 - 2017-09-29 14:46 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2017-10-28 10:21 - 2017-09-29 14:46 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2017-10-28 10:21 - 2017-08-27 09:25 - 000000000 __RHD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VAIO Care
2017-10-28 10:21 - 2017-06-29 20:49 - 000000000 ____D C:\WINDOWS\SysWOW64\SSL
2017-10-28 10:21 - 2017-06-05 09:32 - 000000000 ____D C:\Program Files\Intel
2017-10-28 10:21 - 2017-06-01 05:46 - 000000000 ____D C:\Program Files\UNP
2017-10-28 10:21 - 2017-03-27 06:25 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WISO steuer Sparbuch 2017
2017-10-28 10:21 - 2017-03-18 22:03 - 000000000 ____D C:\WINDOWS\system32\Tasks_Migrated
2017-10-28 10:21 - 2017-02-03 20:47 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Icecream PDF Split and Merge
2017-10-28 10:21 - 2017-01-15 19:37 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2017-10-28 10:21 - 2017-01-03 10:20 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF24
2017-10-28 10:21 - 2016-12-27 12:45 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SharePoint
2017-10-28 10:21 - 2016-12-27 12:45 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2017-10-28 10:21 - 2016-12-27 12:40 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2017-10-28 10:21 - 2016-12-26 16:48 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Epson Software
2017-10-28 10:21 - 2016-12-16 23:54 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2017-10-28 10:21 - 2014-03-01 05:03 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Main
2017-10-28 10:21 - 2014-03-01 02:09 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2017-10-28 10:21 - 2014-02-28 20:34 - 000000000 ____D C:\WINDOWS\SysWOW64\VAIO Startup Setting Tool
2017-10-28 10:21 - 2013-11-14 08:13 - 000000000 ____D C:\WINDOWS\ShellNew
2017-10-28 10:21 - 2013-08-22 16:36 - 000000000 ___HD C:\WINDOWS\system32\GroupPolicy
2017-10-28 10:21 - 2013-08-22 16:36 - 000000000 ____D C:\WINDOWS\system32\WindowsInternal.Inbox.Shared
2017-10-28 10:21 - 2013-08-22 16:36 - 000000000 ____D C:\WINDOWS\system32\WindowsInternal.Inbox.Media.Shared
2017-10-28 10:21 - 2013-08-08 11:39 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2017-10-28 10:21 - 2013-08-08 11:31 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel AppUp(R) center
2017-10-28 10:21 - 2013-08-08 11:18 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PlayMemories Home
2017-10-28 10:21 - 2013-08-08 11:11 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NXPProximityInstaller
2017-10-28 10:21 - 2013-08-08 11:07 - 000000000 ___HD C:\WINDOWS\system32\WLANProfiles
2017-10-28 09:43 - 2017-09-29 14:46 - 000000000 ____D C:\ProgramData\USOPrivate
2017-10-28 09:37 - 2017-09-29 14:46 - 000000000 ____D C:\Program Files\windows nt
2017-10-28 09:37 - 2017-06-29 20:52 - 000000306 __RSH C:\ProgramData\ntuser.pol
2017-10-28 09:35 - 2014-03-01 15:36 - 000023056 _____ C:\WINDOWS\system32\emptyregdb.dat
2017-10-28 09:32 - 2017-09-05 21:57 - 000000000 ____D C:\Users\Freddy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\com.husqvarna
2017-10-28 09:32 - 2016-12-27 12:40 - 000000000 ____D C:\Users\Freddy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2017-10-28 09:32 - 2016-12-26 20:39 - 000000000 ____D C:\Users\Freddy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\IrfanView
2017-10-28 09:32 - 2016-12-20 20:26 - 000000000 ____D C:\Users\Freddy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Kodi
2017-10-28 09:30 - 2017-09-29 14:46 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2017-10-28 09:27 - 2017-09-29 09:45 - 000000000 ____D C:\WINDOWS\system32\Sysprep
2017-10-28 09:27 - 2017-06-05 09:32 - 000000200 _____ C:\WINDOWS\system32\{EC94D02F-D200-4428-9531-05AF7F9799CB}.bat
2017-10-28 09:27 - 2017-06-05 09:31 - 000000000 ____D C:\WINDOWS\SysWOW64\RTCOM
2017-10-28 09:27 - 2013-08-08 10:57 - 000000000 ____D C:\Intel
2017-10-28 09:06 - 2017-09-29 14:46 - 000000000 __RHD C:\Users\Public\Libraries
2017-10-28 09:05 - 2017-09-29 09:45 - 000008192 _____ C:\WINDOWS\system32\config\ELAM
2017-10-28 08:58 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\SysWOW64\IME
2017-10-28 08:58 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\system32\IME
2017-10-28 08:57 - 2017-06-05 09:32 - 000000000 ____D C:\Program Files\Synaptics
2017-10-28 08:57 - 2017-06-05 09:31 - 000000000 ____D C:\Program Files\Realtek
2017-10-28 08:57 - 2016-12-26 16:52 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\zu-ZA
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\yo-NG
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\xh-ZA
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\wo-SN
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\vi-VN
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\uz-Latn-UZ
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\ur-PK
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\ug-CN
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\tt-RU
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\tn-ZA
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\tk-TM
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\ti-ET
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\tg-Cyrl-TJ
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\te-IN
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\ta-IN
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\sw-KE
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\sr-Cyrl-RS
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\sr-Cyrl-BA
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\sq-AL
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\si-LK
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\sd-Arab-PK
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\rw-RW
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\quz-PE
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\quc-Latn-GT
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\prs-AF
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\pa-IN
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\pa-Arab-PK
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\or-IN
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\nso-ZA
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\nn-NO
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\ne-NP
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\mt-MT
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\mr-IN
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\mn-MN
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\ml-IN
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\mk-MK
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\mi-NZ
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\lo-LA
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\lb-LU
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\ky-KG
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\ku-Arab-IQ
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\kok-IN
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\kn-IN
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\km-KH
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\kk-KZ
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\ka-GE
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\is-IS
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\ig-NG
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\id-ID
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\hy-AM
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\ha-Latn-NG
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\gu-IN
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\gd-GB
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\ga-IE
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\fil-PH
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\fa-IR
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\cy-GB
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\chr-CHER-US
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\ca-ES-valencia
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\bs-Latn-BA
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\bn-IN
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\bn-BD
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\be-BY
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\az-Latn-AZ
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\as-IN
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\am-ET
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\af-ZA
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\zu-ZA
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\yo-NG
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\xh-ZA
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\wo-SN
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\vi-VN
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\uz-Latn-UZ
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\ur-PK
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\ug-CN
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\tt-RU
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\tn-ZA
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\tk-TM
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\ti-ET
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\tg-Cyrl-TJ
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\te-IN
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\ta-IN
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\sw-KE
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\sr-Cyrl-RS
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\sr-Cyrl-BA
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\sq-AL
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\si-LK
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\sd-Arab-PK
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\rw-RW
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\quz-PE
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\quc-Latn-GT
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\prs-AF
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\pa-IN
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\pa-Arab-PK
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\or-IN
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\nso-ZA
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\nn-NO
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\ne-NP
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\mt-MT
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\mr-IN
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\mn-MN
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\ml-IN
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\mk-MK
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\mi-NZ
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\lo-LA
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\lb-LU
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\ky-KG
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\ku-Arab-IQ
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\kok-IN
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\kn-IN
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\km-KH
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\kk-KZ
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\ka-GE
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\is-IS
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\ig-NG
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\id-ID
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\hy-AM
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\ha-Latn-NG
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\gu-IN
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\gd-GB
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\ga-IE
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\fil-PH
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\fa-IR
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\cy-GB
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\chr-CHER-US
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\ca-ES-valencia
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\bs-Latn-BA
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\bn-IN
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\bn-BD
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\be-BY
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\az-Latn-AZ
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\as-IN
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\am-ET
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\af-ZA
2017-10-28 08:42 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\SysWOW64\MUI
2017-10-28 08:42 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\system32\MUI
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2017-11-11 15:31 - 2017-11-19 14:59 - 000000600 _____ () C:\Users\Freddy\AppData\Local\PUTTY.RND
2014-03-01 01:57 - 2016-12-17 02:49 - 000007598 _____ () C:\Users\Freddy\AppData\Local\resmon.resmoncfg
==================== Bamital & volsnap ======================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2017-11-11 15:11
==================== Ende von FRST.txt ============================
Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 24-11-2017 01
durchgeführt von Freddy (25-11-2017 12:57:30)
Gestartet von C:\Users\Freddy\Desktop\Trojan
Windows 10 Home Version 1709 16299.64 (X64) (2017-10-28 08:37:27)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-3483465479-2191358556-2575146349-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3483465479-2191358556-2575146349-503 - Limited - Disabled)
Freddy (S-1-5-21-3483465479-2191358556-2575146349-1001 - Administrator - Enabled) => C:\Users\Freddy
Gast (S-1-5-21-3483465479-2191358556-2575146349-501 - Limited - Disabled)
Lydia (S-1-5-21-3483465479-2191358556-2575146349-1006 - Limited - Enabled) => C:\Users\Lydia.Freddy_Laptop.000
WDAGUtilityAccount (S-1-5-21-3483465479-2191358556-2575146349-504 - Limited - Disabled)
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Avira Antivirus (Enabled - Up to date) {B3F630BD-538D-1B4A-14FA-14B63235278F}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avira Antivirus (Enabled - Up to date) {0897D159-75B7-14C4-2E4A-2FC449B26D32}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
Adobe Reader XI MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AB0000000001}) (Version: 11.0.00 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.23) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.23 - Adobe Systems Incorporated)
Apple Application Support (32-Bit) (HKLM-x32\...\{D811A40A-9791-497C-B9DC-2D89C8E95EA1}) (Version: 6.1 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{8B47B514-F5D2-4E0D-B951-6E250618A7CD}) (Version: 6.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{31A0B634-BCF4-4D3F-8336-87FEACFEE142}) (Version: 11.0.1.2 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{C1BBFD2A-BCDD-45B3-8C0B-66BD434970A8}) (Version: 2.4.8.1 - Apple Inc.)
Avira (HKLM-x32\...\{37C2DE81-46FA-4EB3-83A5-F0D8F5B08F6E}) (Version: 1.2.99.31392 - Avira Operations GmbH & Co. KG) Hidden
Avira (HKLM-x32\...\{5a024a65-9f29-41b1-b178-946c9f826e72}) (Version: 1.2.99.31392 - Avira Operations GmbH & Co. KG)
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.33.24 - Avira Operations GmbH & Co. KG)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
compasX 27.1 (HKLM-x32\...\{9FBE7270-D55B-4D0D-BB04-4BAFEA03ECFA}) (Version: 27.1 - Telenot)
Easy Photo Scan (HKLM-x32\...\{BB6241FF-8B76-45A5-95B9-888EDE8E47DC}) (Version: 1.00.0010 - Seiko Epson Corporation)
Einstellungen für VAIO Media Server (HKLM\...\{62A172B2-550E-499D-9A82-5190D18390AA}) (Version: 1.1.0.02220 - Sony Corporation)
Epson Easy Photo Print 2 (HKLM-x32\...\{F05A434E-D3CF-4B44-9D3E-779D42090781}) (Version: 2.8.0.0 - Seiko Epson Corporation)
Epson Event Manager (HKLM-x32\...\{9F205E94-9E42-4486-A92A-DF3F6CB85444}) (Version: 3.10.0061 - Seiko Epson Corporation)
Epson E-Web Print (HKLM-x32\...\{6BF9F374-EC67-4808-A90C-F127DE6D989D}) (Version: 1.23.0000 - SEIKO EPSON CORPORATION)
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version: - Seiko Epson Corporation)
Epson Software Updater (HKLM-x32\...\{7BAC3F7A-B963-468E-982E-B5608A87408D}) (Version: 4.4.4 - SEIKO EPSON CORPORATION)
EPSON XP-520 Series Printer Uninstall (HKLM\...\EPSON XP-520 Series) (Version: - SEIKO EPSON Corporation)
ESDL (HKLM-x32\...\{9A2CA016-1C4C-4D44-BF70-C2C8639C34A4}) (Version: 1.0.0 - Sony Corporation) Hidden
Etcher 1.1.2 (only current user) (HKU\S-1-5-21-3483465479-2191358556-2575146349-1001\...\573339af-d9e1-5dd3-804c-e0162fac1f41) (Version: 1.1.2 - Resin Inc.)
FDUx86 (HKLM-x32\...\{3490653F-2789-46A1-B1BF-6BD4CF4131AB}) (Version: 1.0.0 - Sony Corporation) Hidden
iCloud (HKLM\...\{FF99A618-BCA5-4658-B9FF-CCF57C177610}) (Version: 7.1.0.34 - Apple Inc.)
Intel AppUp(R) center (HKLM-x32\...\Intel AppUp(R) center 41800) (Version: 3.8.0.41800.66 - Intel)
Intel Collaborative Processor Performance Control (HKLM-x32\...\0E7DAF70-FB54-4B91-B192-7E771C25AEEB) (Version: 1.0.0.1015 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.0.1428 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4531 - Intel Corporation)
Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology(patch version 3.0.1335.5) (HKLM\...\{302600C1-6BDF-4FD1-1307-148929CC1385}) (Version: 3.1.1307.0362 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.0.1016 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 3.0.0.63463 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{aa2c2346-d0c0-4d3e-9ab1-11a48b4cb9f3}) (Version: 19.20.3 - Intel Corporation)
IrfanView 4.44 (64-bit) (HKLM\...\IrfanView64) (Version: 4.44 - Irfan Skiljan)
iTunes (HKLM\...\{24607015-8D34-4AF3-9092-AC83847AE073}) (Version: 12.7.1.14 - Apple Inc.)
Java 8 Update 131 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180131F0}) (Version: 8.0.1310.11 - Oracle Corporation)
Kodi (HKU\S-1-5-21-3483465479-2191358556-2575146349-1001\...\Kodi) (Version: - XBMC-Foundation)
MergeModule_x64 (HKLM\...\{20E0665F-E4EE-4E2A-8E86-EFC65129FE41}) (Version: 8.0.00 - Sony Corporation) Hidden
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4454.1510 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3483465479-2191358556-2575146349-1001\...\OneDriveSetup.exe) (Version: 17.3.7076.1026 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{402ED4A1-8F5B-387A-8688-997ABF58B8F2}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24212 (HKLM-x32\...\{462f63a8-6347-4894-a1b3-dbfe3a4c981d}) (Version: 14.0.24212.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
NFC Connection Utility (HKLM\...\{F3FC1B12-45AA-4ACE-AD9F-DFD87BE9457E}) (Version: 1.0.0.14100 - Sony Corporation)
NXPProximityInstaller (HKLM-x32\...\NXPProximityInstaller) (Version: 6.3.1.0 - NXP Semiconductors)
PlayMemories Home (HKLM-x32\...\{4C93E894-BE17-463B-A789-4CAB706987A0}) (Version: 8.0.21.11211 - Sony Corporation)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9600.28145 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6895 - Realtek Semiconductor Corp.)
Remote Keyboard (HKLM-x32\...\{6466EF6E-700E-470F-94CB-D0050302C84E}) (Version: 1.2.0.09270 - Sony Corporation) Hidden
Restore (HKLM-x32\...\{ECCEB4D0-7080-4F8A-B498-E40A32A4FBED}) (Version: 1.0.0 - Sony Corporation) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
Skype™ 7.3 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.3.101 - Skype Technologies S.A.)
SOHLib for PlayMemories Home (HKLM\...\{CBA577D0-C972-4A26-B948-A315DF3ECE0E}) (Version: 1.0.1.11110 - Sony Corporation) Hidden
SSLx64 (HKLM\...\{312395BC-7CC2-434C-A660-30250276A926}) (Version: 1.0.0 - Sony Corporation ) Hidden
SSLx86 (HKLM-x32\...\{63C43435-F428-42BA-8E7B-5848749D9262}) (Version: 1.0.0 - Sony Corporation ) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.0.15.2 - Synaptics Incorporated)
VAIO - Remote-Tastatur (HKLM-x32\...\{7396FB15-9AB4-4B78-BDD8-24A9C15D2C65}) (Version: 1.2.0.09270 - Sony Corporation)
VAIO - Remote-Tastatur mit PlayStation®3 (HKLM-x32\...\{E682702C-609C-4017-99E7-3129C163955F}) (Version: 1.2.1.05220 - Sony Corporation)
VAIO - Xperia Link (HKLM-x32\...\{D91558BF-D1F3-411F-AEFE-8774CB406512}) (Version: 1.4.0.15030 - Sony Corporation)
VAIO BIOS Data Transfer Utility (HKLM-x32\...\{5D772F4A-53DE-4E1F-83F5-B08DFF106C60}) (Version: 1.0.0.02050 - Sony Corporation) Hidden
VAIO Care (HKLM\...\{9C4E9490-3862-4EE0-90E6-C2457B67CD5F}) (Version: 8.4.6.05116 - Sony Corporation)
VAIO Care Recovery (HKLM\...\{15B9204E-BA09-485E-8F2C-094AC0077664}) (Version: 1.1.2.13230 - Sony Corporation)
VAIO Care-Hardwarediagnose-Plugin (HKLM-x32\...\{EC153498-00E1-4C9C-89BE-81527C6750BE}) (Version: 4.8.0.13250 - Sony Corporation)
VAIO Control Center (HKLM-x32\...\{8E797841-A110-41FD-B17A-3ABC0641187A}) (Version: 6.2.12.13060 - Sony Corporation)
VAIO Data Restore Tool (HKLM-x32\...\{57B955CE-B5D3-495D-AF1B-FAEE0540BFEF}) (Version: 1.11.0.13250 - Sony Corporation)
VAIO Easy Connect (HKLM-x32\...\{7C80D30A-AC02-4E3F-B95D-29F0E4FF937B}) (Version: 8.4.4.07220 - Sony Corporation) Hidden
VAIO Gesture Control (HKLM-x32\...\{692955F2-DE9F-4078-8FAA-858D6F3A1776}) (Version: 2.2.0.01230 - Sony Corporation)
VAIO Gesture Control (HKLM-x32\...\{9CE67959-AF22-4D93-8D49-CB73F015628E}) (Version: 2.2.0.01230 - Sony Corporation) Hidden
VAIO Image Optimizer (HKLM-x32\...\{5597C927-029A-46A7-A0C0-8DABD9891A50}) (Version: 3.1.00.14260 - Sony Corporation) Hidden
VAIO Image Optimizer (HKLM-x32\...\InstallShield_{5597C927-029A-46A7-A0C0-8DABD9891A50}) (Version: 3.3.00.10220 - Sony Corporation)
VAIO Improvement (HKLM-x32\...\{3A26D9BD-0F73-432D-B522-2BA18138F7EF}) (Version: 2.2.0.01240 - Sony Corporation)
VAIO Movie Creator (HKLM-x32\...\{C2CC5822-32E6-4D21-88EA-DE8CED09EE2F}) (Version: 4.1.01.15140 - Sony Corporation) Hidden
VAIO Movie Creator (HKLM-x32\...\InstallShield_{C2CC5822-32E6-4D21-88EA-DE8CED09EE2F}) (Version: 4.3.01.11140 - Sony Corporation)
VAIO Sample Music (HKLM-x32\...\{FBEE3D44-0933-4B84-BB6A-49957F89187F}) (Version: 1.0.0.03051 - Sony Corporation)
VAIO Update (HKLM-x32\...\{9FF95DA2-7DA1-4228-93B7-DED7EC02B6B2}) (Version: 7.2.0.16270 - Sony Corporation)
VAIO*CPU-Lüfterdiagnose (HKLM-x32\...\{BCE6E3D7-B565-4E1B-AC77-F780666A35FB}) (Version: 1.2.0.03050 - Sony Corporation)
VAIO-Support für Übertragungen (HKLM-x32\...\{5DDAFB4B-C52E-468A-9E23-3B0CEEB671BF}) (Version: 1.9.0.11060 - Sony Corporation)
VCCMMX64 (HKLM\...\{606DF716-F28D-4449-B0B1-3AB6081F51AF}) (Version: 1.0.0 - Sony Corporation) Hidden
VCCMMx64 (HKLM\...\{B812401D-BAB2-4E33-9AC7-9862BC8CAF64}) (Version: 1.0.0 - Sony Corporation) Hidden
VCCMMX86 (HKLM-x32\...\{BC3FFCF0-3DB7-47D2-BF15-1979AB59D12B}) (Version: 1.0.0 - Sony Corporation) Hidden
VCCMMx86 (HKLM-x32\...\{CC87BAAD-AA25-4727-9B7C-E0876722B784}) (Version: 1.0.0 - Sony Corporation) Hidden
VCCx64 (HKLM\...\{25ECAFCB-DCFB-4FCE-A5B2-772A57F59860}) (Version: 1.0.0 - Sony Corporation) Hidden
VCCx64 (HKLM\...\{AB447E3B-7A95-4CA6-8ECD-B25C96314B67}) (Version: 1.0.0 - Sony Corporation) Hidden
VCCx86 (HKLM-x32\...\{AFDC0CC0-39E8-42C0-9823-2C1C182676DC}) (Version: 1.0.0 - Sony Corporation) Hidden
VCCx86 (HKLM-x32\...\{B31938C7-7E97-49EE-8F88-951E156268A3}) (Version: 1.0.0 - Sony Corporation) Hidden
VHD (HKLM-x32\...\{9D8112DB-3490-4BF1-AAFA-1D224FFB5D3C}) (Version: 1.0.0 - Sony Corporation) Hidden
Virtual COM Port Driver (HKLM-x32\...\{9853299F-7AD8-4560-9896-60650BD8ACBF}) (Version: 1.3.1 - STMicroelectronics) Hidden
Virtual COM Port Driver (HKLM-x32\...\InstallShield_{9853299F-7AD8-4560-9896-60650BD8ACBF}) (Version: 1.3.1 - STMicroelectronics)
VIx64 (HKLM\...\{D55EAC07-7207-44BD-B524-0F063F327743}) (Version: 1.0.0 - Sony Corporation) Hidden
VIx86 (HKLM-x32\...\{D17C2A58-E0EA-4DD7-A2D6-C448FD25B6F6}) (Version: 1.0.0 - Sony Corporation) Hidden
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.6 - VideoLAN)
VPMx64 (HKLM\...\{DBEAA361-F8A4-4298-B41C-9E9DCB9AAB84}) (Version: 1.0.0 - Sony Corporation ) Hidden
VSSTx64 (HKLM\...\{4F31AC31-0A28-4F5A-8416-513972DA1F79}) (Version: 1.0.0 - Sony Corporation ) Hidden
VSSTx86 (HKLM-x32\...\{B24BB74E-8359-43AA-985A-8E80C9219C70}) (Version: 1.0.0 - Sony Corporation) Hidden
VUx64 (HKLM\...\{A0A2BE14-D3FF-41C8-9545-4B130E3FE9A4}) (Version: 1.2.0 - Sony Corporation) Hidden
VUx86 (HKLM-x32\...\{D04F1D22-4A47-42C6-A2B9-094A7B844D9B}) (Version: 1.2.0 - Sony Corporation) Hidden
VWSTx86 (HKLM-x32\...\{B8991D99-88FD-41F2-8C32-DB70278D5C30}) (Version: 1.0.0 - Sony Corporation) Hidden
WinRAR 5.40 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.40.0 - win.rar GmbH)
WISO steuer:Sparbuch 2017 (HKLM-x32\...\{F8264AEF-35B2-466B-B1E5-14EE6064B079}) (Version: 24.03.1518 - Buhl Data Service GmbH)
XperiaLinkx86 (HKLM-x32\...\{EE402ACB-8269-4E44-9CA1-D81FDC4B4545}) (Version: 1.0.0 - Sony Corporation) Hidden
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
CustomCLSID: HKU\S-1-5-21-3483465479-2191358556-2575146349-1001_Classes\CLSID\{9E506282-69D3-5ABA-9C1D-15994B37F4AC}\InprocServer32 -> C:\Program Files (x86)\Intel\IntelAppStore\bin\npAppUp_x64.dll (Intel)
CustomCLSID: HKU\S-1-5-21-3483465479-2191358556-2575146349-1001_Classes\CLSID\{9E506282-69D3-5ABA-9C1D-15994B37F4AD}\InprocServer32 -> C:\Program Files (x86)\Intel\IntelAppStore\bin\npAppUp_x64.dll (Intel)
ContextMenuHandlers1: [IcecreamShellExtension] -> {A8B59160-93EA-4303-9192-AA3C64FDBE31} => C:\Program Files (x86)\Icecream PDF Split and Merge\x64\IcecreamShell64.dll [2016-12-29] (TODO: <Company name>)
ContextMenuHandlers1: [PhotoStreamsExt] -> {89D984B3-813B-406A-8298-118AFA3A22AE} => C:\Program Files\Common Files\Apple\Internet Services\ShellStreams64.dll [2017-10-19] (Apple Inc.)
ContextMenuHandlers1: [Shell Extension for Malware scanning] -> {45AC2688-0253-4ED8-97DE-B5370FA7D48A} => C:\Program Files (x86)\Avira\Antivirus\shlext64.dll [2017-11-18] (Avira Operations GmbH & Co. KG)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-08-14] (Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-08-14] (Alexander Roshal)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> Keine Datei
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2016-11-01] (Intel Corporation)
ContextMenuHandlers6: [Shell Extension for Malware scanning] -> {45AC2688-0253-4ED8-97DE-B5370FA7D48A} => C:\Program Files (x86)\Avira\Antivirus\shlext64.dll [2017-11-18] (Avira Operations GmbH & Co. KG)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-08-14] (Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-08-14] (Alexander Roshal)
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {032D406B-9A10-4558-A247-B196C13E4838} - System32\Tasks\AutoKMS => C:\WINDOWS\AutoKMS.exe
Task: {07A37E19-5965-40B6-AC9B-62866531F867} - System32\Tasks\Sony Corporation\VAIO Control Center\NetworkSetting\NetworkSetting Logon Start => C:\Program Files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkClient
Task: {088082DF-6E31-4DC5-B65C-FB3C2FA65EFE} - System32\Tasks\Sony Corporation\VAIO Care\VKSvcDaily => C:\Program Files\Sony\VAIO Care\VAIOTM\VKSvc.exe [2017-04-19] (Sony Corporation)
Task: {09172E18-AD72-436A-9B3A-9C3AE10D2616} - System32\Tasks\Sony Corporation\VAIO Care\VCRLog => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2017-05-15] (Sony Corporation)
Task: {0A0E6B7C-C784-4CD0-910A-728797BC8493} - System32\Tasks\Sony Corporation\Sony Home Network Library\SOHLib SOHDms => C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe [2013-11-07] (Sony Corporation)
Task: {0A7DB203-FA16-43E0-A3B4-0225E5E712AE} - System32\Tasks\Sony Corporation\VAIO Care\VTSvc => C:\Program Files\Sony\VAIO Care\VAIOTM\VTSvc.exe [2017-04-19] (Sony Corporation)
Task: {0E737322-05C2-4FB7-B878-72E87A77B182} - System32\Tasks\Sony Corporation\VAIO Care\UpdateSolution => C:\Program Files\Sony\VAIO Care\Solution.Updater.exe [2017-05-15] (Sony Corporation)
Task: {156DDDFB-900D-406F-A6A8-8D40CB749DD1} - System32\Tasks\Avira_Antivirus_Systray => C:\Program Files (x86)\Avira\Antivirus\avgnt.exe [2017-11-18] (Avira Operations GmbH & Co. KG)
Task: {1733A098-3F38-45F4-88E5-E3FD2925908E} - System32\Tasks\Sony Corporation\NFC Connection Utility\NFC Logon Start => C:\Program Files\Sony\NFC Connection Utility\NFCConnectionUtility.exe [2014-02-11] (Sony Corporation)
Task: {235AAD07-75C3-4C73-82E0-081FA04B0F3B} - System32\Tasks\Sony Corporation\VAIO Care\UploadPOT => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2017-05-15] (Sony Corporation)
Task: {2D1BBC51-0CE6-4F2D-85FE-776407E58838} - System32\Tasks\Sony Corporation\VAIO Care\CheckSystemInfo => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2017-05-15] (Sony Corporation)
Task: {2F18DDEE-9C8E-4F7E-B68C-97E55EDC0DA8} - System32\Tasks\Clientlizenzdienst(ClipSVC)Mobile => C:\Program Files (x86)\nodejs\node.exe [2017-05-02] (Node.js)
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\WINDOWS\System32\AutoWorkplace.exe
Task: {3B35DA12-DE65-4903-9601-A045C74AADF4} - System32\Tasks\Sony Corporation\VAIO Improvement\VAIOImprovementUploader => C:\Program Files\Sony\VAIO Improvement\viuploader.exe [2013-01-24] (Sony Corporation)
Task: {4D63B5A4-1940-494C-9E9E-C3B8683D1E62} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-09-27] (Adobe Systems Incorporated)
Task: {5449D0AD-1BD9-43A5-BB7F-3C26BCE131C8} - System32\Tasks\AutoKMSDaily => C:\WINDOWS\AutoKMS.exe
Task: {6D44DF52-296A-4290-80F8-F29478BF965F} - System32\Tasks\Avira SystrayStartTrigger => Avira.SystrayStartTrigger.exe
Task: {731820B3-78E1-4E12-B41F-6FABF2596874} - System32\Tasks\Sony Corporation\Sony Home Network Library\SOHLib TaskTray => C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SHTtray.exe [2013-09-12] (Sony Corporation)
Task: {75BFA5A2-9106-4B43-BCA6-6F03DA54C2A8} - System32\Tasks\Sony Corporation\VAIO Control Center\VAIOControlCenterSystem => C:\Program Files (x86)\Sony\VAIO Control Center\vim.exe [2014-11-17] (Sony Corporation)
Task: {7982693B-13B2-4382-810A-311F970E1580} - System32\Tasks\Sony Corporation\Xperia Link\Xperia Link Logon Start => C:\Program Files (x86)\Sony\Xperia Link\Xperia Link.exe [2016-03-04] (Sony Corporation)
Task: {7EFBE56F-B0BE-492D-A745-4AB238FE69CF} - System32\Tasks\CoolKiller => C:\WINDOWS\system32\rundll32.exe "C:\Program Files\CoolKiller\CoolKiller.dll",mUjnBIANGCsu <==== ACHTUNG
Task: {92C0956C-5CA6-4BEE-9BBB-6E8475A0743E} - System32\Tasks\Sony Corporation\VAIO Care\VKSvcWeekly => C:\Program Files\Sony\VAIO Care\VAIOTM\VKSvc.exe [2017-04-19] (Sony Corporation)
Task: {92D374A6-7389-4DA4-AD28-B00928A40C43} - System32\Tasks\Sony Corporation\VAIO Care\DeployCRMflag => C:\Program Files\Sony\VAIO Care\DeployCRMflag.exe [2017-05-15] (Sony Corporation)
Task: {9351756D-0F98-4F14-A0A1-2ACED083F81F} - System32\Tasks\Sony Corporation\VAIO Update\VAIO Update => C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe [2016-04-25] (Sony Corporation)
Task: {95EB3228-D684-43A0-A145-D6C71C6E46DE} - \OfficeSoftwareProtectionPlatform\SvcRestartTask -> Keine Datei <==== ACHTUNG
Task: {9A0E0C05-29E0-4943-826D-C714DF31C624} - System32\Tasks\Sony Corporation\VAIO Care\ActiveStatusCollect => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2017-05-15] (Sony Corporation)
Task: {9A7AB5FA-8B68-4455-A598-C625E617BBB8} - System32\Tasks\Sony Corporation\VAIO Care\VCOneClick => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2017-05-15] (Sony Corporation)
Task: {9A7F6397-8E10-4344-9ABA-4DA72F9E1BB4} - System32\Tasks\updater => C:\Program Files (x86)\devnull\NetAdapterUpdate\updater.exe
Task: {9C11A6D9-6FF0-467B-98BF-05F6D81DFFBD} - System32\Tasks\Sony Corporation\VAIO Care\GetPOTInfo => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2017-05-15] (Sony Corporation)
Task: {9D38DE1F-95D3-4DFF-A6B1-7D9913C5B371} - System32\Tasks\Sony Corporation\VAIO Care\VCCheckIolo => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2017-05-15] (Sony Corporation)
Task: {A0F06AC5-F898-4D38-BF28-709FE6197DB4} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2017-07-24] (Apple Inc.)
Task: {A969B346-A1E8-491B-B3E3-19109A1F636B} - System32\Tasks\Sony Corporation\VAIO Gesture Control\VCGULogonTask => C:\Program Files (x86)\Sony\VAIO Camera Gesture Utility\VCGU.exe [2013-01-23] (Sony Corporation)
Task: {AB4433F9-DAD7-4AAD-89B2-C64F3342633C} - System32\Tasks\Sony Corporation\VAIO Hardware Diagnostics\VHDInformationCheck => C:\Program Files (x86)\Sony\VAIO Recovery\plugins\InformationCheck.exe [2013-01-25] (Sony Corporation)
Task: {B4B41936-ACE9-433F-BA0D-4B2E9FFC5805} - System32\Tasks\Sony Corporation\VAIO Control Center\VAIO Capture\VAIO Clip => C:\Program Files (x86)\Sony\VAIO Control Center\VAIO Clip.exe [2013-12-09] (Sony Corporation)
Task: {B5F2A251-DA62-47FD-AA8A-CA1DE2E41B91} - System32\Tasks\aecbf87f4a6326ddc9ea0d5bd736b005 => sc start aecbf87f4a6326ddc9ea0d5bd736b005 <==== ACHTUNG
Task: {B65149E4-C865-4E82-9069-566B492615AE} - System32\Tasks\EPSON XP-520 Series Update {AA49A6FF-529B-4F6B-95BC-379A9FC14BB3} => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSNPE.EXE [2013-11-22] (SEIKO EPSON CORPORATION)
Task: {B6CCDD7D-07EB-4E0F-A888-79A81AFC05A2} - \Microsoft\Windows\UNP\RunCampaignManager -> Keine Datei <==== ACHTUNG
Task: {B8EE1B23-260C-41D9-9457-559EF9907168} - System32\Tasks\Sony Corporation\VAIO Care\VAIO Care => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2017-05-15] (Sony Corporation)
Task: {C2DFDAC6-2DC5-43AC-B3C3-189687A656FC} - System32\Tasks\Sony Corporation\VAIO Care\VCMetrics => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2017-05-15] (Sony Corporation)
Task: {C314B97F-35D1-4129-B36B-138FBF48C098} - System32\Tasks\Sony Corporation\VAIO Control Center\Level4Daily => C:\Program Files (x86)\Sony\VAIO Control Center\WBCBatteryCare.exe [2013-03-15] (Sony Corporation)
Task: {CB55C1E1-DB58-4EEB-BE76-8A6432FA8220} - System32\Tasks\EPSON XP-520 Series Update {6B85294F-9774-45F0-A6EF-A7293D977B0D} => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSNPE.EXE [2013-11-22] (SEIKO EPSON CORPORATION)
Task: {CE6BC97F-68EB-4782-B43B-59D763DE5FE6} - System32\Tasks\CreateChoiceProcessTask => C:\Windows\BrowserChoice\browserchoice.exe
Task: {D0A2D1F0-ADAA-4DAA-9099-05235CA3F2D6} - System32\Tasks\Sony Corporation\VAIO Control Center\VAIOControlCenterUser => C:\Program Files (x86)\Sony\VAIO Control Center\vim.exe [2014-11-17] (Sony Corporation)
Task: {D50C369F-E633-41BD-A7F6-39B50416AAFE} - System32\Tasks\Sony Corporation\VAIO Update\VAIO Update Self Repair => C:\Program Files\Sony\VAIO Update\VUSR.exe [2016-03-31] (Sony Corporation)
Task: {D58D3F8A-80D9-47BE-87F0-87BE1E8D15F5} - System32\Tasks\Sony Corporation\VAIO Care\VTUsr => C:\Program Files\Sony\VAIO Care\VAIOTM\VTUsr.exe [2017-04-19] (Sony Corporation)
Task: {EA390447-42D0-42BA-893F-0BAC71CA70D3} - System32\Tasks\Sony Corporation\VAIO Control Center\Level4Month => C:\Program Files (x86)\Sony\VAIO Control Center\WBCBatteryCare.exe [2013-03-15] (Sony Corporation)
Task: {FD11A334-379C-47A6-88CF-740BC3493916} - System32\Tasks\Sony Corporation\VAIO Update\Launch Application => C:\Program Files\SONY\VAIO Update\ShellExeProxy.exe [2016-03-31] (Sony Corporation)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\WINDOWS\Tasks\AutoKMS.job => C:\WINDOWS\AutoKMS.exe
Task: C:\WINDOWS\Tasks\AutoKMSDaily.job => C:\WINDOWS\AutoKMS.exe
Task: C:\WINDOWS\Tasks\EPSON XP-520 Series Update {6B85294F-9774-45F0-A6EF-A7293D977B0D}.job => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSNPE.EXE:/EXE:{6B85294F-9774-45F0-A6EF-A7293D977B0D} /F:UpdateWORKGROUP\FREDDY_LAPTOP$ĊSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi
Task: C:\WINDOWS\Tasks\EPSON XP-520 Series Update {AA49A6FF-529B-4F6B-95BC-379A9FC14BB3}.job => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSNPE.EXE:/EXE:{AA49A6FF-529B-4F6B-95BC-379A9FC14BB3} /F:UpdateWORKGROUP\FREDDY_LAPTOP$ĊSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi
Task: C:\WINDOWS\Tasks\Synaptics TouchPad Enhancements.job => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
==================== Verknüpfungen & WMI ========================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2016-11-17 01:28 - 2016-11-17 01:28 - 000092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2017-10-18 23:51 - 2017-10-18 23:51 - 001356088 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2017-09-29 14:41 - 2017-09-29 14:41 - 000184432 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll
2013-09-05 00:17 - 2013-09-05 00:17 - 004300456 _____ () C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2017-09-29 14:42 - 2017-09-30 15:36 - 011044864 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2017-09-29 14:42 - 2017-09-30 15:36 - 001804288 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2013-08-08 11:09 - 2013-04-02 14:02 - 001199576 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2017-09-29 14:46 - 2013-08-22 14:25 - 000000824 _____ C:\WINDOWS\system32\Drivers\etc\hosts
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-3483465479-2191358556-2575146349-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Sony\VAIO 13 img1 Wallpaper 1920x1080.jpg
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Warn)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
HKLM\...\StartupApproved\StartupFolder: => "McAfee Parental Controls.lnk"
HKLM\...\StartupApproved\Run32: => "mcpltui_exe"
HKU\S-1-5-21-3483465479-2191358556-2575146349-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-3483465479-2191358556-2575146349-1001\...\StartupApproved\Run: => "Skype"
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [UDP Query User{F4A20467-3FEC-48AD-94BA-D9982345C925}C:\users\freddy\appdata\local\p15g-client\p15g-client.exe] => (Allow) C:\users\freddy\appdata\local\p15g-client\p15g-client.exe
FirewallRules: [TCP Query User{396DBF93-556A-4CCC-BBB1-26186E083AAB}C:\users\freddy\appdata\local\p15g-client\p15g-client.exe] => (Allow) C:\users\freddy\appdata\local\p15g-client\p15g-client.exe
FirewallRules: [{16650F04-47F9-4AE4-8683-5BA9DCBEF4C8}] => (Allow) C:\Program Files\Sony\VAIO Care\VAIOShell.exe
FirewallRules: [{31E065F4-FD5B-4B1C-98AC-22F4FCEE3EFB}] => (Allow) C:\Program Files\Sony\VAIO Care\VCSystemTray.exe
FirewallRules: [{13AFD05C-6FB4-4A93-A23E-2EF101D18C37}] => (Allow) C:\Program Files\Sony\VAIO Care\VCAdmin.exe
FirewallRules: [{551F069D-308A-4BB3-B321-C11CF1107070}] => (Allow) C:\Program Files\Sony\VAIO Care\VCAgent.exe
FirewallRules: [{443F24B8-5466-46DA-83B0-C049C73192AA}] => (Allow) C:\Windows\System32\rundll32.exe
FirewallRules: [{CEA772E4-41DF-4775-880C-138C2F3ABC99}] => (Allow) C:\Windows\System32\rundll32.exe
FirewallRules: [UDP Query User{EC99E90B-62A0-4DBF-8C57-D7BBC96D27E1}C:\windows\kmsemulator.exe] => (Allow) C:\windows\kmsemulator.exe
FirewallRules: [TCP Query User{54F84FCE-7D99-4FEC-ADED-94E584DE5172}C:\windows\kmsemulator.exe] => (Allow) C:\windows\kmsemulator.exe
FirewallRules: [{ED563812-2100-4A0C-B89E-7F1C24105148}] => (Allow) C:\WINDOWS\system32\rundll32.exe
FirewallRules: [{0E12D2BD-4660-4916-8825-2F2290755195}] => (Allow) C:\Windows\System32\rundll32.exe
FirewallRules: [{DDF5927A-BE92-4EBE-A454-72AF358DF7A3}] => (Allow) C:\Windows\System32\rundll32.exe
FirewallRules: [{943B73FF-9EF1-4F4F-839F-EEE617B89CD4}] => (Allow) C:\WINDOWS\system32\rundll32.exe
FirewallRules: [UDP Query User{32969F73-84A2-46E6-82B0-D3BEABAEBD14}C:\users\freddy\appdata\local\temp\2cd1.tmp\kmservice.exe] => (Allow) C:\users\freddy\appdata\local\temp\2cd1.tmp\kmservice.exe
FirewallRules: [TCP Query User{FAC0A1A4-3FDF-41C4-8375-47130FCA17E9}C:\users\freddy\appdata\local\temp\2cd1.tmp\kmservice.exe] => (Allow) C:\users\freddy\appdata\local\temp\2cd1.tmp\kmservice.exe
FirewallRules: [{202E20F3-608E-484A-8CB4-977197AF4DF3}] => (Allow) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe
FirewallRules: [{A5A467BE-F22F-49F8-8C59-91B7EDB9D932}] => (Allow) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe
FirewallRules: [UDP Query User{B7095F2B-53CF-4E12-8503-2F7A6797AF9C}C:\program files (x86)\kodi\kodi.exe] => (Allow) C:\program files (x86)\kodi\kodi.exe
FirewallRules: [TCP Query User{1E7C19F6-1264-4D14-9CE6-1C572EF339F3}C:\program files (x86)\kodi\kodi.exe] => (Allow) C:\program files (x86)\kodi\kodi.exe
FirewallRules: [UDP Query User{930F3D4B-073D-4B45-98E0-6C391616BF3F}C:\program files\windowsapps\xbmcfoundation.kodi_16.9.810.0_x86__4n2hpmxwrvr6p\kodi.exe] => (Allow) C:\program files\windowsapps\xbmcfoundation.kodi_16.9.810.0_x86__4n2hpmxwrvr6p\kodi.exe
FirewallRules: [TCP Query User{FA2421E5-873A-46D3-AEE5-025142069168}C:\program files\windowsapps\xbmcfoundation.kodi_16.9.810.0_x86__4n2hpmxwrvr6p\kodi.exe] => (Allow) C:\program files\windowsapps\xbmcfoundation.kodi_16.9.810.0_x86__4n2hpmxwrvr6p\kodi.exe
FirewallRules: [{BE450899-E821-473C-92F4-1B922A7C25F2}] => (Allow) C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe
FirewallRules: [{AC2A5F71-7418-4218-8C42-EC06E158C50C}] => (Allow) C:\Program Files\Intel Corporation\Intel WiDi\WiDiApp.exe
FirewallRules: [{1DFE654D-CF2C-4025-BD01-0E335D2972D2}] => (Allow) C:\Program Files\Common Files\mcafee\platform\mcsvchost\McSvHost.exe
FirewallRules: [{7B1144DD-BABB-4A16-8812-22C895FB83A2}] => (Allow) C:\Program Files\Common Files\mcafee\platform\mcsvchost\McSvHost.exe
FirewallRules: [{3532F35F-8DCE-4140-913A-07DFAA68CD73}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{9E620EBB-4DF6-427B-9377-F14121D459A1}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{98548828-B256-47BD-9723-45448C75A88E}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{313CD003-8B1B-4116-A0FD-087A4A89FBCE}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{DCFE97AA-6BBB-412B-B446-C96330ADB215}] => (Allow) C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe
FirewallRules: [{75398CB3-1E25-4215-990C-413898C60588}] => (Allow) C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe
FirewallRules: [{4345E14D-825B-44B7-8217-B042B837CD41}] => (Allow) C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe
FirewallRules: [{92C48361-973E-4E3E-8F83-A8E156580D8F}] => (Allow) C:\Program Files (x86)\Sony\PlayMemories Home\PMBBrowser.exe
FirewallRules: [{82AAA141-CD98-4A7F-8CDB-01D17B82BA4D}] => (Allow) C:\Program Files (x86)\Sony\PlayMemories Home\PMBBrowser.exe
FirewallRules: [{41807941-ADFD-417E-9A15-273206FA338D}] => (Allow) C:\Program Files\iTunes\iTunes.exe
==================== Wiederherstellungspunkte =========================
ACHTUNG: Systemwiederherstellung ist deaktiviert
==================== Fehlerhafte Geräte im Gerätemanager =============
Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (11/19/2017 09:03:29 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: Die Open-Prozedur für den Dienst "BITS" in der DLL "C:\Windows\System32\bitsperf.dll" war nicht erfolgreich. Die Leistungsdaten für diesen Dienst sind nicht verfügbar. Die ersten vier Bytes (DWORD) des Datenbereichs enthalten den Fehlercode.
Error: (11/18/2017 03:16:47 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: Die Open-Prozedur für den Dienst "BITS" in der DLL "C:\Windows\System32\bitsperf.dll" war nicht erfolgreich. Die Leistungsdaten für diesen Dienst sind nicht verfügbar. Die ersten vier Bytes (DWORD) des Datenbereichs enthalten den Fehlercode.
Error: (11/18/2017 02:50:38 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 274875
Error: (11/18/2017 02:50:38 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 274875
Error: (11/18/2017 02:50:38 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (11/18/2017 02:50:22 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 259250
Error: (11/18/2017 02:50:22 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 259250
Error: (11/18/2017 02:50:22 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (11/18/2017 02:50:07 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 243625
Error: (11/18/2017 02:50:07 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 243625
Systemfehler:
=============
Error: (11/25/2017 12:53:52 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\Lokaler Dienst" (SID: S-1-5-19) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
und der APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.
Error: (11/25/2017 12:51:15 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Erkennung interaktiver Dienste" wurde mit folgendem Fehler beendet:
Unzulässige Funktion.
Error: (11/25/2017 12:50:53 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\Lokaler Dienst" (SID: S-1-5-19) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
und der APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.
Error: (11/25/2017 12:50:53 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\Lokaler Dienst" (SID: S-1-5-19) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
und der APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.
Error: (11/25/2017 12:50:53 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\Lokaler Dienst" (SID: S-1-5-19) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
und der APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.
Error: (11/25/2017 12:50:53 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\Lokaler Dienst" (SID: S-1-5-19) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
und der APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.
Error: (11/25/2017 12:50:53 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\Lokaler Dienst" (SID: S-1-5-19) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
und der APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.
Error: (11/25/2017 12:50:53 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\Lokaler Dienst" (SID: S-1-5-19) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
und der APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.
Error: (11/19/2017 09:17:49 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\Lokaler Dienst" (SID: S-1-5-19) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
und der APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.
Error: (11/19/2017 09:02:50 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\Lokaler Dienst" (SID: S-1-5-19) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
und der APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.
CodeIntegrity:
===================================
Date: 2017-11-25 12:55:07.748
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume5\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.
Date: 2017-11-25 12:55:07.747
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume5\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.
Date: 2017-11-25 12:55:05.645
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume5\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.
Date: 2017-11-25 12:55:05.643
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume5\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.
Date: 2017-11-25 12:54:52.279
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume5\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.
Date: 2017-11-25 12:54:52.277
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume5\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.
Date: 2017-11-25 12:54:38.215
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume5\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.
Date: 2017-11-25 12:54:38.214
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume5\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.
Date: 2017-11-25 12:54:35.495
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume5\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.
Date: 2017-11-25 12:54:35.493
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume5\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.
==================== Speicherinformationen ===========================
Prozessor: Intel(R) Core(TM) i5-4200U CPU @ 1.60GHz
Prozentuale Nutzung des RAM: 61%
Installierter physikalischer RAM: 4002.87 MB
Verfügbarer physikalischer RAM: 1547.11 MB
Summe virtueller Speicher: 6178.87 MB
Verfügbarer virtueller Speicher: 3376.87 MB
==================== Laufwerke ================================
Drive c: () (Fixed) (Total:102.79 GB) (Free:45.19 GB) NTFS
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (Size: 119.2 GB) (Disk ID: BA336E2C)
Partition: GPT.
==================== Ende von Addition.txt ============================
|
|
25.11.2017, 14:34
| #2 |
| /// TB-Ausbilder   | windows10: AVIRA meldet Trojaner-Fund__________________ |
|
25.11.2017, 15:52
| #3 |
| | windows10: AVIRA meldet Trojaner-Fund Hallo,
__________________anbei meine logfiles nach Durchführung der 3 Arbeitsschritte: 1) AdwCleaner 2) Malwarebytes Anti-Malware 3 3) FRST Code:
ATTFilter # AdwCleaner 7.0.4.0 - Logfile created on Sat Nov 25 14:33:02 2017
# Updated on 2017/27/10 by Malwarebytes
# Running on Windows 10 Home (X64)
# Mode: clean
# Support: https://www.malwarebytes.com/support
***** [ Services ] *****
No malicious services deleted.
***** [ Folders ] *****
Deleted: C:\Windows\System32\\SSL
Deleted: C:\Windows\SysWOW64\\SSL
Deleted: C:\Users\Default\AppData\Local\AdvinstAnalytics
Deleted: C:\Users\Default User\AppData\Local\AdvinstAnalytics
Deleted: C:\Users\Freddy\AppData\Local\AdvinstAnalytics
Deleted: C:\ProgramData\devnull
Deleted: C:\Users\All Users\devnull
Deleted: C:\Users\Freddy\AppData\Roaming\devnull
Deleted: C:\Users\Freddy\AppData\Local\AdService
Deleted: C:\WINDOWS\Installer\{732EF8AC-F655-479A-AC27-F5BC00B97AE3}
Deleted: C:\WINDOWS\Installer\{A0A888D5-F808-4BF1-9FE1-AAE7891BEAF0}
Deleted: C:\WINDOWS\Installer\{A0A888D5-F808-4BF1-9FE1-AAE7891BEAF0}
***** [ Files ] *****
Deleted: C:\END
***** [ DLL ] *****
No malicious DLLs cleaned.
***** [ WMI ] *****
No malicious WMI cleaned.
***** [ Shortcuts ] *****
No malicious shortcuts cleaned.
***** [ Tasks ] *****
Deleted: aecbf87f4a6326ddc9ea0d5bd736b005
***** [ Registry ] *****
Deleted: [Key] - HKLM\SOFTWARE\devnull
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{7D86A08B-0A8F-4BE0-B693-F05E6947E780}
Deleted: [Value] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID|{C654F3FE-8E84-4BB7-87CF-8D9171FC3C73}
Deleted: [Key] - HKLM\SOFTWARE\Classes\AppID\{1C6F51F8-BCE6-4702-8952-6A8233359FBC}
Deleted: [Key] - HKCU\Software\Classes\Applications\interstatnogui.exe
Deleted: [Key] - HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application
Deleted: [Key] - HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application
Deleted: [Key] - HKLM\SOFTWARE\jetstrmedia
Deleted: [Key] - HKU\S-1-5-21-3483465479-2191358556-2575146349-1001\Software\DownloadProtect
Deleted: [Key] - HKCU\Software\DownloadProtect
Deleted: [Key] - HKLM\SOFTWARE\Soci2Sear Browser Enhancer
Deleted: [Key] - HKU\S-1-5-21-3483465479-2191358556-2575146349-1001\Software\Norassie
Deleted: [Key] - HKCU\Software\Norassie
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries deleted.
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries deleted.
*************************
::Tracing keys deleted
::Winsock settings cleared
::Prefetch files deleted
::Proxy settings cleared
::Firewall rules cleared
::IE policies deleted
::Chrome policies deleted
::Additional Actions: 0
*************************
C:/AdwCleaner/AdwCleaner[S0].txt - [2821 B] - [2017/11/25 14:32:24]
########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt ##########
Code:
ATTFilter Malwarebytes
www.malwarebytes.com
-Protokolldetails-
Scan-Datum: 25.11.17
Scan-Zeit: 15:36
Protokolldatei: fa92999e-d1ed-11e7-a32c-5c514f25bcdb.json
Administrator: Ja
-Softwaredaten-
Version: 3.3.1.2183
Komponentenversion: 1.0.236
Version des Aktualisierungspakets: 1.0.3343
Lizenz: Testversion
-Systemdaten-
Betriebssystem: Windows 10 (Build 16299.64)
CPU: x64
Dateisystem: NTFS
Benutzer: Freddy_Laptop\Freddy
-Scan-Übersicht-
Scan-Typ: Bedrohungs-Scan
Ergebnis: Abgeschlossen
Gescannte Objekte: 546425
Erkannte Bedrohungen: 6
In die Quarantäne verschobene Bedrohungen: 6
Abgelaufene Zeit: 4 Min., 31 Sek.
-Scan-Optionen-
Speicher: Aktiviert
Start: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Erkennung
PUM: Erkennung
-Scan-Details-
Prozess: 0
(keine bösartigen Elemente erkannt)
Modul: 0
(keine bösartigen Elemente erkannt)
Registrierungsschlüssel: 2
PUM.Optional.DisableChromeUpdates, HKLM\SOFTWARE\POLICIES\GOOGLE\UPDATE, In Quarantäne, [14951], [252393],1.0.3343
PUM.Optional.DisableChromeUpdates, HKLM\SOFTWARE\WOW6432NODE\POLICIES\GOOGLE\UPDATE, In Quarantäne, [14951], [252393],1.0.3343
Registrierungswert: 4
PUP.Optional.DownloadProtectExtension, HKLM\SOFTWARE\WOW6432NODE\MOZILLA\FIREFOX\EXTENSIONS|{71C4618D-E9D5-4326-B9BC-A7F092D98B70}, In Quarantäne, [14125], [237883],1.0.3343
PUP.Optional.DownloadProtectExtension, HKLM\SOFTWARE\MOZILLA\FIREFOX\EXTENSIONS|{71C4618D-E9D5-4326-B9BC-A7F092D98B70}, In Quarantäne, [14125], [237883],1.0.3343
PUM.Optional.DisableChromeUpdates, HKLM\SOFTWARE\POLICIES\GOOGLE\UPDATE|DISABLEAUTOUPDATECHECKSCHECKBOXVALUE, In Quarantäne, [14951], [252393],1.0.3343
PUM.Optional.DisableChromeUpdates, HKLM\SOFTWARE\WOW6432NODE\POLICIES\GOOGLE\UPDATE|DISABLEAUTOUPDATECHECKSCHECKBOXVALUE, In Quarantäne, [14951], [252393],1.0.3343
Registrierungsdaten: 0
(keine bösartigen Elemente erkannt)
Daten-Stream: 0
(keine bösartigen Elemente erkannt)
Ordner: 0
(keine bösartigen Elemente erkannt)
Datei: 0
(keine bösartigen Elemente erkannt)
Physischer Sektor: 0
(keine bösartigen Elemente erkannt)
(end)
FRST Logfile: Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 24-11-2017 01
durchgeführt von Freddy (Administrator) auf FREDDY_LAPTOP (25-11-2017 15:43:14)
Gestartet von C:\Users\Freddy\Desktop\Trojan
Geladene Profile: Freddy & (Verfügbare Profile: Freddy & Lydia)
Platform: Windows 10 Home Version 1709 16299.64 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: IE)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avguard.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Seiko Epson Corporation) C:\Windows\System32\escsvc64.exe
(Intel Corporation) C:\Windows\System32\ibtsiva.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe
(Geek Software GmbH) C:\Program Files (x86)\PDF24\pdf24.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgr.exe
(Sony Corporation) C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgrSub.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgrSub.exe
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\SUSSoundProxy.exe
(Sony Corporation) C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.8.487.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avshadow.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VAIOTM\VTSvc.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkClient.exe
(Sony Corporation) C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SHTtray.exe
(Sony Corporation) C:\Program Files\Sony\NFC Connection Utility\NFCConnectionUtility.exe
(Sony Corporation) C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VAIOTM\VTUsr.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VAIO Clip.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avgnt.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Update\VUAgent.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\vim.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCSystemTray.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\vim.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCService.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCAgent.exe
(Microsoft Corporation) C:\Windows\System32\prevhost.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
==================== Registry (Nicht auf der Ausnahmeliste) ===========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [630168 2017-09-29] (Microsoft Corporation)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3954368 2015-09-21] (Synaptics Incorporated)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Beschränkung <==== ACHTUNG
HKU\S-1-5-21-3483465479-2191358556-2575146349-1006-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-11252017154055264\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [519680 2017-09-29] (Microsoft Corporation)
HKU\S-1-5-21-3483465479-2191358556-2575146349-1006-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11252017153624282\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [519680 2017-09-29] (Microsoft Corporation)
HKU\S-1-5-21-3483465479-2191358556-2575146349-1006-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11252017153638490\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [519680 2017-09-29] (Microsoft Corporation)
CHR HKLM\SOFTWARE\Policies\Google: Beschränkung <==== ACHTUNG
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{0a976dfa-6aa2-4604-8b44-ed8d20d585f6}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{459b27b5-d66e-418e-b849-9d691fb37683}: [DhcpNameServer] 192.168.178.1
Internet Explorer:
==================
HKU\S-1-5-21-3483465479-2191358556-2575146349-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.gmx.net/
HKU\S-1-5-21-3483465479-2191358556-2575146349-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://sony13.msn.com
HKU\S-1-5-21-3483465479-2191358556-2575146349-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11252017153623864\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.gmx.net/
HKU\S-1-5-21-3483465479-2191358556-2575146349-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11252017153623864\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://sony13.msn.com
HKU\S-1-5-21-3483465479-2191358556-2575146349-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11252017153636693\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.gmx.net/
HKU\S-1-5-21-3483465479-2191358556-2575146349-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11252017153636693\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://sony13.msn.com
HKU\S-1-5-21-3483465479-2191358556-2575146349-1006-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-11252017154055264\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://sony13.msn.com/
HKU\S-1-5-21-3483465479-2191358556-2575146349-1006-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-11252017154055264\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://sony13.msn.com
HKU\S-1-5-21-3483465479-2191358556-2575146349-1006-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-11252017154055264\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://vaioportal.sony.eu
HKU\S-1-5-21-3483465479-2191358556-2575146349-1006-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11252017153624282\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://sony13.msn.com/
HKU\S-1-5-21-3483465479-2191358556-2575146349-1006-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11252017153624282\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://sony13.msn.com
HKU\S-1-5-21-3483465479-2191358556-2575146349-1006-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11252017153624282\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://vaioportal.sony.eu
HKU\S-1-5-21-3483465479-2191358556-2575146349-1006-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11252017153638490\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://sony13.msn.com/
HKU\S-1-5-21-3483465479-2191358556-2575146349-1006-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11252017153638490\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://sony13.msn.com
HKU\S-1-5-21-3483465479-2191358556-2575146349-1006-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11252017153638490\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://vaioportal.sony.eu
SearchScopes: HKU\S-1-5-21-3483465479-2191358556-2575146349-1001 -> {6A8CC696-3745-4668-A38E-46E567058A8B} URL = hxxp://de.wikipedia.org/w/index.php?title=Spezial:Suche&search={searchTerms}
SearchScopes: HKU\S-1-5-21-3483465479-2191358556-2575146349-1001 -> {84F8B878-A832-4C05-9E3F-BB52FAD57D4C} URL = hxxp://rover.ebay.com/rover/1/707-37276-16609-27/4?mpre=hxxp://shop.ebay.de/?oemInLn=ieSrch-&_nkw={searchTerms}
SearchScopes: HKU\S-1-5-21-3483465479-2191358556-2575146349-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11252017153623864 -> {6A8CC696-3745-4668-A38E-46E567058A8B} URL = hxxp://de.wikipedia.org/w/index.php?title=Spezial:Suche&search={searchTerms}
SearchScopes: HKU\S-1-5-21-3483465479-2191358556-2575146349-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11252017153623864 -> {84F8B878-A832-4C05-9E3F-BB52FAD57D4C} URL = hxxp://rover.ebay.com/rover/1/707-37276-16609-27/4?mpre=hxxp://shop.ebay.de/?oemInLn=ieSrch-&_nkw={searchTerms}
SearchScopes: HKU\S-1-5-21-3483465479-2191358556-2575146349-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11252017153636693 -> {6A8CC696-3745-4668-A38E-46E567058A8B} URL = hxxp://de.wikipedia.org/w/index.php?title=Spezial:Suche&search={searchTerms}
SearchScopes: HKU\S-1-5-21-3483465479-2191358556-2575146349-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11252017153636693 -> {84F8B878-A832-4C05-9E3F-BB52FAD57D4C} URL = hxxp://rover.ebay.com/rover/1/707-37276-16609-27/4?mpre=hxxp://shop.ebay.de/?oemInLn=ieSrch-&_nkw={searchTerms}
SearchScopes: HKU\S-1-5-21-3483465479-2191358556-2575146349-1006-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-11252017154055264 -> DefaultScope {7D2DB5E3-550E-4789-AF3D-0310D1B49015} URL = hxxps://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?}
SearchScopes: HKU\S-1-5-21-3483465479-2191358556-2575146349-1006-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-11252017154055264 -> {34522099-79B0-470C-8991-AC60FF3669A8} URL = hxxp://rover.ebay.com/rover/1/707-37276-16609-27/4?mpre=hxxp://shop.ebay.de/?oemInLn=ieSrch-&_nkw={searchTerms}
SearchScopes: HKU\S-1-5-21-3483465479-2191358556-2575146349-1006-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-11252017154055264 -> {7D2DB5E3-550E-4789-AF3D-0310D1B49015} URL = hxxps://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?}
SearchScopes: HKU\S-1-5-21-3483465479-2191358556-2575146349-1006-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-11252017154055264 -> {D0A1E2D0-6B30-477B-B307-518A739289E9} URL = hxxp://de.wikipedia.org/w/index.php?title=Spezial:Suche&search={searchTerms}
SearchScopes: HKU\S-1-5-21-3483465479-2191358556-2575146349-1006-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11252017153624282 -> DefaultScope {7D2DB5E3-550E-4789-AF3D-0310D1B49015} URL = hxxps://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?}
SearchScopes: HKU\S-1-5-21-3483465479-2191358556-2575146349-1006-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11252017153624282 -> {34522099-79B0-470C-8991-AC60FF3669A8} URL = hxxp://rover.ebay.com/rover/1/707-37276-16609-27/4?mpre=hxxp://shop.ebay.de/?oemInLn=ieSrch-&_nkw={searchTerms}
SearchScopes: HKU\S-1-5-21-3483465479-2191358556-2575146349-1006-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11252017153624282 -> {7D2DB5E3-550E-4789-AF3D-0310D1B49015} URL = hxxps://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?}
SearchScopes: HKU\S-1-5-21-3483465479-2191358556-2575146349-1006-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11252017153624282 -> {D0A1E2D0-6B30-477B-B307-518A739289E9} URL = hxxp://de.wikipedia.org/w/index.php?title=Spezial:Suche&search={searchTerms}
SearchScopes: HKU\S-1-5-21-3483465479-2191358556-2575146349-1006-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11252017153638490 -> DefaultScope {7D2DB5E3-550E-4789-AF3D-0310D1B49015} URL = hxxps://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?}
SearchScopes: HKU\S-1-5-21-3483465479-2191358556-2575146349-1006-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11252017153638490 -> {34522099-79B0-470C-8991-AC60FF3669A8} URL = hxxp://rover.ebay.com/rover/1/707-37276-16609-27/4?mpre=hxxp://shop.ebay.de/?oemInLn=ieSrch-&_nkw={searchTerms}
SearchScopes: HKU\S-1-5-21-3483465479-2191358556-2575146349-1006-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11252017153638490 -> {7D2DB5E3-550E-4789-AF3D-0310D1B49015} URL = hxxps://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?}
SearchScopes: HKU\S-1-5-21-3483465479-2191358556-2575146349-1006-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11252017153638490 -> {D0A1E2D0-6B30-477B-B307-518A739289E9} URL = hxxp://de.wikipedia.org/w/index.php?title=Spezial:Suche&search={searchTerms}
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO: Easy Photo Print -> {9421DD08-935F-4701-A9CA-22DF90AC4EA6} -> C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll [2015-07-31] (Seiko Epson Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: E-Web Print -> {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} -> C:\Program Files (x86)\Epson Software\E-Web Print\ewps_tb.dll [2014-11-27] (SEIKO EPSON CORPORATION)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_131\bin\ssv.dll [2017-04-30] (Oracle Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_131\bin\jp2ssv.dll [2017-04-30] (Oracle Corporation)
Toolbar: HKLM - Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll [2015-07-31] (Seiko Epson Corporation)
Toolbar: HKLM-x32 - E-Web Print - {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} - C:\Program Files (x86)\Epson Software\E-Web Print\ewps_tb.dll [2014-11-27] (SEIKO EPSON CORPORATION)
DPF: HKLM-x32 {5AE58FCF-6F6A-49B2-B064-02492C66E3F4} hxxp://catalog.update.microsoft.com/v7/site/ClientControl/en/x86/MuCatalogWebControl.cab?1481937349192
FireFox:
========
FF Plugin: @java.com/DTPlugin,version=10.13.2 -> C:\WINDOWS\system32\npDeployJava1.dll [2013-08-08] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\Program Files\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=3.5.20 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-04-02] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-04-02] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.131.2 -> C:\Program Files (x86)\Java\jre1.8.0_131\bin\dtplugin\npDeployJava1.dll [2017-04-30] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.131.2 -> C:\Program Files (x86)\Java\jre1.8.0_131\bin\plugin2\npjp2.dll [2017-04-30] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\Program Files (x86)\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2017-11-01] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3483465479-2191358556-2575146349-1001: intel.com/AppUp -> C:\Program Files (x86)\Intel\IntelAppStore\bin\npAppUp.dll [2013-02-19] (Intel)
FF Plugin HKU\S-1-5-21-3483465479-2191358556-2575146349-1001: intel.com/AppUpx64 -> C:\Program Files (x86)\Intel\IntelAppStore\bin\npAppUp_x64.dll [2013-02-19] (Intel)
FF Plugin HKU\S-1-5-21-3483465479-2191358556-2575146349-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11252017153623864: intel.com/AppUp -> C:\Program Files (x86)\Intel\IntelAppStore\bin\npAppUp.dll [2013-02-19] (Intel)
FF Plugin HKU\S-1-5-21-3483465479-2191358556-2575146349-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11252017153623864: intel.com/AppUpx64 -> C:\Program Files (x86)\Intel\IntelAppStore\bin\npAppUp_x64.dll [2013-02-19] (Intel)
FF Plugin HKU\S-1-5-21-3483465479-2191358556-2575146349-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11252017153636693: intel.com/AppUp -> C:\Program Files (x86)\Intel\IntelAppStore\bin\npAppUp.dll [2013-02-19] (Intel)
FF Plugin HKU\S-1-5-21-3483465479-2191358556-2575146349-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11252017153636693: intel.com/AppUpx64 -> C:\Program Files (x86)\Intel\IntelAppStore\bin\npAppUp_x64.dll [2013-02-19] (Intel)
==================== Dienste (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
S2 AntiVirMailService; C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe [1128944 2017-11-18] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\Antivirus\sched.exe [490968 2017-11-18] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\Antivirus\avguard.exe [490968 2017-11-18] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe [1526832 2017-11-18] (Avira Operations GmbH & Co. KG)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2017-10-11] (Apple Inc.)
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [413592 2017-11-02] (Avira Operations GmbH & Co. KG)
R2 EpsonScanSvc; C:\WINDOWS\system32\EscSvc64.exe [144560 2012-05-17] (Seiko Epson Corporation)
R2 igfxCUIService2.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [373744 2016-11-01] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [731648 2013-02-13] (Intel(R) Corporation) [Datei ist nicht signiert]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [820184 2013-02-13] (Intel(R) Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-04-02] (Intel Corporation)
R2 Intel(R) Wireless Bluetooth(R) 4.0 Radio Management; C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe [157128 2013-09-27] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-04-02] (Intel Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6234056 2017-11-01] (Malwarebytes)
S3 McAWFwk; C:\Program Files\Common Files\mcafee\actwiz\McAWFwk.exe [334608 2013-07-24] (McAfee, Inc.)
S3 NetworkSupport; C:\Program Files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkSupport.exe [629336 2013-09-28] (Sony Corporation)
R2 PDF24; C:\Program Files (x86)\PDF24\pdf24.exe [217736 2016-12-20] (Geek Software GmbH)
R2 PMBDeviceInfoProvider; C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe [481304 2013-11-21] (Sony Corporation)
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [255168 2015-09-21] (Synaptics Incorporated)
R2 VCFw; C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [972000 2013-01-06] (Sony Corporation)
R3 VUAgent; C:\Program Files\Sony\VAIO Update\vuagent.exe [1656600 2016-03-31] (Sony Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [355304 2017-09-29] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [105944 2017-09-29] (Microsoft Corporation)
R2 ibtsiva; %SystemRoot%\system32\ibtsiva [X]
===================== Treiber (Nicht auf der Ausnahmeliste) ======================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R0 avdevprot; C:\WINDOWS\System32\DRIVERS\avdevprot.sys [60920 2017-06-20] (Avira Operations GmbH & Co. KG)
R2 avgntflt; C:\WINDOWS\System32\DRIVERS\avgntflt.sys [176224 2017-10-07] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [167464 2017-09-05] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\WINDOWS\system32\DRIVERS\avkmgr.sys [44488 2017-03-31] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\WINDOWS\system32\DRIVERS\avnetflt.sys [88488 2017-03-31] (Avira Operations GmbH & Co. KG)
R0 avusbflt; C:\WINDOWS\System32\Drivers\avusbflt.sys [38048 2017-06-20] (Avira Operations GmbH & Co. KG)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [77432 2017-11-01] ()
R3 ibtusb; C:\WINDOWS\system32\DRIVERS\ibtusb.sys [230656 2016-12-12] (Intel Corporation)
R0 IntelHSWPcc; C:\WINDOWS\System32\drivers\IntelPcc.sys [77992 2013-11-28] (Intel Corporation)
S3 ISCT; C:\WINDOWS\System32\drivers\ISCTD64.sys [46568 2013-04-15] ()
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [193464 2017-11-25] (Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\system32\DRIVERS\farflt.sys [110016 2017-11-25] (Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [46008 2017-11-25] (Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [253880 2017-11-25] (Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [94144 2017-11-25] (Malwarebytes)
R3 MEIx64; C:\WINDOWS\system32\DRIVERS\TeeDriverx64.sys [99288 2013-12-19] (Intel Corporation)
R3 NETwNb64; C:\WINDOWS\system32\DRIVERS\Netwbw02.sys [3525896 2016-11-09] (Intel Corporation)
S3 rtux64w10; C:\WINDOWS\System32\drivers\rtux64w10.sys [354624 2016-08-07] (Realtek )
R3 SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [51392 2015-09-21] (Synaptics Incorporated)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44608 2017-09-29] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [309144 2017-09-29] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [119192 2017-09-29] (Microsoft Corporation)
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2017-11-25 15:35 - 2017-11-25 15:36 - 000094144 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2017-11-25 15:35 - 2017-11-25 15:35 - 000253880 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2017-11-25 15:35 - 2017-11-25 15:35 - 000193464 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2017-11-25 15:35 - 2017-11-25 15:35 - 000110016 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2017-11-25 15:35 - 2017-11-25 15:35 - 000046008 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2017-11-25 15:35 - 2017-11-25 15:35 - 000001912 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2017-11-25 15:35 - 2017-11-25 15:35 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2017-11-25 15:35 - 2017-11-25 15:35 - 000000000 ____D C:\ProgramData\Malwarebytes
2017-11-25 15:35 - 2017-11-25 15:35 - 000000000 ____D C:\Program Files\Malwarebytes
2017-11-25 15:35 - 2017-11-01 08:54 - 000077432 _____ C:\WINDOWS\system32\Drivers\mbae64.sys
2017-11-25 15:29 - 2017-11-25 15:33 - 000000000 ____D C:\AdwCleaner
2017-11-19 14:29 - 2017-10-25 10:11 - 017083904 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramCompositor.dll
2017-11-19 14:29 - 2017-10-25 10:11 - 000336896 _____ (Microsoft Corporation) C:\WINDOWS\system32\HolographicRuntimes.dll
2017-11-19 14:29 - 2017-10-25 10:09 - 021753344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Hydrogen.dll
2017-11-19 14:29 - 2017-10-25 09:57 - 000956416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Spectrum.exe
2017-11-19 14:29 - 2017-10-25 09:57 - 000882688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Mirage.Internal.dll
2017-11-19 14:29 - 2017-10-25 09:56 - 000665600 _____ (Microsoft Corporation) C:\WINDOWS\system32\DHolographicDisplay.dll
2017-11-19 14:29 - 2017-10-25 07:36 - 000618496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Mirage.Internal.dll
2017-11-19 14:29 - 2017-10-25 05:41 - 000362176 _____ (Microsoft Corporation) C:\WINDOWS\system32\BioIso.exe
2017-11-19 14:29 - 2017-10-25 05:40 - 001634288 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2017-11-19 14:29 - 2017-10-25 05:40 - 000612760 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2017-11-19 14:29 - 2017-10-25 05:40 - 000269696 _____ C:\WINDOWS\system32\FaceProcessorCore.dll
2017-11-19 14:29 - 2017-10-25 05:39 - 007831248 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10warp.dll
2017-11-19 14:29 - 2017-10-25 05:39 - 000479912 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64win.dll
2017-11-19 14:29 - 2017-10-25 05:39 - 000285080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2017-11-19 14:29 - 2017-10-25 05:37 - 001954048 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2017-11-19 14:29 - 2017-10-25 05:37 - 000610712 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2017-11-19 14:29 - 2017-10-25 05:36 - 008590744 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2017-11-19 14:29 - 2017-10-25 05:36 - 002400664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2017-11-19 14:29 - 2017-10-25 05:36 - 000187288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2017-11-19 14:29 - 2017-10-25 05:34 - 002573208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2017-11-19 14:29 - 2017-10-25 05:34 - 000839928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Perception.Stub.dll
2017-11-19 14:29 - 2017-10-25 05:34 - 000710920 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2017-11-19 14:29 - 2017-10-25 05:32 - 000559512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2017-11-19 14:29 - 2017-10-25 05:32 - 000147864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wcifs.sys
2017-11-19 14:29 - 2017-10-25 05:31 - 000436120 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostCommon.dll
2017-11-19 14:29 - 2017-10-25 05:31 - 000045464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storufs.sys
2017-11-19 14:29 - 2017-10-25 05:30 - 004487968 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2017-11-19 14:29 - 2017-10-25 05:30 - 000555416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2017-11-19 14:29 - 2017-10-25 05:29 - 002269080 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsrcsnk.dll
2017-11-19 14:29 - 2017-10-25 05:29 - 001507736 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2017-11-19 14:29 - 2017-10-25 05:29 - 000603920 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2017-11-19 14:29 - 2017-10-25 05:28 - 001170008 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2017-11-19 14:29 - 2017-10-25 05:27 - 006791472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2017-11-19 14:29 - 2017-10-25 05:27 - 001970520 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
2017-11-19 14:29 - 2017-10-25 05:27 - 001426152 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2017-11-19 14:29 - 2017-10-25 05:27 - 000374032 _____ (Microsoft Corporation) C:\WINDOWS\system32\vac.exe
2017-11-19 14:29 - 2017-10-25 05:24 - 000428952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2017-11-19 14:29 - 2017-10-25 05:20 - 002717392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2017-11-19 14:29 - 2017-10-25 04:52 - 001615720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2017-11-19 14:29 - 2017-10-25 04:50 - 001528904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2017-11-19 14:29 - 2017-10-25 04:36 - 025246208 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2017-11-19 14:29 - 2017-10-25 04:30 - 005615968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10warp.dll
2017-11-19 14:29 - 2017-10-25 04:30 - 000354200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudExperienceHostCommon.dll
2017-11-19 14:29 - 2017-10-25 04:28 - 004648528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2017-11-19 14:29 - 2017-10-25 04:28 - 001246432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
2017-11-19 14:29 - 2017-10-25 04:28 - 000982016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2017-11-19 14:29 - 2017-10-25 04:27 - 001454568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsrcsnk.dll
2017-11-19 14:29 - 2017-10-25 04:27 - 001377080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll
2017-11-19 14:29 - 2017-10-25 04:27 - 001015008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2017-11-19 14:29 - 2017-10-25 04:24 - 000506256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Perception.Stub.dll
2017-11-19 14:29 - 2017-10-25 04:22 - 006015200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2017-11-19 14:29 - 2017-10-25 04:22 - 002465848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2017-11-19 14:29 - 2017-10-25 04:19 - 003670016 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2017-11-19 14:29 - 2017-10-25 04:19 - 000097792 _____ C:\WINDOWS\system32\runexehelper.exe
2017-11-19 14:29 - 2017-10-25 04:18 - 000975872 _____ C:\WINDOWS\system32\FaceProcessor.dll
2017-11-19 14:29 - 2017-10-25 04:18 - 000328192 _____ (Microsoft Corporation) C:\WINDOWS\system32\AcGenral.dll
2017-11-19 14:29 - 2017-10-25 04:18 - 000301056 _____ (Microsoft Corporation) C:\WINDOWS\system32\AcLayers.dll
2017-11-19 14:29 - 2017-10-25 04:18 - 000135168 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_CapabilityAccess.dll
2017-11-19 14:29 - 2017-10-25 04:18 - 000095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\CapabilityAccessManagerClient.dll
2017-11-19 14:29 - 2017-10-25 04:18 - 000056320 _____ (Microsoft Corporation) C:\WINDOWS\system32\AcSpecfc.dll
2017-11-19 14:29 - 2017-10-25 04:16 - 023658496 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2017-11-19 14:29 - 2017-10-25 04:16 - 000227328 _____ (Microsoft Corporation) C:\WINDOWS\system32\CapabilityAccessManager.dll
2017-11-19 14:29 - 2017-10-25 04:16 - 000114688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\UcmCx.sys
2017-11-19 14:29 - 2017-10-25 04:16 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzres.dll
2017-11-19 14:29 - 2017-10-25 04:15 - 000140800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2017-11-19 14:29 - 2017-10-25 04:14 - 000541184 _____ (Microsoft Corporation) C:\WINDOWS\system32\HolographicExtensions.dll
2017-11-19 14:29 - 2017-10-25 04:14 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdrleakdiag.exe
2017-11-19 14:29 - 2017-10-25 04:13 - 013655552 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2017-11-19 14:29 - 2017-10-25 04:13 - 002972672 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
2017-11-19 14:29 - 2017-10-25 04:12 - 001015296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2017-11-19 14:29 - 2017-10-25 04:12 - 000708096 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2017-11-19 14:29 - 2017-10-25 04:12 - 000599040 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2017-11-19 14:29 - 2017-10-25 04:12 - 000568832 _____ (Microsoft Corporation) C:\WINDOWS\system32\TileDataRepository.dll
2017-11-19 14:29 - 2017-10-25 04:11 - 000768512 _____ (Microsoft Corporation) C:\WINDOWS\system32\PCPKsp.dll
2017-11-19 14:29 - 2017-10-25 04:10 - 008099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2017-11-19 14:29 - 2017-10-25 04:10 - 004742144 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2017-11-19 14:29 - 2017-10-25 04:10 - 001167360 _____ (Microsoft Corporation) C:\WINDOWS\system32\ISM.dll
2017-11-19 14:29 - 2017-10-25 04:09 - 002862080 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2017-11-19 14:29 - 2017-10-25 04:09 - 002106368 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2017-11-19 14:29 - 2017-10-25 04:09 - 001806336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.dll
2017-11-19 14:29 - 2017-10-25 04:09 - 000812032 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2017-11-19 14:29 - 2017-10-25 04:08 - 002905600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2017-11-19 14:29 - 2017-10-25 04:08 - 002781696 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2017-11-19 14:29 - 2017-10-25 04:08 - 002633216 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2017-11-19 14:29 - 2017-10-25 04:08 - 002392576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcGenral.dll
2017-11-19 14:29 - 2017-10-25 04:08 - 001667584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Input.Inking.dll
2017-11-19 14:29 - 2017-10-25 04:08 - 000654848 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2017-11-19 14:29 - 2017-10-25 04:08 - 000487424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcSpecfc.dll
2017-11-19 14:29 - 2017-10-25 04:08 - 000465408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2017-11-19 14:29 - 2017-10-25 04:07 - 018914304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2017-11-19 14:29 - 2017-10-25 04:07 - 003478016 _____ (Microsoft Corporation) C:\WINDOWS\system32\mispace.dll
2017-11-19 14:29 - 2017-10-25 04:07 - 001485824 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2017-11-19 14:29 - 2017-10-25 04:07 - 000685056 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2017-11-19 14:29 - 2017-10-25 04:07 - 000372224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcLayers.dll
2017-11-19 14:29 - 2017-10-25 04:07 - 000064512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CapabilityAccessManagerClient.dll
2017-11-19 14:29 - 2017-10-25 04:06 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tzres.dll
2017-11-19 14:29 - 2017-10-25 04:05 - 019339776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2017-11-19 14:29 - 2017-10-25 04:05 - 000106496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2017-11-19 14:29 - 2017-10-25 04:05 - 000022528 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdtcVSp1res.dll
2017-11-19 14:29 - 2017-10-25 04:04 - 000124928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\luafv.sys
2017-11-19 14:29 - 2017-10-25 04:04 - 000041984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdrleakdiag.exe
2017-11-19 14:29 - 2017-10-25 04:03 - 000450048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TileDataRepository.dll
2017-11-19 14:29 - 2017-10-25 04:02 - 000591872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PCPKsp.dll
2017-11-19 14:29 - 2017-10-25 04:01 - 012687360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2017-11-19 14:29 - 2017-10-25 04:01 - 000462848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2017-11-19 14:29 - 2017-10-25 03:59 - 003679232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2017-11-19 14:29 - 2017-10-25 03:59 - 000664576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2017-11-19 14:29 - 2017-10-25 03:58 - 002467840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2017-11-19 14:29 - 2017-10-25 03:58 - 001322496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Input.Inking.dll
2017-11-19 14:29 - 2017-10-25 03:58 - 001280000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Speech.dll
2017-11-19 14:29 - 2017-10-25 03:57 - 006035968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2017-11-19 14:29 - 2017-10-25 03:55 - 002864640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mispace.dll
2017-11-19 14:29 - 2017-10-25 03:54 - 000022528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msdtcVSp1res.dll
2017-11-19 14:29 - 2017-10-21 13:25 - 003313968 _____ C:\WINDOWS\system32\Windows.Mirage.dll
2017-11-19 14:29 - 2017-10-20 15:17 - 002474584 _____ C:\WINDOWS\SysWOW64\Windows.Mirage.dll
2017-11-19 14:29 - 2017-10-20 06:08 - 000339968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msexcl40.dll
2017-11-18 15:16 - 2017-11-18 15:16 - 000001193 _____ C:\Users\Public\Desktop\Avira.lnk
2017-11-18 09:24 - 2017-11-18 09:24 - 000000000 ____D C:\Users\Freddy\Documents\Telenot
2017-11-18 09:24 - 2017-11-18 09:24 - 000000000 ____D C:\Users\Freddy\AppData\Roaming\SumatraPDF
2017-11-18 09:24 - 2017-11-18 09:24 - 000000000 ____D C:\Users\Freddy\AppData\Local\Telenot
2017-11-18 09:24 - 2017-11-18 09:24 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Telenot
2017-11-18 09:24 - 2017-11-18 09:24 - 000000000 ____D C:\Program Files (x86)\Telenot
2017-11-11 15:31 - 2017-11-19 14:59 - 000000600 _____ C:\Users\Freddy\AppData\Local\PUTTY.RND
2017-11-11 15:06 - 2017-11-11 15:06 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud
2017-11-11 15:05 - 2017-11-11 15:05 - 000001816 _____ C:\Users\Public\Desktop\iTunes.lnk
2017-11-11 15:05 - 2017-11-11 15:05 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2017-11-11 15:05 - 2017-11-11 15:05 - 000000000 ____D C:\Program Files\iTunes
2017-11-11 15:05 - 2017-11-11 15:05 - 000000000 ____D C:\Program Files\iPod
2017-11-11 14:47 - 2017-11-11 14:47 - 000002395 _____ C:\Users\Freddy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Etcher.lnk
2017-11-11 14:47 - 2017-11-11 14:47 - 000000000 ____D C:\Users\Freddy\AppData\Roaming\etcher
2017-11-11 14:17 - 2017-11-18 15:45 - 000000000 ____D C:\Users\Freddy\Desktop\Raspberry
2017-11-06 08:25 - 2017-11-18 16:16 - 000000000 ____D C:\WINDOWS\Minidump
2017-11-05 16:49 - 2017-11-05 17:57 - 000000000 ____D C:\Users\Freddy\AppData\Roaming\vlc
2017-11-05 16:49 - 2017-11-05 16:49 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2017-11-05 16:49 - 2017-11-05 16:49 - 000000000 ____D C:\Program Files (x86)\VideoLAN
2017-10-28 11:11 - 2017-10-28 11:11 - 000000000 ____D C:\ProgramData\Microsoft OneDrive
2017-10-28 11:10 - 2017-10-28 11:10 - 000000000 ___HD C:\Users\Freddy\MicrosoftEdgeBackups
2017-10-28 11:09 - 2017-10-28 11:09 - 000000020 ___SH C:\Users\Freddy\ntuser.ini
2017-10-28 11:09 - 2017-10-28 11:09 - 000000000 ___RD C:\Users\Freddy\3D Objects
2017-10-28 11:09 - 2017-10-28 11:09 - 000000000 ____D C:\Users\WDAGUtilityAccount\AppData\Local\Packages
2017-10-28 11:09 - 2017-10-28 11:09 - 000000000 ____D C:\Users\WDAGUtilityAccount
2017-10-28 10:21 - 2017-11-11 14:57 - 000000000 ____D C:\Windows.old
2017-10-28 09:43 - 2017-10-28 09:43 - 000000000 ____D C:\ProgramData\USOShared
2017-10-28 09:37 - 2017-11-25 15:40 - 002120100 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-10-28 09:35 - 2017-11-25 15:33 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-10-28 09:35 - 2017-11-25 12:54 - 000004170 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{66960764-C7A5-4C4F-8DA1-5400FDCC99F3}
2017-10-28 09:35 - 2017-11-18 09:16 - 000004562 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2017-10-28 09:35 - 2017-11-05 12:12 - 000003208 _____ C:\WINDOWS\System32\Tasks\Avira SystrayStartTrigger
2017-10-28 09:35 - 2017-11-03 06:33 - 000003376 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3483465479-2191358556-2575146349-1001
2017-10-28 09:35 - 2017-10-28 09:43 - 000003374 _____ C:\WINDOWS\System32\Tasks\Avira_Antivirus_Systray
2017-10-28 09:35 - 2017-10-28 09:36 - 000011433 _____ C:\WINDOWS\diagwrn.xml
2017-10-28 09:35 - 2017-10-28 09:36 - 000011433 _____ C:\WINDOWS\diagerr.xml
2017-10-28 09:35 - 2017-10-28 09:35 - 000014400 _____ C:\WINDOWS\System32\Tasks\CoolKiller
2017-10-28 09:35 - 2017-10-28 09:35 - 000004018 _____ C:\WINDOWS\System32\Tasks\Clientlizenzdienst(ClipSVC)Mobile
2017-10-28 09:35 - 2017-10-28 09:35 - 000003498 _____ C:\WINDOWS\System32\Tasks\EPSON XP-520 Series Update {AA49A6FF-529B-4F6B-95BC-379A9FC14BB3}
2017-10-28 09:35 - 2017-10-28 09:35 - 000003498 _____ C:\WINDOWS\System32\Tasks\EPSON XP-520 Series Update {6B85294F-9774-45F0-A6EF-A7293D977B0D}
2017-10-28 09:35 - 2017-10-28 09:35 - 000003310 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{842A7FC2-BB01-4A85-A21F-8AF989AD34AA}
2017-10-28 09:35 - 2017-10-28 09:35 - 000003310 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{2606E4CA-31AC-4BC1-B652-80BFFB987F3E}
2017-10-28 09:35 - 2017-10-28 09:35 - 000002990 _____ C:\WINDOWS\System32\Tasks\updater
2017-10-28 09:35 - 2017-10-28 09:35 - 000002860 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3483465479-2191358556-2575146349-1006
2017-10-28 09:35 - 2017-10-28 09:35 - 000002752 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3483465479-2191358556-2575146349-1001
2017-10-28 09:35 - 2017-10-28 09:35 - 000002318 _____ C:\WINDOWS\System32\Tasks\CreateChoiceProcessTask
2017-10-28 09:35 - 2017-10-28 09:35 - 000002278 _____ C:\WINDOWS\System32\Tasks\AutoKMSDaily
2017-10-28 09:35 - 2017-10-28 09:35 - 000001918 _____ C:\WINDOWS\System32\Tasks\AutoKMS
2017-10-28 09:35 - 2017-10-28 09:35 - 000000000 ____D C:\WINDOWS\System32\Tasks\Sony Corporation
2017-10-28 09:35 - 2017-10-28 09:35 - 000000000 ____D C:\WINDOWS\System32\Tasks\OfficeSoftwareProtectionPlatform
2017-10-28 09:35 - 2017-10-28 09:35 - 000000000 ____D C:\WINDOWS\System32\Tasks\Apple
2017-10-28 09:30 - 2017-10-28 09:30 - 000001576 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2017-10-28 09:28 - 2017-10-28 11:56 - 000000000 ____D C:\Users\Freddy\AppData\Local\Packages
2017-10-28 09:28 - 2017-10-28 09:28 - 000000000 ____D C:\Users\Lydia.Freddy_Laptop.000\AppData\Local\Packages
2017-10-28 09:27 - 2017-11-06 08:25 - 000000000 ____D C:\Users\Freddy
2017-10-28 09:27 - 2017-11-05 17:01 - 000000000 ____D C:\Users\Lydia.Freddy_Laptop.000
2017-10-28 09:27 - 2017-10-28 09:27 - 000000000 _SHDL C:\Users\Lydia.Freddy_Laptop.000\Vorlagen
2017-10-28 09:27 - 2017-10-28 09:27 - 000000000 _SHDL C:\Users\Lydia.Freddy_Laptop.000\Startmenü
2017-10-28 09:27 - 2017-10-28 09:27 - 000000000 _SHDL C:\Users\Lydia.Freddy_Laptop.000\Netzwerkumgebung
2017-10-28 09:27 - 2017-10-28 09:27 - 000000000 _SHDL C:\Users\Lydia.Freddy_Laptop.000\Lokale Einstellungen
2017-10-28 09:27 - 2017-10-28 09:27 - 000000000 _SHDL C:\Users\Lydia.Freddy_Laptop.000\Eigene Dateien
2017-10-28 09:27 - 2017-10-28 09:27 - 000000000 _SHDL C:\Users\Lydia.Freddy_Laptop.000\Druckumgebung
2017-10-28 09:27 - 2017-10-28 09:27 - 000000000 _SHDL C:\Users\Lydia.Freddy_Laptop.000\Documents\Eigene Videos
2017-10-28 09:27 - 2017-10-28 09:27 - 000000000 _SHDL C:\Users\Lydia.Freddy_Laptop.000\Documents\Eigene Musik
2017-10-28 09:27 - 2017-10-28 09:27 - 000000000 _SHDL C:\Users\Lydia.Freddy_Laptop.000\Documents\Eigene Bilder
2017-10-28 09:27 - 2017-10-28 09:27 - 000000000 _SHDL C:\Users\Lydia.Freddy_Laptop.000\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2017-10-28 09:27 - 2017-10-28 09:27 - 000000000 _SHDL C:\Users\Lydia.Freddy_Laptop.000\AppData\Local\Verlauf
2017-10-28 09:27 - 2017-10-28 09:27 - 000000000 _SHDL C:\Users\Lydia.Freddy_Laptop.000\AppData\Local\Anwendungsdaten
2017-10-28 09:27 - 2017-10-28 09:27 - 000000000 _SHDL C:\Users\Lydia.Freddy_Laptop.000\Anwendungsdaten
2017-10-28 09:27 - 2017-10-28 09:27 - 000000000 _SHDL C:\Users\Freddy\Vorlagen
2017-10-28 09:27 - 2017-10-28 09:27 - 000000000 _SHDL C:\Users\Freddy\Startmenü
2017-10-28 09:27 - 2017-10-28 09:27 - 000000000 _SHDL C:\Users\Freddy\Netzwerkumgebung
2017-10-28 09:27 - 2017-10-28 09:27 - 000000000 _SHDL C:\Users\Freddy\Lokale Einstellungen
2017-10-28 09:27 - 2017-10-28 09:27 - 000000000 _SHDL C:\Users\Freddy\Eigene Dateien
2017-10-28 09:27 - 2017-10-28 09:27 - 000000000 _SHDL C:\Users\Freddy\Druckumgebung
2017-10-28 09:27 - 2017-10-28 09:27 - 000000000 _SHDL C:\Users\Freddy\Documents\Eigene Videos
2017-10-28 09:27 - 2017-10-28 09:27 - 000000000 _SHDL C:\Users\Freddy\Documents\Eigene Musik
2017-10-28 09:27 - 2017-10-28 09:27 - 000000000 _SHDL C:\Users\Freddy\Documents\Eigene Bilder
2017-10-28 09:27 - 2017-10-28 09:27 - 000000000 _SHDL C:\Users\Freddy\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2017-10-28 09:27 - 2017-10-28 09:27 - 000000000 _SHDL C:\Users\Freddy\AppData\Local\Verlauf
2017-10-28 09:27 - 2017-10-28 09:27 - 000000000 _SHDL C:\Users\Freddy\AppData\Local\Anwendungsdaten
2017-10-28 09:27 - 2017-10-28 09:27 - 000000000 _SHDL C:\Users\Freddy\Anwendungsdaten
2017-10-28 09:27 - 2016-11-01 23:05 - 000103952 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.DLL
2017-10-28 09:27 - 2016-11-01 23:05 - 000099848 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.DLL
2017-10-28 09:26 - 2017-09-29 14:41 - 002241024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2017-10-28 09:24 - 2017-11-25 14:56 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2017-10-28 09:24 - 2017-11-19 21:02 - 000416528 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2017-10-28 08:58 - 2017-10-07 17:06 - 000176224 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avgntflt.sys
2017-10-28 08:58 - 2017-09-05 23:18 - 000167464 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avipbb.sys
2017-10-28 08:58 - 2017-06-20 09:41 - 000060920 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avdevprot.sys
2017-10-28 08:58 - 2017-06-20 09:41 - 000038048 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avusbflt.sys
2017-10-28 08:58 - 2017-03-31 06:37 - 000088488 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avnetflt.sys
2017-10-28 08:58 - 2017-03-31 06:37 - 000044488 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avkmgr.sys
2017-10-28 08:57 - 2017-10-28 10:21 - 000000000 ____D C:\WINDOWS\system32\config\bbimigrate
2017-10-28 08:53 - 2017-10-28 08:57 - 000000000 ____D C:\WINDOWS\ServiceProfiles
2017-10-28 08:49 - 2017-10-28 08:49 - 005906264 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll
2017-10-28 08:49 - 2017-10-28 08:49 - 003334144 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2017-10-28 08:49 - 2017-10-28 08:49 - 002869248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2017-10-28 08:49 - 2017-10-28 08:49 - 001856000 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2017-10-28 08:49 - 2017-10-28 08:49 - 001822208 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2017-10-28 08:49 - 2017-10-28 08:49 - 001664000 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2017-10-28 08:49 - 2017-10-28 08:49 - 001641536 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2017-10-28 08:49 - 2017-10-28 08:49 - 001587200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2017-10-28 08:49 - 2017-10-28 08:49 - 001559552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2017-10-28 08:49 - 2017-10-28 08:49 - 001554216 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2017-10-28 08:49 - 2017-10-28 08:49 - 001547264 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2017-10-28 08:49 - 2017-10-28 08:49 - 001470976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2017-10-28 08:49 - 2017-10-28 08:49 - 001463856 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2017-10-28 08:49 - 2017-10-28 08:49 - 001436432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2017-10-28 08:49 - 2017-10-28 08:49 - 001323840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2017-10-28 08:49 - 2017-10-28 08:49 - 001261864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll
2017-10-28 08:49 - 2017-10-28 08:49 - 001200024 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2017-10-28 08:49 - 2017-10-28 08:49 - 001053592 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2017-10-28 08:49 - 2017-10-28 08:49 - 000925184 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll
2017-10-28 08:49 - 2017-10-28 08:49 - 000778936 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2017-10-28 08:49 - 2017-10-28 08:49 - 000739696 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll
2017-10-28 08:49 - 2017-10-28 08:49 - 000726016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2017-10-28 08:49 - 2017-10-28 08:49 - 000677280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2017-10-28 08:49 - 2017-10-28 08:49 - 000665088 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmCoreProvisioning.dll
2017-10-28 08:49 - 2017-10-28 08:49 - 000649304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2017-10-28 08:49 - 2017-10-28 08:49 - 000640512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mswstr10.dll
2017-10-28 08:49 - 2017-10-28 08:49 - 000597160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll
2017-10-28 08:49 - 2017-10-28 08:49 - 000566272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TpmCoreProvisioning.dll
2017-10-28 08:49 - 2017-10-28 08:49 - 000542208 _____ (Microsoft Corporation) C:\WINDOWS\system32\FirewallAPI.dll
2017-10-28 08:49 - 2017-10-28 08:49 - 000529408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nwifi.sys
2017-10-28 08:49 - 2017-10-28 08:49 - 000478208 _____ (Microsoft Corporation) C:\WINDOWS\system32\NgcCtnr.dll
2017-10-28 08:49 - 2017-10-28 08:49 - 000464416 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcryptprimitives.dll
2017-10-28 08:49 - 2017-10-28 08:49 - 000461312 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansec.dll
2017-10-28 08:49 - 2017-10-28 08:49 - 000442880 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptngc.dll
2017-10-28 08:49 - 2017-10-28 08:49 - 000422912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys
2017-10-28 08:49 - 2017-10-28 08:49 - 000418712 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2017-10-28 08:49 - 2017-10-28 08:49 - 000374784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FirewallAPI.dll
2017-10-28 08:49 - 2017-10-28 08:49 - 000373656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2017-10-28 08:49 - 2017-10-28 08:49 - 000353688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2017-10-28 08:49 - 2017-10-28 08:49 - 000326144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cryptngc.dll
2017-10-28 08:49 - 2017-10-28 08:49 - 000285696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb10.sys
2017-10-28 08:49 - 2017-10-28 08:49 - 000246168 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2017-10-28 08:49 - 2017-10-28 08:49 - 000232344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2017-10-28 08:49 - 2017-10-28 08:49 - 000184984 _____ (Microsoft Corporation) C:\WINDOWS\system32\sspicli.dll
2017-10-28 08:49 - 2017-10-28 08:49 - 000177664 _____ (Microsoft Corporation) C:\WINDOWS\system32\t2embed.dll
2017-10-28 08:49 - 2017-10-28 08:49 - 000139672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecdd.sys
2017-10-28 08:49 - 2017-10-28 08:49 - 000136192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\t2embed.dll
2017-10-28 08:49 - 2017-10-28 08:49 - 000123520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sspicli.dll
2017-10-28 08:49 - 2017-10-28 08:49 - 000086016 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblAuthTokenBrokerExt.dll
2017-10-28 08:49 - 2017-10-28 08:49 - 000070656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XblAuthTokenBrokerExt.dll
2017-10-28 08:49 - 2017-10-28 08:49 - 000060824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\urscx01000.sys
2017-10-28 08:49 - 2017-10-28 08:49 - 000058880 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmTasks.dll
2017-10-28 08:49 - 2017-10-28 08:49 - 000057344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\UcmUcsi.sys
2017-10-28 08:49 - 2017-10-28 08:49 - 000034816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BasicRender.sys
2017-10-28 08:49 - 2017-10-28 08:49 - 000028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\sspisrv.dll
2017-10-28 08:49 - 2017-10-28 08:49 - 000008704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjint40.dll
2017-10-28 08:42 - 2017-10-28 10:21 - 000000000 ____D C:\Program Files (x86)\MSBuild
2017-10-28 08:42 - 2017-10-28 08:42 - 000000000 ____D C:\WINDOWS\SysWOW64\XPSViewer
2017-10-28 08:42 - 2017-10-28 08:42 - 000000000 ____D C:\Program Files\Reference Assemblies
2017-10-28 08:42 - 2017-10-28 08:42 - 000000000 ____D C:\Program Files\MSBuild
2017-10-28 08:42 - 2017-10-28 08:42 - 000000000 ____D C:\Program Files (x86)\Reference Assemblies
2017-10-28 08:41 - 2017-10-28 08:41 - 001166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
2017-10-28 08:41 - 2017-10-28 08:41 - 000778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll
2017-10-28 08:41 - 2017-10-28 08:41 - 000124624 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2017-10-28 08:41 - 2017-10-28 08:41 - 000103120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2017-10-28 08:41 - 2017-10-28 08:41 - 000035456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2017-10-28 08:41 - 2017-10-28 08:41 - 000035456 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2017-10-28 08:29 - 2017-10-28 08:29 - 000008192 _____ C:\WINDOWS\system32\config\userdiff
2017-10-28 07:46 - 2017-10-28 11:09 - 000000000 ___DC C:\WINDOWS\Panther
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2017-11-25 15:43 - 2017-09-26 19:54 - 000000000 ____D C:\FRST
2017-11-25 15:42 - 2017-09-26 08:13 - 000000000 ____D C:\Users\Freddy\Desktop\Trojan
2017-11-25 15:40 - 2017-09-30 15:35 - 000951132 _____ C:\WINDOWS\system32\perfh007.dat
2017-11-25 15:40 - 2017-09-30 15:35 - 000203670 _____ C:\WINDOWS\system32\perfc007.dat
2017-11-25 15:36 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\DeliveryOptimization
2017-11-25 15:33 - 2017-09-29 09:45 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2017-11-25 15:33 - 2017-06-05 09:32 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2017-11-25 15:33 - 2016-12-17 10:57 - 000000000 __SHD C:\Users\Freddy\IntelGraphicsProfiles
2017-11-25 15:32 - 2017-06-29 20:52 - 000000008 __RSH C:\ProgramData\ntuser.pol
2017-11-25 15:32 - 2017-03-18 22:03 - 000000000 ____D C:\WINDOWS\system32\Tasks_Migrated
2017-11-25 14:56 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\rescache
2017-11-25 12:55 - 2017-09-29 14:46 - 000000000 ___HD C:\Program Files\WindowsApps
2017-11-25 12:55 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\AppReadiness
2017-11-25 12:50 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2017-11-19 21:05 - 2017-09-29 14:44 - 000000000 ____D C:\WINDOWS\INF
2017-11-19 21:01 - 2017-09-29 14:46 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2017-11-19 21:01 - 2017-09-29 14:46 - 000000000 ___SD C:\WINDOWS\system32\F12
2017-11-19 21:01 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\TextInput
2017-11-19 21:01 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2017-11-19 21:01 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2017-11-19 21:01 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\system32\appraiser
2017-11-19 21:01 - 2017-09-29 09:45 - 000000000 ____D C:\WINDOWS\system32\Dism
2017-11-19 14:31 - 2017-09-29 14:37 - 000000000 ____D C:\WINDOWS\CbsTemp
2017-11-18 15:27 - 2017-01-02 15:07 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2017-11-18 15:16 - 2013-08-08 11:02 - 000000000 ____D C:\ProgramData\Package Cache
2017-11-18 09:16 - 2013-08-08 11:30 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2017-11-14 00:29 - 2017-02-25 09:02 - 000025400 _____ C:\Users\Freddy\Desktop\160115_to do Haus.xlsx
2017-11-12 11:17 - 2016-01-16 19:15 - 000000000 ___RD C:\Users\Freddy\iCloudDrive
2017-11-11 15:05 - 2016-12-17 01:49 - 000000000 ____D C:\WINDOWS\SysWOW64\sda
2017-11-05 18:03 - 2016-12-17 10:07 - 000000000 ____D C:\Users\Freddy\AppData\Local\ElevatedDiagnostics
2017-11-05 16:40 - 2014-02-28 20:34 - 000000000 ____D C:\Users\Freddy\AppData\Roaming\Sony Corporation
2017-11-05 16:33 - 2016-01-16 19:15 - 000000000 ____D C:\Users\Freddy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\iCloud
2017-11-04 08:09 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\appcompat
2017-11-04 02:25 - 2017-09-29 14:49 - 000835568 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2017-11-04 02:25 - 2017-09-29 14:49 - 000177648 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2017-11-03 06:33 - 2016-12-17 10:49 - 000002433 _____ C:\Users\Freddy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2017-11-03 06:33 - 2016-12-17 10:49 - 000000000 ___RD C:\Users\Freddy\OneDrive
2017-10-28 11:09 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\Registration
2017-10-28 11:09 - 2016-12-17 10:47 - 000000000 ____D C:\Users\Freddy\AppData\Local\TileDataLayer
2017-10-28 11:09 - 2014-02-28 20:27 - 000000000 __RHD C:\Users\Public\AccountPictures
2017-10-28 10:23 - 2017-09-29 14:46 - 000028672 _____ C:\WINDOWS\system32\config\BCD-Template
2017-10-28 10:21 - 2017-09-30 15:34 - 000000000 ____D C:\WINDOWS\SysWOW64\sysprep
2017-10-28 10:21 - 2017-09-29 14:49 - 000000000 ____D C:\WINDOWS\Setup
2017-10-28 10:21 - 2017-09-29 14:46 - 000000000 ___SD C:\WINDOWS\Downloaded Program Files
2017-10-28 10:21 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\SysWOW64\GroupPolicy
2017-10-28 10:21 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\system32\WinBioDatabase
2017-10-28 10:21 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\system32\spool
2017-10-28 10:21 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\system32\oobe
2017-10-28 10:21 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\system32\NDF
2017-10-28 10:21 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\system32\InputMethod
2017-10-28 10:21 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\Resources
2017-10-28 10:21 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\InputMethod
2017-10-28 10:21 - 2017-09-29 14:46 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2017-10-28 10:21 - 2017-09-29 14:46 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2017-10-28 10:21 - 2017-08-27 09:25 - 000000000 __RHD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VAIO Care
2017-10-28 10:21 - 2017-06-05 09:32 - 000000000 ____D C:\Program Files\Intel
2017-10-28 10:21 - 2017-06-01 05:46 - 000000000 ____D C:\Program Files\UNP
2017-10-28 10:21 - 2017-03-27 06:25 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WISO steuer Sparbuch 2017
2017-10-28 10:21 - 2017-02-03 20:47 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Icecream PDF Split and Merge
2017-10-28 10:21 - 2017-01-15 19:37 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2017-10-28 10:21 - 2017-01-03 10:20 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF24
2017-10-28 10:21 - 2016-12-27 12:45 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SharePoint
2017-10-28 10:21 - 2016-12-27 12:45 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2017-10-28 10:21 - 2016-12-27 12:40 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2017-10-28 10:21 - 2016-12-26 16:48 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Epson Software
2017-10-28 10:21 - 2016-12-16 23:54 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2017-10-28 10:21 - 2014-03-01 05:03 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Main
2017-10-28 10:21 - 2014-03-01 02:09 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2017-10-28 10:21 - 2014-02-28 20:34 - 000000000 ____D C:\WINDOWS\SysWOW64\VAIO Startup Setting Tool
2017-10-28 10:21 - 2013-11-14 08:13 - 000000000 ____D C:\WINDOWS\ShellNew
2017-10-28 10:21 - 2013-08-22 16:36 - 000000000 ____D C:\WINDOWS\system32\WindowsInternal.Inbox.Shared
2017-10-28 10:21 - 2013-08-22 16:36 - 000000000 ____D C:\WINDOWS\system32\WindowsInternal.Inbox.Media.Shared
2017-10-28 10:21 - 2013-08-08 11:39 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2017-10-28 10:21 - 2013-08-08 11:31 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel AppUp(R) center
2017-10-28 10:21 - 2013-08-08 11:18 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PlayMemories Home
2017-10-28 10:21 - 2013-08-08 11:11 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NXPProximityInstaller
2017-10-28 10:21 - 2013-08-08 11:07 - 000000000 ___HD C:\WINDOWS\system32\WLANProfiles
2017-10-28 09:43 - 2017-09-29 14:46 - 000000000 ____D C:\ProgramData\USOPrivate
2017-10-28 09:37 - 2017-09-29 14:46 - 000000000 ____D C:\Program Files\windows nt
2017-10-28 09:35 - 2014-03-01 15:36 - 000023056 _____ C:\WINDOWS\system32\emptyregdb.dat
2017-10-28 09:32 - 2017-09-05 21:57 - 000000000 ____D C:\Users\Freddy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\com.husqvarna
2017-10-28 09:32 - 2016-12-27 12:40 - 000000000 ____D C:\Users\Freddy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2017-10-28 09:32 - 2016-12-26 20:39 - 000000000 ____D C:\Users\Freddy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\IrfanView
2017-10-28 09:32 - 2016-12-20 20:26 - 000000000 ____D C:\Users\Freddy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Kodi
2017-10-28 09:30 - 2017-09-29 14:46 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2017-10-28 09:27 - 2017-09-29 09:45 - 000000000 ____D C:\WINDOWS\system32\Sysprep
2017-10-28 09:27 - 2017-06-05 09:32 - 000000200 _____ C:\WINDOWS\system32\{EC94D02F-D200-4428-9531-05AF7F9799CB}.bat
2017-10-28 09:27 - 2017-06-05 09:31 - 000000000 ____D C:\WINDOWS\SysWOW64\RTCOM
2017-10-28 09:27 - 2013-08-08 10:57 - 000000000 ____D C:\Intel
2017-10-28 09:06 - 2017-09-29 14:46 - 000000000 __RHD C:\Users\Public\Libraries
2017-10-28 09:05 - 2017-09-29 09:45 - 000008192 _____ C:\WINDOWS\system32\config\ELAM
2017-10-28 08:58 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\SysWOW64\IME
2017-10-28 08:58 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\system32\IME
2017-10-28 08:57 - 2017-06-05 09:32 - 000000000 ____D C:\Program Files\Synaptics
2017-10-28 08:57 - 2017-06-05 09:31 - 000000000 ____D C:\Program Files\Realtek
2017-10-28 08:57 - 2016-12-26 16:52 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\zu-ZA
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\yo-NG
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\xh-ZA
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\wo-SN
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\vi-VN
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\uz-Latn-UZ
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\ur-PK
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\ug-CN
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\tt-RU
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\tn-ZA
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\tk-TM
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\ti-ET
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\tg-Cyrl-TJ
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\te-IN
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\ta-IN
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\sw-KE
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\sr-Cyrl-RS
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\sr-Cyrl-BA
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\sq-AL
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\si-LK
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\sd-Arab-PK
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\rw-RW
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\quz-PE
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\quc-Latn-GT
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\prs-AF
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\pa-IN
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\pa-Arab-PK
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\or-IN
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\nso-ZA
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\nn-NO
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\ne-NP
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\mt-MT
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\mr-IN
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\mn-MN
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\ml-IN
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\mk-MK
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\mi-NZ
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\lo-LA
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\lb-LU
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\ky-KG
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\ku-Arab-IQ
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\kok-IN
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\kn-IN
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\km-KH
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\kk-KZ
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\ka-GE
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\is-IS
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\ig-NG
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\id-ID
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\hy-AM
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\ha-Latn-NG
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\gu-IN
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\gd-GB
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\ga-IE
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\fil-PH
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\fa-IR
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\cy-GB
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\chr-CHER-US
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\ca-ES-valencia
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\bs-Latn-BA
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\bn-IN
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\bn-BD
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\be-BY
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\az-Latn-AZ
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\as-IN
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\am-ET
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\af-ZA
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\zu-ZA
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\yo-NG
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\xh-ZA
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\wo-SN
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\vi-VN
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\uz-Latn-UZ
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\ur-PK
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\ug-CN
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\tt-RU
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\tn-ZA
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\tk-TM
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\ti-ET
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\tg-Cyrl-TJ
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\te-IN
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\ta-IN
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\sw-KE
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\sr-Cyrl-RS
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\sr-Cyrl-BA
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\sq-AL
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\si-LK
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\sd-Arab-PK
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\rw-RW
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\quz-PE
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\quc-Latn-GT
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\prs-AF
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\pa-IN
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\pa-Arab-PK
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\or-IN
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\nso-ZA
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\nn-NO
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\ne-NP
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\mt-MT
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\mr-IN
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\mn-MN
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\ml-IN
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\mk-MK
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\mi-NZ
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\lo-LA
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\lb-LU
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\ky-KG
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\ku-Arab-IQ
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\kok-IN
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\kn-IN
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\km-KH
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\kk-KZ
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\ka-GE
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\is-IS
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\ig-NG
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\id-ID
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\hy-AM
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\ha-Latn-NG
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\gu-IN
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\gd-GB
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\ga-IE
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\fil-PH
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\fa-IR
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\cy-GB
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\chr-CHER-US
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\ca-ES-valencia
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\bs-Latn-BA
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\bn-IN
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\bn-BD
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\be-BY
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\az-Latn-AZ
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\as-IN
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\am-ET
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\af-ZA
2017-10-28 08:42 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\SysWOW64\MUI
2017-10-28 08:42 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\system32\MUI
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2017-11-11 15:31 - 2017-11-19 14:59 - 000000600 _____ () C:\Users\Freddy\AppData\Local\PUTTY.RND
2014-03-01 01:57 - 2016-12-17 02:49 - 000007598 _____ () C:\Users\Freddy\AppData\Local\resmon.resmoncfg
==================== Bamital & volsnap ======================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2017-11-25 14:56
==================== Ende von FRST.txt ============================
|
|
25.11.2017, 15:53
| #4 |
| | windows10: AVIRA meldet Trojaner-FundCode:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 24-11-2017 01
durchgeführt von Freddy (25-11-2017 15:43:53)
Gestartet von C:\Users\Freddy\Desktop\Trojan
Windows 10 Home Version 1709 16299.64 (X64) (2017-10-28 08:37:27)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-3483465479-2191358556-2575146349-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3483465479-2191358556-2575146349-503 - Limited - Disabled)
Freddy (S-1-5-21-3483465479-2191358556-2575146349-1001 - Administrator - Enabled) => C:\Users\Freddy
Gast (S-1-5-21-3483465479-2191358556-2575146349-501 - Limited - Disabled)
Lydia (S-1-5-21-3483465479-2191358556-2575146349-1006 - Limited - Enabled) => C:\Users\Lydia.Freddy_Laptop.000
WDAGUtilityAccount (S-1-5-21-3483465479-2191358556-2575146349-504 - Limited - Disabled)
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Avira Antivirus (Enabled - Up to date) {B3F630BD-538D-1B4A-14FA-14B63235278F}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: Avira Antivirus (Enabled - Up to date) {0897D159-75B7-14C4-2E4A-2FC449B26D32}
AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
Adobe Reader XI MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AB0000000001}) (Version: 11.0.00 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.23) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.23 - Adobe Systems Incorporated)
Apple Application Support (32-Bit) (HKLM-x32\...\{D811A40A-9791-497C-B9DC-2D89C8E95EA1}) (Version: 6.1 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{8B47B514-F5D2-4E0D-B951-6E250618A7CD}) (Version: 6.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{31A0B634-BCF4-4D3F-8336-87FEACFEE142}) (Version: 11.0.1.2 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{C1BBFD2A-BCDD-45B3-8C0B-66BD434970A8}) (Version: 2.4.8.1 - Apple Inc.)
Avira (HKLM-x32\...\{37C2DE81-46FA-4EB3-83A5-F0D8F5B08F6E}) (Version: 1.2.99.31392 - Avira Operations GmbH & Co. KG) Hidden
Avira (HKLM-x32\...\{5a024a65-9f29-41b1-b178-946c9f826e72}) (Version: 1.2.99.31392 - Avira Operations GmbH & Co. KG)
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.33.24 - Avira Operations GmbH & Co. KG)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
compasX 27.1 (HKLM-x32\...\{9FBE7270-D55B-4D0D-BB04-4BAFEA03ECFA}) (Version: 27.1 - Telenot)
Easy Photo Scan (HKLM-x32\...\{BB6241FF-8B76-45A5-95B9-888EDE8E47DC}) (Version: 1.00.0010 - Seiko Epson Corporation)
Einstellungen für VAIO Media Server (HKLM\...\{62A172B2-550E-499D-9A82-5190D18390AA}) (Version: 1.1.0.02220 - Sony Corporation)
Epson Easy Photo Print 2 (HKLM-x32\...\{F05A434E-D3CF-4B44-9D3E-779D42090781}) (Version: 2.8.0.0 - Seiko Epson Corporation)
Epson Event Manager (HKLM-x32\...\{9F205E94-9E42-4486-A92A-DF3F6CB85444}) (Version: 3.10.0061 - Seiko Epson Corporation)
Epson E-Web Print (HKLM-x32\...\{6BF9F374-EC67-4808-A90C-F127DE6D989D}) (Version: 1.23.0000 - SEIKO EPSON CORPORATION)
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version: - Seiko Epson Corporation)
Epson Software Updater (HKLM-x32\...\{7BAC3F7A-B963-468E-982E-B5608A87408D}) (Version: 4.4.4 - SEIKO EPSON CORPORATION)
EPSON XP-520 Series Printer Uninstall (HKLM\...\EPSON XP-520 Series) (Version: - SEIKO EPSON Corporation)
ESDL (HKLM-x32\...\{9A2CA016-1C4C-4D44-BF70-C2C8639C34A4}) (Version: 1.0.0 - Sony Corporation) Hidden
Etcher 1.1.2 (only current user) (HKU\S-1-5-21-3483465479-2191358556-2575146349-1001\...\573339af-d9e1-5dd3-804c-e0162fac1f41) (Version: 1.1.2 - Resin Inc.)
Etcher 1.1.2 (only current user) (HKU\S-1-5-21-3483465479-2191358556-2575146349-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11252017153623864\...\573339af-d9e1-5dd3-804c-e0162fac1f41) (Version: 1.1.2 - Resin Inc.)
Etcher 1.1.2 (only current user) (HKU\S-1-5-21-3483465479-2191358556-2575146349-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11252017153636693\...\573339af-d9e1-5dd3-804c-e0162fac1f41) (Version: 1.1.2 - Resin Inc.)
FDUx86 (HKLM-x32\...\{3490653F-2789-46A1-B1BF-6BD4CF4131AB}) (Version: 1.0.0 - Sony Corporation) Hidden
iCloud (HKLM\...\{FF99A618-BCA5-4658-B9FF-CCF57C177610}) (Version: 7.1.0.34 - Apple Inc.)
Intel AppUp(R) center (HKLM-x32\...\Intel AppUp(R) center 41800) (Version: 3.8.0.41800.66 - Intel)
Intel Collaborative Processor Performance Control (HKLM-x32\...\0E7DAF70-FB54-4B91-B192-7E771C25AEEB) (Version: 1.0.0.1015 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.0.1428 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4531 - Intel Corporation)
Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology(patch version 3.0.1335.5) (HKLM\...\{302600C1-6BDF-4FD1-1307-148929CC1385}) (Version: 3.1.1307.0362 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.0.1016 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 3.0.0.63463 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{aa2c2346-d0c0-4d3e-9ab1-11a48b4cb9f3}) (Version: 19.20.3 - Intel Corporation)
IrfanView 4.44 (64-bit) (HKLM\...\IrfanView64) (Version: 4.44 - Irfan Skiljan)
iTunes (HKLM\...\{24607015-8D34-4AF3-9092-AC83847AE073}) (Version: 12.7.1.14 - Apple Inc.)
Java 8 Update 131 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180131F0}) (Version: 8.0.1310.11 - Oracle Corporation)
Kodi (HKU\S-1-5-21-3483465479-2191358556-2575146349-1001\...\Kodi) (Version: - XBMC-Foundation)
Kodi (HKU\S-1-5-21-3483465479-2191358556-2575146349-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11252017153623864\...\Kodi) (Version: - XBMC-Foundation)
Kodi (HKU\S-1-5-21-3483465479-2191358556-2575146349-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11252017153636693\...\Kodi) (Version: - XBMC-Foundation)
Malwarebytes Version 3.3.1.2183 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.3.1.2183 - Malwarebytes)
MergeModule_x64 (HKLM\...\{20E0665F-E4EE-4E2A-8E86-EFC65129FE41}) (Version: 8.0.00 - Sony Corporation) Hidden
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4454.1510 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3483465479-2191358556-2575146349-1001\...\OneDriveSetup.exe) (Version: 17.3.7076.1026 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3483465479-2191358556-2575146349-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11252017153623864\...\OneDriveSetup.exe) (Version: 17.3.7076.1026 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3483465479-2191358556-2575146349-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11252017153636693\...\OneDriveSetup.exe) (Version: 17.3.7076.1026 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3483465479-2191358556-2575146349-1006-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-11252017154055264\...\OneDriveSetup.exe) (Version: 17.3.6998.0830 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3483465479-2191358556-2575146349-1006-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11252017153624282\...\OneDriveSetup.exe) (Version: 17.3.6998.0830 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3483465479-2191358556-2575146349-1006-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11252017153638490\...\OneDriveSetup.exe) (Version: 17.3.6998.0830 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{402ED4A1-8F5B-387A-8688-997ABF58B8F2}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24212 (HKLM-x32\...\{462f63a8-6347-4894-a1b3-dbfe3a4c981d}) (Version: 14.0.24212.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
NFC Connection Utility (HKLM\...\{F3FC1B12-45AA-4ACE-AD9F-DFD87BE9457E}) (Version: 1.0.0.14100 - Sony Corporation)
NXPProximityInstaller (HKLM-x32\...\NXPProximityInstaller) (Version: 6.3.1.0 - NXP Semiconductors)
PlayMemories Home (HKLM-x32\...\{4C93E894-BE17-463B-A789-4CAB706987A0}) (Version: 8.0.21.11211 - Sony Corporation)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9600.28145 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6895 - Realtek Semiconductor Corp.)
Remote Keyboard (HKLM-x32\...\{6466EF6E-700E-470F-94CB-D0050302C84E}) (Version: 1.2.0.09270 - Sony Corporation) Hidden
Restore (HKLM-x32\...\{ECCEB4D0-7080-4F8A-B498-E40A32A4FBED}) (Version: 1.0.0 - Sony Corporation) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
Skype™ 7.3 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.3.101 - Skype Technologies S.A.)
SOHLib for PlayMemories Home (HKLM\...\{CBA577D0-C972-4A26-B948-A315DF3ECE0E}) (Version: 1.0.1.11110 - Sony Corporation) Hidden
SSLx64 (HKLM\...\{312395BC-7CC2-434C-A660-30250276A926}) (Version: 1.0.0 - Sony Corporation ) Hidden
SSLx86 (HKLM-x32\...\{63C43435-F428-42BA-8E7B-5848749D9262}) (Version: 1.0.0 - Sony Corporation ) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.0.15.2 - Synaptics Incorporated)
VAIO - Remote-Tastatur (HKLM-x32\...\{7396FB15-9AB4-4B78-BDD8-24A9C15D2C65}) (Version: 1.2.0.09270 - Sony Corporation)
VAIO - Remote-Tastatur mit PlayStation®3 (HKLM-x32\...\{E682702C-609C-4017-99E7-3129C163955F}) (Version: 1.2.1.05220 - Sony Corporation)
VAIO - Xperia Link (HKLM-x32\...\{D91558BF-D1F3-411F-AEFE-8774CB406512}) (Version: 1.4.0.15030 - Sony Corporation)
VAIO BIOS Data Transfer Utility (HKLM-x32\...\{5D772F4A-53DE-4E1F-83F5-B08DFF106C60}) (Version: 1.0.0.02050 - Sony Corporation) Hidden
VAIO Care (HKLM\...\{9C4E9490-3862-4EE0-90E6-C2457B67CD5F}) (Version: 8.4.6.05116 - Sony Corporation)
VAIO Care Recovery (HKLM\...\{15B9204E-BA09-485E-8F2C-094AC0077664}) (Version: 1.1.2.13230 - Sony Corporation)
VAIO Care-Hardwarediagnose-Plugin (HKLM-x32\...\{EC153498-00E1-4C9C-89BE-81527C6750BE}) (Version: 4.8.0.13250 - Sony Corporation)
VAIO Control Center (HKLM-x32\...\{8E797841-A110-41FD-B17A-3ABC0641187A}) (Version: 6.2.12.13060 - Sony Corporation)
VAIO Data Restore Tool (HKLM-x32\...\{57B955CE-B5D3-495D-AF1B-FAEE0540BFEF}) (Version: 1.11.0.13250 - Sony Corporation)
VAIO Easy Connect (HKLM-x32\...\{7C80D30A-AC02-4E3F-B95D-29F0E4FF937B}) (Version: 8.4.4.07220 - Sony Corporation) Hidden
VAIO Gesture Control (HKLM-x32\...\{692955F2-DE9F-4078-8FAA-858D6F3A1776}) (Version: 2.2.0.01230 - Sony Corporation)
VAIO Gesture Control (HKLM-x32\...\{9CE67959-AF22-4D93-8D49-CB73F015628E}) (Version: 2.2.0.01230 - Sony Corporation) Hidden
VAIO Image Optimizer (HKLM-x32\...\{5597C927-029A-46A7-A0C0-8DABD9891A50}) (Version: 3.1.00.14260 - Sony Corporation) Hidden
VAIO Image Optimizer (HKLM-x32\...\InstallShield_{5597C927-029A-46A7-A0C0-8DABD9891A50}) (Version: 3.3.00.10220 - Sony Corporation)
VAIO Improvement (HKLM-x32\...\{3A26D9BD-0F73-432D-B522-2BA18138F7EF}) (Version: 2.2.0.01240 - Sony Corporation)
VAIO Movie Creator (HKLM-x32\...\{C2CC5822-32E6-4D21-88EA-DE8CED09EE2F}) (Version: 4.1.01.15140 - Sony Corporation) Hidden
VAIO Movie Creator (HKLM-x32\...\InstallShield_{C2CC5822-32E6-4D21-88EA-DE8CED09EE2F}) (Version: 4.3.01.11140 - Sony Corporation)
VAIO Sample Music (HKLM-x32\...\{FBEE3D44-0933-4B84-BB6A-49957F89187F}) (Version: 1.0.0.03051 - Sony Corporation)
VAIO Update (HKLM-x32\...\{9FF95DA2-7DA1-4228-93B7-DED7EC02B6B2}) (Version: 7.2.0.16270 - Sony Corporation)
VAIO CPU-Lüfterdiagnose (HKLM-x32\...\{BCE6E3D7-B565-4E1B-AC77-F780666A35FB}) (Version: 1.2.0.03050 - Sony Corporation)
VAIO-Support für Übertragungen (HKLM-x32\...\{5DDAFB4B-C52E-468A-9E23-3B0CEEB671BF}) (Version: 1.9.0.11060 - Sony Corporation)
VCCMMX64 (HKLM\...\{606DF716-F28D-4449-B0B1-3AB6081F51AF}) (Version: 1.0.0 - Sony Corporation) Hidden
VCCMMx64 (HKLM\...\{B812401D-BAB2-4E33-9AC7-9862BC8CAF64}) (Version: 1.0.0 - Sony Corporation) Hidden
VCCMMX86 (HKLM-x32\...\{BC3FFCF0-3DB7-47D2-BF15-1979AB59D12B}) (Version: 1.0.0 - Sony Corporation) Hidden
VCCMMx86 (HKLM-x32\...\{CC87BAAD-AA25-4727-9B7C-E0876722B784}) (Version: 1.0.0 - Sony Corporation) Hidden
VCCx64 (HKLM\...\{25ECAFCB-DCFB-4FCE-A5B2-772A57F59860}) (Version: 1.0.0 - Sony Corporation) Hidden
VCCx64 (HKLM\...\{AB447E3B-7A95-4CA6-8ECD-B25C96314B67}) (Version: 1.0.0 - Sony Corporation) Hidden
VCCx86 (HKLM-x32\...\{AFDC0CC0-39E8-42C0-9823-2C1C182676DC}) (Version: 1.0.0 - Sony Corporation) Hidden
VCCx86 (HKLM-x32\...\{B31938C7-7E97-49EE-8F88-951E156268A3}) (Version: 1.0.0 - Sony Corporation) Hidden
VHD (HKLM-x32\...\{9D8112DB-3490-4BF1-AAFA-1D224FFB5D3C}) (Version: 1.0.0 - Sony Corporation) Hidden
Virtual COM Port Driver (HKLM-x32\...\{9853299F-7AD8-4560-9896-60650BD8ACBF}) (Version: 1.3.1 - STMicroelectronics) Hidden
Virtual COM Port Driver (HKLM-x32\...\InstallShield_{9853299F-7AD8-4560-9896-60650BD8ACBF}) (Version: 1.3.1 - STMicroelectronics)
VIx64 (HKLM\...\{D55EAC07-7207-44BD-B524-0F063F327743}) (Version: 1.0.0 - Sony Corporation) Hidden
VIx86 (HKLM-x32\...\{D17C2A58-E0EA-4DD7-A2D6-C448FD25B6F6}) (Version: 1.0.0 - Sony Corporation) Hidden
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.6 - VideoLAN)
VPMx64 (HKLM\...\{DBEAA361-F8A4-4298-B41C-9E9DCB9AAB84}) (Version: 1.0.0 - Sony Corporation ) Hidden
VSSTx64 (HKLM\...\{4F31AC31-0A28-4F5A-8416-513972DA1F79}) (Version: 1.0.0 - Sony Corporation ) Hidden
VSSTx86 (HKLM-x32\...\{B24BB74E-8359-43AA-985A-8E80C9219C70}) (Version: 1.0.0 - Sony Corporation) Hidden
VUx64 (HKLM\...\{A0A2BE14-D3FF-41C8-9545-4B130E3FE9A4}) (Version: 1.2.0 - Sony Corporation) Hidden
VUx86 (HKLM-x32\...\{D04F1D22-4A47-42C6-A2B9-094A7B844D9B}) (Version: 1.2.0 - Sony Corporation) Hidden
VWSTx86 (HKLM-x32\...\{B8991D99-88FD-41F2-8C32-DB70278D5C30}) (Version: 1.0.0 - Sony Corporation) Hidden
WinRAR 5.40 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.40.0 - win.rar GmbH)
WISO steuer:Sparbuch 2017 (HKLM-x32\...\{F8264AEF-35B2-466B-B1E5-14EE6064B079}) (Version: 24.03.1518 - Buhl Data Service GmbH)
XperiaLinkx86 (HKLM-x32\...\{EE402ACB-8269-4E44-9CA1-D81FDC4B4545}) (Version: 1.0.0 - Sony Corporation) Hidden
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
CustomCLSID: HKU\S-1-5-21-3483465479-2191358556-2575146349-1001_Classes\CLSID\{9E506282-69D3-5ABA-9C1D-15994B37F4AC}\InprocServer32 -> C:\Program Files (x86)\Intel\IntelAppStore\bin\npAppUp_x64.dll (Intel)
CustomCLSID: HKU\S-1-5-21-3483465479-2191358556-2575146349-1001_Classes\CLSID\{9E506282-69D3-5ABA-9C1D-15994B37F4AD}\InprocServer32 -> C:\Program Files (x86)\Intel\IntelAppStore\bin\npAppUp_x64.dll (Intel)
ContextMenuHandlers1: [IcecreamShellExtension] -> {A8B59160-93EA-4303-9192-AA3C64FDBE31} => C:\Program Files (x86)\Icecream PDF Split and Merge\x64\IcecreamShell64.dll [2016-12-29] (TODO: <Company name>)
ContextMenuHandlers1: [PhotoStreamsExt] -> {89D984B3-813B-406A-8298-118AFA3A22AE} => C:\Program Files\Common Files\Apple\Internet Services\ShellStreams64.dll [2017-10-19] (Apple Inc.)
ContextMenuHandlers1: [Shell Extension for Malware scanning] -> {45AC2688-0253-4ED8-97DE-B5370FA7D48A} => C:\Program Files (x86)\Avira\Antivirus\shlext64.dll [2017-11-18] (Avira Operations GmbH & Co. KG)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-08-14] (Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-08-14] (Alexander Roshal)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-11-01] (Malwarebytes)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> Keine Datei
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2016-11-01] (Intel Corporation)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-11-01] (Malwarebytes)
ContextMenuHandlers6: [Shell Extension for Malware scanning] -> {45AC2688-0253-4ED8-97DE-B5370FA7D48A} => C:\Program Files (x86)\Avira\Antivirus\shlext64.dll [2017-11-18] (Avira Operations GmbH & Co. KG)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-08-14] (Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-08-14] (Alexander Roshal)
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {032D406B-9A10-4558-A247-B196C13E4838} - System32\Tasks\AutoKMS => C:\WINDOWS\AutoKMS.exe
Task: {07A37E19-5965-40B6-AC9B-62866531F867} - System32\Tasks\Sony Corporation\VAIO Control Center\NetworkSetting\NetworkSetting Logon Start => C:\Program Files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkClient
Task: {088082DF-6E31-4DC5-B65C-FB3C2FA65EFE} - System32\Tasks\Sony Corporation\VAIO Care\VKSvcDaily => C:\Program Files\Sony\VAIO Care\VAIOTM\VKSvc.exe [2017-04-19] (Sony Corporation)
Task: {09172E18-AD72-436A-9B3A-9C3AE10D2616} - System32\Tasks\Sony Corporation\VAIO Care\VCRLog => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2017-05-15] (Sony Corporation)
Task: {0A0E6B7C-C784-4CD0-910A-728797BC8493} - System32\Tasks\Sony Corporation\Sony Home Network Library\SOHLib SOHDms => C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe [2013-11-07] (Sony Corporation)
Task: {0A7DB203-FA16-43E0-A3B4-0225E5E712AE} - System32\Tasks\Sony Corporation\VAIO Care\VTSvc => C:\Program Files\Sony\VAIO Care\VAIOTM\VTSvc.exe [2017-04-19] (Sony Corporation)
Task: {0E737322-05C2-4FB7-B878-72E87A77B182} - System32\Tasks\Sony Corporation\VAIO Care\UpdateSolution => C:\Program Files\Sony\VAIO Care\Solution.Updater.exe [2017-05-15] (Sony Corporation)
Task: {156DDDFB-900D-406F-A6A8-8D40CB749DD1} - System32\Tasks\Avira_Antivirus_Systray => C:\Program Files (x86)\Avira\Antivirus\avgnt.exe [2017-11-18] (Avira Operations GmbH & Co. KG)
Task: {1733A098-3F38-45F4-88E5-E3FD2925908E} - System32\Tasks\Sony Corporation\NFC Connection Utility\NFC Logon Start => C:\Program Files\Sony\NFC Connection Utility\NFCConnectionUtility.exe [2014-02-11] (Sony Corporation)
Task: {235AAD07-75C3-4C73-82E0-081FA04B0F3B} - System32\Tasks\Sony Corporation\VAIO Care\UploadPOT => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2017-05-15] (Sony Corporation)
Task: {2D1BBC51-0CE6-4F2D-85FE-776407E58838} - System32\Tasks\Sony Corporation\VAIO Care\CheckSystemInfo => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2017-05-15] (Sony Corporation)
Task: {2F18DDEE-9C8E-4F7E-B68C-97E55EDC0DA8} - System32\Tasks\Clientlizenzdienst(ClipSVC)Mobile => C:\Program Files (x86)\nodejs\node.exe [2017-05-02] (Node.js)
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\WINDOWS\System32\AutoWorkplace.exe
Task: {3B35DA12-DE65-4903-9601-A045C74AADF4} - System32\Tasks\Sony Corporation\VAIO Improvement\VAIOImprovementUploader => C:\Program Files\Sony\VAIO Improvement\viuploader.exe [2013-01-24] (Sony Corporation)
Task: {4D63B5A4-1940-494C-9E9E-C3B8683D1E62} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-09-27] (Adobe Systems Incorporated)
Task: {5449D0AD-1BD9-43A5-BB7F-3C26BCE131C8} - System32\Tasks\AutoKMSDaily => C:\WINDOWS\AutoKMS.exe
Task: {6BF77954-5443-4123-BD34-0AC30E22519F} - System32\Tasks\Sony Corporation\VAIO Update\VAIO Update => C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe [2016-04-25] (Sony Corporation)
Task: {6D44DF52-296A-4290-80F8-F29478BF965F} - System32\Tasks\Avira SystrayStartTrigger => Avira.SystrayStartTrigger.exe
Task: {731820B3-78E1-4E12-B41F-6FABF2596874} - System32\Tasks\Sony Corporation\Sony Home Network Library\SOHLib TaskTray => C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SHTtray.exe [2013-09-12] (Sony Corporation)
Task: {75BFA5A2-9106-4B43-BCA6-6F03DA54C2A8} - System32\Tasks\Sony Corporation\VAIO Control Center\VAIOControlCenterSystem => C:\Program Files (x86)\Sony\VAIO Control Center\vim.exe [2014-11-17] (Sony Corporation)
Task: {7982693B-13B2-4382-810A-311F970E1580} - System32\Tasks\Sony Corporation\Xperia Link\Xperia Link Logon Start => C:\Program Files (x86)\Sony\Xperia Link\Xperia Link.exe [2016-03-04] (Sony Corporation)
Task: {7EFBE56F-B0BE-492D-A745-4AB238FE69CF} - System32\Tasks\CoolKiller => C:\WINDOWS\system32\rundll32.exe "C:\Program Files\CoolKiller\CoolKiller.dll",mUjnBIANGCsu <==== ACHTUNG
Task: {92C0956C-5CA6-4BEE-9BBB-6E8475A0743E} - System32\Tasks\Sony Corporation\VAIO Care\VKSvcWeekly => C:\Program Files\Sony\VAIO Care\VAIOTM\VKSvc.exe [2017-04-19] (Sony Corporation)
Task: {92D374A6-7389-4DA4-AD28-B00928A40C43} - System32\Tasks\Sony Corporation\VAIO Care\DeployCRMflag => C:\Program Files\Sony\VAIO Care\DeployCRMflag.exe [2017-05-15] (Sony Corporation)
Task: {95EB3228-D684-43A0-A145-D6C71C6E46DE} - \OfficeSoftwareProtectionPlatform\SvcRestartTask -> Keine Datei <==== ACHTUNG
Task: {9A0E0C05-29E0-4943-826D-C714DF31C624} - System32\Tasks\Sony Corporation\VAIO Care\ActiveStatusCollect => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2017-05-15] (Sony Corporation)
Task: {9A7AB5FA-8B68-4455-A598-C625E617BBB8} - System32\Tasks\Sony Corporation\VAIO Care\VCOneClick => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2017-05-15] (Sony Corporation)
Task: {9A7F6397-8E10-4344-9ABA-4DA72F9E1BB4} - System32\Tasks\updater => C:\Program Files (x86)\devnull\NetAdapterUpdate\updater.exe
Task: {9C11A6D9-6FF0-467B-98BF-05F6D81DFFBD} - System32\Tasks\Sony Corporation\VAIO Care\GetPOTInfo => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2017-05-15] (Sony Corporation)
Task: {9D38DE1F-95D3-4DFF-A6B1-7D9913C5B371} - System32\Tasks\Sony Corporation\VAIO Care\VCCheckIolo => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2017-05-15] (Sony Corporation)
Task: {A0F06AC5-F898-4D38-BF28-709FE6197DB4} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2017-07-24] (Apple Inc.)
Task: {A969B346-A1E8-491B-B3E3-19109A1F636B} - System32\Tasks\Sony Corporation\VAIO Gesture Control\VCGULogonTask => C:\Program Files (x86)\Sony\VAIO Camera Gesture Utility\VCGU.exe [2013-01-23] (Sony Corporation)
Task: {AB4433F9-DAD7-4AAD-89B2-C64F3342633C} - System32\Tasks\Sony Corporation\VAIO Hardware Diagnostics\VHDInformationCheck => C:\Program Files (x86)\Sony\VAIO Recovery\plugins\InformationCheck.exe [2013-01-25] (Sony Corporation)
Task: {B4B41936-ACE9-433F-BA0D-4B2E9FFC5805} - System32\Tasks\Sony Corporation\VAIO Control Center\VAIO Capture\VAIO Clip => C:\Program Files (x86)\Sony\VAIO Control Center\VAIO Clip.exe [2013-12-09] (Sony Corporation)
Task: {B65149E4-C865-4E82-9069-566B492615AE} - System32\Tasks\EPSON XP-520 Series Update {AA49A6FF-529B-4F6B-95BC-379A9FC14BB3} => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSNPE.EXE [2013-11-22] (SEIKO EPSON CORPORATION)
Task: {B6CCDD7D-07EB-4E0F-A888-79A81AFC05A2} - \Microsoft\Windows\UNP\RunCampaignManager -> Keine Datei <==== ACHTUNG
Task: {B8EE1B23-260C-41D9-9457-559EF9907168} - System32\Tasks\Sony Corporation\VAIO Care\VAIO Care => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2017-05-15] (Sony Corporation)
Task: {C2DFDAC6-2DC5-43AC-B3C3-189687A656FC} - System32\Tasks\Sony Corporation\VAIO Care\VCMetrics => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2017-05-15] (Sony Corporation)
Task: {C314B97F-35D1-4129-B36B-138FBF48C098} - System32\Tasks\Sony Corporation\VAIO Control Center\Level4Daily => C:\Program Files (x86)\Sony\VAIO Control Center\WBCBatteryCare.exe [2013-03-15] (Sony Corporation)
Task: {CB55C1E1-DB58-4EEB-BE76-8A6432FA8220} - System32\Tasks\EPSON XP-520 Series Update {6B85294F-9774-45F0-A6EF-A7293D977B0D} => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSNPE.EXE [2013-11-22] (SEIKO EPSON CORPORATION)
Task: {CE6BC97F-68EB-4782-B43B-59D763DE5FE6} - System32\Tasks\CreateChoiceProcessTask => C:\Windows\BrowserChoice\browserchoice.exe
Task: {D0A2D1F0-ADAA-4DAA-9099-05235CA3F2D6} - System32\Tasks\Sony Corporation\VAIO Control Center\VAIOControlCenterUser => C:\Program Files (x86)\Sony\VAIO Control Center\vim.exe [2014-11-17] (Sony Corporation)
Task: {D50C369F-E633-41BD-A7F6-39B50416AAFE} - System32\Tasks\Sony Corporation\VAIO Update\VAIO Update Self Repair => C:\Program Files\Sony\VAIO Update\VUSR.exe [2016-03-31] (Sony Corporation)
Task: {D58D3F8A-80D9-47BE-87F0-87BE1E8D15F5} - System32\Tasks\Sony Corporation\VAIO Care\VTUsr => C:\Program Files\Sony\VAIO Care\VAIOTM\VTUsr.exe [2017-04-19] (Sony Corporation)
Task: {EA390447-42D0-42BA-893F-0BAC71CA70D3} - System32\Tasks\Sony Corporation\VAIO Control Center\Level4Month => C:\Program Files (x86)\Sony\VAIO Control Center\WBCBatteryCare.exe [2013-03-15] (Sony Corporation)
Task: {FD11A334-379C-47A6-88CF-740BC3493916} - System32\Tasks\Sony Corporation\VAIO Update\Launch Application => C:\Program Files\SONY\VAIO Update\ShellExeProxy.exe [2016-03-31] (Sony Corporation)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\WINDOWS\Tasks\AutoKMS.job => C:\WINDOWS\AutoKMS.exe
Task: C:\WINDOWS\Tasks\AutoKMSDaily.job => C:\WINDOWS\AutoKMS.exe
Task: C:\WINDOWS\Tasks\EPSON XP-520 Series Update {6B85294F-9774-45F0-A6EF-A7293D977B0D}.job => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSNPE.EXE:/EXE:{6B85294F-9774-45F0-A6EF-A7293D977B0D} /F:UpdateWORKGROUP\FREDDY_LAPTOP$ĊSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi
Task: C:\WINDOWS\Tasks\EPSON XP-520 Series Update {AA49A6FF-529B-4F6B-95BC-379A9FC14BB3}.job => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSNPE.EXE:/EXE:{AA49A6FF-529B-4F6B-95BC-379A9FC14BB3} /F:UpdateWORKGROUP\FREDDY_LAPTOP$ĊSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi
Task: C:\WINDOWS\Tasks\Synaptics TouchPad Enhancements.job => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
==================== Verknüpfungen & WMI ========================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2017-09-29 14:41 - 2017-09-29 14:41 - 000184432 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll
2016-11-17 01:28 - 2016-11-17 01:28 - 000092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2017-10-18 23:51 - 2017-10-18 23:51 - 001356088 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2013-09-05 00:17 - 2013-09-05 00:17 - 004300456 _____ () C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2017-09-29 14:42 - 2017-09-30 15:36 - 011044864 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2017-09-29 14:42 - 2017-09-30 15:36 - 001804288 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2017-11-12 10:35 - 2017-11-12 10:35 - 000087552 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.8.487.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2017-11-12 10:35 - 2017-11-12 10:35 - 000206336 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.8.487.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2017-11-12 10:35 - 2017-11-12 10:35 - 025461760 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.8.487.0_x64__kzf8qxf38zg5c\SkyWrap.dll
2017-11-11 14:05 - 2017-11-11 14:05 - 002552832 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.8.487.0_x64__kzf8qxf38zg5c\skypert.dll
2017-11-25 15:35 - 2017-11-01 08:55 - 002299344 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\SelfProtectionSdk.dll
2017-11-25 15:35 - 2017-11-01 08:54 - 002358736 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MwacLib.dll
2017-11-11 14:06 - 2017-11-11 14:07 - 000061952 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11710.1001.27.0_x64__8wekyb3d8bbwe\WinStoreTasksWrapper.dll
2013-08-08 11:09 - 2013-04-02 14:02 - 001199576 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2017-09-29 14:46 - 2013-08-22 14:25 - 000000824 _____ C:\WINDOWS\system32\Drivers\etc\hosts
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11252017153623789\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
HKU\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11252017153635523\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
HKU\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11252017153623831\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
HKU\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11252017153636581\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
HKU\S-1-5-21-3483465479-2191358556-2575146349-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Sony\VAIO 13 img1 Wallpaper 1920x1080.jpg
HKU\S-1-5-21-3483465479-2191358556-2575146349-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11252017153623864\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Sony\VAIO 13 img1 Wallpaper 1920x1080.jpg
HKU\S-1-5-21-3483465479-2191358556-2575146349-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11252017153636693\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Sony\VAIO 13 img1 Wallpaper 1920x1080.jpg
HKU\S-1-5-21-3483465479-2191358556-2575146349-1006-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-11252017154055264\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\web\wallpaper\Windows\img0.jpg
HKU\S-1-5-21-3483465479-2191358556-2575146349-1006-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11252017153624282\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\web\wallpaper\Windows\img0.jpg
HKU\S-1-5-21-3483465479-2191358556-2575146349-1006-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11252017153638490\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\web\wallpaper\Windows\img0.jpg
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Warn)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
HKLM\...\StartupApproved\StartupFolder: => "McAfee Parental Controls.lnk"
HKLM\...\StartupApproved\Run32: => "mcpltui_exe"
HKU\S-1-5-21-3483465479-2191358556-2575146349-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-3483465479-2191358556-2575146349-1001\...\StartupApproved\Run: => "Skype"
HKU\S-1-5-21-3483465479-2191358556-2575146349-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11252017153623864\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-3483465479-2191358556-2575146349-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11252017153623864\...\StartupApproved\Run: => "Skype"
HKU\S-1-5-21-3483465479-2191358556-2575146349-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11252017153636693\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-3483465479-2191358556-2575146349-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11252017153636693\...\StartupApproved\Run: => "Skype"
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [TCP Query User{A6AD4D0D-3212-42EB-BC6F-927C5784A533}C:\program files\sony\vaio care\vcsystemtray.exe] => (Allow) C:\program files\sony\vaio care\vcsystemtray.exe
FirewallRules: [UDP Query User{EC1FB4D4-7051-4BC5-936F-FBEEDD4AA16F}C:\program files\sony\vaio care\vcsystemtray.exe] => (Allow) C:\program files\sony\vaio care\vcsystemtray.exe
==================== Wiederherstellungspunkte =========================
ACHTUNG: Systemwiederherstellung ist deaktiviert
==================== Fehlerhafte Geräte im Gerätemanager =============
Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (11/25/2017 03:34:37 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: Die Open-Prozedur für den Dienst "BITS" in der DLL "C:\Windows\System32\bitsperf.dll" war nicht erfolgreich. Die Leistungsdaten für diesen Dienst sind nicht verfügbar. Die ersten vier Bytes (DWORD) des Datenbereichs enthalten den Fehlercode.
Error: (11/25/2017 02:10:47 PM) (Source: ESENT) (EventID: 454) (User: )
Description: DllHost (10844,U,0) Internet_NOEDP_LEGACY_IDB: Unerwarteter Fehler "-1216" bei der Datenbankwiederherstellung.
Error: (11/25/2017 02:10:47 PM) (Source: ESENT) (EventID: 494) (User: )
Description: DllHost (10844,U,0) Internet_NOEDP_LEGACY_IDB: Fehler -1216 bei der Datenbankwiederherstellung, da Verweise auf die Datenbank "C:\Users\Freddy\AppData\Local\Microsoft\Internet Explorer\Indexed DB\Internet.edb" festgestellt wurden, die nicht mehr vorhanden ist. Die Datenbank wurde nicht sauber heruntergefahren, bevor sie entfernt (oder möglicherweise verschoben oder umbenannt) wurde. Das Datenbankmodul lässt den Abschluss der Wiederherstellung für diese Instanz erst dann zu, wenn die fehlende Datenbank wieder verfügbar gemacht wird. Wenn die Datenbank tatsächlich nicht mehr verfügbar oder nicht mehr erforderlich ist, finden Sie Informationen zum Beheben dieses Fehlers in der Microsoft Knowledge Base oder unter dem Link "Weitere Informationen" am Ende dieser Meldung.
Error: (11/19/2017 09:03:29 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: Die Open-Prozedur für den Dienst "BITS" in der DLL "C:\Windows\System32\bitsperf.dll" war nicht erfolgreich. Die Leistungsdaten für diesen Dienst sind nicht verfügbar. Die ersten vier Bytes (DWORD) des Datenbereichs enthalten den Fehlercode.
Error: (11/18/2017 03:16:47 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: Die Open-Prozedur für den Dienst "BITS" in der DLL "C:\Windows\System32\bitsperf.dll" war nicht erfolgreich. Die Leistungsdaten für diesen Dienst sind nicht verfügbar. Die ersten vier Bytes (DWORD) des Datenbereichs enthalten den Fehlercode.
Error: (11/18/2017 02:50:38 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 274875
Error: (11/18/2017 02:50:38 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 274875
Error: (11/18/2017 02:50:38 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (11/18/2017 02:50:22 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 259250
Error: (11/18/2017 02:50:22 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 259250
Systemfehler:
=============
Error: (11/25/2017 03:33:50 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\Lokaler Dienst" (SID: S-1-5-19) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
und der APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.
Error: (11/25/2017 03:33:50 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\Lokaler Dienst" (SID: S-1-5-19) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
und der APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.
Error: (11/25/2017 03:33:50 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\Lokaler Dienst" (SID: S-1-5-19) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
und der APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.
Error: (11/25/2017 03:33:50 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\Lokaler Dienst" (SID: S-1-5-19) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
und der APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.
Error: (11/25/2017 03:33:50 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\Lokaler Dienst" (SID: S-1-5-19) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
und der APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.
Error: (11/25/2017 03:33:50 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\Lokaler Dienst" (SID: S-1-5-19) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
und der APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.
Error: (11/25/2017 03:33:17 PM) (Source: DCOM) (EventID: 10010) (User: NT-AUTORITÄT)
Description: Der Server "{78FD0120-D39C-45D8-A9BE-2B802B3C23E5}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
Error: (11/25/2017 03:33:16 PM) (Source: DCOM) (EventID: 10010) (User: NT-AUTORITÄT)
Description: Der Server "{78FD0120-D39C-45D8-A9BE-2B802B3C23E5}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
Error: (11/25/2017 03:32:50 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Sony Digital Media Server" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (11/25/2017 03:32:50 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "SynTPEnh Caller Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
CodeIntegrity:
===================================
Date: 2017-11-25 15:40:21.951
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume5\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.
Date: 2017-11-25 15:40:21.948
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume5\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.
Date: 2017-11-25 15:40:20.729
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume5\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.
Date: 2017-11-25 15:40:20.726
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume5\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.
Date: 2017-11-25 15:39:58.487
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume5\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.
Date: 2017-11-25 15:39:58.483
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume5\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.
Date: 2017-11-25 15:38:52.672
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume5\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.
Date: 2017-11-25 15:38:52.479
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume5\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.
Date: 2017-11-25 15:38:40.813
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume5\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.
Date: 2017-11-25 15:38:40.575
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume5\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.
==================== Speicherinformationen ===========================
Prozessor: Intel(R) Core(TM) i5-4200U CPU @ 1.60GHz
Prozentuale Nutzung des RAM: 49%
Installierter physikalischer RAM: 4002.87 MB
Verfügbarer physikalischer RAM: 2030.94 MB
Summe virtueller Speicher: 6178.87 MB
Verfügbarer virtueller Speicher: 3615.48 MB
==================== Laufwerke ================================
Drive c: () (Fixed) (Total:102.79 GB) (Free:45.18 GB) NTFS
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (Size: 119.2 GB) (Disk ID: BA336E2C)
Partition: GPT.
==================== Ende von Addition.txt ============================
|
|
25.11.2017, 17:45
| #5 |
| /// TB-Ausbilder | windows10: AVIRA meldet Trojaner-Fund Servus, Schritt 1
Schritt 2
Schritt 3
Bitte poste mit deiner nächsten Antwort
|
|
25.11.2017, 18:15
| #6 |
| | windows10: AVIRA meldet Trojaner-Fund Hallo, habe die 3 von dir beschriebenen Schritte durchgeführt. Anbei die 4 Logdateien von FRST (fixlog, Search, FRST, Addition) Code:
ATTFilter Entfernungsergebnis von Farbar Recovery Scan Tool (x64) Version: 24-11-2017 01
durchgeführt von Freddy (25-11-2017 17:49:42) Run:1
Gestartet von C:\Users\Freddy\Desktop\Trojan\Programme
Geladene Profile: Freddy & (Verfügbare Profile: Freddy & Lydia)
Start-Modus: Normal
==============================================
fixlist Inhalt:
*****************
CloseProcesses:
CHR HKLM\SOFTWARE\Policies\Google: Beschränkung <==== ACHTUNG
Task: {032D406B-9A10-4558-A247-B196C13E4838} - System32\Tasks\AutoKMS => C:\WINDOWS\AutoKMS.exe
C:\WINDOWS\AutoKMS.exe
Task: {5449D0AD-1BD9-43A5-BB7F-3C26BCE131C8} - System32\Tasks\AutoKMSDaily => C:\WINDOWS\AutoKMS.exe
Task: {95EB3228-D684-43A0-A145-D6C71C6E46DE} - \OfficeSoftwareProtectionPlatform\SvcRestartTask -> Keine Datei <==== ACHTUNG
Task: {B6CCDD7D-07EB-4E0F-A888-79A81AFC05A2} - \Microsoft\Windows\UNP\RunCampaignManager -> Keine Datei <==== ACHTUNG
Task: C:\WINDOWS\Tasks\AutoKMS.job => C:\WINDOWS\AutoKMS.exe
Task: C:\WINDOWS\Tasks\AutoKMSDaily.job => C:\WINDOWS\AutoKMS.exe
CMD: dir "%ProgramFiles%"
CMD: dir "%ProgramFiles(x86)%"
CMD: dir "%ProgramData%"
CMD: dir "%Appdata%"
CMD: dir "%LocalAppdata%"
CMD: dir "%CommonProgramFiles(x86)%"
CMD: dir "%CommonProgramW6432%"
CMD: dir "%UserProfile%"
CMD: dir "C:\"
ExportKey: HKLM\SOFTWARE\Microsoft\Windows Defender\Exclusions
RemoveProxy:
CMD: ipconfig /flushdns
CMD: netsh winsock reset
EmptyTemp:
*****************
Prozesse erfolgreich geschlossen.
HKLM\SOFTWARE\Policies\Google => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{032D406B-9A10-4558-A247-B196C13E4838} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{032D406B-9A10-4558-A247-B196C13E4838} => Schlüssel erfolgreich entfernt
C:\WINDOWS\System32\Tasks\AutoKMS => erfolgreich verschoben
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AutoKMS => Schlüssel erfolgreich entfernt
"C:\WINDOWS\AutoKMS.exe" => nicht gefunden.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{5449D0AD-1BD9-43A5-BB7F-3C26BCE131C8} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5449D0AD-1BD9-43A5-BB7F-3C26BCE131C8} => Schlüssel erfolgreich entfernt
C:\WINDOWS\System32\Tasks\AutoKMSDaily => erfolgreich verschoben
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AutoKMSDaily => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{95EB3228-D684-43A0-A145-D6C71C6E46DE} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{95EB3228-D684-43A0-A145-D6C71C6E46DE} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\OfficeSoftwareProtectionPlatform\SvcRestartTask => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{B6CCDD7D-07EB-4E0F-A888-79A81AFC05A2} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B6CCDD7D-07EB-4E0F-A888-79A81AFC05A2} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UNP\RunCampaignManager => Schlüssel nicht gefunden.
C:\WINDOWS\Tasks\AutoKMS.job => erfolgreich verschoben
C:\WINDOWS\Tasks\AutoKMSDaily.job => erfolgreich verschoben
========= dir "%ProgramFiles%" =========
Volume in Laufwerk C: hat keine Bezeichnung.
Volumeseriennummer: 7C2B-8864
Verzeichnis von C:\Program Files
25.11.2017 15:35 <DIR> .
25.11.2017 15:35 <DIR> ..
31.12.2015 12:41 <DIR> Bonjour
28.10.2017 10:21 <DIR> Common Files
28.10.2017 10:21 <DIR> Intel
30.09.2017 15:35 <DIR> internet explorer
11.11.2017 15:05 <DIR> iPod
26.12.2016 20:39 <DIR> IrfanView
11.11.2017 15:05 <DIR> iTunes
08.08.2013 11:13 <DIR> Java
25.11.2017 15:35 <DIR> Malwarebytes
16.12.2016 23:39 <DIR> mcafee
16.12.2016 22:45 <DIR> McAfeeEx
27.12.2016 12:43 <DIR> Microsoft Office
19.06.2017 07:40 <DIR> Microsoft Silverlight
28.10.2017 08:42 <DIR> MSBuild
01.03.2014 03:54 <DIR> NXPProximityInstaller
28.10.2017 08:57 <DIR> Realtek
28.10.2017 08:42 <DIR> Reference Assemblies
27.08.2017 09:25 <DIR> Sony
28.10.2017 08:57 <DIR> Synaptics
28.10.2017 10:21 <DIR> UNP
30.09.2017 15:34 <DIR> Windows Defender
28.10.2017 08:57 <DIR> Windows Mail
30.09.2017 15:35 <DIR> Windows Media Player
29.09.2017 14:46 <DIR> Windows Multimedia Platform
28.10.2017 09:37 <DIR> windows nt
30.09.2017 15:34 <DIR> Windows Photo Viewer
29.09.2017 14:46 <DIR> Windows Portable Devices
29.09.2017 14:46 <DIR> Windows Security
29.09.2017 14:46 <DIR> WindowsPowerShell
27.12.2016 12:40 <DIR> WinRAR
18.10.2017 22:02 <DIR> {56D3DAAD-8F63-45A7-BFAE-018DFD76CEED}
0 Datei(en), 0 Bytes
33 Verzeichnis(se), 48.337.555.456 Bytes frei
========= Ende von CMD: =========
========= dir "%ProgramFiles(x86)%" =========
Volume in Laufwerk C: hat keine Bezeichnung.
Volumeseriennummer: 7C2B-8864
Verzeichnis von C:\Program Files (x86)
18.11.2017 09:24 <DIR> .
18.11.2017 09:24 <DIR> ..
08.08.2013 11:30 <DIR> Adobe
25.09.2017 06:43 <DIR> Apple Software Update
02.01.2017 15:09 <DIR> Avira
31.12.2015 12:41 <DIR> Bonjour
28.10.2017 10:21 <DIR> Common Files
20.06.2017 08:14 <DIR> EPSON
20.06.2017 08:26 <DIR> Epson Software
03.02.2017 20:47 <DIR> Icecream PDF Split and Merge
17.12.2016 10:26 <DIR> Intel
30.09.2017 15:35 <DIR> Internet Explorer
30.04.2017 09:22 <DIR> Java
20.12.2016 21:44 <DIR> Kodi
27.12.2016 12:43 <DIR> Microsoft Analysis Services
24.07.2017 07:29 <DIR> Microsoft Office
19.06.2017 07:40 <DIR> Microsoft Silverlight
27.12.2016 12:45 <DIR> Microsoft SQL Server Compact Edition
27.12.2016 12:45 <DIR> Microsoft Sync Framework
27.12.2016 12:45 <DIR> Microsoft Synchronization Services
27.12.2016 12:44 <DIR> Microsoft Visual Studio 8
08.08.2013 11:54 <DIR> Microsoft XNA
28.10.2017 10:21 <DIR> Microsoft.NET
28.10.2017 10:21 <DIR> MSBuild
29.06.2017 20:53 <DIR> nodejs
03.01.2017 10:20 <DIR> PDF24
17.12.2016 01:49 <DIR> Realtek
28.10.2017 08:42 <DIR> Reference Assemblies
16.12.2016 23:54 <DIR> Skype
17.12.2016 01:45 <DIR> Sony
17.12.2016 01:49 <DIR> Sony Corporation
05.09.2017 22:56 <DIR> STMicroelectronics
18.11.2017 09:24 <DIR> Telenot
05.11.2017 16:49 <DIR> VideoLAN
02.03.2014 15:58 <DIR> WildGames
30.09.2017 15:34 <DIR> Windows Defender
28.10.2017 08:57 <DIR> Windows Mail
30.09.2017 15:35 <DIR> Windows Media Player
29.09.2017 14:46 <DIR> Windows Multimedia Platform
29.09.2017 14:46 <DIR> windows nt
30.09.2017 15:34 <DIR> Windows Photo Viewer
29.09.2017 14:46 <DIR> Windows Portable Devices
29.09.2017 14:46 <DIR> WindowsPowerShell
27.03.2017 06:25 <DIR> WISO
18.10.2017 22:01 <DIR> {AAAE045A-FC8F-479E-9DD4-4D85D49D0A85}
0 Datei(en), 0 Bytes
45 Verzeichnis(se), 48.337.494.016 Bytes frei
========= Ende von CMD: =========
========= dir "%ProgramData%" =========
Volume in Laufwerk C: hat keine Bezeichnung.
Volumeseriennummer: 7C2B-8864
Verzeichnis von C:\ProgramData
01.03.2014 10:52 <DIR> Adobe
31.12.2015 12:41 <DIR> Apple
31.12.2015 12:42 <DIR> Apple Computer
02.01.2017 15:09 <DIR> Avira
02.03.2014 15:49 <DIR> BlueStacks
27.03.2017 06:26 <DIR> Buhl Data Service GmbH
16.07.2016 12:47 <DIR> Comms
08.08.2013 12:19 <DIR> eBay
20.06.2017 08:26 <DIR> EPSON
03.01.2017 10:26 <DIR> Intel
08.08.2013 11:35 <DIR> Internet Content Filter
17.12.2016 01:46 <DIR> iolo
25.11.2017 15:35 <DIR> Malwarebytes
16.12.2016 23:39 <DIR> McAfee
02.03.2014 16:17 <DIR> McAfee Security Scan
18.11.2017 09:37 <DIR> Microsoft Help
28.10.2017 11:11 <DIR> Microsoft OneDrive
30.04.2017 09:23 <DIR> Oracle
18.11.2017 15:16 <DIR> Package Cache
17.12.2016 10:26 <DIR> PRICache
28.10.2017 10:21 <DIR> regid.1991-06.com.microsoft
08.08.2013 11:07 <DIR> Roaming
16.12.2016 23:54 <DIR> Skype
29.09.2017 14:46 <DIR> SoftwareDistribution
16.01.2016 17:57 <DIR> Sony
17.12.2016 02:15 <DIR> Sony Corporation
19.12.2016 01:18 <DIR> Synaptics
20.06.2017 08:26 <DIR> UDL
28.10.2017 09:43 <DIR> USOPrivate
28.10.2017 09:43 <DIR> USOShared
02.03.2014 15:57 <DIR> WildTangent
30.09.2017 15:36 <DIR> WindowsHolographicDevices
0 Datei(en), 0 Bytes
32 Verzeichnis(se), 48.337.428.480 Bytes frei
========= Ende von CMD: =========
========= dir "%Appdata%" =========
Volume in Laufwerk C: hat keine Bezeichnung.
Volumeseriennummer: 7C2B-8864
Verzeichnis von C:\Users\Freddy\AppData\Roaming
25.11.2017 15:32 <DIR> .
25.11.2017 15:32 <DIR> ..
01.03.2014 10:56 <DIR> Adobe
17.12.2016 14:22 <DIR> Apple Computer
02.01.2017 15:12 <DIR> Avira
27.03.2017 06:26 <DIR> Buhl Data Service
01.07.2017 10:24 <DIR> Epson
11.11.2017 14:47 <DIR> etcher
01.03.2014 19:29 <DIR> Identities
28.02.2014 20:34 <DIR> Intel
02.01.2017 16:06 <DIR> iolo
26.12.2016 20:39 <DIR> IrfanView
06.01.2017 23:26 <DIR> Kodi
01.03.2014 00:20 <DIR> Macromedia
29.06.2017 20:52 <DIR> npm
17.12.2016 14:01 <DIR> Skype
05.11.2017 16:40 <DIR> Sony Corporation
18.11.2017 09:24 <DIR> SumatraPDF
15.01.2017 19:33 <DIR> Sun
05.11.2017 17:57 <DIR> vlc
02.03.2014 15:57 <DIR> WildTangent
27.12.2016 12:40 <DIR> WinRAR
0 Datei(en), 0 Bytes
22 Verzeichnis(se), 48.337.301.504 Bytes frei
========= Ende von CMD: =========
========= dir "%LocalAppdata%" =========
Volume in Laufwerk C: hat keine Bezeichnung.
Volumeseriennummer: 7C2B-8864
Verzeichnis von C:\Users\Freddy\AppData\Local
25.11.2017 15:32 <DIR> .
25.11.2017 15:32 <DIR> ..
01.03.2014 10:56 <DIR> Adobe
31.12.2015 12:41 <DIR> Apple
31.12.2015 12:49 <DIR> Apple Computer
16.01.2016 19:15 <DIR> Apple Inc
02.03.2014 14:50 <DIR> Apps
27.03.2017 06:26 <DIR> Buhl
27.03.2017 06:26 <DIR> Buhl Data Service
17.12.2016 10:47 <DIR> Comms
17.12.2016 11:36 <DIR> ConnectedDevicesPlatform
03.02.2017 20:48 <DIR> CrashRpt
28.06.2017 00:40 <DIR> DBG
28.07.2017 14:34 <DIR> Diagnostics
05.11.2017 18:03 <DIR> ElevatedDiagnostics
03.02.2017 20:48 <DIR> Icecream
28.10.2017 11:09 <DIR> Microsoft
08.02.2017 06:46 <DIR> Microsoft Help
17.12.2016 13:53 <DIR> MicrosoftEdge
17.12.2016 10:51 <DIR> NetworkTiles
05.09.2017 23:01 <DIR> p15g-client
28.10.2017 11:56 <DIR> Packages
03.01.2017 10:31 <DIR> PDF24
12.11.2017 19:28 <DIR> Programs
17.12.2016 10:47 <DIR> Publishers
19.11.2017 14:59 600 PUTTY.RND
17.12.2016 02:49 7.598 resmon.resmoncfg
16.12.2016 23:54 <DIR> Skype
16.01.2016 19:11 <DIR> Sony Corporation
19.12.2016 00:16 <DIR> speech
18.11.2017 09:24 <DIR> Telenot
25.11.2017 17:49 <DIR> Temp
28.10.2017 11:09 <DIR> TileDataLayer
02.06.2017 07:00 <DIR> UNP
28.02.2014 20:34 <DIR> VirtualStore
2 Datei(en), 8.198 Bytes
33 Verzeichnis(se), 48.337.244.160 Bytes frei
========= Ende von CMD: =========
========= dir "%CommonProgramFiles(x86)%" =========
Volume in Laufwerk C: hat keine Bezeichnung.
Volumeseriennummer: 7C2B-8864
Verzeichnis von C:\Program Files (x86)\Common Files
28.10.2017 10:21 <DIR> .
28.10.2017 10:21 <DIR> ..
08.08.2013 11:30 <DIR> Adobe
31.12.2015 12:49 <DIR> Apple
29.12.2016 13:30 <DIR> DESIGNER
05.09.2017 22:56 <DIR> InstallShield
28.10.2017 08:57 <DIR> Intel
30.04.2017 09:22 <DIR> Java
16.12.2016 23:39 <DIR> mcafee
28.10.2017 10:21 <DIR> microsoft shared
08.08.2013 11:09 <DIR> postureAgent
29.09.2017 14:46 <DIR> Services
16.12.2016 23:54 <DIR> Skype
08.08.2013 11:28 <DIR> Sony Shared
30.09.2017 15:34 <DIR> system
0 Datei(en), 0 Bytes
15 Verzeichnis(se), 48.337.182.720 Bytes frei
========= Ende von CMD: =========
========= dir "%CommonProgramW6432%" =========
Volume in Laufwerk C: hat keine Bezeichnung.
Volumeseriennummer: 7C2B-8864
Verzeichnis von C:\Program Files\Common Files
28.10.2017 10:21 <DIR> .
28.10.2017 10:21 <DIR> ..
25.03.2017 12:27 <DIR> Apple
05.01.2017 15:16 <DIR> EPSON
03.01.2017 10:25 <DIR> Intel
16.12.2016 23:39 <DIR> mcafee
28.10.2017 10:21 <DIR> microsoft shared
29.09.2017 14:46 <DIR> Services
08.08.2013 11:26 <DIR> Sony Shared
30.09.2017 15:34 <DIR> system
0 Datei(en), 0 Bytes
10 Verzeichnis(se), 48.352.985.088 Bytes frei
========= Ende von CMD: =========
========= dir "%UserProfile%" =========
Volume in Laufwerk C: hat keine Bezeichnung.
Volumeseriennummer: 7C2B-8864
Verzeichnis von C:\Users\Freddy
19.11.2017 21:02 <DIR> .
19.11.2017 21:02 <DIR> ..
03.02.2017 20:48 <DIR> .Icecream PDF Split and Merge
05.09.2017 21:57 <DIR> .oracle_jre_usage
28.10.2017 11:09 <DIR> 3D Objects
28.10.2017 11:09 <DIR> Contacts
30.04.2017 18:07 <DIR> Dateien
25.11.2017 17:13 <DIR> Desktop
18.11.2017 09:24 <DIR> Documents
28.10.2017 11:09 <DIR> Downloads
18.11.2017 09:23 <DIR> Favorites
12.11.2017 11:17 <DIR> iCloudDrive
17.12.2016 01:48 <DIR> Intel
03.11.2017 06:33 <DIR> Links
28.10.2017 11:09 <DIR> Music
03.11.2017 06:33 <DIR> OneDrive
28.10.2017 11:09 <DIR> Pictures
03.01.2017 10:25 <DIR> Roaming
28.10.2017 11:09 <DIR> Saved Games
05.11.2017 16:26 <DIR> Searches
30.12.2016 15:55 <DIR> Sonstiges
27.12.2016 11:58 0 Sti_Trace.log
05.11.2017 17:16 <DIR> Videos
1 Datei(en), 0 Bytes
22 Verzeichnis(se), 48.352.919.552 Bytes frei
========= Ende von CMD: =========
========= dir "C:\" =========
Volume in Laufwerk C: hat keine Bezeichnung.
Volumeseriennummer: 7C2B-8864
Verzeichnis von C:\
25.11.2017 15:33 <DIR> AdwCleaner
29.06.2017 20:55 <DIR> AppData
02.03.2014 16:17 426 AVScanner.ini
02.01.2017 13:59 <DIR> ESD
25.11.2017 17:49 <DIR> FRST
28.10.2017 09:27 <DIR> Intel
29.06.2017 20:49 <DIR> Microsoft
18.03.2003 20:14 499.712 msvcp71.dll
21.02.2003 04:42 348.160 msvcr71.dll
29.09.2017 14:46 <DIR> PerfLogs
25.11.2017 15:35 <DIR> Program Files
18.11.2017 09:24 <DIR> Program Files (x86)
08.08.2013 11:02 2.243 RHDSetup.log
16.01.2014 01:42 608.032 SecurityScanner.dll
08.08.2013 11:40 <DIR> sources
26.09.2017 08:19 82.810 TDSSKiller.3.1.0.15_26.09.2017_09.18.13_log.txt
27.08.2017 09:26 <DIR> Update
02.03.2014 14:46 <DIR> Upgrade
28.10.2017 11:09 <DIR> Users
01.03.2014 01:43 <DIR> VAIO Entertainment
25.11.2017 15:44 <DIR> Windows
11.11.2017 14:57 <DIR> Windows.old
28.02.2014 21:20 5.631 WirelessDiagLog.csv
7 Datei(en), 1.547.014 Bytes
16 Verzeichnis(se), 48.352.862.208 Bytes frei
========= Ende von CMD: =========
================== ExportKey: ===================
[HKLM\SOFTWARE\Microsoft\Windows Defender\Exclusions]
[HKLM\SOFTWARE\Microsoft\Windows Defender\Exclusions\Extensions]
[HKLM\SOFTWARE\Microsoft\Windows Defender\Exclusions\Paths]
[HKLM\SOFTWARE\Microsoft\Windows Defender\Exclusions\Processes]
[HKLM\SOFTWARE\Microsoft\Windows Defender\Exclusions\TemporaryPaths]
=== Ende von ExportKey ===
========= RemoveProxy: =========
HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => Wert erfolgreich entfernt
HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => Wert erfolgreich entfernt
HKU\S-1-5-21-3483465479-2191358556-2575146349-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => Wert erfolgreich entfernt
HKU\S-1-5-21-3483465479-2191358556-2575146349-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => Wert erfolgreich entfernt
HKU\S-1-5-21-3483465479-2191358556-2575146349-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11252017153623864\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => Wert erfolgreich entfernt
HKU\S-1-5-21-3483465479-2191358556-2575146349-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11252017153623864\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => Wert erfolgreich entfernt
HKU\S-1-5-21-3483465479-2191358556-2575146349-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11252017153636693\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => Wert erfolgreich entfernt
HKU\S-1-5-21-3483465479-2191358556-2575146349-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11252017153636693\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => Wert erfolgreich entfernt
HKU\S-1-5-21-3483465479-2191358556-2575146349-1006-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-11252017154055264\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => Wert erfolgreich entfernt
HKU\S-1-5-21-3483465479-2191358556-2575146349-1006-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-11252017154055264\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => Wert erfolgreich entfernt
HKU\S-1-5-21-3483465479-2191358556-2575146349-1006-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11252017153624282\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => Wert erfolgreich entfernt
HKU\S-1-5-21-3483465479-2191358556-2575146349-1006-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11252017153624282\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => Wert erfolgreich entfernt
HKU\S-1-5-21-3483465479-2191358556-2575146349-1006-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11252017153638490\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => Wert erfolgreich entfernt
HKU\S-1-5-21-3483465479-2191358556-2575146349-1006-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-11252017153638490\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => Wert erfolgreich entfernt
========= Ende von RemoveProxy: =========
========= ipconfig /flushdns =========
Windows-IP-Konfiguration
Der DNS-Aufl”sungscache wurde geleert.
========= Ende von CMD: =========
========= netsh winsock reset =========
Der Winsock-Katalog wurde zurckgesetzt.
Sie mssen den Computer neu starten, um den Vorgang abzuschlieáen.
========= Ende von CMD: =========
=========== EmptyTemp: ==========
BITS transfer queue => 6053888 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 18581004 B
Java, Flash, Steam htmlcache => 988 B
Windows/system/drivers => 2000217 B
Edge => 875027 B
Chrome => 0 B
Firefox => 0 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Default => 6656 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 5714 B
NetworkService => 0 B
Freddy => 122221769 B
Lydia.Freddy_Laptop.000 => 393925 B
RecycleBin => 1593178046 B
EmptyTemp: => 1.6 GB temporäre Dateien entfernt.
================================
Das System musste neu gestartet werden.
==== Ende von Fixlog 17:50:12 ====
Code:
ATTFilter Farbar Recovery Scan Tool (x64) Version: 24-11-2017 01
durchgeführt von Freddy (25-11-2017 17:53:20)
Gestartet von C:\Users\Freddy\Desktop\Trojan\Programme
Start-Modus: Normal
================== Datei-Suche: "SearchAll: AdvinstAnalytics;devnull;AdService;Soci2Sear;DownloadProtect" =============
Datei:
========
Ordner:
========
2017-06-29 20:55 - 2017-06-29 20:55 _____ C:\AppData\Roaming\devnull
Registry:
========
===================== Suchergebnis für "AdvinstAnalytics" ==========
===================== Suchergebnis für "devnull" ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\Program Files (x86)\devnull\"=""
[HKEY_USERS\.DEFAULT\Software\Caphyon\Advanced Updater\{5CD51A71-6B12-48AA-A8C4-525C1D32DC13}]
"C:\Program Files (x86)\devnull\NetAdapterUpdate\updater.exe"="0"
[HKEY_USERS\.DEFAULT\Software\Caphyon\Advanced Updater\{5CD51A71-6B12-48AA-A8C4-525C1D32DC13}\Updates]
"NetAdapterUpdate"="C:\ProgramData\devnull\NetAdapterUpdate\updates\NetAdapterUpdate\NetAdapterUpdate_setup_2.7.1.exe"
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store]
"C:\ProgramData\devnull\NetAdapterUpdate\updates\NetAdapterUpdate\NetAdapterUpdate_setup_2.7.1.exe"="0x5341435001000000000000000700000028000000882DA10070F9A10001000000000000000000000A00210000E63F486B2AA0D20100000080000000000200000028000000000000000000000000000000000000000000000000000000F3A00000000000000100000001000000"
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Layers]
"C:\Program Files (x86)\devnull\NetAdapterUpdate\NetAdapterUpdate.exe"="~ RUNASADMIN"
===================== Suchergebnis für "AdService" ==========
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ActivatableClasses\CLSID\{212A2349-AFBE-B9CF-C321-766E40A5A480}]
"ActivatableClassId"="Analog.EnvironmentsApp.Services.AssetDownloadService"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ActivatableClasses\Package\EnvironmentsApp_10.0.15063.0_neutral__cw5n1h2txyewy\ActivatableClassId\Analog.EnvironmentsApp.Services.AssetDownloadService]
===================== Suchergebnis für "Soci2Sear" ==========
===================== Suchergebnis für "DownloadProtect" ==========
====== Ende von Suche ======
FRST Logfile: Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 24-11-2017 01
durchgeführt von Freddy (Administrator) auf FREDDY_LAPTOP (25-11-2017 18:08:14)
Gestartet von C:\Users\Freddy\Desktop\Trojan\Programme
Geladene Profile: Freddy (Verfügbare Profile: Freddy & Lydia)
Platform: Windows 10 Home Version 1709 16299.64 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: IE)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avguard.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(Seiko Epson Corporation) C:\Windows\System32\escsvc64.exe
(Intel Corporation) C:\Windows\System32\ibtsiva.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Geek Software GmbH) C:\Program Files (x86)\PDF24\pdf24.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgr.exe
(Sony Corporation) C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgrSub.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgrSub.exe
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\SUSSoundProxy.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.8.487.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkClient.exe
(Microsoft Corporation) C:\Program Files\internet explorer\iexplore.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VAIOTM\VTSvc.exe
(Sony Corporation) C:\Program Files\Sony\NFC Connection Utility\NFCConnectionUtility.exe
(Sony Corporation) C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SHTtray.exe
(Sony Corporation) C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe
(Sony Corporation) C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avshadow.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VAIOTM\VTUsr.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VAIO Clip.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avgnt.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Update\VUAgent.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\vim.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\vim.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCSystemTray.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCService.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCAgent.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
==================== Registry (Nicht auf der Ausnahmeliste) ===========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [630168 2017-09-29] (Microsoft Corporation)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3954368 2015-09-21] (Synaptics Incorporated)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Beschränkung <==== ACHTUNG
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{0a976dfa-6aa2-4604-8b44-ed8d20d585f6}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{459b27b5-d66e-418e-b849-9d691fb37683}: [DhcpNameServer] 192.168.178.1
Internet Explorer:
==================
HKU\S-1-5-21-3483465479-2191358556-2575146349-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.gmx.net/
HKU\S-1-5-21-3483465479-2191358556-2575146349-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://sony13.msn.com
SearchScopes: HKU\S-1-5-21-3483465479-2191358556-2575146349-1001 -> {6A8CC696-3745-4668-A38E-46E567058A8B} URL = hxxp://de.wikipedia.org/w/index.php?title=Spezial:Suche&search={searchTerms}
SearchScopes: HKU\S-1-5-21-3483465479-2191358556-2575146349-1001 -> {84F8B878-A832-4C05-9E3F-BB52FAD57D4C} URL = hxxp://rover.ebay.com/rover/1/707-37276-16609-27/4?mpre=hxxp://shop.ebay.de/?oemInLn=ieSrch-&_nkw={searchTerms}
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO: Easy Photo Print -> {9421DD08-935F-4701-A9CA-22DF90AC4EA6} -> C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll [2015-07-31] (Seiko Epson Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: E-Web Print -> {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} -> C:\Program Files (x86)\Epson Software\E-Web Print\ewps_tb.dll [2014-11-27] (SEIKO EPSON CORPORATION)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_131\bin\ssv.dll [2017-04-30] (Oracle Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_131\bin\jp2ssv.dll [2017-04-30] (Oracle Corporation)
Toolbar: HKLM - Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll [2015-07-31] (Seiko Epson Corporation)
Toolbar: HKLM-x32 - E-Web Print - {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} - C:\Program Files (x86)\Epson Software\E-Web Print\ewps_tb.dll [2014-11-27] (SEIKO EPSON CORPORATION)
DPF: HKLM-x32 {5AE58FCF-6F6A-49B2-B064-02492C66E3F4} hxxp://catalog.update.microsoft.com/v7/site/ClientControl/en/x86/MuCatalogWebControl.cab?1481937349192
FireFox:
========
FF Plugin: @java.com/DTPlugin,version=10.13.2 -> C:\WINDOWS\system32\npDeployJava1.dll [2013-08-08] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\Program Files\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=3.5.20 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-04-02] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-04-02] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.131.2 -> C:\Program Files (x86)\Java\jre1.8.0_131\bin\dtplugin\npDeployJava1.dll [2017-04-30] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.131.2 -> C:\Program Files (x86)\Java\jre1.8.0_131\bin\plugin2\npjp2.dll [2017-04-30] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\Program Files (x86)\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2017-11-01] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3483465479-2191358556-2575146349-1001: intel.com/AppUp -> C:\Program Files (x86)\Intel\IntelAppStore\bin\npAppUp.dll [2013-02-19] (Intel)
FF Plugin HKU\S-1-5-21-3483465479-2191358556-2575146349-1001: intel.com/AppUpx64 -> C:\Program Files (x86)\Intel\IntelAppStore\bin\npAppUp_x64.dll [2013-02-19] (Intel)
==================== Dienste (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
S2 AntiVirMailService; C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe [1128944 2017-11-18] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\Antivirus\sched.exe [490968 2017-11-18] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\Antivirus\avguard.exe [490968 2017-11-18] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe [1526832 2017-11-18] (Avira Operations GmbH & Co. KG)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2017-10-11] (Apple Inc.)
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [413592 2017-11-02] (Avira Operations GmbH & Co. KG)
R2 EpsonScanSvc; C:\WINDOWS\system32\EscSvc64.exe [144560 2012-05-17] (Seiko Epson Corporation)
R2 igfxCUIService2.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [373744 2016-11-01] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [731648 2013-02-13] (Intel(R) Corporation) [Datei ist nicht signiert]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [820184 2013-02-13] (Intel(R) Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-04-02] (Intel Corporation)
R2 Intel(R) Wireless Bluetooth(R) 4.0 Radio Management; C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe [157128 2013-09-27] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-04-02] (Intel Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6234056 2017-11-01] (Malwarebytes)
S3 McAWFwk; C:\Program Files\Common Files\mcafee\actwiz\McAWFwk.exe [334608 2013-07-24] (McAfee, Inc.)
S3 NetworkSupport; C:\Program Files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkSupport.exe [629336 2013-09-28] (Sony Corporation)
R2 PDF24; C:\Program Files (x86)\PDF24\pdf24.exe [217736 2016-12-20] (Geek Software GmbH)
R2 PMBDeviceInfoProvider; C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe [481304 2013-11-21] (Sony Corporation)
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [255168 2015-09-21] (Synaptics Incorporated)
R2 VCFw; C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [972000 2013-01-06] (Sony Corporation)
R3 VUAgent; C:\Program Files\Sony\VAIO Update\vuagent.exe [1656600 2016-03-31] (Sony Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [355304 2017-09-29] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [105944 2017-09-29] (Microsoft Corporation)
R2 ibtsiva; %SystemRoot%\system32\ibtsiva [X]
===================== Treiber (Nicht auf der Ausnahmeliste) ======================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R0 avdevprot; C:\WINDOWS\System32\DRIVERS\avdevprot.sys [60920 2017-06-20] (Avira Operations GmbH & Co. KG)
R2 avgntflt; C:\WINDOWS\System32\DRIVERS\avgntflt.sys [176224 2017-10-07] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [167464 2017-09-05] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\WINDOWS\system32\DRIVERS\avkmgr.sys [44488 2017-03-31] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\WINDOWS\system32\DRIVERS\avnetflt.sys [88488 2017-03-31] (Avira Operations GmbH & Co. KG)
R0 avusbflt; C:\WINDOWS\System32\Drivers\avusbflt.sys [38048 2017-06-20] (Avira Operations GmbH & Co. KG)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [77432 2017-11-01] ()
R3 ibtusb; C:\WINDOWS\system32\DRIVERS\ibtusb.sys [230656 2016-12-12] (Intel Corporation)
R0 IntelHSWPcc; C:\WINDOWS\System32\drivers\IntelPcc.sys [77992 2013-11-28] (Intel Corporation)
S3 ISCT; C:\WINDOWS\System32\drivers\ISCTD64.sys [46568 2013-04-15] ()
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [193464 2017-11-25] (Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\system32\DRIVERS\farflt.sys [110016 2017-11-25] (Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [46008 2017-11-25] (Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [253880 2017-11-25] (Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [94144 2017-11-25] (Malwarebytes)
R3 MEIx64; C:\WINDOWS\system32\DRIVERS\TeeDriverx64.sys [99288 2013-12-19] (Intel Corporation)
R3 NETwNb64; C:\WINDOWS\system32\DRIVERS\Netwbw02.sys [3525896 2016-11-09] (Intel Corporation)
S3 rtux64w10; C:\WINDOWS\System32\drivers\rtux64w10.sys [354624 2016-08-07] (Realtek )
R3 SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [51392 2015-09-21] (Synaptics Incorporated)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44608 2017-09-29] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [309144 2017-09-29] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [119192 2017-09-29] (Microsoft Corporation)
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2017-11-25 15:35 - 2017-11-25 18:03 - 000094144 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2017-11-25 15:35 - 2017-11-25 17:50 - 000253880 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2017-11-25 15:35 - 2017-11-25 17:50 - 000110016 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2017-11-25 15:35 - 2017-11-25 17:50 - 000046008 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2017-11-25 15:35 - 2017-11-25 15:35 - 000193464 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2017-11-25 15:35 - 2017-11-25 15:35 - 000001912 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2017-11-25 15:35 - 2017-11-25 15:35 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2017-11-25 15:35 - 2017-11-25 15:35 - 000000000 ____D C:\ProgramData\Malwarebytes
2017-11-25 15:35 - 2017-11-25 15:35 - 000000000 ____D C:\Program Files\Malwarebytes
2017-11-25 15:35 - 2017-11-01 08:54 - 000077432 _____ C:\WINDOWS\system32\Drivers\mbae64.sys
2017-11-25 15:29 - 2017-11-25 15:33 - 000000000 ____D C:\AdwCleaner
2017-11-19 14:29 - 2017-10-25 10:11 - 017083904 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramCompositor.dll
2017-11-19 14:29 - 2017-10-25 10:11 - 000336896 _____ (Microsoft Corporation) C:\WINDOWS\system32\HolographicRuntimes.dll
2017-11-19 14:29 - 2017-10-25 10:09 - 021753344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Hydrogen.dll
2017-11-19 14:29 - 2017-10-25 09:57 - 000956416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Spectrum.exe
2017-11-19 14:29 - 2017-10-25 09:57 - 000882688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Mirage.Internal.dll
2017-11-19 14:29 - 2017-10-25 09:56 - 000665600 _____ (Microsoft Corporation) C:\WINDOWS\system32\DHolographicDisplay.dll
2017-11-19 14:29 - 2017-10-25 07:36 - 000618496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Mirage.Internal.dll
2017-11-19 14:29 - 2017-10-25 05:41 - 000362176 _____ (Microsoft Corporation) C:\WINDOWS\system32\BioIso.exe
2017-11-19 14:29 - 2017-10-25 05:40 - 001634288 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2017-11-19 14:29 - 2017-10-25 05:40 - 000612760 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2017-11-19 14:29 - 2017-10-25 05:40 - 000269696 _____ C:\WINDOWS\system32\FaceProcessorCore.dll
2017-11-19 14:29 - 2017-10-25 05:39 - 007831248 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10warp.dll
2017-11-19 14:29 - 2017-10-25 05:39 - 000479912 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64win.dll
2017-11-19 14:29 - 2017-10-25 05:39 - 000285080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2017-11-19 14:29 - 2017-10-25 05:37 - 001954048 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2017-11-19 14:29 - 2017-10-25 05:37 - 000610712 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2017-11-19 14:29 - 2017-10-25 05:36 - 008590744 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2017-11-19 14:29 - 2017-10-25 05:36 - 002400664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2017-11-19 14:29 - 2017-10-25 05:36 - 000187288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2017-11-19 14:29 - 2017-10-25 05:34 - 002573208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2017-11-19 14:29 - 2017-10-25 05:34 - 000839928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Perception.Stub.dll
2017-11-19 14:29 - 2017-10-25 05:34 - 000710920 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2017-11-19 14:29 - 2017-10-25 05:32 - 000559512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2017-11-19 14:29 - 2017-10-25 05:32 - 000147864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wcifs.sys
2017-11-19 14:29 - 2017-10-25 05:31 - 000436120 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostCommon.dll
2017-11-19 14:29 - 2017-10-25 05:31 - 000045464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storufs.sys
2017-11-19 14:29 - 2017-10-25 05:30 - 004487968 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2017-11-19 14:29 - 2017-10-25 05:30 - 000555416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2017-11-19 14:29 - 2017-10-25 05:29 - 002269080 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsrcsnk.dll
2017-11-19 14:29 - 2017-10-25 05:29 - 001507736 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2017-11-19 14:29 - 2017-10-25 05:29 - 000603920 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2017-11-19 14:29 - 2017-10-25 05:28 - 001170008 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2017-11-19 14:29 - 2017-10-25 05:27 - 006791472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2017-11-19 14:29 - 2017-10-25 05:27 - 001970520 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
2017-11-19 14:29 - 2017-10-25 05:27 - 001426152 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2017-11-19 14:29 - 2017-10-25 05:27 - 000374032 _____ (Microsoft Corporation) C:\WINDOWS\system32\vac.exe
2017-11-19 14:29 - 2017-10-25 05:24 - 000428952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2017-11-19 14:29 - 2017-10-25 05:20 - 002717392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2017-11-19 14:29 - 2017-10-25 04:52 - 001615720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2017-11-19 14:29 - 2017-10-25 04:50 - 001528904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2017-11-19 14:29 - 2017-10-25 04:36 - 025246208 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2017-11-19 14:29 - 2017-10-25 04:30 - 005615968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10warp.dll
2017-11-19 14:29 - 2017-10-25 04:30 - 000354200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudExperienceHostCommon.dll
2017-11-19 14:29 - 2017-10-25 04:28 - 004648528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2017-11-19 14:29 - 2017-10-25 04:28 - 001246432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
2017-11-19 14:29 - 2017-10-25 04:28 - 000982016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2017-11-19 14:29 - 2017-10-25 04:27 - 001454568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsrcsnk.dll
2017-11-19 14:29 - 2017-10-25 04:27 - 001377080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll
2017-11-19 14:29 - 2017-10-25 04:27 - 001015008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2017-11-19 14:29 - 2017-10-25 04:24 - 000506256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Perception.Stub.dll
2017-11-19 14:29 - 2017-10-25 04:22 - 006015200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2017-11-19 14:29 - 2017-10-25 04:22 - 002465848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2017-11-19 14:29 - 2017-10-25 04:19 - 003670016 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2017-11-19 14:29 - 2017-10-25 04:19 - 000097792 _____ C:\WINDOWS\system32\runexehelper.exe
2017-11-19 14:29 - 2017-10-25 04:18 - 000975872 _____ C:\WINDOWS\system32\FaceProcessor.dll
2017-11-19 14:29 - 2017-10-25 04:18 - 000328192 _____ (Microsoft Corporation) C:\WINDOWS\system32\AcGenral.dll
2017-11-19 14:29 - 2017-10-25 04:18 - 000301056 _____ (Microsoft Corporation) C:\WINDOWS\system32\AcLayers.dll
2017-11-19 14:29 - 2017-10-25 04:18 - 000135168 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_CapabilityAccess.dll
2017-11-19 14:29 - 2017-10-25 04:18 - 000095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\CapabilityAccessManagerClient.dll
2017-11-19 14:29 - 2017-10-25 04:18 - 000056320 _____ (Microsoft Corporation) C:\WINDOWS\system32\AcSpecfc.dll
2017-11-19 14:29 - 2017-10-25 04:16 - 023658496 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2017-11-19 14:29 - 2017-10-25 04:16 - 000227328 _____ (Microsoft Corporation) C:\WINDOWS\system32\CapabilityAccessManager.dll
2017-11-19 14:29 - 2017-10-25 04:16 - 000114688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\UcmCx.sys
2017-11-19 14:29 - 2017-10-25 04:16 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzres.dll
2017-11-19 14:29 - 2017-10-25 04:15 - 000140800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2017-11-19 14:29 - 2017-10-25 04:14 - 000541184 _____ (Microsoft Corporation) C:\WINDOWS\system32\HolographicExtensions.dll
2017-11-19 14:29 - 2017-10-25 04:14 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdrleakdiag.exe
2017-11-19 14:29 - 2017-10-25 04:13 - 013655552 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2017-11-19 14:29 - 2017-10-25 04:13 - 002972672 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
2017-11-19 14:29 - 2017-10-25 04:12 - 001015296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2017-11-19 14:29 - 2017-10-25 04:12 - 000708096 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2017-11-19 14:29 - 2017-10-25 04:12 - 000599040 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2017-11-19 14:29 - 2017-10-25 04:12 - 000568832 _____ (Microsoft Corporation) C:\WINDOWS\system32\TileDataRepository.dll
2017-11-19 14:29 - 2017-10-25 04:11 - 000768512 _____ (Microsoft Corporation) C:\WINDOWS\system32\PCPKsp.dll
2017-11-19 14:29 - 2017-10-25 04:10 - 008099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2017-11-19 14:29 - 2017-10-25 04:10 - 004742144 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2017-11-19 14:29 - 2017-10-25 04:10 - 001167360 _____ (Microsoft Corporation) C:\WINDOWS\system32\ISM.dll
2017-11-19 14:29 - 2017-10-25 04:09 - 002862080 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2017-11-19 14:29 - 2017-10-25 04:09 - 002106368 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2017-11-19 14:29 - 2017-10-25 04:09 - 001806336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.dll
2017-11-19 14:29 - 2017-10-25 04:09 - 000812032 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2017-11-19 14:29 - 2017-10-25 04:08 - 002905600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2017-11-19 14:29 - 2017-10-25 04:08 - 002781696 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2017-11-19 14:29 - 2017-10-25 04:08 - 002633216 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2017-11-19 14:29 - 2017-10-25 04:08 - 002392576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcGenral.dll
2017-11-19 14:29 - 2017-10-25 04:08 - 001667584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Input.Inking.dll
2017-11-19 14:29 - 2017-10-25 04:08 - 000654848 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2017-11-19 14:29 - 2017-10-25 04:08 - 000487424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcSpecfc.dll
2017-11-19 14:29 - 2017-10-25 04:08 - 000465408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2017-11-19 14:29 - 2017-10-25 04:07 - 018914304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2017-11-19 14:29 - 2017-10-25 04:07 - 003478016 _____ (Microsoft Corporation) C:\WINDOWS\system32\mispace.dll
2017-11-19 14:29 - 2017-10-25 04:07 - 001485824 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2017-11-19 14:29 - 2017-10-25 04:07 - 000685056 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2017-11-19 14:29 - 2017-10-25 04:07 - 000372224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcLayers.dll
2017-11-19 14:29 - 2017-10-25 04:07 - 000064512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CapabilityAccessManagerClient.dll
2017-11-19 14:29 - 2017-10-25 04:06 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tzres.dll
2017-11-19 14:29 - 2017-10-25 04:05 - 019339776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2017-11-19 14:29 - 2017-10-25 04:05 - 000106496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2017-11-19 14:29 - 2017-10-25 04:05 - 000022528 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdtcVSp1res.dll
2017-11-19 14:29 - 2017-10-25 04:04 - 000124928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\luafv.sys
2017-11-19 14:29 - 2017-10-25 04:04 - 000041984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdrleakdiag.exe
2017-11-19 14:29 - 2017-10-25 04:03 - 000450048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TileDataRepository.dll
2017-11-19 14:29 - 2017-10-25 04:02 - 000591872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PCPKsp.dll
2017-11-19 14:29 - 2017-10-25 04:01 - 012687360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2017-11-19 14:29 - 2017-10-25 04:01 - 000462848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2017-11-19 14:29 - 2017-10-25 03:59 - 003679232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2017-11-19 14:29 - 2017-10-25 03:59 - 000664576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2017-11-19 14:29 - 2017-10-25 03:58 - 002467840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2017-11-19 14:29 - 2017-10-25 03:58 - 001322496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Input.Inking.dll
2017-11-19 14:29 - 2017-10-25 03:58 - 001280000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Speech.dll
2017-11-19 14:29 - 2017-10-25 03:57 - 006035968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2017-11-19 14:29 - 2017-10-25 03:55 - 002864640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mispace.dll
2017-11-19 14:29 - 2017-10-25 03:54 - 000022528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msdtcVSp1res.dll
2017-11-19 14:29 - 2017-10-21 13:25 - 003313968 _____ C:\WINDOWS\system32\Windows.Mirage.dll
2017-11-19 14:29 - 2017-10-20 15:17 - 002474584 _____ C:\WINDOWS\SysWOW64\Windows.Mirage.dll
2017-11-19 14:29 - 2017-10-20 06:08 - 000339968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msexcl40.dll
2017-11-18 15:16 - 2017-11-18 15:16 - 000001193 _____ C:\Users\Public\Desktop\Avira.lnk
2017-11-18 09:24 - 2017-11-18 09:24 - 000000000 ____D C:\Users\Freddy\Documents\Telenot
2017-11-18 09:24 - 2017-11-18 09:24 - 000000000 ____D C:\Users\Freddy\AppData\Roaming\SumatraPDF
2017-11-18 09:24 - 2017-11-18 09:24 - 000000000 ____D C:\Users\Freddy\AppData\Local\Telenot
2017-11-18 09:24 - 2017-11-18 09:24 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Telenot
2017-11-18 09:24 - 2017-11-18 09:24 - 000000000 ____D C:\Program Files (x86)\Telenot
2017-11-11 15:31 - 2017-11-19 14:59 - 000000600 _____ C:\Users\Freddy\AppData\Local\PUTTY.RND
2017-11-11 15:06 - 2017-11-11 15:06 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud
2017-11-11 15:05 - 2017-11-11 15:05 - 000001816 _____ C:\Users\Public\Desktop\iTunes.lnk
2017-11-11 15:05 - 2017-11-11 15:05 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2017-11-11 15:05 - 2017-11-11 15:05 - 000000000 ____D C:\Program Files\iTunes
2017-11-11 15:05 - 2017-11-11 15:05 - 000000000 ____D C:\Program Files\iPod
2017-11-11 14:47 - 2017-11-11 14:47 - 000002395 _____ C:\Users\Freddy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Etcher.lnk
2017-11-11 14:47 - 2017-11-11 14:47 - 000000000 ____D C:\Users\Freddy\AppData\Roaming\etcher
2017-11-11 14:17 - 2017-11-18 15:45 - 000000000 ____D C:\Users\Freddy\Desktop\Raspberry
2017-11-06 08:25 - 2017-11-18 16:16 - 000000000 ____D C:\WINDOWS\Minidump
2017-11-05 16:49 - 2017-11-05 17:57 - 000000000 ____D C:\Users\Freddy\AppData\Roaming\vlc
2017-11-05 16:49 - 2017-11-05 16:49 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2017-11-05 16:49 - 2017-11-05 16:49 - 000000000 ____D C:\Program Files (x86)\VideoLAN
2017-10-28 11:11 - 2017-10-28 11:11 - 000000000 ____D C:\ProgramData\Microsoft OneDrive
2017-10-28 11:10 - 2017-10-28 11:10 - 000000000 ___HD C:\Users\Freddy\MicrosoftEdgeBackups
2017-10-28 11:09 - 2017-10-28 11:09 - 000000020 ___SH C:\Users\Freddy\ntuser.ini
2017-10-28 11:09 - 2017-10-28 11:09 - 000000000 ___RD C:\Users\Freddy\3D Objects
2017-10-28 11:09 - 2017-10-28 11:09 - 000000000 ____D C:\Users\WDAGUtilityAccount\AppData\Local\Packages
2017-10-28 11:09 - 2017-10-28 11:09 - 000000000 ____D C:\Users\WDAGUtilityAccount
2017-10-28 10:21 - 2017-11-11 14:57 - 000000000 ____D C:\Windows.old
2017-10-28 09:43 - 2017-10-28 09:43 - 000000000 ____D C:\ProgramData\USOShared
2017-10-28 09:37 - 2017-11-25 17:55 - 002182360 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-10-28 09:35 - 2017-11-25 17:50 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-10-28 09:35 - 2017-11-25 12:54 - 000004170 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{66960764-C7A5-4C4F-8DA1-5400FDCC99F3}
2017-10-28 09:35 - 2017-11-18 09:16 - 000004562 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2017-10-28 09:35 - 2017-11-05 12:12 - 000003208 _____ C:\WINDOWS\System32\Tasks\Avira SystrayStartTrigger
2017-10-28 09:35 - 2017-11-03 06:33 - 000003376 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3483465479-2191358556-2575146349-1001
2017-10-28 09:35 - 2017-10-28 09:43 - 000003374 _____ C:\WINDOWS\System32\Tasks\Avira_Antivirus_Systray
2017-10-28 09:35 - 2017-10-28 09:36 - 000011433 _____ C:\WINDOWS\diagwrn.xml
2017-10-28 09:35 - 2017-10-28 09:36 - 000011433 _____ C:\WINDOWS\diagerr.xml
2017-10-28 09:35 - 2017-10-28 09:35 - 000014400 _____ C:\WINDOWS\System32\Tasks\CoolKiller
2017-10-28 09:35 - 2017-10-28 09:35 - 000004018 _____ C:\WINDOWS\System32\Tasks\Clientlizenzdienst(ClipSVC)Mobile
2017-10-28 09:35 - 2017-10-28 09:35 - 000003498 _____ C:\WINDOWS\System32\Tasks\EPSON XP-520 Series Update {AA49A6FF-529B-4F6B-95BC-379A9FC14BB3}
2017-10-28 09:35 - 2017-10-28 09:35 - 000003498 _____ C:\WINDOWS\System32\Tasks\EPSON XP-520 Series Update {6B85294F-9774-45F0-A6EF-A7293D977B0D}
2017-10-28 09:35 - 2017-10-28 09:35 - 000003310 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{842A7FC2-BB01-4A85-A21F-8AF989AD34AA}
2017-10-28 09:35 - 2017-10-28 09:35 - 000003310 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{2606E4CA-31AC-4BC1-B652-80BFFB987F3E}
2017-10-28 09:35 - 2017-10-28 09:35 - 000002990 _____ C:\WINDOWS\System32\Tasks\updater
2017-10-28 09:35 - 2017-10-28 09:35 - 000002860 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3483465479-2191358556-2575146349-1006
2017-10-28 09:35 - 2017-10-28 09:35 - 000002752 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3483465479-2191358556-2575146349-1001
2017-10-28 09:35 - 2017-10-28 09:35 - 000002318 _____ C:\WINDOWS\System32\Tasks\CreateChoiceProcessTask
2017-10-28 09:35 - 2017-10-28 09:35 - 000000000 ____D C:\WINDOWS\System32\Tasks\Sony Corporation
2017-10-28 09:35 - 2017-10-28 09:35 - 000000000 ____D C:\WINDOWS\System32\Tasks\OfficeSoftwareProtectionPlatform
2017-10-28 09:35 - 2017-10-28 09:35 - 000000000 ____D C:\WINDOWS\System32\Tasks\Apple
2017-10-28 09:30 - 2017-10-28 09:30 - 000001576 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2017-10-28 09:28 - 2017-10-28 11:56 - 000000000 ____D C:\Users\Freddy\AppData\Local\Packages
2017-10-28 09:28 - 2017-10-28 09:28 - 000000000 ____D C:\Users\Lydia.Freddy_Laptop.000\AppData\Local\Packages
2017-10-28 09:27 - 2017-11-06 08:25 - 000000000 ____D C:\Users\Freddy
2017-10-28 09:27 - 2017-11-05 17:01 - 000000000 ____D C:\Users\Lydia.Freddy_Laptop.000
2017-10-28 09:27 - 2017-10-28 09:27 - 000000000 _SHDL C:\Users\Lydia.Freddy_Laptop.000\Vorlagen
2017-10-28 09:27 - 2017-10-28 09:27 - 000000000 _SHDL C:\Users\Lydia.Freddy_Laptop.000\Startmenü
2017-10-28 09:27 - 2017-10-28 09:27 - 000000000 _SHDL C:\Users\Lydia.Freddy_Laptop.000\Netzwerkumgebung
2017-10-28 09:27 - 2017-10-28 09:27 - 000000000 _SHDL C:\Users\Lydia.Freddy_Laptop.000\Lokale Einstellungen
2017-10-28 09:27 - 2017-10-28 09:27 - 000000000 _SHDL C:\Users\Lydia.Freddy_Laptop.000\Eigene Dateien
2017-10-28 09:27 - 2017-10-28 09:27 - 000000000 _SHDL C:\Users\Lydia.Freddy_Laptop.000\Druckumgebung
2017-10-28 09:27 - 2017-10-28 09:27 - 000000000 _SHDL C:\Users\Lydia.Freddy_Laptop.000\Documents\Eigene Videos
2017-10-28 09:27 - 2017-10-28 09:27 - 000000000 _SHDL C:\Users\Lydia.Freddy_Laptop.000\Documents\Eigene Musik
2017-10-28 09:27 - 2017-10-28 09:27 - 000000000 _SHDL C:\Users\Lydia.Freddy_Laptop.000\Documents\Eigene Bilder
2017-10-28 09:27 - 2017-10-28 09:27 - 000000000 _SHDL C:\Users\Lydia.Freddy_Laptop.000\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2017-10-28 09:27 - 2017-10-28 09:27 - 000000000 _SHDL C:\Users\Lydia.Freddy_Laptop.000\AppData\Local\Verlauf
2017-10-28 09:27 - 2017-10-28 09:27 - 000000000 _SHDL C:\Users\Lydia.Freddy_Laptop.000\AppData\Local\Anwendungsdaten
2017-10-28 09:27 - 2017-10-28 09:27 - 000000000 _SHDL C:\Users\Lydia.Freddy_Laptop.000\Anwendungsdaten
2017-10-28 09:27 - 2017-10-28 09:27 - 000000000 _SHDL C:\Users\Freddy\Vorlagen
2017-10-28 09:27 - 2017-10-28 09:27 - 000000000 _SHDL C:\Users\Freddy\Startmenü
2017-10-28 09:27 - 2017-10-28 09:27 - 000000000 _SHDL C:\Users\Freddy\Netzwerkumgebung
2017-10-28 09:27 - 2017-10-28 09:27 - 000000000 _SHDL C:\Users\Freddy\Lokale Einstellungen
2017-10-28 09:27 - 2017-10-28 09:27 - 000000000 _SHDL C:\Users\Freddy\Eigene Dateien
2017-10-28 09:27 - 2017-10-28 09:27 - 000000000 _SHDL C:\Users\Freddy\Druckumgebung
2017-10-28 09:27 - 2017-10-28 09:27 - 000000000 _SHDL C:\Users\Freddy\Documents\Eigene Videos
2017-10-28 09:27 - 2017-10-28 09:27 - 000000000 _SHDL C:\Users\Freddy\Documents\Eigene Musik
2017-10-28 09:27 - 2017-10-28 09:27 - 000000000 _SHDL C:\Users\Freddy\Documents\Eigene Bilder
2017-10-28 09:27 - 2017-10-28 09:27 - 000000000 _SHDL C:\Users\Freddy\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2017-10-28 09:27 - 2017-10-28 09:27 - 000000000 _SHDL C:\Users\Freddy\AppData\Local\Verlauf
2017-10-28 09:27 - 2017-10-28 09:27 - 000000000 _SHDL C:\Users\Freddy\AppData\Local\Anwendungsdaten
2017-10-28 09:27 - 2017-10-28 09:27 - 000000000 _SHDL C:\Users\Freddy\Anwendungsdaten
2017-10-28 09:27 - 2016-11-01 23:05 - 000103952 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.DLL
2017-10-28 09:27 - 2016-11-01 23:05 - 000099848 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.DLL
2017-10-28 09:26 - 2017-09-29 14:41 - 002241024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2017-10-28 09:24 - 2017-11-25 17:45 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2017-10-28 09:24 - 2017-11-19 21:02 - 000416528 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2017-10-28 08:58 - 2017-10-07 17:06 - 000176224 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avgntflt.sys
2017-10-28 08:58 - 2017-09-05 23:18 - 000167464 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avipbb.sys
2017-10-28 08:58 - 2017-06-20 09:41 - 000060920 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avdevprot.sys
2017-10-28 08:58 - 2017-06-20 09:41 - 000038048 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avusbflt.sys
2017-10-28 08:58 - 2017-03-31 06:37 - 000088488 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avnetflt.sys
2017-10-28 08:58 - 2017-03-31 06:37 - 000044488 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avkmgr.sys
2017-10-28 08:57 - 2017-10-28 10:21 - 000000000 ____D C:\WINDOWS\system32\config\bbimigrate
2017-10-28 08:53 - 2017-10-28 08:57 - 000000000 ____D C:\WINDOWS\ServiceProfiles
2017-10-28 08:49 - 2017-10-28 08:49 - 005906264 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll
2017-10-28 08:49 - 2017-10-28 08:49 - 003334144 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2017-10-28 08:49 - 2017-10-28 08:49 - 002869248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2017-10-28 08:49 - 2017-10-28 08:49 - 001856000 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2017-10-28 08:49 - 2017-10-28 08:49 - 001822208 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2017-10-28 08:49 - 2017-10-28 08:49 - 001664000 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2017-10-28 08:49 - 2017-10-28 08:49 - 001641536 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2017-10-28 08:49 - 2017-10-28 08:49 - 001587200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2017-10-28 08:49 - 2017-10-28 08:49 - 001559552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2017-10-28 08:49 - 2017-10-28 08:49 - 001554216 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2017-10-28 08:49 - 2017-10-28 08:49 - 001547264 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2017-10-28 08:49 - 2017-10-28 08:49 - 001470976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2017-10-28 08:49 - 2017-10-28 08:49 - 001463856 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2017-10-28 08:49 - 2017-10-28 08:49 - 001436432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2017-10-28 08:49 - 2017-10-28 08:49 - 001323840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2017-10-28 08:49 - 2017-10-28 08:49 - 001261864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll
2017-10-28 08:49 - 2017-10-28 08:49 - 001200024 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2017-10-28 08:49 - 2017-10-28 08:49 - 001053592 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2017-10-28 08:49 - 2017-10-28 08:49 - 000925184 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll
2017-10-28 08:49 - 2017-10-28 08:49 - 000778936 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2017-10-28 08:49 - 2017-10-28 08:49 - 000739696 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll
2017-10-28 08:49 - 2017-10-28 08:49 - 000726016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2017-10-28 08:49 - 2017-10-28 08:49 - 000677280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2017-10-28 08:49 - 2017-10-28 08:49 - 000665088 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmCoreProvisioning.dll
2017-10-28 08:49 - 2017-10-28 08:49 - 000649304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2017-10-28 08:49 - 2017-10-28 08:49 - 000640512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mswstr10.dll
2017-10-28 08:49 - 2017-10-28 08:49 - 000597160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll
2017-10-28 08:49 - 2017-10-28 08:49 - 000566272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TpmCoreProvisioning.dll
2017-10-28 08:49 - 2017-10-28 08:49 - 000542208 _____ (Microsoft Corporation) C:\WINDOWS\system32\FirewallAPI.dll
2017-10-28 08:49 - 2017-10-28 08:49 - 000529408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nwifi.sys
2017-10-28 08:49 - 2017-10-28 08:49 - 000478208 _____ (Microsoft Corporation) C:\WINDOWS\system32\NgcCtnr.dll
2017-10-28 08:49 - 2017-10-28 08:49 - 000464416 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcryptprimitives.dll
2017-10-28 08:49 - 2017-10-28 08:49 - 000461312 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansec.dll
2017-10-28 08:49 - 2017-10-28 08:49 - 000442880 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptngc.dll
2017-10-28 08:49 - 2017-10-28 08:49 - 000422912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys
2017-10-28 08:49 - 2017-10-28 08:49 - 000418712 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2017-10-28 08:49 - 2017-10-28 08:49 - 000374784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FirewallAPI.dll
2017-10-28 08:49 - 2017-10-28 08:49 - 000373656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2017-10-28 08:49 - 2017-10-28 08:49 - 000353688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2017-10-28 08:49 - 2017-10-28 08:49 - 000326144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cryptngc.dll
2017-10-28 08:49 - 2017-10-28 08:49 - 000285696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb10.sys
2017-10-28 08:49 - 2017-10-28 08:49 - 000246168 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2017-10-28 08:49 - 2017-10-28 08:49 - 000232344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2017-10-28 08:49 - 2017-10-28 08:49 - 000184984 _____ (Microsoft Corporation) C:\WINDOWS\system32\sspicli.dll
2017-10-28 08:49 - 2017-10-28 08:49 - 000177664 _____ (Microsoft Corporation) C:\WINDOWS\system32\t2embed.dll
2017-10-28 08:49 - 2017-10-28 08:49 - 000139672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecdd.sys
2017-10-28 08:49 - 2017-10-28 08:49 - 000136192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\t2embed.dll
2017-10-28 08:49 - 2017-10-28 08:49 - 000123520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sspicli.dll
2017-10-28 08:49 - 2017-10-28 08:49 - 000086016 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblAuthTokenBrokerExt.dll
2017-10-28 08:49 - 2017-10-28 08:49 - 000070656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XblAuthTokenBrokerExt.dll
2017-10-28 08:49 - 2017-10-28 08:49 - 000060824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\urscx01000.sys
2017-10-28 08:49 - 2017-10-28 08:49 - 000058880 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmTasks.dll
2017-10-28 08:49 - 2017-10-28 08:49 - 000057344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\UcmUcsi.sys
2017-10-28 08:49 - 2017-10-28 08:49 - 000034816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BasicRender.sys
2017-10-28 08:49 - 2017-10-28 08:49 - 000028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\sspisrv.dll
2017-10-28 08:49 - 2017-10-28 08:49 - 000008704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjint40.dll
2017-10-28 08:42 - 2017-10-28 10:21 - 000000000 ____D C:\Program Files (x86)\MSBuild
2017-10-28 08:42 - 2017-10-28 08:42 - 000000000 ____D C:\WINDOWS\SysWOW64\XPSViewer
2017-10-28 08:42 - 2017-10-28 08:42 - 000000000 ____D C:\Program Files\Reference Assemblies
2017-10-28 08:42 - 2017-10-28 08:42 - 000000000 ____D C:\Program Files\MSBuild
2017-10-28 08:42 - 2017-10-28 08:42 - 000000000 ____D C:\Program Files (x86)\Reference Assemblies
2017-10-28 08:41 - 2017-10-28 08:41 - 001166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
2017-10-28 08:41 - 2017-10-28 08:41 - 000778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll
2017-10-28 08:41 - 2017-10-28 08:41 - 000124624 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2017-10-28 08:41 - 2017-10-28 08:41 - 000103120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2017-10-28 08:41 - 2017-10-28 08:41 - 000035456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2017-10-28 08:41 - 2017-10-28 08:41 - 000035456 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2017-10-28 08:29 - 2017-10-28 08:29 - 000008192 _____ C:\WINDOWS\system32\config\userdiff
2017-10-28 07:46 - 2017-10-28 11:09 - 000000000 ___DC C:\WINDOWS\Panther
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2017-11-25 18:08 - 2017-09-26 19:54 - 000000000 ____D C:\FRST
2017-11-25 17:55 - 2017-09-30 15:35 - 000985016 _____ C:\WINDOWS\system32\perfh007.dat
2017-11-25 17:55 - 2017-09-30 15:35 - 000213142 _____ C:\WINDOWS\system32\perfc007.dat
2017-11-25 17:50 - 2017-09-29 09:45 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2017-11-25 17:50 - 2017-06-05 09:32 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2017-11-25 17:50 - 2017-03-19 23:26 - 000000000 ____D C:\Users\Lydia.Freddy_Laptop.000\AppData\LocalLow\Temp
2017-11-25 17:50 - 2017-01-05 10:27 - 000000000 ____D C:\Users\Freddy\AppData\LocalLow\Temp
2017-11-25 17:50 - 2016-12-17 10:57 - 000000000 __SHD C:\Users\Freddy\IntelGraphicsProfiles
2017-11-25 17:23 - 2017-09-26 08:13 - 000000000 ____D C:\Users\Freddy\Desktop\Trojan
2017-11-25 15:36 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\DeliveryOptimization
2017-11-25 15:32 - 2017-06-29 20:52 - 000000008 __RSH C:\ProgramData\ntuser.pol
2017-11-25 15:32 - 2017-03-18 22:03 - 000000000 ____D C:\WINDOWS\system32\Tasks_Migrated
2017-11-25 14:56 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\rescache
2017-11-25 12:55 - 2017-09-29 14:46 - 000000000 ___HD C:\Program Files\WindowsApps
2017-11-25 12:55 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\AppReadiness
2017-11-25 12:50 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2017-11-19 21:05 - 2017-09-29 14:44 - 000000000 ____D C:\WINDOWS\INF
2017-11-19 21:01 - 2017-09-29 14:46 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2017-11-19 21:01 - 2017-09-29 14:46 - 000000000 ___SD C:\WINDOWS\system32\F12
2017-11-19 21:01 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\TextInput
2017-11-19 21:01 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2017-11-19 21:01 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2017-11-19 21:01 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\system32\appraiser
2017-11-19 21:01 - 2017-09-29 09:45 - 000000000 ____D C:\WINDOWS\system32\Dism
2017-11-19 14:31 - 2017-09-29 14:37 - 000000000 ____D C:\WINDOWS\CbsTemp
2017-11-18 15:27 - 2017-01-02 15:07 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2017-11-18 15:16 - 2013-08-08 11:02 - 000000000 ____D C:\ProgramData\Package Cache
2017-11-18 09:16 - 2013-08-08 11:30 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2017-11-14 00:29 - 2017-02-25 09:02 - 000025400 _____ C:\Users\Freddy\Desktop\160115_to do Haus.xlsx
2017-11-12 11:17 - 2016-01-16 19:15 - 000000000 ___RD C:\Users\Freddy\iCloudDrive
2017-11-11 15:05 - 2016-12-17 01:49 - 000000000 ____D C:\WINDOWS\SysWOW64\sda
2017-11-05 18:03 - 2016-12-17 10:07 - 000000000 ____D C:\Users\Freddy\AppData\Local\ElevatedDiagnostics
2017-11-05 16:40 - 2014-02-28 20:34 - 000000000 ____D C:\Users\Freddy\AppData\Roaming\Sony Corporation
2017-11-05 16:33 - 2016-01-16 19:15 - 000000000 ____D C:\Users\Freddy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\iCloud
2017-11-04 08:09 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\appcompat
2017-11-04 02:25 - 2017-09-29 14:49 - 000835568 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2017-11-04 02:25 - 2017-09-29 14:49 - 000177648 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2017-11-03 06:33 - 2016-12-17 10:49 - 000002433 _____ C:\Users\Freddy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2017-11-03 06:33 - 2016-12-17 10:49 - 000000000 ___RD C:\Users\Freddy\OneDrive
2017-10-28 11:09 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\Registration
2017-10-28 11:09 - 2016-12-17 10:47 - 000000000 ____D C:\Users\Freddy\AppData\Local\TileDataLayer
2017-10-28 11:09 - 2014-02-28 20:27 - 000000000 __RHD C:\Users\Public\AccountPictures
2017-10-28 10:23 - 2017-09-29 14:46 - 000028672 _____ C:\WINDOWS\system32\config\BCD-Template
2017-10-28 10:21 - 2017-09-30 15:34 - 000000000 ____D C:\WINDOWS\SysWOW64\sysprep
2017-10-28 10:21 - 2017-09-29 14:49 - 000000000 ____D C:\WINDOWS\Setup
2017-10-28 10:21 - 2017-09-29 14:46 - 000000000 ___SD C:\WINDOWS\Downloaded Program Files
2017-10-28 10:21 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\SysWOW64\GroupPolicy
2017-10-28 10:21 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\system32\WinBioDatabase
2017-10-28 10:21 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\system32\spool
2017-10-28 10:21 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\system32\oobe
2017-10-28 10:21 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\system32\NDF
2017-10-28 10:21 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\system32\InputMethod
2017-10-28 10:21 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\Resources
2017-10-28 10:21 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\InputMethod
2017-10-28 10:21 - 2017-09-29 14:46 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2017-10-28 10:21 - 2017-09-29 14:46 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2017-10-28 10:21 - 2017-08-27 09:25 - 000000000 __RHD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VAIO Care
2017-10-28 10:21 - 2017-06-05 09:32 - 000000000 ____D C:\Program Files\Intel
2017-10-28 10:21 - 2017-06-01 05:46 - 000000000 ____D C:\Program Files\UNP
2017-10-28 10:21 - 2017-03-27 06:25 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WISO steuer Sparbuch 2017
2017-10-28 10:21 - 2017-02-03 20:47 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Icecream PDF Split and Merge
2017-10-28 10:21 - 2017-01-15 19:37 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2017-10-28 10:21 - 2017-01-03 10:20 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF24
2017-10-28 10:21 - 2016-12-27 12:45 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SharePoint
2017-10-28 10:21 - 2016-12-27 12:45 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2017-10-28 10:21 - 2016-12-27 12:40 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2017-10-28 10:21 - 2016-12-26 16:48 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Epson Software
2017-10-28 10:21 - 2016-12-16 23:54 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2017-10-28 10:21 - 2014-03-01 05:03 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Main
2017-10-28 10:21 - 2014-03-01 02:09 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2017-10-28 10:21 - 2014-02-28 20:34 - 000000000 ____D C:\WINDOWS\SysWOW64\VAIO Startup Setting Tool
2017-10-28 10:21 - 2013-11-14 08:13 - 000000000 ____D C:\WINDOWS\ShellNew
2017-10-28 10:21 - 2013-08-22 16:36 - 000000000 ____D C:\WINDOWS\system32\WindowsInternal.Inbox.Shared
2017-10-28 10:21 - 2013-08-22 16:36 - 000000000 ____D C:\WINDOWS\system32\WindowsInternal.Inbox.Media.Shared
2017-10-28 10:21 - 2013-08-08 11:39 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2017-10-28 10:21 - 2013-08-08 11:31 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel AppUp(R) center
2017-10-28 10:21 - 2013-08-08 11:18 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PlayMemories Home
2017-10-28 10:21 - 2013-08-08 11:11 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NXPProximityInstaller
2017-10-28 10:21 - 2013-08-08 11:07 - 000000000 ___HD C:\WINDOWS\system32\WLANProfiles
2017-10-28 09:43 - 2017-09-29 14:46 - 000000000 ____D C:\ProgramData\USOPrivate
2017-10-28 09:37 - 2017-09-29 14:46 - 000000000 ____D C:\Program Files\windows nt
2017-10-28 09:35 - 2014-03-01 15:36 - 000023056 _____ C:\WINDOWS\system32\emptyregdb.dat
2017-10-28 09:32 - 2017-09-05 21:57 - 000000000 ____D C:\Users\Freddy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\com.husqvarna
2017-10-28 09:32 - 2016-12-27 12:40 - 000000000 ____D C:\Users\Freddy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2017-10-28 09:32 - 2016-12-26 20:39 - 000000000 ____D C:\Users\Freddy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\IrfanView
2017-10-28 09:32 - 2016-12-20 20:26 - 000000000 ____D C:\Users\Freddy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Kodi
2017-10-28 09:30 - 2017-09-29 14:46 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2017-10-28 09:27 - 2017-09-29 09:45 - 000000000 ____D C:\WINDOWS\system32\Sysprep
2017-10-28 09:27 - 2017-06-05 09:32 - 000000200 _____ C:\WINDOWS\system32\{EC94D02F-D200-4428-9531-05AF7F9799CB}.bat
2017-10-28 09:27 - 2017-06-05 09:31 - 000000000 ____D C:\WINDOWS\SysWOW64\RTCOM
2017-10-28 09:27 - 2013-08-08 10:57 - 000000000 ____D C:\Intel
2017-10-28 09:06 - 2017-09-29 14:46 - 000000000 __RHD C:\Users\Public\Libraries
2017-10-28 09:05 - 2017-09-29 09:45 - 000008192 _____ C:\WINDOWS\system32\config\ELAM
2017-10-28 08:58 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\SysWOW64\IME
2017-10-28 08:58 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\system32\IME
2017-10-28 08:57 - 2017-06-05 09:32 - 000000000 ____D C:\Program Files\Synaptics
2017-10-28 08:57 - 2017-06-05 09:31 - 000000000 ____D C:\Program Files\Realtek
2017-10-28 08:57 - 2016-12-26 16:52 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\zu-ZA
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\yo-NG
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\xh-ZA
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\wo-SN
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\vi-VN
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\uz-Latn-UZ
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\ur-PK
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\ug-CN
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\tt-RU
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\tn-ZA
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\tk-TM
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\ti-ET
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\tg-Cyrl-TJ
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\te-IN
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\ta-IN
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\sw-KE
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\sr-Cyrl-RS
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\sr-Cyrl-BA
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\sq-AL
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\si-LK
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\sd-Arab-PK
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\rw-RW
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\quz-PE
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\quc-Latn-GT
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\prs-AF
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\pa-IN
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\pa-Arab-PK
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\or-IN
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\nso-ZA
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\nn-NO
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\ne-NP
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\mt-MT
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\mr-IN
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\mn-MN
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\ml-IN
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\mk-MK
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\mi-NZ
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\lo-LA
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\lb-LU
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\ky-KG
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\ku-Arab-IQ
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\kok-IN
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\kn-IN
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\km-KH
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\kk-KZ
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\ka-GE
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\is-IS
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\ig-NG
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\id-ID
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\hy-AM
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\ha-Latn-NG
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\gu-IN
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\gd-GB
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\ga-IE
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\fil-PH
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\fa-IR
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\cy-GB
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\chr-CHER-US
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\ca-ES-valencia
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\bs-Latn-BA
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\bn-IN
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\bn-BD
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\be-BY
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\az-Latn-AZ
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\as-IN
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\am-ET
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\af-ZA
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\zu-ZA
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\yo-NG
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\xh-ZA
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\wo-SN
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\vi-VN
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\uz-Latn-UZ
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\ur-PK
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\ug-CN
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\tt-RU
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\tn-ZA
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\tk-TM
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\ti-ET
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\tg-Cyrl-TJ
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\te-IN
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\ta-IN
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\sw-KE
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\sr-Cyrl-RS
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\sr-Cyrl-BA
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\sq-AL
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\si-LK
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\sd-Arab-PK
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\rw-RW
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\quz-PE
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\quc-Latn-GT
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\prs-AF
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\pa-IN
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\pa-Arab-PK
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\or-IN
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\nso-ZA
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\nn-NO
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\ne-NP
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\mt-MT
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\mr-IN
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\mn-MN
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\ml-IN
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\mk-MK
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\mi-NZ
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\lo-LA
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\lb-LU
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\ky-KG
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\ku-Arab-IQ
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\kok-IN
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\kn-IN
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\km-KH
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\kk-KZ
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\ka-GE
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\is-IS
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\ig-NG
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\id-ID
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\hy-AM
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\ha-Latn-NG
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\gu-IN
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\gd-GB
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\ga-IE
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\fil-PH
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\fa-IR
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\cy-GB
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\chr-CHER-US
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\ca-ES-valencia
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\bs-Latn-BA
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\bn-IN
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\bn-BD
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\be-BY
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\az-Latn-AZ
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\as-IN
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\am-ET
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\af-ZA
2017-10-28 08:42 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\SysWOW64\MUI
2017-10-28 08:42 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\system32\MUI
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2017-11-11 15:31 - 2017-11-19 14:59 - 000000600 _____ () C:\Users\Freddy\AppData\Local\PUTTY.RND
2014-03-01 01:57 - 2016-12-17 02:49 - 000007598 _____ () C:\Users\Freddy\AppData\Local\resmon.resmoncfg
==================== Bamital & volsnap ======================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2017-11-25 14:56
==================== Ende von FRST.txt ============================
|
|
25.11.2017, 18:16
| #7 |
| | windows10: AVIRA meldet Trojaner-FundCode:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 24-11-2017 01
durchgeführt von Freddy (25-11-2017 18:08:56)
Gestartet von C:\Users\Freddy\Desktop\Trojan\Programme
Windows 10 Home Version 1709 16299.64 (X64) (2017-10-28 08:37:27)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-3483465479-2191358556-2575146349-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3483465479-2191358556-2575146349-503 - Limited - Disabled)
Freddy (S-1-5-21-3483465479-2191358556-2575146349-1001 - Administrator - Enabled) => C:\Users\Freddy
Gast (S-1-5-21-3483465479-2191358556-2575146349-501 - Limited - Disabled)
Lydia (S-1-5-21-3483465479-2191358556-2575146349-1006 - Limited - Enabled) => C:\Users\Lydia.Freddy_Laptop.000
WDAGUtilityAccount (S-1-5-21-3483465479-2191358556-2575146349-504 - Limited - Disabled)
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Avira Antivirus (Enabled - Up to date) {B3F630BD-538D-1B4A-14FA-14B63235278F}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: Avira Antivirus (Enabled - Up to date) {0897D159-75B7-14C4-2E4A-2FC449B26D32}
AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
Adobe Reader XI MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AB0000000001}) (Version: 11.0.00 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.23) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.23 - Adobe Systems Incorporated)
Apple Application Support (32-Bit) (HKLM-x32\...\{D811A40A-9791-497C-B9DC-2D89C8E95EA1}) (Version: 6.1 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{8B47B514-F5D2-4E0D-B951-6E250618A7CD}) (Version: 6.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{31A0B634-BCF4-4D3F-8336-87FEACFEE142}) (Version: 11.0.1.2 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{C1BBFD2A-BCDD-45B3-8C0B-66BD434970A8}) (Version: 2.4.8.1 - Apple Inc.)
Avira (HKLM-x32\...\{37C2DE81-46FA-4EB3-83A5-F0D8F5B08F6E}) (Version: 1.2.99.31392 - Avira Operations GmbH & Co. KG) Hidden
Avira (HKLM-x32\...\{5a024a65-9f29-41b1-b178-946c9f826e72}) (Version: 1.2.99.31392 - Avira Operations GmbH & Co. KG)
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.33.24 - Avira Operations GmbH & Co. KG)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
compasX 27.1 (HKLM-x32\...\{9FBE7270-D55B-4D0D-BB04-4BAFEA03ECFA}) (Version: 27.1 - Telenot)
Easy Photo Scan (HKLM-x32\...\{BB6241FF-8B76-45A5-95B9-888EDE8E47DC}) (Version: 1.00.0010 - Seiko Epson Corporation)
Einstellungen für VAIO Media Server (HKLM\...\{62A172B2-550E-499D-9A82-5190D18390AA}) (Version: 1.1.0.02220 - Sony Corporation)
Epson Easy Photo Print 2 (HKLM-x32\...\{F05A434E-D3CF-4B44-9D3E-779D42090781}) (Version: 2.8.0.0 - Seiko Epson Corporation)
Epson Event Manager (HKLM-x32\...\{9F205E94-9E42-4486-A92A-DF3F6CB85444}) (Version: 3.10.0061 - Seiko Epson Corporation)
Epson E-Web Print (HKLM-x32\...\{6BF9F374-EC67-4808-A90C-F127DE6D989D}) (Version: 1.23.0000 - SEIKO EPSON CORPORATION)
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version: - Seiko Epson Corporation)
Epson Software Updater (HKLM-x32\...\{7BAC3F7A-B963-468E-982E-B5608A87408D}) (Version: 4.4.4 - SEIKO EPSON CORPORATION)
EPSON XP-520 Series Printer Uninstall (HKLM\...\EPSON XP-520 Series) (Version: - SEIKO EPSON Corporation)
ESDL (HKLM-x32\...\{9A2CA016-1C4C-4D44-BF70-C2C8639C34A4}) (Version: 1.0.0 - Sony Corporation) Hidden
Etcher 1.1.2 (only current user) (HKU\S-1-5-21-3483465479-2191358556-2575146349-1001\...\573339af-d9e1-5dd3-804c-e0162fac1f41) (Version: 1.1.2 - Resin Inc.)
FDUx86 (HKLM-x32\...\{3490653F-2789-46A1-B1BF-6BD4CF4131AB}) (Version: 1.0.0 - Sony Corporation) Hidden
iCloud (HKLM\...\{FF99A618-BCA5-4658-B9FF-CCF57C177610}) (Version: 7.1.0.34 - Apple Inc.)
Intel AppUp(R) center (HKLM-x32\...\Intel AppUp(R) center 41800) (Version: 3.8.0.41800.66 - Intel)
Intel Collaborative Processor Performance Control (HKLM-x32\...\0E7DAF70-FB54-4B91-B192-7E771C25AEEB) (Version: 1.0.0.1015 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.0.1428 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4531 - Intel Corporation)
Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology(patch version 3.0.1335.5) (HKLM\...\{302600C1-6BDF-4FD1-1307-148929CC1385}) (Version: 3.1.1307.0362 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.0.1016 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 3.0.0.63463 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{aa2c2346-d0c0-4d3e-9ab1-11a48b4cb9f3}) (Version: 19.20.3 - Intel Corporation)
IrfanView 4.44 (64-bit) (HKLM\...\IrfanView64) (Version: 4.44 - Irfan Skiljan)
iTunes (HKLM\...\{24607015-8D34-4AF3-9092-AC83847AE073}) (Version: 12.7.1.14 - Apple Inc.)
Java 8 Update 131 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180131F0}) (Version: 8.0.1310.11 - Oracle Corporation)
Kodi (HKU\S-1-5-21-3483465479-2191358556-2575146349-1001\...\Kodi) (Version: - XBMC-Foundation)
Malwarebytes Version 3.3.1.2183 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.3.1.2183 - Malwarebytes)
MergeModule_x64 (HKLM\...\{20E0665F-E4EE-4E2A-8E86-EFC65129FE41}) (Version: 8.0.00 - Sony Corporation) Hidden
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4454.1510 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3483465479-2191358556-2575146349-1001\...\OneDriveSetup.exe) (Version: 17.3.7076.1026 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{402ED4A1-8F5B-387A-8688-997ABF58B8F2}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24212 (HKLM-x32\...\{462f63a8-6347-4894-a1b3-dbfe3a4c981d}) (Version: 14.0.24212.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
NFC Connection Utility (HKLM\...\{F3FC1B12-45AA-4ACE-AD9F-DFD87BE9457E}) (Version: 1.0.0.14100 - Sony Corporation)
NXPProximityInstaller (HKLM-x32\...\NXPProximityInstaller) (Version: 6.3.1.0 - NXP Semiconductors)
PlayMemories Home (HKLM-x32\...\{4C93E894-BE17-463B-A789-4CAB706987A0}) (Version: 8.0.21.11211 - Sony Corporation)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9600.28145 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6895 - Realtek Semiconductor Corp.)
Remote Keyboard (HKLM-x32\...\{6466EF6E-700E-470F-94CB-D0050302C84E}) (Version: 1.2.0.09270 - Sony Corporation) Hidden
Restore (HKLM-x32\...\{ECCEB4D0-7080-4F8A-B498-E40A32A4FBED}) (Version: 1.0.0 - Sony Corporation) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
Skype™ 7.3 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.3.101 - Skype Technologies S.A.)
SOHLib for PlayMemories Home (HKLM\...\{CBA577D0-C972-4A26-B948-A315DF3ECE0E}) (Version: 1.0.1.11110 - Sony Corporation) Hidden
SSLx64 (HKLM\...\{312395BC-7CC2-434C-A660-30250276A926}) (Version: 1.0.0 - Sony Corporation ) Hidden
SSLx86 (HKLM-x32\...\{63C43435-F428-42BA-8E7B-5848749D9262}) (Version: 1.0.0 - Sony Corporation ) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.0.15.2 - Synaptics Incorporated)
VAIO - Remote-Tastatur (HKLM-x32\...\{7396FB15-9AB4-4B78-BDD8-24A9C15D2C65}) (Version: 1.2.0.09270 - Sony Corporation)
VAIO - Remote-Tastatur mit PlayStation®3 (HKLM-x32\...\{E682702C-609C-4017-99E7-3129C163955F}) (Version: 1.2.1.05220 - Sony Corporation)
VAIO - Xperia Link (HKLM-x32\...\{D91558BF-D1F3-411F-AEFE-8774CB406512}) (Version: 1.4.0.15030 - Sony Corporation)
VAIO BIOS Data Transfer Utility (HKLM-x32\...\{5D772F4A-53DE-4E1F-83F5-B08DFF106C60}) (Version: 1.0.0.02050 - Sony Corporation) Hidden
VAIO Care (HKLM\...\{9C4E9490-3862-4EE0-90E6-C2457B67CD5F}) (Version: 8.4.6.05116 - Sony Corporation)
VAIO Care Recovery (HKLM\...\{15B9204E-BA09-485E-8F2C-094AC0077664}) (Version: 1.1.2.13230 - Sony Corporation)
VAIO Care-Hardwarediagnose-Plugin (HKLM-x32\...\{EC153498-00E1-4C9C-89BE-81527C6750BE}) (Version: 4.8.0.13250 - Sony Corporation)
VAIO Control Center (HKLM-x32\...\{8E797841-A110-41FD-B17A-3ABC0641187A}) (Version: 6.2.12.13060 - Sony Corporation)
VAIO Data Restore Tool (HKLM-x32\...\{57B955CE-B5D3-495D-AF1B-FAEE0540BFEF}) (Version: 1.11.0.13250 - Sony Corporation)
VAIO Easy Connect (HKLM-x32\...\{7C80D30A-AC02-4E3F-B95D-29F0E4FF937B}) (Version: 8.4.4.07220 - Sony Corporation) Hidden
VAIO Gesture Control (HKLM-x32\...\{692955F2-DE9F-4078-8FAA-858D6F3A1776}) (Version: 2.2.0.01230 - Sony Corporation)
VAIO Gesture Control (HKLM-x32\...\{9CE67959-AF22-4D93-8D49-CB73F015628E}) (Version: 2.2.0.01230 - Sony Corporation) Hidden
VAIO Image Optimizer (HKLM-x32\...\{5597C927-029A-46A7-A0C0-8DABD9891A50}) (Version: 3.1.00.14260 - Sony Corporation) Hidden
VAIO Image Optimizer (HKLM-x32\...\InstallShield_{5597C927-029A-46A7-A0C0-8DABD9891A50}) (Version: 3.3.00.10220 - Sony Corporation)
VAIO Improvement (HKLM-x32\...\{3A26D9BD-0F73-432D-B522-2BA18138F7EF}) (Version: 2.2.0.01240 - Sony Corporation)
VAIO Movie Creator (HKLM-x32\...\{C2CC5822-32E6-4D21-88EA-DE8CED09EE2F}) (Version: 4.1.01.15140 - Sony Corporation) Hidden
VAIO Movie Creator (HKLM-x32\...\InstallShield_{C2CC5822-32E6-4D21-88EA-DE8CED09EE2F}) (Version: 4.3.01.11140 - Sony Corporation)
VAIO Sample Music (HKLM-x32\...\{FBEE3D44-0933-4B84-BB6A-49957F89187F}) (Version: 1.0.0.03051 - Sony Corporation)
VAIO Update (HKLM-x32\...\{9FF95DA2-7DA1-4228-93B7-DED7EC02B6B2}) (Version: 7.2.0.16270 - Sony Corporation)
VAIO CPU-Lüfterdiagnose (HKLM-x32\...\{BCE6E3D7-B565-4E1B-AC77-F780666A35FB}) (Version: 1.2.0.03050 - Sony Corporation)
VAIO-Support für Übertragungen (HKLM-x32\...\{5DDAFB4B-C52E-468A-9E23-3B0CEEB671BF}) (Version: 1.9.0.11060 - Sony Corporation)
VCCMMX64 (HKLM\...\{606DF716-F28D-4449-B0B1-3AB6081F51AF}) (Version: 1.0.0 - Sony Corporation) Hidden
VCCMMx64 (HKLM\...\{B812401D-BAB2-4E33-9AC7-9862BC8CAF64}) (Version: 1.0.0 - Sony Corporation) Hidden
VCCMMX86 (HKLM-x32\...\{BC3FFCF0-3DB7-47D2-BF15-1979AB59D12B}) (Version: 1.0.0 - Sony Corporation) Hidden
VCCMMx86 (HKLM-x32\...\{CC87BAAD-AA25-4727-9B7C-E0876722B784}) (Version: 1.0.0 - Sony Corporation) Hidden
VCCx64 (HKLM\...\{25ECAFCB-DCFB-4FCE-A5B2-772A57F59860}) (Version: 1.0.0 - Sony Corporation) Hidden
VCCx64 (HKLM\...\{AB447E3B-7A95-4CA6-8ECD-B25C96314B67}) (Version: 1.0.0 - Sony Corporation) Hidden
VCCx86 (HKLM-x32\...\{AFDC0CC0-39E8-42C0-9823-2C1C182676DC}) (Version: 1.0.0 - Sony Corporation) Hidden
VCCx86 (HKLM-x32\...\{B31938C7-7E97-49EE-8F88-951E156268A3}) (Version: 1.0.0 - Sony Corporation) Hidden
VHD (HKLM-x32\...\{9D8112DB-3490-4BF1-AAFA-1D224FFB5D3C}) (Version: 1.0.0 - Sony Corporation) Hidden
Virtual COM Port Driver (HKLM-x32\...\{9853299F-7AD8-4560-9896-60650BD8ACBF}) (Version: 1.3.1 - STMicroelectronics) Hidden
Virtual COM Port Driver (HKLM-x32\...\InstallShield_{9853299F-7AD8-4560-9896-60650BD8ACBF}) (Version: 1.3.1 - STMicroelectronics)
VIx64 (HKLM\...\{D55EAC07-7207-44BD-B524-0F063F327743}) (Version: 1.0.0 - Sony Corporation) Hidden
VIx86 (HKLM-x32\...\{D17C2A58-E0EA-4DD7-A2D6-C448FD25B6F6}) (Version: 1.0.0 - Sony Corporation) Hidden
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.6 - VideoLAN)
VPMx64 (HKLM\...\{DBEAA361-F8A4-4298-B41C-9E9DCB9AAB84}) (Version: 1.0.0 - Sony Corporation ) Hidden
VSSTx64 (HKLM\...\{4F31AC31-0A28-4F5A-8416-513972DA1F79}) (Version: 1.0.0 - Sony Corporation ) Hidden
VSSTx86 (HKLM-x32\...\{B24BB74E-8359-43AA-985A-8E80C9219C70}) (Version: 1.0.0 - Sony Corporation) Hidden
VUx64 (HKLM\...\{A0A2BE14-D3FF-41C8-9545-4B130E3FE9A4}) (Version: 1.2.0 - Sony Corporation) Hidden
VUx86 (HKLM-x32\...\{D04F1D22-4A47-42C6-A2B9-094A7B844D9B}) (Version: 1.2.0 - Sony Corporation) Hidden
VWSTx86 (HKLM-x32\...\{B8991D99-88FD-41F2-8C32-DB70278D5C30}) (Version: 1.0.0 - Sony Corporation) Hidden
WinRAR 5.40 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.40.0 - win.rar GmbH)
WISO steuer:Sparbuch 2017 (HKLM-x32\...\{F8264AEF-35B2-466B-B1E5-14EE6064B079}) (Version: 24.03.1518 - Buhl Data Service GmbH)
XperiaLinkx86 (HKLM-x32\...\{EE402ACB-8269-4E44-9CA1-D81FDC4B4545}) (Version: 1.0.0 - Sony Corporation) Hidden
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
CustomCLSID: HKU\S-1-5-21-3483465479-2191358556-2575146349-1001_Classes\CLSID\{9E506282-69D3-5ABA-9C1D-15994B37F4AC}\InprocServer32 -> C:\Program Files (x86)\Intel\IntelAppStore\bin\npAppUp_x64.dll (Intel)
CustomCLSID: HKU\S-1-5-21-3483465479-2191358556-2575146349-1001_Classes\CLSID\{9E506282-69D3-5ABA-9C1D-15994B37F4AD}\InprocServer32 -> C:\Program Files (x86)\Intel\IntelAppStore\bin\npAppUp_x64.dll (Intel)
ContextMenuHandlers1: [IcecreamShellExtension] -> {A8B59160-93EA-4303-9192-AA3C64FDBE31} => C:\Program Files (x86)\Icecream PDF Split and Merge\x64\IcecreamShell64.dll [2016-12-29] (TODO: <Company name>)
ContextMenuHandlers1: [PhotoStreamsExt] -> {89D984B3-813B-406A-8298-118AFA3A22AE} => C:\Program Files\Common Files\Apple\Internet Services\ShellStreams64.dll [2017-10-19] (Apple Inc.)
ContextMenuHandlers1: [Shell Extension for Malware scanning] -> {45AC2688-0253-4ED8-97DE-B5370FA7D48A} => C:\Program Files (x86)\Avira\Antivirus\shlext64.dll [2017-11-18] (Avira Operations GmbH & Co. KG)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-08-14] (Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-08-14] (Alexander Roshal)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-11-01] (Malwarebytes)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> Keine Datei
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2016-11-01] (Intel Corporation)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-11-01] (Malwarebytes)
ContextMenuHandlers6: [Shell Extension for Malware scanning] -> {45AC2688-0253-4ED8-97DE-B5370FA7D48A} => C:\Program Files (x86)\Avira\Antivirus\shlext64.dll [2017-11-18] (Avira Operations GmbH & Co. KG)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-08-14] (Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-08-14] (Alexander Roshal)
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {02620B0E-A139-4E25-9955-E52D09BA4CCF} - System32\Tasks\Sony Corporation\VAIO Update\VAIO Update => C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe [2016-04-25] (Sony Corporation)
Task: {07A37E19-5965-40B6-AC9B-62866531F867} - System32\Tasks\Sony Corporation\VAIO Control Center\NetworkSetting\NetworkSetting Logon Start => C:\Program Files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkClient
Task: {088082DF-6E31-4DC5-B65C-FB3C2FA65EFE} - System32\Tasks\Sony Corporation\VAIO Care\VKSvcDaily => C:\Program Files\Sony\VAIO Care\VAIOTM\VKSvc.exe [2017-04-19] (Sony Corporation)
Task: {09172E18-AD72-436A-9B3A-9C3AE10D2616} - System32\Tasks\Sony Corporation\VAIO Care\VCRLog => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2017-05-15] (Sony Corporation)
Task: {0A0E6B7C-C784-4CD0-910A-728797BC8493} - System32\Tasks\Sony Corporation\Sony Home Network Library\SOHLib SOHDms => C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe [2013-11-07] (Sony Corporation)
Task: {0A7DB203-FA16-43E0-A3B4-0225E5E712AE} - System32\Tasks\Sony Corporation\VAIO Care\VTSvc => C:\Program Files\Sony\VAIO Care\VAIOTM\VTSvc.exe [2017-04-19] (Sony Corporation)
Task: {0E737322-05C2-4FB7-B878-72E87A77B182} - System32\Tasks\Sony Corporation\VAIO Care\UpdateSolution => C:\Program Files\Sony\VAIO Care\Solution.Updater.exe [2017-05-15] (Sony Corporation)
Task: {156DDDFB-900D-406F-A6A8-8D40CB749DD1} - System32\Tasks\Avira_Antivirus_Systray => C:\Program Files (x86)\Avira\Antivirus\avgnt.exe [2017-11-18] (Avira Operations GmbH & Co. KG)
Task: {1733A098-3F38-45F4-88E5-E3FD2925908E} - System32\Tasks\Sony Corporation\NFC Connection Utility\NFC Logon Start => C:\Program Files\Sony\NFC Connection Utility\NFCConnectionUtility.exe [2014-02-11] (Sony Corporation)
Task: {235AAD07-75C3-4C73-82E0-081FA04B0F3B} - System32\Tasks\Sony Corporation\VAIO Care\UploadPOT => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2017-05-15] (Sony Corporation)
Task: {2D1BBC51-0CE6-4F2D-85FE-776407E58838} - System32\Tasks\Sony Corporation\VAIO Care\CheckSystemInfo => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2017-05-15] (Sony Corporation)
Task: {2F18DDEE-9C8E-4F7E-B68C-97E55EDC0DA8} - System32\Tasks\Clientlizenzdienst(ClipSVC)Mobile => C:\Program Files (x86)\nodejs\node.exe [2017-05-02] (Node.js)
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\WINDOWS\System32\AutoWorkplace.exe
Task: {3B35DA12-DE65-4903-9601-A045C74AADF4} - System32\Tasks\Sony Corporation\VAIO Improvement\VAIOImprovementUploader => C:\Program Files\Sony\VAIO Improvement\viuploader.exe [2013-01-24] (Sony Corporation)
Task: {4D63B5A4-1940-494C-9E9E-C3B8683D1E62} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-09-27] (Adobe Systems Incorporated)
Task: {6D44DF52-296A-4290-80F8-F29478BF965F} - System32\Tasks\Avira SystrayStartTrigger => Avira.SystrayStartTrigger.exe
Task: {731820B3-78E1-4E12-B41F-6FABF2596874} - System32\Tasks\Sony Corporation\Sony Home Network Library\SOHLib TaskTray => C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SHTtray.exe [2013-09-12] (Sony Corporation)
Task: {75BFA5A2-9106-4B43-BCA6-6F03DA54C2A8} - System32\Tasks\Sony Corporation\VAIO Control Center\VAIOControlCenterSystem => C:\Program Files (x86)\Sony\VAIO Control Center\vim.exe [2014-11-17] (Sony Corporation)
Task: {7982693B-13B2-4382-810A-311F970E1580} - System32\Tasks\Sony Corporation\Xperia Link\Xperia Link Logon Start => C:\Program Files (x86)\Sony\Xperia Link\Xperia Link.exe [2016-03-04] (Sony Corporation)
Task: {7EFBE56F-B0BE-492D-A745-4AB238FE69CF} - System32\Tasks\CoolKiller => C:\WINDOWS\system32\rundll32.exe "C:\Program Files\CoolKiller\CoolKiller.dll",mUjnBIANGCsu <==== ACHTUNG
Task: {92C0956C-5CA6-4BEE-9BBB-6E8475A0743E} - System32\Tasks\Sony Corporation\VAIO Care\VKSvcWeekly => C:\Program Files\Sony\VAIO Care\VAIOTM\VKSvc.exe [2017-04-19] (Sony Corporation)
Task: {92D374A6-7389-4DA4-AD28-B00928A40C43} - System32\Tasks\Sony Corporation\VAIO Care\DeployCRMflag => C:\Program Files\Sony\VAIO Care\DeployCRMflag.exe [2017-05-15] (Sony Corporation)
Task: {9A0E0C05-29E0-4943-826D-C714DF31C624} - System32\Tasks\Sony Corporation\VAIO Care\ActiveStatusCollect => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2017-05-15] (Sony Corporation)
Task: {9A7AB5FA-8B68-4455-A598-C625E617BBB8} - System32\Tasks\Sony Corporation\VAIO Care\VCOneClick => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2017-05-15] (Sony Corporation)
Task: {9A7F6397-8E10-4344-9ABA-4DA72F9E1BB4} - System32\Tasks\updater => C:\Program Files (x86)\devnull\NetAdapterUpdate\updater.exe
Task: {9C11A6D9-6FF0-467B-98BF-05F6D81DFFBD} - System32\Tasks\Sony Corporation\VAIO Care\GetPOTInfo => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2017-05-15] (Sony Corporation)
Task: {9D38DE1F-95D3-4DFF-A6B1-7D9913C5B371} - System32\Tasks\Sony Corporation\VAIO Care\VCCheckIolo => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2017-05-15] (Sony Corporation)
Task: {A0F06AC5-F898-4D38-BF28-709FE6197DB4} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2017-07-24] (Apple Inc.)
Task: {A969B346-A1E8-491B-B3E3-19109A1F636B} - System32\Tasks\Sony Corporation\VAIO Gesture Control\VCGULogonTask => C:\Program Files (x86)\Sony\VAIO Camera Gesture Utility\VCGU.exe [2013-01-23] (Sony Corporation)
Task: {AB4433F9-DAD7-4AAD-89B2-C64F3342633C} - System32\Tasks\Sony Corporation\VAIO Hardware Diagnostics\VHDInformationCheck => C:\Program Files (x86)\Sony\VAIO Recovery\plugins\InformationCheck.exe [2013-01-25] (Sony Corporation)
Task: {B4B41936-ACE9-433F-BA0D-4B2E9FFC5805} - System32\Tasks\Sony Corporation\VAIO Control Center\VAIO Capture\VAIO Clip => C:\Program Files (x86)\Sony\VAIO Control Center\VAIO Clip.exe [2013-12-09] (Sony Corporation)
Task: {B65149E4-C865-4E82-9069-566B492615AE} - System32\Tasks\EPSON XP-520 Series Update {AA49A6FF-529B-4F6B-95BC-379A9FC14BB3} => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSNPE.EXE [2013-11-22] (SEIKO EPSON CORPORATION)
Task: {B8EE1B23-260C-41D9-9457-559EF9907168} - System32\Tasks\Sony Corporation\VAIO Care\VAIO Care => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2017-05-15] (Sony Corporation)
Task: {C2DFDAC6-2DC5-43AC-B3C3-189687A656FC} - System32\Tasks\Sony Corporation\VAIO Care\VCMetrics => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2017-05-15] (Sony Corporation)
Task: {C314B97F-35D1-4129-B36B-138FBF48C098} - System32\Tasks\Sony Corporation\VAIO Control Center\Level4Daily => C:\Program Files (x86)\Sony\VAIO Control Center\WBCBatteryCare.exe [2013-03-15] (Sony Corporation)
Task: {CB55C1E1-DB58-4EEB-BE76-8A6432FA8220} - System32\Tasks\EPSON XP-520 Series Update {6B85294F-9774-45F0-A6EF-A7293D977B0D} => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSNPE.EXE [2013-11-22] (SEIKO EPSON CORPORATION)
Task: {CE6BC97F-68EB-4782-B43B-59D763DE5FE6} - System32\Tasks\CreateChoiceProcessTask => C:\Windows\BrowserChoice\browserchoice.exe
Task: {D0A2D1F0-ADAA-4DAA-9099-05235CA3F2D6} - System32\Tasks\Sony Corporation\VAIO Control Center\VAIOControlCenterUser => C:\Program Files (x86)\Sony\VAIO Control Center\vim.exe [2014-11-17] (Sony Corporation)
Task: {D50C369F-E633-41BD-A7F6-39B50416AAFE} - System32\Tasks\Sony Corporation\VAIO Update\VAIO Update Self Repair => C:\Program Files\Sony\VAIO Update\VUSR.exe [2016-03-31] (Sony Corporation)
Task: {D58D3F8A-80D9-47BE-87F0-87BE1E8D15F5} - System32\Tasks\Sony Corporation\VAIO Care\VTUsr => C:\Program Files\Sony\VAIO Care\VAIOTM\VTUsr.exe [2017-04-19] (Sony Corporation)
Task: {EA390447-42D0-42BA-893F-0BAC71CA70D3} - System32\Tasks\Sony Corporation\VAIO Control Center\Level4Month => C:\Program Files (x86)\Sony\VAIO Control Center\WBCBatteryCare.exe [2013-03-15] (Sony Corporation)
Task: {FD11A334-379C-47A6-88CF-740BC3493916} - System32\Tasks\Sony Corporation\VAIO Update\Launch Application => C:\Program Files\SONY\VAIO Update\ShellExeProxy.exe [2016-03-31] (Sony Corporation)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\WINDOWS\Tasks\EPSON XP-520 Series Update {6B85294F-9774-45F0-A6EF-A7293D977B0D}.job => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSNPE.EXE:/EXE:{6B85294F-9774-45F0-A6EF-A7293D977B0D} /F:UpdateWORKGROUP\FREDDY_LAPTOP$ĊSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi
Task: C:\WINDOWS\Tasks\EPSON XP-520 Series Update {AA49A6FF-529B-4F6B-95BC-379A9FC14BB3}.job => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSNPE.EXE:/EXE:{AA49A6FF-529B-4F6B-95BC-379A9FC14BB3} /F:UpdateWORKGROUP\FREDDY_LAPTOP$ĊSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi
Task: C:\WINDOWS\Tasks\Synaptics TouchPad Enhancements.job => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
==================== Verknüpfungen & WMI ========================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2017-09-29 14:41 - 2017-09-29 14:41 - 000184432 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll
2016-11-17 01:28 - 2016-11-17 01:28 - 000092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2017-10-18 23:51 - 2017-10-18 23:51 - 001356088 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2017-11-25 15:35 - 2017-11-01 08:55 - 002299344 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\SelfProtectionSdk.dll
2017-11-25 15:35 - 2017-11-01 08:54 - 002358736 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MwacLib.dll
2013-09-05 00:17 - 2013-09-05 00:17 - 004300456 _____ () C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2017-09-29 14:42 - 2017-09-30 15:36 - 011044864 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2017-09-29 14:42 - 2017-09-30 15:36 - 001804288 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2017-11-12 10:35 - 2017-11-12 10:35 - 000087552 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.8.487.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2017-11-12 10:35 - 2017-11-12 10:35 - 000206336 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.8.487.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2017-11-12 10:35 - 2017-11-12 10:35 - 025461760 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.8.487.0_x64__kzf8qxf38zg5c\SkyWrap.dll
2017-11-11 14:05 - 2017-11-11 14:05 - 002552832 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.8.487.0_x64__kzf8qxf38zg5c\skypert.dll
2013-08-08 11:09 - 2013-04-02 14:02 - 001199576 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2017-09-29 14:46 - 2013-08-22 14:25 - 000000824 _____ C:\WINDOWS\system32\Drivers\etc\hosts
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-3483465479-2191358556-2575146349-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Sony\VAIO 13 img1 Wallpaper 1920x1080.jpg
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Warn)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
HKLM\...\StartupApproved\StartupFolder: => "McAfee Parental Controls.lnk"
HKLM\...\StartupApproved\Run32: => "mcpltui_exe"
HKU\S-1-5-21-3483465479-2191358556-2575146349-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-3483465479-2191358556-2575146349-1001\...\StartupApproved\Run: => "Skype"
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [TCP Query User{A6AD4D0D-3212-42EB-BC6F-927C5784A533}C:\program files\sony\vaio care\vcsystemtray.exe] => (Allow) C:\program files\sony\vaio care\vcsystemtray.exe
FirewallRules: [UDP Query User{EC1FB4D4-7051-4BC5-936F-FBEEDD4AA16F}C:\program files\sony\vaio care\vcsystemtray.exe] => (Allow) C:\program files\sony\vaio care\vcsystemtray.exe
==================== Wiederherstellungspunkte =========================
ACHTUNG: Systemwiederherstellung ist deaktiviert
==================== Fehlerhafte Geräte im Gerätemanager =============
Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (11/25/2017 03:34:37 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: Die Open-Prozedur für den Dienst "BITS" in der DLL "C:\Windows\System32\bitsperf.dll" war nicht erfolgreich. Die Leistungsdaten für diesen Dienst sind nicht verfügbar. Die ersten vier Bytes (DWORD) des Datenbereichs enthalten den Fehlercode.
Error: (11/25/2017 02:10:47 PM) (Source: ESENT) (EventID: 454) (User: )
Description: DllHost (10844,U,0) Internet_NOEDP_LEGACY_IDB: Unerwarteter Fehler "-1216" bei der Datenbankwiederherstellung.
Error: (11/25/2017 02:10:47 PM) (Source: ESENT) (EventID: 494) (User: )
Description: DllHost (10844,U,0) Internet_NOEDP_LEGACY_IDB: Fehler -1216 bei der Datenbankwiederherstellung, da Verweise auf die Datenbank "C:\Users\Freddy\AppData\Local\Microsoft\Internet Explorer\Indexed DB\Internet.edb" festgestellt wurden, die nicht mehr vorhanden ist. Die Datenbank wurde nicht sauber heruntergefahren, bevor sie entfernt (oder möglicherweise verschoben oder umbenannt) wurde. Das Datenbankmodul lässt den Abschluss der Wiederherstellung für diese Instanz erst dann zu, wenn die fehlende Datenbank wieder verfügbar gemacht wird. Wenn die Datenbank tatsächlich nicht mehr verfügbar oder nicht mehr erforderlich ist, finden Sie Informationen zum Beheben dieses Fehlers in der Microsoft Knowledge Base oder unter dem Link "Weitere Informationen" am Ende dieser Meldung.
Error: (11/19/2017 09:03:29 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: Die Open-Prozedur für den Dienst "BITS" in der DLL "C:\Windows\System32\bitsperf.dll" war nicht erfolgreich. Die Leistungsdaten für diesen Dienst sind nicht verfügbar. Die ersten vier Bytes (DWORD) des Datenbereichs enthalten den Fehlercode.
Error: (11/18/2017 03:16:47 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: Die Open-Prozedur für den Dienst "BITS" in der DLL "C:\Windows\System32\bitsperf.dll" war nicht erfolgreich. Die Leistungsdaten für diesen Dienst sind nicht verfügbar. Die ersten vier Bytes (DWORD) des Datenbereichs enthalten den Fehlercode.
Error: (11/18/2017 02:50:38 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 274875
Error: (11/18/2017 02:50:38 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 274875
Error: (11/18/2017 02:50:38 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (11/18/2017 02:50:22 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 259250
Error: (11/18/2017 02:50:22 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 259250
Systemfehler:
=============
Error: (11/25/2017 06:05:52 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\Lokaler Dienst" (SID: S-1-5-19) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
und der APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.
Error: (11/25/2017 05:50:52 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\Lokaler Dienst" (SID: S-1-5-19) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
und der APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.
Error: (11/25/2017 05:50:52 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\Lokaler Dienst" (SID: S-1-5-19) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
und der APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.
Error: (11/25/2017 05:50:52 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\Lokaler Dienst" (SID: S-1-5-19) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
und der APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.
Error: (11/25/2017 05:50:52 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\Lokaler Dienst" (SID: S-1-5-19) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
und der APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.
Error: (11/25/2017 05:50:52 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\Lokaler Dienst" (SID: S-1-5-19) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
und der APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.
Error: (11/25/2017 05:50:52 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\Lokaler Dienst" (SID: S-1-5-19) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
und der APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.
Error: (11/25/2017 05:50:27 PM) (Source: DCOM) (EventID: 10010) (User: NT-AUTORITÄT)
Description: Der Server "{78FD0120-D39C-45D8-A9BE-2B802B3C23E5}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
Error: (11/25/2017 05:50:27 PM) (Source: DCOM) (EventID: 10010) (User: NT-AUTORITÄT)
Description: Der Server "{78FD0120-D39C-45D8-A9BE-2B802B3C23E5}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
Error: (11/25/2017 05:50:25 PM) (Source: DCOM) (EventID: 10001) (User: Freddy_Laptop)
Description: Ein DCOM-Server konnte nicht gestartet werden: Microsoft.Windows.ContentDeliveryManager_10.0.16299.15_neutral_neutral_cw5n1h2txyewy!App.AppXryc2qd338f5728r9gzzazav8206ba77s.mca als Nicht verfügbar/Nicht verfügbar. Fehler:
"31"
Aufgetreten beim Start dieses Befehls:
"C:\WINDOWS\system32\backgroundTaskHost.exe" -ServerName:App.AppXmtcan0h2tfbfy7k9kn8hbxb6dmzz1zh0.mca
CodeIntegrity:
===================================
Date: 2017-11-25 18:05:43.369
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume5\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.
Date: 2017-11-25 18:05:43.366
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume5\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.
Date: 2017-11-25 17:56:19.069
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume5\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.
Date: 2017-11-25 17:56:19.067
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume5\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.
Date: 2017-11-25 17:56:17.729
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume5\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.
Date: 2017-11-25 17:56:17.727
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume5\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.
Date: 2017-11-25 17:55:48.733
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume5\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.
Date: 2017-11-25 17:55:48.731
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume5\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.
Date: 2017-11-25 17:55:45.421
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume5\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.
Date: 2017-11-25 17:55:45.419
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume5\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.
==================== Speicherinformationen ===========================
Prozessor: Intel(R) Core(TM) i5-4200U CPU @ 1.60GHz
Prozentuale Nutzung des RAM: 59%
Installierter physikalischer RAM: 4002.87 MB
Verfügbarer physikalischer RAM: 1633.79 MB
Summe virtueller Speicher: 5858.87 MB
Verfügbarer virtueller Speicher: 2994.78 MB
==================== Laufwerke ================================
Drive c: () (Fixed) (Total:102.79 GB) (Free:47.03 GB) NTFS
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (Size: 119.2 GB) (Disk ID: BA336E2C)
Partition: GPT.
==================== Ende von Addition.txt ============================
|
|
26.11.2017, 11:52
| #8 |
| /// TB-Ausbilder | windows10: AVIRA meldet Trojaner-Fund Servus, wir entfernen noch ein bisschen was und kontrollieren nochmal alles. Die Logdatei von Schritt 1 kann unter Umständen sehr lange/groß sein. Gegebenenfalls musst du diese Logdatei dann auf mehrere Posts aufteilen. Hinweis: Der Suchlauf mit ESET kann länger dauern. Schritt 1
Schritt 2 Downloade dir die passende Version von HitmanPro auf deinen Desktop: HitmanPro - 32 Bit | HitmanPro - 64 Bit.
Schritt 3 Downloade Dir bitte ESET Online Scanner (Bebilderte Anleitung)
Schritt 4
 Gibt es jetzt noch Probleme mit dem PC oder mit deinen Internet Browsern? Wenn ja, welche?Bitte poste mit deiner nächsten Antwort
|
|
26.11.2017, 17:33
| #9 |
| | windows10: AVIRA meldet Trojaner-Fund Hallo, die 4 Schritte habe ich durchgeführt. Der ESET Online Scanner konnte keine Bedrohungen finden. Daher gibt es zu Schritt 3 keine Logdatei von ESET. Mit dem PC und dem Internet Browser gibt es keine aktuell keine Probleme. Auch vorher gab es diese nicht, jedoch meldete Avira immer wieder den Fund von Trojanern in C:\Windows\Temp. Diese Meldungen sind nun seit Beginn der Reinigung ausgeblieben. Anbei die 4 Logdateien von FRST-Fix, HitmanPro und FRST Code:
ATTFilter Entfernungsergebnis von Farbar Recovery Scan Tool (x64) Version: 24-11-2017 01
durchgeführt von Freddy (26-11-2017 15:54:55) Run:2
Gestartet von C:\Users\Freddy\Desktop\Trojan\Programme
Geladene Profile: Freddy (Verfügbare Profile: Freddy & Lydia)
Start-Modus: Normal
==============================================
fixlist Inhalt:
*****************
C:\AppData\Roaming\devnull
DeleteValue: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders|C:\Program Files (x86)\devnull\
DeleteKey: HKEY_USERS\.DEFAULT\Software\Caphyon\Advanced Updater\{5CD51A71-6B12-48AA-A8C4-525C1D32DC13}
DeleteValue: HKEY_USERS\.DEFAULT\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store|C:\ProgramData\devnull\NetAdapterUpdate\updates\NetAdapterUpdate\NetAdapterUpdate_setup_2.7.1.exe
DeleteValue: HKEY_USERS\.DEFAULT\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Layers|C:\Program Files (x86)\devnull\NetAdapterUpdate\NetAdapterUpdate.exe
Folder: C:\Program Files\{56D3DAAD-8F63-45A7-BFAE-018DFD76CEED}
Folder: C:\Program Files (x86)\{AAAE045A-FC8F-479E-9DD4-4D85D49D0A85}
Folder: C:\WINDOWS\Installer
Reboot:
*****************
C:\AppData\Roaming\devnull => erfolgreich verschoben
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files (x86)\devnull\ => Wert erfolgreich entfernt
HKEY_USERS\.DEFAULT\Software\Caphyon\Advanced Updater\{5CD51A71-6B12-48AA-A8C4-525C1D32DC13} => Schlüssel erfolgreich entfernt
HKEY_USERS\.DEFAULT\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Store\\C:\ProgramData\devnull\NetAdapterUpdate\updates\NetAdapterUpdate\NetAdapterUpdate_setup_2.7.1.exe => Wert erfolgreich entfernt
HKEY_USERS\.DEFAULT\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Layers\\C:\Program Files (x86)\devnull\NetAdapterUpdate\NetAdapterUpdate.exe => Wert erfolgreich entfernt
========================= Folder: C:\Program Files\{56D3DAAD-8F63-45A7-BFAE-018DFD76CEED} ========================
2017-10-18 21:57 - 2017-10-18 21:57 - 000000159 ____A [9C0D26FD74A3D71694C8D371C00A5F15] () C:\Program Files\{56D3DAAD-8F63-45A7-BFAE-018DFD76CEED}\config.json
2017-10-18 21:57 - 2017-10-18 21:57 - 000754556 ____A [D2B03955D6D0031387FE755B671890FE] () C:\Program Files\{56D3DAAD-8F63-45A7-BFAE-018DFD76CEED}\def.bin
====== Ende von Folder: ======
========================= Folder: C:\Program Files (x86)\{AAAE045A-FC8F-479E-9DD4-4D85D49D0A85} ========================
2017-10-18 21:57 - 2017-10-18 21:57 - 000000159 ____A [9C0D26FD74A3D71694C8D371C00A5F15] () C:\Program Files (x86)\{AAAE045A-FC8F-479E-9DD4-4D85D49D0A85}\config.json
2017-10-18 21:57 - 2017-10-18 21:57 - 000754556 ____A [D2B03955D6D0031387FE755B671890FE] () C:\Program Files (x86)\{AAAE045A-FC8F-479E-9DD4-4D85D49D0A85}\def.bin
====== Ende von Folder: ======
========================= Folder: C:\WINDOWS\Installer ========================
2017-04-12 11:25 - 2017-04-12 11:25 - 001642496 ___AC [20C2994B72452AB33BC4F368A9E0E37C] () C:\WINDOWS\Installer\123748.msp
2017-04-12 11:27 - 2017-04-12 11:27 - 018139648 ___AC [1A4757DE367A56BBA50419B4F7109072] () C:\WINDOWS\Installer\12374e.msp
2017-04-30 09:21 - 2017-04-30 09:21 - 056561664 ___AC [6871D1EF3A4CAA8B545C66CA7653ADA8] () C:\WINDOWS\Installer\12577ea4.msi
2017-04-30 09:20 - 2017-04-30 09:20 - 000761856 ___AC [1B7EF0DB6D8C6C84CBB385ABB9E2BAB9] () C:\WINDOWS\Installer\12577ead.msi
2017-07-22 15:42 - 2017-07-22 15:42 - 018333184 ___AC [D163091E48A65B9E71EA84CD1E8ADEDD] () C:\WINDOWS\Installer\12ecffc7.msp
2017-07-22 15:41 - 2017-07-22 15:41 - 001906688 ___AC [E5A2FA7C8242D85398EB3CA35C9E1C4E] () C:\WINDOWS\Installer\12ecffcc.msp
2017-07-03 20:16 - 2017-07-03 20:16 - 004073984 ___AC [AB4744CC4A0C290F1FA09E48303F5050] () C:\WINDOWS\Installer\150a899b.msi
2011-09-27 09:56 - 2011-09-27 09:56 - 005603328 ____A [F5B24671C3CC0FE2568FF0F2E22E1362] () C:\WINDOWS\Installer\160da4.msi
2017-08-25 16:57 - 2017-08-25 16:57 - 000620032 ___AC [7449AB648AC04DF0F4B37DA99B1A3B06] () C:\WINDOWS\Installer\16b159.msp
2017-08-25 11:21 - 2017-08-25 11:21 - 051655680 ___AC [2017E4EA9DD083C74FC22A9CA0C3E57E] () C:\WINDOWS\Installer\16b183.msp
2017-08-27 10:25 - 2017-08-27 10:25 - 000638976 ___AC [88F0242ED4CC0F9C21589D075FCF54BE] () C:\WINDOWS\Installer\16b198.msp
2017-08-25 11:22 - 2017-08-25 11:22 - 007904256 ___AC [9A2DBDDD58444A470C49931EC02D006D] () C:\WINDOWS\Installer\16b1b1.msp
2017-08-25 11:21 - 2017-08-25 11:21 - 042560000 ___AC [36966724D2790A90F1A3286E56AEE142] () C:\WINDOWS\Installer\16b1c7.msp
2017-09-04 13:07 - 2017-09-04 13:07 - 009108480 ___AC [EA800FDD695F32A96777359DA9F7D749] () C:\WINDOWS\Installer\16b1dc.msp
2017-09-14 01:40 - 2017-09-14 01:40 - 001410560 ___AC [B2D398F59DCF6CDB8A3E2638EE92B61C] () C:\WINDOWS\Installer\1abe251c.msp
2017-09-13 21:46 - 2017-09-13 21:46 - 002527744 ___AC [6DD6369539025E7B48A51620428AA581] () C:\WINDOWS\Installer\1abe2536.msp
2017-09-13 21:47 - 2017-09-13 21:47 - 018295808 ___AC [FDBD3E84170645CE0AAFF7CFE747E2C2] () C:\WINDOWS\Installer\1abe253c.msp
2017-08-25 11:37 - 2017-08-25 11:37 - 018270720 ___AC [58D53579FADD3C1E78B9DBF32710872C] () C:\WINDOWS\Installer\1ac5dfdf.msp
2017-08-25 11:37 - 2017-08-25 11:37 - 001907200 ___AC [B89D6B8260017251B4E3574025372C65] () C:\WINDOWS\Installer\1ac5dfe4.msp
2017-11-11 15:01 - 2017-11-11 15:01 - 051003392 ___AC [CA663F5003310E9A4CDE4F80C475D2D6] () C:\WINDOWS\Installer\1b2a8db1.msi
2017-11-11 15:01 - 2017-11-11 15:01 - 045936640 ___AC [A15EE7B076A63A6B89B9F483AD1B06FC] () C:\WINDOWS\Installer\1b2a8dfd.msi
2017-11-11 15:02 - 2017-11-11 15:02 - 014045184 ___AC [55A831C6034127856A0F00B7FCCEF12E] () C:\WINDOWS\Installer\1b2a8e39.msi
2017-11-11 15:03 - 2017-11-11 15:03 - 158834688 ___AC [2698944C4188D9A17CA8F35EFEF5F502] () C:\WINDOWS\Installer\1b2aa493.msi
2017-11-11 15:06 - 2017-11-11 15:06 - 041103360 ___AC [905DF77C8EFE48FFC99991029D7BE8E2] () C:\WINDOWS\Installer\1b2aa4cd.msi
2017-11-18 09:15 - 2017-11-18 09:15 - 000880128 ___AC [A666B14C461CC7207C0C9B3D0D2D28F3] () C:\WINDOWS\Installer\1b9827cc.msi
2017-11-13 05:24 - 2017-11-13 05:24 - 048394240 __RAC [DE45821BBC172EDD84DE68648EFF5D0C] () C:\WINDOWS\Installer\1b9828ae.msp
2017-10-29 17:11 - 2017-10-29 17:11 - 042559488 __RAC [A56C093C0888152092F87A11A7550E82] () C:\WINDOWS\Installer\1b9e52f2.msp
2017-10-29 17:16 - 2017-10-29 17:16 - 041168896 __RAC [F736FA7A2070866D217D2E924DD52BB6] () C:\WINDOWS\Installer\1b9e5309.msp
2017-10-05 09:29 - 2017-10-05 09:29 - 041166336 ___AC [298325B24042EF87CBA01592941ED22A] () C:\WINDOWS\Installer\1ba3d6a2.msp
2017-10-29 17:11 - 2017-10-29 17:11 - 008907776 __RAC [C995B975CE24616D428B7D4371011636] () C:\WINDOWS\Installer\1babfe64.msp
2013-09-27 12:19 - 2013-09-27 12:19 - 033496576 ____A [4C6764DF169600E7069608E40CEE35C8] () C:\WINDOWS\Installer\1c6327.msi
2008-08-08 14:11 - 2008-08-08 14:11 - 000232960 ___AC [6E17361F8E53B47656BCF0ED90ADE095] () C:\WINDOWS\Installer\1de899ed.msi
2013-08-07 14:26 - 2013-08-07 14:26 - 009056256 ____A [87E9C10C0AD20510B50E136A8FD06D03] () C:\WINDOWS\Installer\20054.msi
2016-12-27 12:43 - 2016-12-27 12:43 - 003067392 ___AC [528DE721C6F94F66E5F951EC154A9C97] () C:\WINDOWS\Installer\222f21cf.msi
2016-12-27 12:43 - 2016-12-27 12:43 - 001806336 ___AC [A0D2527E5E8888AD37C38DE7E2CC98C7] () C:\WINDOWS\Installer\222f21d4.msi
2016-12-27 12:43 - 2016-12-27 12:43 - 001808384 ___AC [FB80E3ADE302C51A28BFBADD711AA787] () C:\WINDOWS\Installer\222f21da.msi
2016-12-27 12:43 - 2016-12-27 12:43 - 001809408 ___AC [F4E9277EFE5A34C910E859F03C4DD31A] () C:\WINDOWS\Installer\222f21df.msi
2016-12-27 12:43 - 2016-12-27 12:43 - 002121216 ___AC [DAC7061B0C1C47146C1B78808AF53A42] () C:\WINDOWS\Installer\222f21e4.msi
2016-12-27 12:43 - 2016-12-27 12:43 - 000673792 ___AC [1CC9C604738872A73C159489C9CB37CD] () C:\WINDOWS\Installer\222f21e9.msi
2016-12-27 12:43 - 2016-12-27 12:43 - 000662528 ___AC [3E67D0C4D647EE1705422FE0B7052C37] () C:\WINDOWS\Installer\222f21ee.msi
2016-12-27 12:43 - 2016-12-27 12:43 - 000663040 ___AC [E3066C7F1DBB6F97D8078DAC655656A3] () C:\WINDOWS\Installer\222f21f3.msi
2016-12-27 12:43 - 2016-12-27 12:43 - 000667648 ___AC [ECFB202FD60D293DFADFA1FC24935C55] () C:\WINDOWS\Installer\222f21f8.msi
2016-12-27 12:43 - 2016-12-27 12:43 - 000656896 ___AC [8DBCFB3BA5B273CBDA729175EE28C7E2] () C:\WINDOWS\Installer\222f21fd.msi
2016-12-27 12:43 - 2016-12-27 12:43 - 000654848 ___AC [6AF9BBA5BB729378C59F0C9EBD44545B] () C:\WINDOWS\Installer\222f2202.msi
2016-12-27 12:43 - 2016-12-27 12:43 - 001805312 ___AC [CEE5C7E28709DBD1A96F1F97B8A5CCF8] () C:\WINDOWS\Installer\222f2207.msi
2016-12-27 12:43 - 2016-12-27 12:43 - 001820160 ___AC [B68BD80A5A3B703BABC7FB19BAF104AB] () C:\WINDOWS\Installer\222f220d.msi
2016-12-27 12:43 - 2016-12-27 12:43 - 002449408 ___AC [9B95E1FE1D112F830259ADFAF5596097] () C:\WINDOWS\Installer\222f2212.msi
2016-12-27 12:43 - 2016-12-27 12:43 - 001816576 ___AC [61E7643810F47ACE0CE4CDF7BA1C06A0] () C:\WINDOWS\Installer\222f2218.msi
2016-12-27 12:43 - 2016-12-27 12:43 - 001825280 ___AC [6F2CE47E25C133ABA586F9F586310F05] () C:\WINDOWS\Installer\222f221e.msi
2016-12-27 12:43 - 2016-12-27 12:43 - 003025408 ___AC [43B44C38BE513D9589ECAC7129DDC7C3] () C:\WINDOWS\Installer\222f2224.msi
2016-12-27 12:43 - 2016-12-27 12:43 - 024809472 ___AC [F7DCCD578605F72AEEED775C9EB40AB8] () C:\WINDOWS\Installer\222f222c.msi
2012-09-20 17:07 - 2012-09-20 17:07 - 014641152 ___AC [34691546869DC196023D7E257E733390] () C:\WINDOWS\Installer\2268abd7.msp
2012-09-20 17:08 - 2012-09-20 17:08 - 010855936 ___AC [013E75F0381EBADD4DA63DA7239B4A33] () C:\WINDOWS\Installer\2268abe3.msp
2012-09-20 17:07 - 2012-09-20 17:07 - 016380928 ___AC [72E57A8A0B598A1CC78BEF714F537A46] () C:\WINDOWS\Installer\2268abf7.msp
2012-03-21 05:57 - 2012-03-21 05:57 - 001591808 ___AC [FC3467430C085F59FFCB390C8D421521] () C:\WINDOWS\Installer\2268abfe.msp
2012-03-21 05:55 - 2012-03-21 05:55 - 000133632 ___AC [0EB296A1B1A94D333FC0E75038ACA61F] () C:\WINDOWS\Installer\2268ac04.msp
2011-10-26 22:50 - 2011-10-26 22:50 - 000599040 ___AC [4BD69B51794127EA3E03DCD060290E19] () C:\WINDOWS\Installer\2268ac0b.msp
2011-10-26 22:51 - 2011-10-26 22:51 - 016885760 ___AC [6F1ABF07EE1958F13B02F04722946621] () C:\WINDOWS\Installer\2268ac2b.msp
2014-09-03 00:32 - 2014-09-03 00:32 - 000548352 ___AC [8BEC6A46B81CEC203351B1DAEBC757E7] () C:\WINDOWS\Installer\22695fa5.msi
2014-09-03 03:42 - 2014-09-03 03:42 - 000440832 ___AC [80EC3FBDDBE25245745B6E2D7F48B421] () C:\WINDOWS\Installer\22695fbd.msi
2011-10-26 23:23 - 2011-10-26 23:23 - 008821760 ___AC [54545603C7553EAF51135362AAE98A32] () C:\WINDOWS\Installer\22695fd2.msp
2011-10-26 23:19 - 2011-10-26 23:19 - 001051648 ___AC [FD9291D80679D9350EC2771BF63CC8BF] () C:\WINDOWS\Installer\22695fda.msp
2011-06-19 23:28 - 2011-06-19 23:28 - 018457088 ___AC [7D13402EB208121BF15A75F4E4E462BC] () C:\WINDOWS\Installer\22695ff2.msp
2016-07-12 21:24 - 2016-07-12 21:24 - 003458560 ___AC [B058D56434802FFEE9024FABB1598540] () C:\WINDOWS\Installer\2269600f.msp
2015-06-17 15:23 - 2015-06-17 15:23 - 000432128 ___AC [250B1E0B4A57309940B83E41C536FD95] () C:\WINDOWS\Installer\22696016.msp
2011-07-21 12:34 - 2011-07-21 12:34 - 003456000 ___AC [BB26845BC8EEDD889C6525534F9F02C0] () C:\WINDOWS\Installer\22696084.msp
2013-07-15 19:15 - 2013-07-15 19:15 - 662040064 ___AC [BC8D20F02153707674C7E6B2880C851C] () C:\WINDOWS\Installer\226961ec.msp
2013-06-28 04:14 - 2013-06-28 04:14 - 017591808 ___AC [C7B32516565E90576E24FB4476971D55] () C:\WINDOWS\Installer\226961f8.msp
2013-06-28 03:52 - 2013-06-28 03:52 - 005682688 ___AC [1EA270FCE2AC75E17594CB27D3AD42A3] () C:\WINDOWS\Installer\22696221.msp
2013-06-28 03:45 - 2013-06-28 03:45 - 015785984 ___AC [0B42721C641F6EDC4A6277DE01EECB00] () C:\WINDOWS\Installer\2269623e.msp
2013-06-28 04:43 - 2013-06-28 04:43 - 002468352 ___AC [8B1E1BF5A41A524D2BC74AEFED2ADD00] () C:\WINDOWS\Installer\22696245.msp
2013-06-28 04:40 - 2013-06-28 04:40 - 012189184 ___AC [F032D56E63CF1073FA7A54AE9C7F0111] () C:\WINDOWS\Installer\2269624e.msp
2013-06-28 04:24 - 2013-06-28 04:24 - 015849472 ___AC [DA04F745157A09A16B1E9DD8341503B5] () C:\WINDOWS\Installer\22696259.msp
2013-06-28 03:56 - 2013-06-28 03:56 - 021501440 ___AC [B7E7101398B5CDF7B7619B305288D90C] () C:\WINDOWS\Installer\2269625f.msp
2013-06-28 04:28 - 2013-06-28 04:28 - 001220096 ___AC [BBB85953EF95E4234A6B9160B9981717] () C:\WINDOWS\Installer\22696296.msp
2013-06-28 04:31 - 2013-06-28 04:31 - 011771392 ___AC [8E311CC4FBA7C01C1E6C642B4E79D34F] () C:\WINDOWS\Installer\226962a9.msp
2013-08-14 02:42 - 2013-08-14 02:42 - 000027648 ___AC [9AA82B36308778D7793F9D3EA40E7C19] () C:\WINDOWS\Installer\226962be.msp
2012-10-19 21:29 - 2012-10-19 21:29 - 007054336 ____A [97C2EEBB30C5A88C68C8F24F37183F1D] () C:\WINDOWS\Installer\22949d.msi
2016-07-13 12:06 - 2016-07-13 12:06 - 000147456 ___AC [9296D67466D3E8C8D73ADB4FCDD1608A] () C:\WINDOWS\Installer\2368a4e4.msi
2016-07-13 12:06 - 2016-07-13 12:06 - 000143360 ___AC [3A86A7D8D151E950C161B7AA287E9C0E] () C:\WINDOWS\Installer\2368a4f8.msi
2017-03-15 08:57 - 2017-03-15 08:57 - 000469504 ___AC [187BC0CFBA68CDB73ADC8A3975AC9A44] () C:\WINDOWS\Installer\261e88e3.msp
2017-03-30 19:32 - 2017-03-30 19:32 - 042557952 ___AC [D751EF4AF4031AE046287949BD03486C] () C:\WINDOWS\Installer\261e88f9.msp
2017-04-02 00:41 - 2017-04-02 00:41 - 008898048 ___AC [C1F4845FED4F7EDAA993A680EFEAA2F1] () C:\WINDOWS\Installer\262a350c.msp
2017-03-30 19:30 - 2017-03-30 19:30 - 017819136 ___AC [7AB6CA65068B7E751549838BE66CA2FB] () C:\WINDOWS\Installer\262a3512.msp
2017-03-30 19:30 - 2017-03-30 19:30 - 001900544 ___AC [A46855476C8AF7EECF6A6AA8EEFC953B] () C:\WINDOWS\Installer\262a3517.msp
2017-04-17 16:10 - 2017-04-17 16:10 - 053348864 ___AC [4B1EB49781434D8A49CA3B96543A1AD1] () C:\WINDOWS\Installer\262a3525.msp
2017-01-09 04:40 - 2017-01-09 04:40 - 012447744 ___AC [AB07D00BAD7578C860A2F2C7128B38D4] () C:\WINDOWS\Installer\27450419.msp
2017-03-25 01:31 - 2017-03-25 01:31 - 042557952 ___AC [DA678EAFD5CEDA4D8892A8356AD27BBB] () C:\WINDOWS\Installer\2daa5b37.msp
2017-06-29 20:52 - 2017-06-29 20:52 - 011456512 ___AC [F8A385AF7AD668662F7B8FE408B5656D] () C:\WINDOWS\Installer\30857854.msi
2017-09-05 22:56 - 2017-09-05 22:56 - 002027008 ___AC [9035D6E80A048495B305CC1F99750299] () C:\WINDOWS\Installer\3118f102.msi
2011-06-11 03:30 - 2011-06-11 03:30 - 000163840 ____A [3FF9ACEA77AFC124BE8454269BB7143F] () C:\WINDOWS\Installer\37cbc.msi
2011-06-28 20:27 - 2011-06-28 20:27 - 004028928 ____A [9843DC93EA948CDDC1F480E53BB80C2F] () C:\WINDOWS\Installer\37cbd.msp
2016-11-09 18:06 - 2016-11-09 18:06 - 028815360 ___AC [3C762F677551081B1A75E476F7E0FDED] () C:\WINDOWS\Installer\432b7e0.msi
2016-11-09 18:06 - 2016-11-09 18:06 - 049221632 ___AC [5E5FFAEFD38C57656CF22A97704C1C5F] () C:\WINDOWS\Installer\432b803.msi
2017-08-22 14:42 - 2017-08-22 14:42 - 004100096 ___AC [F7098BCC1E9047565DBABF7F42201A7F] () C:\WINDOWS\Installer\47be20c7.msp
2017-05-15 06:16 - 2017-05-15 06:16 - 085828096 ___AC [01B15D9329E51EC43A32AF0BE3AE7BAA] () C:\WINDOWS\Installer\47be2467.msi
2012-11-28 17:50 - 2012-11-28 17:50 - 000694272 ____A [C86CCE93141E5A2313B33A3BF923E5FE] () C:\WINDOWS\Installer\4913.msi
2012-11-28 17:50 - 2012-11-28 17:50 - 000675328 ____A [C7AD3F2E8615433B841C78E5C78A093B] () C:\WINDOWS\Installer\4918.msi
2012-11-16 14:47 - 2012-11-16 14:47 - 001448448 ____A [73EB6B068B819C2BC1CB07103210C7B6] () C:\WINDOWS\Installer\4930.msi
2013-01-23 18:12 - 2013-01-23 18:12 - 006041600 ____A [B748D25CD4B2B56F912EEF5C3AA7B4C1] () C:\WINDOWS\Installer\4935.msi
2013-01-23 18:12 - 2013-01-23 18:12 - 005378048 ____A [1986DE06C3B951936D013438D2A90EE3] () C:\WINDOWS\Installer\493a.msi
2013-03-05 15:15 - 2013-03-05 15:15 - 005307392 ____A [9F1413BE215E291FB756187D854DE4FB] () C:\WINDOWS\Installer\4bc2.msi
2013-02-05 11:05 - 2013-02-05 11:05 - 000606720 ____A [FB5A5109BC5938FD312D4D4B3148CB80] () C:\WINDOWS\Installer\4bc7.msi
2013-02-05 12:32 - 2013-02-05 12:32 - 001436160 ____A [B96579B2209DB0944A7173F0728EFFEA] () C:\WINDOWS\Installer\4bd1.msi
2013-01-23 09:10 - 2013-01-23 09:10 - 007514624 ____A [C0E6E270F9C796E97638AA497EAFA424] () C:\WINDOWS\Installer\4bd6.msi
2012-12-27 23:05 - 2012-12-27 23:05 - 006251008 ____A [7A7E43E2F1A169B71242D5D406CE4B53] () C:\WINDOWS\Installer\4bdb.msi
2012-12-27 23:05 - 2012-12-27 23:05 - 005641216 ____A [0525BED468A72CDEEBA2907BFC94639E] () C:\WINDOWS\Installer\4be0.msi
2012-11-27 09:35 - 2012-11-27 09:35 - 005308416 ____A [F95267ACB775498D3617F76177047CE8] () C:\WINDOWS\Installer\4be5.msi
2013-01-22 16:28 - 2013-01-22 16:28 - 000606720 ____A [8EB8D3EC4A807E561FAE1F7C205BB811] () C:\WINDOWS\Installer\4bea.msi
2012-11-27 09:32 - 2012-11-27 09:32 - 005378048 ____A [E719B80E4CAD7DA747687E8007C22157] () C:\WINDOWS\Installer\4bef.msi
2013-03-08 00:06 - 2013-03-08 00:06 - 001403392 ____A [64FC8A6D658D82ABCA7F845BDB55926E] () C:\WINDOWS\Installer\4bf3.msi
2013-03-02 04:16 - 2013-03-02 04:16 - 063195136 ____A [CB22406C2F0FC3503F717FB2721A7A8F] () C:\WINDOWS\Installer\4bf8.msi
2013-03-15 02:34 - 2013-03-15 02:34 - 001507840 ____A [3D4C265C3E342A00EB040EE5A1BC0B6B] () C:\WINDOWS\Installer\4bfc.msi
2013-02-05 16:24 - 2013-02-05 16:24 - 006040576 ____A [763EDD52EDA43395094A2D464136F40A] () C:\WINDOWS\Installer\4c01.msi
2013-01-10 07:55 - 2013-01-10 07:55 - 005966336 ____A [AA5BA53F8E4F9995AB033819CD334AB4] () C:\WINDOWS\Installer\4c06.msi
2013-01-10 07:55 - 2013-01-10 07:55 - 005308416 ____A [5078ED0BF548449BA2D2950215587207] () C:\WINDOWS\Installer\4c0b.msi
2012-10-21 17:56 - 2012-10-21 17:56 - 002621952 ____A [3CF4BDEA86F5A7A9715850D66F573CB2] () C:\WINDOWS\Installer\4c2b.msi
2011-04-19 03:54 - 2011-04-19 03:54 - 000227328 ____A [7E641E6A0B456271745C20C3BB8A18F9] () C:\WINDOWS\Installer\4c3a.msi
2013-02-27 10:28 - 2013-02-27 10:28 - 125546496 ____A [FB0F38E4F5AC2230F4AE0E4ED5C57A3E] () C:\WINDOWS\Installer\4c47.msi
2013-03-06 03:35 - 2013-03-06 03:35 - 019405824 ____A [B47E7F5C05C73333F77CB90081E147E5] () C:\WINDOWS\Installer\4c4c.msi
2017-09-25 06:41 - 2017-09-25 06:41 - 003608576 ___AC [5F1FBBF794EEEF801A22E2E306115B86] () C:\WINDOWS\Installer\4ea32.msi
2017-04-11 03:44 - 2017-04-11 03:44 - 005967872 ___AC [77634F69C1AC8325C9E11A88B20D7BAB] () C:\WINDOWS\Installer\53705d1.msi
2016-01-29 11:09 - 2016-01-29 11:09 - 021528576 ___AC [C14FC9F00608327498188E762C1B5A6E] () C:\WINDOWS\Installer\5430815.msi
2017-03-30 18:23 - 2017-03-30 18:23 - 008859648 ___AC [479D4815B32F1A1DC85CE8BC07BB4766] () C:\WINDOWS\Installer\5430aa9.msi
2016-10-10 08:30 - 2016-10-10 08:30 - 048435200 ____A [74CB509A39157D0074C0D0787E4E5D88] () C:\WINDOWS\Installer\54c1a.msp
2017-04-12 11:25 - 2017-04-12 11:25 - 009121280 ___AC [A8B7D90EC28B0E2D377DB6380FC37B36] () C:\WINDOWS\Installer\54def0ff.msp
2017-04-26 01:53 - 2017-04-26 01:53 - 000609792 ___AC [3BFCF4627244ACC8207C6BF6C7B1F75B] () C:\WINDOWS\Installer\54def106.msp
2017-04-12 11:25 - 2017-04-12 11:25 - 041560064 ___AC [D4079F8B5B982BA3C6DBF2B82F8B7856] () C:\WINDOWS\Installer\54def11d.msp
2008-07-30 19:06 - 2008-07-30 19:06 - 000231936 ___AC [A25B2341A5C26FCD9CF540BF45801132] () C:\WINDOWS\Installer\54df47c.msi
2015-05-27 07:45 - 2015-05-27 07:45 - 006565888 ___AC [621626360A30A2AC20A8296B7BA1F891] () C:\WINDOWS\Installer\54df480.msi
2011-04-16 07:44 - 2011-04-16 07:44 - 002770944 ___AC [B20BBEB818222B657DF49A9CFE4FED79] () C:\WINDOWS\Installer\54df484.msi
2013-09-19 12:37 - 2013-09-19 12:37 - 000037888 ____A [61A3EC69364C43FD37541790269916AF] () C:\WINDOWS\Installer\558dce.msi
2014-03-01 02:09 - 2014-03-01 02:09 - 053242880 ____A [AA237A47D70B3BCDBC43BE89E6FFC2D7] () C:\WINDOWS\Installer\558dd4.msp
2017-04-10 06:33 - 2017-04-10 06:33 - 012533760 ___AC [2519BEDEC2C21EE3469A0A5B5842F6FA] () C:\WINDOWS\Installer\620da5.msp
2012-09-24 04:47 - 2012-09-24 04:47 - 002399232 ____A [94F902AAB4CBF21E76984A845518E529] () C:\WINDOWS\Installer\66935.msi
2013-12-21 08:58 - 2013-12-21 08:58 - 019824640 ____A [4C585337E2432E1DF6DC76E9953ABE4A] () C:\WINDOWS\Installer\66936.msp
2016-12-17 02:15 - 2016-12-17 02:15 - 000675840 ____A [B4F9CC20C38003FE69FB1A2855C6D7D5] () C:\WINDOWS\Installer\671f9.msi
2016-12-17 02:15 - 2016-12-17 02:15 - 001953792 ____A [67F21BF38CA2250AF89493CE136E8566] () C:\WINDOWS\Installer\676ed.msi
2016-12-17 02:17 - 2016-12-17 02:17 - 025105920 ____A [AC0D27940D3BC9F36A72A8CEC8DE037B] () C:\WINDOWS\Installer\67747.msi
2017-03-16 10:04 - 2017-03-16 10:04 - 053348864 ___AC [C61D3CA190052333979287150532B866] () C:\WINDOWS\Installer\67bb99cf.msp
2017-02-16 17:11 - 2017-02-16 17:11 - 041555968 ___AC [B823CBB4F0518F111E01785A7A00E56B] () C:\WINDOWS\Installer\67bb99e5.msp
2017-02-16 17:11 - 2017-02-16 17:11 - 000638976 ___AC [B39AE92708F6CEBC9D0920EC514A7BE5] () C:\WINDOWS\Installer\67bb99fa.msp
2017-02-16 17:10 - 2017-02-16 17:10 - 042558464 ___AC [9D68AE24DE282D1B25B95824C3FF09D2] () C:\WINDOWS\Installer\67bb9a10.msp
2015-10-14 22:22 - 2015-10-14 22:22 - 002732032 ____A [86E2B390629665FBC20E06DFBF01A48F] () C:\WINDOWS\Installer\747a3eac.msi
2016-01-12 04:17 - 2016-01-12 04:17 - 047423488 ____A [72E1B2F807A58916F291D0C544B98D71] () C:\WINDOWS\Installer\747a3fe6.msp
2016-01-16 17:59 - 2016-01-16 17:59 - 010689536 ____A [B42FB6CDD13D2B22EAD7C34A0AD0D5D0] () C:\WINDOWS\Installer\7489f805.msi
2014-11-18 11:01 - 2014-11-18 11:01 - 005547008 ____A [4F82E9208C62DF9C9DBDDAB1AE4C788D] () C:\WINDOWS\Installer\7489f80b.msi
2014-11-14 15:45 - 2014-11-14 15:45 - 006146560 ____A [06AB79AFCDA19807E073856842AA2A0C] () C:\WINDOWS\Installer\7489f80f.msi
2014-11-14 15:45 - 2014-11-14 15:45 - 005547008 ____A [AD90CD757E69EA392A5D09C76575774C] () C:\WINDOWS\Installer\7489f813.msi
2015-03-19 17:43 - 2015-03-19 17:43 - 006377472 ___AC [FE45293BFE29273B8764193485A69EE9] () C:\WINDOWS\Installer\78f690.msi
2015-03-19 17:43 - 2015-03-19 17:43 - 005767680 ___AC [F2F5DDFD358D6F4F384658FC284B5C9B] () C:\WINDOWS\Installer\78f694.msi
2011-06-11 03:29 - 2011-06-11 03:29 - 000177664 ____A [8F21BC0DC9E66F8E9D94197AE76698B3] () C:\WINDOWS\Installer\79271.msi
2011-06-28 20:21 - 2011-06-28 20:21 - 004637184 ____A [905FCC526204DDF1E6650212ABC3D848] () C:\WINDOWS\Installer\79272.msp
2014-03-06 18:07 - 2014-03-06 18:07 - 008253440 ____A [EB52B81D6D9E11C78F48C5CDBC6376F2] () C:\WINDOWS\Installer\7ae37.msi
2016-12-17 01:44 - 2016-12-17 01:44 - 032714240 ____A [E243B1E2379826B53835A4494CE8AE3E] () C:\WINDOWS\Installer\7aeba.msi
2016-12-17 01:44 - 2016-12-17 01:44 - 004461568 ____A [0A6F6FAF9EA3B2371EC7EFB26C8C8A8F] () C:\WINDOWS\Installer\7aebe.msi
2013-04-02 14:02 - 2013-04-02 14:02 - 007933952 ____A [8DB22B85C6207C522F9E1904A41FF38F] () C:\WINDOWS\Installer\7cb7f.msi
2017-09-15 14:40 - 2017-09-15 14:40 - 003739648 ___AC [251FEE4230E9F18B0F5656E5D90D050E] () C:\WINDOWS\Installer\83a202.msi
2017-08-07 09:20 - 2017-08-07 09:20 - 012849152 ___AC [F576FED62705EE752FCA48749A692F9B] () C:\WINDOWS\Installer\859cf.msp
2016-12-16 23:49 - 2016-12-16 23:49 - 053345280 ____A [07EE6A266847454498D6C814C335C56D] () C:\WINDOWS\Installer\8fd12.msp
2016-12-16 23:54 - 2016-12-16 23:54 - 041451520 ____A [2C80666AE49E25F97BF091935B07B03B] () C:\WINDOWS\Installer\8fd16.msi
2014-03-14 03:40 - 2014-03-14 03:40 - 000143360 ___AC [E3E632C282F2B368BCA82AACB80ACEAF] () C:\WINDOWS\Installer\95d10a9.msi
2014-03-14 03:40 - 2014-03-14 03:40 - 000143360 ___AC [D0A78FCAC0B92A149FE51C76371C989A] () C:\WINDOWS\Installer\95d10ad.msi
2015-11-06 02:49 - 2015-11-06 02:49 - 005554688 ____A [BE7544857CC203EA5C8AD17BF7F6D1FD] () C:\WINDOWS\Installer\99219.msi
2015-11-06 02:49 - 2015-11-06 02:49 - 006212608 ____A [5D88A9B86ED5A0F3F8A0A08177451F17] () C:\WINDOWS\Installer\9921d.msi
2015-10-14 09:45 - 2015-10-14 09:45 - 000083456 ___AC [C0DF04053B2063EF95A3EDD00BED6D9C] () C:\WINDOWS\Installer\a28d60a.msp
2015-07-16 08:19 - 2015-07-16 08:19 - 000387584 ___AC [DB96C60085CB01B0A6C9DB55274A3C8D] () C:\WINDOWS\Installer\a28d61f.msp
2016-07-13 04:35 - 2016-07-13 04:35 - 000604160 ___AC [3C379684FB4848D68A2239EF56606F47] () C:\WINDOWS\Installer\a28d62f.msp
2016-08-18 07:25 - 2016-08-18 07:25 - 002936832 ___AC [1E0114A4B2EF5AF77ADA45B3E11A4646] () C:\WINDOWS\Installer\a28d644.msp
2016-02-09 22:44 - 2016-02-09 22:44 - 005276160 ___AC [3142873CC45F7B796B2BE67291F087D0] () C:\WINDOWS\Installer\a28d65b.msp
2015-02-17 17:38 - 2015-02-17 17:38 - 051382272 ___AC [7003D75E20E0D2D7387B3FDCA169288A] () C:\WINDOWS\Installer\a28d677.msp
2015-02-17 17:38 - 2015-02-17 17:38 - 000747520 ___AC [C45C3701E768CA74A15E9E22E929A187] () C:\WINDOWS\Installer\a28d67d.msp
2013-07-24 08:28 - 2013-07-24 08:28 - 003137536 ___AC [C630679D8395938DD9EC9B47B42D16B6] () C:\WINDOWS\Installer\a28d692.msp
2016-05-17 17:56 - 2016-05-17 17:56 - 020833792 ___AC [869C29B55155D11E88D9453967E3018D] () C:\WINDOWS\Installer\a28d6a7.msp
2016-11-16 09:17 - 2016-11-16 09:17 - 000638464 ___AC [66C112FBB3FDC078E18460DEE23373FD] () C:\WINDOWS\Installer\a28d6bc.msp
2013-09-06 23:07 - 2013-09-06 23:07 - 011534336 ___AC [12C4C3BF83D907E92EE8C14E649CDB0A] () C:\WINDOWS\Installer\a28d6d1.msp
2016-10-12 03:03 - 2016-10-12 03:03 - 051630080 ___AC [E55E984860F8F0A816A94AB731104ABE] () C:\WINDOWS\Installer\a28d6fd.msp
2015-06-24 01:19 - 2015-06-24 01:19 - 002925056 ___AC [87135204BEFC4DFB456B5E7155A81A57] () C:\WINDOWS\Installer\a28d712.msp
2016-08-18 07:28 - 2016-08-18 07:28 - 017636352 ___AC [5927ECAA5CA22BDC46E215F6B38F2671] () C:\WINDOWS\Installer\a28d718.msp
2016-08-18 07:28 - 2016-08-18 07:28 - 001884160 ___AC [B2C62B161CD76DF9F6121AA05E3A1770] () C:\WINDOWS\Installer\a28d71d.msp
2015-10-14 10:44 - 2015-10-14 10:44 - 000409600 ___AC [FAB1CA6D1FA7F2034AD9499967BCF1F4] () C:\WINDOWS\Installer\a28d723.msp
2015-10-14 10:44 - 2015-10-14 10:44 - 041556480 ___AC [A0945F7E05B99A35D8B1EA1025775C7C] () C:\WINDOWS\Installer\a28d740.msp
2015-07-16 08:20 - 2015-07-16 08:20 - 001110528 ___AC [D5FA2EC1CFAB63A9B5BB34721E77BFCB] () C:\WINDOWS\Installer\a28d755.msp
2016-11-16 09:18 - 2016-11-16 09:18 - 041379328 ___AC [1B2481EE464087E5F4922896074F463B] () C:\WINDOWS\Installer\a28d76c.msp
2015-03-22 23:32 - 2015-03-22 23:32 - 000943616 ___AC [ACB9515592DBB66138CC902F91A68019] () C:\WINDOWS\Installer\a28d773.msp
2015-03-22 23:31 - 2015-03-22 23:31 - 042528256 ___AC [21A270A5D26E9B91C3525133C4189892] () C:\WINDOWS\Installer\a28d792.msp
2013-12-18 18:07 - 2013-12-18 18:07 - 018188288 ___AC [672213F5BA279F58BE589766E93C9394] () C:\WINDOWS\Installer\a28d7af.msp
2016-10-20 13:15 - 2016-10-20 13:15 - 001646080 ___AC [56539C33662978F1018B21559D2C92D2] () C:\WINDOWS\Installer\a28d7ca.msp
2015-11-11 09:58 - 2015-11-11 09:58 - 000758784 ___AC [4B1FC5D902E267BE319754C367BD682D] () C:\WINDOWS\Installer\a28d7df.msp
2016-04-20 06:41 - 2016-04-20 06:41 - 008040960 ___AC [2D1E4DDF8BBE1998F140C6C2865820F1] () C:\WINDOWS\Installer\a28d7f4.msp
2013-07-24 08:07 - 2013-07-24 08:07 - 003693056 ___AC [5D9DE6717BE89C7569553BA8B18EE459] () C:\WINDOWS\Installer\a28d80a.msp
2014-10-03 17:02 - 2014-10-03 17:02 - 001872896 ___AC [9B58672B68ECC6A01E0DB3C1AE006E1A] () C:\WINDOWS\Installer\a28d81f.msp
2015-05-14 16:09 - 2015-05-14 16:09 - 001469952 ___AC [D171974C57179A2701CB58DDBD090FB1] () C:\WINDOWS\Installer\a28d825.msp
2015-12-11 15:05 - 2015-12-11 15:05 - 003471360 ___AC [4C155D61F5001D6AD6AEA5236B99CCF5] () C:\WINDOWS\Installer\a28d847.msp
2014-10-03 17:01 - 2014-10-03 17:01 - 000449024 ___AC [204EEB858E08F96FACFB3767292D4B19] () C:\WINDOWS\Installer\a28d85f.msp
2016-02-09 22:45 - 2016-02-09 22:45 - 000336384 ___AC [4E6F18D9C3E7F9173B4E4483DC0F4825] () C:\WINDOWS\Installer\a28d876.msp
2015-11-11 10:00 - 2015-11-11 10:00 - 009611264 ___AC [14578DB7A1EDFE36ACB95BA18AFE20AD] () C:\WINDOWS\Installer\a28d883.msp
2015-11-11 10:00 - 2015-11-11 10:00 - 013788160 ___AC [312CCEFF33C085C80CE02D7B0044E8BE] () C:\WINDOWS\Installer\a28d890.msp
2015-11-11 10:01 - 2015-11-11 10:01 - 001431552 ___AC [22260CDCA69E65129EE160D7CBF6D448] () C:\WINDOWS\Installer\a28d895.msp
2015-11-11 10:00 - 2015-11-11 10:00 - 013250048 ___AC [0AA6D26C6CF91D06018D5ABF455DAD96] () C:\WINDOWS\Installer\a28d8a2.msp
2014-04-17 16:09 - 2014-04-17 16:09 - 001133568 ___AC [3DC9A5733D18251A48EF66018693F72C] () C:\WINDOWS\Installer\a28d8b7.msp
2015-09-04 23:32 - 2015-09-04 23:32 - 005976064 ___AC [6F66E5191C333D82751B9F0A3BE0C723] () C:\WINDOWS\Installer\a28d8cd.msp
2013-07-24 08:21 - 2013-07-24 08:21 - 001097728 ___AC [A70A83D07503AB03B495E3C9E5901806] () C:\WINDOWS\Installer\a28d8e8.msp
2016-05-17 17:56 - 2016-05-17 17:56 - 004758016 ___AC [7A19EDE910F469450038A0602FB2E7A3] () C:\WINDOWS\Installer\a28d8ff.msp
2015-02-17 17:43 - 2015-02-17 17:43 - 008855552 ___AC [87EC02332AB225DB977B05D3316A5044] () C:\WINDOWS\Installer\a28d914.msp
2015-02-17 17:41 - 2015-02-17 17:41 - 001033728 ___AC [C7B30CC209469C8D53DA543CC8B8FA26] () C:\WINDOWS\Installer\a28d91b.msp
2013-08-14 02:37 - 2013-08-14 02:37 - 000390144 ___AC [8FA38D6ED06ECD298598F91451561DE2] () C:\WINDOWS\Installer\a28d930.msp
2013-09-06 23:07 - 2013-09-06 23:07 - 002347008 ___AC [D2E9AF3E68007ADEB8805B0EB0F44747] () C:\WINDOWS\Installer\a28d945.msp
2015-11-11 09:59 - 2015-11-11 09:59 - 000409600 ___AC [9F20BF82F7C901B5AB5BABD40B3AA9DA] () C:\WINDOWS\Installer\a28d951.msp
2015-12-11 15:05 - 2015-12-11 15:05 - 000978432 ___AC [D1F7A46D158D55B0A7D99838DEA16E9D] () C:\WINDOWS\Installer\a28d96c.msp
2016-11-16 09:18 - 2016-11-16 09:18 - 007880192 ___AC [9E85BFB88A0450BA0BA90967297B7314] () C:\WINDOWS\Installer\a28d986.msp
2016-07-12 21:24 - 2016-07-12 21:24 - 000595456 ___AC [28335FA271BD4F2D1240E578615A4142] () C:\WINDOWS\Installer\a28d98c.msp
2016-07-12 21:25 - 2016-07-12 21:25 - 013164544 ___AC [13FA2F8E17114C404D3840589767E3E6] () C:\WINDOWS\Installer\a28d9ad.msp
2016-05-17 17:56 - 2016-05-17 17:56 - 002978304 ___AC [C0130B7920995296A57EFC77E202FEF5] () C:\WINDOWS\Installer\a28d9cb.msp
2016-11-16 09:18 - 2016-11-16 09:18 - 009089024 ___AC [709C19E8CD2E390B8CB36FF453E30C14] () C:\WINDOWS\Installer\a28d9e0.msp
2013-10-25 17:42 - 2013-10-25 17:42 - 001649664 ___AC [BF2C3675378C085D1233786CB20F1751] () C:\WINDOWS\Installer\a28d9f5.msp
2014-11-12 00:00 - 2014-11-12 00:00 - 001543168 ___AC [74AFE6C3A6449E68F23FD777C7CF8CC3] () C:\WINDOWS\Installer\a28da0a.msp
2015-09-04 23:34 - 2015-09-04 23:34 - 000534016 ___AC [6A4410AD3A29E72C26DB202B7590B5DB] () C:\WINDOWS\Installer\a28da1f.msp
2016-04-20 06:40 - 2016-04-20 06:40 - 003716608 ___AC [52673293B5E97B1C2D2D3E4E5CA96F3F] () C:\WINDOWS\Installer\a28da34.msp
2014-11-11 23:59 - 2014-11-11 23:59 - 002994688 ___AC [1D6988AC6114F24B6D818C60ACA36F07] () C:\WINDOWS\Installer\a28da4c.msp
2015-10-20 20:20 - 2015-10-20 20:20 - 018664960 ___AC [C05CCC11E634AF908CEB864742B1EABE] () C:\WINDOWS\Installer\a28da6c.msp
2016-01-13 10:19 - 2016-01-13 10:19 - 005639168 ___AC [3B5AAE075242D3D8B237AEF95FF08212] () C:\WINDOWS\Installer\a28da81.msp
2013-12-18 18:07 - 2013-12-18 18:07 - 002656256 ___AC [F7C08F9F7C311507531A89600C975B06] () C:\WINDOWS\Installer\a28daac.msp
2015-08-13 06:16 - 2015-08-13 06:16 - 000298496 ___AC [5169F03FA8D6F3799F97DB7257F7E843] () C:\WINDOWS\Installer\a28dac1.msp
2016-11-16 09:18 - 2016-11-16 09:18 - 042566656 ___AC [683068514C662F555818E2FC399FAAA7] () C:\WINDOWS\Installer\a28dad8.msp
2017-06-05 13:54 - 2017-06-05 13:54 - 002940416 ___AC [A7D08BF4B135FAD8019E4058CF651E04] () C:\WINDOWS\Installer\dcea6fc.msp
2017-06-05 14:00 - 2017-06-05 14:00 - 000468992 ___AC [B49890B24CDE03D59C29CF191384264D] () C:\WINDOWS\Installer\dcea711.msp
2017-06-05 14:11 - 2017-06-05 14:11 - 000608256 ___AC [57897C4CC9B0C72E23F4619833F709F2] () C:\WINDOWS\Installer\dcea719.msp
2017-06-05 13:56 - 2017-06-05 13:56 - 017848320 ___AC [AF6BCC4EC073BF3978AC54ED302CEBC5] () C:\WINDOWS\Installer\dcea71f.msp
2017-06-05 14:00 - 2017-06-05 14:00 - 000637952 ___AC [31566A0B6471E1D0846E4FF9A3005ADB] () C:\WINDOWS\Installer\dcea734.msp
2017-06-05 13:53 - 2017-06-05 13:53 - 008860672 ___AC [C1495B40630AFBC031AE99A12D599B07] () C:\WINDOWS\Installer\dcea749.msp
2017-06-05 13:55 - 2017-06-05 13:55 - 041163776 ___AC [356EB336C120A912943A344C8E83BE43] () C:\WINDOWS\Installer\dcea760.msp
2017-06-14 06:50 - 2017-06-14 06:50 - 053350400 ___AC [CF4BD0F8A5D1CFC63EC5759D4DFC4811] () C:\WINDOWS\Installer\dcea76e.msp
2017-11-02 16:38 - 2017-11-02 16:38 - 004265326 ___AC [876CC305D49B41276371A08164D28385] () C:\WINDOWS\Installer\e3b8.msi
2017-06-20 17:35 - 2017-06-20 17:35 - 042558976 ___AC [5CB0E67F021872847CDF1267609F902A] () C:\WINDOWS\Installer\ebdc393.msp
2017-07-05 14:37 - 2017-07-05 14:37 - 009083904 ___AC [3CF92E60358F738A6CFD79240BFB2BEA] () C:\WINDOWS\Installer\ebdc3a8.msp
2013-08-30 22:59 - 2013-08-30 22:59 - 006241280 ____A [6B9CE324EFF491139EC4D589A87B937D] () C:\WINDOWS\Installer\ecfb.msi
2013-08-30 22:59 - 2013-08-30 22:59 - 005631488 ____A [87CBF89BD0C091C7DC85E4366AA4C0C3] () C:\WINDOWS\Installer\ed04.msi
2017-07-03 23:18 - 2017-07-03 23:18 - 000017560 ___AC [4C7188791DC10134D0950FB150731D72] (Caphyon LTD) C:\WINDOWS\Installer\MSI1084.tmp
2017-06-29 20:56 - 2017-06-29 20:56 - 000017560 ___AC [8DFBA918F675337C0BC72210F7EFD607] (Caphyon LTD) C:\WINDOWS\Installer\MSI13D8.tmp
2017-06-29 20:52 - 2017-06-29 20:52 - 000020480 ___AC [6B440E6DA7A8A1A8E436D0F93A11D95D] () C:\WINDOWS\Installer\SourceHash{0E05CA72-D8DD-432F-A2CC-880034A48577}
2016-12-20 20:26 - 2016-12-20 20:26 - 000020480 ___AC [0F8D1F431F9FC265C1E45ADFC53BC66B] () C:\WINDOWS\Installer\SourceHash{13A4EE12-23EA-3371-91EE-EFB36DDFFF3E}
2016-12-27 13:47 - 2016-12-27 13:47 - 000020480 ___AC [96A0F116149405EA96CE64ECCD7CDAFE] () C:\WINDOWS\Installer\SourceHash{180500C1-57BB-3AA8-8E55-DCD5ECD16537}
2017-11-11 15:05 - 2017-11-11 15:05 - 000020480 ___AC [122299D2E804220E3765F38DF9695803] () C:\WINDOWS\Installer\SourceHash{24607015-8D34-4AF3-9092-AC83847AE073}
2017-04-30 09:21 - 2017-04-30 09:21 - 000020480 ___AC [C183E73FCAF069117488CB091664DDF2] () C:\WINDOWS\Installer\SourceHash{26A24AE4-039D-4CA4-87B4-2F32180131F0}
2017-06-01 05:46 - 2017-06-01 05:46 - 000020480 ___AC [5C05739387AB7363003DACDF3618821C] () C:\WINDOWS\Installer\SourceHash{293F2009-0145-450B-B4AA-063D43FB368C}
2017-11-11 15:03 - 2017-11-11 15:03 - 000020480 ___AC [FD9132E6DE180DA8364C58828CE24B99] () C:\WINDOWS\Installer\SourceHash{31A0B634-BCF4-4D3F-8336-87FEACFEE142}
2017-03-27 06:24 - 2017-03-27 06:24 - 000020480 ___AC [0F11DC53663181002BB2DE576C7327EA] () C:\WINDOWS\Installer\SourceHash{37B55901-995A-3650-80B1-BBFD047E2911}
2017-11-18 15:16 - 2017-11-18 15:16 - 000020480 ___AC [233938A5C8DC125EB5D51C5EDA8BD5CD] () C:\WINDOWS\Installer\SourceHash{37C2DE81-46FA-4EB3-83A5-F0D8F5B08F6E}
2017-06-20 08:26 - 2017-06-20 08:26 - 000020480 ___AC [3C26B7D6EFF7ACC03E3096C20988F4F9] () C:\WINDOWS\Installer\SourceHash{402ED4A1-8F5B-387A-8688-997ABF58B8F2}
2017-01-15 19:37 - 2017-04-30 09:22 - 000020480 ___AC [272484710E6648612287869C45E2FA43] () C:\WINDOWS\Installer\SourceHash{4A03706F-666A-4037-7777-5F2748764D10}
2016-12-17 13:45 - 2016-12-17 13:45 - 000020480 ___AC [4023498BCC131A89BCF0EAB9D3F6A115] () C:\WINDOWS\Installer\SourceHash{606DF716-F28D-4449-B0B1-3AB6081F51AF}
2017-01-03 10:25 - 2017-01-03 10:25 - 000020480 ___AC [71082B28B2DBF7043AB4A1EF45085CA4] () C:\WINDOWS\Installer\SourceHash{632A7163-BA88-4BD5-9E83-489A2E45EC1F}
2017-06-20 08:26 - 2017-06-20 08:26 - 000020480 ___AC [21B187E537D020F97DEDDF9F095C1AE6] () C:\WINDOWS\Installer\SourceHash{6BF9F374-EC67-4808-A90C-F127DE6D989D}
2017-06-20 08:26 - 2017-06-20 08:26 - 000020480 ___AC [AF8B1E35F1C14F9E4A76C2DBCC545E68] () C:\WINDOWS\Installer\SourceHash{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}
2017-07-03 23:17 - 2017-07-03 23:17 - 000020480 ___AC [7224F4500574890D1645F2A0B4F10371] () C:\WINDOWS\Installer\SourceHash{75D563F2-A567-4815-A2E2-080D3503E209}
2017-09-05 22:56 - 2017-09-05 22:56 - 000020480 ___AC [464D73E34AB3AFF774A542F69AEE8773] () C:\WINDOWS\Installer\SourceHash{790EC520-CCCC-4810-A0FE-061633204CE4}
2017-06-20 08:01 - 2017-06-20 08:01 - 000020480 ___AC [18A8364C54557F9B0669E6AFFD4EDF5F] () C:\WINDOWS\Installer\SourceHash{7BAC3F7A-B963-468E-982E-B5608A87408D}
2017-03-27 06:25 - 2017-03-27 06:25 - 000020480 ___AC [C96E05A64DEBB4B0FAA297D2E3303F81] () C:\WINDOWS\Installer\SourceHash{844ECB74-9B63-3D5C-958C-30BD23F19EE4}
2017-11-11 15:01 - 2017-11-11 15:01 - 000020480 ___AC [291AE29AF6FBB7178ACBD169E1EFE634] () C:\WINDOWS\Installer\SourceHash{8B47B514-F5D2-4E0D-B951-6E250618A7CD}
2016-12-27 12:44 - 2016-12-27 12:44 - 000020480 ___AC [854A9884B60227193DF108EA69EF9650] () C:\WINDOWS\Installer\SourceHash{90140000-0011-0000-0000-0000000FF1CE}
2016-12-27 12:44 - 2016-12-27 12:44 - 000020480 ___AC [42D402451A217E6FB63C63E9EBCA4E33] () C:\WINDOWS\Installer\SourceHash{90140000-0015-0407-0000-0000000FF1CE}
2016-12-27 12:43 - 2016-12-27 12:43 - 000020480 ___AC [925E3F33EE2E60FC3B08BE90C7F143B7] () C:\WINDOWS\Installer\SourceHash{90140000-0016-0407-0000-0000000FF1CE}
2016-12-27 12:43 - 2016-12-27 12:43 - 000020480 ___AC [986B99F0EE0CC13CB3665482C5F120B8] () C:\WINDOWS\Installer\SourceHash{90140000-0018-0407-0000-0000000FF1CE}
2016-12-27 12:44 - 2016-12-27 12:44 - 000020480 ___AC [518534FFDE9869636DF8FC76BE43D371] () C:\WINDOWS\Installer\SourceHash{90140000-0019-0407-0000-0000000FF1CE}
2016-12-27 12:43 - 2016-12-27 12:43 - 000020480 ___AC [56F4BE99D649EB1B54455D1C37447F7D] () C:\WINDOWS\Installer\SourceHash{90140000-001A-0407-0000-0000000FF1CE}
2016-12-27 12:44 - 2016-12-27 12:44 - 000020480 ___AC [D4146183CBA42545F6A8F6BA2728DF95] () C:\WINDOWS\Installer\SourceHash{90140000-001B-0407-0000-0000000FF1CE}
2016-12-27 12:44 - 2016-12-27 12:44 - 000020480 ___AC [429647C95F26DF08E17A10BF39DED34E] () C:\WINDOWS\Installer\SourceHash{90140000-001F-0407-0000-0000000FF1CE}
2016-12-27 12:44 - 2016-12-27 12:44 - 000020480 ___AC [5E937677FB939C256DCEA9387844B4F5] () C:\WINDOWS\Installer\SourceHash{90140000-001F-0409-0000-0000000FF1CE}
2016-12-27 12:44 - 2016-12-27 12:44 - 000020480 ___AC [1B1149B8E6229FFDAEF7B39B10F90290] () C:\WINDOWS\Installer\SourceHash{90140000-001F-040C-0000-0000000FF1CE}
2016-12-27 12:44 - 2016-12-27 12:44 - 000020480 ___AC [7563D20E1105C0D2751FF9E300B625CD] () C:\WINDOWS\Installer\SourceHash{90140000-001F-0410-0000-0000000FF1CE}
2016-12-27 12:44 - 2016-12-27 12:44 - 000020480 ___AC [240AAB7E550660A8584730436940BCB8] () C:\WINDOWS\Installer\SourceHash{90140000-002A-0000-1000-0000000FF1CE}
2016-12-27 12:43 - 2016-12-27 12:43 - 000020480 ___AC [7CD0C4902D51B0936B550A5BE8AFA72B] () C:\WINDOWS\Installer\SourceHash{90140000-002A-0407-1000-0000000FF1CE}
2016-12-27 12:44 - 2016-12-27 12:44 - 000020480 ___AC [E1CBF4142D2CD3D2A9F8BAB3395CF492] () C:\WINDOWS\Installer\SourceHash{90140000-002C-0407-0000-0000000FF1CE}
2016-12-27 12:44 - 2016-12-27 12:44 - 000020480 ___AC [23715A3B696693CA9C03473BFAC30120] () C:\WINDOWS\Installer\SourceHash{90140000-0044-0407-0000-0000000FF1CE}
2016-12-27 12:43 - 2016-12-27 12:43 - 000020480 ___AC [0BD0BC47AD6FACE7282CDD5BB604CF15] () C:\WINDOWS\Installer\SourceHash{90140000-006E-0407-0000-0000000FF1CE}
2016-12-27 12:44 - 2016-12-27 12:44 - 000020480 ___AC [D564D8CA87430BCD5F530FF02F62883C] () C:\WINDOWS\Installer\SourceHash{90140000-00A1-0407-0000-0000000FF1CE}
2016-12-27 12:43 - 2016-12-27 12:43 - 000020480 ___AC [26D5522F499F439AA26EFE83A5D848E3] () C:\WINDOWS\Installer\SourceHash{90140000-00BA-0407-0000-0000000FF1CE}
2016-12-27 13:47 - 2016-12-27 13:47 - 000020480 ___AC [016B3B94125255FD052C6DCB191B9069] () C:\WINDOWS\Installer\SourceHash{9495AEB4-AB97-39DE-8C42-806EEF75ECA7}
2017-09-05 22:56 - 2017-09-05 22:56 - 000020480 ___AC [DBBCBFDC8D48420F9641255DC81E82B6] () C:\WINDOWS\Installer\SourceHash{9853299F-7AD8-4560-9896-60650BD8ACBF}
2016-12-26 16:48 - 2016-12-26 16:48 - 000020480 ___AC [F5223DC4D6BFBD289DC041E53DAF8BE0] () C:\WINDOWS\Installer\SourceHash{9A25302D-30C0-39D9-BD6F-21E6EC160475}
2017-08-27 09:25 - 2017-08-27 09:25 - 000020480 ___AC [7804BD49BD878038884ACA4CDA2A7250] () C:\WINDOWS\Installer\SourceHash{9C4E9490-3862-4EE0-90E6-C2457B67CD5F}
2017-06-20 08:14 - 2017-06-20 08:14 - 000020480 ___AC [71494F7493294761D26E83937719F015] () C:\WINDOWS\Installer\SourceHash{9F205E94-9E42-4486-A92A-DF3F6CB85444}
2017-11-18 09:16 - 2017-11-18 09:16 - 000020480 ___AC [A8459E873C41BE9C050682701451B0AE] () C:\WINDOWS\Installer\SourceHash{AC76BA86-0804-1033-1959-001824245926}
2017-10-28 11:56 - 2017-10-28 11:56 - 000020480 ___AC [8EA962D9B31EAF2B0AF66AFA494C8F43] () C:\WINDOWS\Installer\SourceHash{B0169E83-757B-EF66-E2F0-391944D785BC}
2017-06-20 08:15 - 2017-06-20 08:15 - 000020480 ___AC [1F6710F8666A0D9737CBDFE9AA0A3246] () C:\WINDOWS\Installer\SourceHash{BB6241FF-8B76-45A5-95B9-888EDE8E47DC}
2016-12-17 13:45 - 2016-12-17 13:45 - 000020480 ___AC [183602DCEFAA00F5A59B0E799D38A379] () C:\WINDOWS\Installer\SourceHash{BC3FFCF0-3DB7-47D2-BF15-1979AB59D12B}
2017-09-25 06:43 - 2017-09-25 06:43 - 000020480 ___AC [9C783DE015FF29E3A585D7EECE832C19] () C:\WINDOWS\Installer\SourceHash{C1BBFD2A-BCDD-45B3-8C0B-66BD434970A8}
2017-11-11 15:02 - 2017-11-11 15:02 - 000020480 ___AC [D5B6070BD79A2F7B176B6A4DB77C449C] () C:\WINDOWS\Installer\SourceHash{D811A40A-9791-497C-B9DC-2D89C8E95EA1}
2016-12-20 20:26 - 2016-12-20 20:26 - 000020480 ___AC [9A36E931EB92488EBDDF5E17FE71C020] () C:\WINDOWS\Installer\SourceHash{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}
2017-01-03 10:25 - 2017-01-03 10:25 - 000020480 ___AC [67F2068158852956708EE23E7A6FE1D2] () C:\WINDOWS\Installer\SourceHash{FABDE004-365B-4A61-AD9E-96A9BAA53437}
2017-11-11 15:06 - 2017-11-11 15:06 - 000020480 ___AC [CC4839AA682D4D7D0713EFFC575446DB] () C:\WINDOWS\Installer\SourceHash{FF99A618-BCA5-4658-B9FF-CCF57C177610}
2017-05-29 19:28 - 2017-05-29 19:28 - 000000000 ___AC [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\wix{0A596141-97D5-45FA-9281-98DFAF48D579}.SchedServiceConfig.rmi
2016-12-19 00:33 - 2016-12-19 00:33 - 000000000 ___AC [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\wix{1EA2BCA6-A020-475E-928C-6F83C4FDED5B}.SchedServiceConfig.rmi
2017-06-28 00:14 - 2017-06-28 00:14 - 000000000 ___AC [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\wix{271D5399-34AF-4611-BCD9-B09185B2BBE0}.SchedServiceConfig.rmi
2017-11-11 15:03 - 2017-11-11 15:03 - 000000000 ___AC [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\wix{31A0B634-BCF4-4D3F-8336-87FEACFEE142}.SchedServiceConfig.rmi
2015-12-31 12:41 - 2015-12-31 12:41 - 000000000 ____A [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\wix{3540181E-340A-4E7A-B409-31663472B2F7}.SchedServiceConfig.rmi
2017-11-18 15:16 - 2017-11-18 15:16 - 000000000 ___AC [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\wix{37C2DE81-46FA-4EB3-83A5-F0D8F5B08F6E}.SchedServiceConfig.rmi
2017-06-19 07:43 - 2017-06-19 07:43 - 000000000 ___AC [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\wix{3C44882C-FFF6-4866-B1A4-BCC59E0E528C}.SchedServiceConfig.rmi
2013-08-08 11:10 - 2013-08-08 11:10 - 000000288 ____A [907A88D2BEDDBC4EAEBF6E0186A01E5B] () C:\WINDOWS\Installer\wix{44B72151-611E-429D-9765-9BA093D7E48A}.SchedServiceConfig.rmi
2016-12-17 14:17 - 2016-12-17 14:17 - 000000000 ___AC [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\wix{55BB2110-FB43-49B3-93F4-945A0CFB0A6C}.SchedServiceConfig.rmi
2017-01-02 15:07 - 2017-01-02 15:07 - 000000000 ___AC [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\wix{60865E78-1AC5-4532-A6B0-4B028DE8A076}.SchedServiceConfig.rmi
2017-07-12 22:03 - 2017-07-12 22:03 - 000000000 ___AC [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\wix{661C79C2-D156-419C-81CA-D1A2523B0841}.SchedServiceConfig.rmi
2017-02-05 18:11 - 2017-02-05 18:11 - 000000000 ___AC [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\wix{7774002B-60B3-4146-BF82-5BF767D468B8}.SchedServiceConfig.rmi
2017-10-23 23:28 - 2017-10-23 23:28 - 000000000 ___AC [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\wix{79C4A62C-8CC2-44AC-91FE-1299A215B4B7}.SchedServiceConfig.rmi
2017-03-25 13:46 - 2017-03-25 13:46 - 000000000 ___AC [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\wix{BC5A9829-B67F-4E3A-83EE-0CDBDB6FBA1C}.SchedServiceConfig.rmi
2017-09-09 14:48 - 2017-09-09 14:48 - 000000000 ___AC [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\wix{C22F76F2-AC9E-44BA-B297-71485F94022F}.SchedServiceConfig.rmi
2017-11-05 12:12 - 2017-11-05 12:12 - 000000000 ___AC [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\wix{D03EC4B7-E520-4A6F-974C-4F48533838EC}.SchedServiceConfig.rmi
2017-03-25 12:26 - 2017-03-25 12:26 - 000000000 ___AC [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\wix{DB18F1C0-846F-46F5-A074-5B97C8AF5C8E}.SchedServiceConfig.rmi
2017-05-13 07:48 - 2017-05-13 07:48 - 000000000 ___AC [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\wix{E2237AB2-C484-4362-A5B8-20F8389C0E89}.SchedServiceConfig.rmi
2017-09-25 06:44 - 2017-09-25 06:44 - 000000000 ___AC [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\wix{E3C4B99B-BE71-4C27-8E3C-4FAE3C46E1D5}.SchedServiceConfig.rmi
2017-08-27 10:08 - 2017-08-27 10:08 - 000000000 ___AC [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\wix{E972AE5C-71B3-4D35-8193-BC4CC2F1FA20}.SchedServiceConfig.rmi
2017-10-06 06:19 - 2017-10-06 06:19 - 000000000 ___AC [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\wix{F0142122-F47D-4003-8747-7096FEC87429}.SchedServiceConfig.rmi
2013-08-08 11:10 - 2013-08-08 11:10 - 000000000 __SHD [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\$PatchCache$
2013-08-08 11:10 - 2017-11-18 15:16 - 000000000 __SHD [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\$PatchCache$\Managed
2016-12-27 12:45 - 2016-12-27 13:50 - 000000000 _ASHD [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC
2016-12-27 13:46 - 2017-10-11 10:56 - 000000008 ___RA [FD94FD67347ADDD47A75F28EA98552BE] () C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\CacheSize.txt
2016-12-27 12:45 - 2017-10-11 10:56 - 000000000 __SHD [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763
2010-03-23 10:55 - 2010-03-23 10:55 - 000548792 ___RA [E045BCC73EBE6CC7F618D82B4210A33F] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\ACACEDAO.DLL
2010-03-24 20:28 - 2010-03-24 20:28 - 001449312 ___RA [A1CBF221F65A4A957A1561E94C05D2BA] () C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\ACCICONS.EXE
2010-02-28 04:33 - 2010-02-28 04:33 - 000164224 ___RA [879D926BCBB25A2982480695A6EA0586] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\ACCWIZ.DLL
2010-03-23 10:55 - 2010-03-23 10:55 - 002193800 ___RA [80907D13729267709DD483A85BB2AF7F] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\ACECORE.DLL
2010-03-23 10:55 - 2010-03-23 10:55 - 000548792 ___RA [E045BCC73EBE6CC7F618D82B4210A33F] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\ACEDAO.DLL
2010-03-23 10:54 - 2010-03-23 10:54 - 000037776 ___RA [B9185C7774FDD22955C908596EDF85ED] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\ACEERR.DLL
2010-03-23 10:55 - 2010-03-23 10:55 - 000686504 ___RA [0C84365CE19B97C419F87A720227FBE9] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\ACEES.DLL
2010-03-23 10:54 - 2010-03-23 10:54 - 000334752 ___RA [5B944624E1835F6DA7F1685514BABF8A] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\ACEEXCH.DLL
2010-03-23 10:55 - 2010-03-23 10:55 - 000643992 ___RA [7013D26A59FD6CF267678D6CC3AA2691] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\ACEEXCL.DLL
2010-03-22 20:51 - 2010-03-22 20:51 - 000278448 ___RA [BDBF69862A56A4375EE37CD271E160A5] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\ACEODBC.DLL
2010-03-22 20:51 - 2010-03-22 20:51 - 000014776 ___RA [A4E707489842E44D60EE0A8D88E7C5CA] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\ACEODDBS.DLL
2010-03-22 20:51 - 2010-03-22 20:51 - 000014776 ___RA [041BFBF0A7099FAFDD4D774E3FE8694A] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\ACEODEXL.DLL
2010-03-22 20:51 - 2010-03-22 20:51 - 000014776 ___RA [D1E0D7A45E212F8E13023CE99CB7F2D3] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\ACEODTXT.DLL
2010-03-23 10:55 - 2010-03-23 10:55 - 000383904 ___RA [17A9205D14E613F1811B4268C75A3C61] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\ACEOLEDB.DLL
2010-03-22 20:51 - 2010-03-22 20:51 - 000329624 ___RA [2155C4FF52DF49B28E4B5047AED81AAD] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\ACER3X.DLL
2010-03-22 20:51 - 2010-03-22 20:51 - 000044480 ___RA [1E62D484BCE21497F9DF28C8B841A2EE] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\ACERCLR.DLL
2010-03-23 10:55 - 2010-03-23 10:55 - 000527776 ___RA [7794DE592823C94D3F041653F1DCF5CD] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\ACEREP.DLL
2010-03-23 10:54 - 2010-03-23 10:54 - 000220560 ___RA [03E380F4D9405B4BC57A08EBBA141B2D] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\ACETXT.DLL
2010-03-23 10:55 - 2010-03-23 10:55 - 003049376 ___RA [6241BCC05F42078E322F9B2969047074] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\ACEWDAT.DLL
2010-03-23 10:55 - 2010-03-23 10:55 - 000362904 ___RA [635ED91A94BFBB715E138946B236400A] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\ACEXBE.DLL
2010-03-12 22:54 - 2010-03-12 22:54 - 000021089 ___RA [4EB3F9D0247EE4F58C3F3DA71FA60893] () C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\ADJACENCY.EFTX
2010-03-12 22:54 - 2010-03-12 22:54 - 000053418 ___RA [EC6A4326EF8F62C1F43F91603C58F4CD] () C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\ADJACENCY.THMX
2010-03-12 22:54 - 2010-03-12 22:54 - 000027365 ___RA [0A931D8406EF74ECA48CE23985F8E4AE] () C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\ANGLES.EFTX
2010-03-12 22:54 - 2010-03-12 22:54 - 000069784 ___RA [74EC4D775001CD4E8D5C41B2F7921165] () C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\ANGLES.THMX
2009-11-03 18:23 - 2009-11-03 18:23 - 000380164 ___RA [CD6003BEE4534018F04F863E94400574] () C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\APA.XSL
2010-03-12 22:51 - 2010-03-12 22:51 - 000218310 ___RA [DEF6797E20E3B3DA04FDABBC318FC6ED] () C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\APEX.EFTX
2010-03-12 22:51 - 2010-03-12 22:51 - 000259111 ___RA [A7DD56E8F1190D3316B78AD03458178C] () C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\APEX.THMX
2010-03-12 22:53 - 2010-03-12 22:53 - 000049025 ___RA [3C17D039255B0710A17AB99414F4A3B1] () C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\APOTHECARY.EFTX
2010-03-12 22:53 - 2010-03-12 22:53 - 000088662 ___RA [F8B47166763341B13391E25B10883E73] () C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\APOTHECARY.THMX
2006-07-14 11:01 - 2006-07-14 11:01 - 000173936 ___RA [0DB23B28D4618EDF1092B957595806AA] () C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\ARIALN.TTF
2006-07-14 11:01 - 2006-07-14 11:01 - 000178864 ___RA [A124283ED04FA46545C082804D5F6680] () C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\ARIALNB.TTF
2006-07-14 11:01 - 2006-07-14 11:01 - 000178316 ___RA [6AFA78FF1D085CFD36052DB38DB5410E] () C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\ARIALNBI.TTF
2006-07-14 11:01 - 2006-07-14 11:01 - 000179368 ___RA [9A10B99D75AD856FCEB12BFEF8F0799C] () C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\ARIALNI.TTF
2010-01-18 20:59 - 2010-01-18 20:59 - 000100280 ___RA [1F023F9FA2F0CD85F2FAF91CE4C301B0] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\ASLTS.DLL
2010-01-18 20:59 - 2010-01-18 20:59 - 000998776 ___RA [2A1E4409544BA2A8791716AC6A2C4E50] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\ASMAIN.DLL
2010-03-12 22:51 - 2010-03-12 22:51 - 000022554 ___RA [D753BEEC47F9A95DB2942757715CC4F9] () C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\ASPECT.EFTX
2010-03-12 22:51 - 2010-03-12 22:51 - 000068069 ___RA [2989283D920D6F4DF6BC168172081448] () C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\ASPECT.THMX
2010-01-18 20:59 - 2010-01-18 20:59 - 002182040 ___RA [5D7D8A2F26EC9A2DB41E236012526C16] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\ASSAPIFE.DLL
2010-03-12 22:53 - 2010-03-12 22:53 - 000026989 ___RA [B8BC50EBBB22A14820FEB74A826DE2C4] () C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\AUSTIN.EFTX
2010-03-12 22:53 - 2010-03-12 22:53 - 000095803 ___RA [DD93FBD88902D1F1A24C85A6386D7FDE] () C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\AUSTIN.THMX
2010-03-12 22:54 - 2010-03-12 22:54 - 000618119 ___RA [D4555290F42B17459FEFF595001E1E84] () C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\BLACKTIE.EFTX
2010-03-12 22:54 - 2010-03-12 22:54 - 000655107 ___RA [9FE5B7FE3BAE2638BCD597FE1D84951C] () C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\BLACKTIE.THMX
2008-10-20 21:30 - 2008-10-20 21:30 - 000811052 ___RA [A78CFAD3BEB089A6CE86D4E280FA270B] () C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\CALIBRI.TTF
2008-10-20 21:30 - 2008-10-20 21:30 - 000848720 ___RA [C8980F67879F6F08737D47C2ECB1CC43] () C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\CALIBRIB.TTF
2008-10-20 21:30 - 2008-10-20 21:30 - 000853348 ___RA [3E14931180B08416DD7C967A7163F8EA] () C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\CALIBRII.TTF
2008-10-20 21:30 - 2008-10-20 21:30 - 000899560 ___RA [4B688FFC60E79CBD3BBA465966A58E73] () C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\CALIBRIZ.TTF
2009-12-17 08:37 - 2009-12-17 08:37 - 001622732 ___RA [530E4F16910BE9010CCDDA67146E8438] () C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\CAMBRIA.TTC
2009-12-17 08:37 - 2009-12-17 08:37 - 000792488 ___RA [D31DC878AFC08E5496FE44E865E6E1E1] () C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\CAMBRIAB.TTF
2009-12-17 08:37 - 2009-12-17 08:37 - 000827080 ___RA [CB6A1F05A189681DE7658B456C65A5B3] () C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\CAMBRIAI.TTF
2009-12-17 08:37 - 2009-12-17 08:37 - 000805864 ___RA [53009A01197C7AE27F8D487A333883DB] () C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\CAMBRIAZ.TTF
2010-03-01 05:18 - 2010-03-01 05:18 - 000397656 ___RA [7C64B58DF67B84268B4B44E3F906119C] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\CDLMSO.DLL
2010-03-12 22:51 - 2010-03-12 22:51 - 000042917 ___RA [CAB188D6746E87D1888800AC65D13841] () C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\CIVIC.EFTX
2010-03-12 22:51 - 2010-03-12 22:51 - 000101393 ___RA [A38A034AC6D920900FC0AD79CC0792E9] () C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\CIVIC.THMX
2010-03-12 22:53 - 2010-03-12 22:53 - 000032818 ___RA [384730F83186C9A6399DC9D9828641FB] () C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\CLARITY.EFTX
2010-03-12 22:53 - 2010-03-12 22:53 - 000067060 ___RA [B378D8BB51165A98800E528EEE514DF3] () C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\CLARITY.THMX
2010-02-28 02:19 - 2010-02-28 02:19 - 000211320 ___RA [A351A9E5B19018821AB612496DA0C2C3] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\CLVIEW.EXE
2010-03-12 22:54 - 2010-03-12 22:54 - 000533988 ___RA [5C0BF1E01C235CE85EDF568DBB0A6D73] () C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\COMPOSITE.EFTX
2010-03-12 22:54 - 2010-03-12 22:54 - 000568653 ___RA [EDCFCAD520ED5F2E4AB24CF020640600] () C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\COMPOSITE.THMX
2010-03-12 22:51 - 2010-03-12 22:51 - 000022417 ___RA [AD23423CD365D5B9AF074A91DEC42306] () C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\CONCOURSE.EFTX
2010-03-12 22:51 - 2010-03-12 22:51 - 000074765 ___RA [BB8CB42CDC126266DD1D0E74B760C5CA] () C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\CONCOURSE.THMX
2008-10-10 14:17 - 2008-10-10 14:17 - 000358256 ___RA [FE4A6C771135C7D60C684B564466E82A] () C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\CONSOLA.TTF
2008-10-10 14:17 - 2008-10-10 14:17 - 000368520 ___RA [7682F23182F0DFC5C2DF3B6514A6A7BF] () C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\CONSOLAB.TTF
2008-10-10 14:18 - 2008-10-10 14:18 - 000364864 ___RA [4E16EB4AC91E44DC73ABD3A7D4ED465A] () C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\CONSOLAI.TTF
2008-10-10 14:17 - 2008-10-10 14:17 - 000375056 ___RA [5BFEE98BBA28A476EFCCC84E0E325D68] () C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\CONSOLAZ.TTF
2009-10-13 15:16 - 2009-10-13 15:16 - 000448768 ___RA [39D51726A8C8B7EB4BB6FAB61D16841A] () C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\CONSTAN.TTF
2009-10-13 15:16 - 2009-10-13 15:16 - 000450848 ___RA [B411B0999020C9C25B8151E359197150] () C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\CONSTANB.TTF
2009-10-13 15:16 - 2009-10-13 15:16 - 000447772 ___RA [68948EA9BC8B232CC5664E2AAB39C80C] () C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\CONSTANI.TTF
2009-10-13 15:16 - 2009-10-13 15:16 - 000454588 ___RA [1AD619060822679A34DB35A498F98ECC] () C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\CONSTANZ.TTF
2010-02-28 02:12 - 2010-02-28 02:12 - 000167808 ___RA [AE9585C548D4C0D09B51E07A9E7A7D73] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\CONTACTPICKER.DLL
2010-03-12 22:54 - 2010-03-12 22:54 - 001967905 ___RA [2E504F99A9C62E59179CD255F9D1FF73] () C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\COUTURE.EFTX
2010-03-12 22:54 - 2010-03-12 22:54 - 002003652 ___RA [E3EAC64F8643857BAC20BEA09C8237CE] () C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\COUTURE.THMX
2010-03-25 10:24 - 2010-03-25 10:24 - 003491248 ___RA [445A7C17A2BC7B6158DE99C835AED6C8] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\CSI.DLL.x86
2010-03-25 10:24 - 2010-03-25 10:24 - 001219456 ___RA [90EB8302D718D028B2BF5BD96B863FED] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\CSISOAP.DLL.x86
2008-06-30 01:42 - 2008-06-30 01:42 - 000001343 ___RA [FF4E7C50EF8D79478C07DE965C15D97B] () C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\CUSTOM.PD
2010-02-28 02:09 - 2010-02-28 02:09 - 000838536 ___RA [A41E524F8D45F0074FD07805FF0C9B12] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\DW20.EXE_0001
2010-02-28 02:09 - 2010-02-28 02:09 - 000519584 ___RA [C87E561258F2F8650CEF999BF643A731] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\DWTRIG20.EXE
2010-03-12 22:54 - 2010-03-12 22:54 - 000314017 ___RA [660ACD931FE029FDE7B50F488AA9DCBA] () C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\ELEMENTAL.EFTX
2010-03-12 22:54 - 2010-03-12 22:54 - 000349663 ___RA [6BAD7C529B8B3F63C605879DAFA50777] () C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\ELEMENTAL.THMX
2010-03-13 00:59 - 2010-03-13 00:59 - 000048512 ___RA [37E0CB2EEA041E297FB703F6A42A656B] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\ENTITYDH.DLL
2010-03-13 00:59 - 2010-03-13 00:59 - 000196480 ___RA [4E79F44FED56B9E24E74DE3987A7BB7D] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\ENTITYPICKER.DLL
2010-03-12 22:52 - 2010-03-12 22:52 - 000024611 ___RA [0D330D509762BD44F9301E2AB5819D24] () C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\EQUITY.EFTX
2010-03-12 22:52 - 2010-03-12 22:52 - 000069473 ___RA [6D305058324319C2F76F294701C71E72] () C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\EQUITY.THMX
2010-03-12 22:53 - 2010-03-12 22:53 - 000016350 ___RA [2047C6719B4204380CD0F4DCF9C1911A] () C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\ESSENTIAL.EFTX
2010-03-12 22:53 - 2010-03-12 22:53 - 000049784 ___RA [B743E95BA7685E699BE7D2BF84E6E263] () C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\ESSENTIAL.THMX
2010-03-13 14:53 - 2010-03-13 14:53 - 020753760 ___RA [A53CC4C0FA7DA7CDC8DDDF4A0E6123F9] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\EXCEL.EXE
2010-03-13 00:36 - 2010-03-13 00:36 - 000001194 ___RA [3DCFE9688CA733A76F82D03D7EF4A21F] () C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\EXCEL.MAN
2010-03-12 22:54 - 2010-03-12 22:54 - 000021156 ___RA [24E8D309C04B2C14B06735B0AAB68739] () C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\EXECUTIVE.EFTX
2010-03-12 22:54 - 2010-03-12 22:54 - 000055112 ___RA [E61DE7AE6CDA8B19CA7E6F2CD64E2675] () C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\EXECUTIVE.THMX
2010-03-23 11:03 - 2010-03-23 11:03 - 000104824 ___RA [8FE56174F2696B09EDC0EBAC42119D84] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\EXP_PDF.DLL
2010-03-22 20:36 - 2010-03-22 20:36 - 000058232 ___RA [74EB52F0A349765DC757749DC9A0A16E] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\EXP_XPS.DLL
2010-02-25 11:07 - 2010-02-25 11:07 - 000452936 ___RA [C9978EDA975F98F26AF49E5D2B1286C1] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\EXPSRV.DLL
2010-02-13 06:25 - 2010-02-13 06:25 - 000081280 ___RA [1BB35FF7F5E1D2994B961177A51D05EB] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\FBIBLIO.DLL
2009-05-23 04:58 - 2009-05-23 04:58 - 000877368 ___RA [23FDB0C309E188A5E3C767F8FC557D83] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\FL_hxds_dll_____X86.3643236F_FC70_11D3_A536_0090278A1BB8
2009-05-23 05:09 - 2009-05-23 05:09 - 001662800 ___RA [0E0DD8759FACD9F2BD6A8AE09080961C] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\FL_ITIRCL55_DLL_74435_____X86.3643236F_FC70_11D3_A536_0090278A1BB8
2009-05-23 04:56 - 2009-05-23 04:56 - 000271184 ___RA [01BB0DCD4CA2F979CF354C8506307404] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\FL_msitss55_dll_74436_____X86.3643236F_FC70_11D3_A536_0090278A1BB8
2005-03-18 12:33 - 2005-03-18 12:33 - 000007168 ___RA [C45DA2858EFEC664C9551CC6305049CC] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\FL_msosec_dll_____X86.3643236F_FC70_11D3_A536_0090278A1BB8
2005-03-03 08:50 - 2005-03-03 08:50 - 000344064 ___RA [F086B948EF39444C674C560787344487] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\FL_msvcr71_dll_11_____X86.3643236F_FC70_11D3_A536_0090278A1BB8
2005-03-18 11:47 - 2005-03-18 11:47 - 000081920 ___RA [3D33C9958991493B90B648AEC600E2C3] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\FL_otkloadr_dll_____X86.3643236F_FC70_11D3_A536_0090278A1BB8
2009-06-03 21:13 - 2009-06-03 21:13 - 000046952 ___RA [443932DCA7E64AA74B9EBE17AB6BF57A] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\FL_System_AddIn_Contract_dll_142486_____X86.3643236F_FC70_11D3_A536_0090278A1BB8
2010-03-12 22:52 - 2010-03-12 22:52 - 000026648 ___RA [40761D366DD860F6FC45F2A4F423ACBF] () C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\FLOW.EFTX
2010-03-12 22:52 - 2010-03-12 22:52 - 000065704 ___RA [890D4A50F55F469EB36C4B6F072B6333] () C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\FLOW.THMX
2010-02-04 04:41 - 2010-02-04 04:41 - 000120160 ___RA [55D4ACD4B1F8C060E4E880C213E5EB79] () C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\FLTLDR.EXE
2010-02-20 17:20 - 2010-02-20 17:20 - 001207144 ___RA [77AEA0D843AFFB4B99E7D8E405554663] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\FM20.DLL
2010-03-12 22:52 - 2010-03-12 22:52 - 000018226 ___RA [F62F1558DBE33824809B1B272ACC8621] () C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\FOUNDRY.EFTX
2010-03-12 22:52 - 2010-03-12 22:52 - 000063508 ___RA [B72B91975AD23430B4B94BA05195C4A3] () C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\FOUNDRY.THMX
2010-03-11 11:56 - 2010-03-11 11:56 - 001651576 ___RA [B9DF13A0FC2041596AFABD260F368629] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\FPSRVUTL.DLL
2010-01-10 19:49 - 2010-01-10 19:49 - 000983440 ___RA [4D9AAF61563A5D3B818B878CA68F08B5] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\FPWEC.DLL.x86
2009-03-20 13:41 - 2009-03-20 13:41 - 001805616 ___RA [B26B20369ADFEF2B3D65D266E0625FE2] () C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\GABRIOLA.TTF
2010-03-01 05:08 - 2010-03-01 05:08 - 001746280 ___RA [2D46FE04E42B14E4C381ED6FD074236E] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\GFX.DLL
2010-03-01 05:20 - 2010-03-01 05:20 - 003355008 ___RA [4FCB34BD16081EFF775E7161B6F4341A] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\GKEXCEL.DLL
2010-03-01 05:20 - 2010-03-01 05:20 - 002102656 ___RA [19AFC1A3BA3768CA644185491ED60D49] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\GKPOWERPOINT.DLL
2010-03-01 05:20 - 2010-03-01 05:20 - 002323840 ___RA [414A579E78B0349BD787E51A7B587663] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\GKWORD.DLL
2010-03-12 22:45 - 2010-03-12 22:45 - 004299648 ___RA [B6ABA3B6872D0E4957D860BF050FBF64] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\GRAPH.EXE
2003-12-03 13:47 - 2003-12-03 13:47 - 000000766 ___RA [58F5AC079150EECE385C296FFB565A16] () C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\GRAPH.ICO
2010-03-12 22:32 - 2010-03-12 22:32 - 000000958 ___RA [0757EAA546FA98BE2A1C646C7341D6B7] () C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\GRAPH.MAN
2010-03-12 22:53 - 2010-03-12 22:53 - 000018639 ___RA [32BD4FBC86E05220AF66A9D7D867AA63] () C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\GRID.EFTX
2010-03-12 22:53 - 2010-03-12 22:53 - 000053984 ___RA [B735F4B00626D21BAF78573D308EA5F7] () C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\GRID.THMX
2010-03-25 10:25 - 2010-03-25 10:25 - 030969208 ___RA [334A6B52049C0A30A89369785E05027A] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\GROOVE.EXE
2010-03-25 10:25 - 2010-03-25 10:25 - 004222864 ___RA [94CA6D847D08514A087E8A4C43D65BF9] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\GROOVEEX.DLL.x86
2010-03-24 21:17 - 2010-03-24 21:17 - 000944008 ___RA [818CB3B1D36F079B03E79E23D0FBD83A] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\GROOVEMN.EXE
2010-03-12 22:53 - 2010-03-12 22:53 - 000350689 ___RA [F4CAA3B5C8BBFB5C09B6619B1223139A] () C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\HARDCOVER.EFTX
2010-03-12 22:53 - 2010-03-12 22:53 - 000393281 ___RA [E6F5632306340CE3F10AB2D75A63474A] () C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\HARDCOVER.THMX
2010-03-12 22:55 - 2010-03-12 22:55 - 000211090 ___RA [AD29076DF0EA0C711787287328CF1698] () C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\HORIZON.EFTX
2010-03-12 22:55 - 2010-03-12 22:55 - 000245451 ___RA [C270C9AE16448F37B2C34FB93A682348] () C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\HORIZON.THMX
2010-01-09 21:37 - 2010-01-09 21:37 - 002675552 ___RA [722BD0029D77BA0BF673E181085A2A71] () C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\IACOM2.DLL.x86
2010-01-09 21:35 - 2010-01-09 21:35 - 000195936 ___RA [779700712DC4A25AE84D641B5282E768] () C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\IEAWSDC.DLL.x86
2010-02-28 04:41 - 2010-02-28 04:41 - 000578472 ___RA [42D927353EBD38247C45F73BE30E5438] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\IECONTENTSERVICE.EXE
2010-03-22 20:36 - 2010-03-22 20:36 - 000178560 ___RA [9681576145CACE2266D8805AB4C766AC] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\IETAG.DLL
2010-03-30 08:36 - 2010-03-30 08:36 - 001734000 ___RA [E7667239FC311CBBC86E84C7D4ED1F23] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\INFOPATH.EXE
2004-08-04 00:56 - 2004-08-04 00:56 - 000272896 ___RA [9B5082BA4729F884305EC4879C78C408] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\InkDiv.dll.8F02A4B3_A7D7_4F8C_87BE_FAF06999D9A2
2010-02-28 02:13 - 2010-02-28 02:13 - 000403832 ___RA [CF8E701E518A481D75C52A05EC64291C] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\INLAUNCH.DLL.x86
2010-03-24 20:44 - 2010-03-24 20:44 - 029016064 ___RA [B0E2D1382AB769B02D53DA5FD0FD94F9] () C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\INSTALLED_RESOURCES14.XSS
2010-03-24 20:44 - 2010-03-24 20:44 - 000544768 ___RA [48B088350550274679C298DB74C54EB8] () C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\INSTALLED_SCHEMAS14.XSS
2010-10-20 15:43 - 2010-10-20 15:43 - 000011648 ___RA [E4B4C7E36666DFC37C55691C63931D25] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\INTGMAT.DLL
2010-01-09 22:25 - 2010-01-09 22:25 - 000079232 ___RA [855957B959044C6DE9EEA9AE86FF677C] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\INTLDATE.DLL_0001
2010-10-20 15:43 - 2010-10-20 15:43 - 000018816 ___RA [1474624093537981BB6F9C3380C81BC3] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\INTMAPI.DLL
2010-03-30 08:36 - 2010-03-30 08:36 - 005867896 ___RA [88BA0ECB0CA7CD9B132C34EFB91290D4] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\IPDESIGN.DLL
2010-03-30 08:36 - 2010-03-30 08:36 - 005496688 ___RA [201C18FE620BD5A72CBCEBE8F5CAF4C3] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\IPEDITOR.DLL
2010-03-29 20:45 - 2010-03-29 20:45 - 000169352 ___RA [1A144432F3DF6332A5D6F941FA4294FA] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\IPOLK.DLL
2016-12-27 12:45 - 2016-12-27 12:45 - 000120744 ___RA [F7EB7A8AE50075F53819BA22599B3A2E] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\IPOMINT.DLL
2016-12-27 12:45 - 2016-12-27 12:45 - 000051072 ___RA [0810C44901F6BE8B07C6CB4010E0DB4D] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\LOBIAUT.DLL
2016-12-27 12:45 - 2016-12-27 12:45 - 000518016 ___RA [9613F6607D8CEB6DCA8C8CC037D0B863] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\LOBIBDCA.DLL
2010-03-13 00:58 - 2010-03-13 00:58 - 000518016 ___RA [9613F6607D8CEB6DCA8C8CC037D0B863] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\LOBIBDCR.DLL
2010-03-13 14:54 - 2010-03-13 14:54 - 000447872 ___RA [353F5573057F126157FC38940D1E0650] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\LOBICLI.DLL
2010-03-13 00:58 - 2010-03-13 00:58 - 000567168 ___RA [AF35492991C59E09FAEFD8A528386EE7] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\LOBICLNR.DLL
2016-12-27 12:45 - 2016-12-27 12:45 - 000567168 ___RA [AF35492991C59E09FAEFD8A528386EE7] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\LOBICLNT.DLL
2010-03-13 00:59 - 2010-03-13 00:59 - 000014208 ___RA [5C16686CE3947573D9759BBB13C01907] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\LOBICUI.DLL
2016-12-27 12:45 - 2016-12-27 12:45 - 000960384 ___RA [F433BBD7C984E266A518FD567E5F5DB8] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\LOBIOBDA.DLL
2010-03-13 00:58 - 2010-03-13 00:58 - 000960384 ___RA [F433BBD7C984E266A518FD567E5F5DB8] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\LOBIOBDR.DLL
2010-03-13 14:54 - 2010-03-13 14:54 - 000091520 ___RA [901AA7A38CE13F14B6BBEC38C0595698] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\LOBISRV.EXE
2016-12-27 12:45 - 2016-12-27 12:45 - 001689472 ___RA [A26021C2A3492F9D93D184910FB48FB1] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\LOBISYNC.DLL
2016-12-27 12:45 - 2016-12-27 12:45 - 000169856 ___RA [4D59915A60A53CABB72AC8A49A8D8B21] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\LOBITOIN.DLL
2016-12-27 12:45 - 2016-12-27 12:45 - 000427904 ___RA [A9B602AC809A59B07B0677013741C829] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\LOBITOOL.DLL
2010-03-13 14:54 - 2010-03-13 14:54 - 000152448 ___RA [13AD2D4442346E7609DB0FBE9CD42D00] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\LOBIWAD.DLL
2010-02-28 02:15 - 2010-02-28 02:15 - 000105328 ___RA [A714719D146286BB27C3BA6DCBEF3A36] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\MCPS.DLL_0001
2010-02-28 02:15 - 2010-02-28 02:15 - 000698216 ___RA [852BFD78ADBE1FCC7082EBA9647A917B] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\MEDCAT.DLL
2010-03-12 22:52 - 2010-03-12 22:52 - 000039546 ___RA [9265EB5612B163832B37260CB416E15A] () C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\MEDIAN.EFTX
2010-03-12 22:52 - 2010-03-12 22:52 - 000083623 ___RA [F85395E6D2D7463F65853CF557ECD2BF] () C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\MEDIAN.THMX
2010-03-12 22:52 - 2010-03-12 22:52 - 000024117 ___RA [B4AC246FCC730037D026231888A8D2C4] () C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\METRO.EFTX
2010-03-12 22:52 - 2010-03-12 22:52 - 000080625 ___RA [95C01AB56F7099FF5BD2F25F7E4DBA97] () C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\METRO.THMX
2010-03-24 20:28 - 2010-03-24 20:28 - 000571232 ___RA [FB3C8178AD435B5B2194D5CE774E1F53] () C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\MISC.EXE
2010-03-12 22:52 - 2010-03-12 22:52 - 000043357 ___RA [9E2283D204CF6B542AA80D83EECD7789] () C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\MODULE.EFTX
2010-03-12 22:52 - 2010-03-12 22:52 - 000088122 ___RA [9A1827B5311E30401DF6782875983AEE] () C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\MODULE.THMX
2010-03-01 04:56 - 2010-03-01 04:56 - 000457104 ___RA [37E02B1F46003E9787552D40E3E91978] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\MORPH9.DLL
2010-03-01 05:09 - 2010-03-01 05:09 - 013988704 ___RA [87232C8139F1CD82A2C3E39070D30B52] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\MSACCESS.EXE
2010-02-28 03:56 - 2010-02-28 03:56 - 000001376 ___RA [4E859AD3F09769CFDFF7DC102D907FDA] () C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\MSACCESS.MAN
2010-01-04 20:07 - 2010-01-04 20:07 - 000099136 ___RA [0FEBE1EFB25DAAC6F6F301B6E341DFF4] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\MSADDNDR.DLL
2010-03-01 05:09 - 2010-03-01 05:09 - 000061832 ___RA [44CA2D7979377FAD7FDED08BC44568EC] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\MSAEXP30.DLL
2009-12-19 14:28 - 2009-12-19 14:28 - 001069376 ___RA [D7EEF2C46A9880F21BE01511024B53AB] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\MSCOMCTL.OCX
2010-01-09 21:50 - 2010-01-09 21:50 - 000119160 ___RA [BCBB7281E2FFEC8F8494052FC31CB7EF] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\MSCONV97.DLL
2009-09-04 09:02 - 2009-09-04 09:02 - 000591680 ___RA [281BEB41E48CCC6CD3F41D6962AFCFB9] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\MSLID.DLL
|
|
26.11.2017, 17:34
| #10 |
| | windows10: AVIRA meldet Trojaner-FundCode:
ATTFilter 2010-03-23 11:03 - 2010-03-23 11:03 - 018743168 ___RA [05EAB393E0331875EC800E0620FA18B4] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\MSO.DLL.x86
2010-03-01 05:17 - 2010-03-01 05:17 - 000152952 ___RA [294DA4B7D8617F01435417DDC46B0E65] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\MSOCF.DLL
2010-01-10 19:48 - 2010-01-10 19:48 - 000018832 ___RA [19F501C5E3D7885CB69C2B0CC7C24CF3] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\MSOCFU.DLL
2010-03-01 05:17 - 2010-03-01 05:17 - 000014736 ___RA [6441E45F6A770FC5067F3C1C58A61CBC] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\MSOCFUIU.DLL
2010-03-06 05:29 - 2010-03-06 05:29 - 000501088 ___RA [767B256E9738EB4BE9E8E498A12FC573] () C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\MSODCW.DLL
2010-01-09 21:21 - 2010-01-09 21:21 - 000078208 ___RA [47FC5A4A45E883A36AFF884B3E6073B1] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\MSOHEV.DLL.x86
2010-01-09 21:21 - 2010-01-09 21:21 - 000061824 ___RA [ADA23DCD5DD87CA957AAF1DE9D6CE292] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\MSOHEVI.DLL.x86
2010-01-10 19:49 - 2010-01-10 19:49 - 000071040 ___RA [325898762AF50CC9D7A4C504B7CD6206] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\MSOHTMED.EXE.x86
2010-03-24 20:28 - 2010-03-24 20:28 - 000473952 ___RA [66C88B6782B844BC169C7F792936C0E1] () C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\MSOICONS.EXE
2010-03-22 20:36 - 2010-03-22 20:36 - 072521600 ___RA [ADB5B569D47BB9766BCDD9234296D227] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\MSORES.DLL
2010-03-16 02:58 - 2010-03-16 02:58 - 000718208 ___RA [7AFF1C22E8BC6D8181053FC3590FD0F2] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\MSOSYNC.EXE
2010-03-16 02:58 - 2010-03-16 02:58 - 000360824 ___RA [84B5E431DD9E08590E15BA29D85964D2] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\MSOUC.EXE
2010-03-01 05:18 - 2010-03-01 05:18 - 000050512 ___RA [130DCCB87693EB040F415366627987D3] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\MSOXEV.DLL.x86
2010-02-28 02:13 - 2010-02-28 02:13 - 000116048 ___RA [6ED32D3206C69FD9A591976E64003B18] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\MSOXMLED.EXE.x86
2010-02-28 02:13 - 2010-02-28 02:13 - 000049024 ___RA [81E7E920312D372CF57A817049AC7C76] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\MSOXMLMF.DLL.x86
2010-03-08 19:23 - 2010-03-08 19:23 - 000402824 ___RA [B6F185430D97A57F8B906A0A2371B4F8] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\MSPPT.OLB
2010-03-29 21:47 - 2010-03-29 21:47 - 000218464 ___RA [E645BF5F41067BA0D291B63CF651864B] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\MSPROOF6.DLL
2010-01-09 21:14 - 2010-01-09 21:14 - 000765312 ___RA [21E031845CBB7032B9C0CEAACBFA0744] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\MSPTLS.DLL_0001
2010-03-01 04:56 - 2010-03-01 04:56 - 010272104 ___RA [CAE528636BF78CD4C35A455A120A540D] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\MSPUB.EXE
2010-02-28 02:13 - 2010-02-28 02:13 - 000001205 ___RA [13F314D838B652FB00A8F6BE680A3B2C] () C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\MSPUB.MAN
2010-02-28 02:14 - 2010-02-28 02:14 - 000670048 ___RA [8E251F41569BB6351319DF5C8912E00F] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\MSQRY32.EXE
2010-02-28 02:15 - 2010-02-28 02:15 - 000702312 ___RA [AC1680E8EC648486225893A7E4CCDD49] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\MSTORDB.EXE
2010-02-28 02:15 - 2010-02-28 02:15 - 000106328 ___RA [DBEB7043E6827C215AF3D4E00F59CCB6] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\MSTORE.EXE
2010-02-28 02:15 - 2010-02-28 02:15 - 000421208 ___RA [49CC0E0CECC75EBEF5AE06B12D4AD9C6] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\MSTORES.DLL
2010-03-26 21:52 - 2010-03-26 21:52 - 000901464 ___RA [CF0A0C80FFDD2F64FFFCAC40684960F2] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\MSWORD.OLB
2010-02-28 02:13 - 2010-02-28 02:13 - 000006747 ___RA [DA9352A89F2C3DD42B56450E93F47B49] () C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\MUAUTH.CAB
2010-02-28 02:13 - 2010-02-28 02:13 - 000020880 ___RA [A01D25E24C9774FCC651DCDC88982E67] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\MUOPTIN.DLL
2010-03-02 09:51 - 2010-03-02 09:51 - 000085352 ___RA [1FFD7903C214A9E08C740C3E81744440] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\NAME.DLL.x86
2010-03-02 09:51 - 2010-03-02 09:51 - 000088960 ___RA [3A93CFE88E4604EFD41BA91E350371CC] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\NAMECONTROLSERVER.EXE
2010-03-12 22:55 - 2010-03-12 22:55 - 000582401 ___RA [4DE058355DBC64A2392706B796FE97C8] () C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\NEWSPRINT.EFTX
2010-03-12 22:55 - 2010-03-12 22:55 - 000617159 ___RA [55B9BAFBB5FF52960FB1FCEA4919DBE2] () C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\NEWSPRINT.THMX
2010-01-09 21:23 - 2010-01-09 21:23 - 000169352 ___RA [015751930F57A169F41B4142869CD139] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\OARPMANY.EXE
2010-03-13 15:08 - 2010-03-13 15:08 - 020516712 ___RA [6C04AF4B8FC763DDCBDCF490F1CF16F8] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\OART.DLL
2010-03-13 00:05 - 2010-03-13 00:05 - 011121528 ___RA [6A58A12A4CDBE5D490964B51FD18E804] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\OARTCONV.DLL
2010-03-13 14:54 - 2010-03-13 14:54 - 000123264 ___RA [87D1858C81E357752F69301580256D36] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\OBASTR32.DLL
2010-03-11 00:44 - 2010-03-11 00:44 - 000510904 ___RA [D63CB47F665FF3CAA0CD0DB21B50345F] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\ODEPLOY.EXE
2010-02-17 21:55 - 2010-02-17 21:55 - 000970640 ___RA [5D61A057433BE90E3350D27FAA72941F] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\ODFFILT.DLL.x86
2010-01-30 02:41 - 2010-01-30 02:41 - 004254560 ___RA [74624AEE2D3814E91F60619827DAD662] () C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\OFFICE.ODF
2010-02-28 02:19 - 2010-02-28 02:19 - 007277440 ___RA [A8C0B9DBCE6631686B6A553472FB0EF9] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\OFFOWC.DLL
2010-02-28 02:13 - 2010-02-28 02:13 - 000057312 ___RA [D735455A02EE576757F3B8C745EB0B04] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\OFFRHD.DLL
2010-02-28 02:09 - 2010-02-28 02:09 - 000401784 ___RA [84E2009B9EF293B7A4B40EC0ED892EED] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\OFFXML.DLL
2010-01-09 21:24 - 2010-01-09 21:24 - 003483000 ___RA [6F57D7F114136EE5DF5DB4699D0FCA33] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\OIMG.DLL
2010-02-28 02:21 - 2010-02-28 02:21 - 000274280 ___RA [FFA07A8A98506947812127067D394FB8] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\OIS.EXE
2010-02-28 02:21 - 2010-02-28 02:21 - 000886640 ___RA [E1937954F0604F96350F53DD0B2923CD] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\OISAPP.DLL
2010-02-28 02:21 - 2010-02-28 02:21 - 000022920 ___RA [3AB62F6DF0773E14B2EB84D6E7549B36] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\OISCTRL.DLL.x86
2010-02-28 02:21 - 2010-02-28 02:21 - 000259960 ___RA [DB3EDA5DD0661F325E6A2E4A3E1259B5] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\OISGRAPH.DLL
2010-03-22 20:36 - 2010-03-22 20:36 - 000015776 ___RA [1007CB5812EB8FE0271AA072BDAD60D1] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\OMUOPTINPS.DLL
2010-02-28 04:41 - 2010-02-28 04:41 - 000643472 ___RA [97B792AB337F7274CD3CFC59BD73A931] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\ONBTTNIE.DLL.x86
2010-02-28 04:41 - 2010-02-28 04:41 - 000496528 ___RA [7D13B35D051BEBE6D2CCADFE17294DB5] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\ONBTTNIELINKEDNOTES.DLL.x86
2010-03-01 05:19 - 2010-03-01 05:19 - 000697728 ___RA [C8ADDA02E3492043F53F2C11C23BDF7B] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\ONBTTNOL.DLL
2010-02-28 04:41 - 2010-02-28 04:41 - 000533376 ___RA [4325FED445390E0AEBA60C61798AC17D] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\ONBTTNPPT.DLL
2010-02-28 04:41 - 2010-02-28 04:41 - 000533368 ___RA [1D33F2C261A1B4E69FFB815EBE2B0239] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\ONBTTNWD.DLL
2010-03-30 08:29 - 2010-03-30 08:29 - 001676128 ___RA [A1FF7B29E39C85CAB79D9665650F3DDC] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\ONENOTE.EXE
2009-08-12 15:22 - 2009-08-12 15:22 - 000080116 ___RA [97975F89DC5C903016839674966AAAE8] () C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\ONENOTEIRM.XML
2010-03-29 20:26 - 2010-03-29 20:26 - 000227712 ___RA [358AE5DF3E3E62CC9EBD63B145BC3259] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\ONENOTEM.EXE
2010-03-29 20:26 - 2010-03-29 20:26 - 000140144 ___RA [0A1582AA9F31284424049DD355568C2A] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\ONENOTEMANAGED.DLL
2010-03-30 08:29 - 2010-03-30 08:29 - 001177968 ___RA [F9CCA77443DF0A9F79FC585C8D705D54] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\ONFILTER.DLL
2010-03-29 20:26 - 2010-03-29 20:26 - 000063904 ___RA [E726899542176CA3952B135BCCD979FB] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\ONLNTCOMLIB.DLL.x86
2010-03-30 08:29 - 2010-03-30 08:29 - 009182056 ___RA [DC430886F1E9F398087AC13B05D0F13F] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\ONMAIN.DLL
2010-02-28 04:41 - 2010-02-28 04:41 - 000560512 ___RA [263FFBAE3542839D02358B492A0295EA] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\ONPPTADDIN.DLL
2010-02-28 02:48 - 2010-02-28 02:48 - 000920496 ___RA [1C3A1DFEC9211B49FA78926E5C06ACAF] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\ONSYNCPC.DLL.x86
2010-02-28 04:41 - 2010-02-28 04:41 - 000615800 ___RA [CD2F6F1D3188F5E41F6850EBDC1A948B] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\ONWORDADDIN.DLL
2010-03-12 22:52 - 2010-03-12 22:52 - 000032857 ___RA [6D478958A9988EEC4A510B96CACB4AA1] () C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\OPULENT.EFTX
2010-03-12 22:52 - 2010-03-12 22:52 - 000078521 ___RA [986132B80285FF835C51826D1E0A7342] () C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\OPULENT.THMX
2010-01-09 21:52 - 2010-01-09 21:52 - 000541104 ___RA [FF6C9B83A538F5440551FA2ECCFA2AF2] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\ORGCHART.EXE
2010-03-12 22:52 - 2010-03-12 22:52 - 000043193 ___RA [D6536B8D0113E9895F02EADDA33966DA] () C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\ORIEL.EFTX
2010-03-12 22:52 - 2010-03-12 22:52 - 000093940 ___RA [02FE3C15958251D01AED55C999F7CDB5] () C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\ORIEL.THMX
2010-03-12 22:52 - 2010-03-12 22:52 - 000040941 ___RA [D5FDCCFB309014B184FA8EF56D634E6D] () C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\ORIGIN.EFTX
2010-03-12 22:52 - 2010-03-12 22:52 - 000087051 ___RA [D29913075CDD54CC07D4B8E4B024AC0F] () C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\ORIGIN.THMX
2010-01-09 21:18 - 2010-01-09 21:18 - 000149352 ___RA [9D10F99A6712E28F8ACD5641E3A7EA6B] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\OSE.EXE
2010-03-11 00:44 - 2010-03-11 00:44 - 005789544 ___RA [FCC38158C5D62A39E1BA79A29D532240] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\OSETUP.DLL
2010-03-22 20:36 - 2010-03-22 20:36 - 000045984 ___RA [14D21C7C9A40DC7EDF5A9EB1626E6580] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\OSETUPPS.DLL
2009-07-23 10:01 - 2009-07-23 10:01 - 003670016 ___RA [ED103C1D188EA3929663E6B67681F622] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\OUTLFLTR.DAT
2010-03-24 20:22 - 2010-03-24 20:22 - 000519552 ___RA [D68DD58ED953C867048A15937146B782] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\OWSCLT.DLL_0001.x86
2010-03-24 20:22 - 2010-03-24 20:22 - 000134536 ___RA [B665CA7E2E27730222F8D0C3C33DFBCA] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\OWSSUPP.DLL_0001.x86
2010-03-12 22:52 - 2010-03-12 22:52 - 000228746 ___RA [A5859368E425C405F484B45F3FD238BA] () C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\PAPER.EFTX
2010-03-12 22:52 - 2010-03-12 22:52 - 000270822 ___RA [CFC63096A8FACDCAF4613099E0356185] () C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\PAPER.THMX
2010-03-22 20:36 - 2010-03-22 20:36 - 000082848 ___RA [65BEBB5873991A80582AE5CC4074B217] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\PEOPLEDATAHANDLER.DLL
2010-03-12 22:53 - 2010-03-12 22:53 - 000021423 ___RA [84F80EF2C7D18C675EBB485F87043F64] () C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\PERSPECTIVE.EFTX
2010-03-12 22:53 - 2010-03-12 22:53 - 000053594 ___RA [5DB818D22C2339D17D48A042F62EE345] () C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\PERSPECTIVE.THMX
2010-01-09 23:15 - 2010-01-09 23:15 - 000553344 ___RA [7B33B62572140EB7F47077D46F33B9E4] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\PORTCONN.DLL.x86
2010-03-09 09:57 - 2010-03-09 09:57 - 002162024 ___RA [E24133DD836D99182A6227DCF6613D08] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\POWERPNT.EXE
2010-03-08 19:11 - 2010-03-08 19:11 - 000003504 ___RA [10B78A61A4BA96BA0E819F2B24FD34C2] () C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\POWERPNT.MAN
2010-03-09 09:57 - 2010-03-09 09:57 - 009696616 ___RA [3C5258C5252D5F6551338A7064FBB50E] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\PPCORE.DLL
2010-02-28 04:03 - 2010-02-28 04:03 - 000389008 ___RA [76887D511848E7F7504A19F9A5DE097A] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\PPSLAX.DLL.x86
2010-03-24 20:28 - 2010-03-24 20:28 - 003792736 ___RA [A94F27898365A15C2AD064F2B7120A2E] () C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\PPTICO.EXE
2016-12-27 12:45 - 2016-12-27 12:45 - 000386944 ___RA [114882E8C607D45E4769CFFC931CF5BF] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\PPTPIA.DLL
2010-02-28 02:22 - 2010-02-28 02:22 - 000139136 ___RA [A2DFF9AC97D37E802C7DB89A98CD29D7] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\PRTF9.DLL
2010-03-01 04:56 - 2010-03-01 04:56 - 000647552 ___RA [DC03EBD6C9AA21DE4EFBD1596B178346] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\PTXT9.DLL
2010-03-01 04:56 - 2010-03-01 04:56 - 000604024 ___RA [B89D103A351D92FA7AD615E3EFC9DD49] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\PUBCONV.DLL
2010-02-28 02:22 - 2010-02-28 02:22 - 000048504 ___RA [471D39922E3CED5983745269A2AD2F9F] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\PUBTRAP.DLL
2010-03-12 22:54 - 2010-03-12 22:54 - 000782121 ___RA [D8DAC30E7F2A2047E349C87279C95C75] () C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\PUSHPIN.EFTX
2010-03-12 22:54 - 2010-03-12 22:54 - 000825294 ___RA [FFA150A9D122D590DA6C18B0AD1DC84D] () C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\PUSHPIN.THMX
2010-03-01 05:18 - 2010-03-01 05:18 - 001366376 ___RA [E8FF39826F9FD549A649864FC3ACDCD7] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\RICHED20.DLL_0001
2006-08-14 15:43 - 2006-08-14 15:43 - 000155488 ___RA [1DB4F3325262B48E93747A248193DC7F] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\rtscom.dll.99741D6B_FCC2_4B3D_83AB_413A37786D04
2010-02-28 02:13 - 2010-02-28 02:13 - 000521616 ___RA [F6649FF00846C2E3395F45B7F3A3B41D] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\SELFCERT.EXE
2010-02-28 02:12 - 2010-02-28 02:12 - 000033152 ___RA [8401118A57DB08496B03766012A3F47D] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\SETLANG.EXE
2010-03-11 00:44 - 2010-03-11 00:44 - 001100664 ___RA [988166248240A383A509BE7D026E3AB0] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\SETUP.EXE
2010-03-12 22:55 - 2010-03-12 22:55 - 000027789 ___RA [A0DC72BFFBB49234107B56BF084293F6] () C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\SLIPSTREAM.EFTX
2010-03-12 22:55 - 2010-03-12 22:55 - 000067304 ___RA [50B34BAAE0BDDFA584EB376A08E0A7C1] () C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\SLIPSTREAM.THMX
2010-03-01 05:09 - 2010-03-01 05:09 - 000524176 ___RA [480ED9123FF54E7BF820272678B9641A] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\SOA.DLL
2010-03-12 22:52 - 2010-03-12 22:52 - 000027781 ___RA [53AE4D42061DC60308F261F66B73FD92] () C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\SOLSTICE.EFTX
2010-03-12 22:52 - 2010-03-12 22:52 - 000074912 ___RA [E2A91406785EE789799055276011FEC0] () C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\SOLSTICE.THMX
2010-10-20 15:43 - 2010-10-20 15:43 - 000046976 ___RA [A922921A57C9526D4201F980629853AE] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\SPWADDDA.DLL
2010-10-20 15:43 - 2010-10-20 15:43 - 000042880 ___RA [3D4956EB37204D12DBAC45AF8E391478] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\SPWADDDS.DLL
2010-10-20 15:43 - 2010-10-20 15:43 - 000013696 ___RA [3BA49B87E9B7B7F3EB2D52AF854D31CB] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\SPWADDIF.DLL
2010-10-20 15:43 - 2010-10-20 15:43 - 000011136 ___RA [A29140FC24491C62B0D5FBDEF4B507EB] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\SPWADDIT.DLL
2010-10-20 15:43 - 2010-10-20 15:43 - 000019328 ___RA [2DDFC214708ED4CECA1E56FE3771401E] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\SPWADDTO.DLL
2010-03-24 20:22 - 2010-03-24 20:22 - 000094080 ___RA [F6581C574883F8B945890798F7E02643] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\STSCOPY.DLL_0001.x86
2010-03-01 05:07 - 2010-03-01 05:07 - 002831768 ___RA [3B0C4F182DF893F2C277DF598F0DA802] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\STSLIST.DLL
2010-03-24 20:21 - 2010-03-24 20:21 - 000071552 ___RA [ADE91BCB7D7D04FABB9D3630867CA302] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\STSUPLD.DLL_0001.x86
2010-02-28 02:13 - 2010-02-28 02:13 - 000097632 ___RA [B109BDBCD109D5FF336BFAD30D846616] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\TAXONOMYCONTROL.DLL
2010-03-12 22:53 - 2010-03-12 22:53 - 000023692 ___RA [0DD6A623A7805E3D7884C2EA16B82B99] () C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\TECHNIC.EFTX
2010-03-12 22:53 - 2010-03-12 22:53 - 000068995 ___RA [2FE38E66E827E3A448D390A381B72951] () C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\TECHNIC.THMX
2010-03-12 22:54 - 2010-03-12 22:54 - 000041295 ___RA [BAD63A99468AD871D686AC46745D15D4] () C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\THATCH.EFTX
2010-03-12 22:54 - 2010-03-12 22:54 - 000089461 ___RA [E048B80D3E3F86C96C89085F6EB53784] () C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\THATCH.THMX
2010-01-09 21:28 - 2010-01-09 21:28 - 000163840 ___RA [DAD51A3691FF9822DB371F8A2B4AA73F] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\THOCR.PSP
2010-01-09 21:47 - 2010-01-09 21:47 - 000029528 ___RA [7F9CF9C1B1F9E2A44F2A495BA86B31A2] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\THOCRAPI.DLL
2010-03-12 22:53 - 2010-03-12 22:53 - 000129924 ___RA [787BC21A2F13D569562905187E3FAA3C] () C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\TREK.EFTX
2010-03-12 22:53 - 2010-03-12 22:53 - 000172604 ___RA [782504CCDEF6D633E43BC5707624B2DD] () C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\TREK.THMX
2010-01-09 21:47 - 2010-01-09 21:47 - 000133512 ___RA [6AFDC029E6F8F91F08AD953F3045F154] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\TWCUTCHR.DLL
2009-07-11 20:41 - 2009-07-11 20:41 - 000097280 ___RA [3E9A33113D663D8BD5ED38858E669652] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\ul_ATL80.dll.97F81AF1_0E47_DC99_FF1F_C8B3B9A1E18E
2009-07-12 02:47 - 2009-07-12 02:47 - 000007473 ___RA [620C8F7513EE75D9E198B0EDEB91D289] () C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\ul_catalog.97F81AF1_0E47_DC99_FF1F_C8B3B9A1E18E
2009-07-12 02:47 - 2009-07-12 02:47 - 000007473 ___RA [530518933237CDC5669CA2D190B59821] () C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\ul_catalog.98CB24AD_52FB_DB5F_FF1F_C8B3B9A1E18E
2009-07-11 20:41 - 2009-07-11 20:41 - 000000466 ___RA [268D9AB03D40B6B580B4702289F27A7F] () C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\ul_manifest.97F81AF1_0E47_DC99_FF1F_C8B3B9A1E18E
2009-07-12 02:50 - 2009-07-12 02:50 - 000001870 ___RA [D34B3DA03C59F38A510EAA8CCC151EC7] () C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\ul_manifest.98CB24AD_52FB_DB5F_FF1F_C8B3B9A1E18E
2009-07-12 02:08 - 2009-07-12 02:08 - 000479232 ___RA [75F2A9B695EF3EF22D731F059920F636] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\ul_msvcm80.dll.98CB24AD_52FB_DB5F_FF1F_C8B3B9A1E18E
2009-07-12 02:09 - 2009-07-12 02:09 - 000554832 ___RA [8C53CCD787C381CD535D8DCCA12584D8] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\ul_msvcp80.dll.98CB24AD_52FB_DB5F_FF1F_C8B3B9A1E18E
2009-07-12 02:12 - 2009-07-12 02:12 - 000632656 ___RA [1169436EE42F860C7DB37A4692B38F0E] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\ul_msvcr80.dll.98CB24AD_52FB_DB5F_FF1F_C8B3B9A1E18E
2010-03-12 22:53 - 2010-03-12 22:53 - 000019611 ___RA [A12BDD9F0D78058DBC6EC4038CB78E6E] () C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\URBAN.EFTX
2010-03-12 22:53 - 2010-03-12 22:53 - 000064624 ___RA [DB8ED83C2FB7AB9EED86C3EA59A7ADB7] () C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\URBAN.THMX
2010-02-28 02:20 - 2010-02-28 02:20 - 000561552 ___RA [0A63D9A102C3C0209465EA60199E6882] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\URLREDIR.DLL.x86
2010-01-07 05:51 - 2010-01-07 05:51 - 000638800 ___RA [69E5C55137289DE546610C39134A5820] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\USP10.DLL_0002
2010-02-25 11:07 - 2010-02-25 11:07 - 000049488 ___RA [E6C17655925007E9A945E445EA4DF754] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\VBAJET32.DLL
2010-02-25 11:07 - 2010-02-25 11:07 - 000040960 ___RA [AC18D4D2553BDAFE381180A00C4B0053] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\VBE6EXT.OLB
2010-02-25 11:07 - 2010-02-25 11:07 - 002672456 ___RA [AA5F49668D4442DB5948F268883BADCC] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\VBE7.DLL
2010-03-12 22:53 - 2010-03-12 22:53 - 000031224 ___RA [25594BB53C5E67A812F2DE6D61946DF7] () C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\VERVE.EFTX
2010-03-12 22:53 - 2010-03-12 22:53 - 000075264 ___RA [3DF9D0E22C7B1280DCE23AB914562DC8] () C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\VERVE.THMX
2010-03-13 00:04 - 2010-03-13 00:04 - 000900464 ___RA [7EBC4BAC808E5EF9E86F16FAE6BA083C] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\VISSHE.DLL
2010-02-28 03:13 - 2010-02-28 03:13 - 000579968 ___RA [9E918502B1A791C5DCD32D9EC00F0923] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\VPREVIEW.EXE
2010-02-28 03:13 - 2010-02-28 03:13 - 005777784 ___RA [7EDC496DDAF438587A10E64BF509138F] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\VVIEWDWG.DLL.x86
2010-02-28 03:13 - 2010-02-28 03:13 - 004178792 ___RA [2372FD97E7C28CAD198EBB5A5E3128A0] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\VVIEWER.DLL.x86
2010-03-12 22:54 - 2010-03-12 22:54 - 000112504 ___RA [E2E1FC33CBF551A03DE4B6101231A6EA] () C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\WAVEFORM.EFTX
2010-03-12 22:54 - 2010-03-12 22:54 - 000181889 ___RA [9DEFFDB3A9E9DD2967426BB95232BFD9] () C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\WAVEFORM.THMX
2010-03-27 08:38 - 2010-03-27 08:38 - 001422168 ___RA [15E52F52ED2B8ED122FAE897119687C4] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\WINWORD.EXE
2010-02-17 21:56 - 2010-02-17 21:56 - 001199008 ___RA [41BB0CE03E066012F36F5EE81AA5A737] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\WKCONV.EXE
2010-03-24 20:28 - 2010-03-24 20:28 - 001858400 ___RA [C7CA74A7F624E8F57F3D62D9B59CC0FB] () C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\WORDICON.EXE
2010-03-27 08:45 - 2010-03-27 08:45 - 005460312 ___RA [C9A2FDB5C19F1F6B656D609F4B6FF8C3] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\WRD12CNV.DLL
2010-03-27 08:38 - 2010-03-27 08:38 - 019370840 ___RA [3D16F8BF763459E208D49C821D63A959] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\WWLIB.DLL
2010-03-13 00:50 - 2010-03-13 00:50 - 017800544 ___RA [DEF8D3EC3D85DC8DAE33683766D0BE5E] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\XL12CNV.EXE
2010-03-13 01:01 - 2010-03-13 01:01 - 000009592 ___RA [276F111DCC841C4C72B95DC429802BD5] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\XLCALL32.DLL
2010-03-24 20:28 - 2010-03-24 20:28 - 001479520 ___RA [4BA6116A63C53A64AAF044BCCA71FEDA] () C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\XLICONS.EXE
2010-01-09 21:28 - 2010-01-09 21:28 - 001368064 ___RA [E5391F06D55B15E7DB30051FAD738FF5] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.4763\XOCR3.PSP
2016-12-27 13:50 - 2017-04-17 15:56 - 000000000 __SHD [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.7015
2013-02-18 16:45 - 2013-02-18 16:45 - 000544920 ___RA [CC98FD9B25BE402A9C9ED9B32B0EE65A] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.7015\ACACEDAO.DLL
2012-11-20 20:24 - 2012-11-20 20:24 - 001450048 ___RA [B067EA7D33641ECC17787FD106E86518] () C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.7015\ACCICONS.EXE
2010-10-20 16:36 - 2010-10-20 16:36 - 000164224 ___RA [01BDE27895DFEFAC30AEE44B80DD1493] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.7015\ACCWIZ.DLL
2013-02-18 16:45 - 2013-02-18 16:45 - 001843816 ___RA [96B518B62E482D74404D5F1F8C240D8F] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.7015\ACECORE.DLL
2013-02-18 16:45 - 2013-02-18 16:45 - 000544920 ___RA [CC98FD9B25BE402A9C9ED9B32B0EE65A] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.7015\ACEDAO.DLL
2013-02-18 16:45 - 2013-02-18 16:45 - 000037000 ___RA [2328DAB740F3058B0BC040AAD2839F82] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.7015\ACEERR.DLL
2013-02-18 16:45 - 2013-02-18 16:45 - 000647816 ___RA [89F04D75CEB70DEAB2C8D47E15F906C0] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.7015\ACEES.DLL
2013-02-18 16:45 - 2013-02-18 16:45 - 000335488 ___RA [D32C20FEB3D64EC5089F236D33A1085E] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.7015\ACEEXCH.DLL
2013-06-27 22:07 - 2013-06-27 22:07 - 000646368 ___RA [0DF4C75F989A6BD872FB1748EBC78C5B] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.7015\ACEEXCL.DLL
2013-02-14 15:21 - 2013-02-14 15:21 - 000279696 ___RA [5A77F7C098483B429B51EA528352385B] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.7015\ACEODBC.DLL
2012-10-31 17:52 - 2012-10-31 17:52 - 000015536 ___RA [5CCBE894C2780CA8E595AF2AAE5BC3DC] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.7015\ACEODDBS.DLL
2012-10-31 17:52 - 2012-10-31 17:52 - 000015536 ___RA [FCC0FB3C183027C9FEDB62AC25AF9F58] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.7015\ACEODEXL.DLL
2012-10-31 17:52 - 2012-10-31 17:52 - 000015528 ___RA [8430C591B95A0F610174028C94590915] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.7015\ACEODTXT.DLL
2013-03-08 23:59 - 2013-03-08 23:59 - 000378072 ___RA [77A745B9C26ACCABF98218D5942EAA19] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.7015\ACEOLEDB.DLL
2013-02-14 15:21 - 2013-02-14 15:21 - 000330360 ___RA [F96DE7533E0E5F8F1692D49EE25149B5] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.7015\ACER3X.DLL
2013-02-14 15:21 - 2013-02-14 15:21 - 000045728 ___RA [9A384587D2BB88F7646DF38B5D3E3BA9] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.7015\ACERCLR.DLL
2013-02-18 16:45 - 2013-02-18 16:45 - 000528536 ___RA [78E16C3A5C1E7A87D6B977925229DA1E] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.7015\ACEREP.DLL
2013-02-18 16:45 - 2013-02-18 16:45 - 000221304 ___RA [08F1F4B2DCD23BEF2747F74E2960AA2D] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.7015\ACETXT.DLL
2013-02-18 16:45 - 2013-02-18 16:45 - 000363656 ___RA [4F75717682E24C330FC20601DFECB626] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.7015\ACEXBE.DLL
2010-03-24 18:21 - 2010-03-24 18:21 - 000000135 ___RA [36E9ABDF1C19EFE361CFFEE3CCC11D36] () C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.7015\ActionsPane3.xsd_x86.3643236F_FC70_11D3_A536_0090278A1BB8.923C1899_09AE_418B_B39D_A7A9EB6A7951
2010-03-12 22:54 - 2010-03-12 22:54 - 000000928 ___RA [3A62840B28DF18914753EA0DCF0E7D47] () C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.7015\COLORSCHEME_ADJACENCY.XML
2010-03-12 22:54 - 2010-03-12 22:54 - 000000925 ___RA [05B71D6D542658D65C4D1AC999E1803B] () C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.7015\COLORSCHEME_ANGLES.XML
2010-03-12 22:51 - 2010-03-12 22:51 - 000000959 ___RA [CCF09A5AF3B4D3A8557E477B05D05D6E] () C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.7015\COLORSCHEME_APEX.XML
2010-03-12 22:53 - 2010-03-12 22:53 - 000000965 ___RA [5EED580B637A2D8547FB45DBD7B34BD8] () C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.7015\COLORSCHEME_APOTHECARY.XML
2010-03-12 22:51 - 2010-03-12 22:51 - 000000961 ___RA [230FD35FA718EF39DD83D022D06869A5] () C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.7015\COLORSCHEME_ASPECT.XML
2010-03-12 22:53 - 2010-03-12 22:53 - 000000961 ___RA [5F62E383CA6F17FD423F3BBDE1C52779] () C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.7015\COLORSCHEME_AUSTIN.XML
2010-03-12 22:54 - 2010-03-12 22:54 - 000000927 ___RA [6C8ED6BC0C8497749EC68022E3752CDF] () C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.7015\COLORSCHEME_BLACKTIE.XML
2010-03-12 22:51 - 2010-03-12 22:51 - 000000960 ___RA [29153508F17D45E4F9D1F60E101ECAD5] () C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.7015\COLORSCHEME_CIVIC.XML
2010-03-12 22:53 - 2010-03-12 22:53 - 000000926 ___RA [A64CA07E99187D49A11D40BC9B945DD5] () C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.7015\COLORSCHEME_CLARITY.XML
2010-03-12 22:54 - 2010-03-12 22:54 - 000000964 ___RA [3CBD54C548A2D360BCEEE309F685317B] () C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.7015\COLORSCHEME_COMPOSITE.XML
2010-03-12 22:51 - 2010-03-12 22:51 - 000000964 ___RA [A74D882E414CD08CA8D786D441B8879D] () C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.7015\COLORSCHEME_CONCOURSE.XML
2010-03-12 22:54 - 2010-03-12 22:54 - 000000962 ___RA [6B69A217A0B110F875D19E9740D0879D] () C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.7015\COLORSCHEME_COUTURE.XML
2010-03-12 22:54 - 2010-03-12 22:54 - 000000964 ___RA [3879A65A35FFC410EBDDAFAB222B5015] () C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.7015\COLORSCHEME_ELEMENTAL.XML
2010-03-12 22:52 - 2010-03-12 22:52 - 000000961 ___RA [9E344074C3670ACEF7191B335D4EA941] () C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.7015\COLORSCHEME_EQUITY.XML
2010-03-12 22:53 - 2010-03-12 22:53 - 000000928 ___RA [13BBCFAE1DD2B419E00E5196EF97DD3B] () C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.7015\COLORSCHEME_ESSENTIAL.XML
2010-03-12 22:54 - 2010-03-12 22:54 - 000000964 ___RA [7EA7EBB2CAA1476BBECC597D0074C885] () C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.7015\COLORSCHEME_EXECUTIVE.XML
2010-03-12 22:52 - 2010-03-12 22:52 - 000000959 ___RA [423C28D4FFE0C989FB46DE8886E1B664] () C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.7015\COLORSCHEME_FLOW.XML
2010-03-12 22:52 - 2010-03-12 22:52 - 000000962 ___RA [716953B321F1C65538549623CEDD98D6] () C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.7015\COLORSCHEME_FOUNDRY.XML
2006-08-08 11:40 - 2006-08-08 11:40 - 000000928 ___RA [F1290BFEFD5DDB74433BB79EA3D64DB7] () C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.7015\COLORSCHEME_GRAYSCALE.XML
2010-03-12 22:53 - 2010-03-12 22:53 - 000000959 ___RA [6720A835A80C95940A63E774ACE80CE1] () C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.7015\COLORSCHEME_GRID.XML
2010-03-12 22:53 - 2010-03-12 22:53 - 000000964 ___RA [AFAA7CD85AC3DA13F70E0F1FEC3ABB90] () C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.7015\COLORSCHEME_HARDCOVER.XML
2010-03-12 22:55 - 2010-03-12 22:55 - 000000926 ___RA [2DD3E80394E53E7440E2EC0173D48BFB] () C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.7015\COLORSCHEME_HORIZON.XML
2010-03-12 22:52 - 2010-03-12 22:52 - 000000961 ___RA [2B6902CFA6E51B231C661EE70D316461] () C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.7015\COLORSCHEME_MEDIAN.XML
2010-03-12 22:52 - 2010-03-12 22:52 - 000000960 ___RA [D6F4823E22065AFA7556BAE0880EA3A1] () C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.7015\COLORSCHEME_METRO.XML
2010-03-12 22:52 - 2010-03-12 22:52 - 000000961 ___RA [0D3438E2C9C23345087AB8DCD83D16CB] () C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.7015\COLORSCHEME_MODULE.XML
2010-03-12 22:55 - 2010-03-12 22:55 - 000000964 ___RA [BB0FC21617A86FB1BF8D3063925C25E3] () C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.7015\COLORSCHEME_NEWSPRINT.XML
2010-03-12 22:52 - 2010-03-12 22:52 - 000000962 ___RA [103A01BB0E54E496175843B04AAFF061] () C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.7015\COLORSCHEME_OPULENT.XML
2010-03-12 22:52 - 2010-03-12 22:52 - 000000960 ___RA [CA64C9E38B9DCEC26433CC170817BE9B] () C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.7015\COLORSCHEME_ORIEL.XML
2010-03-12 22:52 - 2010-03-12 22:52 - 000000961 ___RA [4ED6F7A4614AD46D57C614E38DFA114C] () C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.7015\COLORSCHEME_ORIGIN.XML
2010-03-12 22:52 - 2010-03-12 22:52 - 000000960 ___RA [35EEE65EFAEF1581266D6C706C09374B] () C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.7015\COLORSCHEME_PAPER.XML
2010-03-12 22:53 - 2010-03-12 22:53 - 000000966 ___RA [7B67829B50FD917F51E4D321C46AAD6A] () C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.7015\COLORSCHEME_PERSPECTIVE.XML
2010-03-12 22:54 - 2010-03-12 22:54 - 000000962 ___RA [1737930A7BD593C8747BDDCA6AFA3318] () C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.7015\COLORSCHEME_PUSHPIN.XML
2010-03-12 22:55 - 2010-03-12 22:55 - 000000965 ___RA [3C452BB8080B8C5F38EC422A9D75A242] () C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.7015\COLORSCHEME_SLIPSTREAM.XML
2010-03-12 22:52 - 2010-03-12 22:52 - 000000963 ___RA [1654677136A9CFDFD0CF4B54BC65E951] () C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.7015\COLORSCHEME_SOLSTICE.XML
2010-03-12 22:53 - 2010-03-12 22:53 - 000000962 ___RA [4D2117349C899809119DE6B956FB43DC] () C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.7015\COLORSCHEME_TECHNIC.XML
2010-03-12 22:54 - 2010-03-12 22:54 - 000000961 ___RA [553B3637AB30E25A3EAFCC383452DBAD] () C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.7015\COLORSCHEME_THATCH.XML
2010-03-12 22:53 - 2010-03-12 22:53 - 000000959 ___RA [9B2915F8B38F97228A0B2E7977B4086A] () C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.7015\COLORSCHEME_TREK.XML
2010-03-12 22:53 - 2010-03-12 22:53 - 000000960 ___RA [96DA8F32E708863492F44245845E1A23] () C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.7015\COLORSCHEME_URBAN.XML
2010-03-12 22:53 - 2010-03-12 22:53 - 000000960 ___RA [F0D4497AC27C689D1A952B84F9A5DD59] () C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.7015\COLORSCHEME_VERVE.XML
2010-03-12 22:54 - 2010-03-12 22:54 - 000000963 ___RA [C206658578B3F6B65830265D5F93DD8D] () C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.7015\COLORSCHEME_WAVEFORM.XML
2013-06-27 22:07 - 2013-06-27 22:07 - 003523320 ___RA [7BDB2B51F2B914EFAD1141F6BB86C487] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.7015\CSI.DLL.x86
2013-06-27 21:05 - 2013-06-27 21:05 - 020392608 ___RA [716335EDBB91DA84FC102425BFDA957E] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.7015\EXCEL.EXE
2013-02-18 14:42 - 2013-02-18 14:42 - 000101992 ___RA [F7BA3446A6AA42E3A38597CC8E826C79] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.7015\EXP_PDF.DLL
2012-12-10 10:49 - 2012-12-10 10:49 - 000454744 ___RA [7172970EFFB3EA5600B53D5905566ED0] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.7015\EXPSRV.DLL
|
|
26.11.2017, 17:35
| #11 |
| | windows10: AVIRA meldet Trojaner-FundCode:
ATTFilter 2010-10-20 12:44 - 2010-10-20 12:44 - 001207656 ___RA [809F27F4C0E30691D0FE7109BF78293F] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.7015\FM20.DLL
2010-03-12 22:54 - 2010-03-12 22:54 - 000003609 ___RA [BC6C3F5337E3EF527E2BF03DEC2DDA1F] () C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.7015\FONTSCHEME_ADJACENCY.XML
2010-03-12 22:54 - 2010-03-12 22:54 - 000003626 ___RA [3834E7649B8FE9C52F8E501D58D89A98] () C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.7015\FONTSCHEME_ANGLES.XML
2010-03-12 22:51 - 2010-03-12 22:51 - 000003822 ___RA [D395CF1C14FAC7B6F01B8C53E5858005] () C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.7015\FONTSCHEME_APEX.XML
2010-03-12 22:53 - 2010-03-12 22:53 - 000003615 ___RA [C6945C50627E89E14E01CCC9847F62E5] () C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.7015\FONTSCHEME_APOTHECARY.XML
2010-03-12 22:51 - 2010-03-12 22:51 - 000003595 ___RA [52C013E2BBCDD8E4154C344AA2B5E388] () C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.7015\FONTSCHEME_ASPECT.XML
2010-03-12 22:53 - 2010-03-12 22:53 - 000003606 ___RA [A44B775C48550F4A15C4A8D83B81E4E7] () C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.7015\FONTSCHEME_AUSTIN.XML
2010-03-12 22:54 - 2010-03-12 22:54 - 000003835 ___RA [6BA01FE8879021A62A7AF69D5849D261] () C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.7015\FONTSCHEME_BLACKTIE.XML
2010-03-12 22:51 - 2010-03-12 22:51 - 000003615 ___RA [339F4C1864C6D092C5F81FB2F23346F7] () C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.7015\FONTSCHEME_CIVIC.XML
2010-03-12 22:53 - 2010-03-12 22:53 - 000003599 ___RA [8CE1473D98015A930FF14D1CA49E5DF3] () C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.7015\FONTSCHEME_CLARITY.XML
2010-03-12 22:54 - 2010-03-12 22:54 - 000003598 ___RA [1ABAF0937DC2C6AF40CD52CBC7DB4D59] () C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.7015\FONTSCHEME_COMPOSITE.XML
2010-03-12 22:51 - 2010-03-12 22:51 - 000003526 ___RA [4E600E5D446D97BDEE886F552C86EF13] () C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.7015\FONTSCHEME_CONCOURSE.XML
2010-03-12 22:54 - 2010-03-12 22:54 - 000003836 ___RA [ABC32FA7DC5F8D56DF7C733DBFDECB53] () C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.7015\FONTSCHEME_COUTURE.XML
2010-03-12 22:54 - 2010-03-12 22:54 - 000003656 ___RA [6384C2ED685D400F55D9DA3BA526D76B] () C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.7015\FONTSCHEME_ELEMENTAL.XML
2010-03-12 22:52 - 2010-03-12 22:52 - 000003829 ___RA [FD8EF77A8A4BFDB08334D9A6B2A63EB2] () C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.7015\FONTSCHEME_EQUITY.XML
2010-03-12 22:53 - 2010-03-12 22:53 - 000003606 ___RA [A17134DE21AEDFF62EB87C07B8868245] () C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.7015\FONTSCHEME_ESSENTIAL.XML
2010-03-12 22:54 - 2010-03-12 22:54 - 000003631 ___RA [0B5D5772D9150624F3A4D8946AA0A4E8] () C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.7015\FONTSCHEME_EXECUTIVE.XML
2010-03-12 22:52 - 2010-03-12 22:52 - 000003509 ___RA [DB9194B3011851FAAC74913B49FCC2E9] () C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.7015\FONTSCHEME_FLOW.XML
2010-03-12 22:52 - 2010-03-12 22:52 - 000003796 ___RA [A487356DED3400253057258025AF0D80] () C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.7015\FONTSCHEME_FOUNDRY.XML
2010-03-12 22:53 - 2010-03-12 22:53 - 000003673 ___RA [1EF0015C214E1F69DB13A3CCBD5BD299] () C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.7015\FONTSCHEME_GRID.XML
2010-03-12 22:53 - 2010-03-12 22:53 - 000003849 ___RA [A1F534F234EBF5FD676E3A1B7F93E3AB] () C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.7015\FONTSCHEME_HARDCOVER.XML
2010-03-12 22:55 - 2010-03-12 22:55 - 000003626 ___RA [F4FE477FB0010EC0D047ED7EE7A065A2] () C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.7015\FONTSCHEME_HORIZON.XML
2010-03-12 22:52 - 2010-03-12 22:52 - 000003821 ___RA [14467703E05083F86FDDABF6DF7C73D8] () C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.7015\FONTSCHEME_MEDIAN.XML
2010-03-12 22:52 - 2010-03-12 22:52 - 000003603 ___RA [A75CB98159A9C97C4A5484224F0DC6A2] () C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.7015\FONTSCHEME_METRO.XML
2010-03-12 22:52 - 2010-03-12 22:52 - 000003589 ___RA [53B3E1389F4EB7DAF15E80A2F5B694F1] () C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.7015\FONTSCHEME_MODULE.XML
2010-03-12 22:55 - 2010-03-12 22:55 - 000003641 ___RA [221C270C5DB989549D04509464E3DDED] () C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.7015\FONTSCHEME_NEWSPRINT.XML
2009-04-08 18:35 - 2009-04-08 18:35 - 000003605 ___RA [5C39323E06A20D8867C5505B8879CC09] () C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.7015\FONTSCHEME_OFFICE2.XML
2009-04-08 18:35 - 2009-04-08 18:35 - 000003616 ___RA [78797C6E52085E86AA44DE641E748EA0] () C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.7015\FONTSCHEME_OFFICECLASSIC.XML
2009-04-08 18:35 - 2009-04-08 18:35 - 000003585 ___RA [EE3D47DD3008C53F34C95C5314CCC516] () C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.7015\FONTSCHEME_OFFICECLASSIC2.XML
2010-03-12 22:52 - 2010-03-12 22:52 - 000003613 ___RA [363C0FF420EE73B0D0806BC0C4C92395] () C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.7015\FONTSCHEME_OPULENT.XML
2010-03-12 22:52 - 2010-03-12 22:52 - 000003674 ___RA [0355FCD0E232D07E000C722ECA86DABD] () C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.7015\FONTSCHEME_ORIEL.XML
2010-03-12 22:52 - 2010-03-12 22:52 - 000003821 ___RA [C7C3E50235C896A5AC3D90592DE1800E] () C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.7015\FONTSCHEME_ORIGIN.XML
2010-03-12 22:52 - 2010-03-12 22:52 - 000003628 ___RA [3F0CB677B1530ED9708AD40ED3B9F50E] () C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.7015\FONTSCHEME_PAPER.XML
2010-03-12 22:53 - 2010-03-12 22:53 - 000003599 ___RA [8CE1473D98015A930FF14D1CA49E5DF3] () C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.7015\FONTSCHEME_PERSPECTIVE.XML
2010-03-12 22:54 - 2010-03-12 22:54 - 000003711 ___RA [EF70FCABEBD34BA8A09FCBE00B626F65] () C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.7015\FONTSCHEME_PUSHPIN.XML
2010-03-12 22:55 - 2010-03-12 22:55 - 000003608 ___RA [39801F8E3458339870F475983A04BBC8] () C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.7015\FONTSCHEME_SLIPSTREAM.XML
2010-03-12 22:52 - 2010-03-12 22:52 - 000003817 ___RA [422395E53C571F3C2E4616F8121CF470] () C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.7015\FONTSCHEME_SOLSTICE.XML
2010-03-12 22:53 - 2010-03-12 22:53 - 000003603 ___RA [74148D7FDFE99D9E2C8F65350702EADE] () C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.7015\FONTSCHEME_TECHNIC.XML
2010-03-12 22:54 - 2010-03-12 22:54 - 000003839 ___RA [AA6E525057726AEBCD8D9F1BAC2A917C] () C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.7015\FONTSCHEME_THATCH.XML
2010-03-12 22:53 - 2010-03-12 22:53 - 000003616 ___RA [9F7A0B37DEB9785A2F2EA428E4F12EAA] () C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.7015\FONTSCHEME_TREK.XML
2010-03-12 22:53 - 2010-03-12 22:53 - 000003609 ___RA [BBC66A41984DE1C5CA3A72632D56E8A7] () C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.7015\FONTSCHEME_URBAN.XML
2010-03-12 22:53 - 2010-03-12 22:53 - 000003604 ___RA [15D87A1FBF6E3EAF79DC5A23BFB87B55] () C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.7015\FONTSCHEME_VERVE.XML
2010-03-12 22:54 - 2010-03-12 22:54 - 000003577 ___RA [CE5833C686A99EFDA8CEF494655E3CB9] () C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.7015\FONTSCHEME_WAVEFORM.XML
2012-08-29 02:27 - 2012-08-29 02:27 - 000973472 ___RA [38081033065AC10D899773EF3B5A6D50] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.7015\FPWEC.DLL.x86
2013-06-27 21:07 - 2013-06-27 21:07 - 001758376 ___RA [0F0F08085F26929D90DF0A122D2FD686] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.7015\GFX.DLL
2013-07-15 12:22 - 2013-07-15 12:22 - 003398336 ___RA [4C4467B38F73EB002BEDF8BBF0C1E3FE] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.7015\GKEXCEL.DLL
2013-03-09 00:06 - 2013-03-09 00:06 - 002133696 ___RA [E4B734CF8CD7CB847C776DB20C9C97A1] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.7015\GKPOWERPOINT.DLL
2013-03-09 00:06 - 2013-03-09 00:06 - 002356416 ___RA [0716F83CFC49FAFC7560AF0F2945A461] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.7015\GKWORD.DLL
2013-03-20 01:20 - 2013-03-20 01:20 - 004303552 ___RA [C87161F071E20CFF80F0E6CE4F80E4B8] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.7015\GRAPH.EXE
2013-03-09 00:10 - 2013-03-09 00:10 - 030798512 ___RA [240C981735B054738A2A32178366166A] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.7015\GROOVE.EXE
2013-03-09 00:10 - 2013-03-09 00:10 - 004171464 ___RA [D1F438E9DFD869B33D1EDB635764C892] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.7015\GROOVEEX.DLL.x86
2012-03-14 04:35 - 2012-03-14 04:35 - 000197408 ___RA [7A420994243B8C91F8AE16526BF5C2A6] () C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.7015\IEAWSDC.DLL.x86
2013-03-09 00:04 - 2013-03-09 00:04 - 000579296 ___RA [FBF695280D669BE90E60675F1099329A] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.7015\IECONTENTSERVICE.EXE
2013-02-18 16:50 - 2013-02-18 16:50 - 001744464 ___RA [5FAB97BE7491316D5C1F2E3CC1AD6965] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.7015\INFOPATH.EXE
2012-09-11 04:13 - 2012-09-11 04:13 - 029052928 ___RA [DE28158E513209432F3ADCBF5A3E67FB] () C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.7015\INSTALLED_RESOURCES14.XSS
2012-09-11 04:13 - 2012-09-11 04:13 - 000544768 ___RA [5AEB94556EA54D29F3391FFC27349291] () C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.7015\INSTALLED_SCHEMAS14.XSS
2010-10-20 15:43 - 2010-10-20 15:43 - 000011648 ___RA [E4B4C7E36666DFC37C55691C63931D25] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.7015\INTGMAT.DLL
2012-10-03 08:47 - 2012-10-03 08:47 - 000019592 ___RA [3851069C89A9C07287A44B05D00FD948] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.7015\INTMAPI.DLL
2013-02-18 16:50 - 2013-02-18 16:50 - 005794904 ___RA [439081BA4F16F5AF2FD281F9DFA3D73F] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.7015\IPDESIGN.DLL
2013-02-18 16:50 - 2013-02-18 16:50 - 005369936 ___RA [7247277B2D55BEBE991578FC4C1EF623] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.7015\IPEDITOR.DLL
2013-02-14 16:11 - 2013-02-14 16:11 - 000170088 ___RA [C396EADA4E9EA6D0C2FA1571E7909C01] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.7015\IPOLK.DLL
2010-03-11 00:44 - 2010-03-11 00:44 - 000193928 ___RA [37CD4ED547914384C817AED45B50B8A4] (Windows (R) Codename Longhorn DDK provider) C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.7015\LICLUA.EXE
2013-02-14 15:12 - 2013-02-14 15:12 - 000698952 ___RA [5F4579001971C194E5FB60E35B843801] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.7015\MEDCAT.DLL
2013-03-09 00:04 - 2013-03-09 00:04 - 000457928 ___RA [66D9AE5529FF8335F5EDDF4E57008706] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.7015\MORPH9.DLL
2013-06-27 22:09 - 2013-06-27 22:09 - 013791400 ___RA [2E7DEF0540ACAF14534876D077065579] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.7015\MSACCESS.EXE
2010-10-20 16:16 - 2010-10-20 16:16 - 000001376 ___RA [66012B0E005310568B0E5C3B16862708] () C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.7015\MSACCESS.MAN
2012-11-05 15:30 - 2012-11-05 15:30 - 000062568 ___RA [3BC76CF01D504C74B49C932AA3809B1E] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.7015\MSAEXP30.DLL
2012-06-05 23:47 - 2012-06-05 23:47 - 001070152 ___RA [E52859FCB7A827CACFCE7963184C7D24] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.7015\MSCOMCTL.OCX
2013-06-27 19:26 - 2013-06-27 19:26 - 018635968 ___RA [AB4FE7E4B1B1B845D789EF6C30FCA1FE] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.7015\MSO.DLL.x86
2013-06-27 22:08 - 2013-06-27 22:08 - 000019672 ___RA [D7DF9C48FC07C19C39602BE8DC3E6E4F] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.7015\MSOCFU.DLL
2012-01-18 03:24 - 2012-01-18 03:24 - 072524600 ___RA [76A5DB2B33E75128AE6309AE68A5D0A2] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.7015\MSORES.DLL
2013-03-09 00:01 - 2013-03-09 00:01 - 000720064 ___RA [C3A05B3CC17A3DCBCB5D2998CF025D49] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.7015\MSOSYNC.EXE
2012-10-31 12:20 - 2012-10-31 12:20 - 000766560 ___RA [33E41F1807435FFDB0C4E976E035BAA5] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.7015\MSPTLS.DLL_0001
2013-03-09 00:04 - 2013-03-09 00:04 - 009675928 ___RA [9759CC15D4228C0E4DEF8C49044DAA30] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.7015\MSPUB.EXE
2013-02-14 15:12 - 2013-02-14 15:12 - 000703048 ___RA [E9FD5A79A7C292B6A603474B55AC3E5B] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.7015\MSTORDB.EXE
2013-02-14 15:12 - 2013-02-14 15:12 - 000107072 ___RA [89A950C4ED7C6790D7E0C28DB4B709A0] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.7015\MSTORE.EXE
2013-02-14 15:12 - 2013-02-14 15:12 - 000421968 ___RA [3F87BD1C0A9DDBA0AD5063E325F6D9E6] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.7015\MSTORES.DLL
2013-06-27 21:21 - 2013-06-27 21:21 - 020536488 ___RA [052508744F630E337099175BFCFFADCC] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.7015\OART.DLL
2013-06-26 06:00 - 2013-06-26 06:00 - 011138240 ___RA [4D7E7F51BFFAF331E03B61E8A0000A7F] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.7015\OARTCONV.DLL
2013-06-25 21:20 - 2013-06-25 21:20 - 000988888 ___RA [3AFDAFE7AFB0F6A38BF5F8E3B6FC793D] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.7015\ODFFILT.DLL.x86
2013-04-04 01:09 - 2013-04-04 01:09 - 004300456 ___RA [A026BD4085C0E933A57E1B81840DDD83] () C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.7015\OFFICE.ODF
2013-03-06 08:13 - 2013-03-06 08:13 - 007280312 ___RA [E75B8E28D9CCA28B2CAF1EBABFBF36AD] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.7015\OFFOWC.DLL
2013-03-06 08:07 - 2013-03-06 08:07 - 000404152 ___RA [722DB78DF98EDA29F92F1E19CBF89691] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.7015\OFFXML.DLL
2013-03-09 00:04 - 2013-03-09 00:04 - 000645320 ___RA [81405F394968C34536E25D45D0776273] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.7015\ONBTTNIE.DLL.x86
2013-03-09 00:04 - 2013-03-09 00:04 - 000498376 ___RA [40E1F615AC4DF7A476F340E12DEF53AA] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.7015\ONBTTNIELINKEDNOTES.DLL.x86
2013-03-09 00:04 - 2013-03-09 00:04 - 000699056 ___RA [4AAD0FD497F197BAD81FB17FEC70AD33] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.7015\ONBTTNOL.DLL
2013-03-09 00:04 - 2013-03-09 00:04 - 000534712 ___RA [68F1D8F0C1F87B7A50BD148FF83ACBB2] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.7015\ONBTTNPPT.DLL
2013-03-09 00:04 - 2013-03-09 00:04 - 000534696 ___RA [C3C940AED96A43D2B6E0773BBF935B48] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.7015\ONBTTNWD.DLL
2013-06-27 22:09 - 2013-06-27 22:09 - 001692840 ___RA [36068BFE22BF029401D56560FD0976F1] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.7015\ONENOTE.EXE
2012-09-12 17:53 - 2012-09-12 17:53 - 000000231 ___RA [7B38BF9652107219FE2BA4E86F2B6D42] () C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.7015\ONENOTE.EXE.CONFIG
2013-06-25 22:30 - 2013-06-25 22:30 - 001301208 ___RA [8B273092C3044A0679074EF44DBC5930] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.7015\ONENOTELSA.DLL
2013-06-25 22:28 - 2013-06-25 22:28 - 000228552 ___RA [8F03DEFBB1DB93233EF926474C9E48A5] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.7015\ONENOTEM.EXE
2013-06-25 22:28 - 2013-06-25 22:28 - 000141496 ___RA [5C03D37261B7FEEDFF107A25D1F72E35] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.7015\ONENOTEMANAGED.DLL
2013-06-27 22:09 - 2013-06-27 22:09 - 009244336 ___RA [3D43081D5AE4AE52E72658E34965C16F] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.7015\ONMAIN.DLL
2013-03-09 00:04 - 2013-03-09 00:04 - 000561848 ___RA [28BA2B13B784DF047EFB13B0775321F8] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.7015\ONPPTADDIN.DLL
2013-03-06 08:30 - 2013-03-06 08:30 - 000921848 ___RA [627C883DA6D50B490235D961F786DD7B] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.7015\ONSYNCPC.DLL.x86
2013-03-09 00:04 - 2013-03-09 00:04 - 000618152 ___RA [FFDBEC62C54773C9FAC54EA03F6C8690] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.7015\ONWORDADDIN.DLL
2013-03-06 08:42 - 2013-03-06 08:42 - 005799080 ___RA [892000AD8462EF84C4677F71C8F4BFCC] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.7015\OSETUP.DLL
2010-10-22 14:55 - 2010-10-22 14:55 - 002162024 ___RA [0F144ECA8CFEC8882A3809D176886255] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.7015\POWERPNT.EXE
2013-06-27 21:14 - 2013-06-27 21:14 - 009745584 ___RA [EE0D28DB1EDD40E24841E66A1A26F841] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.7015\PPCORE.DLL
2012-11-20 20:24 - 2012-11-20 20:24 - 003793472 ___RA [C39CE795D0B48CB65909BE44A132E119] () C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.7015\PPTICO.EXE
2010-12-21 00:39 - 2010-12-21 00:39 - 000139136 ___RA [0C2DF937BB91C26EC8D5A34CAA8FDD55] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.7015\PRTF9.DLL
2013-02-18 16:44 - 2013-02-18 16:44 - 000625760 ___RA [C46A3017CC6F9921E3EF569EA5DB633D] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.7015\PTXT9.DLL
2013-03-09 00:04 - 2013-03-09 00:04 - 000615600 ___RA [87AE1A18A09CC53DCAF555FB1FCA36AB] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.7015\PUBCONV.DLL
2013-03-09 00:04 - 2013-03-09 00:04 - 000049320 ___RA [3F9057D4C416A557F09F45DDD3D14079] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.7015\PUBTRAP.DLL
2013-01-15 12:33 - 2013-01-15 12:33 - 001367640 ___RA [DD6607A4BD0FC5EB8A64DA562C14F138] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.7015\RICHED20.DLL_0001
2013-02-18 16:49 - 2013-02-18 16:49 - 000525424 ___RA [E872FB181027F7CBA53F4B93B15B871A] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.7015\SOA.DLL
2012-10-03 08:47 - 2012-10-03 08:47 - 000047752 ___RA [145AACE1C289A312A81D59977263BD75] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.7015\SPWADDDA.DLL
2012-10-03 08:47 - 2012-10-03 08:47 - 000043656 ___RA [42567F9938AE726CBC14F9FE4FAD3EE5] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.7015\SPWADDDS.DLL
2012-10-03 08:47 - 2012-10-03 08:47 - 000014472 ___RA [F4E68B55632DA13FD63FA14658DB7B4B] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.7015\SPWADDIF.DLL
2010-09-08 19:33 - 2010-09-08 19:33 - 000011004 ___RA [D6523FC0437572BF29C3B6F0D1E956FE] () C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.7015\SPWADDIN.XSD
2010-10-20 15:43 - 2010-10-20 15:43 - 000011136 ___RA [A29140FC24491C62B0D5FBDEF4B507EB] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.7015\SPWADDIT.DLL
2010-10-20 15:43 - 2010-10-20 15:43 - 000019328 ___RA [2DDFC214708ED4CECA1E56FE3771401E] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.7015\SPWADDTO.DLL
2013-01-07 15:33 - 2013-01-07 15:33 - 000640216 ___RA [347A51F65A83530F04002F46201A1AD4] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.7015\USP10.DLL_0002
2012-12-10 10:49 - 2012-12-10 10:49 - 000050272 ___RA [AAC786999127BF644763C8422EBF0C24] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.7015\VBAJET32.DLL
2012-12-10 10:49 - 2012-12-10 10:49 - 002689640 ___RA [F143F655D4CBC98FC3DEE3BCBA3C1ECF] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.7015\VBE7.DLL
2013-03-09 00:06 - 2013-03-09 00:06 - 000901304 ___RA [3947C0E9FBA82D5147AEC9787F71AB89] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.7015\VISSHE.DLL
2013-03-08 23:59 - 2013-03-08 23:59 - 000581296 ___RA [539E3C0854C32C0B23FCEEA4700AAF51] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.7015\VPREVIEW.EXE
2014-09-02 22:31 - 2014-09-02 22:31 - 000089610 ___RA [D93050043ACE6C8DA66AD8C161B7ADE1] () C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.7015\VSTOFiles_cat_x86.3643236F_FC70_11D3_A536_0090278A1BB8.452A3D81_F519_47A5_A9B2_7DEE71379BC4
2012-11-01 22:02 - 2012-11-01 22:02 - 005795928 ___RA [B65891B8527D489F70475AF297BF90E0] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.7015\VVIEWDWG.DLL.x86
2013-03-08 23:59 - 2013-03-08 23:59 - 004186784 ___RA [4D14774E26B5C108584A2FF6C5691573] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.7015\VVIEWER.DLL.x86
2013-06-27 21:06 - 2013-06-27 21:06 - 001423008 ___RA [5D798FF0BE2A8970D932568068ACFD9D] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.7015\WINWORD.EXE
2012-11-20 20:24 - 2012-11-20 20:24 - 001859136 ___RA [D52CBDE8BAEFADCC8C48623605B4C524] () C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.7015\WORDICON.EXE
2013-06-27 22:08 - 2013-06-27 22:08 - 005470368 ___RA [350886D3EF711AA3B8EA670BFE59A114] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.7015\WRD12CNV.DLL
2013-06-27 21:06 - 2013-06-27 21:06 - 019404960 ___RA [01D55B7CDC9691077B03F76322EFDA45] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.7015\WWLIB.DLL
2013-06-26 06:25 - 2013-06-26 06:25 - 017831584 ___RA [77279D2D6C90562F6AB54950467A2887] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.7015\XL12CNV.EXE
2012-11-20 20:24 - 2012-11-20 20:24 - 001480256 ___RA [F9C00C075FC9AD40135EC6B9695F49EB] () C:\WINDOWS\Installer\$PatchCache$\Managed\00004109110000000000000000F01FEC\14.0.7015\XLICONS.EXE
2016-12-27 13:46 - 2016-12-27 13:52 - 000000000 _ASHD [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\$PatchCache$\Managed\000041091A0070400000000000F01FEC
2016-12-27 13:46 - 2016-12-29 13:36 - 000000006 ___RA [CB546846CF30A219FCEA93A50B009DE3] () C:\WINDOWS\Installer\$PatchCache$\Managed\000041091A0070400000000000F01FEC\CacheSize.txt
2016-12-27 13:46 - 2016-12-27 13:52 - 000000000 __SHD [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\$PatchCache$\Managed\000041091A0070400000000000F01FEC\14.0.4763
2010-03-29 20:26 - 2010-03-29 20:26 - 000045960 ___RA [987F657313A388148599A9BAEBB9E7DC] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\000041091A0070400000000000F01FEC\14.0.4763\ONELEV.EXE_1031
2010-03-30 04:17 - 2010-03-30 04:17 - 000015200 ___RA [C8E84817CA5AD620C432846A4DE484CB] () C:\WINDOWS\Installer\$PatchCache$\Managed\000041091A0070400000000000F01FEC\14.0.4763\ONINTL.DLL.IDX_DLL_1031
2010-03-30 00:44 - 2010-03-30 00:44 - 003443096 ___RA [336146F20B887AD6E3563ADC082B6CE4] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\000041091A0070400000000000F01FEC\14.0.4763\ONINTL.DLL_1031
2010-03-30 04:17 - 2010-03-30 04:17 - 000112992 ___RA [132EBE28F8B713BCB6873D8A813892C0] () C:\WINDOWS\Installer\$PatchCache$\Managed\000041091A0070400000000000F01FEC\14.0.4763\ONINTL.REST.IDX_DLL_1031
2016-12-27 13:52 - 2016-12-29 13:36 - 000000000 __SHD [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\$PatchCache$\Managed\000041091A0070400000000000F01FEC\14.0.7015
2012-12-14 13:04 - 2012-12-14 13:04 - 003444872 ___RA [4EC9935DC05D6315F38C96DA71F9C710] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\000041091A0070400000000000F01FEC\14.0.7015\ONINTL.DLL_1031
2016-12-27 13:48 - 2016-12-27 13:52 - 000000000 _ASHD [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\$PatchCache$\Managed\00004109440070400000000000F01FEC
2016-12-27 13:48 - 2016-12-27 13:48 - 000000000 __SHD [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\$PatchCache$\Managed\00004109440070400000000000F01FEC\14.0.4763
2016-12-27 13:52 - 2016-12-27 13:52 - 000000000 __SHD [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\$PatchCache$\Managed\00004109440070400000000000F01FEC\14.0.7015
2016-12-27 13:48 - 2016-12-27 13:52 - 000000000 _ASHD [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\$PatchCache$\Managed\00004109510070400000000000F01FEC
2016-12-27 13:52 - 2016-12-27 13:52 - 000000004 ___RA [A8E2DCCF1FDAA2C062BCC4C433AE2CCB] () C:\WINDOWS\Installer\$PatchCache$\Managed\00004109510070400000000000F01FEC\CacheSize.txt
2016-12-27 13:48 - 2016-12-27 13:52 - 000000000 __SHD [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\$PatchCache$\Managed\00004109510070400000000000F01FEC\14.0.4763
2010-03-26 22:13 - 2010-03-26 22:13 - 000014200 ___RA [1A467729224763A1DAA39604D72E9C0F] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\00004109510070400000000000F01FEC\14.0.4763\BRANDING.DLL_1031
2010-03-27 05:50 - 2010-03-27 05:50 - 000801378 ___RA [185FF3A2853ED1025870B6604B7BBEDE] () C:\WINDOWS\Installer\$PatchCache$\Managed\00004109510070400000000000F01FEC\14.0.4763\BRANDING.XML_1031
2016-12-27 13:52 - 2016-12-27 13:52 - 000000000 __SHD [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\$PatchCache$\Managed\00004109510070400000000000F01FEC\14.0.7015
2012-11-20 20:19 - 2012-11-20 20:19 - 000014952 ___RA [3069757DCE17A6269ED857E64619C910] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\00004109510070400000000000F01FEC\14.0.7015\BRANDING.DLL_1031
2016-12-27 12:44 - 2016-12-27 13:52 - 000000000 _ASHD [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\$PatchCache$\Managed\00004109610070400000000000F01FEC
2016-12-27 13:52 - 2016-12-29 13:23 - 000000006 ___RA [A36319C155F23B122AA3E9C39E86513E] () C:\WINDOWS\Installer\$PatchCache$\Managed\00004109610070400000000000F01FEC\CacheSize.txt
2016-12-27 12:44 - 2016-12-29 13:23 - 000000000 __SHD [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\$PatchCache$\Managed\00004109610070400000000000F01FEC\14.0.4763
2007-11-20 17:59 - 2007-11-20 17:59 - 000210432 ___RA [94606DF4073A0FC8BAAE04311171BE21] () C:\WINDOWS\Installer\$PatchCache$\Managed\00004109610070400000000000F01FEC\14.0.4763\VBALISTE.XLS_1031
2009-12-17 09:51 - 2009-12-17 09:51 - 002053476 ___RA [6DD9D5A4D6A0F5A1E71A0F7C2B7B8656] () C:\WINDOWS\Installer\$PatchCache$\Managed\00004109610070400000000000F01FEC\14.0.4763\VBE.DEV.HXS_1031
2006-08-29 10:45 - 2006-08-29 10:45 - 000000114 ___RA [05F6432245E94DE4E1B342CC8E2D7F94] () C:\WINDOWS\Installer\$PatchCache$\Managed\00004109610070400000000000F01FEC\14.0.4763\VBE.DEV_A_COL.HXK_1031
2009-09-07 06:39 - 2009-09-07 06:39 - 000000790 ___RA [D0A7445C2E392A8B63B3413B56A6580C] () C:\WINDOWS\Installer\$PatchCache$\Managed\00004109610070400000000000F01FEC\14.0.4763\VBE.DEV_COL.HXC_1031
2006-09-18 04:03 - 2006-09-18 04:03 - 000000207 ___RA [6676CE5A58463DFB1305DC619431667E] () C:\WINDOWS\Installer\$PatchCache$\Managed\00004109610070400000000000F01FEC\14.0.4763\VBE.DEV_COL.HXT_1031
2006-09-18 04:03 - 2006-09-18 04:03 - 000000114 ___RA [B8FBBC73DDDE31636552AB184B4E398F] () C:\WINDOWS\Installer\$PatchCache$\Managed\00004109610070400000000000F01FEC\14.0.4763\VBE.DEV_F_COL.HXK_1031
2006-09-18 04:04 - 2006-09-18 04:04 - 000000113 ___RA [DB9742E49C49C505B293A84518E95FA5] () C:\WINDOWS\Installer\$PatchCache$\Managed\00004109610070400000000000F01FEC\14.0.4763\VBE.DEV_K_COL.HXK_1031
2010-03-20 21:28 - 2010-03-20 21:28 - 000098656 ___RA [B0C522FAD761CF3BDB22BE3FB22038CB] () C:\WINDOWS\Installer\$PatchCache$\Managed\00004109610070400000000000F01FEC\14.0.4763\XLINTL32.DLL.IDX_DLL_1031
2010-03-20 13:50 - 2010-03-20 13:50 - 002580352 ___RA [C87369081103C7E0D41D2C61E879D7CD] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\00004109610070400000000000F01FEC\14.0.4763\XLINTL32.DLL_1031
2010-03-20 21:28 - 2010-03-20 21:28 - 000377184 ___RA [E4DEB21F006CE7543F57DAC35155C7C7] () C:\WINDOWS\Installer\$PatchCache$\Managed\00004109610070400000000000F01FEC\14.0.4763\XLINTL32.REST.IDX_DLL_1031
2010-03-20 13:50 - 2010-03-20 13:50 - 000043904 ___RA [99D8BED6F4C8A0078D8B1A3BB822EB96] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\00004109610070400000000000F01FEC\14.0.4763\XLLEX.DLL_1031
2016-12-27 13:52 - 2016-12-29 13:23 - 000000000 __SHD [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\$PatchCache$\Managed\00004109610070400000000000F01FEC\14.0.7015
2011-02-19 01:39 - 2011-02-19 01:39 - 002580352 ___RA [54A29599921C96777ADD995C883BF79B] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\00004109610070400000000000F01FEC\14.0.7015\XLINTL32.DLL_1031
2016-12-27 12:43 - 2016-12-27 13:52 - 000000000 _ASHD [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\$PatchCache$\Managed\00004109810070400000000000F01FEC
2016-12-27 13:52 - 2016-12-29 13:17 - 000000006 ___RA [F3BC082EF846155FD993053A1F8E997D] () C:\WINDOWS\Installer\$PatchCache$\Managed\00004109810070400000000000F01FEC\CacheSize.txt
2016-12-27 12:43 - 2016-12-29 13:23 - 000000000 __SHD [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\$PatchCache$\Managed\00004109810070400000000000F01FEC\14.0.4763
2010-03-20 18:15 - 2010-03-20 18:15 - 000038240 ___RA [65BDCB68F5913458E57BA31B08DD5053] () C:\WINDOWS\Installer\$PatchCache$\Managed\00004109810070400000000000F01FEC\14.0.4763\PPINTL.DLL.IDX_DLL_1031
2010-03-20 15:12 - 2010-03-20 15:12 - 001342312 ___RA [59C23DB0B9DA89D1FCEF7D352D577539] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\00004109810070400000000000F01FEC\14.0.4763\PPINTL.DLL_1031
2010-03-20 18:15 - 2010-03-20 18:15 - 000138592 ___RA [96643CABFEE94386B1605253F409E19D] () C:\WINDOWS\Installer\$PatchCache$\Managed\00004109810070400000000000F01FEC\14.0.4763\PPINTL.REST.IDX_DLL_1031
2007-11-20 17:59 - 2007-11-20 17:59 - 000210432 ___RA [94606DF4073A0FC8BAAE04311171BE21] () C:\WINDOWS\Installer\$PatchCache$\Managed\00004109810070400000000000F01FEC\14.0.4763\VBALISTE.XLS_1031
2009-12-17 09:51 - 2009-12-17 09:51 - 002053476 ___RA [6DD9D5A4D6A0F5A1E71A0F7C2B7B8656] () C:\WINDOWS\Installer\$PatchCache$\Managed\00004109810070400000000000F01FEC\14.0.4763\VBE.DEV.HXS_1031
2006-08-29 10:45 - 2006-08-29 10:45 - 000000114 ___RA [05F6432245E94DE4E1B342CC8E2D7F94] () C:\WINDOWS\Installer\$PatchCache$\Managed\00004109810070400000000000F01FEC\14.0.4763\VBE.DEV_A_COL.HXK_1031
2009-09-07 06:39 - 2009-09-07 06:39 - 000000790 ___RA [D0A7445C2E392A8B63B3413B56A6580C] () C:\WINDOWS\Installer\$PatchCache$\Managed\00004109810070400000000000F01FEC\14.0.4763\VBE.DEV_COL.HXC_1031
2006-09-18 04:03 - 2006-09-18 04:03 - 000000207 ___RA [6676CE5A58463DFB1305DC619431667E] () C:\WINDOWS\Installer\$PatchCache$\Managed\00004109810070400000000000F01FEC\14.0.4763\VBE.DEV_COL.HXT_1031
2006-09-18 04:03 - 2006-09-18 04:03 - 000000114 ___RA [B8FBBC73DDDE31636552AB184B4E398F] () C:\WINDOWS\Installer\$PatchCache$\Managed\00004109810070400000000000F01FEC\14.0.4763\VBE.DEV_F_COL.HXK_1031
2006-09-18 04:04 - 2006-09-18 04:04 - 000000113 ___RA [DB9742E49C49C505B293A84518E95FA5] () C:\WINDOWS\Installer\$PatchCache$\Managed\00004109810070400000000000F01FEC\14.0.4763\VBE.DEV_K_COL.HXK_1031
2010-03-20 21:28 - 2010-03-20 21:28 - 000098656 ___RA [B0C522FAD761CF3BDB22BE3FB22038CB] () C:\WINDOWS\Installer\$PatchCache$\Managed\00004109810070400000000000F01FEC\14.0.4763\XLINTL32.DLL.IDX_DLL_1031
2010-03-20 13:50 - 2010-03-20 13:50 - 002580352 ___RA [C87369081103C7E0D41D2C61E879D7CD] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\00004109810070400000000000F01FEC\14.0.4763\XLINTL32.DLL_1031
2010-03-20 21:28 - 2010-03-20 21:28 - 000377184 ___RA [E4DEB21F006CE7543F57DAC35155C7C7] () C:\WINDOWS\Installer\$PatchCache$\Managed\00004109810070400000000000F01FEC\14.0.4763\XLINTL32.REST.IDX_DLL_1031
2010-03-20 13:50 - 2010-03-20 13:50 - 000043904 ___RA [99D8BED6F4C8A0078D8B1A3BB822EB96] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\00004109810070400000000000F01FEC\14.0.4763\XLLEX.DLL_1031
2016-12-27 13:52 - 2016-12-29 13:17 - 000000000 __SHD [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\$PatchCache$\Managed\00004109810070400000000000F01FEC\14.0.7015
2010-10-22 08:25 - 2010-10-22 08:25 - 001342312 ___RA [D08BA367FF52626C181DEE5DDD75A7A7] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\00004109810070400000000000F01FEC\14.0.7015\PPINTL.DLL_1031
2011-02-19 01:39 - 2011-02-19 01:39 - 002580352 ___RA [54A29599921C96777ADD995C883BF79B] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\00004109810070400000000000F01FEC\14.0.7015\XLINTL32.DLL_1031
2016-12-27 12:44 - 2016-12-27 13:52 - 000000000 _ASHD [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\$PatchCache$\Managed\00004109910070400000000000F01FEC
2016-12-27 13:52 - 2016-12-27 13:52 - 000000006 ___RA [48F66BC5BE07B3FBE8813570A04A89ED] () C:\WINDOWS\Installer\$PatchCache$\Managed\00004109910070400000000000F01FEC\CacheSize.txt
2016-12-27 12:44 - 2016-12-27 13:52 - 000000000 __SHD [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\$PatchCache$\Managed\00004109910070400000000000F01FEC\14.0.4763
2010-03-20 19:11 - 2010-03-20 19:11 - 000066912 ___RA [0CABCEEDC93A8616341FA9B8929BE4FB] () C:\WINDOWS\Installer\$PatchCache$\Managed\00004109910070400000000000F01FEC\14.0.4763\PUB6INTL.DLL.IDX_DLL_1031
2010-03-20 15:21 - 2010-03-20 15:21 - 007090536 ___RA [5F5E5F57DB9BCDAB4BAFE0A1D1EE6897] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\00004109910070400000000000F01FEC\14.0.4763\PUB6INTL.DLL_1031
2010-03-20 19:11 - 2010-03-20 19:11 - 000259424 ___RA [F6DAD35D5E978B58BA9171B5F939189D] () C:\WINDOWS\Installer\$PatchCache$\Managed\00004109910070400000000000F01FEC\14.0.4763\PUB6INTL.REST.IDX_DLL_1031
2009-12-17 09:51 - 2009-12-17 09:51 - 002053476 ___RA [6DD9D5A4D6A0F5A1E71A0F7C2B7B8656] () C:\WINDOWS\Installer\$PatchCache$\Managed\00004109910070400000000000F01FEC\14.0.4763\VBE.DEV.HXS_1031
2006-08-29 10:45 - 2006-08-29 10:45 - 000000114 ___RA [05F6432245E94DE4E1B342CC8E2D7F94] () C:\WINDOWS\Installer\$PatchCache$\Managed\00004109910070400000000000F01FEC\14.0.4763\VBE.DEV_A_COL.HXK_1031
2009-09-07 06:39 - 2009-09-07 06:39 - 000000790 ___RA [D0A7445C2E392A8B63B3413B56A6580C] () C:\WINDOWS\Installer\$PatchCache$\Managed\00004109910070400000000000F01FEC\14.0.4763\VBE.DEV_COL.HXC_1031
2006-09-18 04:03 - 2006-09-18 04:03 - 000000207 ___RA [6676CE5A58463DFB1305DC619431667E] () C:\WINDOWS\Installer\$PatchCache$\Managed\00004109910070400000000000F01FEC\14.0.4763\VBE.DEV_COL.HXT_1031
2006-09-18 04:03 - 2006-09-18 04:03 - 000000114 ___RA [B8FBBC73DDDE31636552AB184B4E398F] () C:\WINDOWS\Installer\$PatchCache$\Managed\00004109910070400000000000F01FEC\14.0.4763\VBE.DEV_F_COL.HXK_1031
2006-09-18 04:04 - 2006-09-18 04:04 - 000000113 ___RA [DB9742E49C49C505B293A84518E95FA5] () C:\WINDOWS\Installer\$PatchCache$\Managed\00004109910070400000000000F01FEC\14.0.4763\VBE.DEV_K_COL.HXK_1031
2016-12-27 13:52 - 2016-12-27 13:52 - 000000000 __SHD [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\$PatchCache$\Managed\00004109910070400000000000F01FEC\14.0.7015
2016-12-27 13:46 - 2016-12-27 13:52 - 000000000 _ASHD [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\$PatchCache$\Managed\00004109A10070400000000000F01FEC
2016-12-27 13:52 - 2016-12-29 13:21 - 000000005 ___RA [8F3C5F67F01E7DCD1DF0E39967228E1E] () C:\WINDOWS\Installer\$PatchCache$\Managed\00004109A10070400000000000F01FEC\CacheSize.txt
2016-12-27 13:46 - 2016-12-27 13:52 - 000000000 __SHD [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\$PatchCache$\Managed\00004109A10070400000000000F01FEC\14.0.4763
2010-03-27 07:01 - 2010-03-27 07:01 - 000106848 ___RA [CC6254CF1529059839A1FB1E8F57C43B] () C:\WINDOWS\Installer\$PatchCache$\Managed\00004109A10070400000000000F01FEC\14.0.4763\WWINTL.DLL.IDX_DLL_1031
2010-03-27 02:57 - 2010-03-27 02:57 - 000991576 ___RA [7DD97FEF1A6F4DED13C9FD99915618AE] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\00004109A10070400000000000F01FEC\14.0.4763\WWINTL.DLL_1031
2010-03-27 07:01 - 2010-03-27 07:01 - 000601440 ___RA [4A3E52D42E9C0D57FE2E700C44674A68] () C:\WINDOWS\Installer\$PatchCache$\Managed\00004109A10070400000000000F01FEC\14.0.4763\WWINTL.REST.IDX_DLL_1031
2016-12-27 13:52 - 2016-12-29 13:21 - 000000000 __SHD [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\$PatchCache$\Managed\00004109A10070400000000000F01FEC\14.0.7015
2011-01-08 11:48 - 2011-01-08 11:48 - 000991576 ___RA [9EB1734F56CE30E02F26FC4DF1AF3475] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\00004109A10070400000000000F01FEC\14.0.7015\WWINTL.DLL_1031
2016-12-27 13:46 - 2016-12-27 13:52 - 000000000 _ASHD [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\$PatchCache$\Managed\00004109A20000000100000000F01FEC
2016-12-27 13:46 - 2016-12-29 13:44 - 000000007 ___RA [49C810222615DC0EB326B7FB25245175] () C:\WINDOWS\Installer\$PatchCache$\Managed\00004109A20000000100000000F01FEC\CacheSize.txt
2016-12-27 13:46 - 2016-12-27 13:52 - 000000000 __SHD [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\$PatchCache$\Managed\00004109A20000000100000000F01FEC\14.0.4763
2010-03-25 10:24 - 2010-03-25 10:24 - 005035440 ___RA [821BE22E239922FD114030036FC804BC] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\00004109A20000000100000000F01FEC\14.0.4763\CSI.DLL.x64
2010-03-25 10:24 - 2010-03-25 10:24 - 001784192 ___RA [59A33C373971E019B7E1E69AB8F57822] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\00004109A20000000100000000F01FEC\14.0.4763\CSISOAP.DLL.x64
2008-06-30 01:42 - 2008-06-30 01:42 - 000001343 ___RA [FF4E7C50EF8D79478C07DE965C15D97B] () C:\WINDOWS\Installer\$PatchCache$\Managed\00004109A20000000100000000F01FEC\14.0.4763\CUSTOM.PD.x64
2010-03-24 20:35 - 2010-03-24 20:35 - 000010080 ___RA [B7F48E213410E00C93253AA9C65800AB] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\00004109A20000000100000000F01FEC\14.0.4763\FL_VSTOInstallerUI_enu_amd64.3643236F_FC70_11D3_A536_0090278A1BB8.41B86362_9D8B_4D9B_B426_8A6D1F809A25
2010-03-24 20:12 - 2010-03-24 20:12 - 000010080 ___RA [547FDF13AEDD94D9E6C83CCD0C1518AC] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\00004109A20000000100000000F01FEC\14.0.4763\FL_VSTOInstallerUI_enu_x86.3643236F_FC70_11D3_A536_0090278A1BB8.41B86362_9D8B_4D9B_B426_8A6D1F809A25
2010-03-24 20:35 - 2010-03-24 20:35 - 000018264 ___RA [6AB8E3B4B8A95A8FFE25852F17E37EFD] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\00004109A20000000100000000F01FEC\14.0.4763\FL_VSTOLoaderUI_dll_amd64_ln.3643236F_FC70_11D3_A536_0090278A1BB8.41B86362_9D8B_4D9B_B426_8A6D1F809A25
2010-03-24 20:12 - 2010-03-24 20:12 - 000018264 ___RA [79D3DA5886B55778B362AF0A3F68A74E] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\00004109A20000000100000000F01FEC\14.0.4763\FL_VSTOLoaderUI_dll_x86_ln.3643236F_FC70_11D3_A536_0090278A1BB8.41B86362_9D8B_4D9B_B426_8A6D1F809A25
2010-03-24 20:35 - 2010-03-24 20:35 - 000047976 ___RA [658099AE599A214DC6D5C5F87E6A69AE] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\00004109A20000000100000000F01FEC\14.0.4763\FL_VSTOMessageProvider_amd64.3643236F_FC70_11D3_A536_0090278A1BB8.41B86362_9D8B_4D9B_B426_8A6D1F809A25
2010-03-24 20:12 - 2010-03-24 20:12 - 000049000 ___RA [C928649724F370C82317E8CBC6A95B70] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\00004109A20000000100000000F01FEC\14.0.4763\FL_VSTOMessageProvider_x86.3643236F_FC70_11D3_A536_0090278A1BB8.41B86362_9D8B_4D9B_B426_8A6D1F809A25
2010-03-25 10:41 - 2010-03-25 10:41 - 006722448 ___RA [A71A930E1E61E73DA97423BDB95CE2D8] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\00004109A20000000100000000F01FEC\14.0.4763\GROOVEEX.DLL.x64
2010-01-09 21:34 - 2010-01-09 21:34 - 000242016 ___RA [AA1053B3C22FE6F99986AF864D61675D] () C:\WINDOWS\Installer\$PatchCache$\Managed\00004109A20000000100000000F01FEC\14.0.4763\IEAWSDC.DLL.x64
2010-02-28 02:24 - 2010-02-28 02:24 - 000506744 ___RA [B4D5E03BBD95BF8BAF91E242D1C61DAC] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\00004109A20000000100000000F01FEC\14.0.4763\INLAUNCH.DLL.x64
2010-03-22 21:36 - 2010-03-22 21:36 - 000291792 ___RA [A2137B9568C9701FB4D3F5D62B552A5A] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\00004109A20000000100000000F01FEC\14.0.4763\MAPISHELL.DLL.x64
2010-02-17 21:56 - 2010-02-17 21:56 - 000038768 ___RA [DBC20E893CC63A7B271B37E6E945912F] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\00004109A20000000100000000F01FEC\14.0.4763\MSGFILT.DLL.x64
2010-01-09 21:21 - 2010-01-09 21:21 - 000097152 ___RA [97C2F69C613229A29AB0FA8E9A3D48F1] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\00004109A20000000100000000F01FEC\14.0.4763\MSOHEV.DLL.x64
2010-01-09 21:21 - 2010-01-09 21:21 - 000077184 ___RA [7CC7440BAF323AF4826EDD99CC9A3B4A] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\00004109A20000000100000000F01FEC\14.0.4763\MSOHEVI.DLL.x64
2010-01-10 19:48 - 2010-01-10 19:48 - 000087936 ___RA [78E89DC545E6374C4E6C09C1D3CE0466] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\00004109A20000000100000000F01FEC\14.0.4763\MSOHTMED.EXE.x64
2010-02-17 21:55 - 2010-02-17 21:55 - 001249680 ___RA [FFECCD3CB8BC0821A43A372D85E4B63C] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\00004109A20000000100000000F01FEC\14.0.4763\MSOSHEXT.DLL.x64
2010-02-17 21:56 - 2010-02-17 21:56 - 001312656 ___RA [F9359C2BB1A14F90D14C38E414930BFD] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\00004109A20000000100000000F01FEC\14.0.4763\ODFFILT.DLL.x64
2010-02-17 21:56 - 2010-02-17 21:56 - 001486736 ___RA [D893D826ED60C7F53D7167F813407445] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\00004109A20000000100000000F01FEC\14.0.4763\OFFFILTX.DLL.x64
2010-01-30 02:40 - 2010-01-30 02:40 - 004254560 ___RA [C3DA214AB5FB2E66E61FD8F63F72839F] () C:\WINDOWS\Installer\$PatchCache$\Managed\00004109A20000000100000000F01FEC\14.0.4763\OFFICE.ODF.x64
2010-03-22 21:36 - 2010-03-22 21:36 - 000259456 ___RA [DA96AF701AEFBC053CF1AE24035E8F1A] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\00004109A20000000100000000F01FEC\14.0.4763\OLKFSTUB.DLL.x64
2010-02-28 07:04 - 2010-02-28 07:04 - 000803728 ___RA [6650CE10A98A15D0C5038BC153448540] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\00004109A20000000100000000F01FEC\14.0.4763\ONBTTNIE.DLL.x64
2010-02-28 07:04 - 2010-02-28 07:04 - 000594832 ___RA [B9CC250ADA58934581B3C09C346DD785] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\00004109A20000000100000000F01FEC\14.0.4763\ONBTTNIELINKEDNOTES.DLL.x64
2010-03-30 08:35 - 2010-03-30 08:35 - 001583472 ___RA [A322298B3FC81C083B1BCE6D83A43F90] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\00004109A20000000100000000F01FEC\14.0.4763\ONFILTER.DLL.x64
2010-03-29 20:30 - 2010-03-29 20:30 - 000079264 ___RA [22D7D95F6A7FEFC2CB20754B9911B3E7] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\00004109A20000000100000000F01FEC\14.0.4763\ONLNTCOMLIB.DLL.x64
2010-02-28 02:23 - 2010-02-28 02:23 - 000688528 ___RA [24B5B7ACFC435F8F1B14B1179C27B4C8] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\00004109A20000000100000000F01FEC\14.0.4763\URLREDIR.DLL.x64
2010-02-28 03:32 - 2010-02-28 03:32 - 002124152 ___RA [90337628F1E989316F1347B71356276C] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\00004109A20000000100000000F01FEC\14.0.4763\VISFILT.DLL.x64
2010-03-12 23:25 - 2010-03-12 23:25 - 000976240 ___RA [2F4759C23ABCD639AC3CA7F8FA9480AC] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\00004109A20000000100000000F01FEC\14.0.4763\VISSHE.DLL.x64
2016-12-27 13:52 - 2016-12-29 13:44 - 000000000 __SHD [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\$PatchCache$\Managed\00004109A20000000100000000F01FEC\14.0.7015
2010-03-24 18:21 - 2010-03-24 18:21 - 000000135 ___RA [36E9ABDF1C19EFE361CFFEE3CCC11D36] () C:\WINDOWS\Installer\$PatchCache$\Managed\00004109A20000000100000000F01FEC\14.0.7015\ActionsPane3.xsd_x86.3643236F_FC70_11D3_A536_0090278A1BB8.41B86362_9D8B_4D9B_B426_8A6D1F809A25
2013-06-27 22:07 - 2013-06-27 22:07 - 005079800 ___RA [78A8B5905EE8C64FF04A8D7E092F60D7] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\00004109A20000000100000000F01FEC\14.0.7015\CSI.DLL.x64
2013-03-09 00:13 - 2013-03-09 00:13 - 006669000 ___RA [C280A94B35DD9ED6A5C3B735AF3C4E28] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\00004109A20000000100000000F01FEC\14.0.7015\GROOVEEX.DLL.x64
2012-03-14 04:34 - 2012-03-14 04:34 - 000243488 ___RA [14F212B295C474375ECA1181DAACE60F] () C:\WINDOWS\Installer\$PatchCache$\Managed\00004109A20000000100000000F01FEC\14.0.7015\IEAWSDC.DLL.x64
2013-06-25 04:25 - 2013-06-25 04:25 - 001332952 ___RA [D0DDA18DFE2E86446C199D8EB8CDF56F] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\00004109A20000000100000000F01FEC\14.0.7015\ODFFILT.DLL.x64
2013-06-25 04:25 - 2013-06-25 04:25 - 001509592 ___RA [CC432FB65C509A7866FD520514150071] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\00004109A20000000100000000F01FEC\14.0.7015\OFFFILTX.DLL.x64
2013-04-04 01:09 - 2013-04-04 01:09 - 004300432 ___RA [408AAD77F293E6DB1DDCCF8F3E9534AF] () C:\WINDOWS\Installer\$PatchCache$\Managed\00004109A20000000100000000F01FEC\14.0.7015\OFFICE.ODF.x64
2013-03-09 00:04 - 2013-03-09 00:04 - 000806088 ___RA [3EA4F3F6DF7C50B975377E8E4171E1B2] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\00004109A20000000100000000F01FEC\14.0.7015\ONBTTNIE.DLL.x64
2013-03-09 00:04 - 2013-03-09 00:04 - 000596680 ___RA [050ABBB500AFD32EA3AD58D2F6B2C446] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\00004109A20000000100000000F01FEC\14.0.7015\ONBTTNIELINKEDNOTES.DLL.x64
2013-03-06 09:02 - 2013-03-06 09:02 - 002127024 ___RA [4AB72A43DB461EBE8A67F9032CE5A9C8] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\00004109A20000000100000000F01FEC\14.0.7015\VISFILT.DLL.x64
2016-12-27 13:49 - 2016-12-27 13:52 - 000000000 _ASHD [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\$PatchCache$\Managed\00004109A20070400100000000F01FEC
2016-12-27 13:52 - 2016-12-27 13:52 - 000000006 ___RA [8518262C12B0D0680B625FA6B67AA93F] () C:\WINDOWS\Installer\$PatchCache$\Managed\00004109A20070400100000000F01FEC\CacheSize.txt
2016-12-27 13:49 - 2016-12-27 13:52 - 000000000 __SHD [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\$PatchCache$\Managed\00004109A20070400100000000F01FEC\14.0.4763
2009-10-22 05:21 - 2009-10-22 05:21 - 000010576 ___RA [91B94D09D4BF7EA40D3F05E2DCD9DF9B] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\00004109A20070400100000000F01FEC\14.0.4763\FL_VSTOInstallerUI_lp_deu_amd64.3643236F_FC70_11D3_A536_0090278A1BB8.F2F63F59_3142_49C0_8FC4_E5D9AA59743A
2009-10-22 05:08 - 2009-10-22 05:08 - 000010576 ___RA [C385AFC6685759F398210FB7BA3D1143] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\00004109A20070400100000000F01FEC\14.0.4763\FL_VSTOInstallerUI_lp_deu_x86.3643236F_FC70_11D3_A536_0090278A1BB8.F2F63F59_3142_49C0_8FC4_E5D9AA59743A
2009-10-22 05:21 - 2009-10-22 05:21 - 000019784 ___RA [9F6652E56104796D4F56B696398EFCCA] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\00004109A20070400100000000F01FEC\14.0.4763\FL_VSTOLoaderUI_dll_122707_122707_amd64_deu.3643236F_FC70_11D3_A536_0090278A1BB8.F2F63F59_3142_49C0_8FC4_E5D9AA59743A
2009-10-22 05:08 - 2009-10-22 05:08 - 000019784 ___RA [D656CBD20947572F379FFD1945233223] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\00004109A20070400100000000F01FEC\14.0.4763\FL_VSTOLoaderUI_dll_122707_122707_x86_deu.3643236F_FC70_11D3_A536_0090278A1BB8.F2F63F59_3142_49C0_8FC4_E5D9AA59743A
2010-03-25 03:39 - 2010-03-25 03:39 - 008946088 ___RA [42D8E7218BE946F3AA8CE2CBDD26D672] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\00004109A20070400100000000F01FEC\14.0.4763\GROOVEINTLRESOURCE.DLL.x64.1031
2016-12-27 13:52 - 2016-12-27 13:52 - 000000000 __SHD [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\$PatchCache$\Managed\00004109A20070400100000000F01FEC\14.0.7015
2016-12-27 13:48 - 2016-12-27 13:52 - 000000000 _ASHD [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\$PatchCache$\Managed\00004109AB0070400000000000F01FEC
2016-12-27 13:52 - 2016-12-27 13:52 - 000000006 ___RA [E1912A755E254758FF769FF16E0234BE] () C:\WINDOWS\Installer\$PatchCache$\Managed\00004109AB0070400000000000F01FEC\CacheSize.txt
2016-12-27 13:48 - 2016-12-27 13:52 - 000000000 __SHD [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\$PatchCache$\Managed\00004109AB0070400000000000F01FEC\14.0.4763
2010-03-25 03:45 - 2010-03-25 03:45 - 008945576 ___RA [36D90C880DC62538720A098F470E9767] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\00004109AB0070400000000000F01FEC\14.0.4763\GROOVEINTLRESOURCE.DLL.x86.1031
2016-12-27 13:52 - 2016-12-27 13:52 - 000000000 __SHD [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\$PatchCache$\Managed\00004109AB0070400000000000F01FEC\14.0.7015
2016-12-27 13:49 - 2016-12-27 13:52 - 000000000 _ASHD [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\$PatchCache$\Managed\00004109B10070400000000000F01FEC
2016-12-27 13:52 - 2016-12-27 13:52 - 000000006 ___RA [1B22BD3F7424D56461F151668632E62F] () C:\WINDOWS\Installer\$PatchCache$\Managed\00004109B10070400000000000F01FEC\CacheSize.txt
2016-12-27 13:49 - 2016-12-29 13:23 - 000000000 __SHD [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\$PatchCache$\Managed\00004109B10070400000000000F01FEC\14.0.4763
2009-10-27 08:45 - 2009-10-27 08:45 - 000577123 ___RA [191D9F4B7FA82344AA0C990D5D99211D] () C:\WINDOWS\Installer\$PatchCache$\Managed\00004109B10070400000000000F01FEC\14.0.4763\NEWSPRINT.DOTX_1031
2009-10-27 08:45 - 2009-10-27 08:45 - 000023263 ___RA [2EA34539C092C028B0F043927D73B2BC] () C:\WINDOWS\Installer\$PatchCache$\Managed\00004109B10070400000000000F01FEC\14.0.4763\PERSPECTIVE.DOTX_1031
2007-11-20 17:59 - 2007-11-20 17:59 - 000210432 ___RA [94606DF4073A0FC8BAAE04311171BE21] () C:\WINDOWS\Installer\$PatchCache$\Managed\00004109B10070400000000000F01FEC\14.0.4763\VBALISTE.XLS_1031
2010-03-27 07:01 - 2010-03-27 07:01 - 000106848 ___RA [CC6254CF1529059839A1FB1E8F57C43B] () C:\WINDOWS\Installer\$PatchCache$\Managed\00004109B10070400000000000F01FEC\14.0.4763\WWINTL.DLL.IDX_DLL_1031
2010-03-27 02:57 - 2010-03-27 02:57 - 000991576 ___RA [7DD97FEF1A6F4DED13C9FD99915618AE] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\00004109B10070400000000000F01FEC\14.0.4763\WWINTL.DLL_1031
2010-03-27 07:01 - 2010-03-27 07:01 - 000601440 ___RA [4A3E52D42E9C0D57FE2E700C44674A68] () C:\WINDOWS\Installer\$PatchCache$\Managed\00004109B10070400000000000F01FEC\14.0.4763\WWINTL.REST.IDX_DLL_1031
2010-03-20 21:28 - 2010-03-20 21:28 - 000098656 ___RA [B0C522FAD761CF3BDB22BE3FB22038CB] () C:\WINDOWS\Installer\$PatchCache$\Managed\00004109B10070400000000000F01FEC\14.0.4763\XLINTL32.DLL.IDX_DLL_1031
2010-03-20 13:50 - 2010-03-20 13:50 - 002580352 ___RA [C87369081103C7E0D41D2C61E879D7CD] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\00004109B10070400000000000F01FEC\14.0.4763\XLINTL32.DLL_1031
2010-03-20 21:28 - 2010-03-20 21:28 - 000377184 ___RA [E4DEB21F006CE7543F57DAC35155C7C7] () C:\WINDOWS\Installer\$PatchCache$\Managed\00004109B10070400000000000F01FEC\14.0.4763\XLINTL32.REST.IDX_DLL_1031
2010-03-20 13:50 - 2010-03-20 13:50 - 000043904 ___RA [99D8BED6F4C8A0078D8B1A3BB822EB96] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\00004109B10070400000000000F01FEC\14.0.4763\XLLEX.DLL_1031
2016-12-27 13:52 - 2016-12-27 13:52 - 000000000 __SHD [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\$PatchCache$\Managed\00004109B10070400000000000F01FEC\14.0.7015
2011-01-08 11:48 - 2011-01-08 11:48 - 000991576 ___RA [9EB1734F56CE30E02F26FC4DF1AF3475] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\00004109B10070400000000000F01FEC\14.0.7015\WWINTL.DLL_1031
2011-02-19 01:39 - 2011-02-19 01:39 - 002580352 ___RA [54A29599921C96777ADD995C883BF79B] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\00004109B10070400000000000F01FEC\14.0.7015\XLINTL32.DLL_1031
2016-12-27 13:49 - 2016-12-27 13:52 - 000000000 _ASHD [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\$PatchCache$\Managed\00004109C20070400000000000F01FEC
2016-12-27 13:49 - 2016-12-27 13:49 - 000000000 __SHD [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\$PatchCache$\Managed\00004109C20070400000000000F01FEC\14.0.4763
2016-12-27 13:52 - 2016-12-27 13:52 - 000000000 __SHD [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\$PatchCache$\Managed\00004109C20070400000000000F01FEC\14.0.7015
2016-12-27 13:47 - 2016-12-27 13:52 - 000000000 _ASHD [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\$PatchCache$\Managed\00004109E60070400000000000F01FEC
2016-12-27 13:47 - 2016-12-29 13:42 - 000000006 ___RA [DBB857A1983B401492B5DC5CD1BE38AD] () C:\WINDOWS\Installer\$PatchCache$\Managed\00004109E60070400000000000F01FEC\CacheSize.txt
2016-12-27 13:47 - 2017-10-11 10:56 - 000000000 __SHD [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\$PatchCache$\Managed\00004109E60070400000000000F01FEC\14.0.4763
2010-03-23 06:36 - 2010-03-23 06:36 - 000858000 ___RA [90D2C5D54C574A3302F1515F49E2D82A] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\00004109E60070400000000000F01FEC\14.0.4763\ACEWSTR.DLL_1031
2010-03-26 22:13 - 2010-03-26 22:13 - 000014200 ___RA [1A467729224763A1DAA39604D72E9C0F] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\00004109E60070400000000000F01FEC\14.0.4763\BRANDING.DLL_1031
2010-03-27 05:50 - 2010-03-27 05:50 - 000801378 ___RA [185FF3A2853ED1025870B6604B7BBEDE] () C:\WINDOWS\Installer\$PatchCache$\Managed\00004109E60070400000000000F01FEC\14.0.4763\BRANDING.XML_1031
2010-03-20 20:01 - 2010-03-20 20:01 - 000448392 ___RA [B123136AD16B958D7A69DB8CC5476366] (Access Softek, Inc.) C:\WINDOWS\Installer\$PatchCache$\Managed\00004109E60070400000000000F01FEC\14.0.4763\EPSIMP32.FLT_1031
2009-10-22 05:08 - 2009-10-22 05:08 - 000049152 ___RA [9E25D63333112F04966B14DBA89C7627] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\00004109E60070400000000000F01FEC\14.0.4763\FL_Microsoft.VisualStudio.Tools.Applications.ServerDocument.v10_GAC_res_x86.deu.363843CE_60C8_4066_8093_68BA5A039B17
2009-10-21 22:08 - 2009-10-21 22:08 - 000004608 ___RA [EB319709616067A09E083F2F7C5B231F] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\00004109E60070400000000000F01FEC\14.0.4763\FL_Microsoft.VisualStudio.Tools.Office.Word.AddInProxy_Resources.x86.deu.363843CE_60C8_4066_8093_68BA5A039B17
2009-10-22 05:08 - 2009-10-22 05:08 - 000032768 ___RA [7B000B87FAF0C37A6654A2B32AA41246] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\00004109E60070400000000000F01FEC\14.0.4763\FL_Microsoft_VisualStudio_Tools_Applications_Hosting_v10_res_x86_deu.363843CE_60C8_4066_8093_68BA5A039B17
2009-10-21 22:08 - 2009-10-21 22:08 - 000015872 ___RA [8F924CAA0754428C1169B47F7DCD7BAB] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\00004109E60070400000000000F01FEC\14.0.4763\FL_Microsoft_VisualStudio_Tools_Applications_Hosting_v9_res_x86_deu.363843CE_60C8_4066_8093_68BA5A039B17
2009-10-21 22:08 - 2009-10-21 22:08 - 000028672 ___RA [35FA8D0F585A4444C4C59BC1E59CA855] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\00004109E60070400000000000F01FEC\14.0.4763\FL_Microsoft_VisualStudio_Tools_Applications_Runtime_GAC_resources_x86.deu.363843CE_60C8_4066_8093_68BA5A039B17
2009-10-21 22:08 - 2009-10-21 22:08 - 000028672 ___RA [9A034D6117006ED2662BB461BDDE8A47] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\00004109E60070400000000000F01FEC\14.0.4763\FL_MSVSTAServerDoc_res_GAC_x86.deu.363843CE_60C8_4066_8093_68BA5A039B17
2009-10-21 22:08 - 2009-10-21 22:08 - 000032768 ___RA [FDDEBB59127F66D5A6CEE8419A76BD92] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\00004109E60070400000000000F01FEC\14.0.4763\FL_MSVSTOAppInfoDocument_Resources_GAC_v9_deu_x86.363843CE_60C8_4066_8093_68BA5A039B17
2009-10-22 05:08 - 2009-10-22 05:08 - 000004096 ___RA [DFABE332777349D886EBC96E980B35E5] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\00004109E60070400000000000F01FEC\14.0.4763\FL_MSVSTOWordHostAdapter_Resources_GAC_v10_deu_x86.363843CE_60C8_4066_8093_68BA5A039B17
2009-10-22 05:08 - 2009-10-22 05:08 - 000010576 ___RA [C385AFC6685759F398210FB7BA3D1143] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\00004109E60070400000000000F01FEC\14.0.4763\FL_VSTOInstallerUI_lp_deu_x86.3643236F_FC70_11D3_A536_0090278A1BB8.5326715A_77CF_482B_8CA0_13476898242B
2009-10-22 05:08 - 2009-10-22 05:08 - 000019784 ___RA [D656CBD20947572F379FFD1945233223] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\00004109E60070400000000000F01FEC\14.0.4763\FL_VSTOLoaderUI_dll_122707_122707_x86_deu.3643236F_FC70_11D3_A536_0090278A1BB8.5326715A_77CF_482B_8CA0_13476898242B
2010-03-20 21:20 - 2010-03-20 21:20 - 000030080 ___RA [7F01D5A228D3702CADD9FB821225A8CC] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\00004109E60070400000000000F01FEC\14.0.4763\LOBIRES.DLL_1031
1997-08-19 01:37 - 1997-08-19 01:37 - 000015067 ___RA [2D6E9B31482030D4FEF06BCE9365CC76] () C:\WINDOWS\Installer\$PatchCache$\Managed\00004109E60070400000000000F01FEC\14.0.4763\MS.EPS_1031
2010-03-23 08:19 - 2010-03-23 08:19 - 000055648 ___RA [57AA14E4F690D5E4C654D319DAA922CC] () C:\WINDOWS\Installer\$PatchCache$\Managed\00004109E60070400000000000F01FEC\14.0.4763\MSOINTL.DLL.IDX_DLL.x86.1031
2010-03-23 06:06 - 2010-03-23 06:06 - 003203968 ___RA [4200D2D6152A30F5DD481D0F9ACC585D] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\00004109E60070400000000000F01FEC\14.0.4763\MSOINTL.DLL.x86.1031
2010-03-23 08:19 - 2010-03-23 08:19 - 001366368 ___RA [799B598D615B7CFD65BC79DD1EDB016B] () C:\WINDOWS\Installer\$PatchCache$\Managed\00004109E60070400000000000F01FEC\14.0.4763\MSOINTL.REST.IDX_DLL.x86.1031
2010-03-20 17:42 - 2010-03-20 17:42 - 000079192 ___RA [5F016DD88A980689956C7F94148CAFEC] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\00004109E60070400000000000F01FEC\14.0.4763\MSTINTL.DLL_1031
2010-01-09 21:18 - 2010-01-09 21:18 - 000149352 ___RA [9D10F99A6712E28F8ACD5641E3A7EA6B] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\00004109E60070400000000000F01FEC\14.0.4763\OSE.EXE
2010-03-20 22:42 - 2010-03-20 22:42 - 000222080 ___RA [E18CA56384880C9EA3029DBD08A20FB1] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\00004109E60070400000000000F01FEC\14.0.4763\OSETUPUI.DLL_1031
2010-03-20 20:01 - 2010-03-20 20:01 - 000063856 ___RA [BC573225249B6E9CDA43844BF911A394] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\00004109E60070400000000000F01FEC\14.0.4763\PICTIM32.FLT_1031
2010-03-25 05:29 - 2010-03-25 05:29 - 000233360 ___RA [B13847A05A859148F798418D3D6E5F88] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\00004109E60070400000000000F01FEC\14.0.4763\STSUCRES.DLL_0002.x86.1031
2010-02-25 11:07 - 2010-02-25 11:07 - 000180560 ___RA [7516A5EBF61721856F2FE56F26B597DC] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\00004109E60070400000000000F01FEC\14.0.4763\VBE7INTL.DLL_1031
2010-01-09 21:50 - 2010-01-09 21:50 - 000014216 ___RA [E22E142C4C467475D0E5C9BD92416EC3] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\00004109E60070400000000000F01FEC\14.0.4763\WPEQU532.DLL_1031
2010-03-20 18:31 - 2010-03-20 18:31 - 000181104 ___RA [B4ABB6215CAC0F874880580DBEF8492E] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\00004109E60070400000000000F01FEC\14.0.4763\WPFT532.CNV_1031
2010-03-20 18:31 - 2010-03-20 18:31 - 000228720 ___RA [3BC8CBB24AE6EA7A936553EBC0AFDC8A] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\00004109E60070400000000000F01FEC\14.0.4763\WPFT632.CNV_1031
2016-12-27 13:52 - 2016-12-29 13:33 - 000000000 __SHD [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\$PatchCache$\Managed\00004109E60070400000000000F01FEC\14.0.7015
2012-12-14 15:05 - 2012-12-14 15:05 - 003205728 ___RA [E30494F32D0B03C88A3A33488C05A330] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\00004109E60070400000000000F01FEC\14.0.7015\MSOINTL.DLL.x86.1031
2013-03-06 22:26 - 2013-03-06 22:26 - 000181920 ___RA [39CD60CA41CF5EDB4E120ED8053903C4] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\00004109E60070400000000000F01FEC\14.0.7015\WPFT532.CNV_1031
2012-10-22 04:59 - 2012-10-22 04:59 - 000229968 ___RA [799950C80F999FAF96C1857F7A8A480B] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\00004109E60070400000000000F01FEC\14.0.7015\WPFT632.CNV_1031
2016-12-27 13:46 - 2016-12-27 13:52 - 000000000 _ASHD [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\$PatchCache$\Managed\00004109F10001400000000000F01FEC
2016-12-27 13:46 - 2016-12-29 13:30 - 000000006 ___RA [6EEEB72E6AE3C7F9305C18336B086279] () C:\WINDOWS\Installer\$PatchCache$\Managed\00004109F10001400000000000F01FEC\CacheSize.txt
2016-12-27 13:46 - 2016-12-27 13:46 - 000000000 __SHD [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\$PatchCache$\Managed\00004109F10001400000000000F01FEC\14.0.4763
2010-03-29 21:47 - 2010-03-29 21:47 - 000182152 ___RA [E329112FC896062E317A263D144394D7] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\00004109F10001400000000000F01FEC\14.0.4763\MSHY2_EN.DLL_1040
2010-03-29 21:47 - 2010-03-29 21:47 - 000536960 ___RA [4270259673A5EF0C1373581C00F87427] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\00004109F10001400000000000F01FEC\14.0.4763\MSSPELL3.DLL_1040
2010-03-29 21:47 - 2010-03-29 21:47 - 000341888 ___RA [36F3C89164EA769215AD07EDBEAA3E0C] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\00004109F10001400000000000F01FEC\14.0.4763\MSTHES3.DLL_1040
2016-12-27 13:52 - 2016-12-29 13:30 - 000000000 __SHD [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\$PatchCache$\Managed\00004109F10001400000000000F01FEC\14.0.7015
2012-10-31 12:41 - 2012-10-31 12:41 - 000182904 ___RA [CD479A3ED1710021F6E5CD0A72C2B9CE] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\00004109F10001400000000000F01FEC\14.0.7015\MSHY2_EN.DLL_1040
2010-12-21 00:55 - 2010-12-21 00:55 - 000274944 ___RA [315633F4FF0752C15E2B5C440E8CA4CC] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\00004109F10001400000000000F01FEC\14.0.7015\MSHY2_EN.LEX_1040
2010-12-21 00:56 - 2010-12-21 00:56 - 001840128 ___RA [82123155CA54627D33E7BA76492F9A9E] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\00004109F10001400000000000F01FEC\14.0.7015\MSSP3EN.LEX_1040
2012-10-31 12:41 - 2012-10-31 12:41 - 001588832 ___RA [E189409FB313D110941128D270E95BCD] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\00004109F10001400000000000F01FEC\14.0.7015\MSSPELL3.DLL_1040
2010-12-21 00:54 - 2010-12-21 00:54 - 016972288 ___RA [56DA5C99AA85C65227A6A5AA875A2855] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\00004109F10001400000000000F01FEC\14.0.7015\MSTH3AM.LEX_1040
2012-10-31 12:41 - 2012-10-31 12:41 - 000342648 ___RA [41F60FEEBED22AEDD90CFE3C060794B8] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\00004109F10001400000000000F01FEC\14.0.7015\MSTHES3.DLL_1040
2016-12-27 13:46 - 2016-12-27 13:52 - 000000000 _ASHD [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\$PatchCache$\Managed\00004109F10070400000000000F01FEC
2016-12-27 13:46 - 2016-12-29 13:30 - 000000007 ___RA [9191DD1C9E6E579FEFE77CBDF2A1FD8D] () C:\WINDOWS\Installer\$PatchCache$\Managed\00004109F10070400000000000F01FEC\CacheSize.txt
2016-12-27 13:46 - 2016-12-27 13:46 - 000000000 __SHD [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\$PatchCache$\Managed\00004109F10070400000000000F01FEC\14.0.4763
2010-03-29 21:47 - 2010-03-29 21:47 - 000306584 ___RA [5E9CFE4A1755B9BD288661539A743C14] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\00004109F10070400000000000F01FEC\14.0.4763\CSS7.DLL_1031
2010-03-29 20:28 - 2010-03-29 20:28 - 000002048 ___RA [E5B7E214D02D88CFC0FD5924A932A109] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\00004109F10070400000000000F01FEC\14.0.4763\CSS7CM.DUB_1031
2010-03-29 21:47 - 2010-03-29 21:47 - 000471984 ___RA [E13C470E00E6117FF44FDADE1DE666BC] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\00004109F10070400000000000F01FEC\14.0.4763\CSS7DATA.DLL_1031
2010-03-29 20:28 - 2010-03-29 20:28 - 000002560 ___RA [36F042267710C9B84717D61A83B4C5C7] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\00004109F10070400000000000F01FEC\14.0.4763\CSS7WRE.DUB_1031
2009-11-06 14:56 - 2009-11-06 14:56 - 001443656 ___RA [A44B567C92974CB9FAA66931EFB8F711] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\00004109F10070400000000000F01FEC\14.0.4763\MSGR3EN.DLL_1031
2010-03-29 21:47 - 2010-03-29 21:47 - 000182152 ___RA [A4874A52E1BEE4AA59DB9541D5760D2D] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\00004109F10070400000000000F01FEC\14.0.4763\MSHY2_EN.DLL_1031
2010-03-29 21:47 - 2010-03-29 21:47 - 000536960 ___RA [34E5F97271B66C32905132F67211069A] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\00004109F10070400000000000F01FEC\14.0.4763\MSSPELL3.DLL_1031
2010-03-29 21:47 - 2010-03-29 21:47 - 000341888 ___RA [6B580F5616AFD42895A50AF5607E2474] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\00004109F10070400000000000F01FEC\14.0.4763\MSTHES3.DLL_1031
2010-03-29 21:47 - 2010-03-29 21:47 - 006443952 ___RA [F42B8B50F85AD662C1D25A171191E8A3] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\00004109F10070400000000000F01FEC\14.0.4763\NL7MODEL.DLL_1031
2016-12-27 13:52 - 2016-12-29 13:30 - 000000000 __SHD [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\$PatchCache$\Managed\00004109F10070400000000000F01FEC\14.0.7015
2012-10-31 12:41 - 2012-10-31 12:41 - 000307336 ___RA [9E8BD8288C5F462629B70A34694BBD9A] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\00004109F10070400000000000F01FEC\14.0.7015\CSS7.DLL_1031
2011-09-02 00:45 - 2011-09-02 00:45 - 000002048 ___RA [57F31FD7BE3695CFADC92FC04A7BDC01] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\00004109F10070400000000000F01FEC\14.0.7015\CSS7CM.DUB_1031
2011-09-02 00:45 - 2011-09-02 00:45 - 000471984 ___RA [D7FABB6B7E1D3B56BECF116C8B217BB0] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\00004109F10070400000000000F01FEC\14.0.7015\CSS7DATA.DLL_1031
2011-09-02 00:45 - 2011-09-02 00:45 - 000002560 ___RA [44E45A7BBEA00A6B7704F80A5953F7AC] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\00004109F10070400000000000F01FEC\14.0.7015\CSS7WRE.DUB_1031
2011-09-13 06:42 - 2011-09-13 06:42 - 001444584 ___RA [AAA915E319F7487E707BD949E56794B5] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\00004109F10070400000000000F01FEC\14.0.7015\MSGR3EN.DLL_1031
2012-10-31 12:41 - 2012-10-31 12:41 - 000182888 ___RA [2BCD25DF037A19F1168D708BD6CA2172] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\00004109F10070400000000000F01FEC\14.0.7015\MSHY2_EN.DLL_1031
2011-09-02 00:45 - 2011-09-02 00:45 - 001557504 ___RA [521D640D974B049960CD6FAA3816A81B] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\00004109F10070400000000000F01FEC\14.0.7015\MSHY2_EN.LEX_1031
2011-09-02 00:45 - 2011-09-02 00:45 - 004419584 ___RA [79300E1D143CBC8D82DB409B2B974055] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\00004109F10070400000000000F01FEC\14.0.7015\MSSP3EN.LEX_1031
2012-10-31 12:41 - 2012-10-31 12:41 - 001588856 ___RA [3D2999723CE0BB04B0897C5E788A6E00] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\00004109F10070400000000000F01FEC\14.0.7015\MSSPELL3.DLL_1031
2011-09-02 00:46 - 2011-09-02 00:46 - 008422400 ___RA [2FE28F9CF9C0041D5808AB0D5A7F1E1F] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\00004109F10070400000000000F01FEC\14.0.7015\MSTH3AM.LEX_1031
2012-10-31 12:41 - 2012-10-31 12:41 - 000342648 ___RA [E02F771CB357F058397BD9AD0AD8CE19] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\00004109F10070400000000000F01FEC\14.0.7015\MSTHES3.DLL_1031
2011-09-02 00:46 - 2011-09-02 00:46 - 006443952 ___RA [C5903D9D6AB46489A4444D75023D1FFB] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\00004109F10070400000000000F01FEC\14.0.7015\NL7MODEL.DLL_1031
2016-12-27 13:49 - 2016-12-27 13:52 - 000000000 _ASHD [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\$PatchCache$\Managed\00004109F10090400000000000F01FEC
2016-12-27 13:52 - 2016-12-29 13:30 - 000000006 ___RA [25681D6D4805E77E1B5187BA34B56840] () C:\WINDOWS\Installer\$PatchCache$\Managed\00004109F10090400000000000F01FEC\CacheSize.txt
2016-12-27 13:49 - 2016-12-27 13:52 - 000000000 __SHD [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\$PatchCache$\Managed\00004109F10090400000000000F01FEC\14.0.4763
|
|
26.11.2017, 17:39
| #12 |
| | windows10: AVIRA meldet Trojaner-FundCode:
ATTFilter 2014-03-01 05:03 - 2014-03-01 05:03 - 000000000 _ASHD [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\$PatchCache$\Managed\E6FE6646E007F07449BC0D5030208CE4
2014-03-01 05:03 - 2014-03-01 05:03 - 000000000 __SHD [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\$PatchCache$\Managed\E6FE6646E007F07449BC0D5030208CE4\1.2.0
2010-03-18 09:15 - 2010-03-18 09:15 - 000138056 ___RA [36D7D05505951F542922DF4C725CC57D] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\E6FE6646E007F07449BC0D5030208CE4\1.2.0\F_CENTRAL_atl100_x86.DF495DFD_79F6_34DF_BB1E_E58DB5BDCF2C
2010-03-18 09:15 - 2010-03-18 09:15 - 004342088 ___RA [07BCCDCC337D393D7DB0B2F8FE200B3F] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\E6FE6646E007F07449BC0D5030208CE4\1.2.0\F_CENTRAL_mfc100_x86.DF495DFD_79F6_34DF_BB1E_E58DB5BDCF2C
2010-03-18 09:15 - 2010-03-18 09:15 - 000036176 ___RA [8BF73FAA44C897C1812F2DACF0EAAF8A] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\E6FE6646E007F07449BC0D5030208CE4\1.2.0\F_CENTRAL_mfc100chs_x86.DF495DFD_79F6_34DF_BB1E_E58DB5BDCF2C
2010-03-18 09:15 - 2010-03-18 09:15 - 000036176 ___RA [4AD997573259D5BBF211D9FB2BBA3DB0] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\E6FE6646E007F07449BC0D5030208CE4\1.2.0\F_CENTRAL_mfc100cht_x86.DF495DFD_79F6_34DF_BB1E_E58DB5BDCF2C
2010-03-18 09:15 - 2010-03-18 09:15 - 000064336 ___RA [5F522204B79025F0D5870076111409F3] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\E6FE6646E007F07449BC0D5030208CE4\1.2.0\F_CENTRAL_mfc100deu_x86.DF495DFD_79F6_34DF_BB1E_E58DB5BDCF2C
2010-03-18 09:15 - 2010-03-18 09:15 - 000055120 ___RA [D21165B7DBCC968CD829C00608F5694E] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\E6FE6646E007F07449BC0D5030208CE4\1.2.0\F_CENTRAL_mfc100enu_x86.DF495DFD_79F6_34DF_BB1E_E58DB5BDCF2C
2010-03-18 09:15 - 2010-03-18 09:15 - 000063824 ___RA [81C0790DBD237317E4BA2908F53E045A] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\E6FE6646E007F07449BC0D5030208CE4\1.2.0\F_CENTRAL_mfc100esn_x86.DF495DFD_79F6_34DF_BB1E_E58DB5BDCF2C
2010-03-18 09:15 - 2010-03-18 09:15 - 000064336 ___RA [BDB98792CE6C2654F14E1BF47263527B] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\E6FE6646E007F07449BC0D5030208CE4\1.2.0\F_CENTRAL_mfc100fra_x86.DF495DFD_79F6_34DF_BB1E_E58DB5BDCF2C
2010-03-18 09:15 - 2010-03-18 09:15 - 000062288 ___RA [3301A48EC56740776326760858936BCD] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\E6FE6646E007F07449BC0D5030208CE4\1.2.0\F_CENTRAL_mfc100ita_x86.DF495DFD_79F6_34DF_BB1E_E58DB5BDCF2C
2010-03-18 09:15 - 2010-03-18 09:15 - 000043856 ___RA [6A7F31C6FAFEA0EF7F17A9B17B247254] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\E6FE6646E007F07449BC0D5030208CE4\1.2.0\F_CENTRAL_mfc100jpn_x86.DF495DFD_79F6_34DF_BB1E_E58DB5BDCF2C
2010-03-18 09:15 - 2010-03-18 09:15 - 000043344 ___RA [B5A093F44E7E5C618A7698839DF6583C] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\E6FE6646E007F07449BC0D5030208CE4\1.2.0\F_CENTRAL_mfc100kor_x86.DF495DFD_79F6_34DF_BB1E_E58DB5BDCF2C
2010-03-18 09:15 - 2010-03-18 09:15 - 000060752 ___RA [6D163D436251978D14E4C80F33385D76] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\E6FE6646E007F07449BC0D5030208CE4\1.2.0\F_CENTRAL_mfc100rus_x86.DF495DFD_79F6_34DF_BB1E_E58DB5BDCF2C
2010-03-18 09:15 - 2010-03-18 09:15 - 004368720 ___RA [F841F32AD816DBF130F10D86FAB99B1A] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\E6FE6646E007F07449BC0D5030208CE4\1.2.0\F_CENTRAL_mfc100u_x86.DF495DFD_79F6_34DF_BB1E_E58DB5BDCF2C
2010-03-18 09:15 - 2010-03-18 09:15 - 000080208 ___RA [09FF12BAE0EB3E6E688609095390D34B] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\E6FE6646E007F07449BC0D5030208CE4\1.2.0\F_CENTRAL_mfcm100_x86.DF495DFD_79F6_34DF_BB1E_E58DB5BDCF2C
2010-03-18 09:15 - 2010-03-18 09:15 - 000080720 ___RA [9BF0CB63876BA82B8178EC733F6510C7] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\E6FE6646E007F07449BC0D5030208CE4\1.2.0\F_CENTRAL_mfcm100u_x86.DF495DFD_79F6_34DF_BB1E_E58DB5BDCF2C
2010-03-18 09:15 - 2010-03-18 09:15 - 000421200 ___RA [03E9314004F504A14A61C3D364B62F66] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\E6FE6646E007F07449BC0D5030208CE4\1.2.0\F_CENTRAL_msvcp100_x86.DF495DFD_79F6_34DF_BB1E_E58DB5BDCF2C
2010-03-18 09:15 - 2010-03-18 09:15 - 000770384 ___RA [67EC459E42D3081DD8FD34356F7CAFC1] (Microsoft Corporation) C:\WINDOWS\Installer\$PatchCache$\Managed\E6FE6646E007F07449BC0D5030208CE4\1.2.0\F_CENTRAL_msvcr100_x86.DF495DFD_79F6_34DF_BB1E_E58DB5BDCF2C
2014-03-02 14:50 - 2014-03-02 14:50 - 000000000 ____D [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\_{302600C1-6BDF-4FD1-1307-148929CC1385}
2014-03-02 14:50 - 2014-03-02 14:50 - 060957266 ____A [7A3BC73F8530650FC3AA55AE9E5F1576] () C:\WINDOWS\Installer\_{302600C1-6BDF-4FD1-1307-148929CC1385}\E8FF0748-2339-49f9-9A79-824D7561736C.cab
2014-03-02 14:50 - 2013-09-27 12:19 - 004034560 ____A [332DF25AE9CBA2558F9626C424D6232E] () C:\WINDOWS\Installer\_{302600C1-6BDF-4FD1-1307-148929CC1385}\Intel Bluetooth Audio.msi
2014-03-02 14:50 - 2013-09-27 12:19 - 033496576 ____A [4C6764DF169600E7069608E40CEE35C8] () C:\WINDOWS\Installer\_{302600C1-6BDF-4FD1-1307-148929CC1385}\Intel Bluetooth.msi
2014-03-02 14:50 - 2014-03-02 14:50 - 000000000 ____D [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\_{302600C1-6BDF-4FD1-1307-148929CC1385}\Intel Bluetooth.msi_Update
2014-03-02 14:50 - 2014-03-02 14:50 - 000000000 ____D [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\_{302600C1-6BDF-4FD1-1307-148929CC1385}\Intel Bluetooth.msi_Update\Drivers
2014-03-02 14:50 - 2013-09-27 12:19 - 000020614 ____A [6783586FE48702828BFCEFAAB43A9F7F] () C:\WINDOWS\Installer\_{302600C1-6BDF-4FD1-1307-148929CC1385}\Intel Bluetooth.msi_Update\Drivers\ibtfltcoex_wp8.cat
2014-03-02 14:50 - 2014-03-02 14:50 - 000000000 ____D [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\_{302600C1-6BDF-4FD1-1307-148929CC1385}\Intel Bluetooth.msi_Update\Drivers\Win64
2014-03-02 14:50 - 2013-09-27 12:19 - 000157128 ____A [15BE9C294182299E539A2DEE6CF2E813] (Intel Corporation) C:\WINDOWS\Installer\_{302600C1-6BDF-4FD1-1307-148929CC1385}\Intel Bluetooth.msi_Update\Drivers\Win64\ibtrksrv.exe
2014-03-02 14:50 - 2013-09-27 12:19 - 000188872 ____A [12CA52803C7D768F392310B7B5472381] (Intel Corporation) C:\WINDOWS\Installer\_{302600C1-6BDF-4FD1-1307-148929CC1385}\Intel Bluetooth.msi_Update\Drivers\Win64\ibtrmgmt.dll
2014-03-02 14:50 - 2013-09-27 12:19 - 000117192 ____A [9723755CBB230D61BFE49FE13D958C18] (Intel Corporation) C:\WINDOWS\Installer\_{302600C1-6BDF-4FD1-1307-148929CC1385}\Intel Bluetooth.msi_Update\Drivers\Win64\ibtusb.sys
2016-12-17 01:48 - 2016-12-17 01:48 - 000000000 ____D [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\{01BFBBA5-F5D4-48A2-86AD-F8A3DF0D4FE6}
2016-12-17 01:48 - 2016-12-17 01:48 - 000188478 ___RA [84D1EA0EBA224A9980461BE98D628215] () C:\WINDOWS\Installer\{01BFBBA5-F5D4-48A2-86AD-F8A3DF0D4FE6}\IntelBluetoothICO
2017-02-03 20:28 - 2017-03-31 08:23 - 000000000 ___DC [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\{0493048C-CB1A-44B7-8BB3-8467AF7BA9E4}
2017-02-03 20:28 - 2017-02-03 20:28 - 000287934 __RAC [11111873BBD7904CE9F42284468DEFFF] () C:\WINDOWS\Installer\{0493048C-CB1A-44B7-8BB3-8467AF7BA9E4}\CalendarIcon.exe
2017-02-03 20:28 - 2017-02-03 20:28 - 000287934 __RAC [3B698C271887A9C59FC868539BA4DB5C] () C:\WINDOWS\Installer\{0493048C-CB1A-44B7-8BB3-8467AF7BA9E4}\ContactsIcon.exe
2017-02-03 20:28 - 2017-02-03 20:28 - 000287934 __RAC [4D238E1CDA434B43A05D03D857972A28] () C:\WINDOWS\Installer\{0493048C-CB1A-44B7-8BB3-8467AF7BA9E4}\FindMyiPhoneIcon.exe
2017-02-03 20:28 - 2017-02-03 20:28 - 000041851 __RAC [9EDE8A6C0015760E9B09F88AFED2D254] () C:\WINDOWS\Installer\{0493048C-CB1A-44B7-8BB3-8467AF7BA9E4}\iCloudIcon.exe
2017-02-03 20:28 - 2017-02-03 20:28 - 000034679 __RAC [FE92BEB6D46C79600BBBCAF5C2E2DF64] () C:\WINDOWS\Installer\{0493048C-CB1A-44B7-8BB3-8467AF7BA9E4}\KeynoteIcon.exe
2017-02-03 20:28 - 2017-02-03 20:28 - 000287934 __RAC [F9EE70F109ACD93812135724C3BD087E] () C:\WINDOWS\Installer\{0493048C-CB1A-44B7-8BB3-8467AF7BA9E4}\MailIcon.exe
2017-02-03 20:28 - 2017-02-03 20:28 - 000287934 __RAC [B22358885BA288CF9BB1E879D7C22EF6] () C:\WINDOWS\Installer\{0493048C-CB1A-44B7-8BB3-8467AF7BA9E4}\NotesIcon.exe
2017-02-03 20:28 - 2017-02-03 20:28 - 000035141 __RAC [62FB254250E71C7822946C6CC46D3A83] () C:\WINDOWS\Installer\{0493048C-CB1A-44B7-8BB3-8467AF7BA9E4}\NumbersIcon.exe
2017-02-03 20:28 - 2017-02-03 20:28 - 000037527 __RAC [433ACB29FDF39E3966BD60F05A32B102] () C:\WINDOWS\Installer\{0493048C-CB1A-44B7-8BB3-8467AF7BA9E4}\PagesIcon.exe
2017-02-03 20:28 - 2017-02-03 20:28 - 000287934 __RAC [E0B3574142E3F992FF97652CBEDC2AEA] () C:\WINDOWS\Installer\{0493048C-CB1A-44B7-8BB3-8467AF7BA9E4}\RemindersIcon.exe
2017-02-03 20:28 - 2017-02-03 20:28 - 000287934 __RAC [E951ABE99505450D406FCD80BBE6E4E1] () C:\WINDOWS\Installer\{0493048C-CB1A-44B7-8BB3-8467AF7BA9E4}\ShellStreamsShortcut.exe
2017-06-29 20:53 - 2017-06-29 20:53 - 000000000 ___DC [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\{0E05CA72-D8DD-432F-A2CC-880034A48577}
2017-06-29 20:53 - 2017-06-29 20:53 - 000099678 __RAC [F8B48D42094E6B696ED03D492621027B] () C:\WINDOWS\Installer\{0E05CA72-D8DD-432F-A2CC-880034A48577}\NodeIcon
2016-12-17 01:48 - 2016-12-17 01:48 - 000000000 ____D [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\{15B9204E-BA09-485E-8F2C-094AC0077664}
2016-12-17 01:48 - 2016-12-17 01:48 - 000147456 ___RA [A355B14E83A4E133F103C1A98DC6596D] (Flexera Software LLC) C:\WINDOWS\Installer\{15B9204E-BA09-485E-8F2C-094AC0077664}\ARPPRODUCTICON.exe
2013-08-08 11:18 - 2016-12-17 02:17 - 000000000 ____D [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\{1E5C7043-09C5-4974-A69F-A5271FD82BBC}
2013-08-08 11:18 - 2013-08-08 11:18 - 000094117 ___RA [8594B832C65A108B151D48F25099D974] () C:\WINDOWS\Installer\{1E5C7043-09C5-4974-A69F-A5271FD82BBC}\ProgrammenuBrowserStartPinIcon
2013-08-08 11:18 - 2013-08-08 11:18 - 000095850 ___RA [A77225BFD33E7BA20268B85D9D04367E] () C:\WINDOWS\Installer\{1E5C7043-09C5-4974-A69F-A5271FD82BBC}\StartPinGuideIcon
2017-11-11 15:05 - 2017-11-11 15:05 - 000000000 ___DC [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\{24607015-8D34-4AF3-9092-AC83847AE073}
2017-11-11 15:05 - 2017-11-11 15:05 - 000074549 __RAC [CB23C147E48B90BA23336CADE69C51E6] () C:\WINDOWS\Installer\{24607015-8D34-4AF3-9092-AC83847AE073}\Installer.ico
2017-11-11 15:05 - 2017-11-11 15:05 - 000075019 __RAC [C9E58C67253587FF8ADF3DC54BB2C1A6] () C:\WINDOWS\Installer\{24607015-8D34-4AF3-9092-AC83847AE073}\iTunes.ico
2017-11-11 15:05 - 2017-11-11 15:05 - 000000766 __RAC [D98EE604B37C67B9EE17F0D3DBC86224] () C:\WINDOWS\Installer\{24607015-8D34-4AF3-9092-AC83847AE073}\RichText.ico
2016-12-16 23:54 - 2016-12-16 23:54 - 000000000 ____D [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}
2016-12-16 23:54 - 2016-12-16 23:54 - 000145760 ___RA [00B0ACE97EAA8A8F1CC1867E49B1FE74] () C:\WINDOWS\Installer\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}\SkypeIcon.exe
2013-08-08 11:54 - 2013-08-08 11:54 - 000000000 ____D [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}
2013-08-08 11:54 - 2013-08-08 11:54 - 000099678 ___RA [4DCC97C8C22949773D556859428B45C2] () C:\WINDOWS\Installer\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}\ProductIcon
2014-03-02 14:51 - 2014-03-02 14:51 - 000000000 ____D [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\{302600C1-6BDF-4FD1-1307-148929CC1385}
2014-03-02 14:51 - 2014-03-02 14:51 - 000188478 ___RA [84D1EA0EBA224A9980461BE98D628215] () C:\WINDOWS\Installer\{302600C1-6BDF-4FD1-1307-148929CC1385}\IntelBluetoothICO
2017-11-11 15:03 - 2017-11-11 15:03 - 000000000 ___DC [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\{31A0B634-BCF4-4D3F-8336-87FEACFEE142}
2017-11-11 15:03 - 2017-11-11 15:03 - 000287190 __RAC [42A57B57DA632E3FFCBCD946D377FB07] () C:\WINDOWS\Installer\{31A0B634-BCF4-4D3F-8336-87FEACFEE142}\Installer.ico
2017-11-18 15:16 - 2017-11-18 15:16 - 000000000 ___DC [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\{37C2DE81-46FA-4EB3-83A5-F0D8F5B08F6E}
2017-11-18 15:16 - 2017-11-18 15:16 - 000020480 __RAC [C4D3F0D1F9610DEA0FDCB38002AA7FC5] () C:\WINDOWS\Installer\{37C2DE81-46FA-4EB3-83A5-F0D8F5B08F6E}\loc.de.mst
2017-06-29 20:53 - 2017-06-29 20:53 - 000000000 ___DC [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\{45A6E730-94A8-401C-9F40-F98D1A6480C2}
2017-06-29 20:53 - 2017-06-29 20:53 - 000018850 ___AC [BEA9F52C34578883F71D4989D208D3EC] () C:\WINDOWS\Installer\{45A6E730-94A8-401C-9F40-F98D1A6480C2}\{B1FF659F-471E-4FEF-881D-2EEB63AB2B56}
2015-12-31 12:49 - 2016-12-17 14:19 - 000000000 ____D [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\{4B48E22A-2FB0-4EFA-B99E-954B1E50CD69}
2015-12-31 12:49 - 2015-12-31 12:49 - 000287934 ___RA [11111873BBD7904CE9F42284468DEFFF] () C:\WINDOWS\Installer\{4B48E22A-2FB0-4EFA-B99E-954B1E50CD69}\CalendarIcon.exe
2015-12-31 12:49 - 2015-12-31 12:49 - 000287934 ___RA [3B698C271887A9C59FC868539BA4DB5C] () C:\WINDOWS\Installer\{4B48E22A-2FB0-4EFA-B99E-954B1E50CD69}\ContactsIcon.exe
2015-12-31 12:49 - 2015-12-31 12:49 - 000287934 ___RA [4D238E1CDA434B43A05D03D857972A28] () C:\WINDOWS\Installer\{4B48E22A-2FB0-4EFA-B99E-954B1E50CD69}\FindMyiPhoneIcon.exe
2015-12-31 12:49 - 2015-12-31 12:49 - 000041851 ___RA [9EDE8A6C0015760E9B09F88AFED2D254] () C:\WINDOWS\Installer\{4B48E22A-2FB0-4EFA-B99E-954B1E50CD69}\iCloudIcon.exe
2015-12-31 12:49 - 2015-12-31 12:49 - 000034679 ___RA [FE92BEB6D46C79600BBBCAF5C2E2DF64] () C:\WINDOWS\Installer\{4B48E22A-2FB0-4EFA-B99E-954B1E50CD69}\KeynoteIcon.exe
2015-12-31 12:49 - 2015-12-31 12:49 - 000287934 ___RA [F9EE70F109ACD93812135724C3BD087E] () C:\WINDOWS\Installer\{4B48E22A-2FB0-4EFA-B99E-954B1E50CD69}\MailIcon.exe
2015-12-31 12:49 - 2015-12-31 12:49 - 000287934 ___RA [B22358885BA288CF9BB1E879D7C22EF6] () C:\WINDOWS\Installer\{4B48E22A-2FB0-4EFA-B99E-954B1E50CD69}\NotesIcon.exe
2015-12-31 12:49 - 2015-12-31 12:49 - 000035141 ___RA [62FB254250E71C7822946C6CC46D3A83] () C:\WINDOWS\Installer\{4B48E22A-2FB0-4EFA-B99E-954B1E50CD69}\NumbersIcon.exe
2015-12-31 12:49 - 2015-12-31 12:49 - 000037527 ___RA [433ACB29FDF39E3966BD60F05A32B102] () C:\WINDOWS\Installer\{4B48E22A-2FB0-4EFA-B99E-954B1E50CD69}\PagesIcon.exe
2015-12-31 12:49 - 2015-12-31 12:49 - 000287934 ___RA [E0B3574142E3F992FF97652CBEDC2AEA] () C:\WINDOWS\Installer\{4B48E22A-2FB0-4EFA-B99E-954B1E50CD69}\RemindersIcon.exe
2015-12-31 12:49 - 2015-12-31 12:49 - 000287934 ___RA [E951ABE99505450D406FCD80BBE6E4E1] () C:\WINDOWS\Installer\{4B48E22A-2FB0-4EFA-B99E-954B1E50CD69}\ShellStreamsShortcut.exe
2016-12-17 14:19 - 2017-02-03 20:28 - 000000000 ___DC [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\{4BB313CE-D3D1-424C-8823-15CF85B00B05}
2016-12-17 14:19 - 2016-12-17 14:19 - 000287934 __RAC [11111873BBD7904CE9F42284468DEFFF] () C:\WINDOWS\Installer\{4BB313CE-D3D1-424C-8823-15CF85B00B05}\CalendarIcon.exe
2016-12-17 14:19 - 2016-12-17 14:19 - 000287934 __RAC [3B698C271887A9C59FC868539BA4DB5C] () C:\WINDOWS\Installer\{4BB313CE-D3D1-424C-8823-15CF85B00B05}\ContactsIcon.exe
2016-12-17 14:19 - 2016-12-17 14:19 - 000287934 __RAC [4D238E1CDA434B43A05D03D857972A28] () C:\WINDOWS\Installer\{4BB313CE-D3D1-424C-8823-15CF85B00B05}\FindMyiPhoneIcon.exe
2016-12-17 14:19 - 2016-12-17 14:19 - 000041851 __RAC [9EDE8A6C0015760E9B09F88AFED2D254] () C:\WINDOWS\Installer\{4BB313CE-D3D1-424C-8823-15CF85B00B05}\iCloudIcon.exe
2016-12-17 14:19 - 2016-12-17 14:19 - 000034679 __RAC [FE92BEB6D46C79600BBBCAF5C2E2DF64] () C:\WINDOWS\Installer\{4BB313CE-D3D1-424C-8823-15CF85B00B05}\KeynoteIcon.exe
2016-12-17 14:19 - 2016-12-17 14:19 - 000287934 __RAC [F9EE70F109ACD93812135724C3BD087E] () C:\WINDOWS\Installer\{4BB313CE-D3D1-424C-8823-15CF85B00B05}\MailIcon.exe
2016-12-17 14:19 - 2016-12-17 14:19 - 000287934 __RAC [B22358885BA288CF9BB1E879D7C22EF6] () C:\WINDOWS\Installer\{4BB313CE-D3D1-424C-8823-15CF85B00B05}\NotesIcon.exe
2016-12-17 14:19 - 2016-12-17 14:19 - 000035141 __RAC [62FB254250E71C7822946C6CC46D3A83] () C:\WINDOWS\Installer\{4BB313CE-D3D1-424C-8823-15CF85B00B05}\NumbersIcon.exe
2016-12-17 14:19 - 2016-12-17 14:19 - 000037527 __RAC [433ACB29FDF39E3966BD60F05A32B102] () C:\WINDOWS\Installer\{4BB313CE-D3D1-424C-8823-15CF85B00B05}\PagesIcon.exe
2016-12-17 14:19 - 2016-12-17 14:19 - 000287934 __RAC [E0B3574142E3F992FF97652CBEDC2AEA] () C:\WINDOWS\Installer\{4BB313CE-D3D1-424C-8823-15CF85B00B05}\RemindersIcon.exe
2016-12-17 14:19 - 2016-12-17 14:19 - 000287934 __RAC [E951ABE99505450D406FCD80BBE6E4E1] () C:\WINDOWS\Installer\{4BB313CE-D3D1-424C-8823-15CF85B00B05}\ShellStreamsShortcut.exe
2016-12-17 02:17 - 2016-12-17 02:17 - 000000000 ____D [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\{4C93E894-BE17-463B-A789-4CAB706987A0}
2016-12-17 02:17 - 2016-12-17 02:17 - 000094117 ___RA [8594B832C65A108B151D48F25099D974] () C:\WINDOWS\Installer\{4C93E894-BE17-463B-A789-4CAB706987A0}\DesktopBrowserIcon
2016-12-17 02:17 - 2016-12-17 02:17 - 000095850 ___RA [A77225BFD33E7BA20268B85D9D04367E] () C:\WINDOWS\Installer\{4C93E894-BE17-463B-A789-4CAB706987A0}\GuideIcon
2016-12-17 02:17 - 2016-12-17 02:17 - 000095850 ___RA [A77225BFD33E7BA20268B85D9D04367E] () C:\WINDOWS\Installer\{4C93E894-BE17-463B-A789-4CAB706987A0}\GuideIconDesktop
2016-12-17 02:17 - 2016-12-17 02:17 - 000094117 ___RA [8594B832C65A108B151D48F25099D974] () C:\WINDOWS\Installer\{4C93E894-BE17-463B-A789-4CAB706987A0}\ProgrammenuBrowserIcon
2016-12-17 02:17 - 2016-12-17 02:17 - 000094117 ___RA [8594B832C65A108B151D48F25099D974] () C:\WINDOWS\Installer\{4C93E894-BE17-463B-A789-4CAB706987A0}\ProgrammenuBrowserStartPinIcon
2016-12-17 02:17 - 2016-12-17 02:17 - 000095850 ___RA [A77225BFD33E7BA20268B85D9D04367E] () C:\WINDOWS\Installer\{4C93E894-BE17-463B-A789-4CAB706987A0}\StartPinGuideIcon
2016-12-17 02:17 - 2016-12-17 02:17 - 000094117 ___RA [8594B832C65A108B151D48F25099D974] () C:\WINDOWS\Installer\{4C93E894-BE17-463B-A789-4CAB706987A0}\StartProgrammenuRootIcon
2013-08-08 11:24 - 2013-08-08 11:25 - 000000000 ____D [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\{5597C927-029A-46A7-A0C0-8DABD9891A50}
2013-08-08 11:25 - 2013-03-07 01:34 - 000065536 ____A [26564451B00530963FC532BAB275F038] () C:\WINDOWS\Installer\{5597C927-029A-46A7-A0C0-8DABD9891A50}\1028.mst
2013-08-08 11:24 - 2013-08-08 11:24 - 000094208 ___RA [0C802CD1F87EA480E01EB314EEAABE9C] () C:\WINDOWS\Installer\{5597C927-029A-46A7-A0C0-8DABD9891A50}\1031.mst
2013-08-08 11:25 - 2013-03-07 01:35 - 000020480 ____A [320AC315D24D518D207C974E98B0C9C9] () C:\WINDOWS\Installer\{5597C927-029A-46A7-A0C0-8DABD9891A50}\1033.mst
2013-08-08 11:25 - 2013-03-07 01:35 - 000094208 ____A [9D7A43873161AD053BAD6080663C7B75] () C:\WINDOWS\Installer\{5597C927-029A-46A7-A0C0-8DABD9891A50}\1034.mst
2013-08-08 11:25 - 2013-03-07 01:35 - 000020480 ____A [1F7F4DDF9B4A2B0127CD32810551AA26] () C:\WINDOWS\Installer\{5597C927-029A-46A7-A0C0-8DABD9891A50}\1036.mst
2013-08-08 11:25 - 2013-03-07 01:35 - 000094208 ____A [6FD4945FFE1919377A865A2CA8D83B83] () C:\WINDOWS\Installer\{5597C927-029A-46A7-A0C0-8DABD9891A50}\1040.mst
2013-08-08 11:25 - 2013-03-07 01:35 - 000090112 ____A [F159BB1FF418B4621908C16CCE9CD6C2] () C:\WINDOWS\Installer\{5597C927-029A-46A7-A0C0-8DABD9891A50}\1041.mst
2013-08-08 11:25 - 2013-03-07 01:35 - 000081920 ____A [B7CE86E2FFC2DF425294303DF21B12CA] () C:\WINDOWS\Installer\{5597C927-029A-46A7-A0C0-8DABD9891A50}\1042.mst
2013-08-08 11:25 - 2013-03-07 01:34 - 000090112 ____A [ADB4CF69FB8B67F81C3BBD0A9D3CBEB2] () C:\WINDOWS\Installer\{5597C927-029A-46A7-A0C0-8DABD9891A50}\1043.mst
2013-08-08 11:25 - 2013-03-07 01:35 - 000090112 ____A [36756D1E60B6FC6423C5E2F5F3DFE5F0] () C:\WINDOWS\Installer\{5597C927-029A-46A7-A0C0-8DABD9891A50}\1045.mst
2013-08-08 11:25 - 2013-03-07 01:35 - 000086016 ____A [E0AE95D5565E280076312157920AA79A] () C:\WINDOWS\Installer\{5597C927-029A-46A7-A0C0-8DABD9891A50}\1046.mst
2013-08-08 11:25 - 2013-03-07 01:35 - 000086016 ____A [695CB3B0C30D828689BB1BC35230D81E] () C:\WINDOWS\Installer\{5597C927-029A-46A7-A0C0-8DABD9891A50}\1049.mst
2013-08-08 11:25 - 2013-03-07 01:34 - 000065536 ____A [71F0A1752E067670C50A12407B29BFB2] () C:\WINDOWS\Installer\{5597C927-029A-46A7-A0C0-8DABD9891A50}\2052.mst
2013-08-08 11:24 - 2013-08-08 11:24 - 000409600 ___RA [6880083ACD7F90751D6F1A40A4488077] (Flexera Software LLC) C:\WINDOWS\Installer\{5597C927-029A-46A7-A0C0-8DABD9891A50}\ARPPRODUCTICON.exe
2015-12-31 12:41 - 2015-12-31 12:41 - 000000000 ____D [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}
2015-12-31 12:41 - 2015-12-31 12:41 - 000092043 ___RA [278886D870B8FFF6092DBFAC68A2F619] () C:\WINDOWS\Installer\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}\Bonjour.ico
2015-12-31 12:41 - 2015-12-31 12:41 - 000000766 ___RA [D98EE604B37C67B9EE17F0D3DBC86224] () C:\WINDOWS\Installer\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}\RichText.ico
2017-05-29 19:27 - 2017-07-24 07:16 - 000000000 ___DC [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\{5B1A59DA-D1EC-4C3A-A996-DF011A0A9668}
2017-05-29 19:27 - 2017-05-29 19:27 - 000287934 __RAC [11111873BBD7904CE9F42284468DEFFF] () C:\WINDOWS\Installer\{5B1A59DA-D1EC-4C3A-A996-DF011A0A9668}\CalendarIcon.exe
2017-05-29 19:27 - 2017-05-29 19:27 - 000287934 __RAC [3B698C271887A9C59FC868539BA4DB5C] () C:\WINDOWS\Installer\{5B1A59DA-D1EC-4C3A-A996-DF011A0A9668}\ContactsIcon.exe
2017-05-29 19:27 - 2017-05-29 19:27 - 000287934 __RAC [4D238E1CDA434B43A05D03D857972A28] () C:\WINDOWS\Installer\{5B1A59DA-D1EC-4C3A-A996-DF011A0A9668}\FindMyiPhoneIcon.exe
2017-05-29 19:27 - 2017-05-29 19:27 - 000041851 __RAC [9EDE8A6C0015760E9B09F88AFED2D254] () C:\WINDOWS\Installer\{5B1A59DA-D1EC-4C3A-A996-DF011A0A9668}\iCloudIcon.exe
2017-05-29 19:27 - 2017-05-29 19:27 - 000034679 __RAC [FE92BEB6D46C79600BBBCAF5C2E2DF64] () C:\WINDOWS\Installer\{5B1A59DA-D1EC-4C3A-A996-DF011A0A9668}\KeynoteIcon.exe
2017-05-29 19:27 - 2017-05-29 19:27 - 000287934 __RAC [F9EE70F109ACD93812135724C3BD087E] () C:\WINDOWS\Installer\{5B1A59DA-D1EC-4C3A-A996-DF011A0A9668}\MailIcon.exe
2017-05-29 19:27 - 2017-05-29 19:27 - 000287934 __RAC [B22358885BA288CF9BB1E879D7C22EF6] () C:\WINDOWS\Installer\{5B1A59DA-D1EC-4C3A-A996-DF011A0A9668}\NotesIcon.exe
2017-05-29 19:27 - 2017-05-29 19:27 - 000035141 __RAC [62FB254250E71C7822946C6CC46D3A83] () C:\WINDOWS\Installer\{5B1A59DA-D1EC-4C3A-A996-DF011A0A9668}\NumbersIcon.exe
2017-05-29 19:27 - 2017-05-29 19:27 - 000037527 __RAC [433ACB29FDF39E3966BD60F05A32B102] () C:\WINDOWS\Installer\{5B1A59DA-D1EC-4C3A-A996-DF011A0A9668}\PagesIcon.exe
2017-05-29 19:27 - 2017-05-29 19:27 - 000287934 __RAC [E0B3574142E3F992FF97652CBEDC2AEA] () C:\WINDOWS\Installer\{5B1A59DA-D1EC-4C3A-A996-DF011A0A9668}\RemindersIcon.exe
2017-05-29 19:27 - 2017-05-29 19:27 - 000287934 __RAC [E951ABE99505450D406FCD80BBE6E4E1] () C:\WINDOWS\Installer\{5B1A59DA-D1EC-4C3A-A996-DF011A0A9668}\ShellStreamsShortcut.exe
2013-08-08 11:26 - 2013-08-08 11:26 - 000000000 ____D [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\{62A172B2-550E-499D-9A82-5190D18390AA}
2013-08-08 11:26 - 2013-08-08 11:26 - 000409600 ___RA [EC29E7ADA74127856D5BE3431399189C] (Flexera Software LLC) C:\WINDOWS\Installer\{62A172B2-550E-499D-9A82-5190D18390AA}\ARPPRODUCTICON.exe
2017-01-03 10:25 - 2017-01-03 10:25 - 000000000 ___DC [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\{632A7163-BA88-4BD5-9E83-489A2E45EC1F}
2017-01-03 10:25 - 2017-01-03 10:25 - 000009110 __RAC [920CC7718F129F6F4C6588D0B11773BD] () C:\WINDOWS\Installer\{632A7163-BA88-4BD5-9E83-489A2E45EC1F}\ARPPRODUCTICON.exe
2017-06-20 08:26 - 2017-06-20 08:26 - 000000000 ___DC [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\{6BF9F374-EC67-4808-A90C-F127DE6D989D}
2017-06-20 08:26 - 2017-06-20 08:26 - 001278016 __RAC [560445DA12BD6115AF42F5A6DEF60EB4] (SEIKO EPSON CORPORATION) C:\WINDOWS\Installer\{6BF9F374-EC67-4808-A90C-F127DE6D989D}\icon.exe
2017-09-30 07:38 - 2017-11-11 15:07 - 000000000 ___DC [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\{7464D896-C63C-412E-8ED3-3261C9F14E21}
2017-09-30 07:38 - 2017-09-30 07:38 - 000287934 __RAC [11111873BBD7904CE9F42284468DEFFF] () C:\WINDOWS\Installer\{7464D896-C63C-412E-8ED3-3261C9F14E21}\CalendarIcon.exe
2017-09-30 07:38 - 2017-09-30 07:38 - 000287934 __RAC [3B698C271887A9C59FC868539BA4DB5C] () C:\WINDOWS\Installer\{7464D896-C63C-412E-8ED3-3261C9F14E21}\ContactsIcon.exe
2017-09-30 07:38 - 2017-09-30 07:38 - 000287934 __RAC [4D238E1CDA434B43A05D03D857972A28] () C:\WINDOWS\Installer\{7464D896-C63C-412E-8ED3-3261C9F14E21}\FindMyiPhoneIcon.exe
2017-09-30 07:38 - 2017-09-30 07:38 - 000041851 __RAC [9EDE8A6C0015760E9B09F88AFED2D254] () C:\WINDOWS\Installer\{7464D896-C63C-412E-8ED3-3261C9F14E21}\iCloudIcon.exe
2017-09-30 07:38 - 2017-09-30 07:38 - 000034679 __RAC [FE92BEB6D46C79600BBBCAF5C2E2DF64] () C:\WINDOWS\Installer\{7464D896-C63C-412E-8ED3-3261C9F14E21}\KeynoteIcon.exe
2017-09-30 07:38 - 2017-09-30 07:38 - 000287934 __RAC [F9EE70F109ACD93812135724C3BD087E] () C:\WINDOWS\Installer\{7464D896-C63C-412E-8ED3-3261C9F14E21}\MailIcon.exe
2017-09-30 07:38 - 2017-09-30 07:38 - 000287934 __RAC [B22358885BA288CF9BB1E879D7C22EF6] () C:\WINDOWS\Installer\{7464D896-C63C-412E-8ED3-3261C9F14E21}\NotesIcon.exe
2017-09-30 07:38 - 2017-09-30 07:38 - 000035141 __RAC [62FB254250E71C7822946C6CC46D3A83] () C:\WINDOWS\Installer\{7464D896-C63C-412E-8ED3-3261C9F14E21}\NumbersIcon.exe
2017-09-30 07:38 - 2017-09-30 07:38 - 000037527 __RAC [433ACB29FDF39E3966BD60F05A32B102] () C:\WINDOWS\Installer\{7464D896-C63C-412E-8ED3-3261C9F14E21}\PagesIcon.exe
2017-09-30 07:38 - 2017-09-30 07:38 - 000287934 __RAC [E0B3574142E3F992FF97652CBEDC2AEA] () C:\WINDOWS\Installer\{7464D896-C63C-412E-8ED3-3261C9F14E21}\RemindersIcon.exe
2017-09-30 07:38 - 2017-09-30 07:38 - 000287934 __RAC [E951ABE99505450D406FCD80BBE6E4E1] () C:\WINDOWS\Installer\{7464D896-C63C-412E-8ED3-3261C9F14E21}\ShellStreamsShortcut.exe
2017-07-03 23:17 - 2017-07-03 23:17 - 000000000 ___DC [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\{75D563F2-A567-4815-A2E2-080D3503E209}
2017-07-03 23:17 - 2017-07-03 23:17 - 000107466 __RAC [4404E71DBE202BB9F793E14B37037B60] () C:\WINDOWS\Installer\{75D563F2-A567-4815-A2E2-080D3503E209}\computer.exe
2017-07-03 23:17 - 2017-07-03 23:17 - 000014534 __RAC [C2649AD15118FD46780D6FCBC38447D0] () C:\WINDOWS\Installer\{75D563F2-A567-4815-A2E2-080D3503E209}\SystemFoldermsiexec.exe
2017-06-20 08:01 - 2017-06-20 08:01 - 000000000 ___DC [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\{7BAC3F7A-B963-468E-982E-B5608A87408D}
2017-06-20 08:01 - 2017-06-20 08:01 - 000050659 __RAC [1A756D449EF5938A4A0F9A765793C68F] () C:\WINDOWS\Installer\{7BAC3F7A-B963-468E-982E-B5608A87408D}\icon.ico
2013-08-08 12:22 - 2016-01-16 17:59 - 000000000 ____D [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\{7C80D30A-AC02-4E3F-B95D-29F0E4FF937B}
2013-08-08 12:22 - 2013-08-08 12:22 - 000094208 ___RA [FBD411A58BFDCB501B5338D4EC9C2E80] () C:\WINDOWS\Installer\{7C80D30A-AC02-4E3F-B95D-29F0E4FF937B}\1031.MST
2013-08-08 12:22 - 2016-01-16 17:59 - 000409600 ___RA [F381CE7D6E25F2D3B047563FDF454430] (Flexera Software LLC) C:\WINDOWS\Installer\{7C80D30A-AC02-4E3F-B95D-29F0E4FF937B}\ARPPRODUCTICON.exe1
2017-03-31 08:23 - 2017-05-29 19:27 - 000000000 ___DC [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\{7F40A9A7-B3BE-4EA8-B052-60449F6C3C02}
2017-03-31 08:23 - 2017-03-31 08:23 - 000287934 __RAC [11111873BBD7904CE9F42284468DEFFF] () C:\WINDOWS\Installer\{7F40A9A7-B3BE-4EA8-B052-60449F6C3C02}\CalendarIcon.exe
2017-03-31 08:23 - 2017-03-31 08:23 - 000287934 __RAC [3B698C271887A9C59FC868539BA4DB5C] () C:\WINDOWS\Installer\{7F40A9A7-B3BE-4EA8-B052-60449F6C3C02}\ContactsIcon.exe
2017-03-31 08:23 - 2017-03-31 08:23 - 000287934 __RAC [4D238E1CDA434B43A05D03D857972A28] () C:\WINDOWS\Installer\{7F40A9A7-B3BE-4EA8-B052-60449F6C3C02}\FindMyiPhoneIcon.exe
2017-03-31 08:23 - 2017-03-31 08:23 - 000041851 __RAC [9EDE8A6C0015760E9B09F88AFED2D254] () C:\WINDOWS\Installer\{7F40A9A7-B3BE-4EA8-B052-60449F6C3C02}\iCloudIcon.exe
2017-03-31 08:23 - 2017-03-31 08:23 - 000034679 __RAC [FE92BEB6D46C79600BBBCAF5C2E2DF64] () C:\WINDOWS\Installer\{7F40A9A7-B3BE-4EA8-B052-60449F6C3C02}\KeynoteIcon.exe
2017-03-31 08:23 - 2017-03-31 08:23 - 000287934 __RAC [F9EE70F109ACD93812135724C3BD087E] () C:\WINDOWS\Installer\{7F40A9A7-B3BE-4EA8-B052-60449F6C3C02}\MailIcon.exe
2017-03-31 08:23 - 2017-03-31 08:23 - 000287934 __RAC [B22358885BA288CF9BB1E879D7C22EF6] () C:\WINDOWS\Installer\{7F40A9A7-B3BE-4EA8-B052-60449F6C3C02}\NotesIcon.exe
2017-03-31 08:23 - 2017-03-31 08:23 - 000035141 __RAC [62FB254250E71C7822946C6CC46D3A83] () C:\WINDOWS\Installer\{7F40A9A7-B3BE-4EA8-B052-60449F6C3C02}\NumbersIcon.exe
2017-03-31 08:23 - 2017-03-31 08:23 - 000037527 __RAC [433ACB29FDF39E3966BD60F05A32B102] () C:\WINDOWS\Installer\{7F40A9A7-B3BE-4EA8-B052-60449F6C3C02}\PagesIcon.exe
2017-03-31 08:23 - 2017-03-31 08:23 - 000287934 __RAC [E0B3574142E3F992FF97652CBEDC2AEA] () C:\WINDOWS\Installer\{7F40A9A7-B3BE-4EA8-B052-60449F6C3C02}\RemindersIcon.exe
2017-03-31 08:23 - 2017-03-31 08:23 - 000287934 __RAC [E951ABE99505450D406FCD80BBE6E4E1] () C:\WINDOWS\Installer\{7F40A9A7-B3BE-4EA8-B052-60449F6C3C02}\ShellStreamsShortcut.exe
2014-03-01 02:09 - 2017-06-14 06:51 - 000000000 ____D [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
2014-03-01 02:09 - 2017-06-14 06:51 - 000010806 ___RA [CDD148269B61A4A225E9C6CDDA3D3283] () C:\WINDOWS\Installer\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}\ARPIcon
2014-03-01 02:09 - 2017-06-14 06:51 - 000052224 ___RA [2A3D9A91990981C6E94FAEEFF706F9C5] () C:\WINDOWS\Installer\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}\ConfigIconDll
2014-03-01 02:09 - 2017-06-14 06:51 - 000052224 ___RA [346A3B85DF8BFE64AEC97F0E464EE4F2] () C:\WINDOWS\Installer\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}\ConfigIconDLL_64
2017-11-11 15:01 - 2017-11-11 15:01 - 000000000 ___DC [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\{8B47B514-F5D2-4E0D-B951-6E250618A7CD}
2017-11-11 15:01 - 2017-11-11 15:01 - 000002238 __RAC [7271C08C0B0C6EEF544B893DB3CDA8FD] () C:\WINDOWS\Installer\{8B47B514-F5D2-4E0D-B951-6E250618A7CD}\WinInstall.ico
2016-12-27 12:45 - 2017-11-18 09:37 - 000000000 ___DC [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\{90140000-0011-0000-0000-0000000FF1CE}
2016-12-27 12:45 - 2017-11-18 09:37 - 001450152 __RAC [56A18362F749FCBDC261F234D720515C] () C:\WINDOWS\Installer\{90140000-0011-0000-0000-0000000FF1CE}\accicons.exe
2016-12-27 12:45 - 2017-11-18 09:37 - 000020136 __RAC [63CF2BE047F9DA106C0971E93BCDD86E] () C:\WINDOWS\Installer\{90140000-0011-0000-0000-0000000FF1CE}\cagicon.exe
2016-12-27 12:45 - 2017-11-18 09:37 - 000000766 __RAC [58F5AC079150EECE385C296FFB565A16] () C:\WINDOWS\Installer\{90140000-0011-0000-0000-0000000FF1CE}\graph.ico
2016-12-27 12:45 - 2017-11-18 09:37 - 000179264 __RAC [EEEBEDF9A41153EA1D64920562F20956] () C:\WINDOWS\Installer\{90140000-0011-0000-0000-0000000FF1CE}\grvicons.exe
2016-12-27 12:45 - 2017-11-18 09:37 - 000470696 __RAC [C87681C8BFDBDEF887D9540065EA8E14] () C:\WINDOWS\Installer\{90140000-0011-0000-0000-0000000FF1CE}\inficon.exe
2016-12-27 12:45 - 2017-11-18 09:37 - 000327336 __RAC [B9B2AFDB252B15CDB494CC7B7737060C] () C:\WINDOWS\Installer\{90140000-0011-0000-0000-0000000FF1CE}\joticon.exe
2016-12-27 12:45 - 2017-11-18 09:37 - 000571968 __RAC [C6DED989CB707AE756D46DFE748B8D3B] () C:\WINDOWS\Installer\{90140000-0011-0000-0000-0000000FF1CE}\misc.exe
2016-12-27 12:45 - 2017-11-18 09:37 - 000043688 __RAC [58D01880A44C174C7C709EDE93C5CD40] () C:\WINDOWS\Installer\{90140000-0011-0000-0000-0000000FF1CE}\msouc.exe
2016-12-27 12:45 - 2017-11-18 09:37 - 000034880 __RAC [14989C0C5B9C0B89EAE639A7714E934A] () C:\WINDOWS\Installer\{90140000-0011-0000-0000-0000000FF1CE}\oisicon.exe
2016-12-27 12:45 - 2017-11-18 09:37 - 000304296 __RAC [0684331514DDEBE3D835A15F646F70C8] () C:\WINDOWS\Installer\{90140000-0011-0000-0000-0000000FF1CE}\outicon.exe
2016-12-27 12:45 - 2017-11-18 09:37 - 003793576 __RAC [9855B7D72D870B476CC58CB4604A9BCA] () C:\WINDOWS\Installer\{90140000-0011-0000-0000-0000000FF1CE}\pptico.exe
2016-12-27 12:45 - 2017-11-18 09:37 - 000416424 __RAC [3F2E551F45A2AC62DC8012528FF2621E] () C:\WINDOWS\Installer\{90140000-0011-0000-0000-0000000FF1CE}\pubs.exe
2016-12-27 12:46 - 2016-12-27 12:46 - 000081408 __RAC [8E6D7422165508C21CC03A2DCC24621F] () C:\WINDOWS\Installer\{90140000-0011-0000-0000-0000000FF1CE}\ShellUI.MST
2016-12-27 12:45 - 2017-11-18 09:37 - 001859240 __RAC [F3ECEA2EE71A1D2C0531166A99D90892] () C:\WINDOWS\Installer\{90140000-0011-0000-0000-0000000FF1CE}\wordicon.exe
2016-12-27 12:45 - 2017-11-18 09:37 - 001480360 __RAC [801B8B90E316120C83D0BDCFE1354BC6] () C:\WINDOWS\Installer\{90140000-0011-0000-0000-0000000FF1CE}\xlicons.exe
2016-12-27 12:44 - 2016-12-27 12:44 - 000000000 ___DC [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\{90140000-002A-0000-1000-0000000FF1CE}
2016-12-27 12:44 - 2016-12-27 12:44 - 000081408 __RAC [8E6D7422165508C21CC03A2DCC24621F] () C:\WINDOWS\Installer\{90140000-002A-0000-1000-0000000FF1CE}\ShellUI.MST
2017-10-11 10:56 - 2017-10-11 10:56 - 000000000 ___DC [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\{90140000-006E-0407-0000-0000000FF1CE}
2017-10-11 10:56 - 2017-10-11 10:56 - 000571968 __RAC [C6DED989CB707AE756D46DFE748B8D3B] () C:\WINDOWS\Installer\{90140000-006E-0407-0000-0000000FF1CE}\misc.exe
2013-08-08 11:37 - 2013-08-08 11:37 - 000000000 ____D [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\{90150000-0138-0409-0000-0000000FF1CE}
2013-08-08 11:37 - 2013-08-08 11:37 - 000174704 ___RA [A904387EA0BD10194A8233CC11CA5F1B] () C:\WINDOWS\Installer\{90150000-0138-0409-0000-0000000FF1CE}\firstrun.exe
2014-03-02 14:54 - 2014-03-02 14:54 - 000000000 ____D [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\{93F692D4-0C4D-4EED-9BFE-657C1D5959FE}
2014-03-02 14:54 - 2014-03-02 14:54 - 000220039 ___RA [230F59575F569B9C51AB2C3C33C8BDA4] () C:\WINDOWS\Installer\{93F692D4-0C4D-4EED-9BFE-657C1D5959FE}\UI_Icon
2017-08-27 09:25 - 2017-08-27 09:25 - 000000000 ___DC [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\{9C4E9490-3862-4EE0-90E6-C2457B67CD5F}
2017-08-27 09:25 - 2017-08-27 09:25 - 000397312 __RAC [39579D9F79FCF9675D5A6C6DD7660155] (Flexera Software LLC) C:\WINDOWS\Installer\{9C4E9490-3862-4EE0-90E6-C2457B67CD5F}\ARPPRODUCTICON.exe
2017-06-20 08:14 - 2017-06-20 08:14 - 000000000 ___DC [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\{9F205E94-9E42-4486-A92A-DF3F6CB85444}
2017-06-20 08:14 - 2017-06-20 08:14 - 001241296 __RAC [0D48F4837C655ABD66C743D237CA9DE6] (SEIKO EPSON CORPORATION) C:\WINDOWS\Installer\{9F205E94-9E42-4486-A92A-DF3F6CB85444}\icon.exe
2017-11-18 09:16 - 2017-11-18 09:16 - 000000000 ___DC [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\{AC76BA86-0804-1033-1959-001824245926}
2017-11-18 09:16 - 2017-11-18 09:16 - 000010134 __RAC [6E42CF0D47AF25DEA4CECDBE093D521C] () C:\WINDOWS\Installer\{AC76BA86-0804-1033-1959-001824245926}\ARPPRODUCTICON.exe
2014-03-01 10:53 - 2017-11-18 09:16 - 000000000 ____D [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\{AC76BA86-7AD7-1031-7B44-AB0000000001}
2014-03-01 10:53 - 2017-11-18 09:16 - 000027989 ___RA [C4400815F0C3C500402EF25E596D32E0] () C:\WINDOWS\Installer\{AC76BA86-7AD7-1031-7B44-AB0000000001}\APIFile_8.ico
2014-03-01 10:53 - 2017-11-18 09:16 - 000034295 ___RA [12EC3626F3B7F7A63C751D39A08F2885] () C:\WINDOWS\Installer\{AC76BA86-7AD7-1031-7B44-AB0000000001}\FDFFile_8.ico
2014-03-01 10:53 - 2017-11-18 09:16 - 000292878 ___RA [E611C41E5D2548662979531256616AB1] () C:\WINDOWS\Installer\{AC76BA86-7AD7-1031-7B44-AB0000000001}\PDFFile_8.ico
2014-03-01 10:53 - 2017-11-18 09:16 - 000030379 ___RA [AE9A5675540CF78FD94D7C4D316C4459] () C:\WINDOWS\Installer\{AC76BA86-7AD7-1031-7B44-AB0000000001}\PDXFile_8.ico
2014-03-01 10:53 - 2017-11-18 09:16 - 000292878 ___RA [4E7AD379AD1D7B5F9536CB10FF864374] () C:\WINDOWS\Installer\{AC76BA86-7AD7-1031-7B44-AB0000000001}\SC_Reader.ico
2014-03-01 10:53 - 2017-11-18 09:16 - 000033752 ___RA [6962D40CB9A2059761D86E433258D5A0] () C:\WINDOWS\Installer\{AC76BA86-7AD7-1031-7B44-AB0000000001}\SecStoreFile.ico
2014-03-01 10:53 - 2017-11-18 09:16 - 000038929 ___RA [04493F33CA5D5212C292B54F66085A09] () C:\WINDOWS\Installer\{AC76BA86-7AD7-1031-7B44-AB0000000001}\XDPFile_8.ico
2014-03-01 10:53 - 2017-11-18 09:16 - 000038614 ___RA [8A8CE0C8E29299DF9BC2114899F1E55C] () C:\WINDOWS\Installer\{AC76BA86-7AD7-1031-7B44-AB0000000001}\XFDFFile_8.ico
2013-08-08 11:30 - 2013-08-08 11:30 - 000000000 ____D [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\{AC76BA86-7AD7-FFFF-7B44-AB0000000001}
2013-08-08 11:30 - 2013-08-08 11:30 - 000020480 ___RA [405C21C2D8B2A831884E7A504269F779] () C:\WINDOWS\Installer\{AC76BA86-7AD7-FFFF-7B44-AB0000000001}\1033.mst
2013-08-08 11:30 - 2013-08-08 11:30 - 000040960 ___RA [1D6EFEF0EF6CA08BA9670D3D961E8B34] () C:\WINDOWS\Installer\{AC76BA86-7AD7-FFFF-7B44-AB0000000001}\AcroRead.mst
2013-08-08 11:30 - 2013-08-08 11:30 - 000027989 ___RA [C4400815F0C3C500402EF25E596D32E0] () C:\WINDOWS\Installer\{AC76BA86-7AD7-FFFF-7B44-AB0000000001}\APIFile_8.ico
2013-08-08 11:30 - 2013-08-08 11:30 - 000034295 ___RA [12EC3626F3B7F7A63C751D39A08F2885] () C:\WINDOWS\Installer\{AC76BA86-7AD7-FFFF-7B44-AB0000000001}\FDFFile_8.ico
2013-08-08 11:30 - 2013-08-08 11:30 - 000292878 ___RA [E611C41E5D2548662979531256616AB1] () C:\WINDOWS\Installer\{AC76BA86-7AD7-FFFF-7B44-AB0000000001}\PDFFile_8.ico
2013-08-08 11:30 - 2013-08-08 11:30 - 000030379 ___RA [AE9A5675540CF78FD94D7C4D316C4459] () C:\WINDOWS\Installer\{AC76BA86-7AD7-FFFF-7B44-AB0000000001}\PDXFile_8.ico
2013-08-08 11:30 - 2013-08-08 11:30 - 000292878 ___RA [4E7AD379AD1D7B5F9536CB10FF864374] () C:\WINDOWS\Installer\{AC76BA86-7AD7-FFFF-7B44-AB0000000001}\SC_Reader.ico
2013-08-08 11:30 - 2013-08-08 11:30 - 000033752 ___RA [6962D40CB9A2059761D86E433258D5A0] () C:\WINDOWS\Installer\{AC76BA86-7AD7-FFFF-7B44-AB0000000001}\SecStoreFile.ico
2013-08-08 11:30 - 2013-08-08 11:30 - 000038929 ___RA [04493F33CA5D5212C292B54F66085A09] () C:\WINDOWS\Installer\{AC76BA86-7AD7-FFFF-7B44-AB0000000001}\XDPFile_8.ico
2013-08-08 11:30 - 2013-08-08 11:30 - 000038614 ___RA [8A8CE0C8E29299DF9BC2114899F1E55C] () C:\WINDOWS\Installer\{AC76BA86-7AD7-FFFF-7B44-AB0000000001}\XFDFFile_8.ico
2017-06-20 08:15 - 2017-06-20 08:15 - 000000000 ___DC [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\{BB6241FF-8B76-45A5-95B9-888EDE8E47DC}
2017-06-20 08:15 - 2017-06-20 08:15 - 000966528 __RAC [87B974A715B818FE7A717C579C4915AD] (Seiko Epson Corporation) C:\WINDOWS\Installer\{BB6241FF-8B76-45A5-95B9-888EDE8E47DC}\icon.exe
2017-09-25 06:43 - 2017-09-25 06:43 - 000000000 ___DC [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\{C1BBFD2A-BCDD-45B3-8C0B-66BD434970A8}
2017-09-25 06:43 - 2017-09-25 06:43 - 000027136 __RAC [15B6740EE346A567B2C845FB537510B1] () C:\WINDOWS\Installer\{C1BBFD2A-BCDD-45B3-8C0B-66BD434970A8}\AppleSoftwareUpdateIco.exe
2017-09-25 06:43 - 2017-09-25 06:43 - 000025214 __RAC [9623D6B811D142B5EAB71A9163B26493] () C:\WINDOWS\Installer\{C1BBFD2A-BCDD-45B3-8C0B-66BD434970A8}\Installer.ico
2013-08-08 11:28 - 2013-08-08 11:29 - 000000000 ____D [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\{C2CC5822-32E6-4D21-88EA-DE8CED09EE2F}
2013-08-08 11:29 - 2013-03-15 01:05 - 000065536 ____A [2F1553DED0F2C178703A04730E3D1CFC] () C:\WINDOWS\Installer\{C2CC5822-32E6-4D21-88EA-DE8CED09EE2F}\1028.mst
2013-08-08 11:28 - 2013-08-08 11:28 - 000094208 ___RA [6C0329C64F29D3C746385B7E441643F7] () C:\WINDOWS\Installer\{C2CC5822-32E6-4D21-88EA-DE8CED09EE2F}\1031.mst
2013-08-08 11:29 - 2013-03-15 01:05 - 000020480 ____A [C32F0F67B8771ABF710B836DD39B439F] () C:\WINDOWS\Installer\{C2CC5822-32E6-4D21-88EA-DE8CED09EE2F}\1033.mst
2013-08-08 11:29 - 2013-03-15 01:05 - 000094208 ____A [1DA4FFE1F3E46E6303009B445A3C573C] () C:\WINDOWS\Installer\{C2CC5822-32E6-4D21-88EA-DE8CED09EE2F}\1034.mst
2013-08-08 11:29 - 2013-03-15 01:05 - 000020480 ____A [12E6F3AAB2CD19464F8747424494BF82] () C:\WINDOWS\Installer\{C2CC5822-32E6-4D21-88EA-DE8CED09EE2F}\1036.mst
2013-08-08 11:29 - 2013-03-15 01:05 - 000094208 ____A [451AA7828644079A2AD3B5871A295614] () C:\WINDOWS\Installer\{C2CC5822-32E6-4D21-88EA-DE8CED09EE2F}\1040.mst
2013-08-08 11:29 - 2013-03-15 01:05 - 000090112 ____A [7CB44CEF00C719C3B665544F6BDA4625] () C:\WINDOWS\Installer\{C2CC5822-32E6-4D21-88EA-DE8CED09EE2F}\1041.mst
2013-08-08 11:29 - 2013-03-15 01:05 - 000081920 ____A [4A049C3B88605DF0A490E2BF0FAA5D4B] () C:\WINDOWS\Installer\{C2CC5822-32E6-4D21-88EA-DE8CED09EE2F}\1042.mst
2013-08-08 11:29 - 2013-03-15 01:05 - 000090112 ____A [381E4FCE6133E5F74335CBE8D827BB39] () C:\WINDOWS\Installer\{C2CC5822-32E6-4D21-88EA-DE8CED09EE2F}\1043.mst
2013-08-08 11:29 - 2013-03-15 01:05 - 000090112 ____A [3CEA2A7A7B3280E712BC2A9D13C2C9C4] () C:\WINDOWS\Installer\{C2CC5822-32E6-4D21-88EA-DE8CED09EE2F}\1045.mst
2013-08-08 11:29 - 2013-03-15 01:05 - 000086016 ____A [4936D2EBC0A25D6A9A23D2D40C9DBEF0] () C:\WINDOWS\Installer\{C2CC5822-32E6-4D21-88EA-DE8CED09EE2F}\1046.mst
2013-08-08 11:29 - 2013-03-15 01:05 - 000086016 ____A [87B16B3946F4B1597A439C2424E4E92F] () C:\WINDOWS\Installer\{C2CC5822-32E6-4D21-88EA-DE8CED09EE2F}\1049.mst
2013-08-08 11:29 - 2013-03-15 01:05 - 000065536 ____A [309ECF8C3AD76A2D888EBCBFBEAC14B4] () C:\WINDOWS\Installer\{C2CC5822-32E6-4D21-88EA-DE8CED09EE2F}\2052.mst
2013-08-08 11:28 - 2013-08-08 11:28 - 000126976 ___RA [8E5E9C8DB58095D12B85B4494EF42E5B] (Flexera Software LLC) C:\WINDOWS\Installer\{C2CC5822-32E6-4D21-88EA-DE8CED09EE2F}\ARPPRODUCTICON.exe
2013-08-08 11:28 - 2013-08-08 11:28 - 000126976 ___RA [398637FBC68983F425587128C99DFD65] (Flexera Software LLC) C:\WINDOWS\Installer\{C2CC5822-32E6-4D21-88EA-DE8CED09EE2F}\NewShortcut1.4A65FCE5_1E38_4A76_8B67_CA61AA6B3683.exe
2017-07-24 07:16 - 2017-09-30 07:38 - 000000000 ___DC [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\{C510BB61-AE0B-4420-87AF-9CF646E86364}
2017-07-24 07:16 - 2017-07-24 07:16 - 000287934 __RAC [11111873BBD7904CE9F42284468DEFFF] () C:\WINDOWS\Installer\{C510BB61-AE0B-4420-87AF-9CF646E86364}\CalendarIcon.exe
2017-07-24 07:16 - 2017-07-24 07:16 - 000287934 __RAC [3B698C271887A9C59FC868539BA4DB5C] () C:\WINDOWS\Installer\{C510BB61-AE0B-4420-87AF-9CF646E86364}\ContactsIcon.exe
2017-07-24 07:16 - 2017-07-24 07:16 - 000287934 __RAC [4D238E1CDA434B43A05D03D857972A28] () C:\WINDOWS\Installer\{C510BB61-AE0B-4420-87AF-9CF646E86364}\FindMyiPhoneIcon.exe
2017-07-24 07:16 - 2017-07-24 07:16 - 000041851 __RAC [9EDE8A6C0015760E9B09F88AFED2D254] () C:\WINDOWS\Installer\{C510BB61-AE0B-4420-87AF-9CF646E86364}\iCloudIcon.exe
2017-07-24 07:16 - 2017-07-24 07:16 - 000034679 __RAC [FE92BEB6D46C79600BBBCAF5C2E2DF64] () C:\WINDOWS\Installer\{C510BB61-AE0B-4420-87AF-9CF646E86364}\KeynoteIcon.exe
2017-07-24 07:16 - 2017-07-24 07:16 - 000287934 __RAC [F9EE70F109ACD93812135724C3BD087E] () C:\WINDOWS\Installer\{C510BB61-AE0B-4420-87AF-9CF646E86364}\MailIcon.exe
2017-07-24 07:16 - 2017-07-24 07:16 - 000287934 __RAC [B22358885BA288CF9BB1E879D7C22EF6] () C:\WINDOWS\Installer\{C510BB61-AE0B-4420-87AF-9CF646E86364}\NotesIcon.exe
2017-07-24 07:16 - 2017-07-24 07:16 - 000035141 __RAC [62FB254250E71C7822946C6CC46D3A83] () C:\WINDOWS\Installer\{C510BB61-AE0B-4420-87AF-9CF646E86364}\NumbersIcon.exe
2017-07-24 07:16 - 2017-07-24 07:16 - 000037527 __RAC [433ACB29FDF39E3966BD60F05A32B102] () C:\WINDOWS\Installer\{C510BB61-AE0B-4420-87AF-9CF646E86364}\PagesIcon.exe
2017-07-24 07:16 - 2017-07-24 07:16 - 000287934 __RAC [E0B3574142E3F992FF97652CBEDC2AEA] () C:\WINDOWS\Installer\{C510BB61-AE0B-4420-87AF-9CF646E86364}\RemindersIcon.exe
2017-07-24 07:16 - 2017-07-24 07:16 - 000287934 __RAC [E951ABE99505450D406FCD80BBE6E4E1] () C:\WINDOWS\Installer\{C510BB61-AE0B-4420-87AF-9CF646E86364}\ShellStreamsShortcut.exe
2016-12-17 02:18 - 2016-12-17 02:18 - 000000000 ____D [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\{CBA577D0-C972-4A26-B948-A315DF3ECE0E}
2016-12-17 02:18 - 2016-12-17 02:18 - 000053248 ___RA [44FE05B7B1394C6FC2957E65A53231B4] (Flexera Software LLC) C:\WINDOWS\Installer\{CBA577D0-C972-4A26-B948-A315DF3ECE0E}\ARPPRODUCTICON.exe
2017-11-11 15:02 - 2017-11-11 15:02 - 000000000 ___DC [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\{D811A40A-9791-497C-B9DC-2D89C8E95EA1}
2017-11-11 15:02 - 2017-11-11 15:02 - 000002238 __RAC [7271C08C0B0C6EEF544B893DB3CDA8FD] () C:\WINDOWS\Installer\{D811A40A-9791-497C-B9DC-2D89C8E95EA1}\WinInstall.ico
2016-12-17 01:49 - 2016-12-17 01:49 - 000000000 ____D [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\{F3FC1B12-45AA-4ACE-AD9F-DFD87BE9457E}
2016-12-17 01:49 - 2016-12-17 01:49 - 000126976 ___RA [79E5014E844D9AD6BE0EDFEFE667276C] (Flexera Software LLC) C:\WINDOWS\Installer\{F3FC1B12-45AA-4ACE-AD9F-DFD87BE9457E}\ARPPRODUCTICON.exe
2017-01-03 10:25 - 2017-01-03 10:25 - 000000000 ___DC [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\{FABDE004-365B-4A61-AD9E-96A9BAA53437}
2017-01-03 10:25 - 2017-01-03 10:25 - 000158112 __RAC [F0BE3485B957B7883818AC14CE4337D8] (Intel(R) Corporation) C:\WINDOWS\Installer\{FABDE004-365B-4A61-AD9E-96A9BAA53437}\AdminTool.exe
2017-01-03 10:25 - 2017-01-03 10:25 - 000009110 __RAC [920CC7718F129F6F4C6588D0B11773BD] () C:\WINDOWS\Installer\{FABDE004-365B-4A61-AD9E-96A9BAA53437}\ARPPRODUCTICON.exe
2017-01-03 10:25 - 2017-01-03 10:25 - 003387296 __RAC [56948CB9A566E232BA67D5B122408FCB] (Intel® Corporation) C:\WINDOWS\Installer\{FABDE004-365B-4A61-AD9E-96A9BAA53437}\cpappletexe.exe
2013-08-08 11:37 - 2013-08-08 11:37 - 000000000 ____D [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\{FBEE3D44-0933-4B84-BB6A-49957F89187F}
2013-08-08 11:37 - 2013-08-08 11:37 - 000053248 ___RA [44FE05B7B1394C6FC2957E65A53231B4] (Flexera Software LLC) C:\WINDOWS\Installer\{FBEE3D44-0933-4B84-BB6A-49957F89187F}\ARPPRODUCTICON.exe
2017-11-11 15:06 - 2017-11-11 15:06 - 000000000 ___DC [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\{FF99A618-BCA5-4658-B9FF-CCF57C177610}
2017-11-11 15:06 - 2017-11-11 15:06 - 000041851 __RAC [9EDE8A6C0015760E9B09F88AFED2D254] () C:\WINDOWS\Installer\{FF99A618-BCA5-4658-B9FF-CCF57C177610}\ARP.ico
2017-11-11 15:06 - 2017-11-11 15:06 - 000287934 __RAC [11111873BBD7904CE9F42284468DEFFF] () C:\WINDOWS\Installer\{FF99A618-BCA5-4658-B9FF-CCF57C177610}\CalendarIcon.exe
2017-11-11 15:06 - 2017-11-11 15:06 - 000287934 __RAC [3B698C271887A9C59FC868539BA4DB5C] () C:\WINDOWS\Installer\{FF99A618-BCA5-4658-B9FF-CCF57C177610}\ContactsIcon.exe
2017-11-11 15:06 - 2017-11-11 15:06 - 000287934 __RAC [4D238E1CDA434B43A05D03D857972A28] () C:\WINDOWS\Installer\{FF99A618-BCA5-4658-B9FF-CCF57C177610}\FindMyiPhoneIcon.exe
2017-11-11 15:06 - 2017-11-11 15:06 - 000041851 __RAC [9EDE8A6C0015760E9B09F88AFED2D254] () C:\WINDOWS\Installer\{FF99A618-BCA5-4658-B9FF-CCF57C177610}\iCloudIcon.exe
2017-11-11 15:06 - 2017-11-11 15:06 - 000034679 __RAC [FE92BEB6D46C79600BBBCAF5C2E2DF64] () C:\WINDOWS\Installer\{FF99A618-BCA5-4658-B9FF-CCF57C177610}\KeynoteIcon.exe
2017-11-11 15:06 - 2017-11-11 15:06 - 000287934 __RAC [F9EE70F109ACD93812135724C3BD087E] () C:\WINDOWS\Installer\{FF99A618-BCA5-4658-B9FF-CCF57C177610}\MailIcon.exe
2017-11-11 15:06 - 2017-11-11 15:06 - 000287934 __RAC [B22358885BA288CF9BB1E879D7C22EF6] () C:\WINDOWS\Installer\{FF99A618-BCA5-4658-B9FF-CCF57C177610}\NotesIcon.exe
2017-11-11 15:06 - 2017-11-11 15:06 - 000035141 __RAC [62FB254250E71C7822946C6CC46D3A83] () C:\WINDOWS\Installer\{FF99A618-BCA5-4658-B9FF-CCF57C177610}\NumbersIcon.exe
2017-11-11 15:06 - 2017-11-11 15:06 - 000037527 __RAC [433ACB29FDF39E3966BD60F05A32B102] () C:\WINDOWS\Installer\{FF99A618-BCA5-4658-B9FF-CCF57C177610}\PagesIcon.exe
2017-11-11 15:06 - 2017-11-11 15:06 - 000287934 __RAC [E0B3574142E3F992FF97652CBEDC2AEA] () C:\WINDOWS\Installer\{FF99A618-BCA5-4658-B9FF-CCF57C177610}\RemindersIcon.exe
2017-11-11 15:06 - 2017-11-11 15:06 - 000287934 __RAC [E951ABE99505450D406FCD80BBE6E4E1] () C:\WINDOWS\Installer\{FF99A618-BCA5-4658-B9FF-CCF57C177610}\ShellStreamsShortcut.exe
Geändert von freddyd (26.11.2017 um 17:48 Uhr) |
|
26.11.2017, 17:41
| #13 |
| | windows10: AVIRA meldet Trojaner-FundCode:
ATTFilter 2017-09-09 14:48 - 2017-09-09 14:48 - 000000000 ___DC [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\MSI1042.tmp-
2017-06-28 00:14 - 2017-06-28 00:14 - 000000000 ___DC [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\MSI1123.tmp-
2017-09-09 14:48 - 2017-09-09 14:48 - 000000000 ___DC [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\MSI112D.tmp-
2017-06-28 00:14 - 2017-06-28 00:14 - 000000000 ___DC [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\MSI128D.tmp-
2017-06-28 00:14 - 2017-06-28 00:14 - 000000000 ___DC [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\MSI159D.tmp-
2017-06-28 00:14 - 2017-06-28 00:14 - 000000000 ___DC [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\MSI165A.tmp-
2017-03-25 13:46 - 2017-03-25 13:46 - 000000000 ___DC [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\MSI1687.tmp-
2017-01-02 13:20 - 2017-01-02 13:20 - 000000000 ___DC [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\MSI16F.tmp-
2017-11-18 15:16 - 2017-11-18 15:16 - 000000000 ___DC [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\MSI1721.tmp-
2017-06-28 00:14 - 2017-06-28 00:14 - 000000000 ___DC [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\MSI1738.tmp-
2017-11-05 12:12 - 2017-11-05 12:12 - 000000000 ___DC [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\MSI17F3.tmp-
2017-03-25 13:46 - 2017-03-25 13:46 - 000000000 ___DC [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\MSI1840.tmp-
2017-11-18 15:16 - 2017-11-18 15:16 - 000000000 ___DC [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\MSI1899.tmp-
2017-11-18 15:16 - 2017-11-18 15:16 - 000000000 ___DC [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\MSI1975.tmp-
2017-03-25 13:46 - 2017-03-25 13:46 - 000000000 ___DC [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\MSI19B8.tmp-
2017-11-05 12:12 - 2017-11-05 12:12 - 000000000 ___DC [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\MSI19F9.tmp-
2017-11-18 15:16 - 2017-11-18 15:16 - 000000000 ___DC [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\MSI1A31.tmp-
2017-06-28 00:14 - 2017-06-28 00:14 - 000000000 ___DC [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\MSI1A39.tmp-
2017-03-25 13:46 - 2017-03-25 13:46 - 000000000 ___DC [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\MSI1A55.tmp-
2017-03-25 13:46 - 2017-03-25 13:46 - 000000000 ___DC [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\MSI1B21.tmp-
2017-02-05 18:11 - 2017-02-05 18:11 - 000000000 ___DC [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\MSI1B6.tmp-
2017-06-28 00:14 - 2017-06-28 00:14 - 000000000 ___DC [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\MSI1B63.tmp-
2017-11-18 15:16 - 2017-11-18 15:16 - 000000000 ___DC [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\MSI1B7D.tmp-
2017-03-25 13:46 - 2017-03-25 13:46 - 000000000 ___DC [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\MSI1BCE.tmp-
2017-11-05 12:12 - 2017-11-05 12:12 - 000000000 ___DC [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\MSI1C1D.tmp-
2017-06-28 00:14 - 2017-06-28 00:14 - 000000000 ___DC [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\MSI1C20.tmp-
2017-03-25 13:46 - 2017-03-25 13:46 - 000000000 ___DC [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\MSI1C7B.tmp-
2017-07-12 22:02 - 2017-07-12 22:02 - 000000000 ___DC [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\MSI1CBC.tmp-
2017-11-05 12:12 - 2017-11-05 12:12 - 000000000 ___DC [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\MSI1CDA.tmp-
2017-06-28 00:14 - 2017-06-28 00:14 - 000000000 ___DC [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\MSI1D3A.tmp-
2017-03-25 13:46 - 2017-03-25 13:46 - 000000000 ___DC [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\MSI1D7A.tmp-
2017-11-05 12:12 - 2017-11-05 12:12 - 000000000 ___DC [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\MSI1DA6.tmp-
2017-03-25 13:46 - 2017-03-25 13:46 - 000000000 ___DC [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\MSI1E27.tmp-
2017-11-05 12:12 - 2017-11-05 12:12 - 000000000 ___DC [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\MSI1E43.tmp-
2017-03-25 13:46 - 2017-03-25 13:46 - 000000000 ___DC [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\MSI1EC4.tmp-
2017-11-05 12:12 - 2017-11-05 12:12 - 000000000 ___DC [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\MSI1EF0.tmp-
2017-03-25 13:46 - 2017-03-25 13:46 - 000000000 ___DC [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\MSI1F71.tmp-
2017-11-05 12:12 - 2017-11-05 12:12 - 000000000 ___DC [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\MSI203D.tmp-
2017-03-25 13:46 - 2017-03-25 13:46 - 000000000 ___DC [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\MSI205C.tmp-
2017-11-18 15:16 - 2017-11-18 15:16 - 000000000 ___DC [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\MSI20BE.tmp-
2017-11-05 12:12 - 2017-11-05 12:12 - 000000000 ___DC [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\MSI2109.tmp-
2017-03-25 13:46 - 2017-03-25 13:46 - 000000000 ___DC [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\MSI2128.tmp-
2017-11-05 12:12 - 2017-11-05 12:12 - 000000000 ___DC [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\MSI21B6.tmp-
2017-11-18 15:16 - 2017-11-18 15:16 - 000000000 ___DC [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\MSI2217.tmp-
2017-11-05 12:12 - 2017-11-05 12:12 - 000000000 ___DC [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\MSI2263.tmp-
2017-11-18 15:16 - 2017-11-18 15:16 - 000000000 ___DC [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\MSI23EF.tmp-
2017-07-12 22:02 - 2017-07-12 22:02 - 000000000 ___DC [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\MSI24AC.tmp-
2017-01-02 13:20 - 2017-01-02 13:20 - 000000000 ___DC [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\MSI25.tmp-
2017-11-05 12:12 - 2017-11-05 12:12 - 000000000 ___DC [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\MSI2552.tmp-
2017-07-12 22:02 - 2017-07-12 22:02 - 000000000 ___DC [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\MSI26B3.tmp-
2017-11-18 15:16 - 2017-11-18 15:16 - 000000000 ___DC [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\MSI26E0.tmp-
2017-11-05 12:12 - 2017-11-05 12:12 - 000000000 ___DC [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\MSI26E9.tmp-
2017-11-18 15:16 - 2017-11-18 15:16 - 000000000 ___DC [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\MSI277D.tmp-
2017-11-18 15:16 - 2017-11-18 15:16 - 000000000 ___DC [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\MSI287A.tmp-
2017-07-12 22:02 - 2017-07-12 22:02 - 000000000 ___DC [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\MSI28B8.tmp-
2017-07-12 22:02 - 2017-07-12 22:02 - 000000000 ___DC [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\MSI2984.tmp-
2017-07-12 22:02 - 2017-07-12 22:02 - 000000000 ___DC [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\MSI2A7F.tmp-
2017-01-02 13:20 - 2017-01-02 13:20 - 000000000 ___DC [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\MSI2A8.tmp-
2017-07-12 22:02 - 2017-07-12 22:02 - 000000000 ___DC [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\MSI2B6A.tmp-
2017-07-12 22:02 - 2017-07-12 22:02 - 000000000 ___DC [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\MSI2C36.tmp-
2017-09-09 14:48 - 2017-09-09 14:48 - 000000000 ___DC [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\MSI2C4.tmp-
2017-07-12 22:02 - 2017-07-12 22:02 - 000000000 ___DC [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\MSI2E00.tmp-
2017-07-12 22:02 - 2017-07-12 22:02 - 000000000 ___DC [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\MSI2F3A.tmp-
2017-07-12 22:02 - 2017-07-12 22:02 - 000000000 ___DC [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\MSI3025.tmp-
2017-07-12 22:02 - 2017-07-12 22:02 - 000000000 ___DC [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\MSI3120.tmp-
2017-07-12 22:02 - 2017-07-12 22:02 - 000000000 ___DC [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\MSI31DD.tmp-
2017-11-18 15:16 - 2017-11-18 15:16 - 000000000 ___DC [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\MSI331F.tmp-
2017-11-18 15:16 - 2017-11-18 15:16 - 000000000 ___DC [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\MSI33DB.tmp-
2017-02-05 18:11 - 2017-02-05 18:11 - 000000000 ___DC [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\MSI33E.tmp-
2017-03-25 13:46 - 2017-03-25 13:46 - 000000000 ___DC [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\MSI34E0.tmp-
2017-11-18 15:16 - 2017-11-18 15:16 - 000000000 ___DC [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\MSI3534.tmp-
2017-03-25 13:46 - 2017-03-25 13:46 - 000000000 ___DC [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\MSI3714.tmp-
2017-03-25 13:46 - 2017-03-25 13:46 - 000000000 ___DC [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\MSI37F0.tmp-
2017-03-25 13:46 - 2017-03-25 13:46 - 000000000 ___DC [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\MSI388D.tmp-
2017-03-25 13:46 - 2017-03-25 13:46 - 000000000 ___DC [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\MSI3E1E.tmp-
2017-03-25 13:46 - 2017-03-25 13:46 - 000000000 ___DC [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\MSI3FC5.tmp-
2017-03-25 13:46 - 2017-03-25 13:46 - 000000000 ___DC [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\MSI417D.tmp-
2017-07-12 22:02 - 2017-07-12 22:03 - 000000000 ___DC [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\MSI419D.tmp-
2017-11-05 12:12 - 2017-11-05 12:12 - 000000000 ___DC [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\MSI437B.tmp-
2017-07-12 22:03 - 2017-07-12 22:03 - 000000000 ___DC [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\MSI43B1.tmp-
2017-02-05 18:11 - 2017-02-05 18:11 - 000000000 ___DC [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\MSI449.tmp-
2017-07-12 22:03 - 2017-07-12 22:03 - 000000000 ___DC [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\MSI4529.tmp-
2017-03-25 13:46 - 2017-03-25 13:46 - 000000000 ___DC [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\MSI452A.tmp-
2017-03-25 13:46 - 2017-03-25 13:46 - 000000000 ___DC [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\MSI45E6.tmp-
2017-07-12 22:03 - 2017-07-12 22:03 - 000000000 ___DC [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\MSI45F5.tmp-
2017-11-05 12:12 - 2017-11-05 12:12 - 000000000 ___DC [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\MSI45FC.tmp-
2017-03-25 13:46 - 2017-03-25 13:46 - 000000000 ___DC [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\MSI4702.tmp-
2017-11-05 12:12 - 2017-11-05 12:12 - 000000000 ___DC [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\MSI47A3.tmp-
2017-11-05 12:12 - 2017-11-05 12:12 - 000000000 ___DC [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\MSI489E.tmp-
2017-10-23 23:27 - 2017-10-23 23:27 - 000000000 ___DC [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\MSI48AA.tmp-
2017-03-25 13:46 - 2017-03-25 13:46 - 000000000 ___DC [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\MSI4A23.tmp-
2017-11-05 12:12 - 2017-11-05 12:12 - 000000000 ___DC [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\MSI4A48.tmp-
2017-06-28 00:14 - 2017-06-28 00:14 - 000000000 ___DC [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\MSI4A8.tmp-
2017-03-25 13:46 - 2017-03-25 13:46 - 000000000 ___DC [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\MSI4B5D.tmp-
2017-09-09 14:48 - 2017-09-09 14:48 - 000000000 ___DC [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\MSI4B9.tmp-
2017-07-12 22:03 - 2017-07-12 22:03 - 000000000 ___DC [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\MSI4D0D.tmp-
2017-03-25 13:46 - 2017-03-25 13:46 - 000000000 ___DC [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\MSI4D32.tmp-
2017-03-25 13:46 - 2017-03-25 13:46 - 000000000 ___DC [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\MSI4E2D.tmp-
2017-07-12 22:03 - 2017-07-12 22:03 - 000000000 ___DC [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\MSI4EB4.tmp-
2017-07-12 22:03 - 2017-07-12 22:03 - 000000000 ___DC [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\MSI506C.tmp-
2017-11-05 12:12 - 2017-11-05 12:12 - 000000000 ___DC [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\MSI50A2.tmp-
2017-11-05 12:12 - 2017-11-05 12:12 - 000000000 ___DC [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\MSI520A.tmp-
2017-10-23 23:27 - 2017-10-23 23:27 - 000000000 ___DC [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\MSI529E.tmp-
2017-11-05 12:12 - 2017-11-05 12:12 - 000000000 ___DC [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\MSI5375.tmp-
2017-07-12 22:03 - 2017-07-12 22:03 - 000000000 ___DC [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\MSI53F9.tmp-
2017-10-23 23:27 - 2017-10-23 23:27 - 000000000 ___DC [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\MSI5495.tmp-
2017-07-12 22:03 - 2017-07-12 22:03 - 000000000 ___DC [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\MSI54E5.tmp-
2017-07-12 22:03 - 2017-07-12 22:03 - 000000000 ___DC [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\MSI5620.tmp-
2017-10-23 23:27 - 2017-10-23 23:27 - 000000000 ___DC [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\MSI56AA.tmp-
2017-11-05 12:12 - 2017-11-05 12:12 - 000000000 ___DC [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\MSI56F2.tmp-
2017-10-23 23:27 - 2017-10-23 23:27 - 000000000 ___DC [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\MSI5747.tmp-
2017-11-05 12:12 - 2017-11-05 12:12 - 000000000 ___DC [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\MSI57BF.tmp-
2017-10-23 23:27 - 2017-10-23 23:27 - 000000000 ___DC [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\MSI5803.tmp-
2017-10-23 23:27 - 2017-10-23 23:27 - 000000000 ___DC [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\MSI58A1.tmp-
2017-11-05 12:12 - 2017-11-05 12:12 - 000000000 ___DC [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\MSI58CB.tmp-
2017-10-23 23:27 - 2017-10-23 23:27 - 000000000 ___DC [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\MSI593E.tmp-
2017-10-23 23:27 - 2017-10-23 23:27 - 000000000 ___DC [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\MSI5A6C.tmp-
2017-10-23 23:27 - 2017-10-23 23:27 - 000000000 ___DC [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\MSI5B38.tmp-
2017-10-23 23:27 - 2017-10-23 23:27 - 000000000 ___DC [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\MSI5BD5.tmp-
2017-10-23 23:27 - 2017-10-23 23:27 - 000000000 ___DC [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\MSI5C72.tmp-
2017-11-05 12:12 - 2017-11-05 12:12 - 000000000 ___DC [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\MSI5D55.tmp-
2017-10-23 23:27 - 2017-10-23 23:27 - 000000000 ___DC [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\MSI5D5E.tmp-
2017-10-23 23:27 - 2017-10-23 23:27 - 000000000 ___DC [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\MSI5DFB.tmp-
2017-11-05 12:12 - 2017-11-05 12:12 - 000000000 ___DC [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\MSI5E31.tmp-
2017-07-12 22:03 - 2017-07-12 22:03 - 000000000 ___DC [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\MSI5E62.tmp-
2017-07-12 22:03 - 2017-07-12 22:03 - 000000000 ___DC [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\MSI5F6C.tmp-
2017-11-05 12:12 - 2017-11-05 12:12 - 000000000 ___DC [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\MSI6007.tmp-
2016-12-19 00:33 - 2016-12-19 00:33 - 000000000 ___DC [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\MSI600E.tmp-
2017-07-12 22:03 - 2017-07-12 22:03 - 000000000 ___DC [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\MSI6087.tmp-
2017-07-12 22:03 - 2017-07-12 22:03 - 000000000 ___DC [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\MSI622D.tmp-
2017-09-09 14:48 - 2017-09-09 14:48 - 000000000 ___DC [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\MSI633.tmp-
2016-12-19 00:33 - 2016-12-19 00:33 - 000000000 ___DC [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\MSI6476.tmp-
2016-12-19 00:33 - 2016-12-19 00:33 - 000000000 ___DC [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\MSI666F.tmp-
2017-05-13 07:48 - 2017-05-13 07:48 - 000000000 ___DC [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\MSI6863.tmp-
2016-12-19 00:33 - 2016-12-19 00:33 - 000000000 ___DC [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\MSI68F1.tmp-
2016-12-19 00:33 - 2016-12-19 00:33 - 000000000 ___DC [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\MSI6A1A.tmp-
2016-12-19 00:33 - 2016-12-19 00:33 - 000000000 ___DC [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\MSI6BD1.tmp-
2016-12-19 00:33 - 2016-12-19 00:33 - 000000000 ___DC [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\MSI7037.tmp-
2017-10-23 23:28 - 2017-10-23 23:28 - 000000000 ___DC [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\MSI7155.tmp-
2017-10-23 23:28 - 2017-10-23 23:28 - 000000000 ___DC [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\MSI730C.tmp-
2017-10-23 23:28 - 2017-10-23 23:28 - 000000000 ___DC [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\MSI73F7.tmp-
2017-10-23 23:28 - 2017-10-23 23:28 - 000000000 ___DC [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\MSI74E2.tmp-
2017-10-23 23:28 - 2017-10-23 23:28 - 000000000 ___DC [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\MSI767D.tmp-
2017-06-28 00:14 - 2017-06-28 00:14 - 000000000 ___DC [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\MSI768.tmp-
2016-12-19 00:33 - 2016-12-19 00:33 - 000000000 ___DC [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\MSI788C.tmp-
2016-12-19 00:33 - 2016-12-19 00:33 - 000000000 ___DC [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\MSI7A42.tmp-
2016-12-19 00:33 - 2016-12-19 00:33 - 000000000 ___DC [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\MSI7C09.tmp-
2017-10-23 23:28 - 2017-10-23 23:28 - 000000000 ___DC [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\MSI7C4A.tmp-
2016-12-19 00:33 - 2016-12-19 00:33 - 000000000 ___DC [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\MSI7DAF.tmp-
2017-10-23 23:28 - 2017-10-23 23:28 - 000000000 ___DC [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\MSI7DD2.tmp-
2017-10-23 23:28 - 2017-10-23 23:28 - 000000000 ___DC [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\MSI7F4C.tmp-
2016-12-19 00:33 - 2016-12-19 00:33 - 000000000 ___DC [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\MSI7F57.tmp-
2017-10-23 23:28 - 2017-10-23 23:28 - 000000000 ___DC [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\MSI824C.tmp-
2017-10-23 23:28 - 2017-10-23 23:28 - 000000000 ___DC [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\MSI82F9.tmp-
2017-10-23 23:28 - 2017-10-23 23:28 - 000000000 ___DC [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\MSI83D7.tmp-
2017-05-13 07:48 - 2017-05-13 07:48 - 000000000 ___DC [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\MSI8552.tmp-
2017-10-06 06:18 - 2017-10-06 06:18 - 000000000 ___DC [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\MSI857B.tmp-
2017-10-23 23:28 - 2017-10-23 23:28 - 000000000 ___DC [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\MSI8796.tmp-
2017-10-23 23:28 - 2017-10-23 23:28 - 000000000 ___DC [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\MSI8872.tmp-
2017-10-23 23:28 - 2017-10-23 23:28 - 000000000 ___DC [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\MSI895D.tmp-
2017-05-13 07:48 - 2017-05-13 07:48 - 000000000 ___DC [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\MSI898B.tmp-
2017-10-06 06:18 - 2017-10-06 06:18 - 000000000 ___DC [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\MSI8D3D.tmp-
2017-05-13 07:48 - 2017-05-13 07:48 - 000000000 ___DC [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\MSI8E11.tmp-
2017-10-06 06:18 - 2017-10-06 06:18 - 000000000 ___DC [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\MSI8FD0.tmp-
2017-05-13 07:48 - 2017-05-13 07:48 - 000000000 ___DC [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\MSI8FE6.tmp-
2017-10-06 06:18 - 2017-10-06 06:18 - 000000000 ___DC [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\MSI9204.tmp-
2017-05-13 07:48 - 2017-05-13 07:48 - 000000000 ___DC [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\MSI922A.tmp-
2017-10-06 06:18 - 2017-10-06 06:18 - 000000000 ___DC [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\MSI9291.tmp-
2017-10-06 06:18 - 2017-10-06 06:18 - 000000000 ___DC [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\MSI933E.tmp-
2017-10-06 06:18 - 2017-10-06 06:18 - 000000000 ___DC [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\MSI93DB.tmp-
2017-05-13 07:48 - 2017-05-13 07:48 - 000000000 ___DC [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\MSI942E.tmp-
2017-10-06 06:18 - 2017-10-06 06:18 - 000000000 ___DC [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\MSI94E6.tmp-
2017-06-28 00:14 - 2017-06-28 00:14 - 000000000 ___DC [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\MSI95D.tmp-
2017-05-13 07:48 - 2017-05-13 07:48 - 000000000 ___DC [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\MSI9633.tmp-
2017-10-06 06:18 - 2017-10-06 06:18 - 000000000 ___DC [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\MSI96A0.tmp-
2017-09-09 14:48 - 2017-09-09 14:48 - 000000000 ___DC [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\MSI972.tmp-
2017-10-06 06:18 - 2017-10-06 06:18 - 000000000 ___DC [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\MSI97DA.tmp-
2017-05-13 07:48 - 2017-05-13 07:48 - 000000000 ___DC [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\MSI99D2.tmp-
2017-11-18 15:16 - 2017-11-18 15:16 - 000000000 ___DC [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\MSI9A.tmp-
2017-10-06 06:18 - 2017-10-06 06:18 - 000000000 ___DC [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\MSI9A7B.tmp-
2017-10-06 06:18 - 2017-10-06 06:18 - 000000000 ___DC [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\MSI9BA5.tmp-
2017-05-13 07:48 - 2017-05-13 07:48 - 000000000 ___DC [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\MSI9C44.tmp-
2017-01-02 15:07 - 2017-01-02 15:07 - 000000000 ___DC [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\MSI9D55.tmp-
2017-05-13 07:48 - 2017-05-13 07:48 - 000000000 ___DC [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\MSI9EA6.tmp-
2017-10-06 06:18 - 2017-10-06 06:18 - 000000000 ___DC [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\MSI9EE2.tmp-
2017-08-27 10:08 - 2017-08-27 10:08 - 000000000 ___DC [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\MSI9F5C.tmp-
2017-10-06 06:18 - 2017-10-06 06:19 - 000000000 ___DC [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\MSIA04A.tmp-
2017-05-13 07:48 - 2017-05-13 07:48 - 000000000 ___DC [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\MSIA118.tmp-
2017-01-02 15:07 - 2017-01-02 15:07 - 000000000 ___DC [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\MSIA130.tmp-
2017-06-28 00:14 - 2017-06-28 00:14 - 000000000 ___DC [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\MSIA1A.tmp-
2017-01-02 15:07 - 2017-01-02 15:07 - 000000000 ___DC [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\MSIA29D.tmp-
2017-09-09 14:48 - 2017-09-09 14:48 - 000000000 ___DC [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\MSIA2F.tmp-
2017-02-05 18:10 - 2017-02-05 18:10 - 000000000 ___DC [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\MSIA34F.tmp-
2017-01-02 15:07 - 2017-01-02 15:07 - 000000000 ___DC [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\MSIA3E6.tmp-
2017-05-13 07:48 - 2017-05-13 07:48 - 000000000 ___DC [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\MSIA4C3.tmp-
2017-01-02 15:07 - 2017-01-02 15:07 - 000000000 ___DC [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\MSIA54E.tmp-
2017-06-19 07:43 - 2017-06-19 07:43 - 000000000 ___DC [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\MSIA5F4.tmp-
2017-05-13 07:48 - 2017-05-13 07:48 - 000000000 ___DC [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\MSIA6E6.tmp-
2017-01-02 15:07 - 2017-01-02 15:07 - 000000000 ___DC [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\MSIA714.tmp-
2017-01-02 15:07 - 2017-01-02 15:07 - 000000000 ___DC [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\MSIAB5B.tmp-
2017-08-27 10:08 - 2017-08-27 10:08 - 000000000 ___DC [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\MSIAD77.tmp-
2017-06-19 07:43 - 2017-06-19 07:43 - 000000000 ___DC [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\MSIAF4C.tmp-
2017-06-19 07:43 - 2017-06-19 07:43 - 000000000 ___DC [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\MSIB152.tmp-
2017-08-27 10:08 - 2017-08-27 10:08 - 000000000 ___DC [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\MSIB356.tmp-
2017-06-19 07:43 - 2017-06-19 07:43 - 000000000 ___DC [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\MSIB3A5.tmp-
2017-02-05 18:11 - 2017-02-05 18:11 - 000000000 ___DC [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\MSIB448.tmp-
2017-06-19 07:43 - 2017-06-19 07:43 - 000000000 ___DC [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\MSIB481.tmp-
2017-01-02 15:07 - 2017-01-02 15:07 - 000000000 ___DC [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\MSIB4F8.tmp-
2017-06-19 07:43 - 2017-06-19 07:43 - 000000000 ___DC [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\MSIB5AB.tmp-
2017-09-09 14:48 - 2017-09-09 14:48 - 000000000 ___DC [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\MSIB5B.tmp-
2017-01-02 15:07 - 2017-01-02 15:07 - 000000000 ___DC [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\MSIB6FD.tmp-
2017-02-05 18:11 - 2017-02-05 18:11 - 000000000 ___DC [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\MSIB787.tmp-
2017-10-06 06:19 - 2017-10-06 06:19 - 000000000 ___DC [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\MSIB7EA.tmp-
2017-08-27 10:08 - 2017-08-27 10:08 - 000000000 ___DC [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\MSIB81A.tmp-
2017-01-02 15:07 - 2017-01-02 15:07 - 000000000 ___DC [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\MSIB921.tmp-
2017-08-27 10:08 - 2017-08-27 10:08 - 000000000 ___DC [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\MSIB924.tmp-
2017-06-19 07:43 - 2017-06-19 07:43 - 000000000 ___DC [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\MSIB945.tmp-
2017-10-06 06:19 - 2017-10-06 06:19 - 000000000 ___DC [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\MSIB991.tmp-
2017-08-27 10:08 - 2017-08-27 10:08 - 000000000 ___DC [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\MSIBAEA.tmp-
2017-10-06 06:19 - 2017-10-06 06:19 - 000000000 ___DC [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\MSIBAEA.tmp-0
2017-01-02 15:07 - 2017-01-02 15:07 - 000000000 ___DC [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\MSIBB16.tmp-
2017-06-19 07:43 - 2017-06-19 07:43 - 000000000 ___DC [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\MSIBB1B.tmp-
2017-02-05 18:11 - 2017-02-05 18:11 - 000000000 ___DC [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\MSIBB70.tmp-
2017-10-06 06:19 - 2017-10-06 06:19 - 000000000 ___DC [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\MSIBBA6.tmp-
2017-08-27 10:08 - 2017-08-27 10:08 - 000000000 ___DC [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\MSIBBE5.tmp-
2017-01-02 15:07 - 2017-01-02 15:07 - 000000000 ___DC [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\MSIBCCD.tmp-
2017-02-05 18:11 - 2017-02-05 18:11 - 000000000 ___DC [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\MSIBCF8.tmp-
2017-08-27 10:08 - 2017-08-27 10:08 - 000000000 ___DC [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\MSIBD2E.tmp-
2017-10-06 06:19 - 2017-10-06 06:19 - 000000000 ___DC [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\MSIBD40.tmp-
2017-02-05 18:11 - 2017-02-05 18:11 - 000000000 ___DC [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\MSIBECE.tmp-
2017-08-27 10:08 - 2017-08-27 10:08 - 000000000 ___DC [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\MSIBF47.tmp-
2017-06-19 07:43 - 2017-06-19 07:43 - 000000000 ___DC [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\MSIC021.tmp-
2017-02-05 18:11 - 2017-02-05 18:11 - 000000000 ___DC [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\MSIC055.tmp-
2017-08-27 10:08 - 2017-08-27 10:08 - 000000000 ___DC [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\MSIC0BF.tmp-
2017-06-19 07:43 - 2017-06-19 07:43 - 000000000 ___DC [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\MSIC14B.tmp-
2017-02-05 18:11 - 2017-02-05 18:11 - 000000000 ___DC [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\MSIC1AE.tmp-
2017-08-27 10:08 - 2017-08-27 10:08 - 000000000 ___DC [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\MSIC237.tmp-
2017-06-19 07:43 - 2017-06-19 07:43 - 000000000 ___DC [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\MSIC285.tmp-
2017-10-06 06:19 - 2017-10-06 06:19 - 000000000 ___DC [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\MSIC2CF.tmp-
2017-08-27 10:08 - 2017-08-27 10:08 - 000000000 ___DC [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\MSIC361.tmp-
2017-06-19 07:43 - 2017-06-19 07:43 - 000000000 ___DC [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\MSIC40C.tmp-
2017-10-06 06:19 - 2017-10-06 06:19 - 000000000 ___DC [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\MSIC457.tmp-
2017-02-05 18:11 - 2017-02-05 18:11 - 000000000 ___DC [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\MSIC462.tmp-
2017-06-19 07:43 - 2017-06-19 07:43 - 000000000 ___DC [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\MSIC565.tmp-
2017-10-06 06:19 - 2017-10-06 06:19 - 000000000 ___DC [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\MSIC5B2.tmp-
2017-02-05 18:11 - 2017-02-05 18:11 - 000000000 ___DC [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\MSIC5DA.tmp-
2017-02-05 18:11 - 2017-02-05 18:11 - 000000000 ___DC [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\MSIC733.tmp-
2017-09-09 14:48 - 2017-09-09 14:48 - 000000000 ___DC [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\MSIC765.tmp-
2017-10-06 06:19 - 2017-10-06 06:19 - 000000000 ___DC [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\MSIC864.tmp-
2017-02-05 18:11 - 2017-02-05 18:11 - 000000000 ___DC [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\MSIC8BB.tmp-
2017-10-06 06:19 - 2017-10-06 06:19 - 000000000 ___DC [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\MSIC8F2.tmp-
2017-05-13 07:48 - 2017-05-13 07:48 - 000000000 ___DC [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\MSIC964.tmp-
2017-10-06 06:19 - 2017-10-06 06:19 - 000000000 ___DC [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\MSIC9DF.tmp-
2017-02-05 18:11 - 2017-02-05 18:11 - 000000000 ___DC [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\MSICACF.tmp-
2017-02-05 18:11 - 2017-02-05 18:11 - 000000000 ___DC [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\MSICC57.tmp-
2017-05-13 07:48 - 2017-05-13 07:48 - 000000000 ___DC [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\MSICC72.tmp-
2017-05-13 07:48 - 2017-05-13 07:48 - 000000000 ___DC [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\MSICEB5.tmp-
2017-05-13 07:48 - 2017-05-13 07:48 - 000000000 ___DC [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\MSID06B.tmp-
2017-10-06 06:19 - 2017-10-06 06:19 - 000000000 ___DC [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\MSID2FD.tmp-
2017-09-09 14:48 - 2017-09-09 14:48 - 000000000 ___DC [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\MSID38C.tmp-
2017-10-06 06:19 - 2017-10-06 06:19 - 000000000 ___DC [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\MSID437.tmp-
2017-10-06 06:19 - 2017-10-06 06:19 - 000000000 ___DC [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\MSID532.tmp-
2017-09-09 14:48 - 2017-09-09 14:48 - 000000000 ___DC [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\MSID600.tmp-
2017-06-28 00:14 - 2017-06-28 00:14 - 000000000 ___DC [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\MSID671.tmp-
2017-09-09 14:48 - 2017-09-09 14:48 - 000000000 ___DC [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\MSID7E5.tmp-
2017-05-13 07:48 - 2017-05-13 07:48 - 000000000 ___DC [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\MSID8BB.tmp-
2017-06-19 07:43 - 2017-06-19 07:43 - 000000000 ___DC [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\MSID8BF.tmp-
2017-09-09 14:48 - 2017-09-09 14:48 - 000000000 ___DC [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\MSID8E0.tmp-
2017-09-09 14:48 - 2017-09-09 14:48 - 000000000 ___DC [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\MSIDA29.tmp-
2017-09-09 14:48 - 2017-09-09 14:48 - 000000000 ___DC [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\MSIDB34.tmp-
2017-06-19 07:43 - 2017-06-19 07:43 - 000000000 ___DC [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\MSIDB51.tmp-
2017-05-13 07:48 - 2017-05-13 07:48 - 000000000 ___DC [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\MSIDB5C.tmp-
2017-09-09 14:48 - 2017-09-09 14:48 - 000000000 ___DC [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\MSIDC2F.tmp-
2017-01-02 13:20 - 2017-01-02 13:20 - 000000000 ___DC [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\MSIDC84.tmp-
2017-06-19 07:43 - 2017-06-19 07:43 - 000000000 ___DC [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\MSIDCD8.tmp-
2017-09-09 14:48 - 2017-09-09 14:48 - 000000000 ___DC [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\MSIDD6C.tmp-
2017-08-27 10:08 - 2017-08-27 10:08 - 000000000 ___DC [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\MSIDD81.tmp-
2017-06-19 07:43 - 2017-06-19 07:43 - 000000000 ___DC [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\MSIDDD3.tmp-
2017-09-09 14:48 - 2017-09-09 14:48 - 000000000 ___DC [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\MSIDE67.tmp-
2017-06-28 00:14 - 2017-06-28 00:14 - 000000000 ___DC [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\MSIDEDE.tmp-
2017-05-13 07:48 - 2017-05-13 07:48 - 000000000 ___DC [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\MSIDEF9.tmp-
2017-09-09 14:48 - 2017-09-09 14:48 - 000000000 ___DC [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\MSIDF33.tmp-
2017-08-27 10:08 - 2017-08-27 10:08 - 000000000 ___DC [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\MSIDF66.tmp-
2017-09-09 14:48 - 2017-09-09 14:48 - 000000000 ___DC [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\MSIDFD1.tmp-
2017-08-27 10:08 - 2017-08-27 10:08 - 000000000 ___DC [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\MSIE061.tmp-
2017-09-09 14:48 - 2017-09-09 14:48 - 000000000 ___DC [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\MSIE11A.tmp-
2017-08-27 10:08 - 2017-08-27 10:08 - 000000000 ___DC [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\MSIE13D.tmp-
2017-06-28 00:14 - 2017-06-28 00:14 - 000000000 ___DC [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\MSIE22D.tmp-
2017-09-09 14:48 - 2017-09-09 14:48 - 000000000 ___DC [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\MSIE234.tmp-
2017-08-27 10:08 - 2017-08-27 10:08 - 000000000 ___DC [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\MSIE2D6.tmp-
2017-06-28 00:14 - 2017-06-28 00:14 - 000000000 ___DC [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\MSIE451.tmp-
2017-06-19 07:43 - 2017-06-19 07:43 - 000000000 ___DC [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\MSIE4AC.tmp-
2017-06-28 00:14 - 2017-06-28 00:14 - 000000000 ___DC [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\MSIE50D.tmp-
2017-06-28 00:14 - 2017-06-28 00:14 - 000000000 ___DC [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\MSIE5D9.tmp-
2017-06-28 00:14 - 2017-06-28 00:14 - 000000000 ___DC [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\MSIE6A5.tmp-
2017-06-19 07:43 - 2017-06-19 07:43 - 000000000 ___DC [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\MSIE6E0.tmp-
2017-11-18 15:16 - 2017-11-18 15:16 - 000000000 ___DC [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\MSIE714.tmp-
2017-06-28 00:14 - 2017-06-28 00:14 - 000000000 ___DC [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\MSIE772.tmp-
2017-05-13 07:48 - 2017-05-13 07:48 - 000000000 ___DC [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\MSIE805.tmp-
2017-08-27 10:08 - 2017-08-27 10:08 - 000000000 ___DC [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\MSIE875.tmp-
2017-06-19 07:43 - 2017-06-19 07:43 - 000000000 ___DC [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\MSIE8F6.tmp-
2017-06-28 00:14 - 2017-06-28 00:14 - 000000000 ___DC [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\MSIE8FD.tmp-
2017-02-05 18:11 - 2017-02-05 18:11 - 000000000 ___DC [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\MSIE984.tmp-
2017-06-28 00:14 - 2017-06-28 00:14 - 000000000 ___DC [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\MSIE9AA.tmp-
2017-05-13 07:48 - 2017-05-13 07:48 - 000000000 ___DC [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\MSIEA48.tmp-
2017-08-27 10:08 - 2017-08-27 10:08 - 000000000 ___DC [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\MSIEA4B.tmp-
2017-03-25 13:46 - 2017-03-25 13:46 - 000000000 ___DC [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\MSIEA7.tmp-
2017-06-28 00:14 - 2017-06-28 00:14 - 000000000 ___DC [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\MSIEA86.tmp-
2017-01-02 13:20 - 2017-01-02 13:20 - 000000000 ___DC [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\MSIEAFE.tmp-
2017-06-28 00:14 - 2017-06-28 00:14 - 000000000 ___DC [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\MSIEBB0.tmp-
2017-02-05 18:11 - 2017-02-05 18:11 - 000000000 ___DC [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\MSIEC06.tmp-
2017-06-28 00:14 - 2017-06-28 00:14 - 000000000 ___DC [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\MSIEC4D.tmp-
2017-06-19 07:43 - 2017-06-19 07:43 - 000000000 ___DC [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\MSIECC2.tmp-
2017-01-02 13:20 - 2017-01-02 13:20 - 000000000 ___DC [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\MSIED35.tmp-
2017-05-13 07:49 - 2017-05-13 07:49 - 000000000 ___DC [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\MSIED77.tmp-
2017-02-05 18:11 - 2017-02-05 18:11 - 000000000 ___DC [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\MSIEDAD.tmp-
2017-08-27 10:08 - 2017-08-27 10:08 - 000000000 ___DC [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\MSIEDC8.tmp-
2017-06-19 07:43 - 2017-06-19 07:43 - 000000000 ___DC [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\MSIEDEC.tmp-
2017-02-05 18:11 - 2017-02-05 18:11 - 000000000 ___DC [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\MSIEE98.tmp-
2017-06-19 07:43 - 2017-06-19 07:43 - 000000000 ___DC [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\MSIEF94.tmp-
2017-08-27 10:08 - 2017-08-27 10:08 - 000000000 ___DC [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\MSIF1A4.tmp-
2017-08-27 10:08 - 2017-08-27 10:08 - 000000000 ___DC [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\MSIF28F.tmp-
2017-11-18 15:16 - 2017-11-18 15:16 - 000000000 ___DC [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\MSIF2EC.tmp-
2017-08-27 10:08 - 2017-08-27 10:08 - 000000000 ___DC [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\MSIF3CB.tmp-
2017-06-19 07:43 - 2017-06-19 07:43 - 000000000 ___DC [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\MSIF3FD.tmp-
2017-11-18 15:16 - 2017-11-18 15:16 - 000000000 ___DC [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\MSIF512.tmp-
2017-06-19 07:43 - 2017-06-19 07:43 - 000000000 ___DC [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\MSIF518.tmp-
2017-02-05 18:11 - 2017-02-05 18:11 - 000000000 ___DC [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\MSIF5CF.tmp-
2017-06-19 07:43 - 2017-06-19 07:43 - 000000000 ___DC [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\MSIF651.tmp-
2017-05-13 07:49 - 2017-05-13 07:49 - 000000000 ___DC [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\MSIF6F1.tmp-
2017-11-18 15:16 - 2017-11-18 15:16 - 000000000 ___DC [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\MSIF717.tmp-
2017-02-05 18:11 - 2017-02-05 18:11 - 000000000 ___DC [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\MSIF757.tmp-
2017-06-19 07:43 - 2017-06-19 07:43 - 000000000 ___DC [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\MSIF7C9.tmp-
2017-11-18 15:16 - 2017-11-18 15:16 - 000000000 ___DC [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\MSIF7D3.tmp-
2017-09-09 14:48 - 2017-09-09 14:48 - 000000000 ___DC [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\MSIF89B.tmp-
2017-02-05 18:11 - 2017-02-05 18:11 - 000000000 ___DC [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\MSIF8A2.tmp-
2017-11-18 15:16 - 2017-11-18 15:16 - 000000000 ___DC [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\MSIF8CE.tmp-
2017-09-09 14:48 - 2017-09-09 14:48 - 000000000 ___DC [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\MSIF95.tmp-
2017-05-13 07:49 - 2017-05-13 07:49 - 000000000 ___DC [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\MSIF963.tmp-
2017-11-18 15:16 - 2017-11-18 15:16 - 000000000 ___DC [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\MSIF99A.tmp-
2017-09-09 14:48 - 2017-09-09 14:48 - 000000000 ___DC [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\MSIFA52.tmp-
2017-11-18 15:16 - 2017-11-18 15:16 - 000000000 ___DC [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\MSIFA57.tmp-
2017-08-27 10:08 - 2017-08-27 10:08 - 000000000 ___DC [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\MSIFB22.tmp-
2017-02-05 18:11 - 2017-02-05 18:11 - 000000000 ___DC [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\MSIFB45.tmp-
2017-09-09 14:48 - 2017-09-09 14:48 - 000000000 ___DC [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\MSIFB7C.tmp-
2017-11-18 15:16 - 2017-11-18 15:16 - 000000000 ___DC [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\MSIFBC3.tmp-
2017-05-13 07:49 - 2017-05-13 07:49 - 000000000 ___DC [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\MSIFBE5.tmp-
2017-08-27 10:08 - 2017-08-27 10:08 - 000000000 ___DC [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\MSIFBEE.tmp-
2017-02-05 18:11 - 2017-02-05 18:11 - 000000000 ___DC [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\MSIFC30.tmp-
2017-09-09 14:48 - 2017-09-09 14:48 - 000000000 ___DC [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\MSIFC57.tmp-
2017-08-27 10:08 - 2017-08-27 10:08 - 000000000 ___DC [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\MSIFCBA.tmp-
2017-11-18 15:16 - 2017-11-18 15:16 - 000000000 ___DC [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\MSIFCBE.tmp-
2017-02-05 18:11 - 2017-02-05 18:11 - 000000000 ___DC [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\MSIFD0E.tmp-
2017-09-09 14:48 - 2017-09-09 14:48 - 000000000 ___DC [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\MSIFD83.tmp-
2017-11-18 15:16 - 2017-11-18 15:16 - 000000000 ___DC [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\MSIFD8A.tmp-
2017-05-13 07:49 - 2017-05-13 07:49 - 000000000 ___DC [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\MSIFD8C.tmp-
2017-01-02 13:20 - 2017-01-02 13:20 - 000000000 ___DC [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\MSIFDA3.tmp-
2017-08-27 10:08 - 2017-08-27 10:08 - 000000000 ___DC [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\MSIFDA5.tmp-
2017-11-18 15:16 - 2017-11-18 15:16 - 000000000 ___DC [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\MSIFE47.tmp-
2017-06-28 00:14 - 2017-06-28 00:14 - 000000000 ___DC [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\MSIFE9.tmp-
2017-01-02 13:20 - 2017-01-02 13:20 - 000000000 ___DC [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\MSIFECD.tmp-
2017-11-05 12:12 - 2017-11-05 12:12 - 000000000 ___DC [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\MSIFF3.tmp-
2017-11-18 15:16 - 2017-11-18 15:16 - 000000000 ___DC [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\MSIFFDE.tmp-
2017-02-05 18:11 - 2017-02-05 18:11 - 000000000 ___DC [D41D8CD98F00B204E9800998ECF8427E] () C:\WINDOWS\Installer\MSIFFF0.tmp-
====== Ende von Folder: ======
Das System musste neu gestartet werden.
==== Ende von Fixlog 15:56:59 ====
|
|
26.11.2017, 17:44
| #14 |
| | windows10: AVIRA meldet Trojaner-FundCode:
ATTFilter HitmanPro 3.7.20.286
www.hitmanpro.com
Computer name . . . . : FREDDY_LAPTOP
Windows . . . . . . . : 10.0.0.16299.X64/4
User name . . . . . . : Freddy_Laptop\Freddy
UAC . . . . . . . . . : Enabled
License . . . . . . . : Free
Scan date . . . . . . : 2017-11-26 16:00:48
Scan mode . . . . . . : Normal
Scan duration . . . . : 2m 42s
Disk access mode . . : Direct disk access (SRB)
Cloud . . . . . . . . : Internet
Reboot . . . . . . . : No
Threats . . . . . . . : 1
Traces . . . . . . . : 2
Objects scanned . . . : 2.134.760
Files scanned . . . . : 58.393
Remnants scanned . . : 543.276 files / 1.533.091 keys
Malware _____________________________________________________________________
C:\Users\Freddy\Downloads\ComboFix [1].exe
Size . . . . . . . : 5.660.059 bytes
Age . . . . . . . : 61.3 days (2017-09-26 09:20:45)
Entropy . . . . . : 8.0
SHA-256 . . . . . : 585769B278EF6C3F376C1D02B132BABAB059FA5C36F8171875757982277BA29E
Product . . . . . : ComboFix
Publisher . . . . : Swearware
Description . . . : ComboFix NSIS Installer
Version . . . . . : 17.05.04.01
Copyright . . . . : sUBs
LanguageID . . . . : 1033
> HitmanPro . . . . : App/NirCmd-Gen
Fuzzy . . . . . . : 103.0
Suspicious files ____________________________________________________________
C:\Users\Freddy\Desktop\Trojan\Programme\FRST64.exe
Size . . . . . . . : 2.393.088 bytes
Age . . . . . . . : 60.8 days (2017-09-26 19:48:18)
Entropy . . . . . : 7.6
SHA-256 . . . . . : 471B21CC0F3176EF6CCAA1CA1D90CF8AFDF6D41129CA2385B39CC7B1631E64AA
Needs elevation . : Yes
Fuzzy . . . . . . : 22.0
Program has no publisher information but prompts the user for permission elevation.
Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
Authors name is missing in version info. This is not common to most programs.
Version control is missing. This file is probably created by an individual. This is not typical for most programs.
FRST Logfile: Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 24-11-2017 01
durchgeführt von Freddy (Administrator) auf FREDDY_LAPTOP (26-11-2017 17:10:41)
Gestartet von C:\Users\Freddy\Desktop\Trojan\Programme
Geladene Profile: Freddy & Lydia (Verfügbare Profile: Freddy & Lydia)
Platform: Windows 10 Home Version 1709 16299.64 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: IE)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avguard.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Seiko Epson Corporation) C:\Windows\System32\escsvc64.exe
(Intel Corporation) C:\Windows\System32\ibtsiva.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Geek Software GmbH) C:\Program Files (x86)\PDF24\pdf24.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgr.exe
(Sony Corporation) C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgrSub.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgrSub.exe
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\SUSSoundProxy.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation) C:\Program Files\internet explorer\iexplore.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkClient.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VAIOTM\VTSvc.exe
(Sony Corporation) C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Sony Corporation) C:\Program Files\Sony\NFC Connection Utility\NFCConnectionUtility.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avshadow.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VAIOTM\VTUsr.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VAIO Clip.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avgnt.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Update\VUAgent.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Sony Corporation) C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\vim.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCSystemTray.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\vim.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCService.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCAgent.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_11710.1001.27.0_x64__8wekyb3d8bbwe\WinStore.App.exe
() C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.17092.13511.0_x64__8wekyb3d8bbwe\Video.UI.exe
() C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1710.2791.0_x64__8wekyb3d8bbwe\Calculator.exe
() C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.39091.16340.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
==================== Registry (Nicht auf der Ausnahmeliste) ===========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [630168 2017-09-29] (Microsoft Corporation)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3954368 2015-09-21] (Synaptics Incorporated)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Beschränkung <==== ACHTUNG
HKU\S-1-5-21-3483465479-2191358556-2575146349-1006\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [519680 2017-09-29] (Microsoft Corporation)
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{0a976dfa-6aa2-4604-8b44-ed8d20d585f6}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{459b27b5-d66e-418e-b849-9d691fb37683}: [DhcpNameServer] 192.168.178.1
Internet Explorer:
==================
HKU\S-1-5-21-3483465479-2191358556-2575146349-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.gmx.net/
HKU\S-1-5-21-3483465479-2191358556-2575146349-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://sony13.msn.com
HKU\S-1-5-21-3483465479-2191358556-2575146349-1006\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://sony13.msn.com/
HKU\S-1-5-21-3483465479-2191358556-2575146349-1006\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://sony13.msn.com
HKU\S-1-5-21-3483465479-2191358556-2575146349-1006\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://vaioportal.sony.eu
SearchScopes: HKU\S-1-5-21-3483465479-2191358556-2575146349-1001 -> {6A8CC696-3745-4668-A38E-46E567058A8B} URL = hxxp://de.wikipedia.org/w/index.php?title=Spezial:Suche&search={searchTerms}
SearchScopes: HKU\S-1-5-21-3483465479-2191358556-2575146349-1001 -> {84F8B878-A832-4C05-9E3F-BB52FAD57D4C} URL = hxxp://rover.ebay.com/rover/1/707-37276-16609-27/4?mpre=hxxp://shop.ebay.de/?oemInLn=ieSrch-&_nkw={searchTerms}
SearchScopes: HKU\S-1-5-21-3483465479-2191358556-2575146349-1006 -> DefaultScope {7D2DB5E3-550E-4789-AF3D-0310D1B49015} URL = hxxps://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?}
SearchScopes: HKU\S-1-5-21-3483465479-2191358556-2575146349-1006 -> {34522099-79B0-470C-8991-AC60FF3669A8} URL = hxxp://rover.ebay.com/rover/1/707-37276-16609-27/4?mpre=hxxp://shop.ebay.de/?oemInLn=ieSrch-&_nkw={searchTerms}
SearchScopes: HKU\S-1-5-21-3483465479-2191358556-2575146349-1006 -> {7D2DB5E3-550E-4789-AF3D-0310D1B49015} URL = hxxps://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?}
SearchScopes: HKU\S-1-5-21-3483465479-2191358556-2575146349-1006 -> {D0A1E2D0-6B30-477B-B307-518A739289E9} URL = hxxp://de.wikipedia.org/w/index.php?title=Spezial:Suche&search={searchTerms}
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO: Easy Photo Print -> {9421DD08-935F-4701-A9CA-22DF90AC4EA6} -> C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll [2015-07-31] (Seiko Epson Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: E-Web Print -> {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} -> C:\Program Files (x86)\Epson Software\E-Web Print\ewps_tb.dll [2014-11-27] (SEIKO EPSON CORPORATION)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_131\bin\ssv.dll [2017-04-30] (Oracle Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_131\bin\jp2ssv.dll [2017-04-30] (Oracle Corporation)
Toolbar: HKLM - Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll [2015-07-31] (Seiko Epson Corporation)
Toolbar: HKLM-x32 - E-Web Print - {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} - C:\Program Files (x86)\Epson Software\E-Web Print\ewps_tb.dll [2014-11-27] (SEIKO EPSON CORPORATION)
DPF: HKLM-x32 {5AE58FCF-6F6A-49B2-B064-02492C66E3F4} hxxp://catalog.update.microsoft.com/v7/site/ClientControl/en/x86/MuCatalogWebControl.cab?1481937349192
FireFox:
========
FF Plugin: @java.com/DTPlugin,version=10.13.2 -> C:\WINDOWS\system32\npDeployJava1.dll [2013-08-08] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\Program Files\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=3.5.20 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-04-02] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-04-02] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.131.2 -> C:\Program Files (x86)\Java\jre1.8.0_131\bin\dtplugin\npDeployJava1.dll [2017-04-30] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.131.2 -> C:\Program Files (x86)\Java\jre1.8.0_131\bin\plugin2\npjp2.dll [2017-04-30] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\Program Files (x86)\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2017-11-01] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3483465479-2191358556-2575146349-1001: intel.com/AppUp -> C:\Program Files (x86)\Intel\IntelAppStore\bin\npAppUp.dll [2013-02-19] (Intel)
FF Plugin HKU\S-1-5-21-3483465479-2191358556-2575146349-1001: intel.com/AppUpx64 -> C:\Program Files (x86)\Intel\IntelAppStore\bin\npAppUp_x64.dll [2013-02-19] (Intel)
==================== Dienste (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
S2 AntiVirMailService; C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe [1128944 2017-11-18] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\Antivirus\sched.exe [490968 2017-11-18] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\Antivirus\avguard.exe [490968 2017-11-18] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe [1526832 2017-11-18] (Avira Operations GmbH & Co. KG)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2017-10-11] (Apple Inc.)
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [413592 2017-11-02] (Avira Operations GmbH & Co. KG)
R2 EpsonScanSvc; C:\WINDOWS\system32\EscSvc64.exe [144560 2012-05-17] (Seiko Epson Corporation)
R2 igfxCUIService2.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [373744 2016-11-01] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [731648 2013-02-13] (Intel(R) Corporation) [Datei ist nicht signiert]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [820184 2013-02-13] (Intel(R) Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-04-02] (Intel Corporation)
R2 Intel(R) Wireless Bluetooth(R) 4.0 Radio Management; C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe [157128 2013-09-27] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-04-02] (Intel Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6234056 2017-11-01] (Malwarebytes)
S3 McAWFwk; C:\Program Files\Common Files\mcafee\actwiz\McAWFwk.exe [334608 2013-07-24] (McAfee, Inc.)
S3 NetworkSupport; C:\Program Files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkSupport.exe [629336 2013-09-28] (Sony Corporation)
R2 PDF24; C:\Program Files (x86)\PDF24\pdf24.exe [217736 2016-12-20] (Geek Software GmbH)
R2 PMBDeviceInfoProvider; C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe [481304 2013-11-21] (Sony Corporation)
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [255168 2015-09-21] (Synaptics Incorporated)
R2 VCFw; C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [972000 2013-01-06] (Sony Corporation)
R3 VUAgent; C:\Program Files\Sony\VAIO Update\vuagent.exe [1656600 2016-03-31] (Sony Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [355304 2017-09-29] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [105944 2017-09-29] (Microsoft Corporation)
R2 ibtsiva; %SystemRoot%\system32\ibtsiva [X]
===================== Treiber (Nicht auf der Ausnahmeliste) ======================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R0 avdevprot; C:\WINDOWS\System32\DRIVERS\avdevprot.sys [60920 2017-06-20] (Avira Operations GmbH & Co. KG)
R2 avgntflt; C:\WINDOWS\System32\DRIVERS\avgntflt.sys [176224 2017-10-07] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [167464 2017-09-05] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\WINDOWS\system32\DRIVERS\avkmgr.sys [44488 2017-03-31] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\WINDOWS\system32\DRIVERS\avnetflt.sys [88488 2017-03-31] (Avira Operations GmbH & Co. KG)
R0 avusbflt; C:\WINDOWS\System32\Drivers\avusbflt.sys [38048 2017-06-20] (Avira Operations GmbH & Co. KG)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [77432 2017-11-01] ()
R3 ibtusb; C:\WINDOWS\system32\DRIVERS\ibtusb.sys [230656 2016-12-12] (Intel Corporation)
R0 IntelHSWPcc; C:\WINDOWS\System32\drivers\IntelPcc.sys [77992 2013-11-28] (Intel Corporation)
S3 ISCT; C:\WINDOWS\System32\drivers\ISCTD64.sys [46568 2013-04-15] ()
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [193464 2017-11-25] (Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\system32\DRIVERS\farflt.sys [110016 2017-11-26] (Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [46008 2017-11-26] (Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [253880 2017-11-26] (Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [94144 2017-11-26] (Malwarebytes)
R3 MEIx64; C:\WINDOWS\system32\DRIVERS\TeeDriverx64.sys [99288 2013-12-19] (Intel Corporation)
R3 NETwNb64; C:\WINDOWS\system32\DRIVERS\Netwbw02.sys [3525896 2016-11-09] (Intel Corporation)
S3 rtux64w10; C:\WINDOWS\System32\drivers\rtux64w10.sys [354624 2016-08-07] (Realtek )
R3 SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [51392 2015-09-21] (Synaptics Incorporated)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44608 2017-09-29] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [309144 2017-09-29] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [119192 2017-09-29] (Microsoft Corporation)
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2017-11-26 16:05 - 2017-11-26 16:05 - 000000000 ____D C:\Users\Freddy\AppData\Local\ESET
2017-11-26 16:00 - 2017-11-26 16:03 - 000000000 ____D C:\ProgramData\HitmanPro
2017-11-25 15:35 - 2017-11-26 15:57 - 000253880 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2017-11-25 15:35 - 2017-11-26 15:57 - 000110016 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2017-11-25 15:35 - 2017-11-26 15:57 - 000094144 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2017-11-25 15:35 - 2017-11-26 15:57 - 000046008 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2017-11-25 15:35 - 2017-11-25 15:35 - 000193464 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2017-11-25 15:35 - 2017-11-25 15:35 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2017-11-25 15:35 - 2017-11-25 15:35 - 000000000 ____D C:\ProgramData\Malwarebytes
2017-11-25 15:35 - 2017-11-25 15:35 - 000000000 ____D C:\Program Files\Malwarebytes
2017-11-25 15:35 - 2017-11-01 08:54 - 000077432 _____ C:\WINDOWS\system32\Drivers\mbae64.sys
2017-11-25 15:29 - 2017-11-25 15:33 - 000000000 ____D C:\AdwCleaner
2017-11-19 14:29 - 2017-10-25 10:11 - 017083904 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramCompositor.dll
2017-11-19 14:29 - 2017-10-25 10:11 - 000336896 _____ (Microsoft Corporation) C:\WINDOWS\system32\HolographicRuntimes.dll
2017-11-19 14:29 - 2017-10-25 10:09 - 021753344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Hydrogen.dll
2017-11-19 14:29 - 2017-10-25 09:57 - 000956416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Spectrum.exe
2017-11-19 14:29 - 2017-10-25 09:57 - 000882688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Mirage.Internal.dll
2017-11-19 14:29 - 2017-10-25 09:56 - 000665600 _____ (Microsoft Corporation) C:\WINDOWS\system32\DHolographicDisplay.dll
2017-11-19 14:29 - 2017-10-25 07:36 - 000618496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Mirage.Internal.dll
2017-11-19 14:29 - 2017-10-25 05:41 - 000362176 _____ (Microsoft Corporation) C:\WINDOWS\system32\BioIso.exe
2017-11-19 14:29 - 2017-10-25 05:40 - 001634288 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2017-11-19 14:29 - 2017-10-25 05:40 - 000612760 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2017-11-19 14:29 - 2017-10-25 05:40 - 000269696 _____ C:\WINDOWS\system32\FaceProcessorCore.dll
2017-11-19 14:29 - 2017-10-25 05:39 - 007831248 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10warp.dll
2017-11-19 14:29 - 2017-10-25 05:39 - 000479912 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64win.dll
2017-11-19 14:29 - 2017-10-25 05:39 - 000285080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2017-11-19 14:29 - 2017-10-25 05:37 - 001954048 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2017-11-19 14:29 - 2017-10-25 05:37 - 000610712 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2017-11-19 14:29 - 2017-10-25 05:36 - 008590744 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2017-11-19 14:29 - 2017-10-25 05:36 - 002400664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2017-11-19 14:29 - 2017-10-25 05:36 - 000187288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2017-11-19 14:29 - 2017-10-25 05:34 - 002573208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2017-11-19 14:29 - 2017-10-25 05:34 - 000839928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Perception.Stub.dll
2017-11-19 14:29 - 2017-10-25 05:34 - 000710920 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2017-11-19 14:29 - 2017-10-25 05:32 - 000559512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2017-11-19 14:29 - 2017-10-25 05:32 - 000147864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wcifs.sys
2017-11-19 14:29 - 2017-10-25 05:31 - 000436120 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostCommon.dll
2017-11-19 14:29 - 2017-10-25 05:31 - 000045464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storufs.sys
2017-11-19 14:29 - 2017-10-25 05:30 - 004487968 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2017-11-19 14:29 - 2017-10-25 05:30 - 000555416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2017-11-19 14:29 - 2017-10-25 05:29 - 002269080 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsrcsnk.dll
2017-11-19 14:29 - 2017-10-25 05:29 - 001507736 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2017-11-19 14:29 - 2017-10-25 05:29 - 000603920 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2017-11-19 14:29 - 2017-10-25 05:28 - 001170008 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2017-11-19 14:29 - 2017-10-25 05:27 - 006791472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2017-11-19 14:29 - 2017-10-25 05:27 - 001970520 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
2017-11-19 14:29 - 2017-10-25 05:27 - 001426152 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2017-11-19 14:29 - 2017-10-25 05:27 - 000374032 _____ (Microsoft Corporation) C:\WINDOWS\system32\vac.exe
2017-11-19 14:29 - 2017-10-25 05:24 - 000428952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2017-11-19 14:29 - 2017-10-25 05:20 - 002717392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2017-11-19 14:29 - 2017-10-25 04:52 - 001615720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2017-11-19 14:29 - 2017-10-25 04:50 - 001528904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2017-11-19 14:29 - 2017-10-25 04:36 - 025246208 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2017-11-19 14:29 - 2017-10-25 04:30 - 005615968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10warp.dll
2017-11-19 14:29 - 2017-10-25 04:30 - 000354200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudExperienceHostCommon.dll
2017-11-19 14:29 - 2017-10-25 04:28 - 004648528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2017-11-19 14:29 - 2017-10-25 04:28 - 001246432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
2017-11-19 14:29 - 2017-10-25 04:28 - 000982016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2017-11-19 14:29 - 2017-10-25 04:27 - 001454568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsrcsnk.dll
2017-11-19 14:29 - 2017-10-25 04:27 - 001377080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll
2017-11-19 14:29 - 2017-10-25 04:27 - 001015008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2017-11-19 14:29 - 2017-10-25 04:24 - 000506256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Perception.Stub.dll
2017-11-19 14:29 - 2017-10-25 04:22 - 006015200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2017-11-19 14:29 - 2017-10-25 04:22 - 002465848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2017-11-19 14:29 - 2017-10-25 04:19 - 003670016 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2017-11-19 14:29 - 2017-10-25 04:19 - 000097792 _____ C:\WINDOWS\system32\runexehelper.exe
2017-11-19 14:29 - 2017-10-25 04:18 - 000975872 _____ C:\WINDOWS\system32\FaceProcessor.dll
2017-11-19 14:29 - 2017-10-25 04:18 - 000328192 _____ (Microsoft Corporation) C:\WINDOWS\system32\AcGenral.dll
2017-11-19 14:29 - 2017-10-25 04:18 - 000301056 _____ (Microsoft Corporation) C:\WINDOWS\system32\AcLayers.dll
2017-11-19 14:29 - 2017-10-25 04:18 - 000135168 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_CapabilityAccess.dll
2017-11-19 14:29 - 2017-10-25 04:18 - 000095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\CapabilityAccessManagerClient.dll
2017-11-19 14:29 - 2017-10-25 04:18 - 000056320 _____ (Microsoft Corporation) C:\WINDOWS\system32\AcSpecfc.dll
2017-11-19 14:29 - 2017-10-25 04:16 - 023658496 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2017-11-19 14:29 - 2017-10-25 04:16 - 000227328 _____ (Microsoft Corporation) C:\WINDOWS\system32\CapabilityAccessManager.dll
2017-11-19 14:29 - 2017-10-25 04:16 - 000114688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\UcmCx.sys
2017-11-19 14:29 - 2017-10-25 04:16 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzres.dll
2017-11-19 14:29 - 2017-10-25 04:15 - 000140800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2017-11-19 14:29 - 2017-10-25 04:14 - 000541184 _____ (Microsoft Corporation) C:\WINDOWS\system32\HolographicExtensions.dll
2017-11-19 14:29 - 2017-10-25 04:14 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdrleakdiag.exe
2017-11-19 14:29 - 2017-10-25 04:13 - 013655552 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2017-11-19 14:29 - 2017-10-25 04:13 - 002972672 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
2017-11-19 14:29 - 2017-10-25 04:12 - 001015296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2017-11-19 14:29 - 2017-10-25 04:12 - 000708096 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2017-11-19 14:29 - 2017-10-25 04:12 - 000599040 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2017-11-19 14:29 - 2017-10-25 04:12 - 000568832 _____ (Microsoft Corporation) C:\WINDOWS\system32\TileDataRepository.dll
2017-11-19 14:29 - 2017-10-25 04:11 - 000768512 _____ (Microsoft Corporation) C:\WINDOWS\system32\PCPKsp.dll
2017-11-19 14:29 - 2017-10-25 04:10 - 008099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2017-11-19 14:29 - 2017-10-25 04:10 - 004742144 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2017-11-19 14:29 - 2017-10-25 04:10 - 001167360 _____ (Microsoft Corporation) C:\WINDOWS\system32\ISM.dll
2017-11-19 14:29 - 2017-10-25 04:09 - 002862080 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2017-11-19 14:29 - 2017-10-25 04:09 - 002106368 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2017-11-19 14:29 - 2017-10-25 04:09 - 001806336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.dll
2017-11-19 14:29 - 2017-10-25 04:09 - 000812032 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2017-11-19 14:29 - 2017-10-25 04:08 - 002905600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2017-11-19 14:29 - 2017-10-25 04:08 - 002781696 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2017-11-19 14:29 - 2017-10-25 04:08 - 002633216 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2017-11-19 14:29 - 2017-10-25 04:08 - 002392576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcGenral.dll
2017-11-19 14:29 - 2017-10-25 04:08 - 001667584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Input.Inking.dll
2017-11-19 14:29 - 2017-10-25 04:08 - 000654848 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2017-11-19 14:29 - 2017-10-25 04:08 - 000487424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcSpecfc.dll
2017-11-19 14:29 - 2017-10-25 04:08 - 000465408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2017-11-19 14:29 - 2017-10-25 04:07 - 018914304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2017-11-19 14:29 - 2017-10-25 04:07 - 003478016 _____ (Microsoft Corporation) C:\WINDOWS\system32\mispace.dll
2017-11-19 14:29 - 2017-10-25 04:07 - 001485824 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2017-11-19 14:29 - 2017-10-25 04:07 - 000685056 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2017-11-19 14:29 - 2017-10-25 04:07 - 000372224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcLayers.dll
2017-11-19 14:29 - 2017-10-25 04:07 - 000064512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CapabilityAccessManagerClient.dll
2017-11-19 14:29 - 2017-10-25 04:06 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tzres.dll
2017-11-19 14:29 - 2017-10-25 04:05 - 019339776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2017-11-19 14:29 - 2017-10-25 04:05 - 000106496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2017-11-19 14:29 - 2017-10-25 04:05 - 000022528 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdtcVSp1res.dll
2017-11-19 14:29 - 2017-10-25 04:04 - 000124928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\luafv.sys
2017-11-19 14:29 - 2017-10-25 04:04 - 000041984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdrleakdiag.exe
2017-11-19 14:29 - 2017-10-25 04:03 - 000450048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TileDataRepository.dll
2017-11-19 14:29 - 2017-10-25 04:02 - 000591872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PCPKsp.dll
2017-11-19 14:29 - 2017-10-25 04:01 - 012687360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2017-11-19 14:29 - 2017-10-25 04:01 - 000462848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2017-11-19 14:29 - 2017-10-25 03:59 - 003679232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2017-11-19 14:29 - 2017-10-25 03:59 - 000664576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2017-11-19 14:29 - 2017-10-25 03:58 - 002467840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2017-11-19 14:29 - 2017-10-25 03:58 - 001322496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Input.Inking.dll
2017-11-19 14:29 - 2017-10-25 03:58 - 001280000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Speech.dll
2017-11-19 14:29 - 2017-10-25 03:57 - 006035968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2017-11-19 14:29 - 2017-10-25 03:55 - 002864640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mispace.dll
2017-11-19 14:29 - 2017-10-25 03:54 - 000022528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msdtcVSp1res.dll
2017-11-19 14:29 - 2017-10-21 13:25 - 003313968 _____ C:\WINDOWS\system32\Windows.Mirage.dll
2017-11-19 14:29 - 2017-10-20 15:17 - 002474584 _____ C:\WINDOWS\SysWOW64\Windows.Mirage.dll
2017-11-19 14:29 - 2017-10-20 06:08 - 000339968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msexcl40.dll
2017-11-18 15:16 - 2017-11-18 15:16 - 000001193 _____ C:\Users\Public\Desktop\Avira.lnk
2017-11-18 09:24 - 2017-11-18 09:24 - 000000000 ____D C:\Users\Freddy\Documents\Telenot
2017-11-18 09:24 - 2017-11-18 09:24 - 000000000 ____D C:\Users\Freddy\AppData\Roaming\SumatraPDF
2017-11-18 09:24 - 2017-11-18 09:24 - 000000000 ____D C:\Users\Freddy\AppData\Local\Telenot
2017-11-18 09:24 - 2017-11-18 09:24 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Telenot
2017-11-18 09:24 - 2017-11-18 09:24 - 000000000 ____D C:\Program Files (x86)\Telenot
2017-11-11 15:31 - 2017-11-19 14:59 - 000000600 _____ C:\Users\Freddy\AppData\Local\PUTTY.RND
2017-11-11 15:06 - 2017-11-11 15:06 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud
2017-11-11 15:05 - 2017-11-11 15:05 - 000001816 _____ C:\Users\Public\Desktop\iTunes.lnk
2017-11-11 15:05 - 2017-11-11 15:05 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2017-11-11 15:05 - 2017-11-11 15:05 - 000000000 ____D C:\Program Files\iTunes
2017-11-11 15:05 - 2017-11-11 15:05 - 000000000 ____D C:\Program Files\iPod
2017-11-11 14:47 - 2017-11-11 14:47 - 000002395 _____ C:\Users\Freddy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Etcher.lnk
2017-11-11 14:47 - 2017-11-11 14:47 - 000000000 ____D C:\Users\Freddy\AppData\Roaming\etcher
2017-11-11 14:17 - 2017-11-18 15:45 - 000000000 ____D C:\Users\Freddy\Desktop\Raspberry
2017-11-06 08:25 - 2017-11-18 16:16 - 000000000 ____D C:\WINDOWS\Minidump
2017-11-05 16:49 - 2017-11-05 17:57 - 000000000 ____D C:\Users\Freddy\AppData\Roaming\vlc
2017-11-05 16:49 - 2017-11-05 16:49 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2017-11-05 16:49 - 2017-11-05 16:49 - 000000000 ____D C:\Program Files (x86)\VideoLAN
2017-10-28 11:11 - 2017-10-28 11:11 - 000000000 ____D C:\ProgramData\Microsoft OneDrive
2017-10-28 11:10 - 2017-10-28 11:10 - 000000000 ___HD C:\Users\Freddy\MicrosoftEdgeBackups
2017-10-28 11:09 - 2017-10-28 11:09 - 000000020 ___SH C:\Users\Freddy\ntuser.ini
2017-10-28 11:09 - 2017-10-28 11:09 - 000000000 ___RD C:\Users\Freddy\3D Objects
2017-10-28 11:09 - 2017-10-28 11:09 - 000000000 ____D C:\Users\WDAGUtilityAccount\AppData\Local\Packages
2017-10-28 11:09 - 2017-10-28 11:09 - 000000000 ____D C:\Users\WDAGUtilityAccount
2017-10-28 10:21 - 2017-11-11 14:57 - 000000000 ____D C:\Windows.old
2017-10-28 09:43 - 2017-10-28 09:43 - 000000000 ____D C:\ProgramData\USOShared
2017-10-28 09:37 - 2017-11-26 16:01 - 002213490 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-10-28 09:35 - 2017-11-26 16:39 - 000000000 ____D C:\WINDOWS\System32\Tasks\OfficeSoftwareProtectionPlatform
2017-10-28 09:35 - 2017-11-26 15:57 - 000004170 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{66960764-C7A5-4C4F-8DA1-5400FDCC99F3}
2017-10-28 09:35 - 2017-11-26 15:57 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-10-28 09:35 - 2017-11-18 09:16 - 000004562 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2017-10-28 09:35 - 2017-11-05 12:12 - 000003208 _____ C:\WINDOWS\System32\Tasks\Avira SystrayStartTrigger
2017-10-28 09:35 - 2017-11-03 06:33 - 000003376 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3483465479-2191358556-2575146349-1001
2017-10-28 09:35 - 2017-10-28 09:43 - 000003374 _____ C:\WINDOWS\System32\Tasks\Avira_Antivirus_Systray
2017-10-28 09:35 - 2017-10-28 09:36 - 000011433 _____ C:\WINDOWS\diagwrn.xml
2017-10-28 09:35 - 2017-10-28 09:36 - 000011433 _____ C:\WINDOWS\diagerr.xml
2017-10-28 09:35 - 2017-10-28 09:35 - 000014400 _____ C:\WINDOWS\System32\Tasks\CoolKiller
2017-10-28 09:35 - 2017-10-28 09:35 - 000004018 _____ C:\WINDOWS\System32\Tasks\Clientlizenzdienst(ClipSVC)Mobile
2017-10-28 09:35 - 2017-10-28 09:35 - 000003498 _____ C:\WINDOWS\System32\Tasks\EPSON XP-520 Series Update {AA49A6FF-529B-4F6B-95BC-379A9FC14BB3}
2017-10-28 09:35 - 2017-10-28 09:35 - 000003498 _____ C:\WINDOWS\System32\Tasks\EPSON XP-520 Series Update {6B85294F-9774-45F0-A6EF-A7293D977B0D}
2017-10-28 09:35 - 2017-10-28 09:35 - 000003310 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{842A7FC2-BB01-4A85-A21F-8AF989AD34AA}
2017-10-28 09:35 - 2017-10-28 09:35 - 000003310 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{2606E4CA-31AC-4BC1-B652-80BFFB987F3E}
2017-10-28 09:35 - 2017-10-28 09:35 - 000002990 _____ C:\WINDOWS\System32\Tasks\updater
2017-10-28 09:35 - 2017-10-28 09:35 - 000002860 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3483465479-2191358556-2575146349-1006
2017-10-28 09:35 - 2017-10-28 09:35 - 000002752 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3483465479-2191358556-2575146349-1001
2017-10-28 09:35 - 2017-10-28 09:35 - 000002318 _____ C:\WINDOWS\System32\Tasks\CreateChoiceProcessTask
2017-10-28 09:35 - 2017-10-28 09:35 - 000000000 ____D C:\WINDOWS\System32\Tasks\Sony Corporation
2017-10-28 09:35 - 2017-10-28 09:35 - 000000000 ____D C:\WINDOWS\System32\Tasks\Apple
2017-10-28 09:30 - 2017-10-28 09:30 - 000001576 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2017-10-28 09:28 - 2017-10-28 11:56 - 000000000 ____D C:\Users\Freddy\AppData\Local\Packages
2017-10-28 09:28 - 2017-10-28 09:28 - 000000000 ____D C:\Users\Lydia.Freddy_Laptop.000\AppData\Local\Packages
2017-10-28 09:27 - 2017-11-06 08:25 - 000000000 ____D C:\Users\Freddy
2017-10-28 09:27 - 2017-11-05 17:01 - 000000000 ____D C:\Users\Lydia.Freddy_Laptop.000
2017-10-28 09:27 - 2017-10-28 09:27 - 000000000 _SHDL C:\Users\Lydia.Freddy_Laptop.000\Vorlagen
2017-10-28 09:27 - 2017-10-28 09:27 - 000000000 _SHDL C:\Users\Lydia.Freddy_Laptop.000\Startmenü
2017-10-28 09:27 - 2017-10-28 09:27 - 000000000 _SHDL C:\Users\Lydia.Freddy_Laptop.000\Netzwerkumgebung
2017-10-28 09:27 - 2017-10-28 09:27 - 000000000 _SHDL C:\Users\Lydia.Freddy_Laptop.000\Lokale Einstellungen
2017-10-28 09:27 - 2017-10-28 09:27 - 000000000 _SHDL C:\Users\Lydia.Freddy_Laptop.000\Eigene Dateien
2017-10-28 09:27 - 2017-10-28 09:27 - 000000000 _SHDL C:\Users\Lydia.Freddy_Laptop.000\Druckumgebung
2017-10-28 09:27 - 2017-10-28 09:27 - 000000000 _SHDL C:\Users\Lydia.Freddy_Laptop.000\Documents\Eigene Videos
2017-10-28 09:27 - 2017-10-28 09:27 - 000000000 _SHDL C:\Users\Lydia.Freddy_Laptop.000\Documents\Eigene Musik
2017-10-28 09:27 - 2017-10-28 09:27 - 000000000 _SHDL C:\Users\Lydia.Freddy_Laptop.000\Documents\Eigene Bilder
2017-10-28 09:27 - 2017-10-28 09:27 - 000000000 _SHDL C:\Users\Lydia.Freddy_Laptop.000\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2017-10-28 09:27 - 2017-10-28 09:27 - 000000000 _SHDL C:\Users\Lydia.Freddy_Laptop.000\AppData\Local\Verlauf
2017-10-28 09:27 - 2017-10-28 09:27 - 000000000 _SHDL C:\Users\Lydia.Freddy_Laptop.000\AppData\Local\Anwendungsdaten
2017-10-28 09:27 - 2017-10-28 09:27 - 000000000 _SHDL C:\Users\Lydia.Freddy_Laptop.000\Anwendungsdaten
2017-10-28 09:27 - 2017-10-28 09:27 - 000000000 _SHDL C:\Users\Freddy\Vorlagen
2017-10-28 09:27 - 2017-10-28 09:27 - 000000000 _SHDL C:\Users\Freddy\Startmenü
2017-10-28 09:27 - 2017-10-28 09:27 - 000000000 _SHDL C:\Users\Freddy\Netzwerkumgebung
2017-10-28 09:27 - 2017-10-28 09:27 - 000000000 _SHDL C:\Users\Freddy\Lokale Einstellungen
2017-10-28 09:27 - 2017-10-28 09:27 - 000000000 _SHDL C:\Users\Freddy\Eigene Dateien
2017-10-28 09:27 - 2017-10-28 09:27 - 000000000 _SHDL C:\Users\Freddy\Druckumgebung
2017-10-28 09:27 - 2017-10-28 09:27 - 000000000 _SHDL C:\Users\Freddy\Documents\Eigene Videos
2017-10-28 09:27 - 2017-10-28 09:27 - 000000000 _SHDL C:\Users\Freddy\Documents\Eigene Musik
2017-10-28 09:27 - 2017-10-28 09:27 - 000000000 _SHDL C:\Users\Freddy\Documents\Eigene Bilder
2017-10-28 09:27 - 2017-10-28 09:27 - 000000000 _SHDL C:\Users\Freddy\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2017-10-28 09:27 - 2017-10-28 09:27 - 000000000 _SHDL C:\Users\Freddy\AppData\Local\Verlauf
2017-10-28 09:27 - 2017-10-28 09:27 - 000000000 _SHDL C:\Users\Freddy\AppData\Local\Anwendungsdaten
2017-10-28 09:27 - 2017-10-28 09:27 - 000000000 _SHDL C:\Users\Freddy\Anwendungsdaten
2017-10-28 09:27 - 2016-11-01 23:05 - 000103952 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.DLL
2017-10-28 09:27 - 2016-11-01 23:05 - 000099848 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.DLL
2017-10-28 09:26 - 2017-09-29 14:41 - 002241024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2017-10-28 09:24 - 2017-11-26 15:53 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2017-10-28 09:24 - 2017-11-19 21:02 - 000416528 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2017-10-28 08:58 - 2017-10-07 17:06 - 000176224 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avgntflt.sys
2017-10-28 08:58 - 2017-09-05 23:18 - 000167464 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avipbb.sys
2017-10-28 08:58 - 2017-06-20 09:41 - 000060920 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avdevprot.sys
2017-10-28 08:58 - 2017-06-20 09:41 - 000038048 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avusbflt.sys
2017-10-28 08:58 - 2017-03-31 06:37 - 000088488 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avnetflt.sys
2017-10-28 08:58 - 2017-03-31 06:37 - 000044488 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avkmgr.sys
2017-10-28 08:57 - 2017-10-28 10:21 - 000000000 ____D C:\WINDOWS\system32\config\bbimigrate
2017-10-28 08:53 - 2017-10-28 08:57 - 000000000 ____D C:\WINDOWS\ServiceProfiles
2017-10-28 08:49 - 2017-10-28 08:49 - 005906264 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll
2017-10-28 08:49 - 2017-10-28 08:49 - 003334144 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2017-10-28 08:49 - 2017-10-28 08:49 - 002869248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2017-10-28 08:49 - 2017-10-28 08:49 - 001856000 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2017-10-28 08:49 - 2017-10-28 08:49 - 001822208 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2017-10-28 08:49 - 2017-10-28 08:49 - 001664000 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2017-10-28 08:49 - 2017-10-28 08:49 - 001641536 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2017-10-28 08:49 - 2017-10-28 08:49 - 001587200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2017-10-28 08:49 - 2017-10-28 08:49 - 001559552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2017-10-28 08:49 - 2017-10-28 08:49 - 001554216 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2017-10-28 08:49 - 2017-10-28 08:49 - 001547264 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2017-10-28 08:49 - 2017-10-28 08:49 - 001470976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2017-10-28 08:49 - 2017-10-28 08:49 - 001463856 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2017-10-28 08:49 - 2017-10-28 08:49 - 001436432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2017-10-28 08:49 - 2017-10-28 08:49 - 001323840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2017-10-28 08:49 - 2017-10-28 08:49 - 001261864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll
2017-10-28 08:49 - 2017-10-28 08:49 - 001200024 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2017-10-28 08:49 - 2017-10-28 08:49 - 001053592 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2017-10-28 08:49 - 2017-10-28 08:49 - 000925184 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll
2017-10-28 08:49 - 2017-10-28 08:49 - 000778936 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2017-10-28 08:49 - 2017-10-28 08:49 - 000739696 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll
2017-10-28 08:49 - 2017-10-28 08:49 - 000726016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2017-10-28 08:49 - 2017-10-28 08:49 - 000677280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2017-10-28 08:49 - 2017-10-28 08:49 - 000665088 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmCoreProvisioning.dll
2017-10-28 08:49 - 2017-10-28 08:49 - 000649304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2017-10-28 08:49 - 2017-10-28 08:49 - 000640512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mswstr10.dll
2017-10-28 08:49 - 2017-10-28 08:49 - 000597160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll
2017-10-28 08:49 - 2017-10-28 08:49 - 000566272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TpmCoreProvisioning.dll
2017-10-28 08:49 - 2017-10-28 08:49 - 000542208 _____ (Microsoft Corporation) C:\WINDOWS\system32\FirewallAPI.dll
2017-10-28 08:49 - 2017-10-28 08:49 - 000529408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nwifi.sys
2017-10-28 08:49 - 2017-10-28 08:49 - 000478208 _____ (Microsoft Corporation) C:\WINDOWS\system32\NgcCtnr.dll
2017-10-28 08:49 - 2017-10-28 08:49 - 000464416 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcryptprimitives.dll
2017-10-28 08:49 - 2017-10-28 08:49 - 000461312 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansec.dll
2017-10-28 08:49 - 2017-10-28 08:49 - 000442880 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptngc.dll
2017-10-28 08:49 - 2017-10-28 08:49 - 000422912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys
2017-10-28 08:49 - 2017-10-28 08:49 - 000418712 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2017-10-28 08:49 - 2017-10-28 08:49 - 000374784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FirewallAPI.dll
2017-10-28 08:49 - 2017-10-28 08:49 - 000373656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2017-10-28 08:49 - 2017-10-28 08:49 - 000353688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2017-10-28 08:49 - 2017-10-28 08:49 - 000326144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cryptngc.dll
2017-10-28 08:49 - 2017-10-28 08:49 - 000285696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb10.sys
2017-10-28 08:49 - 2017-10-28 08:49 - 000246168 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2017-10-28 08:49 - 2017-10-28 08:49 - 000232344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2017-10-28 08:49 - 2017-10-28 08:49 - 000184984 _____ (Microsoft Corporation) C:\WINDOWS\system32\sspicli.dll
2017-10-28 08:49 - 2017-10-28 08:49 - 000177664 _____ (Microsoft Corporation) C:\WINDOWS\system32\t2embed.dll
2017-10-28 08:49 - 2017-10-28 08:49 - 000139672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecdd.sys
2017-10-28 08:49 - 2017-10-28 08:49 - 000136192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\t2embed.dll
2017-10-28 08:49 - 2017-10-28 08:49 - 000123520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sspicli.dll
2017-10-28 08:49 - 2017-10-28 08:49 - 000086016 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblAuthTokenBrokerExt.dll
2017-10-28 08:49 - 2017-10-28 08:49 - 000070656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XblAuthTokenBrokerExt.dll
2017-10-28 08:49 - 2017-10-28 08:49 - 000060824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\urscx01000.sys
2017-10-28 08:49 - 2017-10-28 08:49 - 000058880 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmTasks.dll
2017-10-28 08:49 - 2017-10-28 08:49 - 000057344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\UcmUcsi.sys
2017-10-28 08:49 - 2017-10-28 08:49 - 000034816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BasicRender.sys
2017-10-28 08:49 - 2017-10-28 08:49 - 000028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\sspisrv.dll
2017-10-28 08:49 - 2017-10-28 08:49 - 000008704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjint40.dll
2017-10-28 08:42 - 2017-10-28 10:21 - 000000000 ____D C:\Program Files (x86)\MSBuild
2017-10-28 08:42 - 2017-10-28 08:42 - 000000000 ____D C:\WINDOWS\SysWOW64\XPSViewer
2017-10-28 08:42 - 2017-10-28 08:42 - 000000000 ____D C:\Program Files\Reference Assemblies
2017-10-28 08:42 - 2017-10-28 08:42 - 000000000 ____D C:\Program Files\MSBuild
2017-10-28 08:42 - 2017-10-28 08:42 - 000000000 ____D C:\Program Files (x86)\Reference Assemblies
2017-10-28 08:41 - 2017-10-28 08:41 - 001166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
2017-10-28 08:41 - 2017-10-28 08:41 - 000778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll
2017-10-28 08:41 - 2017-10-28 08:41 - 000124624 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2017-10-28 08:41 - 2017-10-28 08:41 - 000103120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2017-10-28 08:41 - 2017-10-28 08:41 - 000035456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2017-10-28 08:41 - 2017-10-28 08:41 - 000035456 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2017-10-28 08:29 - 2017-10-28 08:29 - 000008192 _____ C:\WINDOWS\system32\config\userdiff
2017-10-28 07:46 - 2017-10-28 11:09 - 000000000 ___DC C:\WINDOWS\Panther
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2017-11-26 17:10 - 2017-09-26 19:54 - 000000000 ____D C:\FRST
2017-11-26 16:01 - 2017-09-30 15:35 - 001001958 _____ C:\WINDOWS\system32\perfh007.dat
2017-11-26 16:01 - 2017-09-30 15:35 - 000217878 _____ C:\WINDOWS\system32\perfc007.dat
2017-11-26 15:57 - 2017-09-29 09:45 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2017-11-26 15:57 - 2017-06-05 09:32 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2017-11-26 15:57 - 2016-12-17 10:57 - 000000000 __SHD C:\Users\Freddy\IntelGraphicsProfiles
2017-11-25 17:50 - 2017-03-19 23:26 - 000000000 ____D C:\Users\Lydia.Freddy_Laptop.000\AppData\LocalLow\Temp
2017-11-25 17:50 - 2017-01-05 10:27 - 000000000 ____D C:\Users\Freddy\AppData\LocalLow\Temp
2017-11-25 17:23 - 2017-09-26 08:13 - 000000000 ____D C:\Users\Freddy\Desktop\Trojan
2017-11-25 15:36 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\DeliveryOptimization
2017-11-25 15:32 - 2017-06-29 20:52 - 000000008 __RSH C:\ProgramData\ntuser.pol
2017-11-25 15:32 - 2017-03-18 22:03 - 000000000 ____D C:\WINDOWS\system32\Tasks_Migrated
2017-11-25 14:56 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\rescache
2017-11-25 12:55 - 2017-09-29 14:46 - 000000000 ___HD C:\Program Files\WindowsApps
2017-11-25 12:55 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\AppReadiness
2017-11-25 12:50 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2017-11-19 21:05 - 2017-09-29 14:44 - 000000000 ____D C:\WINDOWS\INF
2017-11-19 21:01 - 2017-09-29 14:46 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2017-11-19 21:01 - 2017-09-29 14:46 - 000000000 ___SD C:\WINDOWS\system32\F12
2017-11-19 21:01 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\TextInput
2017-11-19 21:01 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2017-11-19 21:01 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2017-11-19 21:01 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\system32\appraiser
2017-11-19 21:01 - 2017-09-29 09:45 - 000000000 ____D C:\WINDOWS\system32\Dism
2017-11-19 14:31 - 2017-09-29 14:37 - 000000000 ____D C:\WINDOWS\CbsTemp
2017-11-18 15:27 - 2017-01-02 15:07 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2017-11-18 15:16 - 2013-08-08 11:02 - 000000000 ____D C:\ProgramData\Package Cache
2017-11-18 09:16 - 2013-08-08 11:30 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2017-11-14 00:29 - 2017-02-25 09:02 - 000025400 _____ C:\Users\Freddy\Desktop\160115_to do Haus.xlsx
2017-11-12 11:17 - 2016-01-16 19:15 - 000000000 ___RD C:\Users\Freddy\iCloudDrive
2017-11-11 15:05 - 2016-12-17 01:49 - 000000000 ____D C:\WINDOWS\SysWOW64\sda
2017-11-05 18:03 - 2016-12-17 10:07 - 000000000 ____D C:\Users\Freddy\AppData\Local\ElevatedDiagnostics
2017-11-05 16:40 - 2014-02-28 20:34 - 000000000 ____D C:\Users\Freddy\AppData\Roaming\Sony Corporation
2017-11-05 16:33 - 2016-01-16 19:15 - 000000000 ____D C:\Users\Freddy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\iCloud
2017-11-04 08:09 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\appcompat
2017-11-04 02:25 - 2017-09-29 14:49 - 000835568 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2017-11-04 02:25 - 2017-09-29 14:49 - 000177648 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2017-11-03 06:33 - 2016-12-17 10:49 - 000002433 _____ C:\Users\Freddy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2017-11-03 06:33 - 2016-12-17 10:49 - 000000000 ___RD C:\Users\Freddy\OneDrive
2017-10-28 11:09 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\Registration
2017-10-28 11:09 - 2016-12-17 10:47 - 000000000 ____D C:\Users\Freddy\AppData\Local\TileDataLayer
2017-10-28 11:09 - 2014-02-28 20:27 - 000000000 __RHD C:\Users\Public\AccountPictures
2017-10-28 10:23 - 2017-09-29 14:46 - 000028672 _____ C:\WINDOWS\system32\config\BCD-Template
2017-10-28 10:21 - 2017-09-30 15:34 - 000000000 ____D C:\WINDOWS\SysWOW64\sysprep
2017-10-28 10:21 - 2017-09-29 14:49 - 000000000 ____D C:\WINDOWS\Setup
2017-10-28 10:21 - 2017-09-29 14:46 - 000000000 ___SD C:\WINDOWS\Downloaded Program Files
2017-10-28 10:21 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\SysWOW64\GroupPolicy
2017-10-28 10:21 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\system32\WinBioDatabase
2017-10-28 10:21 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\system32\spool
2017-10-28 10:21 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\system32\oobe
2017-10-28 10:21 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\system32\NDF
2017-10-28 10:21 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\system32\InputMethod
2017-10-28 10:21 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\Resources
2017-10-28 10:21 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\InputMethod
2017-10-28 10:21 - 2017-09-29 14:46 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2017-10-28 10:21 - 2017-09-29 14:46 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2017-10-28 10:21 - 2017-08-27 09:25 - 000000000 __RHD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VAIO Care
2017-10-28 10:21 - 2017-06-05 09:32 - 000000000 ____D C:\Program Files\Intel
2017-10-28 10:21 - 2017-06-01 05:46 - 000000000 ____D C:\Program Files\UNP
2017-10-28 10:21 - 2017-03-27 06:25 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WISO steuer Sparbuch 2017
2017-10-28 10:21 - 2017-02-03 20:47 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Icecream PDF Split and Merge
2017-10-28 10:21 - 2017-01-15 19:37 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2017-10-28 10:21 - 2017-01-03 10:20 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF24
2017-10-28 10:21 - 2016-12-27 12:45 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SharePoint
2017-10-28 10:21 - 2016-12-27 12:45 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2017-10-28 10:21 - 2016-12-27 12:40 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2017-10-28 10:21 - 2016-12-26 16:48 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Epson Software
2017-10-28 10:21 - 2016-12-16 23:54 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2017-10-28 10:21 - 2014-03-01 05:03 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Main
2017-10-28 10:21 - 2014-03-01 02:09 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2017-10-28 10:21 - 2014-02-28 20:34 - 000000000 ____D C:\WINDOWS\SysWOW64\VAIO Startup Setting Tool
2017-10-28 10:21 - 2013-11-14 08:13 - 000000000 ____D C:\WINDOWS\ShellNew
2017-10-28 10:21 - 2013-08-22 16:36 - 000000000 ____D C:\WINDOWS\system32\WindowsInternal.Inbox.Shared
2017-10-28 10:21 - 2013-08-22 16:36 - 000000000 ____D C:\WINDOWS\system32\WindowsInternal.Inbox.Media.Shared
2017-10-28 10:21 - 2013-08-08 11:39 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2017-10-28 10:21 - 2013-08-08 11:31 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel AppUp(R) center
2017-10-28 10:21 - 2013-08-08 11:18 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PlayMemories Home
2017-10-28 10:21 - 2013-08-08 11:11 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NXPProximityInstaller
2017-10-28 10:21 - 2013-08-08 11:07 - 000000000 ___HD C:\WINDOWS\system32\WLANProfiles
2017-10-28 09:43 - 2017-09-29 14:46 - 000000000 ____D C:\ProgramData\USOPrivate
2017-10-28 09:37 - 2017-09-29 14:46 - 000000000 ____D C:\Program Files\windows nt
2017-10-28 09:35 - 2014-03-01 15:36 - 000023056 _____ C:\WINDOWS\system32\emptyregdb.dat
2017-10-28 09:32 - 2017-09-05 21:57 - 000000000 ____D C:\Users\Freddy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\com.husqvarna
2017-10-28 09:32 - 2016-12-27 12:40 - 000000000 ____D C:\Users\Freddy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2017-10-28 09:32 - 2016-12-26 20:39 - 000000000 ____D C:\Users\Freddy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\IrfanView
2017-10-28 09:32 - 2016-12-20 20:26 - 000000000 ____D C:\Users\Freddy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Kodi
2017-10-28 09:30 - 2017-09-29 14:46 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2017-10-28 09:27 - 2017-09-29 09:45 - 000000000 ____D C:\WINDOWS\system32\Sysprep
2017-10-28 09:27 - 2017-06-05 09:32 - 000000200 _____ C:\WINDOWS\system32\{EC94D02F-D200-4428-9531-05AF7F9799CB}.bat
2017-10-28 09:27 - 2017-06-05 09:31 - 000000000 ____D C:\WINDOWS\SysWOW64\RTCOM
2017-10-28 09:27 - 2013-08-08 10:57 - 000000000 ____D C:\Intel
2017-10-28 09:06 - 2017-09-29 14:46 - 000000000 __RHD C:\Users\Public\Libraries
2017-10-28 09:05 - 2017-09-29 09:45 - 000008192 _____ C:\WINDOWS\system32\config\ELAM
2017-10-28 08:58 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\SysWOW64\IME
2017-10-28 08:58 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\system32\IME
2017-10-28 08:57 - 2017-06-05 09:32 - 000000000 ____D C:\Program Files\Synaptics
2017-10-28 08:57 - 2017-06-05 09:31 - 000000000 ____D C:\Program Files\Realtek
2017-10-28 08:57 - 2016-12-26 16:52 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\zu-ZA
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\yo-NG
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\xh-ZA
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\wo-SN
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\vi-VN
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\uz-Latn-UZ
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\ur-PK
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\ug-CN
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\tt-RU
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\tn-ZA
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\tk-TM
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\ti-ET
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\tg-Cyrl-TJ
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\te-IN
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\ta-IN
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\sw-KE
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\sr-Cyrl-RS
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\sr-Cyrl-BA
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\sq-AL
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\si-LK
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\sd-Arab-PK
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\rw-RW
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\quz-PE
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\quc-Latn-GT
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\prs-AF
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\pa-IN
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\pa-Arab-PK
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\or-IN
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\nso-ZA
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\nn-NO
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\ne-NP
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\mt-MT
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\mr-IN
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\mn-MN
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\ml-IN
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\mk-MK
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\mi-NZ
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\lo-LA
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\lb-LU
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\ky-KG
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\ku-Arab-IQ
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\kok-IN
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\kn-IN
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\km-KH
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\kk-KZ
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\ka-GE
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\is-IS
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\ig-NG
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\id-ID
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\hy-AM
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\ha-Latn-NG
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\gu-IN
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\gd-GB
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\ga-IE
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\fil-PH
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\fa-IR
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\cy-GB
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\chr-CHER-US
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\ca-ES-valencia
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\bs-Latn-BA
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\bn-IN
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\bn-BD
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\be-BY
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\az-Latn-AZ
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\as-IN
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\am-ET
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\SysWOW64\af-ZA
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\zu-ZA
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\yo-NG
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\xh-ZA
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\wo-SN
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\vi-VN
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\uz-Latn-UZ
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\ur-PK
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\ug-CN
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\tt-RU
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\tn-ZA
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\tk-TM
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\ti-ET
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\tg-Cyrl-TJ
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\te-IN
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\ta-IN
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\sw-KE
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\sr-Cyrl-RS
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\sr-Cyrl-BA
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\sq-AL
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\si-LK
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\sd-Arab-PK
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\rw-RW
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\quz-PE
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\quc-Latn-GT
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\prs-AF
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\pa-IN
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\pa-Arab-PK
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\or-IN
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\nso-ZA
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\nn-NO
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\ne-NP
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\mt-MT
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\mr-IN
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\mn-MN
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\ml-IN
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\mk-MK
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\mi-NZ
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\lo-LA
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\lb-LU
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\ky-KG
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\ku-Arab-IQ
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\kok-IN
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\kn-IN
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\km-KH
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\kk-KZ
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\ka-GE
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\is-IS
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\ig-NG
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\id-ID
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\hy-AM
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\ha-Latn-NG
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\gu-IN
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\gd-GB
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\ga-IE
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\fil-PH
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\fa-IR
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\cy-GB
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\chr-CHER-US
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\ca-ES-valencia
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\bs-Latn-BA
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\bn-IN
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\bn-BD
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\be-BY
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\az-Latn-AZ
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\as-IN
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\am-ET
2017-10-28 08:50 - 2017-09-30 15:35 - 000000000 ____D C:\WINDOWS\system32\af-ZA
2017-10-28 08:42 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\SysWOW64\MUI
2017-10-28 08:42 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\system32\MUI
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2017-11-11 15:31 - 2017-11-19 14:59 - 000000600 _____ () C:\Users\Freddy\AppData\Local\PUTTY.RND
2014-03-01 01:57 - 2016-12-17 02:49 - 000007598 _____ () C:\Users\Freddy\AppData\Local\resmon.resmoncfg
==================== Bamital & volsnap ======================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2017-11-25 14:56
==================== Ende von FRST.txt ============================
|
|
26.11.2017, 17:45
| #15 |
| | windows10: AVIRA meldet Trojaner-FundCode:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 24-11-2017 01
durchgeführt von Freddy (26-11-2017 17:11:29)
Gestartet von C:\Users\Freddy\Desktop\Trojan\Programme
Windows 10 Home Version 1709 16299.64 (X64) (2017-10-28 08:37:27)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-3483465479-2191358556-2575146349-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3483465479-2191358556-2575146349-503 - Limited - Disabled)
Freddy (S-1-5-21-3483465479-2191358556-2575146349-1001 - Administrator - Enabled) => C:\Users\Freddy
Gast (S-1-5-21-3483465479-2191358556-2575146349-501 - Limited - Disabled)
Lydia (S-1-5-21-3483465479-2191358556-2575146349-1006 - Limited - Enabled) => C:\Users\Lydia.Freddy_Laptop.000
WDAGUtilityAccount (S-1-5-21-3483465479-2191358556-2575146349-504 - Limited - Disabled)
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Avira Antivirus (Enabled - Up to date) {B3F630BD-538D-1B4A-14FA-14B63235278F}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: Avira Antivirus (Enabled - Up to date) {0897D159-75B7-14C4-2E4A-2FC449B26D32}
AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
Adobe Reader XI MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AB0000000001}) (Version: 11.0.00 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.23) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.23 - Adobe Systems Incorporated)
Apple Application Support (32-Bit) (HKLM-x32\...\{D811A40A-9791-497C-B9DC-2D89C8E95EA1}) (Version: 6.1 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{8B47B514-F5D2-4E0D-B951-6E250618A7CD}) (Version: 6.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{31A0B634-BCF4-4D3F-8336-87FEACFEE142}) (Version: 11.0.1.2 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{C1BBFD2A-BCDD-45B3-8C0B-66BD434970A8}) (Version: 2.4.8.1 - Apple Inc.)
Avira (HKLM-x32\...\{37C2DE81-46FA-4EB3-83A5-F0D8F5B08F6E}) (Version: 1.2.99.31392 - Avira Operations GmbH & Co. KG) Hidden
Avira (HKLM-x32\...\{5a024a65-9f29-41b1-b178-946c9f826e72}) (Version: 1.2.99.31392 - Avira Operations GmbH & Co. KG)
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.33.24 - Avira Operations GmbH & Co. KG)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
compasX 27.1 (HKLM-x32\...\{9FBE7270-D55B-4D0D-BB04-4BAFEA03ECFA}) (Version: 27.1 - Telenot)
Easy Photo Scan (HKLM-x32\...\{BB6241FF-8B76-45A5-95B9-888EDE8E47DC}) (Version: 1.00.0010 - Seiko Epson Corporation)
Einstellungen für VAIO Media Server (HKLM\...\{62A172B2-550E-499D-9A82-5190D18390AA}) (Version: 1.1.0.02220 - Sony Corporation)
Epson Easy Photo Print 2 (HKLM-x32\...\{F05A434E-D3CF-4B44-9D3E-779D42090781}) (Version: 2.8.0.0 - Seiko Epson Corporation)
Epson Event Manager (HKLM-x32\...\{9F205E94-9E42-4486-A92A-DF3F6CB85444}) (Version: 3.10.0061 - Seiko Epson Corporation)
Epson E-Web Print (HKLM-x32\...\{6BF9F374-EC67-4808-A90C-F127DE6D989D}) (Version: 1.23.0000 - SEIKO EPSON CORPORATION)
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version: - Seiko Epson Corporation)
Epson Software Updater (HKLM-x32\...\{7BAC3F7A-B963-468E-982E-B5608A87408D}) (Version: 4.4.4 - SEIKO EPSON CORPORATION)
EPSON XP-520 Series Printer Uninstall (HKLM\...\EPSON XP-520 Series) (Version: - SEIKO EPSON Corporation)
ESDL (HKLM-x32\...\{9A2CA016-1C4C-4D44-BF70-C2C8639C34A4}) (Version: 1.0.0 - Sony Corporation) Hidden
Etcher 1.1.2 (only current user) (HKU\S-1-5-21-3483465479-2191358556-2575146349-1001\...\573339af-d9e1-5dd3-804c-e0162fac1f41) (Version: 1.1.2 - Resin Inc.)
FDUx86 (HKLM-x32\...\{3490653F-2789-46A1-B1BF-6BD4CF4131AB}) (Version: 1.0.0 - Sony Corporation) Hidden
iCloud (HKLM\...\{FF99A618-BCA5-4658-B9FF-CCF57C177610}) (Version: 7.1.0.34 - Apple Inc.)
Intel AppUp(R) center (HKLM-x32\...\Intel AppUp(R) center 41800) (Version: 3.8.0.41800.66 - Intel)
Intel Collaborative Processor Performance Control (HKLM-x32\...\0E7DAF70-FB54-4B91-B192-7E771C25AEEB) (Version: 1.0.0.1015 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.0.1428 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4531 - Intel Corporation)
Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology(patch version 3.0.1335.5) (HKLM\...\{302600C1-6BDF-4FD1-1307-148929CC1385}) (Version: 3.1.1307.0362 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.0.1016 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 3.0.0.63463 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{aa2c2346-d0c0-4d3e-9ab1-11a48b4cb9f3}) (Version: 19.20.3 - Intel Corporation)
IrfanView 4.44 (64-bit) (HKLM\...\IrfanView64) (Version: 4.44 - Irfan Skiljan)
iTunes (HKLM\...\{24607015-8D34-4AF3-9092-AC83847AE073}) (Version: 12.7.1.14 - Apple Inc.)
Java 8 Update 131 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180131F0}) (Version: 8.0.1310.11 - Oracle Corporation)
Kodi (HKU\S-1-5-21-3483465479-2191358556-2575146349-1001\...\Kodi) (Version: - XBMC-Foundation)
Malwarebytes Version 3.3.1.2183 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.3.1.2183 - Malwarebytes)
MergeModule_x64 (HKLM\...\{20E0665F-E4EE-4E2A-8E86-EFC65129FE41}) (Version: 8.0.00 - Sony Corporation) Hidden
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4454.1510 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3483465479-2191358556-2575146349-1001\...\OneDriveSetup.exe) (Version: 17.3.7076.1026 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3483465479-2191358556-2575146349-1006\...\OneDriveSetup.exe) (Version: 17.3.6998.0830 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{402ED4A1-8F5B-387A-8688-997ABF58B8F2}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24212 (HKLM-x32\...\{462f63a8-6347-4894-a1b3-dbfe3a4c981d}) (Version: 14.0.24212.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
NFC Connection Utility (HKLM\...\{F3FC1B12-45AA-4ACE-AD9F-DFD87BE9457E}) (Version: 1.0.0.14100 - Sony Corporation)
NXPProximityInstaller (HKLM-x32\...\NXPProximityInstaller) (Version: 6.3.1.0 - NXP Semiconductors)
PlayMemories Home (HKLM-x32\...\{4C93E894-BE17-463B-A789-4CAB706987A0}) (Version: 8.0.21.11211 - Sony Corporation)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9600.28145 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6895 - Realtek Semiconductor Corp.)
Remote Keyboard (HKLM-x32\...\{6466EF6E-700E-470F-94CB-D0050302C84E}) (Version: 1.2.0.09270 - Sony Corporation) Hidden
Restore (HKLM-x32\...\{ECCEB4D0-7080-4F8A-B498-E40A32A4FBED}) (Version: 1.0.0 - Sony Corporation) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
Skype™ 7.3 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.3.101 - Skype Technologies S.A.)
SOHLib for PlayMemories Home (HKLM\...\{CBA577D0-C972-4A26-B948-A315DF3ECE0E}) (Version: 1.0.1.11110 - Sony Corporation) Hidden
SSLx64 (HKLM\...\{312395BC-7CC2-434C-A660-30250276A926}) (Version: 1.0.0 - Sony Corporation ) Hidden
SSLx86 (HKLM-x32\...\{63C43435-F428-42BA-8E7B-5848749D9262}) (Version: 1.0.0 - Sony Corporation ) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.0.15.2 - Synaptics Incorporated)
VAIO - Remote-Tastatur (HKLM-x32\...\{7396FB15-9AB4-4B78-BDD8-24A9C15D2C65}) (Version: 1.2.0.09270 - Sony Corporation)
VAIO - Remote-Tastatur mit PlayStation®3 (HKLM-x32\...\{E682702C-609C-4017-99E7-3129C163955F}) (Version: 1.2.1.05220 - Sony Corporation)
VAIO - Xperia Link (HKLM-x32\...\{D91558BF-D1F3-411F-AEFE-8774CB406512}) (Version: 1.4.0.15030 - Sony Corporation)
VAIO BIOS Data Transfer Utility (HKLM-x32\...\{5D772F4A-53DE-4E1F-83F5-B08DFF106C60}) (Version: 1.0.0.02050 - Sony Corporation) Hidden
VAIO Care (HKLM\...\{9C4E9490-3862-4EE0-90E6-C2457B67CD5F}) (Version: 8.4.6.05116 - Sony Corporation)
VAIO Care Recovery (HKLM\...\{15B9204E-BA09-485E-8F2C-094AC0077664}) (Version: 1.1.2.13230 - Sony Corporation)
VAIO Care-Hardwarediagnose-Plugin (HKLM-x32\...\{EC153498-00E1-4C9C-89BE-81527C6750BE}) (Version: 4.8.0.13250 - Sony Corporation)
VAIO Control Center (HKLM-x32\...\{8E797841-A110-41FD-B17A-3ABC0641187A}) (Version: 6.2.12.13060 - Sony Corporation)
VAIO Data Restore Tool (HKLM-x32\...\{57B955CE-B5D3-495D-AF1B-FAEE0540BFEF}) (Version: 1.11.0.13250 - Sony Corporation)
VAIO Easy Connect (HKLM-x32\...\{7C80D30A-AC02-4E3F-B95D-29F0E4FF937B}) (Version: 8.4.4.07220 - Sony Corporation) Hidden
VAIO Gesture Control (HKLM-x32\...\{692955F2-DE9F-4078-8FAA-858D6F3A1776}) (Version: 2.2.0.01230 - Sony Corporation)
VAIO Gesture Control (HKLM-x32\...\{9CE67959-AF22-4D93-8D49-CB73F015628E}) (Version: 2.2.0.01230 - Sony Corporation) Hidden
VAIO Image Optimizer (HKLM-x32\...\{5597C927-029A-46A7-A0C0-8DABD9891A50}) (Version: 3.1.00.14260 - Sony Corporation) Hidden
VAIO Image Optimizer (HKLM-x32\...\InstallShield_{5597C927-029A-46A7-A0C0-8DABD9891A50}) (Version: 3.3.00.10220 - Sony Corporation)
VAIO Improvement (HKLM-x32\...\{3A26D9BD-0F73-432D-B522-2BA18138F7EF}) (Version: 2.2.0.01240 - Sony Corporation)
VAIO Movie Creator (HKLM-x32\...\{C2CC5822-32E6-4D21-88EA-DE8CED09EE2F}) (Version: 4.1.01.15140 - Sony Corporation) Hidden
VAIO Movie Creator (HKLM-x32\...\InstallShield_{C2CC5822-32E6-4D21-88EA-DE8CED09EE2F}) (Version: 4.3.01.11140 - Sony Corporation)
VAIO Sample Music (HKLM-x32\...\{FBEE3D44-0933-4B84-BB6A-49957F89187F}) (Version: 1.0.0.03051 - Sony Corporation)
VAIO Update (HKLM-x32\...\{9FF95DA2-7DA1-4228-93B7-DED7EC02B6B2}) (Version: 7.2.0.16270 - Sony Corporation)
VAIO*CPU-Lüfterdiagnose (HKLM-x32\...\{BCE6E3D7-B565-4E1B-AC77-F780666A35FB}) (Version: 1.2.0.03050 - Sony Corporation)
VAIO-Support für Übertragungen (HKLM-x32\...\{5DDAFB4B-C52E-468A-9E23-3B0CEEB671BF}) (Version: 1.9.0.11060 - Sony Corporation)
VCCMMX64 (HKLM\...\{606DF716-F28D-4449-B0B1-3AB6081F51AF}) (Version: 1.0.0 - Sony Corporation) Hidden
VCCMMx64 (HKLM\...\{B812401D-BAB2-4E33-9AC7-9862BC8CAF64}) (Version: 1.0.0 - Sony Corporation) Hidden
VCCMMX86 (HKLM-x32\...\{BC3FFCF0-3DB7-47D2-BF15-1979AB59D12B}) (Version: 1.0.0 - Sony Corporation) Hidden
VCCMMx86 (HKLM-x32\...\{CC87BAAD-AA25-4727-9B7C-E0876722B784}) (Version: 1.0.0 - Sony Corporation) Hidden
VCCx64 (HKLM\...\{25ECAFCB-DCFB-4FCE-A5B2-772A57F59860}) (Version: 1.0.0 - Sony Corporation) Hidden
VCCx64 (HKLM\...\{AB447E3B-7A95-4CA6-8ECD-B25C96314B67}) (Version: 1.0.0 - Sony Corporation) Hidden
VCCx86 (HKLM-x32\...\{AFDC0CC0-39E8-42C0-9823-2C1C182676DC}) (Version: 1.0.0 - Sony Corporation) Hidden
VCCx86 (HKLM-x32\...\{B31938C7-7E97-49EE-8F88-951E156268A3}) (Version: 1.0.0 - Sony Corporation) Hidden
VHD (HKLM-x32\...\{9D8112DB-3490-4BF1-AAFA-1D224FFB5D3C}) (Version: 1.0.0 - Sony Corporation) Hidden
Virtual COM Port Driver (HKLM-x32\...\{9853299F-7AD8-4560-9896-60650BD8ACBF}) (Version: 1.3.1 - STMicroelectronics) Hidden
Virtual COM Port Driver (HKLM-x32\...\InstallShield_{9853299F-7AD8-4560-9896-60650BD8ACBF}) (Version: 1.3.1 - STMicroelectronics)
VIx64 (HKLM\...\{D55EAC07-7207-44BD-B524-0F063F327743}) (Version: 1.0.0 - Sony Corporation) Hidden
VIx86 (HKLM-x32\...\{D17C2A58-E0EA-4DD7-A2D6-C448FD25B6F6}) (Version: 1.0.0 - Sony Corporation) Hidden
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.6 - VideoLAN)
VPMx64 (HKLM\...\{DBEAA361-F8A4-4298-B41C-9E9DCB9AAB84}) (Version: 1.0.0 - Sony Corporation ) Hidden
VSSTx64 (HKLM\...\{4F31AC31-0A28-4F5A-8416-513972DA1F79}) (Version: 1.0.0 - Sony Corporation ) Hidden
VSSTx86 (HKLM-x32\...\{B24BB74E-8359-43AA-985A-8E80C9219C70}) (Version: 1.0.0 - Sony Corporation) Hidden
VUx64 (HKLM\...\{A0A2BE14-D3FF-41C8-9545-4B130E3FE9A4}) (Version: 1.2.0 - Sony Corporation) Hidden
VUx86 (HKLM-x32\...\{D04F1D22-4A47-42C6-A2B9-094A7B844D9B}) (Version: 1.2.0 - Sony Corporation) Hidden
VWSTx86 (HKLM-x32\...\{B8991D99-88FD-41F2-8C32-DB70278D5C30}) (Version: 1.0.0 - Sony Corporation) Hidden
WinRAR 5.40 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.40.0 - win.rar GmbH)
WISO steuer:Sparbuch 2017 (HKLM-x32\...\{F8264AEF-35B2-466B-B1E5-14EE6064B079}) (Version: 24.03.1518 - Buhl Data Service GmbH)
XperiaLinkx86 (HKLM-x32\...\{EE402ACB-8269-4E44-9CA1-D81FDC4B4545}) (Version: 1.0.0 - Sony Corporation) Hidden
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
CustomCLSID: HKU\S-1-5-21-3483465479-2191358556-2575146349-1001_Classes\CLSID\{9E506282-69D3-5ABA-9C1D-15994B37F4AC}\InprocServer32 -> C:\Program Files (x86)\Intel\IntelAppStore\bin\npAppUp_x64.dll (Intel)
CustomCLSID: HKU\S-1-5-21-3483465479-2191358556-2575146349-1001_Classes\CLSID\{9E506282-69D3-5ABA-9C1D-15994B37F4AD}\InprocServer32 -> C:\Program Files (x86)\Intel\IntelAppStore\bin\npAppUp_x64.dll (Intel)
ContextMenuHandlers1: [IcecreamShellExtension] -> {A8B59160-93EA-4303-9192-AA3C64FDBE31} => C:\Program Files (x86)\Icecream PDF Split and Merge\x64\IcecreamShell64.dll [2016-12-29] (TODO: <Company name>)
ContextMenuHandlers1: [PhotoStreamsExt] -> {89D984B3-813B-406A-8298-118AFA3A22AE} => C:\Program Files\Common Files\Apple\Internet Services\ShellStreams64.dll [2017-10-19] (Apple Inc.)
ContextMenuHandlers1: [Shell Extension for Malware scanning] -> {45AC2688-0253-4ED8-97DE-B5370FA7D48A} => C:\Program Files (x86)\Avira\Antivirus\shlext64.dll [2017-11-18] (Avira Operations GmbH & Co. KG)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-08-14] (Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-08-14] (Alexander Roshal)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-11-01] (Malwarebytes)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> Keine Datei
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2016-11-01] (Intel Corporation)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2017-11-01] (Malwarebytes)
ContextMenuHandlers6: [Shell Extension for Malware scanning] -> {45AC2688-0253-4ED8-97DE-B5370FA7D48A} => C:\Program Files (x86)\Avira\Antivirus\shlext64.dll [2017-11-18] (Avira Operations GmbH & Co. KG)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-08-14] (Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-08-14] (Alexander Roshal)
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {07A37E19-5965-40B6-AC9B-62866531F867} - System32\Tasks\Sony Corporation\VAIO Control Center\NetworkSetting\NetworkSetting Logon Start => C:\Program Files (x86)\Sony\VAIO Control Center\NetworkSetting\NetworkClient
Task: {088082DF-6E31-4DC5-B65C-FB3C2FA65EFE} - System32\Tasks\Sony Corporation\VAIO Care\VKSvcDaily => C:\Program Files\Sony\VAIO Care\VAIOTM\VKSvc.exe [2017-04-19] (Sony Corporation)
Task: {09172E18-AD72-436A-9B3A-9C3AE10D2616} - System32\Tasks\Sony Corporation\VAIO Care\VCRLog => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2017-05-15] (Sony Corporation)
Task: {0A0E6B7C-C784-4CD0-910A-728797BC8493} - System32\Tasks\Sony Corporation\Sony Home Network Library\SOHLib SOHDms => C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe [2013-11-07] (Sony Corporation)
Task: {0A7DB203-FA16-43E0-A3B4-0225E5E712AE} - System32\Tasks\Sony Corporation\VAIO Care\VTSvc => C:\Program Files\Sony\VAIO Care\VAIOTM\VTSvc.exe [2017-04-19] (Sony Corporation)
Task: {0E737322-05C2-4FB7-B878-72E87A77B182} - System32\Tasks\Sony Corporation\VAIO Care\UpdateSolution => C:\Program Files\Sony\VAIO Care\Solution.Updater.exe [2017-05-15] (Sony Corporation)
Task: {156DDDFB-900D-406F-A6A8-8D40CB749DD1} - System32\Tasks\Avira_Antivirus_Systray => C:\Program Files (x86)\Avira\Antivirus\avgnt.exe [2017-11-18] (Avira Operations GmbH & Co. KG)
Task: {1733A098-3F38-45F4-88E5-E3FD2925908E} - System32\Tasks\Sony Corporation\NFC Connection Utility\NFC Logon Start => C:\Program Files\Sony\NFC Connection Utility\NFCConnectionUtility.exe [2014-02-11] (Sony Corporation)
Task: {1EC983A3-3619-4821-A871-151F4F907423} - System32\Tasks\Sony Corporation\VAIO Update\VAIO Update => C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe [2016-04-25] (Sony Corporation)
Task: {235AAD07-75C3-4C73-82E0-081FA04B0F3B} - System32\Tasks\Sony Corporation\VAIO Care\UploadPOT => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2017-05-15] (Sony Corporation)
Task: {2D1BBC51-0CE6-4F2D-85FE-776407E58838} - System32\Tasks\Sony Corporation\VAIO Care\CheckSystemInfo => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2017-05-15] (Sony Corporation)
Task: {2F18DDEE-9C8E-4F7E-B68C-97E55EDC0DA8} - System32\Tasks\Clientlizenzdienst(ClipSVC)Mobile => C:\Program Files (x86)\nodejs\node.exe [2017-05-02] (Node.js)
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\WINDOWS\System32\AutoWorkplace.exe
Task: {3B35DA12-DE65-4903-9601-A045C74AADF4} - System32\Tasks\Sony Corporation\VAIO Improvement\VAIOImprovementUploader => C:\Program Files\Sony\VAIO Improvement\viuploader.exe [2013-01-24] (Sony Corporation)
Task: {4D63B5A4-1940-494C-9E9E-C3B8683D1E62} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-09-27] (Adobe Systems Incorporated)
Task: {6D44DF52-296A-4290-80F8-F29478BF965F} - System32\Tasks\Avira SystrayStartTrigger => Avira.SystrayStartTrigger.exe
Task: {731820B3-78E1-4E12-B41F-6FABF2596874} - System32\Tasks\Sony Corporation\Sony Home Network Library\SOHLib TaskTray => C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SHTtray.exe [2013-09-12] (Sony Corporation)
Task: {75BFA5A2-9106-4B43-BCA6-6F03DA54C2A8} - System32\Tasks\Sony Corporation\VAIO Control Center\VAIOControlCenterSystem => C:\Program Files (x86)\Sony\VAIO Control Center\vim.exe [2014-11-17] (Sony Corporation)
Task: {7982693B-13B2-4382-810A-311F970E1580} - System32\Tasks\Sony Corporation\Xperia Link\Xperia Link Logon Start => C:\Program Files (x86)\Sony\Xperia Link\Xperia Link.exe [2016-03-04] (Sony Corporation)
Task: {7EFBE56F-B0BE-492D-A745-4AB238FE69CF} - System32\Tasks\CoolKiller => C:\WINDOWS\system32\rundll32.exe "C:\Program Files\CoolKiller\CoolKiller.dll",mUjnBIANGCsu <==== ACHTUNG
Task: {92C0956C-5CA6-4BEE-9BBB-6E8475A0743E} - System32\Tasks\Sony Corporation\VAIO Care\VKSvcWeekly => C:\Program Files\Sony\VAIO Care\VAIOTM\VKSvc.exe [2017-04-19] (Sony Corporation)
Task: {92D374A6-7389-4DA4-AD28-B00928A40C43} - System32\Tasks\Sony Corporation\VAIO Care\DeployCRMflag => C:\Program Files\Sony\VAIO Care\DeployCRMflag.exe [2017-05-15] (Sony Corporation)
Task: {9A0E0C05-29E0-4943-826D-C714DF31C624} - System32\Tasks\Sony Corporation\VAIO Care\ActiveStatusCollect => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2017-05-15] (Sony Corporation)
Task: {9A7AB5FA-8B68-4455-A598-C625E617BBB8} - System32\Tasks\Sony Corporation\VAIO Care\VCOneClick => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2017-05-15] (Sony Corporation)
Task: {9A7F6397-8E10-4344-9ABA-4DA72F9E1BB4} - System32\Tasks\updater => C:\Program Files (x86)\devnull\NetAdapterUpdate\updater.exe
Task: {9C11A6D9-6FF0-467B-98BF-05F6D81DFFBD} - System32\Tasks\Sony Corporation\VAIO Care\GetPOTInfo => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2017-05-15] (Sony Corporation)
Task: {9D38DE1F-95D3-4DFF-A6B1-7D9913C5B371} - System32\Tasks\Sony Corporation\VAIO Care\VCCheckIolo => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2017-05-15] (Sony Corporation)
Task: {A0F06AC5-F898-4D38-BF28-709FE6197DB4} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2017-07-24] (Apple Inc.)
Task: {A969B346-A1E8-491B-B3E3-19109A1F636B} - System32\Tasks\Sony Corporation\VAIO Gesture Control\VCGULogonTask => C:\Program Files (x86)\Sony\VAIO Camera Gesture Utility\VCGU.exe [2013-01-23] (Sony Corporation)
Task: {AB4433F9-DAD7-4AAD-89B2-C64F3342633C} - System32\Tasks\Sony Corporation\VAIO Hardware Diagnostics\VHDInformationCheck => C:\Program Files (x86)\Sony\VAIO Recovery\plugins\InformationCheck.exe [2013-01-25] (Sony Corporation)
Task: {B4B41936-ACE9-433F-BA0D-4B2E9FFC5805} - System32\Tasks\Sony Corporation\VAIO Control Center\VAIO Capture\VAIO Clip => C:\Program Files (x86)\Sony\VAIO Control Center\VAIO Clip.exe [2013-12-09] (Sony Corporation)
Task: {B65149E4-C865-4E82-9069-566B492615AE} - System32\Tasks\EPSON XP-520 Series Update {AA49A6FF-529B-4F6B-95BC-379A9FC14BB3} => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSNPE.EXE [2013-11-22] (SEIKO EPSON CORPORATION)
Task: {B8EE1B23-260C-41D9-9457-559EF9907168} - System32\Tasks\Sony Corporation\VAIO Care\VAIO Care => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2017-05-15] (Sony Corporation)
Task: {C2DFDAC6-2DC5-43AC-B3C3-189687A656FC} - System32\Tasks\Sony Corporation\VAIO Care\VCMetrics => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2017-05-15] (Sony Corporation)
Task: {C314B97F-35D1-4129-B36B-138FBF48C098} - System32\Tasks\Sony Corporation\VAIO Control Center\Level4Daily => C:\Program Files (x86)\Sony\VAIO Control Center\WBCBatteryCare.exe [2013-03-15] (Sony Corporation)
Task: {CB55C1E1-DB58-4EEB-BE76-8A6432FA8220} - System32\Tasks\EPSON XP-520 Series Update {6B85294F-9774-45F0-A6EF-A7293D977B0D} => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSNPE.EXE [2013-11-22] (SEIKO EPSON CORPORATION)
Task: {CE6BC97F-68EB-4782-B43B-59D763DE5FE6} - System32\Tasks\CreateChoiceProcessTask => C:\Windows\BrowserChoice\browserchoice.exe
Task: {D0A2D1F0-ADAA-4DAA-9099-05235CA3F2D6} - System32\Tasks\Sony Corporation\VAIO Control Center\VAIOControlCenterUser => C:\Program Files (x86)\Sony\VAIO Control Center\vim.exe [2014-11-17] (Sony Corporation)
Task: {D50C369F-E633-41BD-A7F6-39B50416AAFE} - System32\Tasks\Sony Corporation\VAIO Update\VAIO Update Self Repair => C:\Program Files\Sony\VAIO Update\VUSR.exe [2016-03-31] (Sony Corporation)
Task: {D58D3F8A-80D9-47BE-87F0-87BE1E8D15F5} - System32\Tasks\Sony Corporation\VAIO Care\VTUsr => C:\Program Files\Sony\VAIO Care\VAIOTM\VTUsr.exe [2017-04-19] (Sony Corporation)
Task: {EA390447-42D0-42BA-893F-0BAC71CA70D3} - System32\Tasks\Sony Corporation\VAIO Control Center\Level4Month => C:\Program Files (x86)\Sony\VAIO Control Center\WBCBatteryCare.exe [2013-03-15] (Sony Corporation)
Task: {FD11A334-379C-47A6-88CF-740BC3493916} - System32\Tasks\Sony Corporation\VAIO Update\Launch Application => C:\Program Files\SONY\VAIO Update\ShellExeProxy.exe [2016-03-31] (Sony Corporation)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\WINDOWS\Tasks\EPSON XP-520 Series Update {6B85294F-9774-45F0-A6EF-A7293D977B0D}.job => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSNPE.EXE:/EXE:{6B85294F-9774-45F0-A6EF-A7293D977B0D} /F:UpdateWORKGROUP\FREDDY_LAPTOP$ĊSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi
Task: C:\WINDOWS\Tasks\EPSON XP-520 Series Update {AA49A6FF-529B-4F6B-95BC-379A9FC14BB3}.job => C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_YTSNPE.EXE:/EXE:{AA49A6FF-529B-4F6B-95BC-379A9FC14BB3} /F:UpdateWORKGROUP\FREDDY_LAPTOP$ĊSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi
Task: C:\WINDOWS\Tasks\Synaptics TouchPad Enhancements.job => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
==================== Verknüpfungen & WMI ========================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2017-09-29 14:41 - 2017-09-29 14:41 - 000184432 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll
2016-11-17 01:28 - 2016-11-17 01:28 - 000092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2017-10-18 23:51 - 2017-10-18 23:51 - 001356088 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2017-11-25 15:35 - 2017-11-01 08:54 - 002358736 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MwacLib.dll
2017-11-25 15:35 - 2017-11-01 08:55 - 002299344 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\SelfProtectionSdk.dll
2013-09-05 00:17 - 2013-09-05 00:17 - 004300456 _____ () C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2017-09-29 14:42 - 2017-09-30 15:36 - 011044864 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2017-09-29 14:42 - 2017-09-30 15:36 - 001804288 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2017-09-17 00:00 - 2017-09-17 00:00 - 003553704 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11710.1001.27.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2017-10-18 21:58 - 2017-10-18 21:58 - 025741312 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.17092.13511.0_x64__8wekyb3d8bbwe\Video.UI.exe
2017-10-18 21:58 - 2017-10-18 21:58 - 009257984 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.17092.13511.0_x64__8wekyb3d8bbwe\EntCommon.dll
2017-09-26 07:39 - 2017-09-26 07:39 - 003553704 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.17092.13511.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2017-10-28 11:42 - 2017-10-28 11:42 - 004252160 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1710.2791.0_x64__8wekyb3d8bbwe\Calculator.exe
2017-09-26 07:39 - 2017-09-26 07:39 - 003553704 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1710.2791.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2017-11-11 14:05 - 2017-11-11 14:06 - 000022016 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.39091.16340.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
2017-11-11 14:05 - 2017-11-11 14:06 - 055109120 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.39091.16340.0_x64__8wekyb3d8bbwe\Microsoft.Photos.dll
2017-11-11 14:05 - 2017-11-11 14:06 - 000164864 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.39091.16340.0_x64__8wekyb3d8bbwe\VideoPlugin.dll
2017-09-30 07:37 - 2017-09-30 07:38 - 002523136 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.39091.16340.0_x64__8wekyb3d8bbwe\UnityEngineDelegates.dll
2017-09-30 07:37 - 2017-09-30 07:37 - 000675328 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.39091.16340.0_x64__8wekyb3d8bbwe\IPPNativePlugin.dll
2017-11-11 14:05 - 2017-11-11 14:05 - 003740160 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.39091.16340.0_x64__8wekyb3d8bbwe\MediaEngineCSWrapper.dll
2017-11-11 14:05 - 2017-11-11 14:06 - 002051584 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.39091.16340.0_x64__8wekyb3d8bbwe\TrackingDLLUWP.dll
2017-11-11 14:05 - 2017-11-11 14:06 - 020759040 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.39091.16340.0_x64__8wekyb3d8bbwe\PhotosApp.Windows.dll
2017-11-11 14:05 - 2017-11-11 14:05 - 003607040 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.39091.16340.0_x64__8wekyb3d8bbwe\MediaEngine.dll
2017-11-11 14:05 - 2017-11-11 14:05 - 003150848 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.39091.16340.0_x64__8wekyb3d8bbwe\AppCore.Windows.dll
2017-08-28 22:38 - 2017-08-28 22:38 - 003553704 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.39091.16340.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2017-11-11 14:05 - 2017-11-11 14:06 - 000046080 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.39091.16340.0_x64__8wekyb3d8bbwe\Microsoft.Photos.Edit.Services.dll
2017-11-11 14:05 - 2017-11-11 14:06 - 002493440 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.39091.16340.0_x64__8wekyb3d8bbwe\Microsoft.People.AutoSuggest.dll
2017-11-11 14:05 - 2017-11-11 14:06 - 000919040 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.39091.16340.0_x64__8wekyb3d8bbwe\Microsoft.People.PeoplePicker.dll
2017-11-11 14:05 - 2017-11-11 14:06 - 001363968 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.39091.16340.0_x64__8wekyb3d8bbwe\Microsoft.RichMedia.Ink.Controls.dll
2017-11-11 14:05 - 2017-11-11 14:05 - 000084480 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.39091.16340.0_x64__8wekyb3d8bbwe\MediaEngineVideoDataProvider.UWP.dll
2013-08-08 11:09 - 2013-04-02 14:02 - 001199576 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2017-09-29 14:46 - 2013-08-22 14:25 - 000000824 _____ C:\WINDOWS\system32\Drivers\etc\hosts
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-3483465479-2191358556-2575146349-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Sony\VAIO 13 img1 Wallpaper 1920x1080.jpg
HKU\S-1-5-21-3483465479-2191358556-2575146349-1006\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\web\wallpaper\Windows\img0.jpg
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Warn)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
HKLM\...\StartupApproved\StartupFolder: => "McAfee Parental Controls.lnk"
HKLM\...\StartupApproved\Run32: => "mcpltui_exe"
HKU\S-1-5-21-3483465479-2191358556-2575146349-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-3483465479-2191358556-2575146349-1001\...\StartupApproved\Run: => "Skype"
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [TCP Query User{A6AD4D0D-3212-42EB-BC6F-927C5784A533}C:\program files\sony\vaio care\vcsystemtray.exe] => (Allow) C:\program files\sony\vaio care\vcsystemtray.exe
FirewallRules: [UDP Query User{EC1FB4D4-7051-4BC5-936F-FBEEDD4AA16F}C:\program files\sony\vaio care\vcsystemtray.exe] => (Allow) C:\program files\sony\vaio care\vcsystemtray.exe
==================== Wiederherstellungspunkte =========================
ACHTUNG: Systemwiederherstellung ist deaktiviert
==================== Fehlerhafte Geräte im Gerätemanager =============
Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (11/26/2017 03:58:55 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: Die Open-Prozedur für den Dienst "BITS" in der DLL "C:\Windows\System32\bitsperf.dll" war nicht erfolgreich. Die Leistungsdaten für diesen Dienst sind nicht verfügbar. Die ersten vier Bytes (DWORD) des Datenbereichs enthalten den Fehlercode.
Error: (11/25/2017 03:34:37 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: Die Open-Prozedur für den Dienst "BITS" in der DLL "C:\Windows\System32\bitsperf.dll" war nicht erfolgreich. Die Leistungsdaten für diesen Dienst sind nicht verfügbar. Die ersten vier Bytes (DWORD) des Datenbereichs enthalten den Fehlercode.
Error: (11/25/2017 02:10:47 PM) (Source: ESENT) (EventID: 454) (User: )
Description: DllHost (10844,U,0) Internet_NOEDP_LEGACY_IDB: Unerwarteter Fehler "-1216" bei der Datenbankwiederherstellung.
Error: (11/25/2017 02:10:47 PM) (Source: ESENT) (EventID: 494) (User: )
Description: DllHost (10844,U,0) Internet_NOEDP_LEGACY_IDB: Fehler -1216 bei der Datenbankwiederherstellung, da Verweise auf die Datenbank "C:\Users\Freddy\AppData\Local\Microsoft\Internet Explorer\Indexed DB\Internet.edb" festgestellt wurden, die nicht mehr vorhanden ist. Die Datenbank wurde nicht sauber heruntergefahren, bevor sie entfernt (oder möglicherweise verschoben oder umbenannt) wurde. Das Datenbankmodul lässt den Abschluss der Wiederherstellung für diese Instanz erst dann zu, wenn die fehlende Datenbank wieder verfügbar gemacht wird. Wenn die Datenbank tatsächlich nicht mehr verfügbar oder nicht mehr erforderlich ist, finden Sie Informationen zum Beheben dieses Fehlers in der Microsoft Knowledge Base oder unter dem Link "Weitere Informationen" am Ende dieser Meldung.
Error: (11/19/2017 09:03:29 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: Die Open-Prozedur für den Dienst "BITS" in der DLL "C:\Windows\System32\bitsperf.dll" war nicht erfolgreich. Die Leistungsdaten für diesen Dienst sind nicht verfügbar. Die ersten vier Bytes (DWORD) des Datenbereichs enthalten den Fehlercode.
Error: (11/18/2017 03:16:47 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: Die Open-Prozedur für den Dienst "BITS" in der DLL "C:\Windows\System32\bitsperf.dll" war nicht erfolgreich. Die Leistungsdaten für diesen Dienst sind nicht verfügbar. Die ersten vier Bytes (DWORD) des Datenbereichs enthalten den Fehlercode.
Error: (11/18/2017 02:50:38 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 274875
Error: (11/18/2017 02:50:38 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 274875
Error: (11/18/2017 02:50:38 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (11/18/2017 02:50:22 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 259250
Systemfehler:
=============
Error: (11/26/2017 04:12:52 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\Lokaler Dienst" (SID: S-1-5-19) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
und der APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.
Error: (11/26/2017 04:07:08 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet:
Der Treiber konnte nicht geladen werden.
Error: (11/26/2017 04:07:08 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\Freddy\AppData\Local\Temp\ehdrv.sys
Error: (11/26/2017 04:07:07 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet:
Der Treiber konnte nicht geladen werden.
Error: (11/26/2017 04:07:07 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\Freddy\AppData\Local\Temp\ehdrv.sys
Error: (11/26/2017 04:07:07 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet:
Der Treiber konnte nicht geladen werden.
Error: (11/26/2017 04:07:07 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\Freddy\AppData\Local\Temp\ehdrv.sys
Error: (11/26/2017 04:07:07 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet:
Der Treiber konnte nicht geladen werden.
Error: (11/26/2017 04:07:07 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\Freddy\AppData\Local\Temp\ehdrv.sys
Error: (11/26/2017 04:07:06 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet:
Der Treiber konnte nicht geladen werden.
CodeIntegrity:
===================================
Date: 2017-11-26 16:04:19.501
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume5\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.
Date: 2017-11-26 16:04:19.496
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume5\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.
Date: 2017-11-26 16:04:17.896
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume5\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.
Date: 2017-11-26 16:04:17.893
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume5\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.
Date: 2017-11-26 16:03:55.259
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume5\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.
Date: 2017-11-26 16:03:55.257
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume5\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.
Date: 2017-11-26 16:03:44.486
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume5\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.
Date: 2017-11-26 16:03:44.483
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume5\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.
Date: 2017-11-26 15:59:58.115
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume5\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.
Date: 2017-11-26 15:59:58.109
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume5\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.
==================== Speicherinformationen ===========================
Prozessor: Intel(R) Core(TM) i5-4200U CPU @ 1.60GHz
Prozentuale Nutzung des RAM: 57%
Installierter physikalischer RAM: 4002.87 MB
Verfügbarer physikalischer RAM: 1701.4 MB
Summe virtueller Speicher: 5858.87 MB
Verfügbarer virtueller Speicher: 2413.98 MB
==================== Laufwerke ================================
Drive c: () (Fixed) (Total:102.79 GB) (Free:46.83 GB) NTFS
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (Size: 119.2 GB) (Disk ID: BA336E2C)
Partition: GPT.
==================== Ende von Addition.txt ============================
|
|
| Themen zu windows10: AVIRA meldet Trojaner-Fund |
| antivirus, avdevprot, avdevprot.sys, avira, bonjour, cpu, defender, desktop, device driver, google, home, malware, node.js, nodejs, performance, problem, prozesse, realtek, registry, rundll, scan, services.exe, software, sparbuch, svchost.exe, system, trojaner, udp, windows, wiso |
und 
und speichere die Logdatei auf Deinem Desktop.
Linear-Darstellung
