| |
| |||||||
Mülltonne: Trojan.VBE.Age....neuWindows 7 Beiträge, die gegen unsere Regeln verstoßen haben, solche, die die Welt nicht braucht oder sonstiger Müll landet hier in der Mülltonne... |
16.07.2020, 16:44
| #1 |
 |  Trojan.VBE.Age....neu Hallo, ich habe in Marokko eine pdf-Datei (Ticket für Fähre nach Frankreich) auf eine Stick gespeichert und auf einem marokkanischen PC ausdrucken lassen. Nachdem ich den Stick wieder an das Laptop angeschlossen habe bekam ich vom installierten Virenschutzprogramm EMISOFT die Meldung: Code:
ATTFilter I:\Manuel.doc Fund: Trojaner.VBE.Age.... Kategorie: Malware Datum: 13.06-2020
Ich hoff auf Eure Hilfe Peter Kögel Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 08-07-2020 01
durchgeführt von Koegel (Administrator) auf KOEGEL-HP (Hewlett-Packard HP ProBook 450 G1) (12-07-2020 16:06:18)
Gestartet von C:\Users\Koegel\Downloads
Geladene Profile: Koegel
Platform: Windows 10 Pro Version 1909 18363.900 (X64) Sprache: Deutsch (Deutschland)
Standard-Browser: Edge
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
() [Datei ist nicht signiert] C:\Program Files (x86)\Hewlett-Packard\HP Theft Recovery\CtService.exe
(Alittera Limited Inc -> 4Team Corporation) C:\Program Files (x86)\4Team Corporation\Safe PST Backup\SafePSTBackup.exe
(Alittera Limited Inc -> 4Team) C:\Program Files (x86)\4Team Corporation\SafePSTBackup Shadow Copy Service\SafePST.ShadowCopySvc.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Atheros) [Datei ist nicht signiert] C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(CHENGDU AOMEI TECHNOLOGY CO., LTD. -> AOMEI Tech Co., Ltd.) C:\Program Files (x86)\AOMEI Backupper\ABService.exe
(CryptoMill Technologies Ltd -> CryptoMill Technologies Ltd.) C:\Program Files (x86)\Hewlett-Packard\HP Trust Circles\CreoSvc.exe
(CyberLink -> CyberLink) C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
(CyberLink Corp. -> CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
(CyberLink Corp. -> CyberLink) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe
(CyberLink Corp. -> CyberLink) C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe
(DigitalPersona, Inc. -> DigitalPersona, Inc.) C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpCardEngine.exe
(DigitalPersona, Inc. -> DigitalPersona, Inc.) C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe
(Emsisoft Ltd -> Emsisoft Ltd) C:\Program Files\Emsisoft Anti-Malware\a2guard.exe
(Emsisoft Ltd -> Emsisoft Ltd) C:\Program Files\Emsisoft Anti-Malware\a2service.exe
(Emsisoft Ltd -> Emsisoft Ltd) C:\Program Files\Emsisoft Anti-Malware\a2start.exe
(Emsisoft Ltd -> Emsisoft Ltd) C:\Program Files\Emsisoft Anti-Malware\eppwsc.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <9>
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.452\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.452\GoogleCrashHandler64.exe
(Hewlett-Packard Company -> Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe
(Hewlett-Packard Company -> Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe
(Hewlett-Packard Company -> Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Hewlett-Packard Company -> Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
(Hewlett-Packard Company -> Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\CORESHREDDER.exe
(Hewlett-Packard Company -> Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe
(IDT, Inc.) [Datei ist nicht signiert] C:\Program Files\IDT\WDM\stacsv64.exe
(IDT, Inc.) [Datei ist nicht signiert] C:\Program Files\IDT\WDM\sttray64.exe
(Intel Corporation - Intel® Management Engine Firmware -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation - Intel® Management Engine Firmware -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation - Intel® Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation - Intel® Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Intel Corporation - Software and Firmware Products -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation - Software and Firmware Products -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Intel(R) Corporation) [Datei ist nicht signiert] C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel(R) pGFX -> ) C:\Windows\System32\igfxTray.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(McAfee, Inc. -> McAfee, LLC.) C:\Program Files\McAfee\TrueKey\McAfee.TrueKey.Service.exe
(McAfee, Inc. -> McAfee, LLC.) C:\Program Files\McAfee\TrueKey\McAfee.TrueKey.ServiceHelper.exe
(McAfee, Inc. -> McAfee, LLC.) C:\Program Files\McAfee\TrueKey\McTkSchedulerService.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTEM.EXE
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\AppVShNotify.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\Koegel\AppData\Local\Microsoft\OneDrive\OneDrive.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe <2>
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.2005.23.0_x64__8wekyb3d8bbwe\Calculator.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(PDF Complete Inc. -> PDF Complete Inc) C:\Program Files (x86)\PDF Complete\pdfsvc.exe
(Qualcomm Atheros -> Windows (R) Win 7 DDK provider) C:\Windows\System32\drivers\AdminService.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Validity Sensors, Inc -> Validity Sensors, Inc.) C:\Windows\System32\vcsFPService.exe
==================== Registry (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [286056 2013-07-30] (Intel Corporation - Intel® Rapid Storage Technology -> Intel Corporation)
HKLM\...\Run: [Persistence] => "C:\Windows\system32\igfxpers.exe"
HKLM\...\Run: [CryptoMill Refresh] => C:\Program Files\Hewlett-Packard\HP Trust Circles\ceflauncher -m refresh
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1703424 2013-07-04] (IDT, Inc.) [Datei ist nicht signiert]
HKLM\...\Run: [Emsisoft Anti-Malware] => C:\Program Files\Emsisoft Anti-Malware\a2guard.exe [8436416 2020-07-09] (Emsisoft Ltd -> Emsisoft Ltd)
HKLM-x32\...\Run: [QLBController] => C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe [337184 2013-08-01] (Hewlett-Packard Company -> Hewlett-Packard Company)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292848 2013-04-26] (Intel Corporation - Software and Firmware Products -> Intel Corporation)
HKLM-x32\...\Run: [YouCam Mirage] => c:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe [136488 2013-06-24] (CyberLink -> CyberLink)
HKLM-x32\...\Run: [YouCam Tray] => c:\Program Files (x86)\CyberLink\YouCam\YouCamTray.exe [167488 2013-06-24] (CyberLink Corp. -> CyberLink Corp.)
HKLM-x32\...\Run: [CLMLServer_For_P2G8] => c:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [110144 2013-03-12] (CyberLink Corp. -> CyberLink)
HKLM-x32\...\Run: [CLVirtualDrive] => c:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe [493528 2013-05-21] (CyberLink Corp. -> CyberLink Corp.)
HKLM-x32\...\Run: [HP File Sanitizer] => C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\Coreshredder.exe [2213592 2013-08-07] (Hewlett-Packard Company -> Hewlett-Packard)
HKLM\...\Policies\Explorer\Run: [BtvStack] => "C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe"
HKU\S-1-5-21-3571431206-264389752-657919249-1001\...\Run: [Safe PST Backup] => C:\Program Files (x86)\4Team Corporation\Safe PST Backup\SafePSTBackup.exe [16002040 2018-10-05] (Alittera Limited Inc -> 4Team Corporation)
HKU\S-1-5-21-3571431206-264389752-657919249-1001\...\MountPoints2: {bee2abed-1465-11ea-a478-806e6f6e6963} - "F:\AutoRun.exe"
HKLM\...\Windows x64\Print Processors\hpzppw71: C:\Windows\System32\spool\prtprocs\x64\hpzppw71.dll [230400 2009-07-14] (Microsoft Windows -> Hewlett-Packard Corporation)
HKLM\...\Print\Monitors\HP Universal Port Monitor: C:\WINDOWS\system32\hpbprtmon.dll [401920 2013-06-26] (Microsoft Windows Hardware Compatibility Publisher -> Hewlett-Packard)
HKLM\...\Print\Monitors\LIDIL hpzllw71: C:\WINDOWS\system32\hpzllw71.dll [53248 2009-07-14] (Microsoft Windows -> Hewlett-Packard Corporation)
HKLM\...\Print\Monitors\PDFC: C:\WINDOWS\system32\pdfc_port.dll [27368 2016-08-10] (PDF Complete Inc. -> PDF Complete, Inc.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\83.0.4103.116\Installer\chrmstp.exe [2020-06-24] (Google LLC -> Google LLC)
HKLM\Software\...\Authentication\Credential Providers: [{503739d0-4c5e-4cfd-b3ba-d881334f0df2}] ->
HKLM\Software\...\Authentication\Credential Providers: [{ACFC407B-266C-8504-8DAE-F3E276336E4B}] -> C:\WINDOWS\system32\AthCredentialProvider.dll [2013-06-28] (Qualcomm Atheros -> Qualcomm®Atheros®) [Datei ist nicht signiert]
HKLM\Software\...\Authentication\Credential Providers: [{B7724AE5-1135-4889-8A5F-CA98BE6CA1ED}] -> C:\Program Files\McAfee\TrueKey\McAfee.TrueKey.CredentialProvider.dll [2019-03-09] (McAfee, Inc. -> McAfee, LLC.)
HKLM\Software\...\Authentication\Credential Provider Filters: [{ACFC407B-266C-8504-8DAE-F3E276336E4B}] -> C:\WINDOWS\system32\AthCredentialProvider.dll [2013-06-28] (Qualcomm Atheros -> Qualcomm®Atheros®) [Datei ist nicht signiert]
HKLM\Software\...\Winlogon\GPExtensions: [{8D90E7E9-6F48-4e24-85E0-596C8E6C4639}] -> C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPCmsGPOClient.dll [2013-08-06] (DigitalPersona, Inc. -> DigitalPersona, Inc.)
Lsa: [Notification Packages] DPPassFilter scecli C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter "C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter" "C:\Program Files\McAfee\TrueKey\McAfeeTrueKeyPasswordFilter"
Startup: C:\Users\Koegel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\An OneNote senden.lnk [2020-03-16]
ShortcutTarget: An OneNote senden.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTEM.EXE (Microsoft Corporation -> Microsoft Corporation)
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) ============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {02E52CAC-2925-4AD0-A879-C46CBE71C94E} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23810952 2020-06-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {09841337-04F0-4C13-AEE8-602EFD3C6E07} - System32\Tasks\HPCeeScheduleForKoegel => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [95800 2011-07-15] (Hewlett-Packard Company -> Hewlett-Packard)
Task: {23ACACC0-D76C-4755-9EFD-FDC8AA427482} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {333DED2B-1F8B-4989-AC2F-1999CE669F75} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\WINDOWS\ehome\ehrec.exe
Task: {33996CFF-333D-4C06-AA89-66D0B0D997F9} - System32\Tasks\Microsoft\Windows\SideShow\AutoWake => {E51DFD48-AA36-4B45-BB52-E831F02E8316}
Task: {34732FC1-7D5F-480F-A62F-D0CBDA3A9EBC} - System32\Tasks\Microsoft\Windows\SideShow\GadgetManager => {FF87090D-4A9A-4f47-879B-29A80C355D61}
Task: {39C2F344-6861-43D5-86EB-680230B97974} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23810952 2020-06-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {3AAA93B9-BCF0-4086-973E-5FD443C96C5D} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {407B6773-1238-4EFD-82F8-0E42610369B6} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {44BA9BDD-7765-49D1-BC31-8AFA78B4DB0F} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156968 2019-03-16] (Google Inc -> Google Inc.)
Task: {45497806-CAEC-426C-B101-398C2E05908C} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPSFReport.exe [88120 2016-02-18] (Hewlett-Packard Company -> Hewlett-Packard)
Task: {486D715E-6AA2-44CF-BC48-B6990CBB53C6} - System32\Tasks\Microsoft\Windows\Shell\WindowsParentalControlsMigration => {343D770D-7788-47c2-B62A-B7C4CED925CB}
Task: {499633F7-0870-4595-AB64-809FDBDD56B0} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {49B06949-5667-4013-8F57-B65528CB19AA} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {4C174EA2-D1AD-4E8D-B101-BE98944548E2} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {52DF5A81-8FDB-4137-A794-EBA6A02B343F} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [1313176 2020-07-09] (Microsoft Corporation -> Microsoft Corporation)
Task: {5367B261-983E-440E-8062-B8663AF2F259} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [123744 2020-07-09] (Microsoft Corporation -> Microsoft Corporation)
Task: {5B42DD9C-5A26-4F27-BB95-34603F0997E5} - System32\Tasks\Microsoft\Windows\Shell\WindowsParentalControls => {DFA14C43-F385-4170-99CC-1B7765FA0E4A}
Task: {5E9694F0-DA58-4F67-AD51-72C26FDED0FF} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_30_0_0_134_Plugin.exe
Task: {67BF8594-B5D3-4589-A318-6A6AE51FD598} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [1059704 2018-11-09] (HP Inc. -> HP Inc.)
Task: {753D6E93-532F-45D1-94C0-9FB849C40ADE} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {80AC2DBD-A028-4ECA-9A7A-7CFDC22F198A} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [541496 2013-08-09] (Hewlett-Packard Company -> Hewlett-Packard Company)
Task: {81E21B5B-69D8-4CD9-ADBB-1A0197E27A0B} - System32\Tasks\CreateChoiceProcessTask => C:\Windows\System32\browserchoice.exe
Task: {8882B8BF-1B84-4019-AB82-5C9FCC19689A} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\WINDOWS\ehome\MCUpdate.exe
Task: {8CCED3B3-EFCD-420A-A81E-C07363972BC3} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [1059704 2018-11-09] (HP Inc. -> HP Inc.)
Task: {90DEF60E-6BAB-45C0-BB28-8B689CCA81A9} - System32\Tasks\Microsoft\Windows\End Of Support\Notify2 => C:\WINDOWS\system32\sipnotify.exe
Task: {98CD2293-33CF-4D0B-B996-CE85E7B44A3B} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {9A8F2343-4F21-4320-8D43-1E01ED070483} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {A366DE00-E050-4A04-8F46-5413C47D23B6} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {A80F9AFA-FD3C-44D1-B0E8-E7D6E64C206D} - System32\Tasks\Microsoft\Windows\End Of Support\Notify1 => C:\WINDOWS\system32\sipnotify.exe
Task: {A8373857-C691-4B6B-BE40-3F3BA47E6224} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [651400 2017-09-20] (Hewlett Packard -> HP Inc.)
Task: {A83E0C35-2F8B-4CFD-99A5-C933F139D354} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {AC119BEF-BE48-4122-B7A4-058DA09BC4CE} - System32\Tasks\4Team updater => C:\Program Files (x86)\4Team Corporation\4Team-Updater\4Team-Updater.exe [1086336 2018-05-24] (Alittera Limited Inc -> 4Team Corporation)
Task: {AC8DED7F-7546-4A3B-90A2-B492836AF9E3} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Product Configurator => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\ProductConfig.exe [208760 2018-06-27] (HP Inc. -> HP Inc.)
Task: {AF200CE9-2160-404D-98DC-2F9E46C0ED00} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\WINDOWS\ehome\mcupdate.exe
Task: {B0CBAB43-44FC-469B-A4CE-87426761FDCE} - System32\Tasks\Microsoft\Windows\PerfTrack\BackgroundConfigSurveyor => {EA9155A3-8A39-40b4-8963-D3C761B18371}
Task: {B65358E6-633E-4489-AB77-6239EC80A6F3} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {B7AA2E34-BF0A-4108-9154-0A2DC5C246F2} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [123744 2020-07-09] (Microsoft Corporation -> Microsoft Corporation)
Task: {BF4A409C-0704-4694-86A5-907026106EFE} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {C0DB419E-19BE-43C8-8509-9703B153E9C5} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156968 2019-03-16] (Google Inc -> Google Inc.)
Task: {C3DFDDE7-F58A-47C8-B7AB-340D96C9DE1F} - System32\Tasks\Microsoft\Windows\MobilePC\HotStart => {06DA0625-9701-43da-BFD7-FBEEA2180A1E}
Task: {C80E270E-41BD-4BD4-91B7-6B8DF567A4E4} - System32\Tasks\Microsoft\Windows\SideShow\SessionAgent => {45F26E9E-6199-477F-85DA-AF1EDfE067B1}
Task: {C89C67DA-03F9-4FE5-8411-A2CB7F727DE4} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {CC632498-B972-4BC9-9994-EA7C4407AF1F} - System32\Tasks\TrackerAutoUpdate => C:\Program Files\Tracker Software\Update\TrackerUpdate.exe [4071680 2018-07-03] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
Task: {DED8A131-BCBF-475E-A0FC-756452B28149} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {E22D2BA3-6781-4288-B61D-F0589202A632} - System32\Tasks\Microsoft\Windows\SideShow\SystemDataProviders => {7CCA6768-8373-4D28-8876-83E8B4E3A969}
Task: {E32D4D00-441B-4635-BC61-584FF1304E0B} - System32\Tasks\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => c:\Program Files\Microsoft Security Client\\MpCmdRun.exe
Task: {EB0D8C20-9BCA-41EE-818B-37EE24C0EA6D} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [541496 2013-08-09] (Hewlett-Packard Company -> Hewlett-Packard Company)
Task: {ECCA7F8F-D275-4E36-8EED-FE4F7E63B674} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: {ED77B74D-A1A7-4C98-937E-777FA5EC1CED} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {F6DD4D21-8DAC-415C-A466-E47FD77A865A} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {F8FFA4B4-4F2A-4BF4-B148-2163C5756C2D} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\WINDOWS\ehome\ehPrivJob.exe
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\WINDOWS\Tasks\HPCeeScheduleForKoegel.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
Task: C:\WINDOWS\Tasks\TrackerAutoUpdate.job => C:\Program Files\Tracker Software\Update\TrackerUpdate.exe-CheckUpdate(Tracker Software Products (Canada) Ltd.Kee
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Tcpip\Parameters: [DhcpNameServer] 192.168.8.1
Tcpip\..\Interfaces\{79388D91-2A1C-4C54-8B20-4A40332EC496}: [NameServer] 192.168.1.1
Tcpip\..\Interfaces\{EF4B0137-DE2E-4780-9D08-4338063123BD}: [DhcpNameServer] 192.168.8.1
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://g.uk.msn.com/HPCOM13/10
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPCOM13/10
HKU\S-1-5-21-3571431206-264389752-657919249-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://google.de/
HKU\S-1-5-21-3571431206-264389752-657919249-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPCOM13/10
BHO: True Key Helper -> {0F4B8786-5502-4803-8EBC-F652A1153BB6} -> C:\Program Files\McAfee\TrueKey\MSIE\truekey_ie64.dll [2018-04-23] (McAfee, Inc. -> Intel Security)
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2020-01-13] (Microsoft Corporation -> Microsoft Corporation)
BHO: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll [2013-06-28] (Qualcomm Atheros -> Qualcomm®Atheros®) [Datei ist nicht signiert]
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2013-08-28] (Hewlett-Packard Company -> Hewlett-Packard)
BHO-x32: True Key Helper -> {0F4B8786-5502-4803-8EBC-F652A1153BB6} -> C:\Program Files\McAfee\TrueKey\MSIE\truekey_ie.dll [2018-04-23] (McAfee, Inc. -> Intel Security)
BHO-x32: HP File Sanitizer -> {3134413B-49B4-425C-98A5-893C1F195601} -> C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\IEBHO.dll [2013-08-07] (Hewlett-Packard Company -> Hewlett-Packard)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2013-08-28] (Hewlett-Packard Company -> Hewlett-Packard)
Toolbar: HKLM - True Key - {4BAAC1B8-0800-42C9-8FA6-08B211F356B8} - C:\Program Files\McAfee\TrueKey\MSIE\truekey_ie64.dll [2018-04-23] (McAfee, Inc. -> Intel Security)
Toolbar: HKLM-x32 - True Key - {4BAAC1B8-0800-42C9-8FA6-08B211F356B8} - C:\Program Files\McAfee\TrueKey\MSIE\truekey_ie.dll [2018-04-23] (McAfee, Inc. -> Intel Security)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2020-07-09] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2020-07-09] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2020-07-09] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2020-07-09] (Microsoft Corporation -> Microsoft Corporation)
Edge:
======
Edge DefaultProfile: Default
Edge Profile: C:\Users\Koegel\AppData\Local\Microsoft\Edge\User Data\Default [2020-07-10]
FireFox:
========
FF ProfilePath: C:\Users\Koegel\AppData\Roaming\Mozilla\Firefox\Profiles\j5zozfuk.default [2020-03-30]
FF Homepage: Mozilla\Firefox\Profiles\j5zozfuk.default -> www.orange.fr
FF Notifications: Mozilla\Firefox\Profiles\j5zozfuk.default -> hxxps://coveredbliss.com; hxxps://www.youtube.com; hxxps://www.pinterest.fr; hxxps://smsmms.orange.fr; hxxps://www.promobil.de
FF HKLM-x32\...\Firefox\Extensions: [otis@digitalpersona.com] - C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\FirefoxExt
FF Extension: (DigitalPersona Extension) - C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\FirefoxExt [2013-11-02] [] [ist nicht signiert]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_30_0_0_134.dll [Keine Datei]
FF Plugin: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll [2018-07-03] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_30_0_0_134.dll [Keine Datei]
FF Plugin-x32: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2018-07-03] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-07-26] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-07-26] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2020-01-13] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [Keine Datei]
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [Keine Datei]
FF Plugin-x32: digitalpersona.com/ChromeDPAgent -> C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\ChromeExt\components\npChromeDPAgent.dll [2013-08-06] (DigitalPersona, Inc. -> DigitalPersona, Inc.)
FF Plugin HKU\S-1-5-21-3571431206-264389752-657919249-1001: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [2018-07-03] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\Koegel\AppData\Local\Google\Chrome\User Data\Default [2020-07-12]
CHR Notifications: Default -> hxxps://de.yourtripagent.com; hxxps://lukkiy.com; hxxps://sauwoaptain.com; hxxps://shabbychicmania.it; hxxps://silkvi.com; hxxps://www.anthropologie.com; hxxps://www.facebook.com; hxxps://www.fnac.com; hxxps://www.frag-mutti.de; hxxps://www.jds.fr; hxxps://www.loberon.ch; hxxps://www.maisonsdumonde.com; hxxps://www.mein-schoener-garten.de; hxxps://www.stuttgarter-nachrichten.de; hxxps://www.youtube.com
CHR Extension: (Präsentationen) - C:\Users\Koegel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-03-16]
CHR Extension: (Google Drive) - C:\Users\Koegel\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2019-03-16]
CHR Extension: (Avira Browserschutz) - C:\Users\Koegel\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2020-04-24]
CHR Extension: (Google Docs Offline) - C:\Users\Koegel\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-05-20]
CHR Extension: (Emsisoft Browser Security) - C:\Users\Koegel\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfofijpkapingknllefalncmbiienkab [2019-12-01]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Koegel\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-11]
CHR Extension: (Chrome Media Router) - C:\Users\Koegel\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-05-21]
CHR Profile: C:\Users\Koegel\AppData\Local\Google\Chrome\User Data\Guest Profile [2020-03-08]
CHR Profile: C:\Users\Koegel\AppData\Local\Google\Chrome\User Data\System Profile [2020-03-08]
CHR HKLM\...\Chrome\Extension: [caljgklbbfbcjjanaijlacgncafpegll]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk]
CHR HKLM-x32\...\Chrome\Extension: [caljgklbbfbcjjanaijlacgncafpegll]
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk]
CHR HKLM-x32\...\Chrome\Extension: [ncffjdbbodifgldkcbhmiiljfcnbgjab] - C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\ChromeExt\dpchrome.crx [2013-08-06]
==================== Dienste (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 a2AntiMalware; C:\Program Files\Emsisoft Anti-Malware\a2service.exe [9872344 2020-07-09] (Emsisoft Ltd -> Emsisoft Ltd)
R2 Backupper Service; C:\Program Files (x86)\AOMEI Backupper\ABService.exe [844888 2019-10-28] (CHENGDU AOMEI TECHNOLOGY CO., LTD. -> AOMEI Tech Co., Ltd.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [10574728 2020-06-23] (Microsoft Corporation -> Microsoft Corporation)
R2 CreoService; C:\Program Files (x86)\Hewlett-Packard\HP Trust Circles\CreoSvc.exe [1366488 2013-08-23] (CryptoMill Technologies Ltd -> CryptoMill Technologies Ltd.)
R2 CtAgentService; C:\Program Files (x86)\Hewlett-Packard\HP Theft Recovery\CtService.exe [7168 2013-08-08] () [Datei ist nicht signiert]
R2 CyberLink PowerDVD 12 Media Server Monitor Service; c:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe [77576 2013-07-15] (CyberLink Corp. -> CyberLink)
R2 CyberLink PowerDVD 12 Media Server Service; c:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe [294664 2013-07-15] (CyberLink Corp. -> CyberLink)
R2 DpHost; C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe [500048 2013-08-06] (DigitalPersona, Inc. -> DigitalPersona, Inc.)
R2 EppWsc; C:\Program Files\Emsisoft Anti-Malware\EppWsc.exe [1445584 2020-06-01] (Emsisoft Ltd -> Emsisoft Ltd)
S3 FLCDLOCK; c:\Windows\SysWOW64\flcdlock.exe [558392 2013-08-07] (Hewlett-Packard Company -> Hewlett-Packard Company)
R2 hpHotkeyMonitor; C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe [681760 2013-08-01] (Hewlett-Packard Company -> Hewlett-Packard Company)
R2 igfxCUIService2.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [373760 2017-01-27] (Intel(R) pGFX -> Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; c:\Program Files\Intel\iCLS Client\HeciServer.exe [733696 2013-05-12] (Intel(R) Corporation) [Datei ist nicht signiert]
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-07-26] (Intel Corporation - Intel® Management Engine Firmware -> Intel Corporation)
R2 pdfcDispatcher; C:\Program Files (x86)\PDF Complete\pdfsvc.exe [1719040 2016-08-10] (PDF Complete Inc. -> PDF Complete Inc)
R2 SafePSTShadowCopy; C:\Program Files (x86)\4Team Corporation\SafePSTBackup Shadow Copy Service\SafePST.ShadowCopySvc.exe [16392 2018-10-05] (Alittera Limited Inc -> 4Team)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5930136 2020-04-16] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 STacSV; C:\Program Files\IDT\WDM\STacSV64.exe [337920 2013-07-04] (IDT, Inc.) [Datei ist nicht signiert]
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [255640 2019-01-02] (Synaptics Incorporated -> Synaptics Incorporated)
R2 TrueKey; C:\Program Files\McAfee\TrueKey\McAfee.TrueKey.Service.exe [421432 2019-03-09] (McAfee, Inc. -> McAfee, LLC.)
R2 TrueKeyScheduler; C:\Program Files\McAfee\TrueKey\McTkSchedulerService.exe [421432 2019-03-09] (McAfee, Inc. -> McAfee, LLC.)
R2 TrueKeyServiceHelper; C:\Program Files\McAfee\TrueKey\McAfee.TrueKey.ServiceHelper.exe [194168 2019-03-09] (McAfee, Inc. -> McAfee, LLC.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [4098056 2019-03-19] (Microsoft Corporation -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [113992 2019-03-19] (Microsoft Corporation -> Microsoft Corporation)
R2 ZAtheros Bt and Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [323584 2013-06-28] (Atheros) [Datei ist nicht signiert]
===================== Treiber (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R3 Accelerometer; C:\WINDOWS\System32\drivers\Accelerometer.sys [54688 2020-06-04] (HP Inc. -> HP)
R0 ambakdrv; C:\WINDOWS\System32\ambakdrv.sys [51120 2016-12-21] (CHENGDU AOMEI Tech Co., Ltd. -> )
R2 ammntdrv; C:\Windows\system32\ammntdrv.sys [171952 2016-12-21] (CHENGDU AOMEI Tech Co., Ltd. -> )
R2 amwrtdrv; C:\Windows\system32\amwrtdrv.sys [38320 2017-09-01] (CHENGDU AOMEI Tech Co., Ltd. -> )
S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35560 2018-05-10] (WDKTestCert build,131474841775766162 -> Apple Inc.)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [231936 2019-10-07] (Microsoft Corporation) [Datei ist nicht signiert]
R1 CLVirtualDrive; C:\WINDOWS\System32\DRIVERS\CLVirtualDrive.sys [90608 2011-12-27] (CyberLink -> CyberLink)
S3 DAMDrv; C:\WINDOWS\System32\DRIVERS\DAMDrv64.sys [65752 2013-06-13] (Hewlett-Packard Company -> Hewlett-Packard Company)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [136040 2019-09-26] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R1 epp; C:\Program Files\Emsisoft Anti-Malware\epp.sys [155112 2020-02-17] (Microsoft Windows Hardware Compatibility Publisher -> Emsisoft Ltd)
R0 eppdisk; C:\WINDOWS\System32\drivers\eppdisk.sys [37776 2019-06-03] (Emsisoft Ltd -> Emsisoft Ltd)
S0 EppElam; C:\WINDOWS\System32\drivers\EppElam.sys [16808 2020-06-01] (Microsoft Windows Early Launch Anti-Malware Publisher -> Emsisoft Ltd)
R1 eppwfp; C:\Program Files\Emsisoft Anti-Malware\eppwfp.sys [126144 2020-04-09] (Microsoft Windows Hardware Compatibility Publisher -> Emsisoft Ltd)
R0 hpdskflt; C:\WINDOWS\System32\drivers\hpdskflt.sys [64928 2020-06-04] (HP Inc. -> HP)
R3 HpqKbFiltr; C:\WINDOWS\System32\drivers\HpqKbFiltr.sys [25912 2013-06-26] (Hewlett-Packard Company -> Hewlett-Packard Company)
R3 IceKore; C:\WINDOWS\System32\DRIVERS\IceKore.sys [397784 2013-08-19] (CryptoMill Technologies Ltd -> CryptoMill Technologies Inc.)
S3 lehidmini; C:\WINDOWS\system32\drivers\leath_hid.sys [39704 2013-06-28] (Atheros Communications Inc. -> Atheros)
S3 SmbDrv; C:\WINDOWS\system32\drivers\Smb_driver_AMDASF.sys [30448 2013-08-20] (Synaptics Incorporated -> Synaptics Incorporated)
S3 SmbDrvI; C:\WINDOWS\system32\drivers\Smb_driver_Intel.sys [34544 2013-08-20] (Synaptics Incorporated -> Synaptics Incorporated)
S3 SPUVCbv; C:\WINDOWS\System32\Drivers\SPUVCbv64.sys [1063520 2017-02-23] (SUNPLUS INNOVATION TECHNOLOGY INC. -> Sunplus Innovation Technology Inc.)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [166760 2019-09-26] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R3 STHDA; C:\WINDOWS\system32\DRIVERS\stwrt64.sys [550912 2013-07-04] (Microsoft Windows Hardware Compatibility Publisher -> IDT, Inc.)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [46472 2019-03-19] (Microsoft Windows Early Launch Anti-Malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [333784 2019-03-19] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [62432 2019-03-19] (Microsoft Windows -> Microsoft Corporation)
R3 WirelessButtonDriver64; C:\WINDOWS\System32\drivers\WirelessButtonDriver64.sys [34944 2018-05-11] (HP Inc. -> HP)
U3 idsvc; kein ImagePath
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat (erstellte) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2020-07-12 16:06 - 2020-07-12 16:09 - 000038670 _____ C:\Users\Koegel\Downloads\FRST.txt
2020-07-12 16:04 - 2020-07-12 16:08 - 000000000 ____D C:\FRST
2020-07-12 16:02 - 2020-07-12 16:03 - 002292736 _____ (Farbar) C:\Users\Koegel\Downloads\FRST64 (1).exe
2020-07-12 16:01 - 2020-07-12 16:01 - 002292736 _____ (Farbar) C:\Users\Koegel\Downloads\FRST64.exe
2020-07-12 13:46 - 2020-07-12 13:46 - 000024198 _____ C:\Users\Koegel\Downloads\Auslandsüberweisungsquittung_KtoNr0920168859_12-07-2020_13-46-52.pdf
2020-07-12 13:42 - 2020-07-12 13:42 - 000055743 _____ C:\Users\Koegel\Downloads\PB_Kontoauszug_KtoNr_0920168859_09-07-2020_042153.pdf
2020-07-12 13:17 - 2020-07-12 15:44 - 000001078 _____ C:\WINDOWS\system32dbgraw.bmp
2020-07-11 22:31 - 2020-07-11 22:31 - 000003252 _____ C:\WINDOWS\system32\Tasks\HPCeeScheduleForKoegel
2020-07-11 22:31 - 2020-07-11 22:31 - 000000356 _____ C:\WINDOWS\Tasks\HPCeeScheduleForKoegel.job
2020-07-10 19:32 - 2020-04-28 01:19 - 002626504 _____ (Sunplus Innovation Technology Inc.) C:\WINDOWS\system32\SPITDevMft64.dll
2020-06-24 16:46 - 2020-06-24 16:46 - 000126008 _____ C:\Users\Koegel\Downloads\PB_Kontoauszug_KtoNr_0920168859_10-12-2019_092347.pdf
2020-06-24 16:45 - 2020-06-24 16:45 - 000054919 _____ C:\Users\Koegel\Downloads\PB_Kontoauszug_KtoNr_0920168859_10-03-2020_093459.pdf
2020-06-24 16:44 - 2020-06-24 16:44 - 000054561 _____ C:\Users\Koegel\Downloads\PB_Kontoauszug_KtoNr_0920168859_11-02-2020_093450.pdf
2020-06-24 16:42 - 2020-06-24 16:42 - 000098809 _____ C:\Users\Koegel\Downloads\PB_Kontoauszug_KtoNr_0920168859_09-01-2020_043238.pdf
2020-06-21 22:03 - 2020-06-21 22:03 - 000055313 _____ C:\Users\Koegel\Downloads\PB_Kontoauszug_KtoNr_0920168859_09-06-2020_095529.pdf
2020-06-13 17:54 - 2020-06-13 17:54 - 000071176 _____ C:\Users\Koegel\Downloads\facture_9025910305_2020-06-12.pdf
2020-06-13 15:28 - 2020-06-13 15:28 - 000104460 _____ C:\Users\Koegel\Downloads\GN-03106437 (3).pdf
2020-06-13 13:49 - 2020-06-13 13:50 - 000104460 _____ C:\Users\Koegel\Downloads\GN-03106437 (2).pdf
2020-06-13 11:47 - 2020-07-12 14:00 - 000003698 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2020-06-13 11:47 - 2020-07-12 14:00 - 000003574 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2020-06-13 11:47 - 2020-07-09 17:39 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2020-06-13 11:47 - 2020-07-09 17:39 - 000002274 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2020-06-13 11:47 - 2020-07-09 17:39 - 000002274 _____ C:\ProgramData\Desktop\Microsoft Edge.lnk
2020-06-13 01:18 - 2020-06-13 01:18 - 011608064 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2020-06-13 01:18 - 2020-06-13 01:18 - 009712640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2020-06-13 01:18 - 2020-06-13 01:18 - 001539072 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbengine.exe
2020-06-13 01:18 - 2020-06-13 01:18 - 000940544 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2020-06-13 01:18 - 2020-06-13 01:18 - 000920064 _____ (Microsoft Corporation) C:\WINDOWS\system32\MsSpellCheckingFacility.dll
2020-06-13 01:18 - 2020-06-13 01:18 - 000723968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fveapi.dll
2020-06-13 01:18 - 2020-06-13 01:18 - 000688640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MsSpellCheckingFacility.dll
2020-06-13 01:18 - 2020-06-13 01:18 - 000651264 _____ (Microsoft Corporation) C:\WINDOWS\system32\FXSCOMEX.dll
2020-06-13 01:18 - 2020-06-13 01:18 - 000588800 _____ (Microsoft Corporation) C:\WINDOWS\system32\msra.exe
2020-06-13 01:18 - 2020-06-13 01:18 - 000526336 _____ (Microsoft Corporation) C:\WINDOWS\system32\bdesvc.dll
2020-06-13 01:18 - 2020-06-13 01:18 - 000503808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FXSCOMEX.dll
2020-06-13 01:18 - 2020-06-13 01:18 - 000466944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Picker.dll
2020-06-13 01:18 - 2020-06-13 01:18 - 000430592 _____ (Microsoft Corporation) C:\WINDOWS\system32\WalletService.dll
2020-06-13 01:18 - 2020-06-13 01:18 - 000338944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Picker.dll
2020-06-13 01:18 - 2020-06-13 01:18 - 000219136 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpdxm.dll
2020-06-13 01:18 - 2020-06-13 01:18 - 000166912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmpdxm.dll
2020-06-13 01:18 - 2020-06-13 01:18 - 000053760 _____ (Microsoft Corporation) C:\WINDOWS\system32\BdeUISrv.exe
2020-06-13 01:17 - 2020-06-13 01:17 - 025902080 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2020-06-13 01:17 - 2020-06-13 01:17 - 025444352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Hydrogen.dll
2020-06-13 01:17 - 2020-06-13 01:17 - 019851776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2020-06-13 01:17 - 2020-06-13 01:17 - 019812864 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramWorld.dll
2020-06-13 01:17 - 2020-06-13 01:17 - 018029056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2020-06-13 01:17 - 2020-06-13 01:17 - 008015360 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2020-06-13 01:17 - 2020-06-13 01:17 - 007760384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2020-06-13 01:17 - 2020-06-13 01:17 - 007268864 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2020-06-13 01:17 - 2020-06-13 01:17 - 007012864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2020-06-13 01:17 - 2020-06-13 01:17 - 006292480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2020-06-13 01:17 - 2020-06-13 01:17 - 005909504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2020-06-13 01:17 - 2020-06-13 01:17 - 005765144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2020-06-13 01:17 - 2020-06-13 01:17 - 004858880 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2020-06-13 01:17 - 2020-06-13 01:17 - 004610560 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2020-06-13 01:17 - 2020-06-13 01:17 - 004470272 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsrchvw.exe
2020-06-13 01:17 - 2020-06-13 01:17 - 004129416 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2020-06-13 01:17 - 2020-06-13 01:17 - 003822592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2020-06-13 01:17 - 2020-06-13 01:17 - 003525608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2020-06-13 01:17 - 2020-06-13 01:17 - 003515392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2020-06-13 01:17 - 2020-06-13 01:17 - 003398656 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVidCtl.dll
2020-06-13 01:17 - 2020-06-13 01:17 - 003365376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xpsrchvw.exe
2020-06-13 01:17 - 2020-06-13 01:17 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2020-06-13 01:17 - 2020-06-13 01:17 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2020-06-13 01:17 - 2020-06-13 01:17 - 002494744 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2020-06-13 01:17 - 2020-06-13 01:17 - 002281472 _____ (Microsoft Corporation) C:\WINDOWS\system32\mmcndmgr.dll
2020-06-13 01:17 - 2020-06-13 01:17 - 002230240 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
2020-06-13 01:17 - 2020-06-13 01:17 - 002204160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVidCtl.dll
2020-06-13 01:17 - 2020-06-13 01:17 - 002190648 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntSubsystems64.dll
2020-06-13 01:17 - 2020-06-13 01:17 - 002184504 _____ (Microsoft Corporation) C:\WINDOWS\system32\workfolderssvc.dll
2020-06-13 01:17 - 2020-06-13 01:17 - 001803776 _____ (Microsoft Corporation) C:\WINDOWS\system32\mmc.exe
2020-06-13 01:17 - 2020-06-13 01:17 - 001704448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mmcndmgr.dll
2020-06-13 01:17 - 2020-06-13 01:17 - 001637888 _____ (Microsoft Corporation) C:\WINDOWS\system32\quartz.dll
2020-06-13 01:17 - 2020-06-13 01:17 - 001610240 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramCompositor.dll
2020-06-13 01:17 - 2020-06-13 01:17 - 001497400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppVEntSubsystems32.dll
2020-06-13 01:17 - 2020-06-13 01:17 - 001467392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\quartz.dll
2020-06-13 01:17 - 2020-06-13 01:17 - 001410048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mmc.exe
2020-06-13 01:17 - 2020-06-13 01:17 - 001397560 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2020-06-13 01:17 - 2020-06-13 01:17 - 001344512 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMNetMgr.dll
2020-06-13 01:17 - 2020-06-13 01:17 - 001319936 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2020-06-13 01:17 - 2020-06-13 01:17 - 001316352 _____ (Microsoft Corporation) C:\WINDOWS\system32\srmclient.dll
2020-06-13 01:17 - 2020-06-13 01:17 - 001314304 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagperf.dll
2020-06-13 01:17 - 2020-06-13 01:17 - 001312256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjet40.dll
2020-06-13 01:17 - 2020-06-13 01:17 - 001284608 _____ (Microsoft Corporation) C:\WINDOWS\system32\werconcpl.dll
2020-06-13 01:17 - 2020-06-13 01:17 - 001272160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll
2020-06-13 01:17 - 2020-06-13 01:17 - 001215488 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdclt.exe
2020-06-13 01:17 - 2020-06-13 01:17 - 001193984 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdengin2.dll
2020-06-13 01:17 - 2020-06-13 01:17 - 001151824 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2020-06-13 01:17 - 2020-06-13 01:17 - 001138688 _____ (Microsoft Corporation) C:\WINDOWS\system32\nettrace.dll
2020-06-13 01:17 - 2020-06-13 01:17 - 001112576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMNetMgr.dll
2020-06-13 01:17 - 2020-06-13 01:17 - 001099608 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfds.dll
2020-06-13 01:17 - 2020-06-13 01:17 - 001077048 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2020-06-13 01:17 - 2020-06-13 01:17 - 001066496 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdosys.dll
2020-06-13 01:17 - 2020-06-13 01:17 - 001012800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2020-06-13 01:17 - 2020-06-13 01:17 - 000994304 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2020-06-13 01:17 - 2020-06-13 01:17 - 000992256 _____ (Microsoft Corporation) C:\WINDOWS\system32\imapi2fs.dll
2020-06-13 01:17 - 2020-06-13 01:17 - 000982016 _____ (Microsoft Corporation) C:\WINDOWS\system32\tapi3.dll
2020-06-13 01:17 - 2020-06-13 01:17 - 000971264 _____ (Microsoft Corporation) C:\WINDOWS\system32\dsregcmd.exe
2020-06-13 01:17 - 2020-06-13 01:17 - 000932352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srmclient.dll
2020-06-13 01:17 - 2020-06-13 01:17 - 000893952 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2020-06-13 01:17 - 2020-06-13 01:17 - 000868352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\imapi2fs.dll
2020-06-13 01:17 - 2020-06-13 01:17 - 000850944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tapi3.dll
2020-06-13 01:17 - 2020-06-13 01:17 - 000843776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2020-06-13 01:17 - 2020-06-13 01:17 - 000836608 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkfoldersControl.dll
2020-06-13 01:17 - 2020-06-13 01:17 - 000836608 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2020-06-13 01:17 - 2020-06-13 01:17 - 000832512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdosys.dll
2020-06-13 01:17 - 2020-06-13 01:17 - 000783496 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe
2020-06-13 01:17 - 2020-06-13 01:17 - 000776192 _____ (Microsoft Corporation) C:\WINDOWS\system32\nshwfp.dll
2020-06-13 01:17 - 2020-06-13 01:17 - 000747832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfds.dll
2020-06-13 01:17 - 2020-06-13 01:17 - 000740352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2020-06-13 01:17 - 2020-06-13 01:17 - 000739840 _____ (Microsoft Corporation) C:\WINDOWS\system32\cscsvc.dll
2020-06-13 01:17 - 2020-06-13 01:17 - 000705536 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2020-06-13 01:17 - 2020-06-13 01:17 - 000701440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Mirage.Internal.dll
2020-06-13 01:17 - 2020-06-13 01:17 - 000694784 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpprefcl.dll
2020-06-13 01:17 - 2020-06-13 01:17 - 000692224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comdlg32.dll
2020-06-13 01:17 - 2020-06-13 01:17 - 000689152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CPFilters.dll
2020-06-13 01:17 - 2020-06-13 01:17 - 000686080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2020-06-13 01:17 - 2020-06-13 01:17 - 000674304 _____ (Microsoft Corporation) C:\WINDOWS\system32\wiaaut.dll
2020-06-13 01:17 - 2020-06-13 01:17 - 000668672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
2020-06-13 01:17 - 2020-06-13 01:17 - 000640000 _____ (Microsoft Corporation) C:\WINDOWS\system32\qedit.dll
2020-06-13 01:17 - 2020-06-13 01:17 - 000638464 _____ (Microsoft Corporation) C:\WINDOWS\system32\srmscan.dll
2020-06-13 01:17 - 2020-06-13 01:17 - 000619008 _____ (Microsoft Corporation) C:\WINDOWS\system32\azroles.dll
2020-06-13 01:17 - 2020-06-13 01:17 - 000609280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nshwfp.dll
2020-06-13 01:17 - 2020-06-13 01:17 - 000593920 _____ (Microsoft Corporation) C:\WINDOWS\system32\psisdecd.dll
2020-06-13 01:17 - 2020-06-13 01:17 - 000575488 _____ (Microsoft® Windows® Operating System) C:\WINDOWS\system32\wvc.dll
2020-06-13 01:17 - 2020-06-13 01:17 - 000574464 _____ (Microsoft Corporation) C:\WINDOWS\system32\msTextPrediction.dll
2020-06-13 01:17 - 2020-06-13 01:17 - 000571904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wiaaut.dll
2020-06-13 01:17 - 2020-06-13 01:17 - 000567808 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhotoScreensaver.scr
2020-06-13 01:17 - 2020-06-13 01:17 - 000564736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gpprefcl.dll
2020-06-13 01:17 - 2020-06-13 01:17 - 000562176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2020-06-13 01:17 - 2020-06-13 01:17 - 000555520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\qdvd.dll
2020-06-13 01:17 - 2020-06-13 01:17 - 000549376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\qedit.dll
2020-06-13 01:17 - 2020-06-13 01:17 - 000533504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2020-06-13 01:17 - 2020-06-13 01:17 - 000529920 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanmm.dll
2020-06-13 01:17 - 2020-06-13 01:17 - 000529920 _____ (Microsoft Corporation) C:\WINDOWS\system32\nltest.exe
2020-06-13 01:17 - 2020-06-13 01:17 - 000516544 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2020-06-13 01:17 - 2020-06-13 01:17 - 000513536 _____ (Microsoft Corporation) C:\WINDOWS\system32\imapi2.dll
2020-06-13 01:17 - 2020-06-13 01:17 - 000500224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhotoScreensaver.scr
2020-06-13 01:17 - 2020-06-13 01:17 - 000498688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\azroles.dll
2020-06-13 01:17 - 2020-06-13 01:17 - 000498176 _____ (Microsoft Corporation) C:\WINDOWS\system32\werui.dll
2020-06-13 01:17 - 2020-06-13 01:17 - 000490496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.FileExplorer.dll
2020-06-13 01:17 - 2020-06-13 01:17 - 000484864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\psisdecd.dll
2020-06-13 01:17 - 2020-06-13 01:17 - 000478208 _____ (Microsoft® Windows® Operating System) C:\WINDOWS\SysWOW64\wvc.dll
2020-06-13 01:17 - 2020-06-13 01:17 - 000477184 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedRealitySvc.dll
2020-06-13 01:17 - 2020-06-13 01:17 - 000464896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srmscan.dll
2020-06-13 01:17 - 2020-06-13 01:17 - 000462848 _____ (Microsoft Corporation) C:\WINDOWS\system32\iassdo.dll
2020-06-13 01:17 - 2020-06-13 01:17 - 000430592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werui.dll
2020-06-13 01:17 - 2020-06-13 01:17 - 000426496 _____ (Microsoft Corporation) C:\WINDOWS\system32\termmgr.dll
2020-06-13 01:17 - 2020-06-13 01:17 - 000423424 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpencom.dll
2020-06-13 01:17 - 2020-06-13 01:17 - 000422400 _____ (Microsoft Corporation) C:\WINDOWS\system32\mswmdm.dll
2020-06-13 01:17 - 2020-06-13 01:17 - 000420352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\imapi2.dll
2020-06-13 01:17 - 2020-06-13 01:17 - 000407864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\spwizeng.dll
2020-06-13 01:17 - 2020-06-13 01:17 - 000398336 _____ (Microsoft Corporation) C:\WINDOWS\system32\WlanMM.dll
2020-06-13 01:17 - 2020-06-13 01:17 - 000398336 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationApi.dll
2020-06-13 01:17 - 2020-06-13 01:17 - 000391680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netshell.dll
2020-06-13 01:17 - 2020-06-13 01:17 - 000391680 _____ (Microsoft Corporation) C:\WINDOWS\system32\qdvd.dll
2020-06-13 01:17 - 2020-06-13 01:17 - 000384512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\puiobj.dll
2020-06-13 01:17 - 2020-06-13 01:17 - 000361472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\termmgr.dll
2020-06-13 01:17 - 2020-06-13 01:17 - 000359936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iassdo.dll
2020-06-13 01:17 - 2020-06-13 01:17 - 000354304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpencom.dll
2020-06-13 01:17 - 2020-06-13 01:17 - 000353792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd3x40.dll
2020-06-13 01:17 - 2020-06-13 01:17 - 000349184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mswmdm.dll
2020-06-13 01:17 - 2020-06-13 01:17 - 000342528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Feedback.Analog.dll
2020-06-13 01:17 - 2020-06-13 01:17 - 000332800 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa.dll
2020-06-13 01:17 - 2020-06-13 01:17 - 000328192 _____ (Microsoft Corporation) C:\WINDOWS\system32\VAN.dll
2020-06-13 01:17 - 2020-06-13 01:17 - 000323584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LocationApi.dll
2020-06-13 01:17 - 2020-06-13 01:17 - 000299520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WlanMM.dll
2020-06-13 01:17 - 2020-06-13 01:17 - 000293376 _____ (Microsoft Corporation) C:\WINDOWS\system32\CXHProvisioningServer.dll
2020-06-13 01:17 - 2020-06-13 01:17 - 000283136 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2020-06-13 01:17 - 2020-06-13 01:17 - 000271360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpviewerax.dll
2020-06-13 01:17 - 2020-06-13 01:17 - 000267776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2020-06-13 01:17 - 2020-06-13 01:17 - 000264192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa.dll
2020-06-13 01:17 - 2020-06-13 01:17 - 000260096 _____ (Microsoft Corporation) C:\WINDOWS\system32\wavemsp.dll
2020-06-13 01:17 - 2020-06-13 01:17 - 000259584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mpg2splt.ax
2020-06-13 01:17 - 2020-06-13 01:17 - 000249856 _____ (Microsoft Corporation) C:\WINDOWS\system32\FileHistory.exe
2020-06-13 01:17 - 2020-06-13 01:17 - 000248320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VAN.dll
2020-06-13 01:17 - 2020-06-13 01:17 - 000230912 _____ (Microsoft Corporation) C:\WINDOWS\system32\RdpRelayTransport.dll
2020-06-13 01:17 - 2020-06-13 01:17 - 000225792 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkFoldersShell.dll
2020-06-13 01:17 - 2020-06-13 01:17 - 000225280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wavemsp.dll
2020-06-13 01:17 - 2020-06-13 01:17 - 000211256 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcbloader.dll
2020-06-13 01:17 - 2020-06-13 01:17 - 000205824 _____ (Microsoft Corporation) C:\WINDOWS\system32\cic.dll
2020-06-13 01:17 - 2020-06-13 01:17 - 000204800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mpg2splt.ax
2020-06-13 01:17 - 2020-06-13 01:17 - 000204008 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityCenterBroker.dll
2020-06-13 01:17 - 2020-06-13 01:17 - 000199168 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmidx.dll
2020-06-13 01:17 - 2020-06-13 01:17 - 000196096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pku2u.dll
2020-06-13 01:17 - 2020-06-13 01:17 - 000184320 _____ (Microsoft Corporation) C:\WINDOWS\system32\iasrecst.dll
2020-06-13 01:17 - 2020-06-13 01:17 - 000183808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netprofm.dll
2020-06-13 01:17 - 2020-06-13 01:17 - 000161792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cic.dll
2020-06-13 01:17 - 2020-06-13 01:17 - 000155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2020-06-13 01:17 - 2020-06-13 01:17 - 000148992 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdrsvc.dll
2020-06-13 01:17 - 2020-06-13 01:17 - 000148992 _____ (Microsoft Corporation) C:\WINDOWS\system32\iasnap.dll
2020-06-13 01:17 - 2020-06-13 01:17 - 000146944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmidx.dll
2020-06-13 01:17 - 2020-06-13 01:17 - 000139776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakrathunk.dll
2020-06-13 01:17 - 2020-06-13 01:17 - 000137728 _____ (Microsoft Corporation) C:\WINDOWS\system32\imapi.dll
2020-06-13 01:17 - 2020-06-13 01:17 - 000133120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iasrecst.dll
2020-06-13 01:17 - 2020-06-13 01:17 - 000127488 _____ (Microsoft Corporation) C:\WINDOWS\system32\wkspbrokerAx.dll
2020-06-13 01:17 - 2020-06-13 01:17 - 000125440 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdshext.dll
2020-06-13 01:17 - 2020-06-13 01:17 - 000121856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msaatext.dll
2020-06-13 01:17 - 2020-06-13 01:17 - 000117248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2020-06-13 01:17 - 2020-06-13 01:17 - 000114688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\imapi.dll
2020-06-13 01:17 - 2020-06-13 01:17 - 000107520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iasnap.dll
2020-06-13 01:17 - 2020-06-13 01:17 - 000105472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakrathunk.dll
2020-06-13 01:17 - 2020-06-13 01:17 - 000105472 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkFolders.exe
2020-06-13 01:17 - 2020-06-13 01:17 - 000099712 _____ (Microsoft Corporation) C:\WINDOWS\system32\FsIso.exe
2020-06-13 01:17 - 2020-06-13 01:17 - 000098816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wkspbrokerAx.dll
2020-06-13 01:17 - 2020-06-13 01:17 - 000098816 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmjpegdec.dll
2020-06-13 01:17 - 2020-06-13 01:17 - 000098304 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2020-06-13 01:17 - 2020-06-13 01:17 - 000093448 _____ (Microsoft Corporation) C:\WINDOWS\system32\devenum.dll
2020-06-13 01:17 - 2020-06-13 01:17 - 000086016 _____ (Microsoft Corporation) C:\WINDOWS\system32\WwanRadioManager.dll
2020-06-13 01:17 - 2020-06-13 01:17 - 000086016 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdc.ocx
2020-06-13 01:17 - 2020-06-13 01:17 - 000083600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\devenum.dll
2020-06-13 01:17 - 2020-06-13 01:17 - 000083456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmjpegdec.dll
2020-06-13 01:17 - 2020-06-13 01:17 - 000078848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2020-06-13 01:17 - 2020-06-13 01:17 - 000077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\iasads.dll
2020-06-13 01:17 - 2020-06-13 01:17 - 000072704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdc.ocx
2020-06-13 01:17 - 2020-06-13 01:17 - 000065536 _____ (Microsoft Corporation) C:\WINDOWS\system32\iemigplugin.dll
2020-06-13 01:17 - 2020-06-13 01:17 - 000063488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iemigplugin.dll
2020-06-13 01:17 - 2020-06-13 01:17 - 000057344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iasads.dll
2020-06-13 01:17 - 2020-06-13 01:17 - 000053760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtutils.dll
2020-06-13 01:17 - 2020-06-13 01:17 - 000041864 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityCenterBrokerPS.dll
2020-06-13 01:17 - 2020-06-13 01:17 - 000028368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SecurityCenterBrokerPS.dll
2020-06-13 01:17 - 2020-06-13 01:17 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msimsg.dll
2020-06-13 01:17 - 2020-06-13 01:17 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\msimsg.dll
2020-06-13 01:17 - 2020-06-13 01:17 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth9.bin
2020-06-13 01:17 - 2020-06-13 01:17 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth8.bin
2020-06-13 01:17 - 2020-06-13 01:17 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth7.bin
2020-06-13 01:17 - 2020-06-13 01:17 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth6.bin
2020-06-13 01:17 - 2020-06-13 01:17 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth5.bin
2020-06-13 01:17 - 2020-06-13 01:17 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth4.bin
2020-06-13 01:17 - 2020-06-13 01:17 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth3.bin
2020-06-13 01:17 - 2020-06-13 01:17 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth2.bin
2020-06-13 01:17 - 2020-06-13 01:17 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth12.bin
2020-06-13 01:17 - 2020-06-13 01:17 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth11.bin
2020-06-13 01:17 - 2020-06-13 01:17 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth10.bin
2020-06-13 01:17 - 2020-06-13 01:17 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth1.bin
2020-06-13 01:16 - 2020-06-13 01:16 - 009931576 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2020-06-13 01:16 - 2020-06-13 01:16 - 007604592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2020-06-13 01:16 - 2020-06-13 01:16 - 007266080 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2020-06-13 01:16 - 2020-06-13 01:16 - 006526448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2020-06-13 01:16 - 2020-06-13 01:16 - 006435840 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2020-06-13 01:16 - 2020-06-13 01:16 - 006091048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2020-06-13 01:16 - 2020-06-13 01:16 - 005195432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2020-06-13 01:16 - 2020-06-13 01:16 - 005111808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2020-06-13 01:16 - 2020-06-13 01:16 - 005004344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepository.dll
2020-06-13 01:16 - 2020-06-13 01:16 - 004565248 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2020-06-13 01:16 - 2020-06-13 01:16 - 003368104 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2020-06-13 01:16 - 2020-06-13 01:16 - 002831872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CertEnroll.dll
2020-06-13 01:16 - 2020-06-13 01:16 - 002798592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2020-06-13 01:16 - 2020-06-13 01:16 - 002583496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2020-06-13 01:16 - 2020-06-13 01:16 - 001743680 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2020-06-13 01:16 - 2020-06-13 01:16 - 001697792 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2020-06-13 01:16 - 2020-06-13 01:16 - 001683968 _____ (Microsoft Corporation) C:\WINDOWS\system32\comsvcs.dll
2020-06-13 01:16 - 2020-06-13 01:16 - 001657856 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2020-06-13 01:16 - 2020-06-13 01:16 - 001654960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2020-06-13 01:16 - 2020-06-13 01:16 - 001649152 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2020-06-13 01:16 - 2020-06-13 01:16 - 001458688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2020-06-13 01:16 - 2020-06-13 01:16 - 001416224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2020-06-13 01:16 - 2020-06-13 01:16 - 001393952 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2020-06-13 01:16 - 2020-06-13 01:16 - 001348096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comsvcs.dll
2020-06-13 01:16 - 2020-06-13 01:16 - 001283072 _____ (Microsoft Corporation) C:\WINDOWS\system32\usermgr.dll
2020-06-13 01:16 - 2020-06-13 01:16 - 001261568 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpsvc.dll
2020-06-13 01:16 - 2020-06-13 01:16 - 001260744 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2020-06-13 01:16 - 2020-06-13 01:16 - 001250816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpsharercom.dll
2020-06-13 01:16 - 2020-06-13 01:16 - 001153024 _____ (Microsoft Corporation) C:\WINDOWS\system32\windowsperformancerecordercontrol.dll
2020-06-13 01:16 - 2020-06-13 01:16 - 001100288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2020-06-13 01:16 - 2020-06-13 01:16 - 001055184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2020-06-13 01:16 - 2020-06-13 01:16 - 001003832 _____ (Microsoft Corporation) C:\WINDOWS\system32\DismApi.dll
2020-06-13 01:16 - 2020-06-13 01:16 - 000932256 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthService.exe
2020-06-13 01:16 - 2020-06-13 01:16 - 000929280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2020-06-13 01:16 - 2020-06-13 01:16 - 000899584 _____ (Microsoft Corporation) C:\WINDOWS\system32\MdmDiagnostics.dll
2020-06-13 01:16 - 2020-06-13 01:16 - 000897536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2020-06-13 01:16 - 2020-06-13 01:16 - 000894024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll
2020-06-13 01:16 - 2020-06-13 01:16 - 000892416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MbaeApiPublic.dll
2020-06-13 01:16 - 2020-06-13 01:16 - 000892048 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2020-06-13 01:16 - 2020-06-13 01:16 - 000881664 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2020-06-13 01:16 - 2020-06-13 01:16 - 000868864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windowsperformancerecordercontrol.dll
2020-06-13 01:16 - 2020-06-13 01:16 - 000814080 _____ (Microsoft Corporation) C:\WINDOWS\system32\comdlg32.dll
2020-06-13 01:16 - 2020-06-13 01:16 - 000797464 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2020-06-13 01:16 - 2020-06-13 01:16 - 000782336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2020-06-13 01:16 - 2020-06-13 01:16 - 000777216 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdh.dll
2020-06-13 01:16 - 2020-06-13 01:16 - 000760296 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskschd.dll
2020-06-13 01:16 - 2020-06-13 01:16 - 000740664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DismApi.dll
2020-06-13 01:16 - 2020-06-13 01:16 - 000703488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BTAGService.dll
2020-06-13 01:16 - 2020-06-13 01:16 - 000696832 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidcli.dll
2020-06-13 01:16 - 2020-06-13 01:16 - 000690176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InkObjCore.dll
2020-06-13 01:16 - 2020-06-13 01:16 - 000684856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2020-06-13 01:16 - 2020-06-13 01:16 - 000666624 _____ (Microsoft Corporation) C:\WINDOWS\system32\configmanager2.dll
2020-06-13 01:16 - 2020-06-13 01:16 - 000651776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2020-06-13 01:16 - 2020-06-13 01:16 - 000650752 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevicesFlowBroker.dll
2020-06-13 01:16 - 2020-06-13 01:16 - 000632320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdh.dll
2020-06-13 01:16 - 2020-06-13 01:16 - 000628408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kernel32.dll
2020-06-13 01:16 - 2020-06-13 01:16 - 000614400 _____ (Microsoft Corporation) C:\WINDOWS\system32\netprofmsvc.dll
2020-06-13 01:16 - 2020-06-13 01:16 - 000596992 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2020-06-13 01:16 - 2020-06-13 01:16 - 000593424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2020-06-13 01:16 - 2020-06-13 01:16 - 000572200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryPS.dll
2020-06-13 01:16 - 2020-06-13 01:16 - 000569856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Import.dll
2020-06-13 01:16 - 2020-06-13 01:16 - 000564496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StateRepository.Core.dll
2020-06-13 01:16 - 2020-06-13 01:16 - 000561464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2020-06-13 01:16 - 2020-06-13 01:16 - 000557056 _____ (Microsoft Corporation) C:\WINDOWS\system32\netshell.dll
2020-06-13 01:16 - 2020-06-13 01:16 - 000533504 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2020-06-13 01:16 - 2020-06-13 01:16 - 000522240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.System.Launcher.dll
2020-06-13 01:16 - 2020-06-13 01:16 - 000518456 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFault.exe
2020-06-13 01:16 - 2020-06-13 01:16 - 000508720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\taskschd.dll
2020-06-13 01:16 - 2020-06-13 01:16 - 000508216 _____ (Microsoft Corporation) C:\WINDOWS\system32\spwizeng.dll
2020-06-13 01:16 - 2020-06-13 01:16 - 000498688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidcli.dll
2020-06-13 01:16 - 2020-06-13 01:16 - 000486912 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiobj.dll
2020-06-13 01:16 - 2020-06-13 01:16 - 000470016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2020-06-13 01:16 - 2020-06-13 01:16 - 000467952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Faultrep.dll
2020-06-13 01:16 - 2020-06-13 01:16 - 000462848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2020-06-13 01:16 - 2020-06-13 01:16 - 000461112 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2020-06-13 01:16 - 2020-06-13 01:16 - 000453944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFault.exe
2020-06-13 01:16 - 2020-06-13 01:16 - 000451864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWanAPI.dll
2020-06-13 01:16 - 2020-06-13 01:16 - 000440832 _____ (Microsoft Corporation) C:\WINDOWS\system32\wksprt.exe
2020-06-13 01:16 - 2020-06-13 01:16 - 000435200 _____ (Microsoft Corporation) C:\WINDOWS\system32\wincorlib.dll
2020-06-13 01:16 - 2020-06-13 01:16 - 000405936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Faultrep.dll
2020-06-13 01:16 - 2020-06-13 01:16 - 000396800 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsApi.dll
2020-06-13 01:16 - 2020-06-13 01:16 - 000384000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FirewallAPI.dll
2020-06-13 01:16 - 2020-06-13 01:16 - 000380728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2020-06-13 01:16 - 2020-06-13 01:16 - 000357176 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthAgent.dll
2020-06-13 01:16 - 2020-06-13 01:16 - 000343552 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpr.exe
2020-06-13 01:16 - 2020-06-13 01:16 - 000325120 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpviewerax.dll
2020-06-13 01:16 - 2020-06-13 01:16 - 000324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32k.sys
2020-06-13 01:16 - 2020-06-13 01:16 - 000312832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsApi.dll
2020-06-13 01:16 - 2020-06-13 01:16 - 000309248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys
2020-06-13 01:16 - 2020-06-13 01:16 - 000307712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wincorlib.dll
2020-06-13 01:16 - 2020-06-13 01:16 - 000306688 _____ (Microsoft Corporation) C:\WINDOWS\system32\RASMM.dll
2020-06-13 01:16 - 2020-06-13 01:16 - 000287232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Gaming.Preview.dll
2020-06-13 01:16 - 2020-06-13 01:16 - 000280376 _____ (Microsoft Corporation) C:\WINDOWS\system32\Dism.exe
2020-06-13 01:16 - 2020-06-13 01:16 - 000269312 _____ (Microsoft Corporation) C:\WINDOWS\system32\InkEd.dll
2020-06-13 01:16 - 2020-06-13 01:16 - 000259776 _____ (Microsoft Corporation) C:\WINDOWS\system32\logoncli.dll
2020-06-13 01:16 - 2020-06-13 01:16 - 000247856 _____ (Microsoft Corporation) C:\WINDOWS\system32\weretw.dll
2020-06-13 01:16 - 2020-06-13 01:16 - 000237056 _____ (Microsoft Corporation) C:\WINDOWS\system32\pku2u.dll
2020-06-13 01:16 - 2020-06-13 01:16 - 000232960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2020-06-13 01:16 - 2020-06-13 01:16 - 000232448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InkEd.dll
2020-06-13 01:16 - 2020-06-13 01:16 - 000228864 _____ (Microsoft Corporation) C:\WINDOWS\system32\psr.exe
2020-06-13 01:16 - 2020-06-13 01:16 - 000228864 _____ (Microsoft Corporation) C:\WINDOWS\system32\netprofm.dll
2020-06-13 01:16 - 2020-06-13 01:16 - 000228352 _____ (Microsoft Corporation) C:\WINDOWS\system32\wersvc.dll
2020-06-13 01:16 - 2020-06-13 01:16 - 000223544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Dism.exe
2020-06-13 01:16 - 2020-06-13 01:16 - 000221496 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe
2020-06-13 01:16 - 2020-06-13 01:16 - 000218624 _____ (Microsoft Corporation) C:\WINDOWS\system32\wdigest.dll
2020-06-13 01:16 - 2020-06-13 01:16 - 000199992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wermgr.exe
2020-06-13 01:16 - 2020-06-13 01:16 - 000194560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\psr.exe
2020-06-13 01:16 - 2020-06-13 01:16 - 000193592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\weretw.dll
2020-06-13 01:16 - 2020-06-13 01:16 - 000190048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\logoncli.dll
2020-06-13 01:16 - 2020-06-13 01:16 - 000186368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wdigest.dll
2020-06-13 01:16 - 2020-06-13 01:16 - 000179512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2020-06-13 01:16 - 2020-06-13 01:16 - 000170496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryUpgrade.dll
2020-06-13 01:16 - 2020-06-13 01:16 - 000165888 _____ (Microsoft Corporation) C:\WINDOWS\system32\msaatext.dll
2020-06-13 01:16 - 2020-06-13 01:16 - 000165832 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFaultSecure.exe
2020-06-13 01:16 - 2020-06-13 01:16 - 000165296 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcmnutils.dll
2020-06-13 01:16 - 2020-06-13 01:16 - 000165192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryClient.dll
2020-06-13 01:16 - 2020-06-13 01:16 - 000155648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NPSM.dll
2020-06-13 01:16 - 2020-06-13 01:16 - 000150328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFaultSecure.exe
2020-06-13 01:16 - 2020-06-13 01:16 - 000132424 _____ (Microsoft Corporation) C:\WINDOWS\system32\offlinelsa.dll
2020-06-13 01:16 - 2020-06-13 01:16 - 000130112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmcmnutils.dll
2020-06-13 01:16 - 2020-06-13 01:16 - 000129600 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpapi.dll
2020-06-13 01:16 - 2020-06-13 01:16 - 000128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkStatus.dll
2020-06-13 01:16 - 2020-06-13 01:16 - 000124928 _____ (Microsoft Corporation) C:\WINDOWS\system32\DAMM.dll
2020-06-13 01:16 - 2020-06-13 01:16 - 000115712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleprn.dll
2020-06-13 01:16 - 2020-06-13 01:16 - 000108856 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthProxyStub.dll
2020-06-13 01:16 - 2020-06-13 01:16 - 000090952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryBroker.dll
2020-06-13 01:16 - 2020-06-13 01:16 - 000089344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32u.dll
2020-06-13 01:16 - 2020-06-13 01:16 - 000081408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\atl.dll
2020-06-13 01:16 - 2020-06-13 01:16 - 000080384 _____ (Microsoft Corporation) C:\WINDOWS\system32\RpcEpMap.dll
2020-06-13 01:16 - 2020-06-13 01:16 - 000065024 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtutils.dll
2020-06-13 01:16 - 2020-06-13 01:16 - 000063288 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthHost.exe
2020-06-13 01:16 - 2020-06-13 01:16 - 000051200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CertEnrollCtrl.exe
2020-06-13 01:16 - 2020-06-13 01:16 - 000045056 _____ (Microsoft Corporation) C:\WINDOWS\system32\npmproxy.dll
2020-06-13 01:16 - 2020-06-13 01:16 - 000044544 _____ (Microsoft Corporation) C:\WINDOWS\system32\werdiagcontroller.dll
2020-06-13 01:16 - 2020-06-13 01:16 - 000043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchWinApp.exe
2020-06-13 01:16 - 2020-06-13 01:16 - 000038912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werdiagcontroller.dll
2020-06-13 01:16 - 2020-06-13 01:16 - 000037376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\atlthunk.dll
2020-06-13 01:16 - 2020-06-13 01:16 - 000033280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LaunchWinApp.exe
2020-06-13 01:16 - 2020-06-13 01:16 - 000032256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryCore.dll
2020-06-13 01:16 - 2020-06-13 01:16 - 000029696 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlmproxy.dll
2020-06-13 01:16 - 2020-06-13 01:16 - 000017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlmsprep.dll
2020-06-13 01:16 - 2020-06-13 01:16 - 000010752 _____ (Microsoft Corporation) C:\WINDOWS\system32\DMAlertListener.ProxyStub.dll
2020-06-13 01:16 - 2020-06-13 01:16 - 000007680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DMAlertListener.ProxyStub.dll
2020-06-13 01:15 - 2020-06-13 01:15 - 007911176 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2020-06-13 01:15 - 2020-06-13 01:15 - 006066808 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll
2020-06-13 01:15 - 2020-06-13 01:15 - 005283264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepository.dll
2020-06-13 01:15 - 2020-06-13 01:15 - 004012032 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Bluetooth.Service.dll
2020-06-13 01:15 - 2020-06-13 01:15 - 003726848 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2020-06-13 01:15 - 2020-06-13 01:15 - 003712000 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2020-06-13 01:15 - 2020-06-13 01:15 - 003581240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2020-06-13 01:15 - 2020-06-13 01:15 - 003187200 _____ (Microsoft Corporation) C:\WINDOWS\system32\CertEnroll.dll
2020-06-13 01:15 - 2020-06-13 01:15 - 002716672 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2020-06-13 01:15 - 2020-06-13 01:15 - 002656256 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2020-06-13 01:15 - 2020-06-13 01:15 - 002289664 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2020-06-13 01:15 - 2020-06-13 01:15 - 002235520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2020-06-13 01:15 - 2020-06-13 01:15 - 001942528 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2020-06-13 01:15 - 2020-06-13 01:15 - 001919488 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll
2020-06-13 01:15 - 2020-06-13 01:15 - 001751040 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2020-06-13 01:15 - 2020-06-13 01:15 - 001637888 _____ (Microsoft Corporation) C:\WINDOWS\system32\TaskFlowDataEngine.dll
2020-06-13 01:15 - 2020-06-13 01:15 - 001583104 _____ (Microsoft Corporation) C:\WINDOWS\system32\qmgr.dll
2020-06-13 01:15 - 2020-06-13 01:15 - 001486336 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocoreworker.exe
2020-06-13 01:15 - 2020-06-13 01:15 - 001466368 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpsharercom.dll
2020-06-13 01:15 - 2020-06-13 01:15 - 001447424 _____ (Microsoft Corporation) C:\WINDOWS\system32\VSSVC.exe
2020-06-13 01:15 - 2020-06-13 01:15 - 001274128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryPS.dll
2020-06-13 01:15 - 2020-06-13 01:15 - 001180672 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2020-06-13 01:15 - 2020-06-13 01:15 - 001158144 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApiPublic.dll
2020-06-13 01:15 - 2020-06-13 01:15 - 001155944 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2020-06-13 01:15 - 2020-06-13 01:15 - 001073664 _____ (Microsoft Corporation) C:\WINDOWS\system32\BTAGService.dll
2020-06-13 01:15 - 2020-06-13 01:15 - 001007104 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2020-06-13 01:15 - 2020-06-13 01:15 - 000931840 _____ (Microsoft Corporation) C:\WINDOWS\system32\InkObjCore.dll
2020-06-13 01:15 - 2020-06-13 01:15 - 000874296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2020-06-13 01:15 - 2020-06-13 01:15 - 000863232 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
2020-06-13 01:15 - 2020-06-13 01:15 - 000826368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Import.dll
2020-06-13 01:15 - 2020-06-13 01:15 - 000784896 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll
2020-06-13 01:15 - 2020-06-13 01:15 - 000765440 _____ (Microsoft Corporation) C:\WINDOWS\system32\spoolsv.exe
2020-06-13 01:15 - 2020-06-13 01:15 - 000736768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.System.Launcher.dll
2020-06-13 01:15 - 2020-06-13 01:15 - 000727040 _____ (Microsoft Corporation) C:\WINDOWS\system32\agentactivationruntime.dll
2020-06-13 01:15 - 2020-06-13 01:15 - 000722072 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel32.dll
2020-06-13 01:15 - 2020-06-13 01:15 - 000716320 _____ (Microsoft Corporation) C:\WINDOWS\system32\StateRepository.Core.dll
2020-06-13 01:15 - 2020-06-13 01:15 - 000716288 _____ (Microsoft Corporation) C:\WINDOWS\system32\agentactivationruntimewindows.dll
2020-06-13 01:15 - 2020-06-13 01:15 - 000679424 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2020-06-13 01:15 - 2020-06-13 01:15 - 000648192 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpsvc.dll
2020-06-13 01:15 - 2020-06-13 01:15 - 000553984 _____ (Microsoft Corporation) C:\WINDOWS\system32\FirewallAPI.dll
2020-06-13 01:15 - 2020-06-13 01:15 - 000550400 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2020-06-13 01:15 - 2020-06-13 01:15 - 000548984 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWanAPI.dll
2020-06-13 01:15 - 2020-06-13 01:15 - 000544256 _____ (Microsoft Corporation) C:\WINDOWS\system32\usosvc.dll
2020-06-13 01:15 - 2020-06-13 01:15 - 000531768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2020-06-13 01:15 - 2020-06-13 01:15 - 000472064 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansec.dll
2020-06-13 01:15 - 2020-06-13 01:15 - 000457216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.ConversationalAgent.dll
2020-06-13 01:15 - 2020-06-13 01:15 - 000457216 _____ (Microsoft Corporation) C:\WINDOWS\system32\swprv.dll
2020-06-13 01:15 - 2020-06-13 01:15 - 000441152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2020-06-13 01:15 - 2020-06-13 01:15 - 000427008 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanmsm.dll
2020-06-13 01:15 - 2020-06-13 01:15 - 000425056 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanapi.dll
2020-06-13 01:15 - 2020-06-13 01:15 - 000394752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Gaming.Preview.dll
2020-06-13 01:15 - 2020-06-13 01:15 - 000368640 _____ (Microsoft Corporation) C:\WINDOWS\system32\CapabilityAccessManager.dll
2020-06-13 01:15 - 2020-06-13 01:15 - 000312832 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2020-06-13 01:15 - 2020-06-13 01:15 - 000294400 _____ (Microsoft Corporation) C:\WINDOWS\system32\provops.dll
2020-06-13 01:15 - 2020-06-13 01:15 - 000291328 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceDirectoryClient.dll
2020-06-13 01:15 - 2020-06-13 01:15 - 000265216 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll
2020-06-13 01:15 - 2020-06-13 01:15 - 000264192 _____ (Microsoft Corporation) C:\WINDOWS\system32\netman.dll
2020-06-13 01:15 - 2020-06-13 01:15 - 000242688 _____ (Microsoft Corporation) C:\WINDOWS\system32\CapabilityAccessManagerClient.dll
2020-06-13 01:15 - 2020-06-13 01:15 - 000224256 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpdMtp.dll
2020-06-13 01:15 - 2020-06-13 01:15 - 000209216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryClient.dll
2020-06-13 01:15 - 2020-06-13 01:15 - 000208384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryUpgrade.dll
2020-06-13 01:15 - 2020-06-13 01:15 - 000208384 _____ (Microsoft Corporation) C:\WINDOWS\system32\NPSM.dll
2020-06-13 01:15 - 2020-06-13 01:15 - 000201528 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_SIUF.dll
2020-06-13 01:15 - 2020-06-13 01:15 - 000190464 _____ (Microsoft Corporation) C:\WINDOWS\system32\AarSvc.dll
2020-06-13 01:15 - 2020-06-13 01:15 - 000180224 _____ (Microsoft Corporation) C:\WINDOWS\system32\dot3mm.dll
2020-06-13 01:15 - 2020-06-13 01:15 - 000155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpdMtpUS.dll
2020-06-13 01:15 - 2020-06-13 01:15 - 000145920 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleprn.dll
2020-06-13 01:15 - 2020-06-13 01:15 - 000132608 _____ (Microsoft Corporation) C:\WINDOWS\splwow64.exe
2020-06-13 01:15 - 2020-06-13 01:15 - 000128312 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifitask.exe
2020-06-13 01:15 - 2020-06-13 01:15 - 000127064 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32u.dll
2020-06-13 01:15 - 2020-06-13 01:15 - 000105984 _____ (Microsoft Corporation) C:\WINDOWS\system32\BthRadioMedia.dll
2020-06-13 01:15 - 2020-06-13 01:15 - 000104248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryBroker.dll
2020-06-13 01:15 - 2020-06-13 01:15 - 000096256 _____ (Microsoft Corporation) C:\WINDOWS\system32\atl.dll
2020-06-13 01:15 - 2020-06-13 01:15 - 000067584 _____ (Microsoft Corporation) C:\WINDOWS\system32\WlanRadioManager.dll
2020-06-13 01:15 - 2020-06-13 01:15 - 000067072 _____ (Microsoft Corporation) C:\WINDOWS\system32\XboxGipRadioManager.dll
2020-06-13 01:15 - 2020-06-13 01:15 - 000064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\CertEnrollCtrl.exe
2020-06-13 01:15 - 2020-06-13 01:15 - 000053760 _____ (Microsoft Corporation) C:\WINDOWS\system32\NfcRadioMedia.dll
2020-06-13 01:15 - 2020-06-13 01:15 - 000051712 _____ (Microsoft Corporation) C:\WINDOWS\system32\MdmDiagnosticsTool.exe
2020-06-13 01:15 - 2020-06-13 01:15 - 000045568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryCore.dll
2020-06-13 01:15 - 2020-06-13 01:15 - 000041472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wfdprov.dll
2020-06-13 01:15 - 2020-06-13 01:15 - 000040960 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiConfigSP.dll
2020-06-13 01:15 - 2020-06-13 01:15 - 000040960 _____ (Microsoft Corporation) C:\WINDOWS\system32\atlthunk.dll
2020-06-13 01:15 - 2020-06-13 01:15 - 000036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvcpal.dll
2020-06-13 01:15 - 2020-06-13 01:15 - 000016896 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanhlp.dll
2020-06-13 01:15 - 2020-06-13 01:15 - 000013312 _____ C:\WINDOWS\system32\agentactivationruntimestarter.exe
2020-06-13 00:55 - 2020-05-15 06:29 - 000492544 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe
2020-06-13 00:55 - 2020-05-15 06:10 - 000390656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\poqexec.exe
==================== Ein Monat (geänderte) ==================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2020-07-12 16:00 - 2019-03-19 06:52 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2020-07-12 15:45 - 2018-09-18 14:18 - 000000000 ____D C:\Program Files\Emsisoft Anti-Malware
2020-07-12 14:10 - 2019-03-19 06:50 - 000000000 ____D C:\WINDOWS\INF
2020-07-12 13:35 - 2015-07-12 15:12 - 000000000 ___RD C:\Users\Koegel\OneDrive
2020-07-12 13:18 - 2019-12-01 21:55 - 000000000 __SHD C:\Users\Koegel\IntelGraphicsProfiles
2020-07-12 13:18 - 2019-12-01 20:15 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2020-07-12 03:14 - 2019-12-01 20:10 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2020-07-11 00:05 - 2019-03-19 06:52 - 000000000 ___HD C:\Program Files\WindowsApps
2020-07-11 00:05 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\AppReadiness
2020-07-10 18:11 - 2019-11-28 14:45 - 000000000 ____D C:\Users\Koegel\Documents\Dokumente Mutti Testament
2020-07-09 17:42 - 2013-11-02 18:20 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2020-06-28 18:10 - 2019-12-01 20:24 - 000002421 _____ C:\Users\Koegel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2020-06-24 16:41 - 2019-03-16 15:56 - 000002293 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2020-06-24 16:41 - 2019-03-16 15:56 - 000002252 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2020-06-24 16:41 - 2019-03-16 15:56 - 000002252 _____ C:\ProgramData\Desktop\Google Chrome.lnk
2020-06-19 22:16 - 2019-12-01 20:23 - 001932080 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2020-06-19 22:16 - 2019-03-19 14:16 - 000822838 _____ C:\WINDOWS\system32\perfh007.dat
2020-06-19 22:16 - 2019-03-19 14:16 - 000183538 _____ C:\WINDOWS\system32\perfc007.dat
2020-06-19 22:12 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2020-06-19 22:10 - 2019-12-01 17:13 - 000000312 _____ C:\WINDOWS\SysWOW64\AbBakConfig.dat
2020-06-19 22:10 - 2019-12-01 17:13 - 000000150 _____ C:\WINDOWS\SysWOW64\winsevr.dat
2020-06-19 22:10 - 2019-12-01 17:11 - 000000000 ____D C:\Program Files (x86)\AOMEI Backupper
2020-06-19 22:10 - 2013-09-13 21:02 - 000000000 ____D C:\ProgramData\PDFC
2020-06-19 22:09 - 2019-12-01 20:40 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2020-06-18 23:33 - 2019-03-19 06:37 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2020-06-13 18:05 - 2013-11-02 18:50 - 000000225 _____ C:\WINDOWS\CryptoMill_CreoService.001
2020-06-13 11:54 - 2010-11-21 05:27 - 000744808 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2020-06-13 11:49 - 2019-12-01 21:56 - 000000000 __RHD C:\Users\Public\AccountPictures
2020-06-13 11:49 - 2019-12-01 21:56 - 000000000 ___RD C:\Users\Koegel\3D Objects
2020-06-13 11:46 - 2019-12-01 20:10 - 000440624 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2020-06-13 11:45 - 2013-11-02 18:50 - 000000225 _____ C:\WINDOWS\CryptoMill_CreoService.002
2020-06-13 03:36 - 2019-03-19 14:19 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2020-06-13 03:36 - 2019-03-19 14:19 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2020-06-13 03:36 - 2019-03-19 06:52 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2020-06-13 03:36 - 2019-03-19 06:52 - 000000000 ___SD C:\WINDOWS\system32\F12
2020-06-13 03:36 - 2019-03-19 06:52 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2020-06-13 03:36 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2020-06-13 03:36 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\SysWOW64\Com
2020-06-13 03:36 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\SysWOW64\AdvancedInstallers
2020-06-13 03:36 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\SystemResources
2020-06-13 03:36 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\system32\oobe
2020-06-13 03:36 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\system32\Dism
2020-06-13 03:36 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\system32\Com
2020-06-13 03:36 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\system32\AdvancedInstallers
2020-06-13 03:36 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\ShellExperiences
2020-06-13 03:36 - 2019-03-19 06:52 - 000000000 ____D C:\WINDOWS\bcastdvr
2020-06-13 01:25 - 2019-03-19 06:37 - 000000000 ____D C:\WINDOWS\CbsTemp
2020-06-13 01:15 - 2019-12-01 20:15 - 002876416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse ========
2019-10-09 22:39 - 2019-10-09 22:39 - 009256960 _____ () C:\Program Files (x86)\GUT7E7B.tmp
==================== SigCheck ============================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
==================== Ende von FRST.txt ========================
Geändert von cosinus (16.07.2020 um 20:40 Uhr) Grund: code tage |
| Themen zu Trojan.VBE.Age....neu |
| .dll, administrator, adobe, antivirus, avira, bonjour, cpu, defender, desktop, explorer, firefox, firewall, flash player, google, helper, homepage, installation, internet, internet explorer, malware, mozilla, opera, prozesse, registry, scan, security, sigcheck, software, stick, svchost, svchost.exe, system, tcp, trojan, udp, updates, usb, windows, windows xp, windowsapps, wlan, wmi |
Baum-Darstellung