Trojaner-Board - Hijacker in Chrome

Seite 2 von 3

100 Beiträge dieses Themas auf einer Seite anzeigen

Trojaner-Board (https://www.trojaner-board.de/)

- Log-Analyse und Auswertung (https://www.trojaner-board.de/log-analyse-auswertung/)

- - Hijacker in Chrome (https://www.trojaner-board.de/185493-hijacker-chrome.html)

Sabimo

10.05.2017 14:11

3. TDSSKILLER Logfile (Teil2)

Code:



15:07:56.0652 0x1dec  [ 7B82197BF35CC3BE59AEF8B706AB8A16, AB0216164A548A48CD21F5F035E57E867584A96890B9887EC08F8DABDD89F990 ] RasAuto         C:\WINDOWS\System32\rasauto.dll

15:07:56.0656 0x1dec  RasAuto - ok

15:07:56.0672 0x1dec  [ 17E565710172ED71B8531D8822E1C5D1, 0CA39ABD9E544DDAD9D9D7D1FC50444274C31E18F9BF73069051D9F62833698F ] Rasl2tp         C:\WINDOWS\System32\drivers\rasl2tp.sys

15:07:56.0672 0x1dec  Rasl2tp - ok

15:07:56.0688 0x1dec  [ 989DBF4805124A31610947E502501696, BCB73879AEC0588D0BFAB915D1F6EB637333A24D2030ED6572B3A3C03865AE93 ] RasMan          C:\WINDOWS\System32\rasmans.dll

15:07:56.0712 0x1dec  RasMan - ok

15:07:56.0724 0x1dec  [ 9387DF155233D45D4E010F4F2FB52A57, CABC25DA4E512809AED0085767BDD94BF3C1DA792BFF8A009B5465D9110E7060 ] RasPppoe        C:\WINDOWS\system32\DRIVERS\raspppoe.sys

15:07:56.0728 0x1dec  RasPppoe - ok

15:07:56.0748 0x1dec  [ F0F4EEDEEBEE7A4244FAFB96A16B5712, F64717E601BD5EB674003009507B8CDD6F69F00E8670D6895EC64786166A0E8D ] RasSstp         C:\WINDOWS\System32\drivers\rassstp.sys

15:07:56.0752 0x1dec  RasSstp - ok

15:07:56.0781 0x1dec  [ 6132B142C5A1FA4C05F06FE43DE5E55E, CCF64C9A778501635B8B5E20BB617D39D0298329FD6911DC125FC8B31FEFEDE1 ] rdbss           C:\WINDOWS\system32\DRIVERS\rdbss.sys

15:07:56.0797 0x1dec  rdbss - ok

15:07:56.0797 0x1dec  [ 79A415E6FA915EFC00297DAB16EC2635, 47BB49F6D756214193D38A4AB182B541AAC180381C3111FF7F9B0AD4C44D8733 ] rdpbus          C:\WINDOWS\System32\drivers\rdpbus.sys

15:07:56.0797 0x1dec  rdpbus - ok

15:07:56.0829 0x1dec  [ 7135785C21CA79D270D11037C43D3F19, 654A3C65CF891ED8C82A740D10CF607FC7D709185E664DE03288CEB5B25F03A6 ] RDPDR           C:\WINDOWS\system32\drivers\rdpdr.sys

15:07:56.0833 0x1dec  RDPDR - ok

15:07:56.0841 0x1dec  [ 97A61A3CB2B5CB4FC32B3224EF333448, E4F2E8BCEE3639BE57BBC8A8E67FDE42C3A5158F1204684B0ECD216F4AA044A3 ] RdpVideoMiniport C:\WINDOWS\system32\drivers\rdpvideominiport.sys

15:07:56.0841 0x1dec  RdpVideoMiniport - ok

15:07:56.0853 0x1dec  [ 69BB204AE07EE84ECFAB1BF13C4BD04B, 1CA832CBF4AE4821EEA2A19F9519C2D1D00406B8CCE2A86FE3B33A5F293DB218 ] rdyboost        C:\WINDOWS\system32\drivers\rdyboost.sys

15:07:56.0861 0x1dec  rdyboost - ok

15:07:56.0893 0x1dec  [ 940D6F5A2B0A61EE4170DF84F6C95C20, F8EE846DC8015EDFE7CB5BEEDC977EAA9C586BAC2216DE69D8ECCBDBC7408649 ] ReFSv1          C:\WINDOWS\system32\drivers\ReFSv1.sys

15:07:56.0916 0x1dec  ReFSv1 - ok

15:07:56.0961 0x1dec  [ 13F6B64235C60167052364BF7D99E4CA, BC12EE00775F7456FB922FBD684BF3F0CFABA5BEBB6E162C23B41DED5C20A978 ] RemoteAccess    C:\WINDOWS\System32\mprdim.dll

15:07:56.0961 0x1dec  RemoteAccess - ok

15:07:56.0976 0x1dec  [ 3183B161B1F05333F6C325577FEF3596, D6A89B2A021377B6F371E5B9EFC36FF018822B28F0ED41F8CD2F00C5C8605707 ] RemoteRegistry  C:\WINDOWS\system32\regsvc.dll

15:07:56.0976 0x1dec  RemoteRegistry - ok

15:07:57.0020 0x1dec  [ 62EC862859B3C6F2B7815466DF24207A, 90A108CB4E58102498F8554D2789C1F3AE505350F640F083373DD07736076554 ] RetailDemo      C:\WINDOWS\system32\RDXService.dll

15:07:57.0036 0x1dec  RetailDemo - ok

15:07:57.0044 0x1dec  [ E82F3B1918C6A5FE6EB761CDF1E772AF, 0C993FCB7BFD6E01B70A1821E0DEAFA2CB241AF8C2E6D4CC120F59C1B5F6FF5F ] RFCOMM          C:\WINDOWS\System32\drivers\rfcomm.sys

15:07:57.0048 0x1dec  RFCOMM - ok

15:07:57.0060 0x1dec  [ 5DAA644F17780FC4E3F4820A46D38FEC, 32C27FFA0A4608B164F4E709CD0D998AB73CA9713BE3E47F9DBC7B3D1B6C7453 ] RmSvc           C:\WINDOWS\System32\RMapi.dll

15:07:57.0066 0x1dec  RmSvc - ok

15:07:57.0073 0x1dec  [ 672724C8B21B7DC56646045DE4D5B860, 79986E80A92C949C543959F1E35647A9788DAB2892AC20B6DEA5C0BBC0CEDE9E ] RpcEptMapper    C:\WINDOWS\System32\RpcEpMap.dll

15:07:57.0076 0x1dec  RpcEptMapper - ok

15:07:57.0081 0x1dec  [ 109C1D609951E886D3643B15C1EDD1C2, 347D8E7C50EC7F96217C7421D9BC8A42C9DF50B94169CB58DCF857A63C33C2EA ] RpcLocator      C:\WINDOWS\system32\locator.exe

15:07:57.0081 0x1dec  RpcLocator - ok

15:07:57.0133 0x1dec  [ 7BD259FC59CF9C2AE1B979564B374CC6, 299832FCE304A85080C80ABFE820A6093AC15A7C1E7C89D8C946708E955A2909 ] RpcSs           C:\WINDOWS\system32\rpcss.dll

15:07:57.0149 0x1dec  RpcSs - ok

15:07:57.0174 0x1dec  [ 5FF28F097C9699097B473F8FC7C1AA7D, 695560F1DBD85073F3D6CB1FF16F16504CA044EA62E940E463A16BBA8B86E2FA ] rspndr          C:\WINDOWS\system32\drivers\rspndr.sys

15:07:57.0176 0x1dec  rspndr - ok

15:07:57.0193 0x1dec  [ F9265C902BB9146C6BFF97BDF35C04DE, DC70B404A701CE5F60421F664F745CA84722ED86FAFC87F2A8A71BFD25CD6151 ] rt640x64        C:\WINDOWS\System32\drivers\rt640x64.sys

15:07:57.0193 0x1dec  rt640x64 - ok

15:07:57.0276 0x1dec  [ 9B78249A7866242755C866CE3CA9CA72, 4A19C8E3DCA6E4437FB7E6EA3723D6E9EE0B75C65E69BDA514E97813E207149A ] RTSUER          C:\WINDOWS\system32\Drivers\RtsUer.sys

15:07:57.0292 0x1dec  RTSUER - ok

15:07:57.0292 0x1dec  [ B5DAEE69BACA64D2BB004568E22D8756, C0072CF6B438ED756435A182D55AC55F3AD356ACBD483DE06A94893D3CA8CCC5 ] s3cap           C:\WINDOWS\System32\drivers\vms3cap.sys

15:07:57.0292 0x1dec  s3cap - ok

15:07:57.0316 0x1dec  [ 6F8E95716C1A27FF2FE96D30B147F1C1, 9403E9FE8B13EE294CFBBD96649BBD54CF723CF5872E3E03DA4380379D677983 ] SamSs           C:\WINDOWS\system32\lsass.exe

15:07:57.0320 0x1dec  SamSs - ok

15:07:57.0328 0x1dec  [ 5E73FB63E2DBC75FE0C17DEB0010CE0E, 9DAC47486262397D03BC01F7438CAB62CF33BD7B5283F5B9548C770A3D6D0ADC ] sbp2port        C:\WINDOWS\system32\drivers\sbp2port.sys

15:07:57.0328 0x1dec  sbp2port - ok

15:07:57.0340 0x1dec  [ 3CD0130FFDEAEACF0905B482F3934EA3, 1EC355B63135FD2563093EBB206741C0C4CCE0551A662F6DC86C875146A88B06 ] SCardSvr        C:\WINDOWS\System32\SCardSvr.dll

15:07:57.0348 0x1dec  SCardSvr - ok

15:07:57.0360 0x1dec  [ 5E8ECCE130A72107B6DFDBE26185A7FB, 811E2CE485BC14161FF629069BCCF53B2B8C6F8B1E1A6B3A3C86DBE4F85A5577 ] ScDeviceEnum    C:\WINDOWS\System32\ScDeviceEnum.dll

15:07:57.0360 0x1dec  ScDeviceEnum - ok

15:07:57.0360 0x1dec  [ 3D9A82B03C92D1FEC42CB171D6F57778, DC027F02F5EB5F1D10DB6F405FB0C15D4D5C922445F5F3C916624113278AF072 ] scfilter        C:\WINDOWS\system32\DRIVERS\scfilter.sys

15:07:57.0360 0x1dec  scfilter - ok

15:07:57.0392 0x1dec  [ D4DB6B318A0A0C74A90260725A228C0B, 57BA2EF9D880488C785C806ABF9EE753A48E589129442D72F815CD6EFFA07B22 ] Schedule        C:\WINDOWS\system32\schedsvc.dll

15:07:57.0420 0x1dec  Schedule - ok

15:07:57.0428 0x1dec  [ 9055ADDFBA4C8B914C914CE693B55C0A, DB213AC36E14D856B81D2AFE46815402537A2ABEEA15032A9FF436F953129441 ] scmbus          C:\WINDOWS\system32\drivers\scmbus.sys

15:07:57.0428 0x1dec  scmbus - ok

15:07:57.0436 0x1dec  [ B6F2363584E62960846F7C3F00124A4F, 252189FF9D623CF69BF415FF7C7FE74B0BBF756B632420578BFAFF6595616CF7 ] scmdisk0101     C:\WINDOWS\System32\drivers\scmdisk0101.sys

15:07:57.0440 0x1dec  scmdisk0101 - ok

15:07:57.0448 0x1dec  [ E189727B3C9909A85B33A16B290E192E, 2C273A9F44EDC5E5435904E9681973854B2F3EBB6100021BB139FF0CCCE9BF20 ] SCPolicySvc     C:\WINDOWS\System32\certprop.dll

15:07:57.0452 0x1dec  SCPolicySvc - ok

15:07:57.0467 0x1dec  [ 7C3D10BEC8B0DBA00A78C78EB10B3AE2, A671C9CB97977613576D70607E106C7A29B9EA9E875C7C5AF293EE5903D7AD0A ] sdbus           C:\WINDOWS\System32\drivers\sdbus.sys

15:07:57.0472 0x1dec  sdbus - ok

15:07:57.0477 0x1dec  [ F3714DBAA42C15F78FFCDFE4273214EB, 2D018970B92C5F0744FAE10A2FC298F3DCEA5C2EDEB760F4F0651337B9878ABF ] SDRSVC          C:\WINDOWS\System32\SDRSVC.dll

15:07:57.0477 0x1dec  SDRSVC - ok

15:07:57.0493 0x1dec  [ 120DFCB71D6C502613A9E2D50E16850C, 2C294010AD1C9C380CD5221A37720544178B7358C8C8553AF44055E4CEE5DAF5 ] sdstor          C:\WINDOWS\System32\drivers\sdstor.sys

15:07:57.0493 0x1dec  sdstor - ok

15:07:57.0512 0x1dec  [ EFD644DD091E1D94555FC3BBC95EA66D, FBDDA6680BEC378CCF12A32D9186020E884DA15A1E789D1531B1E687FC7B54B1 ] seclogon        C:\WINDOWS\system32\seclogon.dll

15:07:57.0512 0x1dec  seclogon - ok

15:07:57.0524 0x1dec  [ F48535714BED7DD784853889B4594B26, 9B4AB7E7293E79A8F6CC46C84F23E62AD3BD6E958FCE078CDBB125A69FAC7E50 ] SENS            C:\WINDOWS\System32\sens.dll

15:07:57.0528 0x1dec  SENS - ok

15:07:57.0610 0x1dec  [ CF2AEB951CFC56D4F6CF2D66218B673C, CEA0B0E0251EA198893830080EE4CB8A9F18ADBF1F6FEFFC9C7E8AB4588D0639 ] SensorDataService C:\WINDOWS\System32\SensorDataService.exe

15:07:57.0634 0x1dec  SensorDataService - ok

15:07:57.0650 0x1dec  [ C09A42163878A082C3F0D0A3DFE95714, 8033DC38D0EDED3758DA6BF8C1955BE5FFE48863C079C589660B37D0E461300F ] SensorService   C:\WINDOWS\system32\SensorService.dll

15:07:57.0658 0x1dec  SensorService - ok

15:07:57.0662 0x1dec  [ E6F00415DADCEEC860E7AB42BFD19A65, 274CAF22F93D43B6DB6953730E3DF8DA94776B24EEE74B80AB4CD780BC1366A9 ] SensrSvc        C:\WINDOWS\system32\sensrsvc.dll

15:07:57.0662 0x1dec  SensrSvc - ok

15:07:57.0679 0x1dec  [ 401D706DDC0A7AF18C3DD228ADF74551, 27C0B38D7C2E3F6FF06201124E63483931F6071954B2B99EC0143C464238C0B7 ] SerCx           C:\WINDOWS\system32\drivers\SerCx.sys

15:07:57.0679 0x1dec  SerCx - ok

15:07:57.0679 0x1dec  [ 7084D11083F0CDCA8B5C76F9846ABF5D, F639920882B0E784D8CFAF0D4C0F0C411937B6831E5DD99B0ABFBFE06BA4742F ] SerCx2          C:\WINDOWS\system32\drivers\SerCx2.sys

15:07:57.0679 0x1dec  SerCx2 - ok

15:07:57.0694 0x1dec  [ 3FF478A8ED32A83C36581425F6282B6C, 787646A17098EA7CF36064D0A950C1D470D4A280C8C5AC40023D566E53860EAE ] Serenum         C:\WINDOWS\System32\drivers\serenum.sys

15:07:57.0694 0x1dec  Serenum - ok

15:07:57.0694 0x1dec  [ 92509187AA171A80521528B36F753E1D, FE0DA272B8A155ECC161E99586C4AE7EE17B1C84BC330DA1566C83B8E03FA825 ] Serial          C:\WINDOWS\System32\drivers\serial.sys

15:07:57.0711 0x1dec  Serial - ok

15:07:57.0715 0x1dec  [ 433D38FF6D08B993847EA2A10EB8CB52, 29BA75DB6D1AC761BBDFB5AC8874FC7D763E1CD10D290E369063B34CE951270F ] sermouse        C:\WINDOWS\System32\drivers\sermouse.sys

15:07:57.0715 0x1dec  sermouse - ok

15:07:57.0739 0x1dec  [ 82CF273F0E8F243789683DEB40757569, 5433D93A41C4BF04494E6158931C6AC3154888F7CD3A417253EC02FF7EA6D00E ] SessionEnv      C:\WINDOWS\system32\sessenv.dll

15:07:57.0747 0x1dec  SessionEnv - ok

15:07:57.0768 0x1dec  [ 697D3EE0740AEAB62B66ABCA1C83D13B, FCF54A0071ED04AD3FC8551C67FE5FD49089DC0510F753052CAC5972A65C9E3D ] sfloppy         C:\WINDOWS\System32\drivers\sfloppy.sys

15:07:57.0769 0x1dec  sfloppy - ok

15:07:57.0815 0x1dec  [ E38BE81F0F6D9C74E420A82BC6A02AFE, 25D7594FD1BE0B303F9777ACBA702ACD0C27B00D21F82659989C40636851A330 ] SharedAccess    C:\WINDOWS\System32\ipnathlp.dll

15:07:57.0823 0x1dec  SharedAccess - ok

15:07:57.0872 0x1dec  [ 482E6BE8A07832E824080D352075ACA1, 4123A76C8E805AF4FE229C53E9C174095C0937913BA81A63FE9B45C44AA5B15F ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll

15:07:57.0880 0x1dec  ShellHWDetection - ok

15:07:57.0880 0x1dec  [ CF3BDF9EAD8D3EF671E9339B44B185BA, C17EC6D5B00F49D9C8B5B6C262A85F34ED71C58450659F006B3632AA84F68E23 ] shpamsvc        C:\WINDOWS\system32\Windows.SharedPC.AccountManager.dll

15:07:57.0896 0x1dec  shpamsvc - ok

15:07:57.0912 0x1dec  [ A34CE1830E45DA98932295FDE4B7908A, FC553ECF4D64B4B10B7FDE5352707785517A18D487A80665BAFC7261E3F35CDC ] SiSRaid2        C:\WINDOWS\system32\drivers\SiSRaid2.sys

15:07:57.0912 0x1dec  SiSRaid2 - ok

15:07:57.0933 0x1dec  [ A7B5C670770E908DA5FEF5BF1136E933, 8D3BB6FF65E631C34BE8EA766481B2FDB2E1E916A4FD67F86705A8975A136E6C ] SiSRaid4        C:\WINDOWS\system32\drivers\sisraid4.sys

15:07:57.0933 0x1dec  SiSRaid4 - ok

15:07:57.0979 0x1dec  [ B72B80E6FF423C5011E745CB76DA9A08, 18A6B9D46E91AD4D463EB5CB832702392D2E162577F90C328B515FCE69FABD15 ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe

15:07:57.0980 0x1dec  SkypeUpdate - ok

15:07:58.0013 0x1dec  [ D233EAE2A9D48485321816486ED635EF, 03AB49BE9CF15EB7EDC50C400E673B4DF0E5BFDA9A7811E157F2AF2F3CF38D49 ] smphost         C:\WINDOWS\System32\smphost.dll

15:07:58.0016 0x1dec  smphost - ok

15:07:58.0080 0x1dec  [ 0B217141AC1283655402CDB356577735, 6EFA4CA46CFC8B7156CE7E5CA89B7F7073E16D66C2FC13F4DB95FEB78CCF698F ] SmsRouter       C:\WINDOWS\system32\SmsRouterSvc.dll

15:07:58.0080 0x1dec  SmsRouter - ok

15:07:58.0096 0x1dec  [ 6F4CE07D420FB657B5936F71101ABD41, CEC52984C56E578E0FFE12BE1B8148335F788B7D1751F2D0E79B944A41113C20 ] SNMPTRAP        C:\WINDOWS\System32\snmptrap.exe

15:07:58.0096 0x1dec  SNMPTRAP - ok

15:07:58.0125 0x1dec  [ 21FF393512F51F5A98620C794B4488A3, 8A35923D3D6993FC014D86F0F7BD5C106586824DB8D26C04DC2AD0B8ED13ED20 ] Sony PC Companion C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe

15:07:58.0129 0x1dec  Sony PC Companion - ok

15:07:58.0145 0x1dec  [ 8BDB9E47D84144110F05AB757E630374, 8A49004895B8AD17C877AA8E7B6A0F14936BDDCBB88F0E5FB880DD0D816AEAB4 ] spaceport       C:\WINDOWS\system32\drivers\spaceport.sys

15:07:58.0153 0x1dec  spaceport - ok

15:07:58.0161 0x1dec  [ E03264C4C25B568F92ED1656AD541E64, D42942BFFBC7213D204FAF84F4FE015FC23A6ACB29B5E752834EDBC17A3AC20D ] SpbCx           C:\WINDOWS\system32\drivers\SpbCx.sys

15:07:58.0161 0x1dec  SpbCx - ok

15:07:58.0206 0x1dec  [ 1DFE222F8D6A422B7ADC909E0C8840DA, 96761691CF4447710D65573044A1005F2F0F89443DF581A30B97D7944940BB70 ] Spooler         C:\WINDOWS\System32\spoolsv.exe

15:07:58.0222 0x1dec  Spooler - ok

15:07:58.0531 0x1dec  [ 23529A00195CE71252FEBF647E56E27D, 8ADF7A1C96DAE005E9A974D90BE8954F88D49B6848252B88513C49E0A3BD9774 ] sppsvc          C:\WINDOWS\system32\sppsvc.exe

15:07:58.0619 0x1dec  sppsvc - ok

15:07:58.0639 0x1dec  [ FD3C05C412BE1C9FA477AD9CF9B2AADB, 19BEF5B3A0DAF8227200C2294547A497021F0B2558211345BFFFD13678522592 ] srv             C:\WINDOWS\system32\DRIVERS\srv.sys

15:07:58.0647 0x1dec  srv - ok

15:07:58.0673 0x1dec  [ 55CA5329D1ADEB8F8034045930147AE4, D4F31BC82700D166564C7F9CDCEA3ABAB4A37B55137C34572768DF46FDA9320A ] srv2            C:\WINDOWS\system32\DRIVERS\srv2.sys

15:07:58.0684 0x1dec  srv2 - ok

15:07:58.0699 0x1dec  [ F13EE0DB1FB1D6946AC3228D7EFCFC8F, 109A809F0338FAB0F4045FA5EE33C6F0A994A9F586B2FBD8920A6AABA0E0EF66 ] srvnet          C:\WINDOWS\system32\DRIVERS\srvnet.sys

15:07:58.0703 0x1dec  srvnet - ok

15:07:58.0713 0x1dec  [ 44758105AB3EA34E815D4B6CA1153311, 7F223A20D2538C123BAC6F75BE0E126876A116F09502FD980C05B8916E26E1B7 ] SSDPSRV         C:\WINDOWS\System32\ssdpsrv.dll

15:07:58.0720 0x1dec  SSDPSRV - ok

15:07:58.0729 0x1dec  [ B97C7EC07218A8002323718202BF5E77, 39D3254383E3F49FD3E2DFF8212F4B5744D8D5E0A6BB320516C5EE525AD211EB ] SstpSvc         C:\WINDOWS\system32\sstpsvc.dll

15:07:58.0737 0x1dec  SstpSvc - ok

15:07:58.0753 0x1dec  [ 627FFBE52FEDF0460C3D7259FC0EDF50, 92CB006CA91E4AF0CAA3ECD74D9329C349650EAFF70D847E62D9D8F2BE38B3B1 ] ssudmdm         C:\WINDOWS\system32\DRIVERS\ssudmdm.sys

15:07:58.0757 0x1dec  ssudmdm - ok

15:07:58.0784 0x1dec  [ 9DA3B55B17B54789AFB8C657D4ACE4D7, 5E4599E682327E3B8097A88A69ED73F96254A29054744D5DFB782054863F131E ] ss_conn_service C:\Program Files (x86)\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe

15:07:58.0799 0x1dec  ss_conn_service - ok

15:07:58.0999 0x1dec  [ 4E330AD1EED4A5D582EE415FD55953A2, 2C02E1F45F74D250110BA5117AA942495CB2EBAC7F2CCECC284B4FB8F47B13E1 ] StateRepository C:\WINDOWS\system32\windows.staterepository.dll

15:07:59.0060 0x1dec  StateRepository - ok

15:07:59.0083 0x1dec  [ 29D26E1347AE1BBD4201014E19880B2C, 9E2153AD96CE4F189EEE43BB02515532C619FB1CA02D8F6DEF517AC3347AAA14 ] stexstor        C:\WINDOWS\system32\drivers\stexstor.sys

15:07:59.0083 0x1dec  stexstor - ok

15:07:59.0083 0x1dec  [ B11724BFE7DA1BA55903B4D849415F1A, ED09B6AD68C87FED34FC66CB6C7A74DFC3AF524E3BE89EDD18A5B6685F656ACA ] StillCam        C:\WINDOWS\system32\DRIVERS\serscan.sys

15:07:59.0083 0x1dec  StillCam - ok

15:07:59.0111 0x1dec  [ 91CB95B35481155BFE29C217CD237F27, CA66957DF1441D991453BEF02D768D44E5D9A484BC23C8874E8A7AC20904CB06 ] stisvc          C:\WINDOWS\System32\wiaservc.dll

15:07:59.0123 0x1dec  stisvc - ok

15:07:59.0135 0x1dec  [ 6BC6023E866489D22CE30E18846B80D9, FD0D13332F3E267524A9FA7FEC128298D4905722807C172AE8E3DFE445C28DB1 ] storahci        C:\WINDOWS\system32\drivers\storahci.sys

15:07:59.0139 0x1dec  storahci - ok

15:07:59.0155 0x1dec  [ C5E0ACE4771F5575D9D5B457ABF3AD03, 365880BC5AC313F25C313EFB7758301F98D9B2BF4C5FC9499F98C2B7F8407D96 ] storflt         C:\WINDOWS\system32\drivers\vmstorfl.sys

15:07:59.0155 0x1dec  storflt - ok

15:07:59.0163 0x1dec  [ B66D8C75C9BC59D637177AB3B1C569A6, 76252A631F03EEBF5FDC7693F6B0A5E73838CDBE3157114CC96B8BBE88B476BF ] stornvme        C:\WINDOWS\system32\drivers\stornvme.sys

15:07:59.0167 0x1dec  stornvme - ok

15:07:59.0176 0x1dec  [ BEBF85EB4D90E6996047DA027D0ED26E, DF109CF0F07CDD1B9B702C2A076D4DD5366DAAD971CC9359AF0358E79981706F ] storqosflt      C:\WINDOWS\system32\drivers\storqosflt.sys

15:07:59.0178 0x1dec  storqosflt - ok

15:07:59.0184 0x1dec  [ B91FBE7CB4633FEB32AFBD0B48576396, 9EFDD92E8096CE5555F8DC3C870864E5515469603C2373B99B3607234633CA66 ] StorSvc         C:\WINDOWS\system32\storsvc.dll

15:07:59.0200 0x1dec  StorSvc - ok

15:07:59.0208 0x1dec  [ 8E73037A6F8938475692FFCC26EBF385, F78C5CD1A3CD17AA831EEC82426B14006B4DDBC9085A4814E04E8C37FD6B05F7 ] storufs         C:\WINDOWS\system32\drivers\storufs.sys

15:07:59.0208 0x1dec  storufs - ok

15:07:59.0212 0x1dec  [ 9D9DED47DA10E845EFF2DD57C94C809B, 520D0CE7A867051B80C8141E351FE5A5BCE3C99776093F234DB77D3407B1F104 ] storvsc         C:\WINDOWS\system32\drivers\storvsc.sys

15:07:59.0216 0x1dec  storvsc - ok

15:07:59.0220 0x1dec  [ 224C92E442B1B8C20C274332F1ACF00D, CDE5DCFB7A21089464A6E2ABB29BBE08B184C3433C218756AA5902A8F67C0B2C ] svsvc           C:\WINDOWS\system32\svsvc.dll

15:07:59.0224 0x1dec  svsvc - ok

15:07:59.0236 0x1dec  [ 505E0C40B5D0ADDCBB414640F59BD2E0, DF4B5E65FE6FF2224F298A2A2FAC9B648C082DFF8463148633647580A9FAD34D ] swenum          C:\WINDOWS\System32\drivers\swenum.sys

15:07:59.0236 0x1dec  swenum - ok

15:07:59.0256 0x1dec  [ 2EE27411B5904C63D723BEA391819F58, C88C11D460E90398E16011B8A2CED5EE5626084F24790EA6115532F8F70060C6 ] swprv           C:\WINDOWS\System32\swprv.dll

15:07:59.0264 0x1dec  swprv - ok

15:07:59.0284 0x1dec  [ D67D9089A8A65FD4CC00E303D10D35BB, 9B5D8D57CB90959CDA118F90A4370114497A7F0CB102ABEF6D763C033DDFAEE9 ] SynRMIHID       C:\WINDOWS\system32\DRIVERS\SynRMIHID.sys

15:07:59.0284 0x1dec  SynRMIHID - ok

15:07:59.0284 0x1dec  [ 32F46FB0F290D16DAA452B289C985795, 73F88AAAA6026DB4C27F1D054145216DCC3F1960946FB2A7A90518DD1D5737CB ] Synth3dVsc      C:\WINDOWS\System32\drivers\Synth3dVsc.sys

15:07:59.0284 0x1dec  Synth3dVsc - ok

15:07:59.0354 0x1dec  [ FED48B19D6F55D7A3AB498D85729D1BA, FA5E0E02BC2E2DE108C55991E3B063CC947072228B53539F42F922661510DE7C ] SysMain         C:\WINDOWS\system32\sysmain.dll

15:07:59.0362 0x1dec  SysMain - ok

15:07:59.0404 0x1dec  [ D9FEA79BF6AF136F8E656AE045C2FEC8, E6F08A93348E035185F0F1C6B6277E636F4F25D1136E3ACCA63488DAEEC7114B ] SystemEventsBroker C:\WINDOWS\System32\SystemEventsBrokerServer.dll

15:07:59.0412 0x1dec  SystemEventsBroker - ok

15:07:59.0428 0x1dec  [ 86E7FD5C8DBEC1EB51C4368561402B75, 86EE61414CD5854E39E33F67BF5DA4377B569B3ED4D18882C470BC6784891DA1 ] TabletInputService C:\WINDOWS\System32\TabSvc.dll

15:07:59.0432 0x1dec  TabletInputService - ok

15:07:59.0448 0x1dec  [ 3929C8FC134AC672C4F3F85160956257, CD3195CA58BA6F55EA0DDA2BE6AB58280AD1CA488D7AAA1539DD05FB99374F36 ] TapiSrv         C:\WINDOWS\System32\tapisrv.dll

15:07:59.0456 0x1dec  TapiSrv - ok

15:07:59.0536 0x1dec  [ F3CFBE74DAF9ABD06F0B2A037DC4C90A, 17644CD7F70CCFFC9C0881AB4017F30D030DE4884B6029C48859C9CF9CA2F14E ] Tcpip           C:\WINDOWS\system32\drivers\tcpip.sys

15:07:59.0578 0x1dec  Tcpip - ok

15:07:59.0640 0x1dec  [ F3CFBE74DAF9ABD06F0B2A037DC4C90A, 17644CD7F70CCFFC9C0881AB4017F30D030DE4884B6029C48859C9CF9CA2F14E ] Tcpip6          C:\WINDOWS\system32\drivers\tcpip.sys

15:07:59.0683 0x1dec  Tcpip6 - ok

15:07:59.0804 0x1dec  [ 1A95043750E359F993154EF8559BE518, C1CDFAA87084B4D7CF38598E6C723EDD2E1DCA23D29449F48D016F589DACEA29 ] tcpipBM         C:\Windows\system32\drivers\tcpipBM.sys

15:07:59.0804 0x1dec  tcpipBM - ok

15:07:59.0828 0x1dec  [ EC9450227A4C661513661F1F9C1F7DD6, 4DB122DECEA7C76BD20A6682958609A40CA2C9EDD236DFA19E9B31C57114DA3A ] tcpipreg        C:\WINDOWS\system32\drivers\tcpipreg.sys

15:07:59.0832 0x1dec  tcpipreg - ok

15:07:59.0840 0x1dec  [ 0B237F8A96952BF95A14865030E131F2, 263089672218D3A768A6FC9D28DBEFE113D6757A9ECBAB4D364A62AC5DDA8AAE ] tdx             C:\WINDOWS\system32\DRIVERS\tdx.sys

15:07:59.0844 0x1dec  tdx - ok

15:08:00.0136 0x1dec  [ E72B44F86082DFE649CD991E3CD2F8B6, C5A1E53E41E48D3465A7D96886A1E5D1C3145C7E1A40FB74E3A05EDC2DA04F84 ] TeamViewer      C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe

15:08:00.0282 0x1dec  TeamViewer - ok

15:08:00.0293 0x1dec  [ 06130AFFECEB94525FC2352936576B70, 10EBE2C8FDC087D29E2FFB328F0F7905A5374AB8CC9FAE8699E7676DBC8CBF91 ] terminpt        C:\WINDOWS\System32\drivers\terminpt.sys

15:08:00.0297 0x1dec  terminpt - ok

15:08:00.0376 0x1dec  [ FB68E5F02316C42BE7282DA492351C6F, AC31D841FEA58B776127E138DB20F8D48E26FD8C00CE2FA9695EA14EBF159A0A ] TermService     C:\WINDOWS\System32\termsrv.dll

15:08:00.0393 0x1dec  TermService - ok

15:08:00.0397 0x1dec  [ 2AF438EC0D361A7BBB70E604A686602C, 4BE6A0461EB2CB94288614434A1CEC81C2ED46241721FD5BBD8ABE0680F7C804 ] Themes          C:\WINDOWS\system32\themeservice.dll

15:08:00.0397 0x1dec  Themes - ok

15:08:00.0413 0x1dec  [ 1482B8ED5CACA87992A882B853B83CEE, 613247F0E362A109090E8563D977DECC50C64D45D6962905FA84A2D59329045C ] TieringEngineService C:\WINDOWS\system32\TieringEngineService.exe

15:08:00.0413 0x1dec  TieringEngineService - ok

15:08:00.0460 0x1dec  [ 3B3C607C3C62DFBEF61938DA2CAB94DF, E5EEA7F45A7BBFDF6F0003CD77E39958C451DD1B4B401876B5619A3C20F5C370 ] tiledatamodelsvc C:\WINDOWS\system32\tileobjserver.dll

15:08:00.0476 0x1dec  tiledatamodelsvc - ok

15:08:00.0485 0x1dec  [ C1F8CBE2D4843E0CCC3EFEA2EC60D4AB, 9D07527D982066922318C77AECE99280DE55034C375ACE145E827A6BEB5C3B70 ] TimeBrokerSvc   C:\WINDOWS\System32\TimeBrokerServer.dll

15:08:00.0485 0x1dec  TimeBrokerSvc - ok

15:08:00.0516 0x1dec  [ 46171262D0E806779DEEDFCAB2F830CC, 7F4A4658B8BA217D99E5B5C0E01600C20DC96ECBCA32A5BA7FBE17D2A7B8BFD8 ] TPM             C:\WINDOWS\System32\drivers\tpm.sys

15:08:00.0516 0x1dec  TPM - ok

15:08:00.0532 0x1dec  [ 3B91F35089240F6187AD681A5EC28BDE, 3D035CB73BC8E7831DCD0FB7D9DAD91CE51D3D0F9D9C8B866A0009BD508B6702 ] TrkWks          C:\WINDOWS\System32\trkwks.dll

15:08:00.0532 0x1dec  TrkWks - ok

15:08:00.0600 0x1dec  [ 09440FA30C020B4443391FAFCF4876E3, 208C7725F70C75D8C96CCAF5B22F83B8B1C66D8C9FFF48465B1C9F4A77425569 ] TrustedInstaller C:\WINDOWS\servicing\TrustedInstaller.exe

15:08:00.0600 0x1dec  TrustedInstaller - ok

15:08:00.0616 0x1dec  [ A6F4025664C9D4BC2A9EDAB4092706D7, 89808A1679C0E716F86F06EE7701DCC289200894F0FA1F120DA2AC3A45FDB312 ] tsusbflt        C:\WINDOWS\system32\drivers\TsUsbFlt.sys

15:08:00.0616 0x1dec  tsusbflt - ok

15:08:00.0631 0x1dec  [ 37A96AD493E110C0BF1EE0AC0F9E7DBD, F2A6894A4AEE18DF2B92222CDB0801A13AEEB7212071F0431430788339B30E23 ] TsUsbGD         C:\WINDOWS\System32\drivers\TsUsbGD.sys

15:08:00.0631 0x1dec  TsUsbGD - ok

15:08:00.0631 0x1dec  [ 79E264287F17D56D768440B0270466DE, ABF9DC95C5E939B30BFD9BF9EDFDB3BD78A9DFCB055B945965303B6A60E6D7A7 ] tunnel          C:\WINDOWS\System32\drivers\tunnel.sys

15:08:00.0631 0x1dec  tunnel - ok

15:08:00.0684 0x1dec  [ 13781908186770ABE9F8EBCC2B45B138, 4BEC8466254E0C6492CC55CE344A6173878CFA040238C6BE5842E5209F066DEE ] tzautoupdate    C:\WINDOWS\system32\tzautoupdate.dll

15:08:00.0684 0x1dec  tzautoupdate - ok

15:08:00.0700 0x1dec  [ AA65954F512BA097DD190790876DD991, C1BB2B8F54F064D01190327B5E7949EBBDA21D6FC6F94D9FCD20F685C2F855FA ] UASPStor        C:\WINDOWS\System32\drivers\uaspstor.sys

15:08:00.0700 0x1dec  UASPStor - ok

15:08:00.0716 0x1dec  [ AB6268022C3A5B529075A39C33904DA6, 2717F1704640201F2681711543EA39A74C3E89C7DB232EC5DD89FD8AA6F07846 ] UcmCx0101       C:\WINDOWS\system32\Drivers\UcmCx.sys

15:08:00.0716 0x1dec  UcmCx0101 - ok

15:08:00.0731 0x1dec  [ 7ED2EDA43D21C7A5F589A7960E265C52, 7DB8A595236FBB8A264D7AB155201357212855050ABB5B1036EF32F1223FDCC2 ] UcmTcpciCx0101  C:\WINDOWS\system32\Drivers\UcmTcpciCx.sys

15:08:00.0731 0x1dec  UcmTcpciCx0101 - ok

15:08:00.0731 0x1dec  [ 169351463039B45F5CDED9768879F712, 990C8C4AEF9ED7FF6BCEAE67F7BDAA037777B142B8D96A74F8715C941A5C63C6 ] UcmUcsi         C:\WINDOWS\System32\drivers\UcmUcsi.sys

15:08:00.0731 0x1dec  UcmUcsi - ok

15:08:00.0747 0x1dec  [ 08A9E3AD29B215484FBB68CDC175DF3A, 3EFFF99C3BC4A1454E3D2B5177AE587ED3041AB4CE2A95BA7E28A2124E38E1E5 ] Ucx01000        C:\WINDOWS\system32\drivers\ucx01000.sys

15:08:00.0747 0x1dec  Ucx01000 - ok

15:08:00.0763 0x1dec  [ DA70AEE267491AA56BC63AA0C0C96CA2, 0A0AADB27607F9292BB3CE000CFDDB19BD4CA09EAAD926C4925CB43B17817AD9 ] UdeCx           C:\WINDOWS\system32\drivers\udecx.sys

15:08:00.0763 0x1dec  UdeCx - ok

15:08:00.0781 0x1dec  [ FBC5ECF6D5A868D0B116C2DBB02B8168, 945AA76C60ABAD6075B5C8F9172C018F75BCF393A1CB8B329F5E68E664627775 ] udfs            C:\WINDOWS\system32\DRIVERS\udfs.sys

15:08:00.0785 0x1dec  udfs - ok

15:08:00.0785 0x1dec  [ B918E40FAA9CD118CCA4AD388B748C98, 4B539B7B656F02C5E5BAEE52A677757B05CC11C5500D619850A564C28FAB8115 ] UEFI            C:\WINDOWS\System32\drivers\UEFI.sys

15:08:00.0785 0x1dec  UEFI - ok

15:08:00.0800 0x1dec  [ 0FD75222C1AD2687AB365BEBEA400DD4, AD10DBCA59EB7D34FD8F963CE267F36774A9BC613F8D637903B12AC88C328E8A ] Ufx01000        C:\WINDOWS\system32\drivers\ufx01000.sys

15:08:00.0800 0x1dec  Ufx01000 - ok

15:08:00.0816 0x1dec  [ C1A78C53E01C641AE41BFA65797819F5, 0B9FE1BD724B3315199A1B1DA2F03255E4FE744DA3CE6CD0F77699A8E42E9359 ] UfxChipidea     C:\WINDOWS\System32\drivers\UfxChipidea.sys

15:08:00.0816 0x1dec  UfxChipidea - ok

15:08:00.0816 0x1dec  [ 767307212110EBEFB93EC9A5BE9E85B9, 368797400FE54802CE74F34B773CE2AF09EB8DEA6C035B55419A52F0B5A6FAD0 ] ufxsynopsys     C:\WINDOWS\System32\drivers\ufxsynopsys.sys

15:08:00.0832 0x1dec  ufxsynopsys - ok

15:08:00.0832 0x1dec  [ 8578F83EC5175920F2D8586FFF9DCE47, 049A16AC87F93E761150C8286633FFCA62EE85F5645DDE77D36BD0EB6481FF83 ] UI0Detect       C:\WINDOWS\system32\UI0Detect.exe

15:08:00.0832 0x1dec  UI0Detect - ok

15:08:00.0847 0x1dec  [ DC460AAA18CA2342FBBFB2DF9B044472, 14D45E059C596AE97506D26705F248CA1C2269160B31A60341060E8A93146CBD ] umbus           C:\WINDOWS\System32\drivers\umbus.sys

15:08:00.0847 0x1dec  umbus - ok

15:08:00.0847 0x1dec  [ C3CF0377917ECE6D65D7623E1E61568F, 4909695E04CBC86BFCFFBC15F332C367521054B7B4D3C141C7CA6B2E40E090B9 ] UmPass          C:\WINDOWS\System32\drivers\umpass.sys

15:08:00.0847 0x1dec  UmPass - ok

15:08:00.0863 0x1dec  [ 640CF093C1CF16D5FD317616CA348F31, BEC34D1AACA83BF5A84CE01F6A668E3CA5A33C56A446DC42EFFF7C43D22E1AE6 ] UmRdpService    C:\WINDOWS\System32\umrdp.dll

15:08:00.0883 0x1dec  UmRdpService - ok

15:08:00.0983 0x1dec  [ 4B956444AF2A352366CF59C3A4A87C64, B5FFAF5908DCF78DDA27EA1ABF2AFDD2BDD43FFC0259D847A7107B1597E22BD6 ] UnistoreSvc     C:\WINDOWS\System32\unistore.dll

15:08:01.0001 0x1dec  UnistoreSvc - ok

15:08:01.0032 0x1dec  [ 6CDA3536F6BAB7896A57EAB7DC07F379, 8FBE6457ECD1ABB518D9800EBA8A017774FFAA8EABD2EDC0825181A12FE9AEF6 ] upnphost        C:\WINDOWS\System32\upnphost.dll

15:08:01.0048 0x1dec  upnphost - ok

15:08:01.0048 0x1dec  [ 6B46FC140C9AF68E6E7697D66D59CB4D, F018B4784D65F1A8140A6EA69C35D6A7ECE01738694052FD54AFD2B81A8F2FF8 ] UrsChipidea     C:\WINDOWS\System32\drivers\urschipidea.sys

15:08:01.0048 0x1dec  UrsChipidea - ok

15:08:01.0063 0x1dec  [ B4402E7F0923F660270442CE76877ABE, 1C2DD26EAB71F75EA576E8DAABAF71FD7DC3DF807CF025617C774CEF33C0B718 ] UrsCx01000      C:\WINDOWS\system32\drivers\urscx01000.sys

15:08:01.0063 0x1dec  UrsCx01000 - ok

15:08:01.0085 0x1dec  [ 9DD431F1B94789CFB527E5D19261F124, 8F5A249A97C5B14B282E3147DD21951D2AD34B651E762814C12F4C26D74EC70C ] UrsSynopsys     C:\WINDOWS\System32\drivers\urssynopsys.sys

15:08:01.0085 0x1dec  UrsSynopsys - ok

15:08:01.0101 0x1dec  [ C87E32B90F085970D9637FBAD45EF6FE, C180EACD2EE479277DA5DBF39E43B428BD7945141B2451CB3946B0C1E495E76F ] usbccgp         C:\WINDOWS\System32\drivers\usbccgp.sys

15:08:01.0101 0x1dec  usbccgp - ok

15:08:01.0116 0x1dec  [ 0B663856474AC41924D9E9112203858F, 9E09F2A6279B48CAC09F8C7AA1F1BE02864D540C2ED1460CBA9FABCF0A546A1E ] usbcir          C:\WINDOWS\System32\drivers\usbcir.sys

15:08:01.0116 0x1dec  usbcir - ok

15:08:01.0132 0x1dec  [ F83D2250256203AC5DA5E8601C1AFDD7, AC0D90E2DB3051798B9D287CF3D0E92FED4000822E65A82775A29CF896B76F04 ] usbehci         C:\WINDOWS\System32\drivers\usbehci.sys

15:08:01.0132 0x1dec  usbehci - ok

15:08:01.0163 0x1dec  [ 7FFD26742321919590ED77FCA556D65F, F7FAB63C36F8519F5A7B9091C507F3CB580C390322FAF9155CCE7F66C965B968 ] usbhub          C:\WINDOWS\System32\drivers\usbhub.sys

15:08:01.0163 0x1dec  usbhub - ok

15:08:01.0216 0x1dec  [ 7A749B2863B5561BE34B39E8E249AD8F, E5B67DFAF5407007FD0CC408D6B4BA19DF59584819FC715E9F9E0FBF3EA00AAB ] USBHUB3         C:\WINDOWS\System32\drivers\UsbHub3.sys

15:08:01.0216 0x1dec  USBHUB3 - ok

15:08:01.0529 0x1dec  [ D2109F1F4FEBF1DAC415CDC5DE876479, C8A871EBD0E5EF004BA622A73DAC36C03608CD317FDCD0A6A98608DF4CC10D55 ] usbohci         C:\WINDOWS\System32\drivers\usbohci.sys

15:08:01.0529 0x1dec  usbohci - ok

15:08:01.0529 0x1dec  [ 29C9572F2D061CFC3C0BD48A3163E343, 2527DCC9E6D421F5DC40051C787A5270EB077746785465C9AA2A2AEEF47307D5 ] usbprint        C:\WINDOWS\System32\drivers\usbprint.sys

15:08:01.0529 0x1dec  usbprint - ok

15:08:01.0529 0x1dec  [ 2EC7B2C8123236B1233A77281D378DF7, D97DB59C9CAE2B8B33C707E8CEA7A65BF88712842CC715D270F7432A99D21BB6 ] usbscan         C:\WINDOWS\system32\DRIVERS\usbscan.sys

15:08:01.0529 0x1dec  usbscan - ok

15:08:01.0544 0x1dec  [ 429477D6DEF3321FF7D3EF23CAAADA00, BB7D2AFE99736AAFFA8B0B2DABF7D6A6D5CB9563B1DE6A7E86CE7DC9D27F31C0 ] usbser          C:\WINDOWS\System32\drivers\usbser.sys

15:08:01.0544 0x1dec  usbser - ok

15:08:01.0560 0x1dec  [ 0CC16F7B91C57AE9A4E44425A295FDAA, 7CEE11955E5742DA390601F565412C14A7481B8747C495CCD246696C56B426DC ] USBSTOR         C:\WINDOWS\System32\drivers\USBSTOR.SYS

15:08:01.0560 0x1dec  USBSTOR - ok

15:08:01.0560 0x1dec  [ C917D09064CDBD18F75ADC9B2C48F847, A7F6223346CCD7E84186CD0C0715014F8E3A4398298925A43290224678620D23 ] usbuhci         C:\WINDOWS\System32\drivers\usbuhci.sys

15:08:01.0560 0x1dec  usbuhci - ok

15:08:01.0602 0x1dec  [ B4F448F2424492F99F83D3676A453553, 42F1396616EA93BF91EA847B185C321B189F1A5138CA19D22397E8DB6D576973 ] usbvideo        C:\WINDOWS\System32\Drivers\usbvideo.sys

15:08:01.0602 0x1dec  usbvideo - ok

15:08:01.0617 0x1dec  [ 95BCCEFBC40D06484CF16144FE79B8A5, 8ABA73C5FFEDD319FB96B807AD08716698E557522478DF1A2C5D662675636AE0 ] USBXHCI         C:\WINDOWS\System32\drivers\USBXHCI.SYS

15:08:01.0617 0x1dec  USBXHCI - ok

15:08:01.0717 0x1dec  [ A39AFDD26E6F2E5595FF2D3997D7E1FE, 30DE54033DE437C16A069602529E63FF971AF0ABB383885E47B4DF5E0F8483AE ] UserDataSvc     C:\WINDOWS\System32\userdataservice.dll

15:08:01.0749 0x1dec  UserDataSvc - ok

15:08:01.0785 0x1dec  [ AA24C61D88E36BA1144072227922173D, 2EBBC827E740F72EA2E75745E585378189BC0DEE91CACD7FA31BDBC5EFCF8733 ] UserManager     C:\WINDOWS\System32\usermgr.dll

15:08:01.0802 0x1dec  UserManager - ok

15:08:01.0818 0x1dec  [ B0116A4304D08362EE75948BA38B76EA, 1175CA5F9281BA15ED35AFE94F13AE9080595CB16CF5B4B8C843CD22703F26D1 ] UsoSvc          C:\WINDOWS\system32\usocore.dll

15:08:01.0833 0x1dec  UsoSvc - ok

15:08:01.0833 0x1dec  [ 6F8E95716C1A27FF2FE96D30B147F1C1, 9403E9FE8B13EE294CFBBD96649BBD54CF723CF5872E3E03DA4380379D677983 ] VaultSvc        C:\WINDOWS\system32\lsass.exe

15:08:01.0833 0x1dec  VaultSvc - ok

15:08:01.0849 0x1dec  [ 0CBDE344FB48E42D78E29469F202ADBC, A1C3FBA5409DD3BBEAF1D3CE2583D6C8A621C0E4F534155EC540AFD67BC9E8CA ] vdrvroot        C:\WINDOWS\system32\drivers\vdrvroot.sys

15:08:01.0849 0x1dec  vdrvroot - ok

15:08:01.0918 0x1dec  [ 2C5D96D0BB7EDEF9F2F8966A31007CCE, A8FB02E9E1B8ED5F2026534360C229DA7FC11BA209DE9C3222C65D0A9652FD3C ] vds             C:\WINDOWS\System32\vds.exe

15:08:01.0918 0x1dec  vds - ok

15:08:01.0954 0x1dec  [ 723195568C8755CAD57F7933C5F2C5C2, 5C403799F67223605F825BC16D217C1EF5E1A0DDF00AC6380FE8976339B67D9B ] VerifierExt     C:\WINDOWS\system32\drivers\VerifierExt.sys

15:08:01.0958 0x1dec  VerifierExt - ok

15:08:01.0995 0x1dec  [ 3BB8D153A9A514EC9FFCB586251A1925, 5E4B46511F9791699826DC63B35528544347166BDE9981FB93F1F7F2A09599C7 ] vhdmp           C:\WINDOWS\System32\drivers\vhdmp.sys

15:08:01.0995 0x1dec  vhdmp - ok

15:08:02.0010 0x1dec  [ 7929228F0E8B0C2FA0495A17A4FC27F6, 1F1667B10A96B1D85ED165F62A5C0EF28C37F828B8280EA08BFCC1BAC03F2C90 ] vhf             C:\WINDOWS\System32\drivers\vhf.sys

15:08:02.0010 0x1dec  vhf - ok

15:08:02.0026 0x1dec  [ AEE432ED868831B1F068E373598F6D93, BAE91F47B0CB94B826CA010B490AD924D7B715911DF3FCE62F9165F3B571105C ] vmbus           C:\WINDOWS\system32\drivers\vmbus.sys

15:08:02.0026 0x1dec  vmbus - ok

15:08:02.0057 0x1dec  [ 9444B23FC694B5F90F21B0FC7F10D8DD, 86F92856F5C985DD8E5993B51E85E1F47EF8C9B2FB37468998C94266963BB4BD ] VMBusHID        C:\WINDOWS\System32\drivers\VMBusHID.sys

15:08:02.0057 0x1dec  VMBusHID - ok

15:08:02.0074 0x1dec  [ 4D0287F566B36536DD812A54C015FC4A, 01D6508CA59CF04A47902B1F7C202FD14A81240E0B447588D919DD1072B040CF ] vmgid           C:\WINDOWS\System32\drivers\vmgid.sys

15:08:02.0075 0x1dec  vmgid - ok

15:08:02.0087 0x1dec  [ 704609D80666FCB1DAE91260CF2CBB20, 0764DA123DA3FE8543B9205DDF17B0621E6A0F0DF95E8C3D177FD3FAED516119 ] vmicguestinterface C:\WINDOWS\System32\icsvc.dll

15:08:02.0087 0x1dec  vmicguestinterface - ok

15:08:02.0102 0x1dec  [ 704609D80666FCB1DAE91260CF2CBB20, 0764DA123DA3FE8543B9205DDF17B0621E6A0F0DF95E8C3D177FD3FAED516119 ] vmicheartbeat   C:\WINDOWS\System32\icsvc.dll

15:08:02.0102 0x1dec  vmicheartbeat - ok

15:08:02.0118 0x1dec  [ 704609D80666FCB1DAE91260CF2CBB20, 0764DA123DA3FE8543B9205DDF17B0621E6A0F0DF95E8C3D177FD3FAED516119 ] vmickvpexchange C:\WINDOWS\System32\icsvc.dll

15:08:02.0118 0x1dec  vmickvpexchange - ok

15:08:02.0134 0x1dec  [ F70DCCE72343449F0D12A0A92282B019, 3EFA99519387BE38C1CB482F1BFC9ED449BE9A5BD86883A1002725B8D4A5ECC1 ] vmicrdv         C:\WINDOWS\System32\icsvcext.dll

15:08:02.0149 0x1dec  vmicrdv - ok

15:08:02.0165 0x1dec  [ 704609D80666FCB1DAE91260CF2CBB20, 0764DA123DA3FE8543B9205DDF17B0621E6A0F0DF95E8C3D177FD3FAED516119 ] vmicshutdown    C:\WINDOWS\System32\icsvc.dll

15:08:02.0165 0x1dec  vmicshutdown - ok

15:08:02.0184 0x1dec  [ 704609D80666FCB1DAE91260CF2CBB20, 0764DA123DA3FE8543B9205DDF17B0621E6A0F0DF95E8C3D177FD3FAED516119 ] vmictimesync    C:\WINDOWS\System32\icsvc.dll

15:08:02.0187 0x1dec  vmictimesync - ok

15:08:02.0187 0x1dec  [ 704609D80666FCB1DAE91260CF2CBB20, 0764DA123DA3FE8543B9205DDF17B0621E6A0F0DF95E8C3D177FD3FAED516119 ] vmicvmsession   C:\WINDOWS\System32\icsvc.dll

15:08:02.0203 0x1dec  vmicvmsession - ok

15:08:02.0218 0x1dec  [ F70DCCE72343449F0D12A0A92282B019, 3EFA99519387BE38C1CB482F1BFC9ED449BE9A5BD86883A1002725B8D4A5ECC1 ] vmicvss         C:\WINDOWS\System32\icsvcext.dll

15:08:02.0234 0x1dec  vmicvss - ok

15:08:02.0234 0x1dec  [ 29075915F9BDC3437F8BED71C067D399, 2C7718080C11DFDD4C9A2085537F78F5633369B4A27D9C64168F0249594A4AA2 ] volmgr          C:\WINDOWS\system32\drivers\volmgr.sys

15:08:02.0234 0x1dec  volmgr - ok

15:08:02.0250 0x1dec  [ 6BDB6CE6D2D9E3D3F28F1C97E12B62E2, 5E77D7AF858D7B90FF395F39B86D6F96413D1DDEA28BC9FB40C5524A4DF6DAD0 ] volmgrx         C:\WINDOWS\system32\drivers\volmgrx.sys

15:08:02.0265 0x1dec  volmgrx - ok

15:08:02.0287 0x1dec  [ BF2546583BB75F01DDA60A7921DFB230, 579BD0BC55F4F03CD8D1FCDAC3975A1649C688820F2F7FC1AD354132D9E3BEE9 ] volsnap         C:\WINDOWS\system32\drivers\volsnap.sys

15:08:02.0287 0x1dec  volsnap - ok

15:08:02.0287 0x1dec  [ AC2E20A74D09D24485BE8396CE04F07B, 23FCE8BEE01B89E5CDCA536D75DBA6DCE3E92E13178A66836CEB7829310A89D1 ] volume          C:\WINDOWS\system32\drivers\volume.sys

15:08:02.0287 0x1dec  volume - ok

15:08:02.0319 0x1dec  [ 92F6E3E6D3F1795263EB34B37F74AEF7, 33AB1ECCA1216AF1995E1DB4F11E48156FF62391D7C176C8A4CC1037B9CB3A27 ] vpci            C:\WINDOWS\System32\drivers\vpci.sys

15:08:02.0319 0x1dec  vpci - ok

15:08:02.0319 0x1dec  [ FD9BCB8920973CEAD4D49DC7A6D8A618, 34AB4A485FB40DF737600006D8323BE927FB0BDA2BC170F4C123BE775EAE7CC8 ] vsmraid         C:\WINDOWS\system32\drivers\vsmraid.sys

15:08:02.0319 0x1dec  vsmraid - ok

15:08:02.0418 0x1dec  [ 6DBB20053A67EFE5D8114CE93D12BEB3, B48997FADA4A600FEBFE36B249684E9CAF01570BAD36ED1FC9DA99F2D100638E ] VSS             C:\WINDOWS\system32\vssvc.exe

15:08:02.0434 0x1dec  VSS - ok

15:08:02.0449 0x1dec  [ 0C111F220798CCE80484026E06822379, B98A5E44D3ABA67E6DE99E18BF3C2C606923E6269E262665C721F672ACBBED2A ] VSTXRAID        C:\WINDOWS\system32\drivers\vstxraid.sys

15:08:02.0465 0x1dec  VSTXRAID - ok

15:08:02.0487 0x1dec  [ 607639716E9DB1CEF4E18B5B229293B4, 1D997177093F907EFE8A04AD10443BB9C355C0D7657DBD449E7EE7FCABC3ECBC ] vwifibus        C:\WINDOWS\System32\drivers\vwifibus.sys

15:08:02.0487 0x1dec  vwifibus - ok

15:08:02.0502 0x1dec  [ B1ED64E628763148BF84FBE23F2AD711, 6182A39675E6049BC3DD353694720795A8E3D0331509AA8ABA4883D5C569AD5E ] vwififlt        C:\WINDOWS\system32\drivers\vwififlt.sys

15:08:02.0502 0x1dec  vwififlt - ok

15:08:02.0518 0x1dec  [ 59920894C38A827091A06AF559834E47, 8B40FE0B1BA3B2A79BFF70803D039DB921F85C978724722E5E5AFF188FA75471 ] vwifimp         C:\WINDOWS\System32\drivers\vwifimp.sys

15:08:02.0518 0x1dec  vwifimp - ok

15:08:02.0534 0x1dec  [ 76C1CC611352499326001F25A3ED15F8, 228BFA8A01BB1B3868576D509A2EA6F3D37FEDC8F12D4DC4E0A84CE926C6D1B1 ] W32Time         C:\WINDOWS\system32\w32time.dll

15:08:02.0549 0x1dec  W32Time - ok

15:08:02.0549 0x1dec  [ 55D00B785A7587F4263D125817871283, B92400B229099C1E243F2B149881A1423A2E9C8CA2D77D868B9B923BFDEC7FF2 ] WacomPen        C:\WINDOWS\System32\drivers\wacompen.sys

15:08:02.0565 0x1dec  WacomPen - ok

15:08:02.0583 0x1dec  [ 1483BE4D0135C378CB61D3CD73AB3E03, B7309C9E4F370860C507BF52D17234CDF4A7FAE95D2D822714E07EF5DEC0249B ] WalletService   C:\WINDOWS\system32\WalletService.dll

15:08:02.0587 0x1dec  WalletService - ok

15:08:02.0587 0x1dec  [ CEF3D306C09BEC1A800E9B4A06F859F6, 75D21F97E9F94FA97024F945AF512FEC94F88DD8073F3FAD92A6E0A9FDC586DB ] wanarp          C:\WINDOWS\system32\DRIVERS\wanarp.sys

15:08:02.0587 0x1dec  wanarp - ok

15:08:02.0603 0x1dec  [ CEF3D306C09BEC1A800E9B4A06F859F6, 75D21F97E9F94FA97024F945AF512FEC94F88DD8073F3FAD92A6E0A9FDC586DB ] wanarpv6        C:\WINDOWS\system32\DRIVERS\wanarp.sys

15:08:02.0603 0x1dec  wanarpv6 - ok

15:08:02.0687 0x1dec  [ 68CC5E83B6F220F5BD7B5BC394917505, 24A793E1293608D1D1DB9396627DBF5FE66C9EFD1D49CCCD832CF1762B4E0E7D ] wbengine        C:\WINDOWS\system32\wbengine.exe

15:08:02.0718 0x1dec  wbengine - ok

15:08:02.0750 0x1dec  [ 8C521D161445C3E1F38A494E7649E70D, F00990B2FE1FB52C74A2057E6480C5EBF2BDBC32955CC03C6B63360F20A49A18 ] WbioSrvc        C:\WINDOWS\System32\wbiosrvc.dll

15:08:02.0750 0x1dec  WbioSrvc - ok

15:08:02.0765 0x1dec  [ E330144B97D493AA886000DCAAA8DAF5, ED86F46F5A76FD8F06CA98BD61B174ADB9AD4B065394356872708DF8B614E4F9 ] wcifs           C:\WINDOWS\system32\drivers\wcifs.sys

15:08:02.0765 0x1dec  wcifs - ok

15:08:02.0818 0x1dec  [ CA10C91D802ABE6E5136E2168C2CD2B4, 5979FF9ED783ED3154257ED0507C7BBAF8C77C081CC30AE835EA8AF7508AAD08 ] Wcmsvc          C:\WINDOWS\System32\wcmsvc.dll

15:08:02.0833 0x1dec  Wcmsvc - ok

15:08:02.0861 0x1dec  [ D50645235A507B0546B1B5CF7D0B8849, 19F5FE10C953B8EE8EEDA9A9F7F2E97AA193BB085E7FC364066686089ADD1C9F ] wcncsvc         C:\WINDOWS\System32\wcncsvc.dll

15:08:02.0873 0x1dec  wcncsvc - ok

15:08:02.0888 0x1dec  [ AEA1093B751339267D8C8C1EF3D669CF, 8F3325E7FB16BD856A0593C36F2E3E018909038C52CD5F92E116E0C1366F31CB ] wcnfs           C:\WINDOWS\system32\drivers\wcnfs.sys

15:08:02.0892 0x1dec  wcnfs - ok

15:08:02.0907 0x1dec  [ D520B1B849B6D4D707AB31722B952C2D, 149BABB7BD63C1F212ADD9306C84FFB2A5CE6DC435BD3213EAB787E9B222C61F ] WdBoot          C:\WINDOWS\system32\drivers\WdBoot.sys

15:08:02.0907 0x1dec  WdBoot - ok

15:08:02.0954 0x1dec  [ 5030C76047D756263093A47B82970868, E772F15973F6DE36851DD230F1F4190746CD81CA1E7284DC074711C4BF45CAF0 ] Wdf01000        C:\WINDOWS\system32\drivers\Wdf01000.sys

15:08:02.0968 0x1dec  Wdf01000 - ok

15:08:02.0996 0x1dec  [ 29FF9199EDEB4F5470BB134D1A2563D2, 94713F98A6EA6042203D5DD0DE6758F5F0F331F7D4BB05E91EF20CEEEBD6780F ] WdFilter        C:\WINDOWS\system32\drivers\WdFilter.sys

15:08:03.0000 0x1dec  WdFilter - ok

15:08:03.0008 0x1dec  [ E7A7E8803E66B7CCED95D327A4DBC135, 401ECD953D4014A95C9022822D9ACEC1A68C917281DBA2365503A473FC6D9507 ] WdiServiceHost  C:\WINDOWS\system32\wdi.dll

15:08:03.0016 0x1dec  WdiServiceHost - ok

15:08:03.0024 0x1dec  [ E7A7E8803E66B7CCED95D327A4DBC135, 401ECD953D4014A95C9022822D9ACEC1A68C917281DBA2365503A473FC6D9507 ] WdiSystemHost   C:\WINDOWS\system32\wdi.dll

15:08:03.0028 0x1dec  WdiSystemHost - ok

15:08:03.0052 0x1dec  [ EDC08B8D3E67F96688774841C247B82A, DB5AFAF87C74431B8EB5420DBF5428691F291B63C2FDE8282EE2E399C76F63F3 ] wdiwifi         C:\WINDOWS\system32\DRIVERS\wdiwifi.sys

15:08:03.0068 0x1dec  wdiwifi - ok

15:08:03.0079 0x1dec  [ 17CF416CFF408190F5A4CBD79AB12E55, E376C8865C7EA633AE20D2CF940E4C7584AC783BAAF7941780FB6C4C84802F33 ] WdNisDrv        C:\WINDOWS\system32\Drivers\WdNisDrv.sys

15:08:03.0082 0x1dec  WdNisDrv - ok

15:08:03.0093 0x1dec  WdNisSvc - ok

15:08:03.0105 0x1dec  [ 3570C4E14F85CE0B537D126727ACA91C, A474C9E6B6E4E5945C63367C1D3D24D4782C4A4FEB00FAE15DFED099D8283078 ] WebClient       C:\WINDOWS\System32\webclnt.dll

15:08:03.0113 0x1dec  WebClient - ok

15:08:03.0131 0x1dec  [ 1785F9C96A0BDEC1F6E0C79EF412F342, D6D4EDA69457BEDDA69C2F60FC4C2FAC97D46CD8E9C1804CCD68F169383583E3 ] Wecsvc          C:\WINDOWS\system32\wecsvc.dll

15:08:03.0139 0x1dec  Wecsvc - ok

15:08:03.0143 0x1dec  [ B9175D63527B05131F2FA504CF0265F2, 1E43A17788F1B6A29E2889C81E0BE100D64BD3A9DEE7C154D9581F01D2D7D05F ] WEPHOSTSVC      C:\WINDOWS\system32\wephostsvc.dll

15:08:03.0147 0x1dec  WEPHOSTSVC - ok

15:08:03.0155 0x1dec  [ 5C58EC0C9D4DE04DCDE56F6DCEA62080, 8ED386EDF4C39C339CE0BB2AC7E199C38705E5A6B3F56A4987B9A8ABD19BB59F ] wercplsupport   C:\WINDOWS\System32\wercplsupport.dll

15:08:03.0163 0x1dec  wercplsupport - ok

15:08:03.0180 0x1dec  [ F899B355CC95AF26AB36E84E8A0DD685, C400F2F80FFF6473FEF066943C4A2AFF0FFE988A4F755757A2E5005C2A10DAD8 ] WerSvc          C:\WINDOWS\System32\WerSvc.dll

15:08:03.0185 0x1dec  WerSvc - ok

15:08:03.0200 0x1dec  [ E1785942AC51FEE6826CDF02075C5AA9, 56FE7017684086F4F9C3A2C0D3AC00369BA0938BA3987EEBEE9A75B8E3CA0AE1 ] WFPLWFS         C:\WINDOWS\system32\drivers\wfplwfs.sys

15:08:03.0204 0x1dec  WFPLWFS - ok

15:08:03.0224 0x1dec  [ B154618505A6A9026EFA6AB8C4123BF1, 713648D71AA027B4472E7E75B942630DBE7383687984B02A5E99C9E4192C95EB ] WiaRpc          C:\WINDOWS\System32\wiarpc.dll

15:08:03.0228 0x1dec  WiaRpc - ok

15:08:03.0259 0x1dec  [ 0CF79A0EACFFBB75A50A469A27696D02, E112BF7B5A8D0B0AD2EA0E7B9FD4E8CFEC9371C8E94A60248292D688AFE715C4 ] WIMMount        C:\WINDOWS\system32\drivers\wimmount.sys

15:08:03.0259 0x1dec  WIMMount - ok

15:08:03.0259 0x1dec  WinDefend - ok

15:08:03.0284 0x1dec  [ 0DE131733317EB4BE67028366B0CAAC6, AC7DADBF03A3752B4D33CA19F03DBCEDD6F56893C2DA25C98B0AB07063D990E3 ] WindowsTrustedRT C:\WINDOWS\system32\drivers\WindowsTrustedRT.sys

15:08:03.0287 0x1dec  WindowsTrustedRT - ok

15:08:03.0296 0x1dec  [ 92EB5D38BDF10C790450F3E46BF93A0E, 0FC027398DBD43EDC1F7D703C0B6DB20294DF34E67C9288442039B1A5663CE1B ] WindowsTrustedRTProxy C:\WINDOWS\system32\drivers\WindowsTrustedRTProxy.sys

15:08:03.0296 0x1dec  WindowsTrustedRTProxy - ok

15:08:03.0328 0x1dec  [ 4AB1AC1E60118443A14C241F91AC8FC9, 2B9237AC124874664E31B4F313BAAF8059BD0749653496784B4B89B4B7F66784 ] WinHttpAutoProxySvc C:\WINDOWS\system32\winhttp.dll

15:08:03.0343 0x1dec  WinHttpAutoProxySvc - ok

15:08:03.0359 0x1dec  [ F95DE20312ACCA7761446DE152BD1F7C, F6C5ACA500C2182437F4A7402BD81C3A2B77C0BBD78BA31FB574DC1997FCBFE6 ] WinMad          C:\WINDOWS\System32\drivers\winmad.sys

15:08:03.0359 0x1dec  WinMad - ok

15:08:03.0404 0x1dec  [ CD49CA8E3280ACEEC5ECF431A59F5EFD, 75F48EFC6DEE9E06B490703EE47602AFDEA51505285B02D2CF884601E71857CC ] Winmgmt         C:\WINDOWS\system32\wbem\WMIsvc.dll

15:08:03.0404 0x1dec  Winmgmt - ok

15:08:03.0551 0x1dec  [ B8C0D620219ECAA23A2AC841EAF454D1, FB527C4D36929D7FAE2A837727C557B7823A72069EBCAB7D16C49E8B21E8D952 ] WinRM           C:\WINDOWS\system32\WsmSvc.dll

15:08:03.0604 0x1dec  WinRM - ok

15:08:03.0620 0x1dec  [ 4EFB346BFDAEEB29316AA52BBB9852B1, 4BC5554F44BD9549D0A929D77BD410FA3EB502A7D0170303D369268672505494 ] WINUSB          C:\WINDOWS\System32\drivers\WinUSB.SYS

15:08:03.0620 0x1dec  WINUSB - ok

15:08:03.0620 0x1dec  [ 8B9AFF5F08E66A6F1F1063DEC9457FB6, 98F2AF6988D125521FD34CAA48B9652922F0C8ECFAE9B0C1DF4B3CE6B9CF500F ] WinVerbs        C:\WINDOWS\System32\drivers\winverbs.sys

15:08:03.0620 0x1dec  WinVerbs - ok

15:08:03.0651 0x1dec  [ EC80E34789681E01D3F1508EC2E13CB3, 584A043D7C58B71B8577A0B7F14BFFEFD6111B7167EE580E6E3EF395BA4059D2 ] wisvc           C:\WINDOWS\system32\flightsettings.dll

15:08:03.0651 0x1dec  wisvc - ok

15:08:03.0735 0x1dec  [ 5A7AA8198156DC2BFF9F064E29D11AF5, 9CBAF1B99B54CDE087E0FC0A2601B3F056F81F2F5AF63B5BB71C7389247E496A ] WlanSvc         C:\WINDOWS\System32\wlansvc.dll

15:08:03.0767 0x1dec  WlanSvc - ok

15:08:03.0868 0x1dec  [ E15711970C5BE05E8D70B294D0AFF621, 30670CFC4DA57B4A3E0E895E4111100D847BB8041A258A303524CD96DC566482 ] wlidsvc         C:\WINDOWS\system32\wlidsvc.dll

15:08:03.0893 0x1dec  wlidsvc - ok

15:08:03.0908 0x1dec  [ 14DC5897BC6C4E03C023AD80ABB7F539, E0C528555C0FCE726AF170B26A5DE4D1863BC0731365A595322444FC8E05931E ] WmBEnum         C:\WINDOWS\system32\drivers\WmBEnum.sys

15:08:03.0908 0x1dec  WmBEnum - ok

15:08:03.0908 0x1dec  [ 2DE0A0CEA49972C82C7E9D36BD4C1247, 363632409DF88DEFABD0B67E4A26DC287749F4C39C7C7C5C879480B1ED866B95 ] WmFilter        C:\WINDOWS\system32\drivers\WmFilter.sys

15:08:03.0908 0x1dec  WmFilter - ok

15:08:03.0924 0x1dec  [ 68AD463151D0E2325C8307A4C7A8808E, E8477B017E4A043D86E40CA4ADDC38F9D702CE1E41265AD78F8F78AD25296F63 ] WmHidLo         C:\WINDOWS\system32\drivers\WmHidLo.sys

15:08:03.0924 0x1dec  WmHidLo - ok

15:08:03.0924 0x1dec  [ 6F4F4F5A007D1710BD76FB311DA97C07, FC0FEA4364F6BA4E31DBC82735D09D429CA3BE9AFCFF5D5E1263D8B27FC2CE3E ] WmiAcpi         C:\WINDOWS\System32\drivers\wmiacpi.sys

15:08:03.0924 0x1dec  WmiAcpi - ok

15:08:03.0940 0x1dec  [ 3CDDFF6CAD962C5EF1C52FD667C358B6, F6F09145E9461EB17172988D26749FCF36920A1A683459334D04A6D072B31A92 ] wmiApSrv        C:\WINDOWS\system32\wbem\WmiApSrv.exe

15:08:03.0940 0x1dec  wmiApSrv - ok

15:08:03.0984 0x1dec  WMPNetworkSvc - ok

15:08:03.0999 0x1dec  [ C807E470CCA24F5E479DA4872A7D2121, 900273726C62D0815BACC15F9CCBF2E9389CB2E572D6D855B6B65B24853D0288 ] WmXlCore        C:\WINDOWS\system32\drivers\WmXlCore.sys

15:08:03.0999 0x1dec  WmXlCore - ok

15:08:04.0015 0x1dec  [ 43C8D087B31C592163B33A4BDA540E40, 3A6C4E5E56931B29321DCC723585F2F0E804EF4DCDEAB2A8687F30FC3AE70E43 ] Wof             C:\WINDOWS\system32\drivers\Wof.sys

15:08:04.0015 0x1dec  Wof - ok

15:08:04.0116 0x1dec  [ 5820CC51AB1C368F29ECCA713397D006, AA0CC2BC4DF7DBFB144FF47C3508BEEF00467C9D312C135AFB3406E42C6CD821 ] workfolderssvc  C:\WINDOWS\system32\workfolderssvc.dll

15:08:04.0150 0x1dec  workfolderssvc - ok

15:08:04.0158 0x1dec  [ F02930EB91596042F2221397D60AFCE5, 10E2AB0993B67CBAA9E11C68280608965064EC9F7E0C570F5B453FACADB8AB5D ] WPDBusEnum      C:\WINDOWS\system32\wpdbusenum.dll

15:08:04.0162 0x1dec  WPDBusEnum - ok

15:08:04.0170 0x1dec  [ 75A9284F01FE7CB1A7D5EAE5C1EB4F33, 390EF23AEA06D8711555F7979FF8BE0620B53C1A551638C4EC6FB7C6678965B3 ] WpdUpFltr       C:\WINDOWS\system32\drivers\WpdUpFltr.sys

15:08:04.0170 0x1dec  WpdUpFltr - ok

15:08:04.0186 0x1dec  [ 60E2EB3E7B7F15C25E02462159F90707, D8344B529EEC0D4922CAC3E6897CC9F191ACF1376017BE38ED6BF6019F1ED181 ] WpnService      C:\WINDOWS\system32\WpnService.dll

15:08:04.0189 0x1dec  WpnService - ok

15:08:04.0197 0x1dec  [ C7C91FB86A3C6CD7619725A88ED1884C, 132C43C518F37BF303D768BD5FB0AB835F693C43FE693937D804A34E940D770F ] WpnUserService  C:\WINDOWS\System32\WpnUserService.dll

15:08:04.0201 0x1dec  WpnUserService - ok

15:08:04.0233 0x1dec  [ 36D7B73ADC3E10607ED6EC874AFB5D1E, 1737B3E4D2CA76BB27903BF460E4960E6A0BC32D35069AC7C5E4B07F625F3282 ] ws2ifsl         C:\WINDOWS\system32\drivers\ws2ifsl.sys

15:08:04.0233 0x1dec  ws2ifsl - ok

15:08:04.0249 0x1dec  [ 7F03175944FF3843F8B846D46B299A17, E8BCB5BAB7DFD7E0AE205E470A5F537484D7F8B20AFE50404331BFB3A1E5C6A9 ] WsAppService    C:\Program Files (x86)\Wondershare\WAF\2.1.7.1\WsAppService.exe

15:08:04.0257 0x1dec  WsAppService - ok

15:08:04.0269 0x1dec  [ 9A0E0B836413EB0BC885532D2A5389D6, AFEE4A0578D5581E4D72999A33C0DEA6253BD891F611AFF9AFDE4160A60105F3 ] wscsvc          C:\WINDOWS\System32\wscsvc.dll

15:08:04.0273 0x1dec  wscsvc - ok

15:08:04.0282 0x1dec  [ 696EC2EAA2A42A137CCBB9A84D6917C0, 424089F4F373962AF8357C5D4D43F35948989BE3F58EAD3690F565F4C1BBC66F ] WSDPrintDevice  C:\WINDOWS\System32\drivers\WSDPrint.sys

15:08:04.0283 0x1dec  WSDPrintDevice - ok

15:08:04.0307 0x1dec  [ E86317B310640065E382664569E42E3C, BBEC84F9936EA5F3F0E1329AA7AA3E3951BBD2779F76BA962048F0086D6446AD ] WsDrvInst       C:\Program Files (x86)\Wondershare\Dr.Fone for Android\DriverInstall.exe

15:08:04.0311 0x1dec  WsDrvInst - ok

15:08:04.0323 0x1dec  [ 46E4A69825A7554A5DB784A55F8AD203, 7F347054FCDD5DEF93083D420E56EBE5EEBBAE2BD2FED9B2E75E85149DE52780 ] WSDScan         C:\WINDOWS\system32\DRIVERS\WSDScan.sys

15:08:04.0323 0x1dec  WSDScan - ok

15:08:04.0327 0x1dec  WSearch - ok

15:08:04.0479 0x1dec  [ FC02797FC7910AC4F4A1D366D3584171, 868075A94239086D38C946B9B7F33CA53A17AF91BC442C145C39B30DFA62F36F ] wuauserv        C:\WINDOWS\system32\wuaueng.dll

15:08:04.0517 0x1dec  wuauserv - ok

15:08:04.0533 0x1dec  [ AED7FE551E8672B824A56324076183EB, FFE543AAEFDEFFE6B20C244DB141A9425BDA88ED36F4870F0B70FEC433BDF0C1 ] WudfPf          C:\WINDOWS\system32\drivers\WudfPf.sys

15:08:04.0537 0x1dec  WudfPf - ok

15:08:04.0549 0x1dec  [ CEFAB17FD7DFCFA515626C306262E89D, 9D2B728DDD478580987E2DB7AA4DA81D77F3362F536AC1CADED20EB6ECEBB55D ] WUDFRd          C:\WINDOWS\System32\drivers\WUDFRd.sys

15:08:04.0553 0x1dec  WUDFRd - ok

15:08:04.0569 0x1dec  [ 47F6450F28BAA32B2AB0D6BE00996249, C8A47D6ADF89AD613AB685C6224B9099DCEFDCD8ABCF703542AFDC356404116E ] wudfsvc         C:\WINDOWS\System32\WUDFSvc.dll

15:08:04.0577 0x1dec  wudfsvc - ok

15:08:04.0593 0x1dec  [ CEFAB17FD7DFCFA515626C306262E89D, 9D2B728DDD478580987E2DB7AA4DA81D77F3362F536AC1CADED20EB6ECEBB55D ] WUDFWpdFs       C:\WINDOWS\system32\DRIVERS\WUDFRd.sys

15:08:04.0597 0x1dec  WUDFWpdFs - ok

15:08:04.0605 0x1dec  [ CEFAB17FD7DFCFA515626C306262E89D, 9D2B728DDD478580987E2DB7AA4DA81D77F3362F536AC1CADED20EB6ECEBB55D ] WUDFWpdMtp      C:\WINDOWS\system32\DRIVERS\WUDFRd.sys

15:08:04.0613 0x1dec  WUDFWpdMtp - ok

15:08:04.0657 0x1dec  [ D313FF382A26D1295B212A66EE3E52A8, 59FEF2AF611507BCB6FE036A7D4F1595F3449B76F9B055CDC67DC1BE1D90EEB8 ] WwanSvc         C:\WINDOWS\System32\wwansvc.dll

15:08:04.0690 0x1dec  WwanSvc - ok

15:08:04.0737 0x1dec  [ 7EF75102A793AAA6AAA45A4F7C15FF4D, A3FB68905F3E3A7DE52B85FAD966ABCB787FAC7E709964CE9BF2A4F9AC8B0653 ] XblAuthManager  C:\WINDOWS\System32\XblAuthManager.dll

15:08:04.0752 0x1dec  XblAuthManager - ok

15:08:04.0837 0x1dec  [ 765FF96467A26C4C03281ECA426EC2D9, 2526B03C518D72F429C29BA4D4F11707AF277BF71520A1A92238A932950AE161 ] XblGameSave     C:\WINDOWS\System32\XblGameSave.dll

15:08:04.0852 0x1dec  XblGameSave - ok

15:08:04.0890 0x1dec  [ DB77764B46D02DCB9777D9E00A3F7D63, 469491E3A57FBB0CB0482A2493823B57410E24A5BD4C1C96D79FE9888F7827BB ] xboxgip         C:\WINDOWS\System32\drivers\xboxgip.sys

15:08:04.0890 0x1dec  xboxgip - ok

15:08:04.0952 0x1dec  [ 1A8D9EA4DD1A3E276B85EDB05B42BEC7, 23FC10AC29BDF917AEDB3AAF82537EC2C72453E52B41836FD83643054FA4F0BE ] XboxNetApiSvc   C:\WINDOWS\system32\XboxNetApiSvc.dll

15:08:04.0968 0x1dec  XboxNetApiSvc - ok

15:08:04.0984 0x1dec  [ 63088A3361D9A308F328F11E9099DD87, E03FDB932FC57F199C8F8A8EADA338BDF7D2F9C6CB8FAB679A92B48B1E5AFE8A ] xinputhid       C:\WINDOWS\System32\drivers\xinputhid.sys

15:08:04.0986 0x1dec  xinputhid - ok

15:08:05.0085 0x1dec  [ 322600D57876851514AE6DFE705EBF7C, 9AF962D9700B4103935A3A533515F7BA8B3EF66274B8CDE22CDC259A67AB599C ] XperiaCompanionService C:\Program Files\Sony\Xperia Companion\Service\XperiaCompanionService.exe

15:08:05.0105 0x1dec  XperiaCompanionService - ok

15:08:05.0121 0x1dec  ================ Scan global ===============================

15:08:05.0137 0x1dec  [ 0C710DB449712EE13ACE733695DB7780, BBC7875B38D318CE4E88979D083AC72E8993254A466A8A6882DDE9E0C3B687A3 ] C:\WINDOWS\system32\basesrv.dll

15:08:05.0137 0x1dec  [ 0690445DD89A6498945E0FECC1689A45, ED11E144FCEDED7EF8ABEFC0B558312047AA7A2F37BFECEC14D5A44179130F70 ] C:\WINDOWS\system32\winsrv.dll

15:08:05.0152 0x1dec  [ 1EE06E957B0B2CA52D26DA7861E160EF, 4B743A1C7010138F5F6684BBCF7CAD6FD05F49920BDD3FDB776347AA6B44AB94 ] C:\WINDOWS\system32\sxssrv.dll

15:08:05.0168 0x1dec  [ 3C69CC28665854F1AAB4B4005005FA31, 2750F5ECCD448C07E3402AA64EA625D27C6BC1D000A3FFE57C03D62428BB46C4 ] C:\WINDOWS\system32\services.exe

15:08:05.0168 0x1dec  [ Global ] - ok

15:08:05.0168 0x1dec  ================ Scan MBR ==================================

15:08:05.0190 0x1dec  [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk0\DR0

15:08:05.0190 0x1dec  \Device\Harddisk0\DR0 - ok

15:08:05.0190 0x1dec  ================ Scan VBR ==================================

15:08:05.0190 0x1dec  [ E71F2D8CF0502D690C206488E7A7E36C ] \Device\Harddisk0\DR0\Partition1

15:08:05.0190 0x1dec  \Device\Harddisk0\DR0\Partition1 - ok

15:08:05.0205 0x1dec  [ CB21534898B0D78C48F0E8F609EB9CE5 ] \Device\Harddisk0\DR0\Partition2

15:08:05.0205 0x1dec  \Device\Harddisk0\DR0\Partition2 - ok

15:08:05.0205 0x1dec  [ B1E27AA018409DE6BFD73F8AFB883A65 ] \Device\Harddisk0\DR0\Partition3

15:08:05.0205 0x1dec  \Device\Harddisk0\DR0\Partition3 - ok

15:08:05.0205 0x1dec  [ D241D229EF24640C06A4EBADB40457D3 ] \Device\Harddisk0\DR0\Partition4

15:08:05.0221 0x1dec  \Device\Harddisk0\DR0\Partition4 - ok

15:08:05.0237 0x1dec  [ F9EA0D821AE157AAA4B104F2D823257F ] \Device\Harddisk0\DR0\Partition5

15:08:05.0237 0x1dec  \Device\Harddisk0\DR0\Partition5 - ok

15:08:05.0237 0x1dec  [ 7F75793B5E9FF72E81054D1A40F6C975 ] \Device\Harddisk0\DR0\Partition6

15:08:05.0252 0x1dec  \Device\Harddisk0\DR0\Partition6 - ok

15:08:05.0252 0x1dec  ================ Scan generic autorun ======================

15:08:06.0037 0x1dec  [ 9FF986F535FE279E6A34CF37C46D8D1C, 5DE7DB245725760B68D6DD4E55556F100B85114F159183B0C3FA4CFA86A79AFA ] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe

15:08:06.0369 0x1dec  RtHDVCpl - ok

15:08:06.0538 0x1dec  [ DE072A9A683E0CBBA0CFAAA123E60C6F, 0CBD5408276545BA7580B7E2A875B229932BD0D6EE31D69DC4B68CC24A9D5279 ] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe

15:08:06.0591 0x1dec  RtHDVBg_Dolby - ok

15:08:06.0654 0x1dec  [ BE586B5D1D73E1F07ED5AADDEFBCAA47, 68D957EBE01DD369BF4E2D5D07A7EDF9408066E61056A1C4968DBF8CE5841BBE ] C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe

15:08:06.0707 0x1dec  NvBackend - ok

15:08:06.0723 0x1dec  [ A82A40CD01CB8EF464A0D2577DC4DDE6, 1882FF97A210AAE8EDB2A152D8A0CD26959C359631BA5A29CF3456750262142B ] C:\Program Files\Logitech\Gaming Software\LWEMon.exe

15:08:06.0723 0x1dec  Start WingMan Profiler - ok

15:08:06.0786 0x1dec  [ 20C08CA080F650B730B1E3FDEA9AD532, 1D2B0914412378E0B5834A95BDD86F8927B6A8D37F4E044C904CE381F1C19A75 ] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe

15:08:06.0792 0x1dec  AdobeAAMUpdater-1.0 - ok

15:08:06.0823 0x1dec  [ 782A31DB311AAC5F9CB50DDD9228867A, E200DFE8E1F8F8EEA26EDD76A3A3843EFDAE0A2284808D65C9DA6C4F76970E29 ] C:\Program Files\iTunes\iTunesHelper.exe

15:08:06.0823 0x1dec  iTunesHelper - ok

15:08:06.0839 0x1dec  [ C7645D43451C6D94D87F4D07BDE59C89, 495BBA47FC43EE23054FCD419F2F00457162D1C04296900C6AEA551102A810F3 ] C:\Windows\system32\rundll32.exe

15:08:06.0839 0x1dec  Logitech Download Assistant - ok

15:08:06.0839 0x1dec  WindowsDefender - ok

15:08:06.0839 0x1dec  [ 1DF3DCE54EDF5E85D15BA381ED98FAC3, 91CDEC8ADD48A40AB4D4E49B5AF0CEB01AA7A063B6C2103E16038D46C417868F ] C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe

15:08:06.0854 0x1dec  ControlCenter4 - ok

15:08:06.0954 0x1dec  [ 63E9C23A386FFFA84B5E03BFF9B628F0, A370962791EFC4B10548AAD31F89A2B288FBD5BDBF5749323C2D98C14DFB8B49 ] C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe

15:08:07.0023 0x1dec  BrStsMon00 - ok

15:08:07.0108 0x1dec  [ 813F9EA38AEB2AD4D9BD689388DDD93A, 68766E259C0D7F6EAFBF8C24A903C34CE624FF37EBFB8CDBFC1405AC6DA6E8F8 ] C:\Program Files (x86)\Telekom\InternetManager_H\DataCardMonitor.exe

15:08:07.0123 0x1dec  DataCardMonitor - ok

15:08:07.0154 0x1dec  [ 1AA5F0A2E3E65A9F6B35C19A7C9D7762, AB08124D101C4FE8B6D4A6056783D2EAD5C049BE39A3DE772E008CD43E36F443 ] C:\Program Files (x86)\Nikon\Nikon Message Center 2\NkMC2.exe

15:08:07.0170 0x1dec  Nikon Message Center 2 - ok

15:08:07.0440 0x1dec  [ 50E68F8313263B1A12A767341A25663B, FE7785CB59EC46CD625312D3ACC825FF3533C120FB1801AD0F281FD443B0F3BE ] C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe

15:08:07.0493 0x1dec  Adobe Creative Cloud - ok

15:08:07.0536 0x1dec  [ A443A7C05ABF0FCD16E89593F63B633B, 3F579132A39AEC2513CD286AB9A43534DC05F9502FD1A369126236F69EF76282 ] C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

15:08:07.0544 0x1dec  SunJavaUpdateSched - ok

15:08:08.0345 0x1dec  [ 1496120E3867FD75AE5D4EAD6E618E7A, 8D8A2FD43D33A3F7A177783921BB7E50FECBAEF1E09CD42BCDC851375F3294D1 ] C:\Windows\SysWOW64\OneDriveSetup.exe

15:08:08.0599 0x1dec  OneDriveSetup - ok

15:08:08.0893 0x1dec  [ 1496120E3867FD75AE5D4EAD6E618E7A, 8D8A2FD43D33A3F7A177783921BB7E50FECBAEF1E09CD42BCDC851375F3294D1 ] C:\Windows\SysWOW64\OneDriveSetup.exe

15:08:09.0031 0x1dec  OneDriveSetup - ok

15:08:09.0146 0x1dec  [ E9A2968052740D675A0FA9BE01DF861D, 76F27EAF70B6463216169122DF1731ECEA64437F5C9709E90F65603BDC2B541B ] C:\Users\User\AppData\Roaming\Spotify\SpotifyWebHelper.exe

15:08:09.0371 0x1dec  Spotify Web Helper - ok

15:08:09.0379 0x1dec  [ 75F26DE6CFCC49AD02D99BB9922D863B, 8043540932A70E7A316E3F76723087711889A0772A7E94DF03EC8FC368AD1BA6 ] C:\Program Files (x86)\Telekom\InternetManager_H\UpdateDog\ouc.exe

15:08:09.0383 0x1dec  HW_OPENEYE_OUC_Telekom Internet Manager - ok

15:08:09.0778 0x1dec  [ EEEEF3C7728391B14AE64E3B4C27E418, 7D6A99918C1D83CDFB289E1EAAA54A56ECC7FA3294C06F7D77D5E2AE0A0C050F ] C:\Users\User\AppData\Roaming\Spotify\Spotify.exe

15:08:09.0916 0x1dec  Spotify - ok

15:08:10.0078 0x1dec  [ 97BFD4C3591EDD7A9EA1772DBE0202E6, 31DA37709522C8B8DE2784B3AA3C1A8503E92D084E2C695A303D4D09D5FD2C88 ] C:\Windows\system32\spool\DRIVERS\x64\3\E_YATIPEE.EXE

15:08:10.0095 0x1dec  EPLTarget\P0000000000000001 - ok

15:08:10.0116 0x1dec  [ 97BFD4C3591EDD7A9EA1772DBE0202E6, 31DA37709522C8B8DE2784B3AA3C1A8503E92D084E2C695A303D4D09D5FD2C88 ] C:\Windows\system32\spool\DRIVERS\x64\3\E_YATIPEE.EXE

15:08:10.0116 0x1dec  EPLTarget\P0000000000000000 - ok

15:08:10.0178 0x1dec  [ 5F025EBD25CC30866AD7CC3301EFA329, 35ED27A0AB49EA85465F84D0E396F113CE22CD229C25286166C9B1F3222DC6D1 ] C:\Program Files (x86)\Sony\Xperia Companion\XperiaCompanionAgent.exe

15:08:10.0216 0x1dec  XperiaCompanionAgent - ok

15:08:10.0298 0x1dec  [ 5C9960660DC2D5C8A94FFA7A8174A0BA, 0143AC161EA7BC59F6E1FC86948E9CFBC41CB068D6D118BBAB0250789222538A ] C:\Users\User\AppData\Local\Google\Update\1.3.33.5\GoogleUpdateCore.exe

15:08:10.0310 0x1dec  Google Update - ok

15:08:10.0382 0x1dec  [ CD7DC286D2FDFACB965C3E10967B2199, 30FFB133E70D694BE6968E86E999C797EE7349DCC4E9ACFB338412C039374388 ] C:\Users\User\AppData\Local\Microsoft\OneDrive\OneDrive.exe

15:08:10.0408 0x1dec  OneDrive - ok

15:08:10.0418 0x1dec  Skype - ok

15:08:10.0418 0x1dec  Waiting for KSN requests completion. In queue: 274

15:08:11.0437 0x1dec  AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.10.14393.1066 ), 0x61100 ( enabled : updated )

15:08:11.0465 0x1dec  Win FW state via NFP2: enabled ( trusted )

15:08:11.0605 0x1dec  ============================================================

15:08:11.0605 0x1dec  Scan finished

15:08:11.0605 0x1dec  ============================================================

15:08:11.0617 0x250c  Detected object count: 0

15:08:11.0617 0x250c  Actual detected object count: 0

15:09:17.0223 0x09c0  Deinitialize success

M-K-D-B

11.05.2017 14:00

Servus,

Schritt 1
Downloade Dir bitte AdwCleaner auf deinen Desktop.

Schließe alle offenen Programme und Browser.
Starte die adwcleaner.exe mit einem Doppelklick.
Stimme den Nutzungsbedingungen zu.
Klicke auf Werkzeuge > Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
- Image File Execution Options Schlüssel
- "Tracing" Schlüssel
- "Prefetch" Dateien
- Proxy
- Winsock
- Firewall
- Internet Explorer Richtlinien
- Chrome Richtlinien
Bestätige die Auswahl mit Ok.
Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
Klicke nun auf Löschen (auch dann wenn AdwCleaner sagt, dass nichts gefunden wurde) und bestätige auftretende Hinweise mit Ok.
Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Schritt 2
Downloade Dir bitte Malwarebytes Anti-Malware 3

Installiere das Programm in den vorgegebenen Pfad.
Starte Malwarebytes' Anti-Malware (MBAM).
Klicke im Anschluss auf Scan, wähle den Bedrohungs-Scan aus und klicke auf Scan starten.
Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Ausgewählte Elemente in die Quarantäne verschieben.
Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
Starte MBAM nach dem Neustart, klicke auf Berichte.
Wähle den neuesten Scan-Bericht aus, klicke auf Bericht anzeigen und dann auf Export.
Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab.
Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.

Schritt 3

Starte die FRST erneut. Vergewissere dich, dass vor Addition.txt ein Haken gesetzt ist und drücke auf Untersuchen.
FRST erstellt nun zwei Logdateien (FRST.txt und Addition.txt).
Poste mir beide Logdateien mit deiner nächsten Antwort.

Bitte poste mit deiner nächsten Antwort

die Logdatei von AdwCleaner,
die Logdatei von MBAM,
die beiden neuen Logdateien von FRST.

Sabimo

11.05.2017 17:26

AdwCleaner Logfile:

Code:

# AdwCleaner v6.046 - Bericht erstellt am 11/05/2017 um 17:43:38

# Aktualisiert am 24/04/2017 von Malwarebytes

# Datenbank : 2017-05-10.1 [Server]

# Betriebssystem : Windows 10 Home  (X64)

# Benutzername : User - ACER

# Gestartet von : C:\Users\User\Desktop\AdwCleaner_6.046 (2).exe

# Modus: Löschen

# Unterstützung : https://www.malwarebytes.com/support
 
 
 

***** [ Dienste ] *****
 
 
 

***** [ Ordner ] *****
 
 
 

***** [ Dateien ] *****
 
 
 

***** [ DLL ] *****
 
 
 

***** [ WMI ] *****
 
 
 

***** [ Verknüpfungen ] *****
 
 
 

***** [ Aufgabenplanung ] *****
 
 
 

***** [ Registrierungsdatenbank ] *****
 
 
 

***** [ Browser ] *****
 
 
 

*************************
 

:: "Tracing" Schlüssel gelöscht

:: Winsock Einstellungen zurückgesetzt

:: "Image File Execution Options" Schlüssel gelöscht

:: "Prefetch" Dateien gelöscht

:: Firewall Einstellungen zurückgesetzt

:: Internet Explorer Richtlinien gelöscht

:: Chrome Richtlinien gelöscht
 

*************************
 

C:\AdwCleaner\AdwCleaner[C0].txt - [14499 Bytes] - [28/04/2017 22:50:24]

C:\AdwCleaner\AdwCleaner[C2].txt - [1090 Bytes] - [11/05/2017 17:43:38]

C:\AdwCleaner\AdwCleaner[S0].txt - [13485 Bytes] - [28/04/2017 22:48:53]

C:\AdwCleaner\AdwCleaner[S1].txt - [1487 Bytes] - [03/05/2017 13:53:38]

C:\AdwCleaner\AdwCleaner[S2].txt - [1558 Bytes] - [11/05/2017 17:43:17]
 

########## EOF - C:\AdwCleaner\AdwCleaner[C2].txt - [1383 Bytes] ##########

--- --- ---

[/CODE]

Code:



Malwarebytes

www.malwarebytes.com
 

-Protokolldetails-

Scan-Datum: 11.05.17

Scan-Zeit: 18:09

Protokolldatei: mbam.txt

Administrator: Ja
 

-Softwaredaten-

Version: 3.1.2.1733

Komponentenversion: 1.0.122

Version des Aktualisierungspakets: 1.0.1916

Lizenz: Testversion
 

-Systemdaten-

Betriebssystem: Windows 10

CPU: x64

Dateisystem: NTFS

Benutzer: ACER\User
 

-Scan-Übersicht-

Scan-Typ: Bedrohungs-Scan

Ergebnis: Abgeschlossen

Gescannte Objekte: 428446

Erkannte Bedrohungen: 20

In die Quarantäne verschobene Bedrohungen: 20

Abgelaufene Zeit: 8 Min., 37 Sek.
 

-Scan-Optionen-

Speicher: Aktiviert

Start: Aktiviert

Dateisystem: Aktiviert

Archive: Aktiviert

Rootkits: Deaktiviert

Heuristik: Aktiviert

PUP: Aktiviert

PUM: Aktiviert
 

-Scan-Details-

Prozess: 0

(keine bösartigen Elemente erkannt)
 

Modul: 0

(keine bösartigen Elemente erkannt)
 

Registrierungsschlüssel: 4

PUP.Optional.Reimage, HKLM\SOFTWARE\CLASSES\CLSID\{10ECCE17-29B5-4880-A8F5-EAD298611484}, In Quarantäne, [1040], [327205],1.0.1916

PUP.Optional.Reimage, HKLM\SOFTWARE\CLASSES\CLSID\{801B440B-1EE3-49B0-B05D-2AB076D4E8CB}, In Quarantäne, [1040], [327206],1.0.1916

Hijack.AutoConfigURL.PrxySvrRST, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\NLASVC\PARAMETERS\INTERNET\MANUALPROXIES, In Quarantäne, [274], [-1],0.0.0

PUP.Optional.InstallCore, HKU\S-1-5-21-1603712690-2894388539-358268464-1001\SOFTWARE\ICSW1.18, In Quarantäne, [3], [239562],1.0.1916
 

Registrierungswert: 7

Hijack.AutoConfigURL.PrxySvrRST, HKU\S-1-5-21-1603712690-2894388539-358268464-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS|AUTOCONFIGURL, In Quarantäne, [274], [393928],1.0.1916

Hijack.AutoConfigURL.PrxySvrRST, HKU\S-1-5-21-1603712690-2894388539-358268464-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS|AUTOCONFIGURL, In Quarantäne, [274], [-1],0.0.0

Hijack.AutoConfigURL.PrxySvrRST, HKU\S-1-5-18\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS|PROXYENABLE, In Quarantäne, [274], [-1],0.0.0

Hijack.AutoConfigURL.PrxySvrRST, HKU\S-1-5-21-1603712690-2894388539-358268464-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS|PROXYENABLE, In Quarantäne, [274], [-1],0.0.0

Hijack.AutoConfigURL.PrxySvrRST, HKU\S-1-5-21-1603712690-2894388539-358268464-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS|PROXYOVERRIDE, In Quarantäne, [274], [-1],0.0.0

Hijack.AutoConfigURL.PrxySvrRST, HKU\.DEFAULT\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS|PROXYENABLE, In Quarantäne, [274], [-1],0.0.0

Hijack.AutoConfigURL.PrxySvrRST, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\NLASVC\PARAMETERS\INTERNET\MANUALPROXIES|, In Quarantäne, [274], [393926],1.0.1916
 

Registrierungsdaten: 0

(keine bösartigen Elemente erkannt)
 

Daten-Stream: 0

(keine bösartigen Elemente erkannt)
 

Ordner: 0

(keine bösartigen Elemente erkannt)
 

Datei: 9

PUP.Optional.FFHijacker, C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\967020671.CFG, In Quarantäne, [1124], [345408],1.0.1916

Adware.Agent, C:\USERS\USER\APPDATA\LOCAL\TEMP\IS-J84V0.TMP\MYKWTXB4TDM6IL7KCF.DLL, In Quarantäne, [246], [394704],1.0.1916

Adware.Agent, C:\USERS\USER\APPDATA\LOCAL\TEMP\IS-I6TGP.TMP\MYKWTXB4TDM6IL7KCF.DLL, In Quarantäne, [246], [394704],1.0.1916

Adware.Agent, C:\USERS\USER\APPDATA\LOCAL\TEMP\IS-P62RP.TMP\MYKWTXB4TDM6IL7KCF.DLL, In Quarantäne, [246], [394704],1.0.1916

Adware.Agent, C:\USERS\USER\APPDATA\LOCAL\TEMP\IS-O0AND.TMP\MYKWTXB4TDM6IL7KCF.DLL, In Quarantäne, [246], [394704],1.0.1916

Adware.Agent, C:\USERS\USER\APPDATA\LOCAL\TEMP\IS-ENU5G.TMP\MYKWTXB4TDM6IL7KCF.DLL, In Quarantäne, [246], [394704],1.0.1916

Adware.Agent, C:\USERS\USER\APPDATA\LOCAL\TEMP\IS-M0O0Q.TMP\MYKWTXB4TDM6IL7KCF.DLL, In Quarantäne, [246], [394704],1.0.1916

PUP.Optional.Reimage, C:\WINDOWS\TEMP\REIMAGE.LOG, In Quarantäne, [1040], [334717],1.0.1916

PUP.Optional.FFHijacker, C:\PROGRAM FILES (X86)\MOZILLA FIREFOX\DEFAULTS\PREF\967020671.JS, In Quarantäne, [1124], [330892],1.0.1916
 

Physischer Sektor: 0

(keine bösartigen Elemente erkannt)
 
 

(end)

Sabimo

11.05.2017 17:31

FRST

FRST Logfile:

Code:

Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 08-05-2017

durchgeführt von User (Administrator) auf ACER (11-05-2017 18:27:56)

Gestartet von C:\Users\User\Desktop

Geladene Profile: User (Verfügbare Profile: User)

Platform: Windows 10 Home Version 1607 (X64) Sprache: Deutsch (Deutschland)

Internet Explorer Version 11 (Standard-Browser: Chrome)

Start-Modus: Normal

Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
 

==================== Prozesse (Nicht auf der Ausnahmeliste) =================
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
 

(Intel Corporation) C:\Windows\System32\igfxCUIService.exe

(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

() C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe

(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe

(Chip Digital GmbH) C:\Program Files (x86)\Chip Digital GmbH\chip1click\chip 1-click installer.exe

() C:\ProgramData\DatacardService\DCService.exe

(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe

(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe

(Nero AG) C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe

(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe

(Wondershare) C:\Program Files (x86)\Wondershare\WAF\2.1.7.1\WsAppService.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe

(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe

() C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe

(Sony) C:\Program Files\Sony\Xperia Companion\Service\XperiaCompanionService.exe

(Electronic Arts) C:\Program Files (x86)\Origin\OriginWebHelperService.exe

(DEVGURU Co., LTD.) C:\Program Files (x86)\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe

(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe

(Windows (R) Win 7 DDK provider) C:\Windows\System32\AdminService.exe

(Malwarebytes) C:\Users\User\Desktop\Anti-Malware\MBAMService.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe

(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe

(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe

(Intel Corporation) C:\Windows\System32\igfxEM.exe

(Intel Corporation) C:\Windows\System32\igfxHK.exe

() C:\Windows\System32\igfxTray.exe

(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMEvent.exe

(Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\QASvc.exe

(Huawei Technologies Co., Ltd.) C:\ProgramData\DatacardService\DCSHelper.exe

(Dolby Laboratories Inc.) C:\Program Files\Dolby Digital Plus\ddp.exe

() C:\Program Files (x86)\HTC\HTC Sync Manager\HTC Sync\adb.exe

(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMLockHandler.exe

(Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\QAEvent.exe

(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMTray.exe

(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe

(Microsoft Corporation) C:\Windows\System32\Speech_OneCore\Common\SpeechRuntime.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe

(Microsoft Corporation) C:\Windows\System32\smartscreen.exe

(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe

(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe

(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe

() C:\Program Files\Realtek\Audio\HDA\FMAPP.exe

() C:\Program Files\Realtek\Audio\HDA\FMAPP.exe

(Malwarebytes) C:\Users\User\Desktop\Anti-Malware\mbamtray.exe

(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe

(Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\QAMsg.exe

(Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\QuickAccess.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe

(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersServer.exe

(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\ActionUriServer.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Farbar) C:\Users\User\Desktop\FRST64 (1).exe
 

==================== Registry (Nicht auf der Ausnahmeliste) ====================
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
 

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [16152792 2015-07-17] (Realtek Semiconductor)

HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1394392 2015-07-14] (Realtek Semiconductor)

HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2398776 2016-06-15] (NVIDIA Corporation)

HKLM\...\Run: [Start WingMan Profiler] => C:\Program Files\Logitech\Gaming Software\LWEMon.exe [123400 2009-01-21] (Logitech Inc.)

HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508128 2016-01-07] (Adobe Systems Incorporated)

HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [303928 2017-03-22] (Apple Inc.)

HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch

HKLM\...\Run: [WindowsDefender] => C:\Program Files\Windows Defender\MSASCuiL.exe [631808 2017-04-28] (Microsoft Corporation)

HKLM\...\Run: [Malwarebytes TrayApp] => C:\USERS\USER\DESKTOP\ANTI-MALWARE\mbamtray.exe [3146704 2017-05-09] (Malwarebytes)

HKLM-x32\...\Run: [ControlCenter4] => C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe [143360 2012-08-28] (Brother Industries, Ltd.)

HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [3076096 2012-06-06] (Brother Industries, Ltd.)

HKLM-x32\...\Run: [DataCardMonitor] => C:\Program Files (x86)\Telekom\InternetManager_H\DataCardMonitor.exe [253952 2015-04-23] (Huawei Technologies Co., Ltd.)

HKLM-x32\...\Run: [Nikon Message Center 2] => C:\Program Files (x86)\Nikon\Nikon Message Center 2\NkMC2.exe [571392 2011-10-30] (Nikon Corporation)

HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2312896 2016-02-12] (Adobe Systems Incorporated)

HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2017-03-15] (Oracle Corporation)

HKU\S-1-5-21-1603712690-2894388539-358268464-1001\...\Run: [Spotify Web Helper] => C:\Users\User\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1446000 2017-03-30] (Spotify Ltd)

HKU\S-1-5-21-1603712690-2894388539-358268464-1001\...\Run: [HW_OPENEYE_OUC_Telekom Internet Manager] => C:\Program Files (x86)\Telekom\InternetManager_H\UpdateDog\ouc.exe [110592 2009-12-31] (Huawei Technologies Co., Ltd.)

HKU\S-1-5-21-1603712690-2894388539-358268464-1001\...\Run: [Spotify] => C:\Users\User\AppData\Roaming\Spotify\Spotify.exe [7089776 2017-03-30] (Spotify Ltd)

HKU\S-1-5-21-1603712690-2894388539-358268464-1001\...\Run: [EPLTarget\P0000000000000001] => C:\Windows\system32\spool\DRIVERS\x64\3\E_YATIPEE.EXE [417776 2014-11-14] (SEIKO EPSON CORPORATION)

HKU\S-1-5-21-1603712690-2894388539-358268464-1001\...\Run: [EPLTarget\P0000000000000000] => C:\Windows\system32\spool\DRIVERS\x64\3\E_YATIPEE.EXE [417776 2014-11-14] (SEIKO EPSON CORPORATION)

HKU\S-1-5-21-1603712690-2894388539-358268464-1001\...\Run: [XperiaCompanionAgent] => C:\Program Files (x86)\Sony\Xperia Companion\XperiaCompanionAgent.exe [2088832 2016-12-22] (Sony)

HKU\S-1-5-21-1603712690-2894388539-358268464-1001\...\Run: [Google Update] => C:\Users\User\AppData\Local\Google\Update\1.3.33.5\GoogleUpdateCore.exe [601168 2017-05-01] (Google Inc.)

HKU\S-1-5-21-1603712690-2894388539-358268464-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [27545048 2017-03-14] (Skype Technologies S.A.)

ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-01-22] ()

ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-01-22] ()

ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-01-22] ()
 

==================== Internet (Nicht auf der Ausnahmeliste) ====================
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
 

Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

Tcpip\..\Interfaces\{c665f695-f486-4cfb-9e85-aacc2db3a7aa}: [DhcpNameServer] 192.168.178.1

Tcpip\..\Interfaces\{df2ccdb1-2b40-4835-8404-d44a77e8c602}: [DhcpNameServer] 192.168.178.1
 

Internet Explorer:

==================

BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office16\OCHelper.dll [2017-04-11] (Microsoft Corporation)

BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office16\GROOVEEX.DLL [2017-02-22] (Microsoft Corporation)

BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office16\OCHelper.dll [2015-07-31] (Microsoft Corporation)

BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_131\bin\ssv.dll [2017-04-22] (Oracle Corporation)

BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office16\GROOVEEX.DLL [2017-02-22] (Microsoft Corporation)

BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_131\bin\jp2ssv.dll [2017-04-22] (Oracle Corporation)

Handler: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2017-04-11] (Microsoft Corporation)

Handler-x32: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2017-04-11] (Microsoft Corporation)

Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2017-04-11] (Microsoft Corporation)

Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2017-04-11] (Microsoft Corporation)
 

FireFox:

========

FF DefaultProfile: iuq23bh7.default-1493412874328

FF ProfilePath: C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\42q34j6d.default [2017-05-03]

FF Keyword.URL: Mozilla\Firefox\Profiles\42q34j6d.default -> user_pref("keyword.URL","");

FF NewTab: Mozilla\Firefox\Profiles\42q34j6d.default -> user_pref("browser.newtab.url","");

FF ProfilePath: C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\fcmo50m1.default-1493406853502 [2017-04-28]

FF ProfilePath: C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\iuq23bh7.default-1493412874328 [2017-05-02]

FF Homepage: Mozilla\Firefox\Profiles\iuq23bh7.default-1493412874328 -> www.google.de

FF Extension: (Adblock Plus) - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\iuq23bh7.default-1493412874328\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2017-04-28]

FF HKLM-x32\...\Firefox\Extensions: [ff-bmboc@bytemobile.com] - C:\Program Files\T-Mobile\InternetManager_H\OCx64\addon => nicht gefunden

FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_25_0_0_127.dll [2017-03-15] ()

FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50906.0\npctrl.dll [2017-03-09] ( Microsoft Corporation)

FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation)

FF Plugin: @videolan.org/vlc,version=2.2.0 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-02-27] (VideoLAN)

FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2016-02-12] (Adobe Systems)

FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWoW64\Macromed\Flash\NPSWF32_25_0_0_127.dll [2017-03-15] ()

FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-04-21] (Intel Corporation)

FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.68 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-04-21] (Intel Corporation)

FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2015-04-21] (Intel Corporation)

FF Plugin-x32: @java.com/DTPlugin,version=11.131.2 -> C:\Program Files (x86)\Java\jre1.8.0_131\bin\dtplugin\npDeployJava1.dll [2017-04-22] (Oracle Corporation)

FF Plugin-x32: @java.com/JavaPlugin,version=11.131.2 -> C:\Program Files (x86)\Java\jre1.8.0_131\bin\plugin2\npjp2.dll [2017-04-22] (Oracle Corporation)

FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2016-11-15] (Microsoft Corporation)

FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50906.0\npctrl.dll [2017-03-09] ( Microsoft Corporation)

FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll [2010-04-26] (Microsoft Corp.)

FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation)

FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)

FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-28] (Google Inc.)

FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-28] (Google Inc.)

FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2016-12-17] (Adobe Systems Inc.)

FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2016-02-12] (Adobe Systems)

FF Plugin HKU\S-1-5-21-1603712690-2894388539-358268464-1001: @talk.google.com/GoogleTalkPlugin -> C:\Users\User\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll [2015-12-08] (Google)

FF Plugin HKU\S-1-5-21-1603712690-2894388539-358268464-1001: @talk.google.com/O1DPlugin -> C:\Users\User\AppData\Roaming\Mozilla\plugins\npo1d.dll [2015-12-08] (Google)

FF Plugin HKU\S-1-5-21-1603712690-2894388539-358268464-1001: @tools.google.com/Google Update;version=3 -> C:\Users\User\AppData\Local\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-05-01] (Google Inc.)

FF Plugin HKU\S-1-5-21-1603712690-2894388539-358268464-1001: @tools.google.com/Google Update;version=9 -> C:\Users\User\AppData\Local\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-05-01] (Google Inc.)

FF Plugin HKU\S-1-5-21-1603712690-2894388539-358268464-1001: sony.com/MediaGoDetector -> C:\Program Files (x86)\Sony\Media Go\npMediaGoDetector.dll [2015-11-20] (Sony Network Entertainment International LLC)

FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2016-11-15] (Microsoft Corporation)

FF Plugin ProgramFiles/Appdata: C:\Users\User\AppData\Roaming\mozilla\plugins\npgoogletalk.dll [2015-12-08] (Google)

FF Plugin ProgramFiles/Appdata: C:\Users\User\AppData\Roaming\mozilla\plugins\npo1d.dll [2015-12-08] (Google)
 

Chrome: 

=======

CHR DefaultProfile: Default

CHR HomePage: Default -> hxxps://www.google.de/

CHR StartupUrls: Default -> "hxxps://www.google.de/"

CHR Profile: C:\Users\User\AppData\Local\Google\Chrome\User Data\Default [2017-05-11]

CHR Extension: (Google Docs) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-01-15]

CHR Extension: (Google Drive) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-01-15]

CHR Extension: (YouTube) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-01-15]

CHR Extension: (Google-Suche) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2017-01-15]

CHR Extension: (Google Docs Offline) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-01-15]

CHR Extension: (AdBlock) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2017-05-02]

CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-05-02]

CHR Extension: (Google Mail) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-01-15]

CHR Extension: (Chrome Media Router) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-05-02]

CHR HKLM-x32\...\Chrome\Extension: [ihenkjeihefokohmemphikjnjbmegdik] - "C:\Program Files (x86)\Sony\Media Go\MediaGoDetector.crx" <nicht gefunden>
 

==================== Dienste (Nicht auf der Ausnahmeliste) ====================
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
 

R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [693440 2016-01-28] (Adobe Systems Incorporated)

R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2227312 2017-02-27] (Adobe Systems, Incorporated)

R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2017-03-17] (Apple Inc.)

R2 AtherosSvc; C:\WINDOWS\system32\AdminService.exe [355760 2016-06-26] (Windows (R) Win 7 DDK provider)

S3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [266240 2012-06-05] (Brother Industries, Ltd.) [Datei ist nicht signiert]

R2 chip1click; C:\Program Files (x86)\Chip Digital GmbH\chip1click\chip 1-click installer.exe [91136 2016-10-27] (Chip Digital GmbH) [Datei ist nicht signiert]

R2 DCService.exe; C:\ProgramData\DatacardService\DCService.exe [229376 2010-08-19] () [Datei ist nicht signiert]

R2 HTCMonitorService; C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe [87368 2014-06-27] (Nero AG)

S2 ibtsiva; C:\Program Files (x86)\Intel\Bluetooth\utilities\ibtsiva.exe [165104 2015-06-30] (Intel Corporation)

R2 igfxCUIService2.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [373720 2016-12-19] (Intel Corporation)

S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [881152 2015-05-22] (Intel(R) Corporation)

S3 Intel(R) Security Assist; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe [335872 2015-05-19] (Intel Corporation) [Datei ist nicht signiert]

R2 isaHelperSvc; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe [7680 2015-05-19] () [Datei ist nicht signiert]

R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [223008 2015-07-06] (Intel Corporation)

R2 LMSvc; C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe [455912 2014-12-30] (Acer Incorporate)

R2 MBAMService; C:\Users\User\Desktop\Anti-Malware\mbamservice.exe [4470736 2017-05-09] (Malwarebytes)

R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [458176 2016-12-29] (NVIDIA Corporation)

R3 NvStreamNetworkSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [3634232 2016-06-15] (NVIDIA Corporation)

R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [2522680 2016-06-15] (NVIDIA Corporation)

S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2121736 2017-01-31] (Electronic Arts)

R2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [2183696 2017-01-31] (Electronic Arts)

R2 PassThru Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [166912 2013-10-17] () [Datei ist nicht signiert]

R3 QASvc; C:\Program Files\Acer\Acer Quick Access\QASvc.exe [457960 2014-03-21] (Acer Incorporate)

R2 ss_conn_service; C:\Program Files (x86)\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe [743688 2015-05-21] (DEVGURU Co., LTD.)

R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [6889232 2015-12-14] (TeamViewer GmbH)

R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347320 2017-04-28] (Microsoft Corporation)

R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103712 2017-04-28] (Microsoft Corporation)

R2 WsAppService; C:\Program Files (x86)\Wondershare\WAF\2.1.7.1\WsAppService.exe [404480 2016-02-17] (Wondershare) [Datei ist nicht signiert]

S3 WsDrvInst; C:\Program Files (x86)\Wondershare\Dr.Fone for Android\DriverInstall.exe [115856 2016-04-14] (Wondershare)

R2 XperiaCompanionService; C:\Program Files\Sony\Xperia Companion\Service\XperiaCompanionService.exe [2205568 2016-12-22] (Sony)
 

===================== Treiber (Nicht auf der Ausnahmeliste) ======================
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
 

S0 BMLoad; C:\WINDOWS\System32\drivers\BMLoad.sys [16512 2009-12-15] (Bytemobile, Inc.) [Datei ist nicht signiert]

R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [77440 2017-05-09] ()

S3 ggsomc; C:\WINDOWS\System32\drivers\ggsomc.sys [30424 2016-05-29] (Sony Mobile Communications)

S3 HtcVCom32; C:\WINDOWS\system32\DRIVERS\HtcVComV64.sys [121800 2010-03-08] (QUALCOMM Incorporated)

S3 hwusbdev; C:\WINDOWS\system32\DRIVERS\ewusbdev.sys [114304 2009-10-12] (Huawei Technologies Co., Ltd.)

R3 LMDriver; C:\WINDOWS\System32\drivers\LMDriver.sys [21360 2013-07-17] (Acer Incorporated)

R2 MBAMChameleon; C:\WINDOWS\system32\drivers\MBAMChameleon.sys [187320 2017-05-11] (Malwarebytes)

R3 MBAMFarflt; C:\WINDOWS\system32\drivers\farflt.sys [113592 2017-05-11] (Malwarebytes)

R3 MBAMProtection; C:\WINDOWS\system32\drivers\mbam.sys [43968 2017-05-11] (Malwarebytes)

R0 MBAMSwissArmy; C:\WINDOWS\System32\drivers\MBAMSwissArmy.sys [251832 2017-05-11] (Malwarebytes)

R3 MBAMWebProtection; C:\WINDOWS\system32\drivers\mwac.sys [93624 2017-05-11] (Malwarebytes)

S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()

R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nvacwu.inf_amd64_31f4ef4821269ebb\nvlddmkm.sys [14190520 2017-01-17] (NVIDIA Corporation)

R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [28216 2016-06-15] (NVIDIA Corporation)

R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [56384 2016-04-14] (NVIDIA Corporation)

R3 Qcamain10x64; C:\WINDOWS\System32\drivers\Qcamain10x64.sys [2336768 2016-07-16] (Qualcomm Atheros, Inc.)

R3 RadioShim; C:\WINDOWS\System32\drivers\RadioShim.sys [14680 2013-07-17] (Acer Incorporated)

R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [589824 2016-07-16] (Realtek                                            )

R3 RTSUER; C:\WINDOWS\system32\Drivers\RtsUer.sys [416472 2016-05-17] (Realsil Semiconductor Corporation)

R3 SynRMIHID; C:\WINDOWS\system32\DRIVERS\SynRMIHID.sys [56520 2015-06-08] (Synaptics Incorporated)

R1 tcpipBM; C:\Windows\system32\drivers\tcpipBM.sys [39552 2009-12-15] (Bytemobile, Inc.) [Datei ist nicht signiert]

S0 WdBoot; C:\WINDOWS\System32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)

R0 WdFilter; C:\WINDOWS\System32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)

R3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)
 

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
 
 

==================== Ein Monat: Erstellte Dateien und Ordner ========
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
 

2017-05-11 18:27 - 2017-05-11 18:28 - 00026510 _____ C:\Users\User\Desktop\FRST.txt

2017-05-11 18:25 - 2017-05-11 18:25 - 00004089 _____ C:\Users\User\Desktop\mbam.txt

2017-05-11 18:07 - 2017-05-11 18:19 - 00251832 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys

2017-05-11 18:07 - 2017-05-11 18:19 - 00113592 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys

2017-05-11 18:07 - 2017-05-11 18:19 - 00093624 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys

2017-05-11 18:07 - 2017-05-11 18:19 - 00043968 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys

2017-05-11 18:07 - 2017-05-11 18:07 - 00187320 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMChameleon.sys

2017-05-11 18:07 - 2017-05-11 18:07 - 00000000 ____D C:\Users\User\Desktop\Anti-Malware

2017-05-11 18:07 - 2017-05-11 18:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes

2017-05-11 18:07 - 2017-05-11 18:07 - 00000000 ____D C:\ProgramData\Malwarebytes

2017-05-11 18:07 - 2017-05-09 16:37 - 00077440 _____ C:\WINDOWS\system32\Drivers\mbae64.sys

2017-05-11 18:05 - 2017-05-11 18:05 - 63035592 _____ (Malwarebytes ) C:\Users\User\Desktop\mb3-setup-consumer-3.1.2.1733.exe

2017-05-11 17:39 - 2017-05-11 17:35 - 04102600 _____ C:\Users\User\Desktop\AdwCleaner_6.046 (2).exe

2017-05-10 19:50 - 2017-04-28 03:28 - 00965472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReAgent.dll

2017-05-10 19:50 - 2017-04-28 02:59 - 00601712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll

2017-05-10 19:50 - 2017-04-28 02:56 - 02048488 _____ C:\WINDOWS\SysWOW64\CoreUIComponents.dll

2017-05-10 19:50 - 2017-04-28 02:55 - 00088416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\scmbus.sys

2017-05-10 19:50 - 2017-04-28 02:53 - 00616048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kernel32.dll

2017-05-10 19:50 - 2017-04-28 02:48 - 00263472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Storage.ApplicationData.dll

2017-05-10 19:50 - 2017-04-28 02:46 - 05722320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll

2017-05-10 19:50 - 2017-04-28 02:46 - 01504056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll

2017-05-10 19:50 - 2017-04-28 02:46 - 01431232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll

2017-05-10 19:50 - 2017-04-28 02:45 - 02263832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll

2017-05-10 19:50 - 2017-04-28 02:45 - 00975744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll

2017-05-10 19:50 - 2017-04-28 02:45 - 00861024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll

2017-05-10 19:50 - 2017-04-28 02:45 - 00781144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe

2017-05-10 19:50 - 2017-04-28 02:45 - 00493920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe

2017-05-10 19:50 - 2017-04-28 02:45 - 00116576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudExperienceHostCommon.dll

2017-05-10 19:50 - 2017-04-28 02:43 - 02168288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll

2017-05-10 19:50 - 2017-04-28 02:43 - 01980768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll

2017-05-10 19:50 - 2017-04-28 02:43 - 01557224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\crypt32.dll

2017-05-10 19:50 - 2017-04-28 02:43 - 00846560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll

2017-05-10 19:50 - 2017-04-28 02:42 - 00601952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupEngine.dll

2017-05-10 19:50 - 2017-04-28 02:41 - 00361104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsmf.dll

2017-05-10 19:50 - 2017-04-28 02:40 - 06665952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll

2017-05-10 19:50 - 2017-04-28 02:40 - 04023008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll

2017-05-10 19:50 - 2017-04-28 02:40 - 01851696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll

2017-05-10 19:50 - 2017-04-28 02:40 - 01360456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetsrc.dll

2017-05-10 19:50 - 2017-04-28 02:40 - 01277856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll

2017-05-10 19:50 - 2017-04-28 02:40 - 01202936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll

2017-05-10 19:50 - 2017-04-28 02:40 - 00981888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetcore.dll

2017-05-10 19:50 - 2017-04-28 02:40 - 00352760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MMDevAPI.dll

2017-05-10 19:50 - 2017-04-28 02:39 - 20967840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll

2017-05-10 19:50 - 2017-04-28 02:39 - 04312248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe

2017-05-10 19:50 - 2017-04-28 02:39 - 00962760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll

2017-05-10 19:50 - 2017-04-28 02:39 - 00715104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys

2017-05-10 19:50 - 2017-04-28 02:38 - 00557408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys

2017-05-10 19:50 - 2017-04-28 02:35 - 01414208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll

2017-05-10 19:50 - 2017-04-28 02:35 - 00276832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\input.dll

2017-05-10 19:50 - 2017-04-28 02:29 - 05685760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll

2017-05-10 19:50 - 2017-04-28 02:23 - 01631232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Resources.dll

2017-05-10 19:50 - 2017-04-28 02:23 - 00095232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTimeUtil.dll

2017-05-10 19:50 - 2017-04-28 02:22 - 00165376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReInfo.dll

2017-05-10 19:50 - 2017-04-28 02:22 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\odbcconf.dll

2017-05-10 19:50 - 2017-04-28 02:21 - 00224256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExSMime.dll

2017-05-10 19:50 - 2017-04-28 02:21 - 00027648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BthTelemetry.dll

2017-05-10 19:50 - 2017-04-28 02:20 - 00141824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Radios.dll

2017-05-10 19:50 - 2017-04-28 02:20 - 00044032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\virtdisk.dll

2017-05-10 19:50 - 2017-04-28 02:19 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDeviceRegistration.dll

2017-05-10 19:50 - 2017-04-28 02:19 - 00138240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DisplayManager.dll

2017-05-10 19:50 - 2017-04-28 02:18 - 00450560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastls.dll

2017-05-10 19:50 - 2017-04-28 02:18 - 00285184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.BlockedShutdown.dll

2017-05-10 19:50 - 2017-04-28 02:18 - 00255488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\unimdm.tsp

2017-05-10 19:50 - 2017-04-28 02:17 - 00328192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll

2017-05-10 19:50 - 2017-04-28 02:17 - 00142336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.WiFi.dll

2017-05-10 19:50 - 2017-04-28 02:17 - 00136192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinRtTracing.dll

2017-05-10 19:50 - 2017-04-28 02:17 - 00095232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BluetoothApis.dll

2017-05-10 19:50 - 2017-04-28 02:17 - 00094208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryClient.dll

2017-05-10 19:50 - 2017-04-28 02:16 - 00392192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Gaming.Input.dll

2017-05-10 19:50 - 2017-04-28 02:16 - 00374784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.LowLevel.dll

2017-05-10 19:50 - 2017-04-28 02:16 - 00315904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Gaming.XboxLive.Storage.dll

2017-05-10 19:50 - 2017-04-28 02:16 - 00231936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.LockScreen.dll

2017-05-10 19:50 - 2017-04-28 02:16 - 00203776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\credprovhost.dll

2017-05-10 19:50 - 2017-04-28 02:16 - 00184320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserMgrProxy.dll

2017-05-10 19:50 - 2017-04-28 02:16 - 00180224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe

2017-05-10 19:50 - 2017-04-28 02:16 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppointmentActivation.dll

2017-05-10 19:50 - 2017-04-28 02:16 - 00113152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Lights.dll

2017-05-10 19:50 - 2017-04-28 02:15 - 00557568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll

2017-05-10 19:50 - 2017-04-28 02:15 - 00404992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dsreg.dll

2017-05-10 19:50 - 2017-04-28 02:15 - 00334848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastlsext.dll

2017-05-10 19:50 - 2017-04-28 02:15 - 00237568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SyncSettings.dll

2017-05-10 19:50 - 2017-04-28 02:15 - 00206336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bthprops.cpl

2017-05-10 19:50 - 2017-04-28 02:15 - 00117760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AuthBroker.dll

2017-05-10 19:50 - 2017-04-28 02:15 - 00115712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Core.dll

2017-05-10 19:50 - 2017-04-28 02:14 - 00670208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.PointOfService.dll

2017-05-10 19:50 - 2017-04-28 02:14 - 00483840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.AllJoyn.dll

2017-05-10 19:50 - 2017-04-28 02:14 - 00223232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgentUserBroker.exe

2017-05-10 19:50 - 2017-04-28 02:13 - 13873664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll

2017-05-10 19:50 - 2017-04-28 02:13 - 01755136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DeviceFlows.DataModel.dll

2017-05-10 19:50 - 2017-04-28 02:13 - 01243136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.FaceAnalysis.dll

2017-05-10 19:50 - 2017-04-28 02:13 - 00562176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.SmartCards.dll

2017-05-10 19:50 - 2017-04-28 02:13 - 00506880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DevicePairing.dll

2017-05-10 19:50 - 2017-04-28 02:13 - 00426496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Wallet.dll

2017-05-10 19:50 - 2017-04-28 02:13 - 00386048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.WiFiDirect.dll

2017-05-10 19:50 - 2017-04-28 02:13 - 00332288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Bluetooth.dll

2017-05-10 19:50 - 2017-04-28 02:13 - 00325120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleacc.dll

2017-05-10 19:50 - 2017-04-28 02:13 - 00298496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll

2017-05-10 19:50 - 2017-04-28 02:13 - 00271360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\deviceaccess.dll

2017-05-10 19:50 - 2017-04-28 02:13 - 00218624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WwaApi.dll

2017-05-10 19:50 - 2017-04-28 02:13 - 00206336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vaultcli.dll

2017-05-10 19:50 - 2017-04-28 02:13 - 00202752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.HumanInterfaceDevice.dll

2017-05-10 19:50 - 2017-04-28 02:13 - 00185856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Identity.Provider.dll

2017-05-10 19:50 - 2017-04-28 02:13 - 00175616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Scanners.dll

2017-05-10 19:50 - 2017-04-28 02:13 - 00125952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apprepapi.dll

2017-05-10 19:50 - 2017-04-28 02:13 - 00114176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\setupugc.exe

2017-05-10 19:50 - 2017-04-28 02:12 - 00498688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mbsmsapi.dll

2017-05-10 19:50 - 2017-04-28 02:12 - 00431616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\efswrt.dll

2017-05-10 19:50 - 2017-04-28 02:12 - 00284672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apprepsync.dll

2017-05-10 19:50 - 2017-04-28 02:12 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Picker.dll

2017-05-10 19:50 - 2017-04-28 02:11 - 00747520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Ocr.dll

2017-05-10 19:50 - 2017-04-28 02:11 - 00075776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\updatepolicy.dll

2017-05-10 19:50 - 2017-04-28 02:10 - 00857600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EmailApis.dll

2017-05-10 19:50 - 2017-04-28 02:10 - 00819200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppContracts.dll

2017-05-10 19:50 - 2017-04-28 02:10 - 00816640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NaturalLanguage6.dll

2017-05-10 19:50 - 2017-04-28 02:10 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mprddm.dll

2017-05-10 19:50 - 2017-04-28 02:10 - 00314368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Usb.dll

2017-05-10 19:50 - 2017-04-28 02:10 - 00284672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.dll

2017-05-10 19:50 - 2017-04-28 02:10 - 00238080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AboveLockAppHost.dll

2017-05-10 19:50 - 2017-04-28 02:09 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll

2017-05-10 19:50 - 2017-04-28 02:09 - 00525824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintDialogs.dll

2017-05-10 19:50 - 2017-04-28 02:09 - 00509440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll

2017-05-10 19:50 - 2017-04-28 02:09 - 00368128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\puiobj.dll

2017-05-10 19:50 - 2017-04-28 02:09 - 00352256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Enumeration.dll

2017-05-10 19:50 - 2017-04-28 02:08 - 07626752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll

2017-05-10 19:50 - 2017-04-28 02:08 - 01534464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.Printing.3D.dll

2017-05-10 19:50 - 2017-04-28 02:08 - 01228288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usercpl.dll

2017-05-10 19:50 - 2017-04-28 02:08 - 00653312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.AccountsControl.dll

2017-05-10 19:50 - 2017-04-28 02:08 - 00288256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CryptoWinRT.dll

2017-05-10 19:50 - 2017-04-28 02:07 - 03689984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll

2017-05-10 19:50 - 2017-04-28 02:07 - 00525312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LogonController.dll

2017-05-10 19:50 - 2017-04-28 02:07 - 00256512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\thumbcache.dll

2017-05-10 19:50 - 2017-04-28 02:06 - 04614656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll

2017-05-10 19:50 - 2017-04-28 02:06 - 02333184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmSvc.dll

2017-05-10 19:50 - 2017-04-28 02:06 - 00901120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Bluetooth.dll

2017-05-10 19:50 - 2017-04-28 02:06 - 00675840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.dll

2017-05-10 19:50 - 2017-04-28 02:05 - 03733504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_47.dll

2017-05-10 19:50 - 2017-04-28 02:05 - 00886272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll

2017-05-10 19:50 - 2017-04-28 02:05 - 00709120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CPFilters.dll

2017-05-10 19:50 - 2017-04-28 02:05 - 00589312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Sensors.dll

2017-05-10 19:50 - 2017-04-28 02:04 - 01323008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_fs.dll

2017-05-10 19:50 - 2017-04-28 02:03 - 01137152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_health.dll

2017-05-10 19:50 - 2017-04-28 02:03 - 01077760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Editing.dll

2017-05-10 19:50 - 2017-04-28 02:03 - 00355328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RTMediaFrame.dll

2017-05-10 19:50 - 2017-04-28 02:03 - 00318464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LocationApi.dll

2017-05-10 19:50 - 2017-04-28 02:03 - 00291328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\adsnt.dll

2017-05-10 19:50 - 2017-04-28 02:03 - 00134656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Energy.dll

2017-05-10 19:50 - 2017-04-28 02:02 - 03307008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll

2017-05-10 19:50 - 2017-04-28 02:01 - 00795648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MiracastReceiver.dll

2017-05-10 19:50 - 2017-04-28 02:01 - 00713216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpnapps.dll

2017-05-10 19:50 - 2017-04-28 02:01 - 00343040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToDevice.dll

2017-05-10 19:50 - 2017-04-28 02:01 - 00295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\unimdm.tsp

2017-05-10 19:50 - 2017-04-28 02:01 - 00248832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dlnashext.dll

2017-05-10 19:50 - 2017-04-28 02:01 - 00141312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dialclient.dll

2017-05-10 19:50 - 2017-04-28 02:00 - 02749440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mispace.dll

2017-05-10 19:50 - 2017-04-28 02:00 - 01255936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll

2017-05-10 19:50 - 2017-04-28 02:00 - 00249856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BthLEEnum.sys

2017-05-10 19:50 - 2017-04-28 01:59 - 02154496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\storagewmi.dll

2017-05-10 19:50 - 2017-04-28 01:59 - 00895488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Streaming.dll

2017-05-10 19:50 - 2017-04-28 01:59 - 00220672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToReceiver.dll

2017-05-10 19:50 - 2017-04-28 01:58 - 07468544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll

2017-05-10 19:50 - 2017-04-28 01:58 - 00546304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\uReFS.dll

2017-05-10 19:50 - 2017-04-28 01:58 - 00433664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\imapi2.dll

2017-05-10 19:50 - 2017-04-28 01:58 - 00134144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ErrorDetails.dll

2017-05-10 19:50 - 2017-04-28 01:58 - 00090624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll

2017-05-10 19:50 - 2017-04-28 01:57 - 01247232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Globalization.dll

2017-05-10 19:50 - 2017-04-28 01:57 - 01221120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Audio.dll

2017-05-10 19:50 - 2017-04-28 01:57 - 00719872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_sr.dll

2017-05-10 19:50 - 2017-04-28 01:57 - 00641024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MCRecvSrc.dll

2017-05-10 19:50 - 2017-04-28 01:57 - 00089600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CameraCaptureUI.dll

2017-05-10 19:50 - 2017-04-28 01:56 - 00400384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToManager.dll

2017-05-10 19:50 - 2017-04-28 01:56 - 00357376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Geolocation.dll

2017-05-10 19:50 - 2017-04-28 01:56 - 00333312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsApi.dll

2017-05-10 19:50 - 2017-04-28 01:56 - 00103936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Devices.dll

2017-05-10 19:50 - 2017-04-28 01:55 - 01993216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll

2017-05-10 19:50 - 2017-04-28 01:55 - 01987584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll

2017-05-10 19:50 - 2017-04-28 01:55 - 01656320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Perception.dll

2017-05-10 19:50 - 2017-04-28 01:55 - 01413632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OpcServices.dll

2017-05-10 19:50 - 2017-04-28 01:55 - 01232384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Maps.dll

2017-05-10 19:50 - 2017-04-28 01:55 - 01170944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Speech.dll

2017-05-10 19:50 - 2017-04-28 01:55 - 01004544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Input.Inking.dll

2017-05-10 19:50 - 2017-04-28 01:54 - 02747904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpcore.dll

2017-05-10 19:50 - 2017-04-28 01:54 - 02646528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CertEnroll.dll

2017-05-10 19:50 - 2017-04-28 01:54 - 02483200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll

2017-05-10 19:50 - 2017-04-28 01:54 - 01883648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll

2017-05-10 19:50 - 2017-04-28 01:54 - 01013248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.Http.dll

2017-05-10 19:50 - 2017-04-28 01:54 - 00967680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys

2017-05-10 19:50 - 2017-04-28 01:54 - 00654336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MbaeApiPublic.dll

2017-05-10 19:50 - 2017-04-28 01:54 - 00598528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.dll

2017-05-10 19:50 - 2017-04-28 01:54 - 00566784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ShareHost.dll

2017-05-10 19:50 - 2017-04-28 01:54 - 00348160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Midi.dll

2017-05-10 19:50 - 2017-04-28 01:53 - 01170944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Phone.dll

2017-05-10 19:50 - 2017-04-28 01:53 - 00798208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll

2017-05-10 19:50 - 2017-04-28 01:53 - 00751104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.BackgroundTransfer.dll

2017-05-10 19:50 - 2017-04-28 01:53 - 00621056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll

2017-05-10 19:50 - 2017-04-28 01:52 - 03106304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstsc.exe

2017-05-10 19:50 - 2017-04-28 01:52 - 02994176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys

2017-05-10 19:50 - 2017-04-28 01:52 - 02008576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll

2017-05-10 19:50 - 2017-04-28 01:52 - 01600000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll

2017-05-10 19:50 - 2017-04-28 01:50 - 00783360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TSWorkspace.dll

2017-05-10 19:50 - 2017-04-28 01:39 - 04596224 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsrchvw.exe

2017-05-10 19:50 - 2017-04-28 01:30 - 00483840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll

2017-05-10 19:50 - 2017-03-04 09:57 - 00484584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll

2017-05-10 19:50 - 2017-03-04 08:23 - 00299520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataAccountApis.dll

2017-05-10 19:50 - 2017-03-04 08:22 - 00265728 _____ C:\WINDOWS\SysWOW64\Windows.Perception.Stub.dll

2017-05-10 19:50 - 2017-03-04 08:17 - 00529920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StructuredQuery.dll

2017-05-10 19:50 - 2017-03-04 08:16 - 00500224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.Printing.dll

2017-05-10 19:50 - 2017-03-04 08:05 - 03520512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xpsrchvw.exe

2017-05-10 19:50 - 2017-03-04 08:01 - 00827904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll

2017-05-10 19:50 - 2017-03-04 08:00 - 00691200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll

2017-05-10 19:49 - 2017-04-28 02:58 - 01706488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll

2017-05-10 19:49 - 2017-04-28 02:57 - 00794928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Shell.Broker.dll

2017-05-10 19:49 - 2017-04-28 02:53 - 07784288 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe

2017-05-10 19:49 - 2017-04-28 02:53 - 02213760 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll

2017-05-10 19:49 - 2017-04-28 02:53 - 00774224 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll

2017-05-10 19:49 - 2017-04-28 02:49 - 02681200 _____ C:\WINDOWS\system32\CoreUIComponents.dll

2017-05-10 19:49 - 2017-04-28 02:42 - 00328008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Storage.ApplicationData.dll

2017-05-10 19:49 - 2017-04-28 02:40 - 07220184 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll

2017-05-10 19:49 - 2017-04-28 02:40 - 02759704 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll

2017-05-10 19:49 - 2017-04-28 02:40 - 02187104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys

2017-05-10 19:49 - 2017-04-28 02:40 - 01860288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll

2017-05-10 19:49 - 2017-04-28 02:40 - 01738560 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll

2017-05-10 19:49 - 2017-04-28 02:40 - 01157000 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll

2017-05-10 19:49 - 2017-04-28 02:40 - 00857440 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe

2017-05-10 19:49 - 2017-04-28 02:40 - 00402784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys

2017-05-10 19:49 - 2017-04-28 02:38 - 00847200 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupEngine.dll

2017-05-10 19:49 - 2017-04-28 02:36 - 00408600 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsmf.dll

2017-05-10 19:49 - 2017-04-28 02:36 - 00092512 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll

2017-05-10 19:49 - 2017-04-28 02:35 - 08170600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll

2017-05-10 19:49 - 2017-04-28 02:35 - 04260576 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll

2017-05-10 19:49 - 2017-04-28 02:35 - 01988048 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll

2017-05-10 19:49 - 2017-04-28 02:35 - 01702392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll

2017-05-10 19:49 - 2017-04-28 02:35 - 01302136 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll

2017-05-10 19:49 - 2017-04-28 02:35 - 00596040 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll

2017-05-10 19:49 - 2017-04-28 02:34 - 22220856 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll

2017-05-10 19:49 - 2017-04-28 02:34 - 01277824 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll

2017-05-10 19:49 - 2017-04-28 02:34 - 01072248 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetcore.dll

2017-05-10 19:49 - 2017-04-28 02:34 - 00443232 _____ (Microsoft Corporation) C:\WINDOWS\system32\MMDevAPI.dll

2017-05-10 19:49 - 2017-04-28 02:34 - 00244824 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll

2017-05-10 19:49 - 2017-04-28 02:28 - 00453536 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe

2017-05-10 19:49 - 2017-04-28 02:28 - 00387864 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpps.dll

2017-05-10 19:49 - 2017-04-28 02:19 - 00081408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll

2017-05-10 19:49 - 2017-04-28 02:14 - 00270336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll

2017-05-10 19:49 - 2017-04-28 02:11 - 00846336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WebcamUi.dll

2017-05-10 19:49 - 2017-04-28 02:11 - 00340480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll

2017-05-10 19:49 - 2017-04-28 02:08 - 18365440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll

2017-05-10 19:49 - 2017-04-28 02:07 - 00372736 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXTaskFactory.dll

2017-05-10 19:49 - 2017-04-28 02:06 - 22569472 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll

2017-05-10 19:49 - 2017-04-28 02:06 - 00691712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll

2017-05-10 19:49 - 2017-04-28 02:05 - 19414016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll

2017-05-10 19:49 - 2017-04-28 02:04 - 00119808 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTimeUtil.dll

2017-05-10 19:49 - 2017-04-28 02:03 - 00081408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\raspppoe.sys

2017-05-10 19:49 - 2017-04-28 02:03 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\odbcconf.dll

2017-05-10 19:49 - 2017-04-28 02:02 - 00123904 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll

2017-05-10 19:49 - 2017-04-28 02:02 - 00115200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bridge.sys

2017-05-10 19:49 - 2017-04-28 02:02 - 00040448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vwifimp.sys

2017-05-10 19:49 - 2017-04-28 02:01 - 00233472 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe

2017-05-10 19:49 - 2017-04-28 02:00 - 12349440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll

2017-05-10 19:49 - 2017-04-28 02:00 - 00193536 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinRtTracing.dll

2017-05-10 19:49 - 2017-04-28 02:00 - 00165376 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll

2017-05-10 19:49 - 2017-04-28 02:00 - 00149504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Core.dll

2017-05-10 19:49 - 2017-04-28 01:59 - 12187136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll

2017-05-10 19:49 - 2017-04-28 01:59 - 00635904 _____ (Microsoft Corporation) C:\WINDOWS\system32\FlightSettings.dll

2017-05-10 19:49 - 2017-04-28 01:59 - 00467968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Gaming.XboxLive.Storage.dll

2017-05-10 19:49 - 2017-04-28 01:59 - 00375296 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastlsext.dll

2017-05-10 19:49 - 2017-04-28 01:58 - 00418304 _____ C:\WINDOWS\system32\Windows.Perception.Stub.dll

2017-05-10 19:49 - 2017-04-28 01:58 - 00360448 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpencom.dll

2017-05-10 19:49 - 2017-04-28 01:58 - 00276992 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll

2017-05-10 19:49 - 2017-04-28 01:58 - 00211968 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe

2017-05-10 19:49 - 2017-04-28 01:57 - 01507840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.FaceAnalysis.dll

2017-05-10 19:49 - 2017-04-28 01:57 - 00502784 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastls.dll

2017-05-10 19:49 - 2017-04-28 01:57 - 00223744 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe

2017-05-10 19:49 - 2017-04-28 01:57 - 00216576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Scanners.dll

2017-05-10 19:49 - 2017-04-28 01:57 - 00132096 _____ (Microsoft Corporation) C:\WINDOWS\system32\PrintWSDAHost.dll

2017-05-10 19:49 - 2017-04-28 01:56 - 00748544 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll

2017-05-10 19:49 - 2017-04-28 01:56 - 00590336 _____ (Microsoft Corporation) C:\WINDOWS\system32\efswrt.dll

2017-05-10 19:49 - 2017-04-28 01:56 - 00387584 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll

2017-05-10 19:49 - 2017-04-28 01:56 - 00358912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.dll

2017-05-10 19:49 - 2017-04-28 01:56 - 00293888 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll

2017-05-10 19:49 - 2017-04-28 01:56 - 00260608 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgentUserBroker.exe

2017-05-10 19:49 - 2017-04-28 01:56 - 00088576 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll

2017-05-10 19:49 - 2017-04-28 01:55 - 00561664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Wallet.dll

2017-05-10 19:49 - 2017-04-28 01:55 - 00431616 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpAXHolder.dll

2017-05-10 19:49 - 2017-04-28 01:55 - 00307200 _____ (Microsoft Corporation) C:\WINDOWS\system32\PrintDialogs3D.dll

2017-05-10 19:49 - 2017-04-28 01:55 - 00252416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Identity.Provider.dll

2017-05-10 19:49 - 2017-04-28 01:54 - 02027008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl

2017-05-10 19:49 - 2017-04-28 01:54 - 01509376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll

2017-05-10 19:49 - 2017-04-28 01:54 - 00425984 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll

2017-05-10 19:49 - 2017-04-28 01:54 - 00284160 _____ (Microsoft Corporation) C:\WINDOWS\system32\AboveLockAppHost.dll

2017-05-10 19:49 - 2017-04-28 01:53 - 06288384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll

2017-05-10 19:49 - 2017-04-28 01:53 - 03059200 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll

2017-05-10 19:49 - 2017-04-28 01:53 - 00671744 _____ (Microsoft Corporation) C:\WINDOWS\system32\mbsmsapi.dll

2017-05-10 19:49 - 2017-04-28 01:53 - 00579584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.UX.EapRequestHandler.dll

2017-05-10 19:49 - 2017-04-28 01:53 - 00245760 _____ (Microsoft Corporation) C:\WINDOWS\system32\WwaApi.dll

2017-05-10 19:49 - 2017-04-28 01:51 - 01589760 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdtctm.dll

2017-05-10 19:49 - 2017-04-28 01:51 - 00713216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys

2017-05-10 19:49 - 2017-04-28 01:51 - 00458752 _____ (Microsoft Corporation) C:\WINDOWS\system32\RTMediaFrame.dll

2017-05-10 19:49 - 2017-04-28 01:51 - 00409600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys

2017-05-10 19:49 - 2017-04-28 01:50 - 03778048 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll

2017-05-10 19:49 - 2017-04-28 01:50 - 00329728 _____ (Microsoft Corporation) C:\WINDOWS\system32\fvecpl.dll

2017-05-10 19:49 - 2017-04-28 01:49 - 00864256 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnapps.dll

2017-05-10 19:49 - 2017-04-28 01:47 - 01908224 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll

2017-05-10 19:49 - 2017-04-28 01:47 - 01078784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.dll

2017-05-10 19:49 - 2017-04-28 01:47 - 00796672 _____ (Microsoft Corporation) C:\WINDOWS\system32\fvewiz.dll

2017-05-10 19:49 - 2017-04-28 01:47 - 00627200 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpaceControl.dll

2017-05-10 19:49 - 2017-04-28 01:45 - 23677440 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll

2017-05-10 19:49 - 2017-04-28 01:45 - 01217024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Audio.dll

2017-05-10 19:49 - 2017-04-28 01:45 - 00411648 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsApi.dll

2017-05-10 19:49 - 2017-04-28 01:44 - 13091328 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll

2017-05-10 19:49 - 2017-04-28 01:44 - 01366016 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll

2017-05-10 19:49 - 2017-04-28 01:44 - 01145344 _____ (Microsoft Corporation) C:\WINDOWS\system32\EmailApis.dll

2017-05-10 19:49 - 2017-04-28 01:44 - 00937984 _____ (Microsoft Corporation) C:\WINDOWS\system32\MCRecvSrc.dll

2017-05-10 19:49 - 2017-04-28 01:44 - 00583680 _____ (Microsoft Corporation) C:\WINDOWS\system32\PrintDialogs.dll

2017-05-10 19:49 - 2017-04-28 01:44 - 00548864 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll

2017-05-10 19:49 - 2017-04-28 01:43 - 01184256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Unistore.dll

2017-05-10 19:49 - 2017-04-28 01:43 - 00963584 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebcamUi.dll

2017-05-10 19:49 - 2017-04-28 01:43 - 00646656 _____ (Microsoft Corporation) C:\WINDOWS\system32\wiaservc.dll

2017-05-10 19:49 - 2017-04-28 01:43 - 00539136 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToManager.dll

2017-05-10 19:49 - 2017-04-28 01:43 - 00526336 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv

2017-05-10 19:49 - 2017-04-28 01:43 - 00467968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Geolocation.dll

2017-05-10 19:49 - 2017-04-28 01:43 - 00331264 _____ (Microsoft Corporation) C:\WINDOWS\system32\NgcCtnrSvc.dll

2017-05-10 19:49 - 2017-04-28 01:42 - 13441536 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll

2017-05-10 19:49 - 2017-04-28 01:42 - 08125440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll

2017-05-10 19:49 - 2017-04-28 01:42 - 08076288 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll

2017-05-10 19:49 - 2017-04-28 01:42 - 02390016 _____ (Microsoft Corporation) C:\WINDOWS\system32\smartscreen.exe

2017-05-10 19:49 - 2017-04-28 01:41 - 01080320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Ocr.dll

2017-05-10 19:49 - 2017-04-28 01:41 - 00983040 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcsvc.dll

2017-05-10 19:49 - 2017-04-28 01:41 - 00860160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mprddm.dll

2017-05-10 19:49 - 2017-04-28 01:41 - 00759296 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll

2017-05-10 19:49 - 2017-04-28 01:41 - 00611328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Printing.dll

2017-05-10 19:49 - 2017-04-28 01:40 - 04474368 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_47.dll

2017-05-10 19:49 - 2017-04-28 01:40 - 02096640 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl

2017-05-10 19:49 - 2017-04-28 01:40 - 01040896 _____ (Microsoft Corporation) C:\WINDOWS\system32\NaturalLanguage6.dll

2017-05-10 19:49 - 2017-04-28 01:40 - 00913920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.dll

2017-05-10 19:49 - 2017-04-28 01:40 - 00816640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll

2017-05-10 19:49 - 2017-04-28 01:39 - 00846336 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApiPublic.dll

2017-05-10 19:49 - 2017-04-28 01:38 - 05611008 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll

2017-05-10 19:49 - 2017-04-28 01:38 - 02424320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Perception.dll

2017-05-10 19:49 - 2017-04-28 01:38 - 01359360 _____ (Microsoft Corporation) C:\WINDOWS\system32\usercpl.dll

2017-05-10 19:49 - 2017-04-28 01:38 - 00765440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Sensors.dll

2017-05-10 19:49 - 2017-04-28 01:37 - 04149248 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll

2017-05-10 19:49 - 2017-04-28 01:37 - 03134976 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcore.dll

2017-05-10 19:49 - 2017-04-28 01:37 - 02895872 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll

2017-05-10 19:49 - 2017-04-28 01:37 - 02538496 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll

2017-05-10 19:49 - 2017-04-28 01:37 - 01984000 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll

2017-05-10 19:49 - 2017-04-28 01:37 - 01783296 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll

2017-05-10 19:49 - 2017-04-28 01:37 - 01637888 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll

2017-05-10 19:49 - 2017-04-28 01:37 - 01424896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Maps.dll

2017-05-10 19:49 - 2017-04-28 01:37 - 01266176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Input.Inking.dll

2017-05-10 19:49 - 2017-04-28 01:37 - 00875520 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll

2017-05-10 19:49 - 2017-04-28 01:37 - 00391168 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll

2017-05-10 19:49 - 2017-04-28 01:36 - 01513472 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys

2017-05-10 19:49 - 2017-04-28 01:36 - 01328640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.Http.dll

2017-05-10 19:49 - 2017-04-28 01:36 - 01131008 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll

2017-05-10 19:49 - 2017-04-28 01:36 - 00774656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.dll

2017-05-10 19:49 - 2017-04-28 01:35 - 03299840 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstsc.exe

2017-05-10 19:49 - 2017-04-28 01:35 - 00924672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.BackgroundTransfer.dll

2017-05-10 19:49 - 2017-04-28 01:34 - 00999424 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWorkspace.dll

2017-05-10 19:49 - 2017-04-28 01:34 - 00439296 _____ (Microsoft Corporation) C:\WINDOWS\system32\wksprt.exe

2017-05-10 19:49 - 2017-04-28 01:34 - 00394240 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpclip.exe

2017-05-10 19:49 - 2017-03-04 09:09 - 01293152 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll

2017-05-10 19:49 - 2017-03-04 08:27 - 00456192 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiobj.dll

2017-05-10 19:49 - 2017-03-04 08:26 - 00261632 _____ (Microsoft Corporation) C:\WINDOWS\system32\indexeddbserver.dll

2017-05-10 19:49 - 2017-03-04 08:25 - 01388544 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Cred.dll

2017-05-10 19:49 - 2017-03-04 08:19 - 01403392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Editing.dll

2017-05-10 19:49 - 2017-03-04 08:06 - 01369088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Phone.dll

2017-05-10 19:48 - 2017-04-28 02:57 - 00603488 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContentDeliveryManager.Utilities.dll

2017-05-10 19:48 - 2017-04-28 02:56 - 01117024 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReAgent.dll

2017-05-10 19:48 - 2017-04-28 02:52 - 02255712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys

2017-05-10 19:48 - 2017-04-28 02:49 - 00764392 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll

2017-05-10 19:48 - 2017-04-28 02:49 - 00700936 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel32.dll

2017-05-10 19:48 - 2017-04-28 02:47 - 00699744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimgapi.dll

2017-05-10 19:48 - 2017-04-28 02:47 - 00501088 _____ (Microsoft Corporation) C:\WINDOWS\system32\spwizeng.dll

2017-05-10 19:48 - 2017-04-28 02:46 - 00410464 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinSetupUI.dll

2017-05-10 19:48 - 2017-04-28 02:44 - 00062816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fsdepends.sys

2017-05-10 19:48 - 2017-04-28 02:42 - 00526176 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimserv.exe

2017-05-10 19:48 - 2017-04-28 02:40 - 00578400 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe

2017-05-10 19:48 - 2017-04-28 02:40 - 00146784 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostCommon.dll

2017-05-10 19:48 - 2017-04-28 02:40 - 00026976 _____ (Microsoft Corporation) C:\WINDOWS\system32\browser_broker.exe

2017-05-10 19:48 - 2017-04-28 02:39 - 00624048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys

2017-05-10 19:48 - 2017-04-28 02:38 - 02915704 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll

2017-05-10 19:48 - 2017-04-28 02:38 - 02446704 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll

2017-05-10 19:48 - 2017-04-28 02:38 - 01852200 _____ (Microsoft Corporation) C:\WINDOWS\system32\crypt32.dll

2017-05-10 19:48 - 2017-04-28 02:38 - 01267512 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll

2017-05-10 19:48 - 2017-04-28 02:38 - 00431968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys

2017-05-10 19:48 - 2017-04-28 02:34 - 04674360 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe

2017-05-10 19:48 - 2017-04-28 02:34 - 01600624 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll

2017-05-10 19:48 - 2017-04-28 02:34 - 00241504 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHost.dll

2017-05-10 19:48 - 2017-04-28 02:30 - 01569184 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll

2017-05-10 19:48 - 2017-04-28 02:30 - 00322912 _____ (Microsoft Corporation) C:\WINDOWS\system32\input.dll

2017-05-10 19:48 - 2017-04-28 02:28 - 00455520 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe

2017-05-10 19:48 - 2017-04-28 02:21 - 00073728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdc.ocx

2017-05-10 19:48 - 2017-04-28 02:19 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbonRes.dll

2017-05-10 19:48 - 2017-04-28 02:15 - 00822784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll

2017-05-10 19:48 - 2017-04-28 02:15 - 00126464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll

2017-05-10 19:48 - 2017-04-28 02:14 - 00306688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll

2017-05-10 19:48 - 2017-04-28 02:12 - 00635904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll

2017-05-10 19:48 - 2017-04-28 02:12 - 00236544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll

2017-05-10 19:48 - 2017-04-28 02:10 - 07216640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll

2017-05-10 19:48 - 2017-04-28 02:10 - 00661504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll

2017-05-10 19:48 - 2017-04-28 02:05 - 01631232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll

2017-05-10 19:48 - 2017-04-28 02:03 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbonRes.dll

2017-05-10 19:48 - 2017-04-28 02:03 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdc.ocx

2017-05-10 19:48 - 2017-04-28 02:03 - 00032256 _____ (Microsoft Corporation) C:\WINDOWS\system32\BthTelemetry.dll

2017-05-10 19:48 - 2017-04-28 02:02 - 00019456 _____ (Microsoft Corporation) C:\WINDOWS\system32\appidcertstorecheck.exe

2017-05-10 19:48 - 2017-04-28 02:01 - 00259072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Family.SyncEngine.dll

2017-05-10 19:48 - 2017-04-28 02:01 - 00185344 _____ (Microsoft Corporation) C:\WINDOWS\system32\DisplayManager.dll

2017-05-10 19:48 - 2017-04-28 02:01 - 00156160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Family.Client.dll

2017-05-10 19:48 - 2017-04-28 02:01 - 00129536 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_ClosedCaptioning.dll

2017-05-10 19:48 - 2017-04-28 02:01 - 00090624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Printers.dll

2017-05-10 19:48 - 2017-04-28 02:01 - 00051712 _____ (Microsoft Corporation) C:\WINDOWS\system32\virtdisk.dll

2017-05-10 19:48 - 2017-04-28 02:00 - 00196096 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDeviceRegistration.dll

2017-05-10 19:48 - 2017-04-28 02:00 - 00193536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.WiFi.dll

2017-05-10 19:48 - 2017-04-28 02:00 - 00148480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.System.Profile.RetailInfo.dll

2017-05-10 19:48 - 2017-04-28 02:00 - 00120832 _____ (Microsoft Corporation) C:\WINDOWS\system32\BluetoothApis.dll

2017-05-10 19:48 - 2017-04-28 02:00 - 00101888 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDeviceRegistration.Ngc.dll

2017-05-10 19:48 - 2017-04-28 02:00 - 00099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll

2017-05-10 19:48 - 2017-04-28 02:00 - 00073216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryBroker.dll

2017-05-10 19:48 - 2017-04-28 01:59 - 00567296 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevicePairing.dll

2017-05-10 19:48 - 2017-04-28 01:59 - 00186368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Radios.dll

2017-05-10 19:48 - 2017-04-28 01:59 - 00124416 _____ (Microsoft Corporation) C:\WINDOWS\system32\appidsvc.dll

2017-05-10 19:48 - 2017-04-28 01:59 - 00122880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryClient.dll

2017-05-10 19:48 - 2017-04-28 01:58 - 00547840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Gaming.Input.dll

2017-05-10 19:48 - 2017-04-28 01:58 - 00418304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.BlockedShutdown.dll

2017-05-10 19:48 - 2017-04-28 01:58 - 00289792 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeveloperOptionsSettingsHandlers.dll

2017-05-10 19:48 - 2017-04-28 01:58 - 00231424 _____ (Microsoft Corporation) C:\WINDOWS\system32\shutdownux.dll

2017-05-10 19:48 - 2017-04-28 01:58 - 00150016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.AppDefaults.dll

2017-05-10 19:48 - 2017-04-28 01:58 - 00144896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Lights.dll

2017-05-10 19:48 - 2017-04-28 01:58 - 00130560 _____ (Microsoft Corporation) C:\WINDOWS\system32\ConsentUX.dll

2017-05-10 19:48 - 2017-04-28 01:57 - 00651264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.AllJoyn.dll

2017-05-10 19:48 - 2017-04-28 01:57 - 00568320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.LowLevel.dll

2017-05-10 19:48 - 2017-04-28 01:57 - 00505856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.WiFiDirect.dll

2017-05-10 19:48 - 2017-04-28 01:57 - 00279552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.HumanInterfaceDevice.dll

2017-05-10 19:48 - 2017-04-28 01:57 - 00268800 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserMgrProxy.dll

2017-05-10 19:48 - 2017-04-28 01:57 - 00243712 _____ (Microsoft Corporation) C:\WINDOWS\system32\credprovhost.dll

2017-05-10 19:48 - 2017-04-28 01:57 - 00241152 _____ (Microsoft Corporation) C:\WINDOWS\system32\dafBth.dll

2017-05-10 19:48 - 2017-04-28 01:57 - 00157184 _____ (Microsoft Corporation) C:\WINDOWS\system32\bthserv.dll

2017-05-10 19:48 - 2017-04-28 01:57 - 00139264 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll

2017-05-10 19:48 - 2017-04-28 01:56 - 00947712 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll

2017-05-10 19:48 - 2017-04-28 01:56 - 00912384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.SmartCards.dll

2017-05-10 19:48 - 2017-04-28 01:56 - 00692224 _____ (Microsoft Corporation) C:\WINDOWS\system32\CellularAPI.dll

2017-05-10 19:48 - 2017-04-28 01:56 - 00691200 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll

2017-05-10 19:48 - 2017-04-28 01:56 - 00379904 _____ (Microsoft Corporation) C:\WINDOWS\system32\apprepsync.dll

2017-05-10 19:48 - 2017-04-28 01:56 - 00324608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.LockScreen.dll

2017-05-10 19:48 - 2017-04-28 01:56 - 00311296 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncSettings.dll

2017-05-10 19:48 - 2017-04-28 01:56 - 00267264 _____ (Microsoft Corporation) C:\WINDOWS\system32\vaultcli.dll

2017-05-10 19:48 - 2017-04-28 01:56 - 00147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll

2017-05-10 19:48 - 2017-04-28 01:56 - 00146432 _____ (Microsoft Corporation) C:\WINDOWS\system32\AuthBroker.dll

2017-05-10 19:48 - 2017-04-28 01:55 - 06042624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll

2017-05-10 19:48 - 2017-04-28 01:55 - 02084352 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceFlows.DataModel.dll

2017-05-10 19:48 - 2017-04-28 01:55 - 00657920 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmans.dll

2017-05-10 19:48 - 2017-04-28 01:55 - 00407552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll

2017-05-10 19:48 - 2017-04-28 01:55 - 00391168 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleacc.dll

2017-05-10 19:48 - 2017-04-28 01:55 - 00337408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Picker.dll

2017-05-10 19:48 - 2017-04-28 01:55 - 00231424 _____ (Microsoft Corporation) C:\WINDOWS\system32\bthprops.cpl

2017-05-10 19:48 - 2017-04-28 01:55 - 00176128 _____ (Microsoft Corporation) C:\WINDOWS\system32\apprepapi.dll

2017-05-10 19:48 - 2017-04-28 01:54 - 03664384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll

2017-05-10 19:48 - 2017-04-28 01:54 - 00949248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.PointOfService.dll

2017-05-10 19:48 - 2017-04-28 01:54 - 00472064 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Bluetooth.dll

2017-05-10 19:48 - 2017-04-28 01:54 - 00339456 _____ (Microsoft Corporation) C:\WINDOWS\system32\ConhostV2.dll

2017-05-10 19:48 - 2017-04-28 01:54 - 00329728 _____ (Microsoft Corporation) C:\WINDOWS\system32\deviceaccess.dll

2017-05-10 19:48 - 2017-04-28 01:54 - 00091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll

2017-05-10 19:48 - 2017-04-28 01:53 - 00458752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Enumeration.dll

2017-05-10 19:48 - 2017-04-28 01:53 - 00437248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Usb.dll

2017-05-10 19:48 - 2017-04-28 01:51 - 02104320 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll

2017-05-10 19:48 - 2017-04-28 01:51 - 01913856 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_fs.dll

2017-05-10 19:48 - 2017-04-28 01:51 - 01584128 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_health.dll

2017-05-10 19:48 - 2017-04-28 01:51 - 00169984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Energy.dll

2017-05-10 19:48 - 2017-04-28 01:50 - 01476608 _____ (Microsoft Corporation) C:\WINDOWS\system32\RecoveryDrive.exe

2017-05-10 19:48 - 2017-04-28 01:50 - 00380416 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationApi.dll

2017-05-10 19:48 - 2017-04-28 01:50 - 00338944 _____ (Microsoft Corporation) C:\WINDOWS\system32\adsnt.dll

2017-05-10 19:48 - 2017-04-28 01:49 - 17198592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll

2017-05-10 19:48 - 2017-04-28 01:49 - 01105408 _____ (Microsoft Corporation) C:\WINDOWS\system32\MiracastReceiver.dll

2017-05-10 19:48 - 2017-04-28 01:49 - 00442368 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToDevice.dll

2017-05-10 19:48 - 2017-04-28 01:48 - 00337920 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll

2017-05-10 19:48 - 2017-04-28 01:48 - 00295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\dlnashext.dll

2017-05-10 19:48 - 2017-04-28 01:48 - 00187904 _____ (Microsoft Corporation) C:\WINDOWS\system32\dialclient.dll

2017-05-10 19:48 - 2017-04-28 01:47 - 09131008 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll

2017-05-10 19:48 - 2017-04-28 01:47 - 03290112 _____ (Microsoft Corporation) C:\WINDOWS\system32\mispace.dll

2017-05-10 19:48 - 2017-04-28 01:47 - 01790464 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationFramework.dll

2017-05-10 19:48 - 2017-04-28 01:47 - 00942080 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll

2017-05-10 19:48 - 2017-04-28 01:47 - 00649216 _____ (Microsoft Corporation) C:\WINDOWS\system32\vds.exe

2017-05-10 19:48 - 2017-04-28 01:46 - 02861056 _____ (Microsoft Corporation) C:\WINDOWS\system32\storagewmi.dll

2017-05-10 19:48 - 2017-04-28 01:46 - 01547264 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbengine.exe

2017-05-10 19:48 - 2017-04-28 01:46 - 01443328 _____ (Microsoft Corporation) C:\WINDOWS\system32\VSSVC.exe

2017-05-10 19:48 - 2017-04-28 01:46 - 00501248 _____ (Microsoft Corporation) C:\WINDOWS\system32\imapi2.dll

2017-05-10 19:48 - 2017-04-28 01:46 - 00374784 _____ (Microsoft Corporation) C:\WINDOWS\system32\resutils.dll

2017-05-10 19:48 - 2017-04-28 01:46 - 00279552 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToReceiver.dll

2017-05-10 19:48 - 2017-04-28 01:46 - 00049664 _____ (Microsoft Corporation) C:\WINDOWS\system32\catsrvps.dll

2017-05-10 19:48 - 2017-04-28 01:45 - 00946688 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_sr.dll

2017-05-10 19:48 - 2017-04-28 01:45 - 00628736 _____ (Microsoft Corporation) C:\WINDOWS\system32\uReFS.dll

2017-05-10 19:48 - 2017-04-28 01:45 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll

2017-05-10 19:48 - 2017-04-28 01:45 - 00167936 _____ (Microsoft Corporation) C:\WINDOWS\system32\ErrorDetails.dll

2017-05-10 19:48 - 2017-04-28 01:45 - 00130560 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpaceAgent.exe

2017-05-10 19:48 - 2017-04-28 01:45 - 00112640 _____ (Microsoft Corporation) C:\WINDOWS\system32\CameraCaptureUI.dll

2017-05-10 19:48 - 2017-04-28 01:44 - 04749824 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll

2017-05-10 19:48 - 2017-04-28 01:44 - 01010176 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll

2017-05-10 19:48 - 2017-04-28 01:44 - 00896512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.AccountsControl.dll

2017-05-10 19:48 - 2017-04-28 01:44 - 00775168 _____ (Microsoft Corporation) C:\WINDOWS\system32\GamePanel.exe

2017-05-10 19:48 - 2017-04-28 01:44 - 00410112 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevicesFlowBroker.dll

2017-05-10 19:48 - 2017-04-28 01:44 - 00139776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Devices.dll

2017-05-10 19:48 - 2017-04-28 01:43 - 00634368 _____ (Microsoft Corporation) C:\WINDOWS\system32\StructuredQuery.dll

2017-05-10 19:48 - 2017-04-28 01:43 - 00600576 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptui.dll

2017-05-10 19:48 - 2017-04-28 01:43 - 00560128 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppReadiness.dll

2017-05-10 19:48 - 2017-04-28 01:43 - 00460800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Midi.dll

2017-05-10 19:48 - 2017-04-28 01:43 - 00320512 _____ (Microsoft Corporation) C:\WINDOWS\system32\thumbcache.dll

2017-05-10 19:48 - 2017-04-28 01:42 - 01692160 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll

2017-05-10 19:48 - 2017-04-28 01:42 - 01021440 _____ (Microsoft Corporation) C:\WINDOWS\system32\usermgr.dll

2017-05-10 19:48 - 2017-04-28 01:42 - 00945664 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll

2017-05-10 19:48 - 2017-04-28 01:42 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll

2017-05-10 19:48 - 2017-04-28 01:41 - 01359872 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModel.dll

2017-05-10 19:48 - 2017-04-28 01:41 - 00890368 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll

2017-05-10 19:48 - 2017-04-28 01:41 - 00828416 _____ (Microsoft Corporation) C:\WINDOWS\system32\appwiz.cpl

2017-05-10 19:48 - 2017-04-28 01:41 - 00650752 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll

2017-05-10 19:48 - 2017-04-28 01:41 - 00591360 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll

2017-05-10 19:48 - 2017-04-28 01:41 - 00376832 _____ (Microsoft Corporation) C:\WINDOWS\system32\CryptoWinRT.dll

2017-05-10 19:48 - 2017-04-28 01:40 - 02914816 _____ (Microsoft Corporation) C:\WINDOWS\system32\CertEnroll.dll

2017-05-10 19:48 - 2017-04-28 01:40 - 02510848 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll

2017-05-10 19:48 - 2017-04-28 01:40 - 02208768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Printing.3D.dll

2017-05-10 19:48 - 2017-04-28 01:40 - 01643008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.dll

2017-05-10 19:48 - 2017-04-28 01:40 - 01586176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Globalization.dll

2017-05-10 19:48 - 2017-04-28 01:40 - 00971264 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll

2017-05-10 19:48 - 2017-04-28 01:40 - 00886784 _____ (Microsoft Corporation) C:\WINDOWS\system32\CPFilters.dll

2017-05-10 19:48 - 2017-04-28 01:40 - 00770560 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll

2017-05-10 19:48 - 2017-04-28 01:39 - 00673792 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe

2017-05-10 19:48 - 2017-04-28 01:38 - 01490432 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll

2017-05-10 19:48 - 2017-04-28 01:38 - 01275392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Bluetooth.dll

2017-05-10 19:48 - 2017-04-28 01:37 - 04744192 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll

2017-05-10 19:48 - 2017-04-28 01:37 - 02316288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll

2017-05-10 19:48 - 2017-04-28 01:37 - 02286592 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll

2017-05-10 19:48 - 2017-04-28 01:37 - 02216960 _____ (Microsoft Corporation) C:\WINDOWS\system32\OpcServices.dll

2017-05-10 19:48 - 2017-04-28 01:37 - 00881664 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll

2017-05-10 19:48 - 2017-04-28 01:36 - 03613184 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys

2017-05-10 19:48 - 2017-04-28 01:36 - 02691072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll

2017-05-10 19:48 - 2017-04-28 01:36 - 02478080 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll

2017-05-10 19:48 - 2017-04-28 01:36 - 01844224 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll

2017-05-10 19:48 - 2017-04-28 01:36 - 00735744 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll

2017-05-10 19:48 - 2017-04-28 01:36 - 00716800 _____ (Microsoft Corporation) C:\WINDOWS\system32\ShareHost.dll

2017-05-10 19:48 - 2017-04-28 01:35 - 01121280 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll

2017-05-10 19:48 - 2017-04-28 01:34 - 00035328 _____ (Microsoft Corporation) C:\WINDOWS\system32\spaceman.exe

2017-05-10 19:48 - 2017-04-28 01:33 - 01817088 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.dll

2017-05-10 19:48 - 2017-03-04 08:25 - 01060352 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppContracts.dll

2017-05-10 19:48 - 2016-12-21 09:09 - 00368640 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneBackupHandler.dll

2017-05-10 15:07 - 2017-05-10 15:09 - 00281802 _____ C:\TDSSKiller.3.1.0.15_10.05.2017_15.07.29_log.txt

2017-05-10 15:02 - 2017-05-10 11:27 - 04922400 _____ (AO Kaspersky Lab) C:\Users\User\Desktop\tdsskiller (1).exe

2017-05-10 15:02 - 2017-05-10 11:23 - 02429440 _____ (Farbar) C:\Users\User\Desktop\FRST64 (1).exe

2017-05-08 17:20 - 2017-05-11 18:27 - 00000000 ____D C:\FRST

2017-05-03 13:56 - 2017-05-03 13:56 - 00000780 _____ C:\Users\User\Desktop\JRT.txt

2017-05-02 18:51 - 2017-05-02 18:51 - 00000000 ____D C:\Users\User\AppData\Roaming\Google

2017-05-02 18:07 - 2017-05-02 18:08 - 00000000 ____D C:\Users\User\AppData\Local\MSfree Inc

2017-04-28 22:59 - 2017-04-28 21:13 - 00030938 _____ C:\Users\User\bookmarks-2017-04-28.json

2017-04-28 22:54 - 2017-05-02 18:51 - 00000000 ____D C:\Users\User\AppData\LocalLow\Mozilla

2017-04-28 22:46 - 2017-05-11 17:43 - 00000000 ____D C:\AdwCleaner

2017-04-19 17:57 - 2017-04-19 17:57 - 00000000 ____D C:\Program Files (x86)\Lame For Audacity

2017-04-13 10:47 - 2017-03-28 09:10 - 00315744 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll

2017-04-13 10:47 - 2017-03-28 08:32 - 00198856 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscapi.dll

2017-04-13 10:47 - 2017-03-28 08:26 - 00218520 _____ (Microsoft Corporation) C:\WINDOWS\system32\LsaIso.exe

2017-04-13 10:47 - 2017-03-28 08:21 - 00167848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscapi.dll

2017-04-13 10:47 - 2017-03-28 08:20 - 01181024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys

2017-04-13 10:47 - 2017-03-28 08:11 - 00360040 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe

2017-04-13 10:47 - 2017-03-28 08:09 - 00097128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Credentials.UI.CredentialPicker.dll

2017-04-13 10:47 - 2017-03-28 08:05 - 01848584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsrcsnk.dll

2017-04-13 10:47 - 2017-03-28 08:04 - 00277344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msiscsi.sys

2017-04-13 10:47 - 2017-03-28 08:04 - 00136032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudExperienceHostUser.dll

2017-04-13 10:47 - 2017-03-28 08:02 - 00576408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll

2017-04-13 10:47 - 2017-03-28 07:59 - 02533728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys

2017-04-13 10:47 - 2017-03-28 07:58 - 01344448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsrcsnk.dll

2017-04-13 10:47 - 2017-03-28 07:53 - 00545944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe

2017-04-13 10:47 - 2017-03-28 07:52 - 00306800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.MediaControl.dll

2017-04-13 10:47 - 2017-03-28 07:42 - 00051712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usoapi.dll

2017-04-13 10:47 - 2017-03-28 07:40 - 00049664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XblAuthManagerProxy.dll

2017-04-13 10:47 - 2017-03-28 07:40 - 00037376 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll

2017-04-13 10:47 - 2017-03-28 07:39 - 00040960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBrokerUI.dll

2017-04-13 10:47 - 2017-03-28 07:38 - 00070656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XblAuthTokenBrokerExt.dll

2017-04-13 10:47 - 2017-03-28 07:37 - 00215552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apds.dll

2017-04-13 10:47 - 2017-03-28 07:37 - 00177664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.Diagnostics.dll

2017-04-13 10:47 - 2017-03-28 07:37 - 00123904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.HostName.dll

2017-04-13 10:47 - 2017-03-28 07:37 - 00097792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.System.SystemManagement.dll

2017-04-13 10:47 - 2017-03-28 07:37 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\system32\musdialoghandlers.dll

2017-04-13 10:47 - 2017-03-28 07:37 - 00041472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BasicRender.sys

2017-04-13 10:47 - 2017-03-28 07:36 - 00769024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ipsecsnp.dll

2017-04-13 10:47 - 2017-03-28 07:36 - 00237568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.Diagnostics.dll

2017-04-13 10:47 - 2017-03-28 07:36 - 00129024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.SerialCommunication.dll

2017-04-13 10:47 - 2017-03-28 07:36 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.ServiceDiscovery.Dnssd.dll

2017-04-13 10:47 - 2017-03-28 07:36 - 00059904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.System.UserDeviceAssociation.dll

2017-04-13 10:47 - 2017-03-28 07:36 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BasicDisplay.sys

2017-04-13 10:47 - 2017-03-28 07:35 - 00505856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcastdvr.exe

2017-04-13 10:47 - 2017-03-28 07:35 - 00093696 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe

2017-04-13 10:47 - 2017-03-28 07:35 - 00092672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Background.SystemEventsBroker.dll

2017-04-13 10:47 - 2017-03-28 07:33 - 00609280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Import.dll

2017-04-13 10:47 - 2017-03-28 07:33 - 00436736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ipsmsnap.dll

2017-04-13 10:47 - 2017-03-28 07:31 - 00711680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll

2017-04-13 10:47 - 2017-03-28 07:31 - 00390656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredProvDataModel.dll

2017-04-13 10:47 - 2017-03-28 07:31 - 00337408 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkBindingEngineMigPlugin.dll

2017-04-13 10:47 - 2017-03-28 07:30 - 00787968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sbe.dll

2017-04-13 10:47 - 2017-03-28 07:28 - 00755712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll

2017-04-13 10:47 - 2017-03-28 07:28 - 00551936 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll

2017-04-13 10:47 - 2017-03-28 07:27 - 00441856 _____ (Microsoft Corporation) C:\WINDOWS\system32\AccountsRt.dll

2017-04-13 10:47 - 2017-03-28 07:26 - 00642048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.InkControls.dll

2017-04-13 10:47 - 2017-03-28 07:26 - 00468992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.InkControls.dll

2017-04-13 10:47 - 2017-03-28 07:26 - 00313856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll

2017-04-13 10:47 - 2017-03-28 07:25 - 01196544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscui.cpl

2017-04-13 10:47 - 2017-03-28 07:24 - 06474752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mspaint.exe

2017-04-13 10:47 - 2017-03-28 07:23 - 00395264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmenrollengine.dll

2017-04-13 10:47 - 2017-03-28 07:22 - 00516096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidcli.dll

2017-04-13 10:47 - 2017-03-28 07:22 - 00175616 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.DeviceEncryptionHandlers.dll

2017-04-13 10:47 - 2017-03-28 07:22 - 00157696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\enrollmentapi.dll

2017-04-13 10:47 - 2017-03-28 07:20 - 00078336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmjpegdec.dll

2017-04-13 10:47 - 2017-03-28 07:19 - 07655424 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll

2017-04-13 10:47 - 2017-03-28 07:19 - 00746496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msdtcprx.dll

2017-04-13 10:47 - 2017-03-28 07:17 - 06109696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll

2017-04-13 10:47 - 2017-03-28 07:16 - 03198464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll

2017-04-13 10:47 - 2017-03-28 07:14 - 00947712 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVP9DEC.dll

2017-04-13 10:47 - 2017-03-28 07:13 - 02138112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll

2017-04-13 10:47 - 2017-03-28 07:13 - 00079360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\asycfilt.dll

2017-04-13 10:47 - 2017-03-28 07:12 - 02682880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netshell.dll

2017-04-13 10:47 - 2017-03-28 07:12 - 00862208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll

2017-04-13 10:47 - 2017-03-28 07:12 - 00542208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.Connectivity.dll

2017-04-13 10:47 - 2017-03-28 07:11 - 01576448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll

2017-04-13 10:47 - 2017-03-28 07:08 - 01564160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\quartz.dll

2017-04-13 10:47 - 2017-03-28 07:08 - 00299008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RADCUI.dll

2017-04-13 10:47 - 2017-03-16 06:38 - 00034088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CompPkgSup.dll

2017-04-13 10:46 - 2017-03-28 08:36 - 01617760 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll

2017-04-13 10:46 - 2017-03-28 08:36 - 01294688 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll

2017-04-13 10:46 - 2017-03-28 08:36 - 00565088 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll

2017-04-13 10:46 - 2017-03-28 08:36 - 00343904 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll

2017-04-13 10:46 - 2017-03-28 08:36 - 00142176 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll

2017-04-13 10:46 - 2017-03-28 08:35 - 00379232 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll

2017-04-13 10:46 - 2017-03-28 08:10 - 00178528 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostUser.dll

2017-04-13 10:46 - 2017-03-28 08:09 - 00682816 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll

2017-04-13 10:46 - 2017-03-28 08:08 - 01100128 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe

2017-04-13 10:46 - 2017-03-28 08:08 - 00989024 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe

2017-04-13 10:46 - 2017-03-28 08:04 - 00160088 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostBroker.dll

2017-04-13 10:46 - 2017-03-28 08:00 - 00628552 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe

2017-04-13 10:46 - 2017-03-28 07:58 - 00372440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.MediaControl.dll

2017-04-13 10:46 - 2017-03-28 07:37 - 00078848 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblAuthManagerProxy.dll

2017-04-13 10:46 - 2017-03-28 07:37 - 00031232 _____ (Microsoft Corporation) C:\WINDOWS\system32\DdcWnsListener.dll

2017-04-13 10:46 - 2017-03-28 07:36 - 00216576 _____ (Microsoft Corporation) C:\WINDOWS\system32\RdpRelayTransport.dll

2017-04-13 10:46 - 2017-03-28 07:36 - 00045056 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll

2017-04-13 10:46 - 2017-03-28 07:35 - 00124416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.System.SystemManagement.dll

2017-04-13 10:46 - 2017-03-28 07:34 - 00162304 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcertinst.exe

2017-04-13 10:46 - 2017-03-28 07:34 - 00113664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.ServiceDiscovery.Dnssd.dll

2017-04-13 10:46 - 2017-03-28 07:34 - 00088064 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblAuthTokenBrokerExt.dll

2017-04-13 10:46 - 2017-03-28 07:33 - 00182272 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceDirectoryClient.dll

2017-04-13 10:46 - 2017-03-28 07:33 - 00082432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.System.UserDeviceAssociation.dll

2017-04-13 10:46 - 2017-03-28 07:31 - 00343552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.SmartCards.Phone.dll

2017-04-13 10:46 - 2017-03-28 07:31 - 00257024 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudDomainJoinDataModelServer.dll

2017-04-13 10:46 - 2017-03-28 07:31 - 00171520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.SerialCommunication.dll

2017-04-13 10:46 - 2017-03-28 07:30 - 00239104 _____ (Microsoft Corporation) C:\WINDOWS\system32\dafpos.dll

2017-04-13 10:46 - 2017-03-28 07:30 - 00049664 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBrokerUI.dll

2017-04-13 10:46 - 2017-03-28 07:29 - 00852480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Import.dll

2017-04-13 10:46 - 2017-03-28 07:29 - 00206336 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll

2017-04-13 10:46 - 2017-03-28 07:27 - 00645120 _____ (Microsoft Corporation) C:\WINDOWS\system32\qedit.dll

2017-04-13 10:46 - 2017-03-28 07:25 - 00966144 _____ (Microsoft Corporation) C:\WINDOWS\system32\sbe.dll

2017-04-13 10:46 - 2017-03-28 07:24 - 01220096 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscui.cpl

2017-04-13 10:46 - 2017-03-28 07:24 - 00410112 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll

2017-04-13 10:46 - 2017-03-28 07:23 - 00932864 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll

2017-04-13 10:46 - 2017-03-28 07:21 - 00104960 _____ (Microsoft Corporation) C:\WINDOWS\system32\CastLaunch.dll

2017-04-13 10:46 - 2017-03-28 07:20 - 00090112 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmjpegdec.dll

2017-04-13 10:46 - 2017-03-28 07:19 - 00235520 _____ (Microsoft Corporation) C:\WINDOWS\system32\flvprophandler.dll

2017-04-13 10:46 - 2017-03-28 07:18 - 00100864 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpninprc.dll

2017-04-13 10:46 - 2017-03-28 07:17 - 05114368 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll

2017-04-13 10:46 - 2017-03-28 07:16 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\system32\vss_ps.dll

2017-04-13 10:46 - 2017-03-28 07:15 - 00981504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.OnlineId.dll

2017-04-13 10:46 - 2017-03-28 07:14 - 00975872 _____ (Microsoft Corporation) C:\WINDOWS\HelpPane.exe

2017-04-13 10:46 - 2017-03-28 07:14 - 00869888 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll

2017-04-13 10:46 - 2017-03-28 07:14 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\system32\asycfilt.dll

2017-04-13 10:46 - 2017-03-28 07:10 - 01231872 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll

2017-04-13 10:46 - 2017-03-28 07:09 - 01064448 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll

2017-04-13 10:46 - 2017-03-28 07:08 - 03542016 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll

2017-04-13 10:46 - 2017-03-28 07:08 - 00180224 _____ (Microsoft Corporation) C:\WINDOWS\system32\enrollmentapi.dll

2017-04-13 10:46 - 2017-03-28 07:07 - 00908800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll

2017-04-13 10:46 - 2017-03-28 07:07 - 00701952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Connectivity.dll

2017-04-13 10:46 - 2017-03-28 07:07 - 00122368 _____ (Microsoft Corporation) C:\WINDOWS\system32\FontProvider.dll

2017-04-13 10:46 - 2017-03-28 07:05 - 01633792 _____ (Microsoft Corporation) C:\WINDOWS\system32\quartz.dll

2017-04-13 10:46 - 2017-03-18 18:50 - 00956416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll

2017-04-13 10:46 - 2017-03-18 18:35 - 02278400 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll

2017-04-13 10:46 - 2017-03-16 06:47 - 00038768 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompPkgSup.dll

2017-04-13 09:54 - 2017-05-01 16:53 - 00003916 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1603712690-2894388539-358268464-1001UA1d2b42b3d108749

2017-04-13 09:54 - 2017-05-01 16:53 - 00003648 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1603712690-2894388539-358268464-1001Core1d2b42b3ce86f9b
 

==================== Ein Monat: Geänderte Dateien und Ordner ========
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
 

2017-05-11 18:19 - 2017-03-02 16:12 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT

2017-05-11 18:19 - 2017-03-02 15:52 - 00000000 ____D C:\ProgramData\NVIDIA

2017-05-11 18:19 - 2017-03-02 15:51 - 00000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat

2017-05-11 18:19 - 2016-04-09 10:12 - 00000000 ____D C:\Users\User\AppData\Local\HTC MediaHub

2017-05-11 18:19 - 2015-03-25 23:04 - 00000000 __SHD C:\Users\User\IntelGraphicsProfiles

2017-05-11 18:18 - 2016-07-16 08:04 - 00524288 _____ C:\WINDOWS\system32\config\BBI

2017-05-11 18:18 - 2015-08-17 09:44 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox

2017-05-11 17:45 - 2016-07-16 13:45 - 00000000 ____D C:\WINDOWS\INF

2017-05-11 17:33 - 2017-03-02 16:14 - 01916568 _____ C:\WINDOWS\system32\PerfStringBackup.INI

2017-05-11 17:33 - 2016-07-17 00:51 - 00740966 _____ C:\WINDOWS\system32\perfh007.dat

2017-05-11 17:33 - 2016-07-17 00:51 - 00156436 _____ C:\WINDOWS\system32\perfc007.dat

2017-05-11 17:29 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\AppReadiness

2017-05-11 17:29 - 2015-04-12 10:39 - 00000000 __RHD C:\Users\Public\AccountPictures

2017-05-11 17:27 - 2017-03-02 15:47 - 00464600 _____ C:\WINDOWS\system32\FNTCACHE.DAT

2017-05-11 14:40 - 2016-07-16 13:47 - 00000000 ___SD C:\WINDOWS\SysWOW64\F12

2017-05-11 14:40 - 2016-07-16 13:47 - 00000000 ___SD C:\WINDOWS\system32\F12

2017-05-11 14:40 - 2016-07-16 13:47 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel

2017-05-11 14:40 - 2016-07-16 13:47 - 00000000 ___RD C:\Program Files\Windows Defender

2017-05-11 14:40 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\SystemResetPlatform

2017-05-11 14:40 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\oobe

2017-05-11 14:40 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\appraiser

2017-05-11 14:40 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\ShellExperiences

2017-05-11 14:40 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\Provisioning

2017-05-11 14:40 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\PolicyDefinitions

2017-05-11 14:40 - 2016-07-16 13:47 - 00000000 ____D C:\Program Files\Windows Photo Viewer

2017-05-11 14:40 - 2016-07-16 13:47 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer

2017-05-11 14:40 - 2016-07-16 13:47 - 00000000 ____D C:\Program Files (x86)\Windows Defender

2017-05-11 14:40 - 2016-07-16 08:04 - 00000000 ____D C:\WINDOWS\SysWOW64\Dism

2017-05-11 14:08 - 2016-03-27 14:30 - 00000000 ____D C:\Users\User\AppData\Roaming\Audacity

2017-05-11 13:51 - 2016-07-16 13:36 - 00000000 ____D C:\WINDOWS\CbsTemp

2017-05-11 13:51 - 2015-04-12 13:55 - 00000000 ____D C:\Users\User\AppData\Roaming\DVDVideoSoft

2017-05-11 13:42 - 2017-04-03 19:07 - 143754240 _____ C:\Users\User\backup.pst

2017-05-11 13:39 - 2015-03-25 23:40 - 00000000 ____D C:\WINDOWS\system32\MRT

2017-05-11 13:37 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\LiveKernelReports

2017-05-10 20:06 - 2015-03-25 23:40 - 156335152 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe

2017-05-10 19:59 - 2013-08-22 15:25 - 00000167 _____ C:\WINDOWS\win.ini

2017-05-10 19:53 - 2016-07-16 13:47 - 00000000 ___HD C:\Program Files\WindowsApps

2017-05-10 11:38 - 2017-03-02 15:48 - 00000000 ____D C:\WINDOWS\system32\SleepStudy

2017-05-10 11:38 - 2016-07-16 13:42 - 00073728 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSManMigrationPlugin.dll

2017-05-10 11:29 - 2015-03-26 05:50 - 00000000 ____D C:\Users\User\AppData\Local\Packages

2017-05-10 11:27 - 2016-02-03 11:58 - 00000000 ____D C:\Users\User\AppData\Local\CrashDumps

2017-05-07 15:41 - 2015-04-12 08:08 - 00000000 ____D C:\Users\User\AppData\Roaming\Skype

2017-05-03 13:42 - 2015-07-31 13:48 - 00000000 ____D C:\ProgramData\F-Secure

2017-05-03 13:40 - 2016-07-16 08:04 - 00032768 _____ C:\WINDOWS\system32\config\ELAM

2017-05-03 04:08 - 2015-03-25 22:56 - 00002264 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk

2017-05-02 18:12 - 2015-04-12 10:13 - 00532136 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe

2017-04-29 02:59 - 2016-07-16 13:49 - 00835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe

2017-04-29 02:59 - 2016-07-16 13:49 - 00177656 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl

2017-04-28 22:49 - 2015-07-31 18:14 - 00000000 ____D C:\Users\User\AppData\Roaming\Lavasoft

2017-04-28 22:49 - 2015-07-31 18:14 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft

2017-04-28 22:49 - 2015-07-31 18:14 - 00000000 ____D C:\ProgramData\Lavasoft

2017-04-28 22:49 - 2015-07-31 18:14 - 00000000 ____D C:\Program Files (x86)\Lavasoft

2017-04-28 22:13 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\registration

2017-04-28 21:25 - 2017-01-12 15:32 - 00000000 ____D C:\Program Files (x86)\CDBurnerXP

2017-04-28 12:03 - 2017-03-02 16:12 - 00003628 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA

2017-04-28 12:03 - 2017-03-02 16:12 - 00003504 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore

2017-04-28 03:01 - 2017-03-02 15:50 - 02717184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll

2017-04-23 17:07 - 2015-04-12 22:13 - 00000000 ____D C:\Users\User\AppData\Local\Spotify

2017-04-23 16:36 - 2015-04-12 22:12 - 00000000 ____D C:\Users\User\AppData\Roaming\Spotify

2017-04-22 12:51 - 2015-03-26 00:05 - 00000000 ____D C:\ProgramData\Oracle

2017-04-22 12:47 - 2015-04-12 20:40 - 00000000 ____D C:\Users\User\AppData\Roaming\vlc

2017-04-22 12:47 - 2015-03-25 22:57 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java

2017-04-22 12:47 - 2015-03-25 22:57 - 00000000 ____D C:\Program Files (x86)\Java

2017-04-22 12:46 - 2015-03-25 22:57 - 00097856 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll

2017-04-19 17:49 - 2017-01-12 15:32 - 00001224 _____ C:\Users\Public\Desktop\CDBurnerXP.lnk

2017-04-19 17:49 - 2017-01-12 15:32 - 00001174 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CDBurnerXP.lnk

2017-04-16 14:01 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\rescache

2017-04-15 15:13 - 2015-04-15 22:29 - 00000000 ____D C:\Program Files\Microsoft Silverlight

2017-04-15 15:13 - 2015-04-15 22:29 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight

2017-04-15 15:12 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\SysWOW64\setup

2017-04-15 15:11 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\setup

2017-04-15 15:11 - 2016-07-16 08:04 - 00000000 ____D C:\WINDOWS\system32\Dism

2017-04-15 14:52 - 2015-04-15 22:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight

2017-04-15 10:49 - 2015-09-06 12:56 - 00000000 ____D C:\Users\User\AppData\Local\ElevatedDiagnostics
 

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
 

2016-03-20 20:17 - 2016-03-20 20:17 - 0000268 ___RH () C:\Users\User\AppData\Roaming\External Build System

2016-03-20 20:18 - 2016-03-20 20:18 - 0000268 ___RH () C:\Users\User\AppData\Roaming\File Templates

2016-03-20 20:17 - 2016-03-20 20:17 - 0000268 ___RH () C:\Users\User\AppData\Roaming\Filesystems

2016-03-20 20:16 - 2016-03-20 20:16 - 0000268 ___RH () C:\Users\User\AppData\Roaming\Framework

2015-04-12 14:34 - 2015-04-12 14:34 - 0196228 _____ () C:\Users\User\AppData\Local\134785ED_stp.CIS

2015-04-12 14:34 - 2015-04-12 14:34 - 0000290 _____ () C:\Users\User\AppData\Local\134785ED_stp.CIS.part

2015-04-13 23:59 - 2015-04-13 23:59 - 0047657 _____ () C:\Users\User\AppData\Local\2B763BC1_stp.CIS

2015-04-13 23:59 - 2015-04-13 23:59 - 0000289 _____ () C:\Users\User\AppData\Local\2B763BC1_stp.CIS.part

2015-04-12 14:34 - 2015-04-12 14:34 - 0385602 _____ () C:\Users\User\AppData\Local\5D515C96_stp.CIS

2015-04-12 14:34 - 2015-04-13 23:58 - 0000220 _____ () C:\Users\User\AppData\Local\5D515C96_stp.CIS.part

2015-04-12 14:34 - 2015-04-13 23:59 - 8250214 _____ () C:\Users\User\AppData\Local\65DE37E2_stp.CIS

2015-04-12 14:34 - 2015-04-13 23:59 - 0000373 _____ () C:\Users\User\AppData\Local\65DE37E2_stp.CIS.part

2016-09-27 17:13 - 2016-09-28 09:08 - 0003584 _____ () C:\Users\User\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

2017-01-06 13:55 - 2017-01-06 13:55 - 0004096 ____H () C:\Users\User\AppData\Local\keyfile3.drm

2015-10-06 11:23 - 2015-10-07 09:24 - 29249520 _____ (Sony Mobile Communications                                  ) C:\Users\User\AppData\Local\pcc.exe

2015-09-06 15:17 - 2015-09-06 15:17 - 0000000 _____ () C:\Users\User\AppData\Local\Settings.xml

2015-08-20 17:08 - 2015-08-20 17:08 - 0000132 _____ () C:\Users\User\AppData\Local\updt.js

2016-04-28 18:22 - 2016-04-28 18:22 - 0000000 _____ () C:\Users\User\AppData\Local\{DEBB28E6-C29A-4EFF-9857-53E5B2E566EC}

2017-03-02 15:50 - 2017-03-02 15:50 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

2016-03-20 20:17 - 2016-03-20 20:17 - 0000268 ___RH () C:\ProgramData\Filters

2016-03-20 20:18 - 2016-03-20 20:18 - 0000268 ___RH () C:\ProgramData\Flags

2016-03-20 20:17 - 2016-03-20 20:17 - 0000268 ___RH () C:\ProgramData\Flange Saw

2016-03-20 20:16 - 2016-03-20 20:16 - 0000268 ___RH () C:\ProgramData\Galactic Static

2016-03-20 20:16 - 2016-03-20 20:17 - 0000020 ____H () C:\ProgramData\PKP_DLeo.DAT

2016-03-20 20:18 - 2016-03-20 20:18 - 0000020 ____H () C:\ProgramData\PKP_DLes.DAT

2016-03-20 20:17 - 2017-01-15 13:34 - 0000020 ____H () C:\ProgramData\PKP_DLet.DAT

2016-03-20 20:17 - 2016-03-20 20:17 - 0000020 ____H () C:\ProgramData\PKP_DLev.DAT
 

Dateien, die verschoben oder gelöscht werden sollten:

====================

C:\Users\User\Delphi.exe
 
 

Einige Dateien in TEMP:

====================

2017-04-22 12:43 - 2017-04-22 12:43 - 0739904 _____ (Oracle Corporation) C:\Users\User\AppData\Local\Temp\jre-8u131-windows-au.exe
 

==================== Bamital & volsnap ======================
 

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
 

C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert

C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert

C:\WINDOWS\explorer.exe => Datei ist digital signiert

C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert

C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert

C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert

C:\WINDOWS\system32\services.exe => Datei ist digital signiert

C:\WINDOWS\system32\User32.dll => Datei ist digital signiert

C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert

C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert

C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert

C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert

C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert

C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert

C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert
 

LastRegBack: 2017-05-07 16:17
 

==================== Ende von FRST.txt ============================

--- --- ---

[/CODE]

Sabimo

11.05.2017 17:32

Addition

Code:



ZusÃ¤tzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 08-05-2017

durchgefÃ¼hrt von User (11-05-2017 18:29:03)

Gestartet von C:\Users\User\Desktop

Windows 10 Home Version 1607 (X64) (2017-03-02 17:26:19)

Start-Modus: Normal

==========================================================
 
 

==================== Konten: =============================
 

Administrator (S-1-5-21-1603712690-2894388539-358268464-500 - Administrator - Disabled)

DefaultAccount (S-1-5-21-1603712690-2894388539-358268464-503 - Limited - Disabled)

Gast (S-1-5-21-1603712690-2894388539-358268464-501 - Limited - Disabled)

User (S-1-5-21-1603712690-2894388539-358268464-1001 - Administrator - Enabled) => C:\Users\User
 

==================== Sicherheits-Center ========================
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
 

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 

==================== Installierte Programme ======================
 

(Nur Adware-Programme mit dem Zusatz "Hidden" kÃ¶nnen in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
 

7-Zip 9.30 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0930-000001000000}) (Version: 9.30.00.0 - Igor Pavlov)

Acer Launch Manager (HKLM\...\{C18D55BD-1EC6-466D-B763-8EEDDDA9100E}) (Version: 8.00.8115 - Acer Incorporated)

Acer Quick Access (HKLM\...\{C1FA525F-D701-4B31-9D32-504FC0CF0B98}) (Version: 1.01.3012 - Acer Incorporated)

Ad-Aware Web Companion (x32 Version: 2.0.1025.2130 - Lavasoft) Hidden

Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 3.5.1.209 - Adobe Systems Incorporated)

Adobe Flash Player 25 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 25.0.0.127 - Adobe Systems Incorporated)

Adobe Lightroom (HKLM-x32\...\{8048A5DF-8A70-5BE1-954B-E0FDE1BD0D0D}) (Version: 6.5 - Adobe Systems Incorporated)

Adobe Reader XI (11.0.19)  MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AB0000000001}) (Version: 11.0.19 - Adobe Systems Incorporated)

Ansel (Version: 373.06 - NVIDIA Corporation) Hidden

Apple Application Support (32-Bit) (HKLM-x32\...\{05E07D23-91E9-4E70-A4CC-EF505088F967}) (Version: 5.4.1 - Apple Inc.)

Apple Application Support (64-Bit) (HKLM\...\{741291DA-2B34-4D44-8FB6-58EDE21261D8}) (Version: 5.4.1 - Apple Inc.)

Apple Mobile Device Support (HKLM\...\{DB18F1C0-846F-46F5-A074-5B97C8AF5C8E}) (Version: 10.3.1.2 - Apple Inc.)

Apple Software Update (HKLM-x32\...\{52D87F32-70E4-4348-8148-C0B9F35B1314}) (Version: 2.3.0.177 - Apple Inc.)

Audacity 2.1.2 (HKLM-x32\...\AudacityÂ®_is1) (Version: 2.1.2 - Audacity Team)

Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)

Borland Delphi 7 (HKLM-x32\...\{72263053-50D1-4598-9502-51ED64E54C51}) (Version: 7.0 - Borland Software Corporation)

Brother MFL-Pro Suite MFC-J625DW (HKLM-x32\...\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}) (Version: 1.1.6.0 - Brother Industries, Ltd.)

Brother P-touch Editor 5.1 (HKLM-x32\...\{39270390-A851-4E4B-94A9-D5C468216ED3}) (Version: 5.1.0620 - Brother Industries, Ltd.)

Bus-Simulator 2012 (HKLM-x32\...\Bus-Simulator 2012_is1) (Version:  - astragon)

CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.7.6521 - CDBurnerXP)

chip 1-click download service (HKLM-x32\...\{503CA94E-0834-4CEE-AD92-BA17AF4E809A}) (Version: 3.6.9.0 - Chip Digital GmbH)

D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden

Die Simsâ„¢ 3 (HKLM-x32\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}) (Version: 1.69.36.024017 - Electronic Arts Inc.)

Die Simsâ„¢ 3 Einfach tierisch (HKLM-x32\...\{C12631C6-804D-4B32-B0DD-8A496462F106}) (Version: 10.0.96 - Electronic Arts)

Die Simsâ„¢ 3 Jahreszeiten (HKLM-x32\...\{3DE92282-CB49-434F-81BF-94E5B380E889}) (Version: 16.0.136 - Electronic Arts)

Dolby Digital Plus Home Theater (HKLM\...\{7E3D8FA1-6092-469A-955B-68FC4A2C67CA}) (Version: 7.6.3.1 - Dolby Laboratories Inc)

Druckerdeinstallation fÃ¼r EPSON XP-332 335 Series (HKLM\...\EPSON XP-332 335 Series) (Version:  - Seiko Epson Corporation)

Fotogalerie (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden

Free Studio version 6.5.5.915 (HKLM-x32\...\Free Studio_is1) (Version: 6.5.5.915 - DVDVideoSoft Ltd.)

Google Chrome (HKLM-x32\...\{139D85BF-546D-3684-969A-98E5F5DE9801}) (Version: 58.0.3029.96 - Google, Inc.)

Google Talk Plugin (HKLM-x32\...\{F9B579C2-D854-300A-BE62-A09EB9D722E4}) (Version: 5.41.3.0 - Google)

Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden

Google Update Helper (x32 Version: 1.3.33.5 - Google Inc.) Hidden

HTC Driver Installer (HKLM-x32\...\{4CEEE5D0-F905-4688-B9F9-ECC710507796}) (Version: 4.17.0.001 - HTC Corporation)

HTC Sync Manager (HKLM-x32\...\{231D0C79-98A6-4693-A366-36DE7D7346EC}) (Version: 3.1.69.5 - HTC)

Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.0.1156 - Intel Corporation)

Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4549 - Intel Corporation)

Intel(R) Serial IO (HKLM\...\{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}) (Version: 1.1.165.0 - Intel Corporation)

Intel(R) Wireless Bluetooth(R) (HKLM-x32\...\{F352BFBE-5960-48EC-B189-7F744B2991F3}) (Version: 17.1.1527.1534 - Intel Corporation)

IntelÂ® Chipsatz-GerÃ¤tesoftware (x32 Version: 10.0.20 - Intel(R) Corporation) Hidden

IntelÂ® PROSet/Wireless Software (HKLM-x32\...\{47ce36dd-beb9-46b5-b71f-bb2c17c39305}) (Version: 18.11.1 - Intel Corporation)

IntelÂ® Security Assist (HKLM-x32\...\{4B230374-6475-4A73-BA6E-41015E9C5013}) (Version: 1.0.0.532 - Intel Corporation)

IPTInstaller (HKLM-x32\...\{08208143-777D-4A06-BB54-71BF0AD1BB70}) (Version: 4.0.9 - HTC)

iTunes (HKLM\...\{6C01A0A7-7440-4D48-93C6-2927A1E93FE6}) (Version: 12.6.0.100 - Apple Inc.)

Java 8 Update 131 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180131F0}) (Version: 8.0.1310.11 - Oracle Corporation)

LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version:  - )

LavasoftTcpService (x32 Version: 2.3.4.7 - Lavasoft) Hidden

LightZone 4.1.5 (HKLM-x32\...\3263-1164-2624-0047) (Version: 4.1.5 - LightZone Project)

Logitech Gaming Software 5.04 (HKLM\...\{8753DF4D-64B0-474E-9A97-0AB5585D9A53}) (Version: 5.04.110 - Logitech)

Malwarebytes Version 3.1.2.1733 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.1.2.1733 - Malwarebytes)

Media Go (HKLM-x32\...\{65256C0D-3FE7-4D2E-BB3E-53F1175481C8}) (Version: 3.0.403 - Sony)

Media Go Network Downloader (HKLM-x32\...\{C52148B9-19E0-433A-9422-3451B1BEE20F}) (Version: 1.6.01.0 - Sony)

Media Go Video Playback Engine 2.20.106.05220 (HKLM-x32\...\{ECAE7E40-24A6-9E8E-EA93-90D080C878B3}) (Version: 2.20.106.05220 - Sony)

Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)

Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)

Microsoft Office Live Add-in 1.5 (HKLM-x32\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)

Microsoft Office Professional Plus 2016 (HKLM\...\Office16.PROPLUS) (Version: 16.0.4266.1001 - Microsoft Corporation)

Microsoft OneDrive (HKU\S-1-5-21-1603712690-2894388539-358268464-1001\...\OneDriveSetup.exe) (Version: 17.3.6743.1212 - Microsoft Corporation)

Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50906.0 - Microsoft Corporation)

Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)

Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)

Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)

Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)

Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)

Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)

Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)

Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)

Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)

Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden

Mp3tag v2.71 (HKLM-x32\...\Mp3tag) (Version: v2.71 - Florian Heidenreich)

Nikon Message Center 2 (HKLM-x32\...\{B014EE44-9197-4513-9613-71E6EB1B514E}) (Version: 2.1.0 - Nikon)

Nikon Movie Editor (HKLM-x32\...\{5CAD3393-EEC0-44CE-9F93-BCAA365B77FB}) (Version: 2.8.0 - Nikon)

NVIDIA Grafiktreiber 376.54 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 376.54 - NVIDIA Corporation)

NVIDIA PhysX-Systemsoftware 9.16.0318 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.16.0318 - NVIDIA Corporation)

OpenOffice 4.1.1 (HKLM-x32\...\{ACD0FFF9-6B35-43C1-82DB-9FF6990E8602}) (Version: 4.11.9775 - Apache Software Foundation)

Origin (HKLM-x32\...\Origin) (Version: 10.4.2.12697 - Electronic Arts, Inc.)

Outils de vÃ©rification linguistique 2016 de Microsoft OfficeÂ*- FranÃ§ais (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden

PhotoScape (HKLM-x32\...\PhotoScape) (Version:  - )

Picture Control Utility x64 (HKLM\...\{11953C65-BB4E-4CA4-B0F0-2600A4B20040}) (Version: 1.4.15 - Nikon)

Pixum Fotowelt (HKLM-x32\...\Pixum Fotowelt) (Version: 6.1.2 - CEWE Stiftung u Co. KGaA)

Qualcomm Atheros 61x4 Wireless LAN&Bluetooth Installer (HKLM-x32\...\{3241744A-BA36-41F0-B4AA-EF3946D00632}) (Version: 11.0.0.0769 - Qualcomm Atheros)

Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 10.0.1.0 - Qualcomm Atheros)

Qualcomm Atheros WLAN and Bluetooth Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 12.65 - Qualcomm Atheros)

Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.10586.31225 - Realtek Semiconduct Corp.)

Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.32.508.2014 - Realtek)

Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7564 - Realtek Semiconductor Corp.)

RollerCoaster Tycoon 3 (HKLM-x32\...\RollerCoaster Tycoon 3_is1) (Version:  - Atari)

Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.55.0 - Samsung Electronics Co., Ltd.)

SHIELD Streaming (Version: 7.1.0280 - NVIDIA Corporation) Hidden

SHIELD Wireless Controller Driver (Version: 2.11.4.1 - NVIDIA Corporation) Hidden

Skypeâ„¢ 7.33 (HKLM-x32\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.33.105 - Skype Technologies S.A.)

Smart Switch (HKLM-x32\...\InstallShield_{74FA5314-85C8-4E2A-907D-D9ECCCB770A7}) (Version: 4.0.15093.11 - Samsung Electronics Co., Ltd.)

Smart Switch (x32 Version: 4.0.15093.11 - Samsung Electronics Co., Ltd.) Hidden

Sony Mobile Update Engine (HKLM-x32\...\Update Engine) (Version: 2.16.12.201608221014 - Sony Mobile Communications Inc.)

Sony PC Companion 2.10.303 (HKLM-x32\...\{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}) (Version: 2.10.303 - Sony)

Spotify (HKU\S-1-5-21-1603712690-2894388539-358268464-1001\...\Spotify) (Version: 1.0.51.693.g6ea1e7f6 - Spotify AB)

Strumenti di correzione di Microsoft Office 2016 - Italiano (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden

TeamViewer 11 (HKLM-x32\...\TeamViewer) (Version: 11.0.53254 - TeamViewer)

Telekom Internet Manager (HKLM-x32\...\Telekom Internet Manager) (Version: 11.301.05.05.748 - Huawei Technologies Co.,Ltd)

Unlocker 1.9.2 (HKLM\...\Unlocker) (Version: 1.9.2 - Cedrick Collomb)

ViewNX 2 (HKLM\...\{635BE602-BB9C-4C59-8CC5-93F9366E8A21}) (Version: 2.8.2 - Nikon)

Vulkan Run Time Libraries 1.0.26.0 (HKLM\...\VulkanRT1.0.26.0) (Version: 1.0.26.0 - LunarG, Inc.)

Web Companion (HKLM-x32\...\{88B10E3E-8911-4FAC-8663-CCF6E33C58B3}_WebCompanion) (Version: 2.0.1025.2130 - Lavasoft)

Windows 10-Upgrade-Assistent (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.17364 - Microsoft Corporation)

Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)

Wondershare Dr.Fone for Android(Build 6.0.2.20) (HKLM-x32\...\{1DB91A95-C548-4BA5-9D4C-18C7DEAAC39F}_is1) (Version: 6.0.2.20 - Wondershare Software Co.,Ltd.)

Xperia Companion (HKLM-x32\...\{efee6944-1231-492a-a157-93409130a098}) (Version: 1.4.7.0 - Sony)

Xperia Companion (x32 Version: 1.4.7.0 - Sony) Hidden

Xperia Companion Service (Version: 1.4.7.0 - Sony) Hidden
 

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
 

CustomCLSID: HKU\S-1-5-21-1603712690-2894388539-358268464-1001_Classes\CLSID\{087B3AE3-E237-4467-B8DB-5A38AB959AC9}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\shlxthdl_x64.dll (Apache Software Foundation)

CustomCLSID: HKU\S-1-5-21-1603712690-2894388539-358268464-1001_Classes\CLSID\{144DF3B2-2402-47AE-9583-5A045929A8D4}\InprocServer32 -> C:\Users\User\AppData\Local\Google\Update\1.3.33.5\psuser_64.dll (Google Inc.)

CustomCLSID: HKU\S-1-5-21-1603712690-2894388539-358268464-1001_Classes\CLSID\{3B092F0C-7696-40E3-A80F-68D74DA84210}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\shlxthdl_x64.dll (Apache Software Foundation)

CustomCLSID: HKU\S-1-5-21-1603712690-2894388539-358268464-1001_Classes\CLSID\{63542C48-9552-494A-84F7-73AA6A7C99C1}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\shlxthdl_x64.dll (Apache Software Foundation)

CustomCLSID: HKU\S-1-5-21-1603712690-2894388539-358268464-1001_Classes\CLSID\{7BC0E710-5703-45BE-A29D-5D46D8B39262}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\ooofilt_x64.dll (Apache Software Foundation)

CustomCLSID: HKU\S-1-5-21-1603712690-2894388539-358268464-1001_Classes\CLSID\{8C46158B-D978-483C-A312-16EE5013BE04}\InprocServer32 -> C:\Users\User\AppData\Local\Google\Update\1.3.33.3\psuser_64.dll => Keine Datei

CustomCLSID: HKU\S-1-5-21-1603712690-2894388539-358268464-1001_Classes\CLSID\{AE424E85-F6DF-4910-A6A9-438797986431}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\propertyhdl_x64.dll (Apache Software Foundation)

CustomCLSID: HKU\S-1-5-21-1603712690-2894388539-358268464-1001_Classes\CLSID\{C52AF81D-F7A0-4AAB-8E87-F80A60CCD396}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\shlxthdl_x64.dll (Apache Software Foundation)

CustomCLSID: HKU\S-1-5-21-1603712690-2894388539-358268464-1001_Classes\CLSID\{CB492AF1-2CEF-4E58-BE47-471C77D0C8BA}\InprocServer32 -> C:\Users\User\AppData\Local\Google\Update\1.3.32.7\psuser_64.dll => Keine Datei

CustomCLSID: HKU\S-1-5-21-1603712690-2894388539-358268464-1001_Classes\CLSID\{CC182BE1-84CE-4A57-B85C-FD4BBDF78CB2}\InprocServer32 -> C:\Users\User\AppData\Local\Google\Update\1.3.29.1\psuser_64.dll => Keine Datei

CustomCLSID: HKU\S-1-5-21-1603712690-2894388539-358268464-1001_Classes\CLSID\{D1EDC4F5-7F4D-4B12-906A-614ECF66DDAF}\InprocServer32 -> C:\Users\User\AppData\Local\Google\Update\1.3.28.15\psuser_64.dll => Keine Datei

CustomCLSID: HKU\S-1-5-21-1603712690-2894388539-358268464-1001_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)

CustomCLSID: HKU\S-1-5-21-1603712690-2894388539-358268464-1001_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\User\AppData\Local\Google\Update\1.3.33.5\psuser_64.dll (Google Inc.)
 

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
 

Task: {023DD6B5-9DB0-4DA0-BE44-8CEBF15ED996} - \WPD\SqmUpload_S-1-5-21-1603712690-2894388539-358268464-1001 -> Keine Datei <==== ACHTUNG

Task: {05150D9E-6BE7-42C9-8DE3-A8B2D858CDB1} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [2015-07-31] (Microsoft Corporation)

Task: {122D71EB-97AC-421A-8FEC-F3FE02E7261E} - System32\Tasks\Launch Manager => C:\Program Files\Acer\Acer Launch Manager\LMLauncher.exe [2014-12-30] (Acer Incorporate)

Task: {1771C8F9-263E-4DF4-A935-523002B65486} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2017-02-14] (Apple Inc.)

Task: {21FBF08F-72CC-4A41-92F5-C68598D7BBAD} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\Program Files\Windows Defender\\MpCmdRun.exe [2017-04-28] (Microsoft Corporation)

Task: {263735D0-E937-4C59-B1EA-258D746FD065} - System32\Tasks\{00FFBDCF-F55B-471E-9E26-55DC17B99BCE} => pcalua.exe -a "C:\Program Files (x86)\Browsing Secure\BrowsingSecure\1.4.0.7\secureup.exe" -c /uninstl

Task: {3BCCAEE4-2072-4314-8EBF-5A276515C20A} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-01] (Google Inc.)

Task: {42172A6E-D874-49EA-89EE-EA4BC43FE44A} - System32\Tasks\EPSON XP-332 335 Series Update {3C294C30-5BFA-4052-A098-4F2949DA4796} => C:\Windows\system32\spool\DRIVERS\x64\3\E_YTSPEE.EXE [2013-11-22] (SEIKO EPSON CORPORATION)

Task: {4C60FE33-F73A-488F-9FCD-23EF8BCA0BAA} - System32\Tasks\Quick Access => C:\Program Files\Acer\Acer Quick Access\QALauncher.exe [2014-03-21] (Acer Incorporate)

Task: {57FAD439-3F62-4A01-92B8-087D5FC77BA2} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1603712690-2894388539-358268464-1001UA1d2b42b3d108749 => C:\Users\User\AppData\Local\Google\Update\GoogleUpdate.exe [2017-02-16] (Google Inc.)

Task: {5852031E-346D-441F-8A07-C388CCE4C9F9} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\Program Files\Windows Defender\\MpCmdRun.exe [2017-04-28] (Microsoft Corporation)

Task: {6CEA1093-D0D0-484B-ADF3-129ED8658BBD} - System32\Tasks\{B5948241-8367-4E45-BD45-57FF933A1216} => pcalua.exe -a "C:\Program Files (x86)\astragon\Bus-Simulator 2012\Bin_Basic_Win32\BusSimulator2012.exe" -d "C:\Program Files (x86)\astragon\Bus-Simulator 2012\Bin_Basic_Win32"

Task: {87D1B6B1-9F98-4A00-BA6B-649237F6B06C} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-01] (Google Inc.)

Task: {87E3433B-9E1B-424C-B5A6-CB33E4E9F3A8} - System32\Tasks\DolbySelectorTask => C:\Program Files\Dolby Digital Plus\ddp.exe [2014-04-07] (Dolby Laboratories Inc.)

Task: {90B2A268-7DBD-4FEF-9EF5-D1D37ECF7220} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1603712690-2894388539-358268464-1001Core1d2b42b3ce86f9b => C:\Users\User\AppData\Local\Google\Update\GoogleUpdate.exe [2017-02-16] (Google Inc.)

Task: {97F87762-6F15-4688-9B4A-F32F5467C16D} - System32\Tasks\{8D23FEC7-C2E2-4CCB-BA01-0435C9214EDA} => pcalua.exe -a "C:\Program Files (x86)\Atari\RollerCoaster Tycoon 3\RCT3plus.exe" -d "C:\Program Files (x86)\Atari\RollerCoaster Tycoon 3"

Task: {C4ED4FE5-ED89-4319-9CB5-2399C546AB8B} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\Program Files\Windows Defender\\MpCmdRun.exe [2017-04-28] (Microsoft Corporation)

Task: {CA4D814C-0386-4B56-AB0D-DB8AACB4075C} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1603712690-2894388539-358268464-1001Core => C:\Users\User\AppData\Local\Google\Update\GoogleUpdate.exe [2017-02-16] (Google Inc.)

Task: {CF413B71-BACA-4AE3-92C9-D8615F4E281C} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2015-07-31] (Microsoft Corporation)

Task: {D24E5803-25AA-487C-BE06-8FB04B227D20} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [2015-07-31] (Microsoft Corporation)

Task: {D46E9D95-1366-4E60-9E0C-B39553168F8E} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-12-19] (Adobe Systems Incorporated)

Task: {DA3ED314-99DB-4F80-9756-E5A1E992C500} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1603712690-2894388539-358268464-1001UA => C:\Users\User\AppData\Local\Google\Update\GoogleUpdate.exe [2017-02-16] (Google Inc.)

Task: {E45A8323-D967-4223-98BA-20CBE3B9D54F} - System32\Tasks\Quick Access Quick Launcher => C:\Program Files\Acer\Acer Quick Access\QALauncher.exe [2014-03-21] (Acer Incorporate)

Task: {FBE9B889-861C-4EC5-A5DC-DA647A851480} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\Program Files\Windows Defender\\MpCmdRun.exe [2017-04-28] (Microsoft Corporation)
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
 

Task: C:\WINDOWS\Tasks\EPSON XP-332 335 Series Update {3C294C30-5BFA-4052-A098-4F2949DA4796}.job => C:\Windows\system32\spool\DRIVERS\x64\3\E_YTSPEE.EXE :/EXE:{3C294C30-5BFA-4052-A098-4F2949DA4796} /F:Update  WORKGROUP\ACER$ ÄŠSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi
 

==================== VerknÃ¼pfungen =============================
 

(Die EintrÃ¤ge kÃ¶nnen gelistet werden, um sie zurÃ¼ckzusetzen oder zu entfernen.)
 

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
 

2016-07-16 13:42 - 2016-07-16 13:42 - 00231424 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll

2017-05-10 19:49 - 2017-04-28 02:49 - 02681200 _____ () C:\WINDOWS\system32\CoreUIComponents.dll

2016-09-01 18:12 - 2016-09-01 18:12 - 00092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll

2017-03-16 16:08 - 2017-03-16 16:08 - 01354040 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll

2015-05-19 10:11 - 2015-05-19 10:11 - 00007680 _____ () C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe

2010-08-19 10:52 - 2010-08-19 10:52 - 00229376 _____ () C:\ProgramData\DatacardService\DCService.exe

2016-03-01 17:18 - 2016-06-15 03:14 - 00369208 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\MessageBus.dll

2016-01-14 17:42 - 2016-06-15 03:14 - 00289848 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamBase.dll

2016-05-03 09:33 - 2016-06-15 03:14 - 01148984 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\libprotobuf.dll

2016-03-01 17:18 - 2016-06-15 03:14 - 03613240 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Poco.dll

2013-10-17 15:27 - 2013-10-17 15:27 - 00166912 _____ () C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe

2016-05-10 15:26 - 2005-04-22 06:36 - 00143360 _____ () C:\WINDOWS\system32\BrSNMP64.dll

2017-05-11 18:07 - 2017-05-09 16:38 - 02270672 _____ () C:\USERS\USER\DESKTOP\ANTI-MALWARE\MwacLib.dll

2017-03-02 15:52 - 2016-12-29 15:16 - 00134712 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll

2016-05-03 09:33 - 2016-06-15 03:14 - 02667576 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\NvMdnsPlugin.dll

2016-05-03 09:33 - 2016-06-15 03:14 - 01990200 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\NvPortForwardPlugin.dll

2016-05-03 09:33 - 2016-06-15 03:14 - 01842232 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\RtspPlugin.dll

2016-01-14 17:42 - 2016-06-15 03:14 - 00208952 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\RtspServer.dll

2016-05-03 09:33 - 2016-06-15 03:14 - 00035896 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\boost_system-vc120-mt-1_58.dll

2016-05-03 09:33 - 2016-06-15 03:14 - 00921656 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\boost_regex-vc120-mt-1_58.dll

2017-05-10 19:49 - 2017-04-28 02:49 - 02681200 _____ () C:\WINDOWS\SYSTEM32\CoreUIComponents.dll

2016-01-22 13:55 - 2016-01-22 13:55 - 00553136 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll

2015-09-30 21:39 - 2016-12-19 08:16 - 00401880 _____ () C:\WINDOWS\system32\igfxTray.exe

2016-03-09 12:58 - 2016-03-09 12:58 - 00821240 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\HTC Sync\adb.exe

2017-03-02 15:36 - 2017-03-02 15:36 - 00134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll

2017-03-16 18:22 - 2017-03-04 08:31 - 00474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll

2017-03-16 18:23 - 2017-03-04 08:12 - 09760768 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll

2017-03-16 18:23 - 2017-03-04 08:05 - 01401856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll

2017-03-16 18:23 - 2017-03-04 08:05 - 00757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll

2017-05-10 19:48 - 2017-04-28 01:36 - 01033216 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Actions.dll

2017-05-10 19:48 - 2017-04-28 01:36 - 02424320 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll

2017-05-10 19:48 - 2017-04-28 01:37 - 04853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll

2017-02-19 20:07 - 2015-02-09 12:18 - 00124440 _____ () C:\Program Files\Realtek\Audio\HDA\FMAPP.exe

2017-03-16 18:23 - 2017-03-04 08:04 - 00115712 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\DeviceSideServicesActionUriHandler.dll

2017-03-16 18:23 - 2017-03-04 08:04 - 00522752 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.NodeWinrtWrap.dll

2017-05-03 04:08 - 2017-05-02 03:03 - 03767640 _____ () C:\Program Files (x86)\Google\Chrome\Application\58.0.3029.96\libglesv2.dll

2017-05-03 04:08 - 2017-05-02 03:03 - 00100696 _____ () C:\Program Files (x86)\Google\Chrome\Application\58.0.3029.96\libegl.dll

2016-03-09 12:58 - 2016-03-09 12:58 - 00030720 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\DbAccess.dll

2016-03-09 12:58 - 2016-03-09 12:58 - 00607016 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\sqlite3.dll

2016-03-09 12:58 - 2016-03-09 12:58 - 00059392 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\NAdvLog.dll

2016-03-09 12:58 - 2016-03-09 12:58 - 00035864 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\NFileCacheDBAccess.dll

2016-03-09 12:58 - 2016-03-09 12:58 - 00079888 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\ninstallerhelper.dll

2016-03-09 12:59 - 2016-03-09 12:59 - 00129016 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\zlib1.dll

2016-03-09 13:00 - 2016-03-09 13:00 - 00223240 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\DevConnMon.dll

2016-10-09 12:11 - 2017-01-31 12:48 - 02493440 _____ () C:\Program Files (x86)\Origin\libGLESv2.dll

2015-05-18 13:36 - 2016-06-15 03:14 - 00020536 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll

2015-07-06 21:36 - 2015-07-06 21:36 - 01243936 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
 

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
 
 

==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
 

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
 

==================== VerknÃ¼pfungen (Nicht auf der Ausnahmeliste) ===============
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurÃ¼ckgesetzt oder entfernt.)
 
 

==================== Internet Explorer VertrauenswÃ¼rdig/EingeschrÃ¤nkt ===============
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
 

IE trusted site: HKU\S-1-5-21-1603712690-2894388539-358268464-1001\...\localhost -> localhost
 

==================== Hosts Inhalt: ===============================
 

(Wenn benÃ¶tigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurÃ¼ckzusetzen.)
 

2015-09-16 17:13 - 2015-09-16 17:11 - 00000840 _____ C:\WINDOWS\system32\Drivers\etc\hosts
 
 

==================== Andere Bereiche ============================
 

(Aktuell gibt es keinen automatisierten Fix fÃ¼r diesen Bereich.)
 

HKU\S-1-5-21-1603712690-2894388539-358268464-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\User\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper

DNS Servers: 192.168.178.1

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)

Windows Firewall ist aktiviert.
 

==================== MSCONFIG/TASK MANAGER Deaktivierte EintrÃ¤ge ==
 

HKLM\...\StartupApproved\Run: => "NvBackend"

HKLM\...\StartupApproved\Run: => "Logitech Download Assistant"

HKLM\...\StartupApproved\Run: => "ShadowPlay"

HKLM\...\StartupApproved\Run: => "iTunesHelper"

HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"

HKLM\...\StartupApproved\Run: => "Start WingMan Profiler"

HKLM\...\StartupApproved\Run32: => "ControlCenter4"

HKLM\...\StartupApproved\Run32: => "BrStsMon00"

HKLM\...\StartupApproved\Run32: => "KiesTrayAgent"

HKLM\...\StartupApproved\Run32: => "Adobe Creative Cloud"

HKLM\...\StartupApproved\Run32: => "Nikon Message Center 2"

HKU\S-1-5-21-1603712690-2894388539-358268464-1001\...\StartupApproved\Run: => "Skype"

HKU\S-1-5-21-1603712690-2894388539-358268464-1001\...\StartupApproved\Run: => "Spotify"

HKU\S-1-5-21-1603712690-2894388539-358268464-1001\...\StartupApproved\Run: => "Spotify Web Helper"

HKU\S-1-5-21-1603712690-2894388539-358268464-1001\...\StartupApproved\Run: => "HW_OPENEYE_OUC_Telekom Internet Manager"

HKU\S-1-5-21-1603712690-2894388539-358268464-1001\...\StartupApproved\Run: => "Google Update"

HKU\S-1-5-21-1603712690-2894388539-358268464-1001\...\StartupApproved\Run: => "MusicManager"

HKU\S-1-5-21-1603712690-2894388539-358268464-1001\...\StartupApproved\Run: => "Sony PC Companion"

HKU\S-1-5-21-1603712690-2894388539-358268464-1001\...\StartupApproved\Run: => "XperiaCompanionAgent"

HKU\S-1-5-21-1603712690-2894388539-358268464-1001\...\StartupApproved\Run: => "EPLTarget\P0000000000000000"

HKU\S-1-5-21-1603712690-2894388539-358268464-1001\...\StartupApproved\Run: => "EPLTarget\P0000000000000001"

HKU\S-1-5-21-1603712690-2894388539-358268464-1001\...\StartupApproved\Run: => "OneDrive"
 

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
 

FirewallRules: [TCP Query User{8908B21F-843E-414E-B495-18E063E07586}C:\program files (x86)\google\chrome\application\chrome.exe] => (Block) C:\program files (x86)\google\chrome\application\chrome.exe

FirewallRules: [UDP Query User{0D9D9E61-92FC-45BB-AA15-53373CA52F2C}C:\program files (x86)\google\chrome\application\chrome.exe] => (Block) C:\program files (x86)\google\chrome\application\chrome.exe
 

==================== Wiederherstellungspunkte =========================
 

03-05-2017 13:41:26 Removed WISO  Internet Security

03-05-2017 13:54:56 JRT Pre-Junkware Removal

07-05-2017 15:07:28 Windows Update

10-05-2017 19:52:47 Windows Update

10-05-2017 19:54:46 Windows Update
 

==================== Fehlerhafte GerÃ¤te im GerÃ¤temanager =============
 
 

==================== FehlereintrÃ¤ge in der Ereignisanzeige: =========================
 

Applikationsfehler:

==================

Error: (05/11/2017 06:12:49 PM) (Source: SideBySide) (EventID: 78) (User: )

Description: Fehler beim Generieren des Aktivierungskontexts fÃ¼r "c:\program files (x86)\adobe\adobe creative cloud\utils\Creative Cloud Uninstaller.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .

Eine fÃ¼r die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.

In Konflikt stehende Komponenten:.

Komponente 1: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.953_none_89c2555adb023171.manifest.

Komponente 2: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.953_none_42151e83c686086b.manifest.
 

Error: (05/11/2017 01:46:04 PM) (Source: Application Error) (EventID: 1000) (User: )

Description: Name der fehlerhaften Anwendung: NvStreamUserAgent.exe, Version: 7.1.2084.9592, Zeitstempel: 0x57605c64

Name des fehlerhaften Moduls: ntdll.dll, Version: 10.0.14393.479, Zeitstempel: 0x5825887f

Ausnahmecode: 0xc0000005

Fehleroffset: 0x0000000000030bdd

ID des fehlerhaften Prozesses: 0x1f44

Startzeit der fehlerhaften Anwendung: 0x01d2ca4c2afdc4c3

Pfad der fehlerhaften Anwendung: C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe

Pfad des fehlerhaften Moduls: C:\WINDOWS\SYSTEM32\ntdll.dll

Berichtskennung: 37169383-18a9-468d-b426-5bee5936be5f

VollstÃ¤ndiger Name des fehlerhaften Pakets: 

Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
 

Error: (05/11/2017 01:45:27 PM) (Source: Windows Search Service) (EventID: 3104) (User: )

Description: Fehler beim AufzÃ¤hlen von Benutzersitzungen zum Generieren von Filterpools.
 

Details:

        (HRESULT : 0x80040210) (0x80040210)
 

Error: (05/11/2017 01:45:25 PM) (Source: Bonjour Service) (EventID: 100) (User: )

Description: Task Scheduling Error: m->NextScheduledSPRetry 15703
 

Error: (05/11/2017 01:45:25 PM) (Source: Bonjour Service) (EventID: 100) (User: )

Description: Task Scheduling Error: m->NextScheduledEvent 15703
 

Error: (05/11/2017 01:42:57 PM) (Source: Bonjour Service) (EventID: 100) (User: )

Description: Task Scheduling Error: Continuously busy for more than a second
 

Error: (05/11/2017 01:37:19 PM) (Source: Application Error) (EventID: 1000) (User: )

Description: Name der fehlerhaften Anwendung: NvStreamUserAgent.exe, Version: 7.1.2084.9592, Zeitstempel: 0x57605c64

Name des fehlerhaften Moduls: ntdll.dll, Version: 10.0.14393.479, Zeitstempel: 0x5825887f

Ausnahmecode: 0xc0000005

Fehleroffset: 0x0000000000030bdd

ID des fehlerhaften Prozesses: 0x76c

Startzeit der fehlerhaften Anwendung: 0x01d2ca4af27dd1a4

Pfad der fehlerhaften Anwendung: C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe

Pfad des fehlerhaften Moduls: C:\WINDOWS\SYSTEM32\ntdll.dll

Berichtskennung: f2616012-fed7-440f-b635-7c450268e928

VollstÃ¤ndiger Name des fehlerhaften Pakets: 

Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
 

Error: (05/11/2017 01:37:02 PM) (Source: Application Error) (EventID: 1000) (User: )

Description: Name der fehlerhaften Anwendung: NvStreamUserAgent.exe, Version: 7.1.2084.9592, Zeitstempel: 0x57605c64

Name des fehlerhaften Moduls: ntdll.dll, Version: 10.0.14393.479, Zeitstempel: 0x5825887f

Ausnahmecode: 0xc0000005

Fehleroffset: 0x0000000000030bdd

ID des fehlerhaften Prozesses: 0x3118

Startzeit der fehlerhaften Anwendung: 0x01d2ca4ae853b640

Pfad der fehlerhaften Anwendung: C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe

Pfad des fehlerhaften Moduls: C:\WINDOWS\SYSTEM32\ntdll.dll

Berichtskennung: d36de166-b861-4ce1-a76d-13e26c6553c4

VollstÃ¤ndiger Name des fehlerhaften Pakets: 

Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
 

Error: (05/11/2017 01:36:50 PM) (Source: Application Error) (EventID: 1000) (User: )

Description: Name der fehlerhaften Anwendung: NvStreamUserAgent.exe, Version: 7.1.2084.9592, Zeitstempel: 0x57605c64

Name des fehlerhaften Moduls: ntdll.dll, Version: 10.0.14393.479, Zeitstempel: 0x5825887f

Ausnahmecode: 0xc0000005

Fehleroffset: 0x0000000000030bdd

ID des fehlerhaften Prozesses: 0x1fe0

Startzeit der fehlerhaften Anwendung: 0x01d2ca4ae05f40fb

Pfad der fehlerhaften Anwendung: C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe

Pfad des fehlerhaften Moduls: C:\WINDOWS\SYSTEM32\ntdll.dll

Berichtskennung: 0fd849d9-9102-450d-bbab-4a3fe0a7ed5c

VollstÃ¤ndiger Name des fehlerhaften Pakets: 

Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
 

Error: (05/10/2017 07:55:09 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )

Description: Fehler beim Kryptografiedienst wÃ¤hrend der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".
 

Details:

AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.
 

System Error:

Zugriff verweigert

.
 
 

Systemfehler:

=============

Error: (05/11/2017 06:19:27 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÃ„T)

Description: Durch die Berechtigungseinstellungen fÃ¼r "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÃ„T\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" fÃ¼r die COM-Serveranwendung mit der CLSID 

{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}

 und der APPID 

{F72671A9-012C-4725-9D2F-2A4D32D65169}

 im Anwendungscontainer "Nicht verfÃ¼gbar" (SID: Nicht verfÃ¼gbar) gewÃ¤hrt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool fÃ¼r Komponentendienste geÃ¤ndert werden.
 

Error: (05/11/2017 06:19:09 PM) (Source: Service Control Manager) (EventID: 7016) (User: )

Description: Der Dienst "chip 1-click download service" hat einen ungÃ¼ltigen aktuellen Status gemeldet: 0
 

Error: (05/11/2017 06:19:09 PM) (Source: Service Control Manager) (EventID: 7016) (User: )

Description: Der Dienst "chip 1-click download service" hat einen ungÃ¼ltigen aktuellen Status gemeldet: 0
 

Error: (05/11/2017 06:18:49 PM) (Source: Application Popup) (EventID: 875) (User: )

Description: BMLoad.sys
 

Error: (05/11/2017 06:18:18 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÃ„T)

Description: Durch die Berechtigungseinstellungen fÃ¼r "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÃ„T\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" fÃ¼r die COM-Serveranwendung mit der CLSID 

{D63B10C5-BB46-4990-A94F-E40B9D520160}

 und der APPID 

{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}

 im Anwendungscontainer "Nicht verfÃ¼gbar" (SID: Nicht verfÃ¼gbar) gewÃ¤hrt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool fÃ¼r Komponentendienste geÃ¤ndert werden.
 

Error: (05/11/2017 05:56:57 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÃ„T)

Description: Durch die Berechtigungseinstellungen fÃ¼r "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÃ„T\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" fÃ¼r die COM-Serveranwendung mit der CLSID 

{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}

 und der APPID 

{F72671A9-012C-4725-9D2F-2A4D32D65169}

 im Anwendungscontainer "Nicht verfÃ¼gbar" (SID: Nicht verfÃ¼gbar) gewÃ¤hrt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool fÃ¼r Komponentendienste geÃ¤ndert werden.
 

Error: (05/11/2017 05:44:42 PM) (Source: Service Control Manager) (EventID: 7016) (User: )

Description: Der Dienst "chip1click" hat einen ungÃ¼ltigen aktuellen Status gemeldet: 0
 

Error: (05/11/2017 05:44:41 PM) (Source: Service Control Manager) (EventID: 7016) (User: )

Description: Der Dienst "chip1click" hat einen ungÃ¼ltigen aktuellen Status gemeldet: 0
 

Error: (05/11/2017 05:44:23 PM) (Source: Application Popup) (EventID: 875) (User: )

Description: BMLoad.sys
 

Error: (05/11/2017 05:44:07 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÃ„T)

Description: Durch die Berechtigungseinstellungen fÃ¼r "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÃ„T\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" fÃ¼r die COM-Serveranwendung mit der CLSID 

{D63B10C5-BB46-4990-A94F-E40B9D520160}

 und der APPID 

{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}

 im Anwendungscontainer "Nicht verfÃ¼gbar" (SID: Nicht verfÃ¼gbar) gewÃ¤hrt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool fÃ¼r Komponentendienste geÃ¤ndert werden.
 
 

CodeIntegrity:

===================================

  Date: 2017-05-02 22:32:44.577

  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\DriverStore\FileRepository\nvacwu.inf_amd64_31f4ef4821269ebb\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 

  Date: 2017-05-02 22:32:44.446

  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Common Files\microsoft shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
 
 

==================== Speicherinformationen =========================== 
 

Prozessor: Intel(R) Core(TM) i5-4210U CPU @ 1.70GHz

Prozentuale Nutzung des RAM: 33%

Installierter physikalischer RAM: 8115.27 MB

Verfügbarer physikalischer RAM: 5385.52 MB

Summe virtueller Speicher: 9395.27 MB

Verfügbarer virtueller Speicher: 6613.27 MB
 

==================== Laufwerke ================================
 

Drive c: () (Fixed) (Total:269.49 GB) (Free:155.22 GB) NTFS

Drive d: () (Fixed) (Total:195.31 GB) (Free:19.06 GB) NTFS
 

==================== MBR & Partitionstabelle ==================
 

========================================================

Disk: 0 (Size: 465.8 GB) (Disk ID: 00000000)
 

Partition: GPT.
 

==================== Ende von Addition.txt ============================

M-K-D-B

12.05.2017 20:04

Servus,

Schritt 1

Kopiere den Inhalt der folgenden Code-Box:

Code:

Start:: CloseProcesses: FF Keyword.URL: Mozilla\Firefox\Profiles\42q34j6d.default -> user_pref("keyword.URL",""); FF NewTab: Mozilla\Firefox\Profiles\42q34j6d.default -> user_pref("browser.newtab.url",""); Task: {023DD6B5-9DB0-4DA0-BE44-8CEBF15ED996} - \WPD\SqmUpload_S-1-5-21-1603712690-2894388539-358268464-1001 -> Keine Datei <==== ACHTUNG Task: {263735D0-E937-4C59-B1EA-258D746FD065} - System32\Tasks\{00FFBDCF-F55B-471E-9E26-55DC17B99BCE} => pcalua.exe -a "C:\Program Files (x86)\Browsing Secure\BrowsingSecure\1.4.0.7\secureup.exe" -c /uninstl C:\Program Files (x86)\Browsing Secure CMD: dir "%ProgramFiles%" CMD: dir "%ProgramFiles(x86)%" CMD: dir "%ProgramData%" CMD: dir "%Appdata%" CMD: dir "%LocalAppdata%" CMD: dir "%CommonProgramFiles(x86)%" CMD: dir "%CommonProgramW6432%" CMD: dir "%UserProfile%" RemoveProxy: CMD: ipconfig /flushdns CMD: netsh winsock reset EmptyTemp: End::
Starte nun FRST und klicke den Entfernen Button.
Das Tool führt die gewünschten Schritte aus und erstellt eine fixlog.txt im selben Verzeichnis, in dem sich die FRST/FRST64.exe befindet.
Gegebenenfalls muss dein Rechner dafür neu gestartet werden.
Poste mir den Inhalt der fixlog.txt mit deiner nächsten Antwort.

Schritt 2
Bitte setze deine Brower wie folgt zurück:

IE :::
Setze folgendermassen den Internet Explorer zurück:

Öffne den Internet Explorer und gehe zu Extras -> Internetoptionen.
Klicke in der Registerkarte Erweitert unter "Internet Explorer-Einstellungen zurücksetzen" auf Zurücksetzen...
Klicke im Dialogfeld "Internet Explorer-Einstellungen zurücksetzen" zum Bestätigen auf Zurücksetzen.

(Hier findest du die bebilderte Anleitung.)

EDGE :::
Edge zurücksetzen

FF :::
Firefox zurücksetzen

CHR:::
Chrome zurücksetzen

OPR::
Opera zurücksetzen

Schritt 3

Starte die FRST.exe erneut. Vergewissere dich, dass vor Addition.txt ein Haken gesetzt ist und drücke auf Untersuchen.
FRST erstellt wieder zwei Logdateien (FRST.txt und Addition.txt).
Poste mir beide Logdateien mit deiner nächsten Antwort.

Bitte poste mit deiner nächsten Antwort

die Logdatei des FRST-Fix,
die beiden neuen Logdateien von FRST (FRST.txt und Addition.txt).

Sabimo

14.05.2017 15:50

Huhu!

Entschuldige bitte meine späte Antwort.
Leider fehlt aus welchem Grund auch immer die fixlist.txt Datei. Folgende Fehlermeldung gibt er an, sobald ich auf den Entfernen Button im FRST Programm drücke: "fixlist.txt wurde nicht gefunden. Die fixlist.txt muss sich im gleichen Ordner/Verzeichnis wie das Programm befinden." Aktuell wüsste ich nicht, wo diese sein wollte, denn ich habe keine gelöscht. Neugestartet habe ich meinen Laptop auch schon.

Wie soll ich nun weiter verfahren?

Liebe Grüße

M-K-D-B

15.05.2017 15:11

Servus,

dann lies dir meine Anleitung zu Schritt 1 nochmal durch. Du musst nur den Inhalt der Code-Box kopieren. Dann startest du FRST und klickst auf Entfernen.

FRST holt sich den Fix aus der Zwischenablage (Cache).

Sabimo

16.05.2017 21:09

FIXLOG

Code:



Entferungsergebnis von Farbar Recovery Scan Tool (x64) Version: 14-05-2017

durchgeführt von User (16-05-2017 21:58:21) Run:1

Gestartet von C:\Users\User\Desktop

Geladene Profile: User (Verfügbare Profile: User)

Start-Modus: Normal

==============================================
 

fixlist Inhalt:

*****************
 

CloseProcesses:

FF Keyword.URL: Mozilla\Firefox\Profiles\42q34j6d.default -> user_pref("keyword.URL","");

FF NewTab: Mozilla\Firefox\Profiles\42q34j6d.default -> user_pref("browser.newtab.url","");

Task: {023DD6B5-9DB0-4DA0-BE44-8CEBF15ED996} - \WPD\SqmUpload_S-1-5-21-1603712690-2894388539-358268464-1001 -> Keine Datei <==== ACHTUNG

Task: {263735D0-E937-4C59-B1EA-258D746FD065} - System32\Tasks\{00FFBDCF-F55B-471E-9E26-55DC17B99BCE} => pcalua.exe -a "C:\Program Files (x86)\Browsing Secure\BrowsingSecure\1.4.0.7\secureup.exe" -c /uninstl

C:\Program Files (x86)\Browsing Secure

CMD: dir "%ProgramFiles%"

CMD: dir "%ProgramFiles(x86)%"

CMD: dir "%ProgramData%"

CMD: dir "%Appdata%"

CMD: dir "%LocalAppdata%"

CMD: dir "%CommonProgramFiles(x86)%"

CMD: dir "%CommonProgramW6432%"

CMD: dir "%UserProfile%"

RemoveProxy:

CMD: ipconfig /flushdns

CMD: netsh winsock reset

EmptyTemp:
 

*****************
 

Prozesse erfolgreich geschlossen.

Firefox "Keyword.URL" erfolgreich entfernt

Firefox "newtab" erfolgreich entfernt

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{023DD6B5-9DB0-4DA0-BE44-8CEBF15ED996} => Schlüssel erfolgreich entfernt

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{023DD6B5-9DB0-4DA0-BE44-8CEBF15ED996} => Schlüssel erfolgreich entfernt

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\WPD\SqmUpload_S-1-5-21-1603712690-2894388539-358268464-1001 => Schlüssel erfolgreich entfernt

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{263735D0-E937-4C59-B1EA-258D746FD065} => Schlüssel erfolgreich entfernt

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{263735D0-E937-4C59-B1EA-258D746FD065} => Schlüssel erfolgreich entfernt

C:\WINDOWS\System32\Tasks\{00FFBDCF-F55B-471E-9E26-55DC17B99BCE} => erfolgreich verschoben

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{00FFBDCF-F55B-471E-9E26-55DC17B99BCE} => Schlüssel erfolgreich entfernt

"C:\Program Files (x86)\Browsing Secure" => nicht gefunden.
 

========= dir "%ProgramFiles%" =========
 

 Volume in Laufwerk C: hat keine Bezeichnung.

 Volumeseriennummer: 88E1-3547
 

 Verzeichnis von C:\Program Files
 

28.04.2017  22:49    <DIR>          .

28.04.2017  22:49    <DIR>          ..

26.03.2015  05:55    <DIR>          7-Zip

26.03.2015  11:29    <DIR>          Acer

03.04.2016  14:41    <DIR>          Adobe

19.02.2017  19:49    <DIR>          Bonjour

03.04.2017  18:39    <DIR>          Common Files

19.02.2017  20:09    <DIR>          Dolby Digital Plus

24.09.2014  09:43    <DIR>          Embedded Lockdown Manager

02.03.2017  15:58    <DIR>          Intel

31.10.2016  01:31    <DIR>          InterActual

18.03.2017  20:03    <DIR>          Internet Explorer

10.04.2017  11:09    <DIR>          iPod

10.04.2017  11:09    <DIR>          iTunes

07.02.2016  17:12    <DIR>          Logitech

03.04.2017  18:37    <DIR>          Microsoft Analysis Services

03.04.2017  18:39    <DIR>          Microsoft Office

15.04.2017  15:13    <DIR>          Microsoft Silverlight

03.04.2017  18:39    <DIR>          Microsoft SQL Server

03.04.2017  18:39    <DIR>          Microsoft.NET

02.03.2017  15:16    <DIR>          MSBuild

20.03.2016  20:17    <DIR>          Nikon

02.03.2017  19:42    <DIR>          NVIDIA Corporation

11.09.2015  17:19    <DIR>          paint.net

03.04.2016  10:40    <DIR>          Pixum

02.03.2017  15:50    <DIR>          Realtek

02.03.2017  15:16    <DIR>          Reference Assemblies

22.01.2017  21:57    <DIR>          Sony

31.07.2015  18:17    <DIR>          Unlocker

25.03.2015  23:03    <DIR>          VideoLAN

11.05.2017  14:40    <DIR>          Windows Defender

18.03.2017  20:03    <DIR>          Windows Mail

02.03.2017  15:39    <DIR>          Windows Media Player

16.07.2016  13:47    <DIR>          Windows Multimedia Platform

02.03.2017  16:19    <DIR>          Windows NT

11.05.2017  14:40    <DIR>          Windows Photo Viewer

16.07.2016  13:47    <DIR>          Windows Portable Devices

16.07.2016  13:47    <DIR>          WindowsPowerShell

               0 Datei(en),              0 Bytes

              38 Verzeichnis(se), 166.590.574.592 Bytes frei
 

========= Ende von CMD: =========
 
 

========= dir "%ProgramFiles(x86)%" =========
 

 Volume in Laufwerk C: hat keine Bezeichnung.

 Volumeseriennummer: 88E1-3547
 

 Verzeichnis von C:\Program Files (x86)
 

02.05.2017  18:52    <DIR>          .

02.05.2017  18:52    <DIR>          ..

03.04.2016  14:11    <DIR>          Adobe

27.03.2017  18:40    <DIR>          Apple Software Update

06.09.2015  12:44    <DIR>          astragon

16.05.2016  15:15    <DIR>          Atari

27.03.2016  14:30    <DIR>          Audacity

19.02.2017  19:49    <DIR>          Bonjour

26.07.2015  20:41    <DIR>          Brother

19.04.2015  14:01    <DIR>          Browny02

31.07.2015  13:49    <DIR>          Buhl

28.04.2017  21:25    <DIR>          CDBurnerXP

20.02.2017  16:09    <DIR>          Chip Digital GmbH

22.04.2017  12:47    <DIR>          Common Files

19.04.2015  14:01    <DIR>          ControlCenter4

07.10.2015  09:52    <DIR>          DVDVideoSoft

16.09.2015  15:02    <DIR>          Electronic Arts

07.10.2015  09:45    <DIR>          Free Codec Pack

07.10.2015  09:48    <DIR>          FreeCodecPack

25.03.2015  22:56    <DIR>          Google

09.04.2016  10:12    <DIR>          HTC

19.02.2017  19:55    <DIR>          Intel

18.03.2017  20:03    <DIR>          Internet Explorer

21.05.2016  11:12    <DIR>          iTunes

22.04.2017  12:47    <DIR>          Java

19.04.2017  17:57    <DIR>          Lame For Audacity

28.04.2017  22:49    <DIR>          Lavasoft

15.05.2016  17:03    <DIR>          LightZone

20.07.2015  22:11    <DIR>          Microsoft

03.04.2017  18:37    <DIR>          Microsoft Analysis Services

01.07.2015  00:51    <DIR>          Microsoft ASP.NET

03.04.2017  18:37    <DIR>          Microsoft Office

15.04.2017  15:13    <DIR>          Microsoft Silverlight

03.04.2017  18:39    <DIR>          Microsoft SQL Server

30.06.2015  20:07    <DIR>          Microsoft SQL Server Compact Edition

03.04.2017  18:39    <DIR>          Microsoft.NET

11.05.2017  18:18    <DIR>          Mozilla Firefox

20.08.2015  15:55    <DIR>          mp3DirectCut

06.10.2015  20:18    <DIR>          Mp3tag

03.04.2017  18:33    <DIR>          MSBuild

26.07.2015  20:41    <DIR>          MSECache

20.03.2016  20:19    <DIR>          Nikon

02.03.2017  19:42    <DIR>          NVIDIA Corporation

14.04.2015  17:44    <DIR>          OpenOffice 4

31.01.2017  12:48    <DIR>          Origin

19.07.2015  14:03    <DIR>          Origin Games

20.07.2016  10:20    <DIR>          OXXOGames

20.07.2016  09:54    <DIR>          PhotoScape

20.02.2017  10:50    <DIR>          Qualcomm Atheros

19.02.2017  20:43    <DIR>          Realtek

02.03.2017  15:16    <DIR>          Reference Assemblies

03.05.2016  09:48    <DIR>          Samsung

22.03.2017  18:58    <DIR>          Skype

22.01.2017  21:57    <DIR>          Sony

16.04.2016  11:12    <DIR>          Sony Media Go Install

12.09.2016  18:54    <DIR>          Sony Mobile

09.04.2016  10:11    <DIR>          Spirent Communications

30.03.2017  16:56    <DIR>          TeamViewer

23.04.2015  06:47    <DIR>          Telekom

02.03.2017  19:42    <DIR>          VulkanRT

11.05.2017  14:40    <DIR>          Windows Defender

30.06.2015  20:07    <DIR>          Windows Live

18.03.2017  20:03    <DIR>          Windows Mail

02.03.2017  15:39    <DIR>          Windows Media Player

16.07.2016  13:47    <DIR>          Windows Multimedia Platform

16.07.2016  13:47    <DIR>          Windows NT

11.05.2017  14:40    <DIR>          Windows Photo Viewer

16.07.2016  13:47    <DIR>          Windows Portable Devices

16.07.2016  13:47    <DIR>          WindowsPowerShell

16.04.2016  12:30    <DIR>          Wondershare

               0 Datei(en),              0 Bytes

              70 Verzeichnis(se), 166.590.513.152 Bytes frei
 

========= Ende von CMD: =========
 
 

========= dir "%ProgramData%" =========
 

 Volume in Laufwerk C: hat keine Bezeichnung.

 Volumeseriennummer: 88E1-3547
 

 Verzeichnis von C:\ProgramData
 

20.02.2017  18:03    <DIR>          Acer

03.04.2016  14:44    <DIR>          Adobe

22.05.2015  15:20    <DIR>          Apple

22.05.2015  15:22    <DIR>          Apple Computer

20.08.2015  15:55    <DIR>          AVG

02.06.2016  13:55    <DIR>          boost_interprocess

19.04.2015  14:02    <DIR>          Brother

25.05.2015  10:30    <DIR>          Buhl Data Service GmbH

12.01.2017  15:32    <DIR>          Canneverbe Limited

16.07.2016  13:47    <DIR>          Comms

19.04.2015  14:01    <DIR>          ControlCenter4

23.04.2015  06:48    <DIR>          DatacardService

09.07.2015  19:43    <DIR>          E1864A66-75E3-486a-BD95-D1B7D99A84A7

19.07.2015  21:37    <DIR>          EA Core

12.12.2015  16:42    <DIR>          Electronic Arts

20.03.2016  20:18    <DIR>          EnterNHelp

18.01.2017  14:16    <DIR>          EPSON

03.05.2017  13:42    <DIR>          F-Secure

20.03.2016  20:17    <DIR>          Fonts

20.03.2016  20:18    <DIR>          Galaxy Swirl

16.07.2016  14:30    <DIR>          GameHouse

20.03.2016  20:17    <DIR>          Guitar

03.04.2016  12:29    <DIR>          hps

09.04.2016  10:07    <DIR>          HTC

19.02.2017  19:33    <DIR>          Intel

16.07.2016  14:30    <DIR>          Intenium

28.04.2017  22:49    <DIR>          Lavasoft

11.05.2017  18:07    <DIR>          Malwarebytes

10.05.2017  20:06    <DIR>          Microsoft Help

02.03.2017  19:28    <DIR>          Microsoft OneDrive

26.03.2016  12:23    <DIR>          Nikon

20.07.2016  10:20    <DIR>          Norton

20.07.2016  09:55    <DIR>          NortonInstaller

16.05.2017  21:58    <DIR>          NVIDIA

02.03.2017  19:42    <DIR>          NVIDIA Corporation

26.03.2015  11:25    <DIR>          oem

22.04.2017  12:51    <DIR>          Oracle

02.02.2017  13:35    <DIR>          Origin

22.03.2017  18:58    <DIR>          Package Cache

20.03.2016  20:16    <DIR>          Pick Bass

19.02.2017  20:24    <DIR>          Qualcomm Atheros

02.03.2017  16:06    <DIR>          regid.1986-12.com.adobe

03.04.2017  18:39    <DIR>          regid.1991-06.com.microsoft

03.05.2016  09:48    <DIR>          Samsung

22.03.2017  18:58    <DIR>          Skype

16.07.2016  13:47    <DIR>          SoftwareDistribution

06.10.2015  11:24    <DIR>          Sony

16.04.2016  11:12    <DIR>          Sony Corporation

29.05.2016  13:34    <DIR>          Sony Mobile

25.03.2015  22:57    <DIR>          Sun

20.08.2015  17:14    <DIR>          TEMP

12.07.2016  21:31    <DIR>          tmp

20.03.2016  20:18    <DIR>          Ultima_T15

02.03.2017  21:12    <DIR>          USOPrivate

02.03.2017  21:12    <DIR>          USOShared

16.04.2016  12:32    <DIR>          Wondershare

16.04.2016  16:34    <DIR>          wsr

               0 Datei(en),              0 Bytes

              57 Verzeichnis(se), 166.590.496.768 Bytes frei
 

========= Ende von CMD: =========
 
 

========= dir "%Appdata%" =========
 

 Volume in Laufwerk C: hat keine Bezeichnung.

 Volumeseriennummer: 88E1-3547
 

 Verzeichnis von C:\Users\User\AppData\Roaming
 

02.05.2017  18:51    <DIR>          .

02.05.2017  18:51    <DIR>          ..

03.04.2016  14:44    <DIR>          Adobe

07.06.2016  18:22    <DIR>          Apple Computer

16.05.2016  15:27    <DIR>          Atari

11.05.2017  14:08    <DIR>          Audacity

20.08.2015  15:54    <DIR>          AVG

26.07.2015  20:45    <DIR>          Brother

25.05.2015  10:30    <DIR>          Buhl Data Service

12.01.2017  15:32    <DIR>          Canneverbe Limited

19.04.2015  14:05    <DIR>          ControlCenter4

20.08.2015  15:40    <DIR>          dlg

30.10.2016  22:43    <DIR>          dvdcss

11.05.2017  13:51    <DIR>          DVDVideoSoft

05.04.2016  14:39    <DIR>          EncryptStick

02.05.2017  18:51    <DIR>          Google

16.04.2016  12:32    <DIR>          HMYGSetting

09.04.2016  10:18    <DIR>          HTC

02.03.2017  19:29    <DIR>          Identities

19.04.2015  13:59    <DIR>          InstallShield

16.07.2016  14:30    <DIR>          Intenium

28.04.2017  22:49    <DIR>          Lavasoft

16.05.2016  15:26    <DIR>          Leadertech

15.05.2016  17:03    <DIR>          LightZone

12.04.2015  08:07    <DIR>          Macromedia

16.02.2017  19:28    <DIR>          Mozilla

20.08.2015  16:30    <DIR>          mp3DirectCut

07.10.2015  10:14    <DIR>          Mp3tag

20.03.2016  21:50    <DIR>          Nikon

14.04.2015  17:48    <DIR>          OpenOffice

02.02.2017  14:45    <DIR>          Origin

03.04.2016  17:14    <DIR>          PDAppFlex

03.02.2017  22:59    <DIR>          PhotoScape

03.05.2016  09:48    <DIR>          Samsung

07.05.2017  15:41    <DIR>          Skype

16.04.2016  11:13    <DIR>          Sony

23.04.2017  16:36    <DIR>          Spotify

04.03.2016  21:37    <DIR>          Sun

26.01.2016  14:32    <DIR>          TeamViewer

23.04.2015  06:48    <DIR>          Telekom

20.02.2017  18:09    <DIR>          Telekom Internet Manager

22.04.2017  12:47    <DIR>          vlc

07.05.2015  20:17    <DIR>          WinRAR

16.04.2016  12:30    <DIR>          Wondershare

               0 Datei(en),              0 Bytes

              44 Verzeichnis(se), 166.590.443.520 Bytes frei
 

========= Ende von CMD: =========
 
 

========= dir "%LocalAppdata%" =========
 

 Volume in Laufwerk C: hat keine Bezeichnung.

 Volumeseriennummer: 88E1-3547
 

 Verzeichnis von C:\Users\User\AppData\Local
 

16.05.2017  17:14    <DIR>          .

16.05.2017  17:14    <DIR>          ..

12.04.2015  14:34           196.228 134785ED_stp.CIS

12.04.2015  14:34               290 134785ED_stp.CIS.part

13.04.2015  23:59            47.657 2B763BC1_stp.CIS

13.04.2015  23:59               289 2B763BC1_stp.CIS.part

14.04.2015  00:00    <DIR>          5D515C96_stp

12.04.2015  14:34           385.602 5D515C96_stp.CIS

13.04.2015  23:58               220 5D515C96_stp.CIS.part

13.04.2015  23:59         8.250.214 65DE37E2_stp.CIS

13.04.2015  23:59               373 65DE37E2_stp.CIS.part

06.05.2015  16:07    <DIR>          Acer

15.03.2017  17:03    <DIR>          Adobe

22.05.2015  15:20    <DIR>          Apple

05.06.2016  11:41    <DIR>          Apple Computer

27.03.2016  14:30    <DIR>          Audacity

26.03.2015  11:29    <DIR>          AutorunX2

20.08.2015  15:54    <DIR>          Avg

27.03.2016  14:33    <DIR>          Barbie Pferdeabenteuer - Im Reitercamp

25.05.2015  10:30    <DIR>          Buhl Data Service

06.09.2015  12:48    <DIR>          Bus Simulator 2012

04.01.2016  16:29    <DIR>          CEF

02.03.2017  19:26    <DIR>          Comms

02.03.2017  20:05    <DIR>          ConnectedDevicesPlatform

10.05.2017  11:27    <DIR>          CrashDumps

28.09.2016  09:08             3.584 DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

27.03.2017  19:20    <DIR>          Diagnostics

20.02.2017  16:09    <DIR>          Downloaded Installations

15.04.2017  10:49    <DIR>          ElevatedDiagnostics

22.11.2016  14:06    <DIR>          F-Secure

02.03.2017  19:32           130.840 GDIPFONTCACHEV1.DAT

16.02.2017  19:28    <DIR>          Google

01.06.2015  13:28    <DIR>          GWX

14.05.2017  16:40    <DIR>          HTC MediaHub

31.07.2015  18:15    <DIR>          Lavasoft

06.09.2015  12:47    <DIR>          Logitech

12.04.2015  08:07    <DIR>          Macromedia

02.03.2017  20:01    <DIR>          Microsoft

11.02.2016  17:52    <DIR>          Microsoft Help

02.03.2017  19:30    <DIR>          MicrosoftEdge

12.04.2015  08:06    <DIR>          Mozilla

02.05.2017  18:08    <DIR>          MSfree Inc

20.03.2016  21:50    <DIR>          Nikon

25.10.2016  18:04    <DIR>          NVIDIA

26.10.2016  08:00    <DIR>          NVIDIA Corporation

01.02.2017  12:13    <DIR>          Origin

10.05.2017  11:29    <DIR>          Packages

11.09.2015  17:08    <DIR>          paint.net

07.10.2015  09:24        29.249.520 pcc.exe

22.05.2015  15:15    <DIR>          Programs

02.03.2017  19:27    <DIR>          Publishers

03.05.2016  09:48    <DIR>          Samsung

05.04.2016  14:40    <DIR>          SanDiskSecureAccessV2_win

06.09.2015  15:17                 0 Settings.xml

10.12.2015  22:00    <DIR>          Skype

16.04.2016  11:13    <DIR>          Sony

23.04.2017  17:07    <DIR>          Spotify

16.05.2017  21:58    <DIR>          Temp

02.03.2017  19:26    <DIR>          TileDataLayer

20.08.2015  17:08               132 updt.js

30.10.2016  22:42    <DIR>          VirtualStore

17.12.2015  00:16    <DIR>          Windows Live

16.04.2016  12:31    <DIR>          Wondershare

28.04.2016  18:22                 0 {DEBB28E6-C29A-4EFF-9857-53E5B2E566EC}

              14 Datei(en),     38.264.949 Bytes

              50 Verzeichnis(se), 166.590.377.984 Bytes frei
 

========= Ende von CMD: =========
 
 

========= dir "%CommonProgramFiles(x86)%" =========
 

 Volume in Laufwerk C: hat keine Bezeichnung.

 Volumeseriennummer: 88E1-3547
 

 Verzeichnis von C:\Program Files (x86)\Common Files
 

22.04.2017  12:47    <DIR>          .

22.04.2017  12:47    <DIR>          ..

03.04.2016  14:35    <DIR>          Adobe

07.06.2016  18:22    <DIR>          Apple

26.03.2015  11:35    <DIR>          Atheros

21.12.2015  15:33    <DIR>          Borland Shared

26.07.2015  20:41    <DIR>          Brother

07.10.2015  09:51    <DIR>          DVDVideoSoft

26.03.2015  11:38    <DIR>          InstallShield

02.03.2017  15:51    <DIR>          Intel

22.04.2017  12:47    <DIR>          Java

03.04.2017  18:39    <DIR>          Microsoft Shared

09.04.2016  10:12    <DIR>          Nero

20.03.2016  20:18    <DIR>          Nikon

26.03.2015  11:35    <DIR>          postureAgent

19.02.2017  20:27    <DIR>          Qualcomm Atheros

16.07.2016  13:47    <DIR>          Services

22.03.2017  18:58    <DIR>          Skype

16.04.2016  11:12    <DIR>          Sony Shared

20.07.2016  10:18    <DIR>          Symantec Shared

03.04.2017  18:31    <DIR>          System

30.06.2015  20:05    <DIR>          Windows Live

16.04.2016  12:31    <DIR>          Wondershare

               0 Datei(en),              0 Bytes

              23 Verzeichnis(se), 166.590.316.544 Bytes frei
 

========= Ende von CMD: =========
 
 

========= dir "%CommonProgramW6432%" =========
 

 Volume in Laufwerk C: hat keine Bezeichnung.

 Volumeseriennummer: 88E1-3547
 

 Verzeichnis von C:\Program Files\Common Files
 

03.04.2017  18:39    <DIR>          .

03.04.2017  18:39    <DIR>          ..

07.06.2016  18:22    <DIR>          Apple

02.03.2017  19:43    <DIR>          Atheros

03.04.2017  18:39    <DIR>          DESIGNER

14.08.2016  16:43    <DIR>          EPSON

06.09.2015  12:41    <DIR>          Logitech

03.04.2017  18:40    <DIR>          microsoft shared

20.03.2016  20:19    <DIR>          Nikon

19.02.2017  20:47    <DIR>          QCA_Bluetooth

16.07.2016  13:47    <DIR>          Services

03.04.2017  18:38    <DIR>          System

               0 Datei(en),              0 Bytes

              12 Verzeichnis(se), 166.590.267.392 Bytes frei
 

========= Ende von CMD: =========
 
 

========= dir "%UserProfile%" =========
 

 Volume in Laufwerk C: hat keine Bezeichnung.

 Volumeseriennummer: 88E1-3547
 

 Verzeichnis von C:\Users\User
 

16.05.2017  21:42    <DIR>          .

16.05.2017  21:42    <DIR>          ..

09.04.2016  10:12    <DIR>          .android

19.12.2015  14:59    <DIR>          .borland

19.07.2016  21:21    <DIR>          .oracle_jre_usage

09.10.2016  12:11    <DIR>          .Origin

09.10.2016  12:11    <DIR>          .QtWebEngineProcess

22.12.2016  20:47         6.906.492 05 - Girlfriend.mp3

01.05.2016  12:36    <DIR>          1. MARGITS HOCHZEITSBUCH

03.04.2016  14:13             1.229 Adobe Creative Cloud.lnk

27.03.2016  14:29             1.019 Audacity.lnk

16.05.2017  21:58       143.754.240 backup.pst

01.05.2016  12:33    <DIR>          Bearbeitete Lieder

04.01.2016  16:47           128.917 Benni.jpg

10.04.2017  11:01        72.668.227 Best Remixes Of Popular Songs 2016 - Party Club Remix Dance Music Mix - Melbourne Bounce Charts.mp3

01.08.2016  14:18    <DIR>          Bilder Hochzeit

28.04.2017  21:13            30.938 bookmarks-2017-04-28.json

06.09.2015  12:46             1.260 Bus-Simulator 2012 (Basic-Version).lnk

20.07.2015  11:30           992.282 Cali.jpg

17.09.2015  09:54               834 CCleaner.lnk

05.04.2016  19:46    <DIR>          Creative Cloud Files

23.08.2002  08:00           545.792 Delphi.exe

27.12.2015  23:09    <DIR>          delphi_setup

16.05.2017  21:58    <DIR>          Desktop

19.07.2015  14:36             2.252 Die SimsT 3 Jahreszeiten.lnk

16.09.2015  14:50             2.084 DieÿSimsTÿ3.lnk

02.03.2017  19:26    <DIR>          Documents

15.07.2016  19:39         8.414.651 Don't Let Me Down (feat. Daya).mp3

15.07.2016  21:03       601.689.501 Don't let me down.mp4

02.03.2017  19:26    <DIR>          Downloads

02.04.2016  16:13        14.403.499 DSC_0561.JPG

02.04.2016  16:14        14.371.838 DSC_0562.JPG

02.04.2016  16:14        15.221.825 DSC_0563.JPG

02.04.2016  16:14        12.787.234 DSC_0564.JPG

02.04.2016  16:15        15.226.448 DSC_0565.JPG

02.04.2016  16:15        15.307.192 DSC_0566.JPG

02.04.2016  16:16        14.299.720 DSC_0567.JPG

01.05.2016  20:43     1.012.770.012 DSC_1026.MOV

05.06.2016  23:16         9.103.349 DSC_2168.JPG

15.07.2016  19:36         8.342.231 DSC_2439.JPG

17.05.2016  21:09           245.131 Englisch Tagebuch Sabrina.pdf

11.06.2016  19:36         1.746.748 Fb.jpg

17.12.2015  00:44       107.687.366 Fertig.mp4

15.05.2016  11:38        26.947.613 Freunde Video - (vorher).mp4

17.09.2015  11:19             1.393 GeForce Experience.lnk

04.02.2015  18:27     1.120.727.723 GOPR2058.MP4

06.10.2015  19:06         4.731.735 Handy Hintergrund.jpg

05.07.2016  13:48            11.376 Helv Light.dotx

01.08.2016  14:16    <DIR>          Hochzeitsbilder (ALLE)

15.07.2016  19:40         7.410.366 If I Were Sorry.mp3

10.12.2015  10:07           216.460 IMG-20151028-WA0007.jpg

19.02.2017  19:33    <DIR>          Intel

21.05.2016  11:13             1.765 iTunes.lnk

05.09.2015  21:57    <DIR>          Matteos Einschulung

16.04.2016  11:12             1.901 Media Go.lnk

18.12.2015  16:37           121.942 Mein Film 5.wlmp

15.05.2016  12:56            37.732 Mein Film.wlmp

15.05.2016  12:56       105.943.543 Meine besten Freunde.mp4

06.10.2015  20:18               991 Mp3tag.lnk

02.03.2017  19:26    <DIR>          Music

07.06.2016  18:14         8.096.567 Musik sein (Vimalavong Remix).mp3

31.05.2016  20:29    <DIR>          Muttis Handy

08.08.2016  14:55         3.988.664 Nads 18zenter.jpg

08.08.2016  15:08            20.599 Nads Geburtstag.docx

09.09.2015  16:36            13.244 Netto.docx

02.03.2017  19:38    <DIR>          OneDrive

02.12.2015  10:02    <DIR>          OneDrive.old

14.04.2015  17:44             1.080 OpenOffice 4.1.1.lnk

16.09.2015  14:12               991 Origin.lnk

26.07.2015  20:41             1.887 P-touch Editor 5.1.lnk

08.05.2015  22:10               933 PhotoScape.lnk

10.04.2016  10:45                97 playlist.m3u

16.05.2016  15:24             1.227 RollerCoaster Tycoon 3.lnk

01.05.2016  12:35    <DIR>          Sabi

30.04.2016  00:38            48.254 Sab Brief.docx

27.03.2016  14:28    <DIR>          Schwimmbad - 30.12.15

02.12.2015  10:02    <DIR>          Searches

12.04.2015  22:13             1.730 Spotify.lnk

06.09.2015  20:24                 0 Sti_Trace.log

25.01.2016  20:11             1.043 TeamViewer 11.lnk

12.04.2015  08:09    <DIR>          Tracing

01.05.2016  12:32    <DIR>          Unbenannter Export

02.03.2017  19:26    <DIR>          Videos

20.03.2016  20:17             2.069 ViewNX 2.lnk

11.06.2016  19:37         1.963.132 WA.jpg

31.07.2015  13:49             2.236 WISO  Internet Security.lnk

01.05.2016  20:56         8.743.464 Work from Home (feat. Ty Dolla $ign).mp3

01.05.2016  21:10       621.618.439 Work.mp4

29.05.2016  13:32             2.651 Xperia Companion.lnk

              61 Datei(en),  3.987.315.158 Bytes

              28 Verzeichnis(se), 166.590.107.648 Bytes frei
 

========= Ende von CMD: =========
 
 

========= RemoveProxy: =========
 

HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => Wert erfolgreich entfernt

HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => Wert erfolgreich entfernt

HKU\S-1-5-21-1603712690-2894388539-358268464-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => Wert erfolgreich entfernt

HKU\S-1-5-21-1603712690-2894388539-358268464-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => Wert erfolgreich entfernt
 
 

========= Ende von RemoveProxy: =========
 
 

========= ipconfig /flushdns =========
 
 

Windows-IP-Konfiguration
 

Der DNS-Aufl”sungscache wurde geleert.
 

========= Ende von CMD: =========
 
 

========= netsh winsock reset =========
 
 

Der Winsock-Katalog wurde zurckgesetzt.

Sie mssen den Computer neu starten, um den Vorgang abzuschlieáen.
 
 

========= Ende von CMD: =========
 
 

=========== EmptyTemp: ==========
 

BITS transfer queue => 0 B

DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 662973419 B

Java, Flash, Steam htmlcache => 826445361 B

Windows/system/drivers => 8700717 B

Edge => 99452226 B

Chrome => 403761775 B

Firefox => 407153062 B

Opera => 0 B
 

Temp, IE cache, history, cookies, recent:

Default => 0 B

Users => 0 B

ProgramData => 0 B

Public => 0 B

systemprofile => 128 B

systemprofile32 => 0 B

LocalService => 1562394 B

NetworkService => 2602960 B

User => 331142715 B
 

RecycleBin => 1040190626 B

EmptyTemp: => 3.5 GB temporäre Dateien entfernt.
 

================================
 
 

Das System musste neu gestartet werden.
 

==== Ende von Fixlog 21:59:22 ====

Sabimo

16.05.2017 21:21

FRST Logfile:

Code:

Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 14-05-2017

durchgeführt von User (Administrator) auf ACER (16-05-2017 22:17:05)

Gestartet von C:\Users\User\Desktop

Geladene Profile: User (Verfügbare Profile: User)

Platform: Windows 10 Home Version 1607 (X64) Sprache: Deutsch (Deutschland)

Internet Explorer Version 11 (Standard-Browser: Chrome)

Start-Modus: Normal

Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
 

==================== Prozesse (Nicht auf der Ausnahmeliste) =================
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
 

(Intel Corporation) C:\Windows\System32\igfxCUIService.exe

(Chip Digital GmbH) C:\Program Files (x86)\Chip Digital GmbH\chip1click\chip 1-click installer.exe

(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe

(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe

() C:\ProgramData\DatacardService\DCService.exe

(Nero AG) C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe

(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe

(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

(Windows (R) Win 7 DDK provider) C:\Windows\System32\AdminService.exe

() C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe

(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe

() C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe

(Malwarebytes) C:\Users\User\Desktop\Anti-Malware\MBAMService.exe

(Electronic Arts) C:\Program Files (x86)\Origin\OriginWebHelperService.exe

(DEVGURU Co., LTD.) C:\Program Files (x86)\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe

(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe

(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe

(Wondershare) C:\Program Files (x86)\Wondershare\WAF\2.1.7.1\WsAppService.exe

(Sony) C:\Program Files\Sony\Xperia Companion\Service\XperiaCompanionService.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe

(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe

(Huawei Technologies Co., Ltd.) C:\ProgramData\DatacardService\DCSHelper.exe

(Intel Corporation) C:\Windows\System32\igfxEM.exe

(Intel Corporation) C:\Windows\System32\igfxHK.exe

() C:\Windows\System32\igfxTray.exe

(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe

() C:\Program Files (x86)\HTC\HTC Sync Manager\HTC Sync\adb.exe

(Dolby Laboratories Inc.) C:\Program Files\Dolby Digital Plus\ddp.exe

(Malwarebytes) C:\Users\User\Desktop\Anti-Malware\mbamtray.exe

(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe

(Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\QASvc.exe

(Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\QAEvent.exe

(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMEvent.exe

(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMLockHandler.exe

(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMTray.exe

(Microsoft Corporation) C:\Windows\System32\Speech_OneCore\Common\SpeechRuntime.exe

(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe

(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe

(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe

(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe

() C:\Program Files\Realtek\Audio\HDA\FMAPP.exe

(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

(Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\QAMsg.exe

(Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\QuickAccess.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe

(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersServer.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\ActionUriServer.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Apple Inc.) C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe

(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe

(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe

(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.17032.10331.0_x64__8wekyb3d8bbwe\Music.UI.exe

() C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.425.10010.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Microsoft Corporation) C:\Windows\System32\msiexec.exe

(Microsoft Corporation) C:\Windows\System32\msiexec.exe

(Microsoft Corporation) C:\Windows\System32\smartscreen.exe

(Farbar) C:\Users\User\Desktop\FRST64 (1).exe
 

==================== Registry (Nicht auf der Ausnahmeliste) ====================
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
 

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [16152792 2015-07-17] (Realtek Semiconductor)

HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1394392 2015-07-14] (Realtek Semiconductor)

HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2398776 2016-06-15] (NVIDIA Corporation)

HKLM\...\Run: [Start WingMan Profiler] => C:\Program Files\Logitech\Gaming Software\LWEMon.exe [123400 2009-01-21] (Logitech Inc.)

HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508128 2016-01-07] (Adobe Systems Incorporated)

HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [303928 2017-03-22] (Apple Inc.)

HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch

HKLM\...\Run: [WindowsDefender] => C:\Program Files\Windows Defender\MSASCuiL.exe [631808 2017-04-28] (Microsoft Corporation)

HKLM\...\Run: [Malwarebytes TrayApp] => C:\USERS\USER\DESKTOP\ANTI-MALWARE\mbamtray.exe [3146704 2017-05-09] (Malwarebytes)

HKLM-x32\...\Run: [ControlCenter4] => C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe [143360 2012-08-28] (Brother Industries, Ltd.)

HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [3076096 2012-06-06] (Brother Industries, Ltd.)

HKLM-x32\...\Run: [DataCardMonitor] => C:\Program Files (x86)\Telekom\InternetManager_H\DataCardMonitor.exe [253952 2015-04-23] (Huawei Technologies Co., Ltd.)

HKLM-x32\...\Run: [Nikon Message Center 2] => C:\Program Files (x86)\Nikon\Nikon Message Center 2\NkMC2.exe [571392 2011-10-30] (Nikon Corporation)

HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2312896 2016-02-12] (Adobe Systems Incorporated)

HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2017-03-15] (Oracle Corporation)

HKU\S-1-5-21-1603712690-2894388539-358268464-1001\...\Run: [Spotify Web Helper] => C:\Users\User\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1446000 2017-03-30] (Spotify Ltd)

HKU\S-1-5-21-1603712690-2894388539-358268464-1001\...\Run: [HW_OPENEYE_OUC_Telekom Internet Manager] => C:\Program Files (x86)\Telekom\InternetManager_H\UpdateDog\ouc.exe [110592 2009-12-31] (Huawei Technologies Co., Ltd.)

HKU\S-1-5-21-1603712690-2894388539-358268464-1001\...\Run: [Spotify] => C:\Users\User\AppData\Roaming\Spotify\Spotify.exe [7089776 2017-03-30] (Spotify Ltd)

HKU\S-1-5-21-1603712690-2894388539-358268464-1001\...\Run: [EPLTarget\P0000000000000001] => C:\Windows\system32\spool\DRIVERS\x64\3\E_YATIPEE.EXE [417776 2014-11-14] (SEIKO EPSON CORPORATION)

HKU\S-1-5-21-1603712690-2894388539-358268464-1001\...\Run: [EPLTarget\P0000000000000000] => C:\Windows\system32\spool\DRIVERS\x64\3\E_YATIPEE.EXE [417776 2014-11-14] (SEIKO EPSON CORPORATION)

HKU\S-1-5-21-1603712690-2894388539-358268464-1001\...\Run: [XperiaCompanionAgent] => C:\Program Files (x86)\Sony\Xperia Companion\XperiaCompanionAgent.exe [2088832 2016-12-22] (Sony)

HKU\S-1-5-21-1603712690-2894388539-358268464-1001\...\Run: [Google Update] => C:\Users\User\AppData\Local\Google\Update\1.3.33.5\GoogleUpdateCore.exe [601168 2017-05-01] (Google Inc.)

HKU\S-1-5-21-1603712690-2894388539-358268464-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [27545048 2017-03-14] (Skype Technologies S.A.)

ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-01-22] ()

ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-01-22] ()

ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-01-22] ()
 

==================== Internet (Nicht auf der Ausnahmeliste) ====================
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
 

Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

Tcpip\..\Interfaces\{c665f695-f486-4cfb-9e85-aacc2db3a7aa}: [DhcpNameServer] 192.168.2.1

Tcpip\..\Interfaces\{df2ccdb1-2b40-4835-8404-d44a77e8c602}: [DhcpNameServer] 192.168.178.1
 

Internet Explorer:

==================

BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office16\OCHelper.dll [2017-04-11] (Microsoft Corporation)

BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office16\GROOVEEX.DLL [2017-02-22] (Microsoft Corporation)

BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office16\OCHelper.dll [2015-07-31] (Microsoft Corporation)

BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_131\bin\ssv.dll [2017-04-22] (Oracle Corporation)

BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office16\GROOVEEX.DLL [2017-02-22] (Microsoft Corporation)

BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_131\bin\jp2ssv.dll [2017-04-22] (Oracle Corporation)

Handler: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2017-04-11] (Microsoft Corporation)

Handler-x32: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2017-04-11] (Microsoft Corporation)

Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2017-04-11] (Microsoft Corporation)

Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2017-04-11] (Microsoft Corporation)
 

FireFox:

========

FF DefaultProfile: iuq23bh7.default-1493412874328

FF ProfilePath: C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\42q34j6d.default [2017-05-16]

FF ProfilePath: C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\fcmo50m1.default-1493406853502 [2017-05-16]

FF ProfilePath: C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\iuq23bh7.default-1493412874328 [2017-05-16]

FF Homepage: Mozilla\Firefox\Profiles\iuq23bh7.default-1493412874328 -> www.google.de

FF Extension: (Adblock Plus) - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\iuq23bh7.default-1493412874328\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2017-04-28]

FF HKLM-x32\...\Firefox\Extensions: [ff-bmboc@bytemobile.com] - C:\Program Files\T-Mobile\InternetManager_H\OCx64\addon => nicht gefunden

FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_25_0_0_127.dll [2017-03-15] ()

FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50906.0\npctrl.dll [2017-03-09] ( Microsoft Corporation)

FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation)

FF Plugin: @videolan.org/vlc,version=2.2.0 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-02-27] (VideoLAN)

FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2016-02-12] (Adobe Systems)

FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWoW64\Macromed\Flash\NPSWF32_25_0_0_127.dll [2017-03-15] ()

FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-04-21] (Intel Corporation)

FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.68 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-04-21] (Intel Corporation)

FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2015-04-21] (Intel Corporation)

FF Plugin-x32: @java.com/DTPlugin,version=11.131.2 -> C:\Program Files (x86)\Java\jre1.8.0_131\bin\dtplugin\npDeployJava1.dll [2017-04-22] (Oracle Corporation)

FF Plugin-x32: @java.com/JavaPlugin,version=11.131.2 -> C:\Program Files (x86)\Java\jre1.8.0_131\bin\plugin2\npjp2.dll [2017-04-22] (Oracle Corporation)

FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2016-11-15] (Microsoft Corporation)

FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50906.0\npctrl.dll [2017-03-09] ( Microsoft Corporation)

FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll [2010-04-26] (Microsoft Corp.)

FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation)

FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)

FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-28] (Google Inc.)

FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-28] (Google Inc.)

FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2016-12-17] (Adobe Systems Inc.)

FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2016-02-12] (Adobe Systems)

FF Plugin HKU\S-1-5-21-1603712690-2894388539-358268464-1001: @talk.google.com/GoogleTalkPlugin -> C:\Users\User\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll [2015-12-08] (Google)

FF Plugin HKU\S-1-5-21-1603712690-2894388539-358268464-1001: @talk.google.com/O1DPlugin -> C:\Users\User\AppData\Roaming\Mozilla\plugins\npo1d.dll [2015-12-08] (Google)

FF Plugin HKU\S-1-5-21-1603712690-2894388539-358268464-1001: @tools.google.com/Google Update;version=3 -> C:\Users\User\AppData\Local\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-05-01] (Google Inc.)

FF Plugin HKU\S-1-5-21-1603712690-2894388539-358268464-1001: @tools.google.com/Google Update;version=9 -> C:\Users\User\AppData\Local\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-05-01] (Google Inc.)

FF Plugin HKU\S-1-5-21-1603712690-2894388539-358268464-1001: sony.com/MediaGoDetector -> C:\Program Files (x86)\Sony\Media Go\npMediaGoDetector.dll [2015-11-20] (Sony Network Entertainment International LLC)

FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2016-11-15] (Microsoft Corporation)

FF Plugin ProgramFiles/Appdata: C:\Users\User\AppData\Roaming\mozilla\plugins\npgoogletalk.dll [2015-12-08] (Google)

FF Plugin ProgramFiles/Appdata: C:\Users\User\AppData\Roaming\mozilla\plugins\npo1d.dll [2015-12-08] (Google)
 

Chrome: 

=======

CHR DefaultProfile: Default

CHR HomePage: Default -> hxxps://www.google.de/

CHR StartupUrls: Default -> "hxxps://www.google.de/"

CHR Profile: C:\Users\User\AppData\Local\Google\Chrome\User Data\Default [2017-05-16]

CHR Extension: (Google Docs) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-01-15]

CHR Extension: (Google Drive) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-01-15]

CHR Extension: (YouTube) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-01-15]

CHR Extension: (Google-Suche) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2017-01-15]

CHR Extension: (Google Docs Offline) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-01-15]

CHR Extension: (AdBlock) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2017-05-02]

CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-05-02]

CHR Extension: (Google Mail) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-01-15]

CHR Extension: (Chrome Media Router) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-05-14]

CHR HKLM-x32\...\Chrome\Extension: [ihenkjeihefokohmemphikjnjbmegdik] - "C:\Program Files (x86)\Sony\Media Go\MediaGoDetector.crx" <nicht gefunden>
 

==================== Dienste (Nicht auf der Ausnahmeliste) ====================
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
 

R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [693440 2016-01-28] (Adobe Systems Incorporated)

R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2227312 2017-02-27] (Adobe Systems, Incorporated)

R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2017-03-17] (Apple Inc.)

R2 AtherosSvc; C:\WINDOWS\system32\AdminService.exe [355760 2016-06-26] (Windows (R) Win 7 DDK provider)

S3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [266240 2012-06-05] (Brother Industries, Ltd.) [Datei ist nicht signiert]

R2 chip1click; C:\Program Files (x86)\Chip Digital GmbH\chip1click\chip 1-click installer.exe [91136 2016-10-27] (Chip Digital GmbH) [Datei ist nicht signiert]

R2 DCService.exe; C:\ProgramData\DatacardService\DCService.exe [229376 2010-08-19] () [Datei ist nicht signiert]

R2 HTCMonitorService; C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe [87368 2014-06-27] (Nero AG)

S2 ibtsiva; C:\Program Files (x86)\Intel\Bluetooth\utilities\ibtsiva.exe [165104 2015-06-30] (Intel Corporation)

R2 igfxCUIService2.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [373720 2016-12-19] (Intel Corporation)

S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [881152 2015-05-22] (Intel(R) Corporation)

S3 Intel(R) Security Assist; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe [335872 2015-05-19] (Intel Corporation) [Datei ist nicht signiert]

R2 isaHelperSvc; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe [7680 2015-05-19] () [Datei ist nicht signiert]

R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [223008 2015-07-06] (Intel Corporation)

R2 LMSvc; C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe [455912 2014-12-30] (Acer Incorporate)

R2 MBAMService; C:\Users\User\Desktop\Anti-Malware\mbamservice.exe [4470736 2017-05-09] (Malwarebytes)

R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [458176 2016-12-29] (NVIDIA Corporation)

R3 NvStreamNetworkSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [3634232 2016-06-15] (NVIDIA Corporation)

R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [2522680 2016-06-15] (NVIDIA Corporation)

S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2121736 2017-01-31] (Electronic Arts)

R2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [2183696 2017-01-31] (Electronic Arts)

R2 PassThru Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [166912 2013-10-17] () [Datei ist nicht signiert]

R3 QASvc; C:\Program Files\Acer\Acer Quick Access\QASvc.exe [457960 2014-03-21] (Acer Incorporate)

R2 ss_conn_service; C:\Program Files (x86)\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe [743688 2015-05-21] (DEVGURU Co., LTD.)

R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [6889232 2015-12-14] (TeamViewer GmbH)

R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347320 2017-04-28] (Microsoft Corporation)

R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103712 2017-04-28] (Microsoft Corporation)

R2 WsAppService; C:\Program Files (x86)\Wondershare\WAF\2.1.7.1\WsAppService.exe [404480 2016-02-17] (Wondershare) [Datei ist nicht signiert]

S3 WsDrvInst; C:\Program Files (x86)\Wondershare\Dr.Fone for Android\DriverInstall.exe [115856 2016-04-14] (Wondershare)

R2 XperiaCompanionService; C:\Program Files\Sony\Xperia Companion\Service\XperiaCompanionService.exe [2205568 2016-12-22] (Sony)
 

===================== Treiber (Nicht auf der Ausnahmeliste) ======================
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
 

S0 BMLoad; C:\WINDOWS\System32\drivers\BMLoad.sys [16512 2009-12-15] (Bytemobile, Inc.) [Datei ist nicht signiert]

R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [77440 2017-05-09] ()

S3 ggsomc; C:\WINDOWS\System32\drivers\ggsomc.sys [30424 2016-05-29] (Sony Mobile Communications)

S3 HtcVCom32; C:\WINDOWS\system32\DRIVERS\HtcVComV64.sys [121800 2010-03-08] (QUALCOMM Incorporated)

S3 hwusbdev; C:\WINDOWS\system32\DRIVERS\ewusbdev.sys [114304 2009-10-12] (Huawei Technologies Co., Ltd.)

R3 LMDriver; C:\WINDOWS\System32\drivers\LMDriver.sys [21360 2013-07-17] (Acer Incorporated)

R2 MBAMChameleon; C:\WINDOWS\system32\drivers\MBAMChameleon.sys [187320 2017-05-11] (Malwarebytes)

R3 MBAMFarflt; C:\WINDOWS\system32\drivers\farflt.sys [113592 2017-05-16] (Malwarebytes)

R3 MBAMProtection; C:\WINDOWS\system32\drivers\mbam.sys [43968 2017-05-16] (Malwarebytes)

R0 MBAMSwissArmy; C:\WINDOWS\System32\drivers\MBAMSwissArmy.sys [251832 2017-05-16] (Malwarebytes)

R3 MBAMWebProtection; C:\WINDOWS\system32\drivers\mwac.sys [93624 2017-05-16] (Malwarebytes)

S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()

R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nvacwu.inf_amd64_31f4ef4821269ebb\nvlddmkm.sys [14190520 2017-01-17] (NVIDIA Corporation)

R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [28216 2016-06-15] (NVIDIA Corporation)

R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [56384 2016-04-14] (NVIDIA Corporation)

R3 Qcamain10x64; C:\WINDOWS\System32\drivers\Qcamain10x64.sys [2336768 2016-07-16] (Qualcomm Atheros, Inc.)

R3 RadioShim; C:\WINDOWS\System32\drivers\RadioShim.sys [14680 2013-07-17] (Acer Incorporated)

R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [589824 2016-07-16] (Realtek                                            )

R3 RTSUER; C:\WINDOWS\system32\Drivers\RtsUer.sys [416472 2016-05-17] (Realsil Semiconductor Corporation)

R3 SynRMIHID; C:\WINDOWS\system32\DRIVERS\SynRMIHID.sys [56520 2015-06-08] (Synaptics Incorporated)

R1 tcpipBM; C:\Windows\system32\drivers\tcpipBM.sys [39552 2009-12-15] (Bytemobile, Inc.) [Datei ist nicht signiert]

S0 WdBoot; C:\WINDOWS\System32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)

R0 WdFilter; C:\WINDOWS\System32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)

R3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)
 

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
 
 

==================== Ein Monat: Erstellte Dateien und Ordner ========
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
 

2017-05-16 21:58 - 2017-05-16 21:59 - 00026690 _____ C:\Users\User\Desktop\Fixlog.txt

2017-05-16 21:42 - 2017-05-16 21:42 - 00131072 ___HT C:\Users\User\~backup.pst.tmp

2017-05-14 16:43 - 2017-05-14 16:43 - 00000000 ____D C:\Users\User\Desktop\FRST-OlderVersion

2017-05-11 18:29 - 2017-05-11 18:29 - 00044535 _____ C:\Users\User\Desktop\Addition.txt

2017-05-11 18:27 - 2017-05-16 22:18 - 00026926 _____ C:\Users\User\Desktop\FRST.txt

2017-05-11 18:25 - 2017-05-11 18:25 - 00004089 _____ C:\Users\User\Desktop\mbam.txt

2017-05-11 18:07 - 2017-05-16 22:00 - 00251832 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys

2017-05-11 18:07 - 2017-05-16 22:00 - 00113592 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys

2017-05-11 18:07 - 2017-05-16 22:00 - 00093624 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys

2017-05-11 18:07 - 2017-05-16 22:00 - 00043968 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys

2017-05-11 18:07 - 2017-05-11 18:07 - 00187320 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMChameleon.sys

2017-05-11 18:07 - 2017-05-11 18:07 - 00000000 ____D C:\Users\User\Desktop\Anti-Malware

2017-05-11 18:07 - 2017-05-11 18:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes

2017-05-11 18:07 - 2017-05-11 18:07 - 00000000 ____D C:\ProgramData\Malwarebytes

2017-05-11 18:07 - 2017-05-09 16:37 - 00077440 _____ C:\WINDOWS\system32\Drivers\mbae64.sys

2017-05-11 18:05 - 2017-05-11 18:05 - 63035592 _____ (Malwarebytes ) C:\Users\User\Desktop\mb3-setup-consumer-3.1.2.1733.exe

2017-05-11 17:39 - 2017-05-11 17:35 - 04102600 _____ C:\Users\User\Desktop\AdwCleaner_6.046 (2).exe

2017-05-10 19:50 - 2017-04-28 03:28 - 00965472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReAgent.dll

2017-05-10 19:50 - 2017-04-28 02:59 - 00601712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll

2017-05-10 19:50 - 2017-04-28 02:56 - 02048488 _____ C:\WINDOWS\SysWOW64\CoreUIComponents.dll

2017-05-10 19:50 - 2017-04-28 02:55 - 00088416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\scmbus.sys

2017-05-10 19:50 - 2017-04-28 02:53 - 00616048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kernel32.dll

2017-05-10 19:50 - 2017-04-28 02:48 - 00263472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Storage.ApplicationData.dll

2017-05-10 19:50 - 2017-04-28 02:46 - 05722320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll

2017-05-10 19:50 - 2017-04-28 02:46 - 01504056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll

2017-05-10 19:50 - 2017-04-28 02:46 - 01431232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll

2017-05-10 19:50 - 2017-04-28 02:45 - 02263832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll

2017-05-10 19:50 - 2017-04-28 02:45 - 00975744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll

2017-05-10 19:50 - 2017-04-28 02:45 - 00861024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll

2017-05-10 19:50 - 2017-04-28 02:45 - 00781144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe

2017-05-10 19:50 - 2017-04-28 02:45 - 00493920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe

2017-05-10 19:50 - 2017-04-28 02:45 - 00116576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudExperienceHostCommon.dll

2017-05-10 19:50 - 2017-04-28 02:43 - 02168288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll

2017-05-10 19:50 - 2017-04-28 02:43 - 01980768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll

2017-05-10 19:50 - 2017-04-28 02:43 - 01557224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\crypt32.dll

2017-05-10 19:50 - 2017-04-28 02:43 - 00846560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll

2017-05-10 19:50 - 2017-04-28 02:42 - 00601952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupEngine.dll

2017-05-10 19:50 - 2017-04-28 02:41 - 00361104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsmf.dll

2017-05-10 19:50 - 2017-04-28 02:40 - 06665952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll

2017-05-10 19:50 - 2017-04-28 02:40 - 04023008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll

2017-05-10 19:50 - 2017-04-28 02:40 - 01851696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll

2017-05-10 19:50 - 2017-04-28 02:40 - 01360456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetsrc.dll

2017-05-10 19:50 - 2017-04-28 02:40 - 01277856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll

2017-05-10 19:50 - 2017-04-28 02:40 - 01202936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll

2017-05-10 19:50 - 2017-04-28 02:40 - 00981888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetcore.dll

2017-05-10 19:50 - 2017-04-28 02:40 - 00352760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MMDevAPI.dll

2017-05-10 19:50 - 2017-04-28 02:39 - 20967840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll

2017-05-10 19:50 - 2017-04-28 02:39 - 04312248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe

2017-05-10 19:50 - 2017-04-28 02:39 - 00962760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll

2017-05-10 19:50 - 2017-04-28 02:39 - 00715104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys

2017-05-10 19:50 - 2017-04-28 02:38 - 00557408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys

2017-05-10 19:50 - 2017-04-28 02:35 - 01414208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll

2017-05-10 19:50 - 2017-04-28 02:35 - 00276832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\input.dll

2017-05-10 19:50 - 2017-04-28 02:29 - 05685760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll

2017-05-10 19:50 - 2017-04-28 02:23 - 01631232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Resources.dll

2017-05-10 19:50 - 2017-04-28 02:23 - 00095232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTimeUtil.dll

2017-05-10 19:50 - 2017-04-28 02:22 - 00165376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReInfo.dll

2017-05-10 19:50 - 2017-04-28 02:22 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\odbcconf.dll

2017-05-10 19:50 - 2017-04-28 02:21 - 00224256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExSMime.dll

2017-05-10 19:50 - 2017-04-28 02:21 - 00027648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BthTelemetry.dll

2017-05-10 19:50 - 2017-04-28 02:20 - 00141824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Radios.dll

2017-05-10 19:50 - 2017-04-28 02:20 - 00044032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\virtdisk.dll

2017-05-10 19:50 - 2017-04-28 02:19 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDeviceRegistration.dll

2017-05-10 19:50 - 2017-04-28 02:19 - 00138240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DisplayManager.dll

2017-05-10 19:50 - 2017-04-28 02:18 - 00450560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastls.dll

2017-05-10 19:50 - 2017-04-28 02:18 - 00285184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.BlockedShutdown.dll

2017-05-10 19:50 - 2017-04-28 02:18 - 00255488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\unimdm.tsp

2017-05-10 19:50 - 2017-04-28 02:17 - 00328192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll

2017-05-10 19:50 - 2017-04-28 02:17 - 00142336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.WiFi.dll

2017-05-10 19:50 - 2017-04-28 02:17 - 00136192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinRtTracing.dll

2017-05-10 19:50 - 2017-04-28 02:17 - 00095232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BluetoothApis.dll

2017-05-10 19:50 - 2017-04-28 02:17 - 00094208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryClient.dll

2017-05-10 19:50 - 2017-04-28 02:16 - 00392192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Gaming.Input.dll

2017-05-10 19:50 - 2017-04-28 02:16 - 00374784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.LowLevel.dll

2017-05-10 19:50 - 2017-04-28 02:16 - 00315904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Gaming.XboxLive.Storage.dll

2017-05-10 19:50 - 2017-04-28 02:16 - 00231936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.LockScreen.dll

2017-05-10 19:50 - 2017-04-28 02:16 - 00203776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\credprovhost.dll

2017-05-10 19:50 - 2017-04-28 02:16 - 00184320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserMgrProxy.dll

2017-05-10 19:50 - 2017-04-28 02:16 - 00180224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe

2017-05-10 19:50 - 2017-04-28 02:16 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppointmentActivation.dll

2017-05-10 19:50 - 2017-04-28 02:16 - 00113152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Lights.dll

2017-05-10 19:50 - 2017-04-28 02:15 - 00557568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll

2017-05-10 19:50 - 2017-04-28 02:15 - 00404992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dsreg.dll

2017-05-10 19:50 - 2017-04-28 02:15 - 00334848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastlsext.dll

2017-05-10 19:50 - 2017-04-28 02:15 - 00237568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SyncSettings.dll

2017-05-10 19:50 - 2017-04-28 02:15 - 00206336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bthprops.cpl

2017-05-10 19:50 - 2017-04-28 02:15 - 00117760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AuthBroker.dll

2017-05-10 19:50 - 2017-04-28 02:15 - 00115712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Core.dll

2017-05-10 19:50 - 2017-04-28 02:14 - 00670208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.PointOfService.dll

2017-05-10 19:50 - 2017-04-28 02:14 - 00483840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.AllJoyn.dll

2017-05-10 19:50 - 2017-04-28 02:14 - 00223232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgentUserBroker.exe

2017-05-10 19:50 - 2017-04-28 02:13 - 13873664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll

2017-05-10 19:50 - 2017-04-28 02:13 - 01755136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DeviceFlows.DataModel.dll

2017-05-10 19:50 - 2017-04-28 02:13 - 01243136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.FaceAnalysis.dll

2017-05-10 19:50 - 2017-04-28 02:13 - 00562176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.SmartCards.dll

2017-05-10 19:50 - 2017-04-28 02:13 - 00506880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DevicePairing.dll

2017-05-10 19:50 - 2017-04-28 02:13 - 00426496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Wallet.dll

2017-05-10 19:50 - 2017-04-28 02:13 - 00386048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.WiFiDirect.dll

2017-05-10 19:50 - 2017-04-28 02:13 - 00332288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Bluetooth.dll

2017-05-10 19:50 - 2017-04-28 02:13 - 00325120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleacc.dll

2017-05-10 19:50 - 2017-04-28 02:13 - 00298496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll

2017-05-10 19:50 - 2017-04-28 02:13 - 00271360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\deviceaccess.dll

2017-05-10 19:50 - 2017-04-28 02:13 - 00218624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WwaApi.dll

2017-05-10 19:50 - 2017-04-28 02:13 - 00206336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vaultcli.dll

2017-05-10 19:50 - 2017-04-28 02:13 - 00202752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.HumanInterfaceDevice.dll

2017-05-10 19:50 - 2017-04-28 02:13 - 00185856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Identity.Provider.dll

2017-05-10 19:50 - 2017-04-28 02:13 - 00175616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Scanners.dll

2017-05-10 19:50 - 2017-04-28 02:13 - 00125952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apprepapi.dll

2017-05-10 19:50 - 2017-04-28 02:13 - 00114176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\setupugc.exe

2017-05-10 19:50 - 2017-04-28 02:12 - 00498688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mbsmsapi.dll

2017-05-10 19:50 - 2017-04-28 02:12 - 00431616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\efswrt.dll

2017-05-10 19:50 - 2017-04-28 02:12 - 00284672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apprepsync.dll

2017-05-10 19:50 - 2017-04-28 02:12 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Picker.dll

2017-05-10 19:50 - 2017-04-28 02:11 - 00747520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Ocr.dll

2017-05-10 19:50 - 2017-04-28 02:11 - 00075776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\updatepolicy.dll

2017-05-10 19:50 - 2017-04-28 02:10 - 00857600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EmailApis.dll

2017-05-10 19:50 - 2017-04-28 02:10 - 00819200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppContracts.dll

2017-05-10 19:50 - 2017-04-28 02:10 - 00816640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NaturalLanguage6.dll

2017-05-10 19:50 - 2017-04-28 02:10 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mprddm.dll

2017-05-10 19:50 - 2017-04-28 02:10 - 00314368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Usb.dll

2017-05-10 19:50 - 2017-04-28 02:10 - 00284672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.dll

2017-05-10 19:50 - 2017-04-28 02:10 - 00238080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AboveLockAppHost.dll

2017-05-10 19:50 - 2017-04-28 02:09 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll

2017-05-10 19:50 - 2017-04-28 02:09 - 00525824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintDialogs.dll

2017-05-10 19:50 - 2017-04-28 02:09 - 00509440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll

2017-05-10 19:50 - 2017-04-28 02:09 - 00368128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\puiobj.dll

2017-05-10 19:50 - 2017-04-28 02:09 - 00352256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Enumeration.dll

2017-05-10 19:50 - 2017-04-28 02:08 - 07626752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll

2017-05-10 19:50 - 2017-04-28 02:08 - 01534464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.Printing.3D.dll

2017-05-10 19:50 - 2017-04-28 02:08 - 01228288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usercpl.dll

2017-05-10 19:50 - 2017-04-28 02:08 - 00653312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.AccountsControl.dll

2017-05-10 19:50 - 2017-04-28 02:08 - 00288256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CryptoWinRT.dll

2017-05-10 19:50 - 2017-04-28 02:07 - 03689984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll

2017-05-10 19:50 - 2017-04-28 02:07 - 00525312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LogonController.dll

2017-05-10 19:50 - 2017-04-28 02:07 - 00256512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\thumbcache.dll

2017-05-10 19:50 - 2017-04-28 02:06 - 04614656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll

2017-05-10 19:50 - 2017-04-28 02:06 - 02333184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmSvc.dll

2017-05-10 19:50 - 2017-04-28 02:06 - 00901120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Bluetooth.dll

2017-05-10 19:50 - 2017-04-28 02:06 - 00675840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.dll

2017-05-10 19:50 - 2017-04-28 02:05 - 03733504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_47.dll

2017-05-10 19:50 - 2017-04-28 02:05 - 00886272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll

2017-05-10 19:50 - 2017-04-28 02:05 - 00709120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CPFilters.dll

2017-05-10 19:50 - 2017-04-28 02:05 - 00589312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Sensors.dll

2017-05-10 19:50 - 2017-04-28 02:04 - 01323008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_fs.dll

2017-05-10 19:50 - 2017-04-28 02:03 - 01137152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_health.dll

2017-05-10 19:50 - 2017-04-28 02:03 - 01077760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Editing.dll

2017-05-10 19:50 - 2017-04-28 02:03 - 00355328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RTMediaFrame.dll

2017-05-10 19:50 - 2017-04-28 02:03 - 00318464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LocationApi.dll

2017-05-10 19:50 - 2017-04-28 02:03 - 00291328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\adsnt.dll

2017-05-10 19:50 - 2017-04-28 02:03 - 00134656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Energy.dll

2017-05-10 19:50 - 2017-04-28 02:02 - 03307008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll

2017-05-10 19:50 - 2017-04-28 02:01 - 00795648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MiracastReceiver.dll

2017-05-10 19:50 - 2017-04-28 02:01 - 00713216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpnapps.dll

2017-05-10 19:50 - 2017-04-28 02:01 - 00343040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToDevice.dll

2017-05-10 19:50 - 2017-04-28 02:01 - 00295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\unimdm.tsp

2017-05-10 19:50 - 2017-04-28 02:01 - 00248832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dlnashext.dll

2017-05-10 19:50 - 2017-04-28 02:01 - 00141312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dialclient.dll

2017-05-10 19:50 - 2017-04-28 02:00 - 02749440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mispace.dll

2017-05-10 19:50 - 2017-04-28 02:00 - 01255936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll

2017-05-10 19:50 - 2017-04-28 02:00 - 00249856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BthLEEnum.sys

2017-05-10 19:50 - 2017-04-28 01:59 - 02154496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\storagewmi.dll

2017-05-10 19:50 - 2017-04-28 01:59 - 00895488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Streaming.dll

2017-05-10 19:50 - 2017-04-28 01:59 - 00220672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToReceiver.dll

2017-05-10 19:50 - 2017-04-28 01:58 - 07468544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll

2017-05-10 19:50 - 2017-04-28 01:58 - 00546304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\uReFS.dll

2017-05-10 19:50 - 2017-04-28 01:58 - 00433664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\imapi2.dll

2017-05-10 19:50 - 2017-04-28 01:58 - 00134144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ErrorDetails.dll

2017-05-10 19:50 - 2017-04-28 01:58 - 00090624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll

2017-05-10 19:50 - 2017-04-28 01:57 - 01247232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Globalization.dll

2017-05-10 19:50 - 2017-04-28 01:57 - 01221120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Audio.dll

2017-05-10 19:50 - 2017-04-28 01:57 - 00719872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_sr.dll

2017-05-10 19:50 - 2017-04-28 01:57 - 00641024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MCRecvSrc.dll

2017-05-10 19:50 - 2017-04-28 01:57 - 00089600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CameraCaptureUI.dll

2017-05-10 19:50 - 2017-04-28 01:56 - 00400384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToManager.dll

2017-05-10 19:50 - 2017-04-28 01:56 - 00357376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Geolocation.dll

2017-05-10 19:50 - 2017-04-28 01:56 - 00333312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsApi.dll

2017-05-10 19:50 - 2017-04-28 01:56 - 00103936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Devices.dll

2017-05-10 19:50 - 2017-04-28 01:55 - 01993216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll

2017-05-10 19:50 - 2017-04-28 01:55 - 01987584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll

2017-05-10 19:50 - 2017-04-28 01:55 - 01656320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Perception.dll

2017-05-10 19:50 - 2017-04-28 01:55 - 01413632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OpcServices.dll

2017-05-10 19:50 - 2017-04-28 01:55 - 01232384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Maps.dll

2017-05-10 19:50 - 2017-04-28 01:55 - 01170944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Speech.dll

2017-05-10 19:50 - 2017-04-28 01:55 - 01004544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Input.Inking.dll

2017-05-10 19:50 - 2017-04-28 01:54 - 02747904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpcore.dll

2017-05-10 19:50 - 2017-04-28 01:54 - 02646528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CertEnroll.dll

2017-05-10 19:50 - 2017-04-28 01:54 - 02483200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll

2017-05-10 19:50 - 2017-04-28 01:54 - 01883648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll

2017-05-10 19:50 - 2017-04-28 01:54 - 01013248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.Http.dll

2017-05-10 19:50 - 2017-04-28 01:54 - 00967680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys

2017-05-10 19:50 - 2017-04-28 01:54 - 00654336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MbaeApiPublic.dll

2017-05-10 19:50 - 2017-04-28 01:54 - 00598528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.dll

2017-05-10 19:50 - 2017-04-28 01:54 - 00566784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ShareHost.dll

2017-05-10 19:50 - 2017-04-28 01:54 - 00348160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Midi.dll

2017-05-10 19:50 - 2017-04-28 01:53 - 01170944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Phone.dll

2017-05-10 19:50 - 2017-04-28 01:53 - 00798208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll

2017-05-10 19:50 - 2017-04-28 01:53 - 00751104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.BackgroundTransfer.dll

2017-05-10 19:50 - 2017-04-28 01:53 - 00621056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll

2017-05-10 19:50 - 2017-04-28 01:52 - 03106304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstsc.exe

2017-05-10 19:50 - 2017-04-28 01:52 - 02994176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys

2017-05-10 19:50 - 2017-04-28 01:52 - 02008576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll

2017-05-10 19:50 - 2017-04-28 01:52 - 01600000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll

2017-05-10 19:50 - 2017-04-28 01:50 - 00783360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TSWorkspace.dll

2017-05-10 19:50 - 2017-04-28 01:39 - 04596224 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsrchvw.exe

2017-05-10 19:50 - 2017-04-28 01:30 - 00483840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll

2017-05-10 19:50 - 2017-03-04 09:57 - 00484584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll

2017-05-10 19:50 - 2017-03-04 08:23 - 00299520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataAccountApis.dll

2017-05-10 19:50 - 2017-03-04 08:22 - 00265728 _____ C:\WINDOWS\SysWOW64\Windows.Perception.Stub.dll

2017-05-10 19:50 - 2017-03-04 08:17 - 00529920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StructuredQuery.dll

2017-05-10 19:50 - 2017-03-04 08:16 - 00500224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.Printing.dll

2017-05-10 19:50 - 2017-03-04 08:05 - 03520512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xpsrchvw.exe

2017-05-10 19:50 - 2017-03-04 08:01 - 00827904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll

2017-05-10 19:50 - 2017-03-04 08:00 - 00691200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll

2017-05-10 19:49 - 2017-04-28 02:58 - 01706488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll

2017-05-10 19:49 - 2017-04-28 02:57 - 00794928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Shell.Broker.dll

2017-05-10 19:49 - 2017-04-28 02:53 - 07784288 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe

2017-05-10 19:49 - 2017-04-28 02:53 - 02213760 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll

2017-05-10 19:49 - 2017-04-28 02:53 - 00774224 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll

2017-05-10 19:49 - 2017-04-28 02:49 - 02681200 _____ C:\WINDOWS\system32\CoreUIComponents.dll

2017-05-10 19:49 - 2017-04-28 02:42 - 00328008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Storage.ApplicationData.dll

2017-05-10 19:49 - 2017-04-28 02:40 - 07220184 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll

2017-05-10 19:49 - 2017-04-28 02:40 - 02759704 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll

2017-05-10 19:49 - 2017-04-28 02:40 - 02187104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys

2017-05-10 19:49 - 2017-04-28 02:40 - 01860288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll

2017-05-10 19:49 - 2017-04-28 02:40 - 01738560 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll

2017-05-10 19:49 - 2017-04-28 02:40 - 01157000 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll

2017-05-10 19:49 - 2017-04-28 02:40 - 00857440 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe

2017-05-10 19:49 - 2017-04-28 02:40 - 00402784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys

2017-05-10 19:49 - 2017-04-28 02:38 - 00847200 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupEngine.dll

2017-05-10 19:49 - 2017-04-28 02:36 - 00408600 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsmf.dll

2017-05-10 19:49 - 2017-04-28 02:36 - 00092512 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll

2017-05-10 19:49 - 2017-04-28 02:35 - 08170600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll

2017-05-10 19:49 - 2017-04-28 02:35 - 04260576 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll

2017-05-10 19:49 - 2017-04-28 02:35 - 01988048 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll

2017-05-10 19:49 - 2017-04-28 02:35 - 01702392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll

2017-05-10 19:49 - 2017-04-28 02:35 - 01302136 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll

2017-05-10 19:49 - 2017-04-28 02:35 - 00596040 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll

2017-05-10 19:49 - 2017-04-28 02:34 - 22220856 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll

2017-05-10 19:49 - 2017-04-28 02:34 - 01277824 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll

2017-05-10 19:49 - 2017-04-28 02:34 - 01072248 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetcore.dll

2017-05-10 19:49 - 2017-04-28 02:34 - 00443232 _____ (Microsoft Corporation) C:\WINDOWS\system32\MMDevAPI.dll

2017-05-10 19:49 - 2017-04-28 02:34 - 00244824 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll

2017-05-10 19:49 - 2017-04-28 02:28 - 00453536 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe

2017-05-10 19:49 - 2017-04-28 02:28 - 00387864 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpps.dll

2017-05-10 19:49 - 2017-04-28 02:19 - 00081408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll

2017-05-10 19:49 - 2017-04-28 02:14 - 00270336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll

2017-05-10 19:49 - 2017-04-28 02:11 - 00846336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WebcamUi.dll

2017-05-10 19:49 - 2017-04-28 02:11 - 00340480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll

2017-05-10 19:49 - 2017-04-28 02:08 - 18365440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll

2017-05-10 19:49 - 2017-04-28 02:07 - 00372736 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXTaskFactory.dll

2017-05-10 19:49 - 2017-04-28 02:06 - 22569472 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll

2017-05-10 19:49 - 2017-04-28 02:06 - 00691712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll

2017-05-10 19:49 - 2017-04-28 02:05 - 19414016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll

2017-05-10 19:49 - 2017-04-28 02:04 - 00119808 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTimeUtil.dll

2017-05-10 19:49 - 2017-04-28 02:03 - 00081408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\raspppoe.sys

2017-05-10 19:49 - 2017-04-28 02:03 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\odbcconf.dll

2017-05-10 19:49 - 2017-04-28 02:02 - 00123904 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll

2017-05-10 19:49 - 2017-04-28 02:02 - 00115200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bridge.sys

2017-05-10 19:49 - 2017-04-28 02:02 - 00040448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vwifimp.sys

2017-05-10 19:49 - 2017-04-28 02:01 - 00233472 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe

2017-05-10 19:49 - 2017-04-28 02:00 - 12349440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll

2017-05-10 19:49 - 2017-04-28 02:00 - 00193536 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinRtTracing.dll

2017-05-10 19:49 - 2017-04-28 02:00 - 00165376 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll

2017-05-10 19:49 - 2017-04-28 02:00 - 00149504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Core.dll

2017-05-10 19:49 - 2017-04-28 01:59 - 12187136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll

2017-05-10 19:49 - 2017-04-28 01:59 - 00635904 _____ (Microsoft Corporation) C:\WINDOWS\system32\FlightSettings.dll

2017-05-10 19:49 - 2017-04-28 01:59 - 00467968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Gaming.XboxLive.Storage.dll

2017-05-10 19:49 - 2017-04-28 01:59 - 00375296 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastlsext.dll

2017-05-10 19:49 - 2017-04-28 01:58 - 00418304 _____ C:\WINDOWS\system32\Windows.Perception.Stub.dll

2017-05-10 19:49 - 2017-04-28 01:58 - 00360448 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpencom.dll

2017-05-10 19:49 - 2017-04-28 01:58 - 00276992 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll

2017-05-10 19:49 - 2017-04-28 01:58 - 00211968 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe

2017-05-10 19:49 - 2017-04-28 01:57 - 01507840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.FaceAnalysis.dll

2017-05-10 19:49 - 2017-04-28 01:57 - 00502784 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastls.dll

2017-05-10 19:49 - 2017-04-28 01:57 - 00223744 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe

2017-05-10 19:49 - 2017-04-28 01:57 - 00216576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Scanners.dll

2017-05-10 19:49 - 2017-04-28 01:57 - 00132096 _____ (Microsoft Corporation) C:\WINDOWS\system32\PrintWSDAHost.dll

2017-05-10 19:49 - 2017-04-28 01:56 - 00748544 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll

2017-05-10 19:49 - 2017-04-28 01:56 - 00590336 _____ (Microsoft Corporation) C:\WINDOWS\system32\efswrt.dll

2017-05-10 19:49 - 2017-04-28 01:56 - 00387584 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll

2017-05-10 19:49 - 2017-04-28 01:56 - 00358912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.dll

2017-05-10 19:49 - 2017-04-28 01:56 - 00293888 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll

2017-05-10 19:49 - 2017-04-28 01:56 - 00260608 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgentUserBroker.exe

2017-05-10 19:49 - 2017-04-28 01:56 - 00088576 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll

2017-05-10 19:49 - 2017-04-28 01:55 - 00561664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Wallet.dll

2017-05-10 19:49 - 2017-04-28 01:55 - 00431616 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpAXHolder.dll

2017-05-10 19:49 - 2017-04-28 01:55 - 00307200 _____ (Microsoft Corporation) C:\WINDOWS\system32\PrintDialogs3D.dll

2017-05-10 19:49 - 2017-04-28 01:55 - 00252416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Identity.Provider.dll

2017-05-10 19:49 - 2017-04-28 01:54 - 02027008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl

2017-05-10 19:49 - 2017-04-28 01:54 - 01509376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll

2017-05-10 19:49 - 2017-04-28 01:54 - 00425984 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll

2017-05-10 19:49 - 2017-04-28 01:54 - 00284160 _____ (Microsoft Corporation) C:\WINDOWS\system32\AboveLockAppHost.dll

2017-05-10 19:49 - 2017-04-28 01:53 - 06288384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll

2017-05-10 19:49 - 2017-04-28 01:53 - 03059200 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll

2017-05-10 19:49 - 2017-04-28 01:53 - 00671744 _____ (Microsoft Corporation) C:\WINDOWS\system32\mbsmsapi.dll

2017-05-10 19:49 - 2017-04-28 01:53 - 00579584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.UX.EapRequestHandler.dll

2017-05-10 19:49 - 2017-04-28 01:53 - 00245760 _____ (Microsoft Corporation) C:\WINDOWS\system32\WwaApi.dll

2017-05-10 19:49 - 2017-04-28 01:51 - 01589760 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdtctm.dll

2017-05-10 19:49 - 2017-04-28 01:51 - 00713216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys

2017-05-10 19:49 - 2017-04-28 01:51 - 00458752 _____ (Microsoft Corporation) C:\WINDOWS\system32\RTMediaFrame.dll

2017-05-10 19:49 - 2017-04-28 01:51 - 00409600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys

2017-05-10 19:49 - 2017-04-28 01:50 - 03778048 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll

2017-05-10 19:49 - 2017-04-28 01:50 - 00329728 _____ (Microsoft Corporation) C:\WINDOWS\system32\fvecpl.dll

2017-05-10 19:49 - 2017-04-28 01:49 - 00864256 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnapps.dll

2017-05-10 19:49 - 2017-04-28 01:47 - 01908224 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll

2017-05-10 19:49 - 2017-04-28 01:47 - 01078784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.dll

2017-05-10 19:49 - 2017-04-28 01:47 - 00796672 _____ (Microsoft Corporation) C:\WINDOWS\system32\fvewiz.dll

2017-05-10 19:49 - 2017-04-28 01:47 - 00627200 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpaceControl.dll

2017-05-10 19:49 - 2017-04-28 01:45 - 23677440 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll

2017-05-10 19:49 - 2017-04-28 01:45 - 01217024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Audio.dll

2017-05-10 19:49 - 2017-04-28 01:45 - 00411648 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsApi.dll

2017-05-10 19:49 - 2017-04-28 01:44 - 13091328 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll

2017-05-10 19:49 - 2017-04-28 01:44 - 01366016 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll

2017-05-10 19:49 - 2017-04-28 01:44 - 01145344 _____ (Microsoft Corporation) C:\WINDOWS\system32\EmailApis.dll

2017-05-10 19:49 - 2017-04-28 01:44 - 00937984 _____ (Microsoft Corporation) C:\WINDOWS\system32\MCRecvSrc.dll

2017-05-10 19:49 - 2017-04-28 01:44 - 00583680 _____ (Microsoft Corporation) C:\WINDOWS\system32\PrintDialogs.dll

2017-05-10 19:49 - 2017-04-28 01:44 - 00548864 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll

2017-05-10 19:49 - 2017-04-28 01:43 - 01184256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Unistore.dll

2017-05-10 19:49 - 2017-04-28 01:43 - 00963584 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebcamUi.dll

2017-05-10 19:49 - 2017-04-28 01:43 - 00646656 _____ (Microsoft Corporation) C:\WINDOWS\system32\wiaservc.dll

2017-05-10 19:49 - 2017-04-28 01:43 - 00539136 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToManager.dll

2017-05-10 19:49 - 2017-04-28 01:43 - 00526336 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv

2017-05-10 19:49 - 2017-04-28 01:43 - 00467968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Geolocation.dll

2017-05-10 19:49 - 2017-04-28 01:43 - 00331264 _____ (Microsoft Corporation) C:\WINDOWS\system32\NgcCtnrSvc.dll

2017-05-10 19:49 - 2017-04-28 01:42 - 13441536 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll

2017-05-10 19:49 - 2017-04-28 01:42 - 08125440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll

2017-05-10 19:49 - 2017-04-28 01:42 - 08076288 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll

2017-05-10 19:49 - 2017-04-28 01:42 - 02390016 _____ (Microsoft Corporation) C:\WINDOWS\system32\smartscreen.exe

2017-05-10 19:49 - 2017-04-28 01:41 - 01080320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Ocr.dll

2017-05-10 19:49 - 2017-04-28 01:41 - 00983040 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcsvc.dll

2017-05-10 19:49 - 2017-04-28 01:41 - 00860160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mprddm.dll

2017-05-10 19:49 - 2017-04-28 01:41 - 00759296 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll

2017-05-10 19:49 - 2017-04-28 01:41 - 00611328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Printing.dll

2017-05-10 19:49 - 2017-04-28 01:40 - 04474368 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_47.dll

2017-05-10 19:49 - 2017-04-28 01:40 - 02096640 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl

2017-05-10 19:49 - 2017-04-28 01:40 - 01040896 _____ (Microsoft Corporation) C:\WINDOWS\system32\NaturalLanguage6.dll

2017-05-10 19:49 - 2017-04-28 01:40 - 00913920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.dll

2017-05-10 19:49 - 2017-04-28 01:40 - 00816640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll

2017-05-10 19:49 - 2017-04-28 01:39 - 00846336 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApiPublic.dll

2017-05-10 19:49 - 2017-04-28 01:38 - 05611008 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll

2017-05-10 19:49 - 2017-04-28 01:38 - 02424320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Perception.dll

2017-05-10 19:49 - 2017-04-28 01:38 - 01359360 _____ (Microsoft Corporation) C:\WINDOWS\system32\usercpl.dll

2017-05-10 19:49 - 2017-04-28 01:38 - 00765440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Sensors.dll

2017-05-10 19:49 - 2017-04-28 01:37 - 04149248 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll

2017-05-10 19:49 - 2017-04-28 01:37 - 03134976 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcore.dll

2017-05-10 19:49 - 2017-04-28 01:37 - 02895872 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll

2017-05-10 19:49 - 2017-04-28 01:37 - 02538496 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll

2017-05-10 19:49 - 2017-04-28 01:37 - 01984000 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll

2017-05-10 19:49 - 2017-04-28 01:37 - 01783296 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll

2017-05-10 19:49 - 2017-04-28 01:37 - 01637888 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll

2017-05-10 19:49 - 2017-04-28 01:37 - 01424896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Maps.dll

2017-05-10 19:49 - 2017-04-28 01:37 - 01266176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Input.Inking.dll

2017-05-10 19:49 - 2017-04-28 01:37 - 00875520 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll

2017-05-10 19:49 - 2017-04-28 01:37 - 00391168 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll

2017-05-10 19:49 - 2017-04-28 01:36 - 01513472 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys

2017-05-10 19:49 - 2017-04-28 01:36 - 01328640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.Http.dll

2017-05-10 19:49 - 2017-04-28 01:36 - 01131008 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll

2017-05-10 19:49 - 2017-04-28 01:36 - 00774656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.dll

2017-05-10 19:49 - 2017-04-28 01:35 - 03299840 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstsc.exe

2017-05-10 19:49 - 2017-04-28 01:35 - 00924672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.BackgroundTransfer.dll

2017-05-10 19:49 - 2017-04-28 01:34 - 00999424 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWorkspace.dll

2017-05-10 19:49 - 2017-04-28 01:34 - 00439296 _____ (Microsoft Corporation) C:\WINDOWS\system32\wksprt.exe

2017-05-10 19:49 - 2017-04-28 01:34 - 00394240 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpclip.exe

2017-05-10 19:49 - 2017-03-04 09:09 - 01293152 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll

2017-05-10 19:49 - 2017-03-04 08:27 - 00456192 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiobj.dll

2017-05-10 19:49 - 2017-03-04 08:26 - 00261632 _____ (Microsoft Corporation) C:\WINDOWS\system32\indexeddbserver.dll

2017-05-10 19:49 - 2017-03-04 08:25 - 01388544 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Cred.dll

2017-05-10 19:49 - 2017-03-04 08:19 - 01403392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Editing.dll

2017-05-10 19:49 - 2017-03-04 08:06 - 01369088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Phone.dll

2017-05-10 19:48 - 2017-04-28 02:57 - 00603488 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContentDeliveryManager.Utilities.dll

2017-05-10 19:48 - 2017-04-28 02:56 - 01117024 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReAgent.dll

2017-05-10 19:48 - 2017-04-28 02:52 - 02255712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys

2017-05-10 19:48 - 2017-04-28 02:49 - 00764392 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll

2017-05-10 19:48 - 2017-04-28 02:49 - 00700936 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel32.dll

2017-05-10 19:48 - 2017-04-28 02:47 - 00699744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimgapi.dll

2017-05-10 19:48 - 2017-04-28 02:47 - 00501088 _____ (Microsoft Corporation) C:\WINDOWS\system32\spwizeng.dll

2017-05-10 19:48 - 2017-04-28 02:46 - 00410464 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinSetupUI.dll

2017-05-10 19:48 - 2017-04-28 02:44 - 00062816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fsdepends.sys

2017-05-10 19:48 - 2017-04-28 02:42 - 00526176 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimserv.exe

2017-05-10 19:48 - 2017-04-28 02:40 - 00578400 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe

2017-05-10 19:48 - 2017-04-28 02:40 - 00146784 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostCommon.dll

2017-05-10 19:48 - 2017-04-28 02:40 - 00026976 _____ (Microsoft Corporation) C:\WINDOWS\system32\browser_broker.exe

2017-05-10 19:48 - 2017-04-28 02:39 - 00624048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys

2017-05-10 19:48 - 2017-04-28 02:38 - 02915704 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll

2017-05-10 19:48 - 2017-04-28 02:38 - 02446704 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll

2017-05-10 19:48 - 2017-04-28 02:38 - 01852200 _____ (Microsoft Corporation) C:\WINDOWS\system32\crypt32.dll

2017-05-10 19:48 - 2017-04-28 02:38 - 01267512 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll

2017-05-10 19:48 - 2017-04-28 02:38 - 00431968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys

2017-05-10 19:48 - 2017-04-28 02:34 - 04674360 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe

2017-05-10 19:48 - 2017-04-28 02:34 - 01600624 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll

2017-05-10 19:48 - 2017-04-28 02:34 - 00241504 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHost.dll

2017-05-10 19:48 - 2017-04-28 02:30 - 01569184 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll

2017-05-10 19:48 - 2017-04-28 02:30 - 00322912 _____ (Microsoft Corporation) C:\WINDOWS\system32\input.dll

2017-05-10 19:48 - 2017-04-28 02:28 - 00455520 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe

2017-05-10 19:48 - 2017-04-28 02:21 - 00073728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdc.ocx

2017-05-10 19:48 - 2017-04-28 02:19 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbonRes.dll

2017-05-10 19:48 - 2017-04-28 02:15 - 00822784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll

2017-05-10 19:48 - 2017-04-28 02:15 - 00126464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll

2017-05-10 19:48 - 2017-04-28 02:14 - 00306688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll

2017-05-10 19:48 - 2017-04-28 02:12 - 00635904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll

2017-05-10 19:48 - 2017-04-28 02:12 - 00236544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll

2017-05-10 19:48 - 2017-04-28 02:10 - 07216640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll

2017-05-10 19:48 - 2017-04-28 02:10 - 00661504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll

2017-05-10 19:48 - 2017-04-28 02:05 - 01631232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll

2017-05-10 19:48 - 2017-04-28 02:03 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbonRes.dll

2017-05-10 19:48 - 2017-04-28 02:03 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdc.ocx

2017-05-10 19:48 - 2017-04-28 02:03 - 00032256 _____ (Microsoft Corporation) C:\WINDOWS\system32\BthTelemetry.dll

2017-05-10 19:48 - 2017-04-28 02:02 - 00019456 _____ (Microsoft Corporation) C:\WINDOWS\system32\appidcertstorecheck.exe

2017-05-10 19:48 - 2017-04-28 02:01 - 00259072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Family.SyncEngine.dll

2017-05-10 19:48 - 2017-04-28 02:01 - 00185344 _____ (Microsoft Corporation) C:\WINDOWS\system32\DisplayManager.dll

2017-05-10 19:48 - 2017-04-28 02:01 - 00156160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Family.Client.dll

2017-05-10 19:48 - 2017-04-28 02:01 - 00129536 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_ClosedCaptioning.dll

2017-05-10 19:48 - 2017-04-28 02:01 - 00090624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Printers.dll

2017-05-10 19:48 - 2017-04-28 02:01 - 00051712 _____ (Microsoft Corporation) C:\WINDOWS\system32\virtdisk.dll

2017-05-10 19:48 - 2017-04-28 02:00 - 00196096 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDeviceRegistration.dll

2017-05-10 19:48 - 2017-04-28 02:00 - 00193536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.WiFi.dll

2017-05-10 19:48 - 2017-04-28 02:00 - 00148480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.System.Profile.RetailInfo.dll

2017-05-10 19:48 - 2017-04-28 02:00 - 00120832 _____ (Microsoft Corporation) C:\WINDOWS\system32\BluetoothApis.dll

2017-05-10 19:48 - 2017-04-28 02:00 - 00101888 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDeviceRegistration.Ngc.dll

2017-05-10 19:48 - 2017-04-28 02:00 - 00099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll

2017-05-10 19:48 - 2017-04-28 02:00 - 00073216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryBroker.dll

2017-05-10 19:48 - 2017-04-28 01:59 - 00567296 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevicePairing.dll

2017-05-10 19:48 - 2017-04-28 01:59 - 00186368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Radios.dll

2017-05-10 19:48 - 2017-04-28 01:59 - 00124416 _____ (Microsoft Corporation) C:\WINDOWS\system32\appidsvc.dll

2017-05-10 19:48 - 2017-04-28 01:59 - 00122880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryClient.dll

2017-05-10 19:48 - 2017-04-28 01:58 - 00547840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Gaming.Input.dll

2017-05-10 19:48 - 2017-04-28 01:58 - 00418304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.BlockedShutdown.dll

2017-05-10 19:48 - 2017-04-28 01:58 - 00289792 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeveloperOptionsSettingsHandlers.dll

2017-05-10 19:48 - 2017-04-28 01:58 - 00231424 _____ (Microsoft Corporation) C:\WINDOWS\system32\shutdownux.dll

2017-05-10 19:48 - 2017-04-28 01:58 - 00150016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.AppDefaults.dll

2017-05-10 19:48 - 2017-04-28 01:58 - 00144896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Lights.dll

2017-05-10 19:48 - 2017-04-28 01:58 - 00130560 _____ (Microsoft Corporation) C:\WINDOWS\system32\ConsentUX.dll

2017-05-10 19:48 - 2017-04-28 01:57 - 00651264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.AllJoyn.dll

2017-05-10 19:48 - 2017-04-28 01:57 - 00568320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.LowLevel.dll

2017-05-10 19:48 - 2017-04-28 01:57 - 00505856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.WiFiDirect.dll

2017-05-10 19:48 - 2017-04-28 01:57 - 00279552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.HumanInterfaceDevice.dll

2017-05-10 19:48 - 2017-04-28 01:57 - 00268800 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserMgrProxy.dll

2017-05-10 19:48 - 2017-04-28 01:57 - 00243712 _____ (Microsoft Corporation) C:\WINDOWS\system32\credprovhost.dll

2017-05-10 19:48 - 2017-04-28 01:57 - 00241152 _____ (Microsoft Corporation) C:\WINDOWS\system32\dafBth.dll

2017-05-10 19:48 - 2017-04-28 01:57 - 00157184 _____ (Microsoft Corporation) C:\WINDOWS\system32\bthserv.dll

2017-05-10 19:48 - 2017-04-28 01:57 - 00139264 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll

2017-05-10 19:48 - 2017-04-28 01:56 - 00947712 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll

2017-05-10 19:48 - 2017-04-28 01:56 - 00912384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.SmartCards.dll

2017-05-10 19:48 - 2017-04-28 01:56 - 00692224 _____ (Microsoft Corporation) C:\WINDOWS\system32\CellularAPI.dll

2017-05-10 19:48 - 2017-04-28 01:56 - 00691200 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll

2017-05-10 19:48 - 2017-04-28 01:56 - 00379904 _____ (Microsoft Corporation) C:\WINDOWS\system32\apprepsync.dll

2017-05-10 19:48 - 2017-04-28 01:56 - 00324608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.LockScreen.dll

2017-05-10 19:48 - 2017-04-28 01:56 - 00311296 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncSettings.dll

2017-05-10 19:48 - 2017-04-28 01:56 - 00267264 _____ (Microsoft Corporation) C:\WINDOWS\system32\vaultcli.dll

2017-05-10 19:48 - 2017-04-28 01:56 - 00147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll

2017-05-10 19:48 - 2017-04-28 01:56 - 00146432 _____ (Microsoft Corporation) C:\WINDOWS\system32\AuthBroker.dll

2017-05-10 19:48 - 2017-04-28 01:55 - 06042624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll

2017-05-10 19:48 - 2017-04-28 01:55 - 02084352 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceFlows.DataModel.dll

2017-05-10 19:48 - 2017-04-28 01:55 - 00657920 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmans.dll

2017-05-10 19:48 - 2017-04-28 01:55 - 00407552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll

2017-05-10 19:48 - 2017-04-28 01:55 - 00391168 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleacc.dll

2017-05-10 19:48 - 2017-04-28 01:55 - 00337408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Picker.dll

2017-05-10 19:48 - 2017-04-28 01:55 - 00231424 _____ (Microsoft Corporation) C:\WINDOWS\system32\bthprops.cpl

2017-05-10 19:48 - 2017-04-28 01:55 - 00176128 _____ (Microsoft Corporation) C:\WINDOWS\system32\apprepapi.dll

2017-05-10 19:48 - 2017-04-28 01:54 - 03664384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll

2017-05-10 19:48 - 2017-04-28 01:54 - 00949248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.PointOfService.dll

2017-05-10 19:48 - 2017-04-28 01:54 - 00472064 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Bluetooth.dll

2017-05-10 19:48 - 2017-04-28 01:54 - 00339456 _____ (Microsoft Corporation) C:\WINDOWS\system32\ConhostV2.dll

2017-05-10 19:48 - 2017-04-28 01:54 - 00329728 _____ (Microsoft Corporation) C:\WINDOWS\system32\deviceaccess.dll

2017-05-10 19:48 - 2017-04-28 01:54 - 00091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll

2017-05-10 19:48 - 2017-04-28 01:53 - 00458752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Enumeration.dll

2017-05-10 19:48 - 2017-04-28 01:53 - 00437248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Usb.dll

2017-05-10 19:48 - 2017-04-28 01:51 - 02104320 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll

2017-05-10 19:48 - 2017-04-28 01:51 - 01913856 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_fs.dll

2017-05-10 19:48 - 2017-04-28 01:51 - 01584128 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_health.dll

2017-05-10 19:48 - 2017-04-28 01:51 - 00169984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Energy.dll

2017-05-10 19:48 - 2017-04-28 01:50 - 01476608 _____ (Microsoft Corporation) C:\WINDOWS\system32\RecoveryDrive.exe

2017-05-10 19:48 - 2017-04-28 01:50 - 00380416 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationApi.dll

2017-05-10 19:48 - 2017-04-28 01:50 - 00338944 _____ (Microsoft Corporation) C:\WINDOWS\system32\adsnt.dll

2017-05-10 19:48 - 2017-04-28 01:49 - 17198592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll

2017-05-10 19:48 - 2017-04-28 01:49 - 01105408 _____ (Microsoft Corporation) C:\WINDOWS\system32\MiracastReceiver.dll

2017-05-10 19:48 - 2017-04-28 01:49 - 00442368 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToDevice.dll

2017-05-10 19:48 - 2017-04-28 01:48 - 00337920 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll

2017-05-10 19:48 - 2017-04-28 01:48 - 00295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\dlnashext.dll

2017-05-10 19:48 - 2017-04-28 01:48 - 00187904 _____ (Microsoft Corporation) C:\WINDOWS\system32\dialclient.dll

2017-05-10 19:48 - 2017-04-28 01:47 - 09131008 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll

2017-05-10 19:48 - 2017-04-28 01:47 - 03290112 _____ (Microsoft Corporation) C:\WINDOWS\system32\mispace.dll

2017-05-10 19:48 - 2017-04-28 01:47 - 01790464 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationFramework.dll

2017-05-10 19:48 - 2017-04-28 01:47 - 00942080 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll

2017-05-10 19:48 - 2017-04-28 01:47 - 00649216 _____ (Microsoft Corporation) C:\WINDOWS\system32\vds.exe

2017-05-10 19:48 - 2017-04-28 01:46 - 02861056 _____ (Microsoft Corporation) C:\WINDOWS\system32\storagewmi.dll

2017-05-10 19:48 - 2017-04-28 01:46 - 01547264 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbengine.exe

2017-05-10 19:48 - 2017-04-28 01:46 - 01443328 _____ (Microsoft Corporation) C:\WINDOWS\system32\VSSVC.exe

2017-05-10 19:48 - 2017-04-28 01:46 - 00501248 _____ (Microsoft Corporation) C:\WINDOWS\system32\imapi2.dll

2017-05-10 19:48 - 2017-04-28 01:46 - 00374784 _____ (Microsoft Corporation) C:\WINDOWS\system32\resutils.dll

2017-05-10 19:48 - 2017-04-28 01:46 - 00279552 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToReceiver.dll

2017-05-10 19:48 - 2017-04-28 01:46 - 00049664 _____ (Microsoft Corporation) C:\WINDOWS\system32\catsrvps.dll

2017-05-10 19:48 - 2017-04-28 01:45 - 00946688 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_sr.dll

2017-05-10 19:48 - 2017-04-28 01:45 - 00628736 _____ (Microsoft Corporation) C:\WINDOWS\system32\uReFS.dll

2017-05-10 19:48 - 2017-04-28 01:45 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll

2017-05-10 19:48 - 2017-04-28 01:45 - 00167936 _____ (Microsoft Corporation) C:\WINDOWS\system32\ErrorDetails.dll

2017-05-10 19:48 - 2017-04-28 01:45 - 00130560 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpaceAgent.exe

2017-05-10 19:48 - 2017-04-28 01:45 - 00112640 _____ (Microsoft Corporation) C:\WINDOWS\system32\CameraCaptureUI.dll

2017-05-10 19:48 - 2017-04-28 01:44 - 04749824 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll

2017-05-10 19:48 - 2017-04-28 01:44 - 01010176 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll

2017-05-10 19:48 - 2017-04-28 01:44 - 00896512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.AccountsControl.dll

2017-05-10 19:48 - 2017-04-28 01:44 - 00775168 _____ (Microsoft Corporation) C:\WINDOWS\system32\GamePanel.exe

2017-05-10 19:48 - 2017-04-28 01:44 - 00410112 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevicesFlowBroker.dll

2017-05-10 19:48 - 2017-04-28 01:44 - 00139776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Devices.dll

2017-05-10 19:48 - 2017-04-28 01:43 - 00634368 _____ (Microsoft Corporation) C:\WINDOWS\system32\StructuredQuery.dll

2017-05-10 19:48 - 2017-04-28 01:43 - 00600576 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptui.dll

2017-05-10 19:48 - 2017-04-28 01:43 - 00560128 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppReadiness.dll

2017-05-10 19:48 - 2017-04-28 01:43 - 00460800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Midi.dll

2017-05-10 19:48 - 2017-04-28 01:43 - 00320512 _____ (Microsoft Corporation) C:\WINDOWS\system32\thumbcache.dll

2017-05-10 19:48 - 2017-04-28 01:42 - 01692160 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll

2017-05-10 19:48 - 2017-04-28 01:42 - 01021440 _____ (Microsoft Corporation) C:\WINDOWS\system32\usermgr.dll

2017-05-10 19:48 - 2017-04-28 01:42 - 00945664 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll

2017-05-10 19:48 - 2017-04-28 01:42 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll

2017-05-10 19:48 - 2017-04-28 01:41 - 01359872 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModel.dll

2017-05-10 19:48 - 2017-04-28 01:41 - 00890368 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll

2017-05-10 19:48 - 2017-04-28 01:41 - 00828416 _____ (Microsoft Corporation) C:\WINDOWS\system32\appwiz.cpl

2017-05-10 19:48 - 2017-04-28 01:41 - 00650752 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll

2017-05-10 19:48 - 2017-04-28 01:41 - 00591360 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll

2017-05-10 19:48 - 2017-04-28 01:41 - 00376832 _____ (Microsoft Corporation) C:\WINDOWS\system32\CryptoWinRT.dll

2017-05-10 19:48 - 2017-04-28 01:40 - 02914816 _____ (Microsoft Corporation) C:\WINDOWS\system32\CertEnroll.dll

2017-05-10 19:48 - 2017-04-28 01:40 - 02510848 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll

2017-05-10 19:48 - 2017-04-28 01:40 - 02208768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Printing.3D.dll

2017-05-10 19:48 - 2017-04-28 01:40 - 01643008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.dll

2017-05-10 19:48 - 2017-04-28 01:40 - 01586176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Globalization.dll

2017-05-10 19:48 - 2017-04-28 01:40 - 00971264 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll

2017-05-10 19:48 - 2017-04-28 01:40 - 00886784 _____ (Microsoft Corporation) C:\WINDOWS\system32\CPFilters.dll

2017-05-10 19:48 - 2017-04-28 01:40 - 00770560 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll

2017-05-10 19:48 - 2017-04-28 01:39 - 00673792 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe

2017-05-10 19:48 - 2017-04-28 01:38 - 01490432 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll

2017-05-10 19:48 - 2017-04-28 01:38 - 01275392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Bluetooth.dll

2017-05-10 19:48 - 2017-04-28 01:37 - 04744192 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll

2017-05-10 19:48 - 2017-04-28 01:37 - 02316288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll

2017-05-10 19:48 - 2017-04-28 01:37 - 02286592 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll

2017-05-10 19:48 - 2017-04-28 01:37 - 02216960 _____ (Microsoft Corporation) C:\WINDOWS\system32\OpcServices.dll

2017-05-10 19:48 - 2017-04-28 01:37 - 00881664 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll

2017-05-10 19:48 - 2017-04-28 01:36 - 03613184 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys

2017-05-10 19:48 - 2017-04-28 01:36 - 02691072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll

2017-05-10 19:48 - 2017-04-28 01:36 - 02478080 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll

2017-05-10 19:48 - 2017-04-28 01:36 - 01844224 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll

2017-05-10 19:48 - 2017-04-28 01:36 - 00735744 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll

2017-05-10 19:48 - 2017-04-28 01:36 - 00716800 _____ (Microsoft Corporation) C:\WINDOWS\system32\ShareHost.dll

2017-05-10 19:48 - 2017-04-28 01:35 - 01121280 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll

2017-05-10 19:48 - 2017-04-28 01:34 - 00035328 _____ (Microsoft Corporation) C:\WINDOWS\system32\spaceman.exe

2017-05-10 19:48 - 2017-04-28 01:33 - 01817088 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.dll

2017-05-10 19:48 - 2017-03-04 08:25 - 01060352 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppContracts.dll

2017-05-10 19:48 - 2016-12-21 09:09 - 00368640 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneBackupHandler.dll

2017-05-10 15:07 - 2017-05-10 15:09 - 00281802 _____ C:\TDSSKiller.3.1.0.15_10.05.2017_15.07.29_log.txt

2017-05-10 15:02 - 2017-05-14 16:43 - 02429952 _____ (Farbar) C:\Users\User\Desktop\FRST64 (1).exe

2017-05-10 15:02 - 2017-05-10 11:27 - 04922400 _____ (AO Kaspersky Lab) C:\Users\User\Desktop\tdsskiller (1).exe

2017-05-08 17:20 - 2017-05-16 22:17 - 00000000 ____D C:\FRST

2017-05-03 13:56 - 2017-05-03 13:56 - 00000780 _____ C:\Users\User\Desktop\JRT.txt

2017-05-02 18:51 - 2017-05-02 18:51 - 00000000 ____D C:\Users\User\AppData\Roaming\Google

2017-05-02 18:07 - 2017-05-02 18:08 - 00000000 ____D C:\Users\User\AppData\Local\MSfree Inc

2017-04-28 22:59 - 2017-04-28 21:13 - 00030938 _____ C:\Users\User\bookmarks-2017-04-28.json

2017-04-28 22:54 - 2017-05-02 18:51 - 00000000 ____D C:\Users\User\AppData\LocalLow\Mozilla

2017-04-28 22:46 - 2017-05-11 17:43 - 00000000 ____D C:\AdwCleaner

2017-04-19 17:57 - 2017-04-19 17:57 - 00000000 ____D C:\Program Files (x86)\Lame For Audacity
 

==================== Ein Monat: Geänderte Dateien und Ordner ========
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
 

2017-05-16 22:18 - 2016-07-16 13:45 - 00000000 ____D C:\WINDOWS\INF

2017-05-16 22:00 - 2017-03-02 16:12 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT

2017-05-16 22:00 - 2017-03-02 15:52 - 00000000 ____D C:\ProgramData\NVIDIA

2017-05-16 22:00 - 2017-03-02 15:51 - 00000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat

2017-05-16 22:00 - 2016-04-09 10:12 - 00000000 ____D C:\Users\User\AppData\Local\HTC MediaHub

2017-05-16 22:00 - 2015-03-25 23:04 - 00000000 __SHD C:\Users\User\IntelGraphicsProfiles

2017-05-16 21:59 - 2016-07-16 08:04 - 00524288 _____ C:\WINDOWS\system32\config\BBI

2017-05-16 21:58 - 2017-04-03 19:07 - 143754240 _____ C:\Users\User\backup.pst

2017-05-16 21:35 - 2017-03-02 15:48 - 00000000 ____D C:\WINDOWS\system32\SleepStudy

2017-05-16 17:19 - 2017-03-02 16:14 - 01947698 _____ C:\WINDOWS\system32\PerfStringBackup.INI

2017-05-16 17:19 - 2016-07-17 00:51 - 00757908 _____ C:\WINDOWS\system32\perfh007.dat

2017-05-16 17:19 - 2016-07-17 00:51 - 00161172 _____ C:\WINDOWS\system32\perfc007.dat

2017-05-16 12:44 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\appraiser

2017-05-16 12:44 - 2016-07-16 13:36 - 00000000 ____D C:\WINDOWS\CbsTemp

2017-05-16 12:39 - 2016-07-16 13:47 - 00000000 ___HD C:\Program Files\WindowsApps

2017-05-16 12:39 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\AppReadiness

2017-05-15 17:19 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\rescache

2017-05-14 11:58 - 2015-03-25 22:56 - 00002264 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk

2017-05-11 18:18 - 2015-08-17 09:44 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox

2017-05-11 17:29 - 2015-04-12 10:39 - 00000000 __RHD C:\Users\Public\AccountPictures

2017-05-11 17:27 - 2017-03-02 15:47 - 00464600 _____ C:\WINDOWS\system32\FNTCACHE.DAT

2017-05-11 14:40 - 2016-07-16 13:47 - 00000000 ___SD C:\WINDOWS\SysWOW64\F12

2017-05-11 14:40 - 2016-07-16 13:47 - 00000000 ___SD C:\WINDOWS\system32\F12

2017-05-11 14:40 - 2016-07-16 13:47 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel

2017-05-11 14:40 - 2016-07-16 13:47 - 00000000 ___RD C:\Program Files\Windows Defender

2017-05-11 14:40 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\SystemResetPlatform

2017-05-11 14:40 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\oobe

2017-05-11 14:40 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\ShellExperiences

2017-05-11 14:40 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\Provisioning

2017-05-11 14:40 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\PolicyDefinitions

2017-05-11 14:40 - 2016-07-16 13:47 - 00000000 ____D C:\Program Files\Windows Photo Viewer

2017-05-11 14:40 - 2016-07-16 13:47 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer

2017-05-11 14:40 - 2016-07-16 13:47 - 00000000 ____D C:\Program Files (x86)\Windows Defender

2017-05-11 14:40 - 2016-07-16 08:04 - 00000000 ____D C:\WINDOWS\SysWOW64\Dism

2017-05-11 14:08 - 2016-03-27 14:30 - 00000000 ____D C:\Users\User\AppData\Roaming\Audacity

2017-05-11 13:51 - 2015-04-12 13:55 - 00000000 ____D C:\Users\User\AppData\Roaming\DVDVideoSoft

2017-05-11 13:39 - 2015-03-25 23:40 - 00000000 ____D C:\WINDOWS\system32\MRT

2017-05-11 13:37 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\LiveKernelReports

2017-05-10 20:06 - 2015-03-25 23:40 - 156335152 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe

2017-05-10 19:59 - 2013-08-22 15:25 - 00000167 _____ C:\WINDOWS\win.ini

2017-05-10 11:38 - 2016-07-16 13:42 - 00073728 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSManMigrationPlugin.dll

2017-05-10 11:29 - 2015-03-26 05:50 - 00000000 ____D C:\Users\User\AppData\Local\Packages

2017-05-10 11:27 - 2016-02-03 11:58 - 00000000 ____D C:\Users\User\AppData\Local\CrashDumps

2017-05-07 15:41 - 2015-04-12 08:08 - 00000000 ____D C:\Users\User\AppData\Roaming\Skype

2017-05-03 13:42 - 2015-07-31 13:48 - 00000000 ____D C:\ProgramData\F-Secure

2017-05-03 13:40 - 2016-07-16 08:04 - 00032768 _____ C:\WINDOWS\system32\config\ELAM

2017-05-02 18:12 - 2015-04-12 10:13 - 00532136 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe

2017-05-01 16:53 - 2017-04-13 09:54 - 00003916 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1603712690-2894388539-358268464-1001UA1d2b42b3d108749

2017-05-01 16:53 - 2017-04-13 09:54 - 00003648 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1603712690-2894388539-358268464-1001Core1d2b42b3ce86f9b

2017-04-29 02:59 - 2016-07-16 13:49 - 00835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe

2017-04-29 02:59 - 2016-07-16 13:49 - 00177656 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl

2017-04-28 22:49 - 2015-07-31 18:14 - 00000000 ____D C:\Users\User\AppData\Roaming\Lavasoft

2017-04-28 22:49 - 2015-07-31 18:14 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft

2017-04-28 22:49 - 2015-07-31 18:14 - 00000000 ____D C:\ProgramData\Lavasoft

2017-04-28 22:49 - 2015-07-31 18:14 - 00000000 ____D C:\Program Files (x86)\Lavasoft

2017-04-28 22:13 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\registration

2017-04-28 21:25 - 2017-01-12 15:32 - 00000000 ____D C:\Program Files (x86)\CDBurnerXP

2017-04-28 12:03 - 2017-03-02 16:12 - 00003628 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA

2017-04-28 12:03 - 2017-03-02 16:12 - 00003504 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore

2017-04-28 03:01 - 2017-03-02 15:50 - 02717184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll

2017-04-23 17:07 - 2015-04-12 22:13 - 00000000 ____D C:\Users\User\AppData\Local\Spotify

2017-04-23 16:36 - 2015-04-12 22:12 - 00000000 ____D C:\Users\User\AppData\Roaming\Spotify

2017-04-22 12:51 - 2015-03-26 00:05 - 00000000 ____D C:\ProgramData\Oracle

2017-04-22 12:47 - 2015-04-12 20:40 - 00000000 ____D C:\Users\User\AppData\Roaming\vlc

2017-04-22 12:47 - 2015-03-25 22:57 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java

2017-04-22 12:47 - 2015-03-25 22:57 - 00000000 ____D C:\Program Files (x86)\Java

2017-04-22 12:46 - 2015-03-25 22:57 - 00097856 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll

2017-04-19 17:49 - 2017-01-12 15:32 - 00001224 _____ C:\Users\Public\Desktop\CDBurnerXP.lnk

2017-04-19 17:49 - 2017-01-12 15:32 - 00001174 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CDBurnerXP.lnk
 

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
 

2016-03-20 20:17 - 2016-03-20 20:17 - 0000268 ___RH () C:\Users\User\AppData\Roaming\External Build System

2016-03-20 20:18 - 2016-03-20 20:18 - 0000268 ___RH () C:\Users\User\AppData\Roaming\File Templates

2016-03-20 20:17 - 2016-03-20 20:17 - 0000268 ___RH () C:\Users\User\AppData\Roaming\Filesystems

2016-03-20 20:16 - 2016-03-20 20:16 - 0000268 ___RH () C:\Users\User\AppData\Roaming\Framework

2015-04-12 14:34 - 2015-04-12 14:34 - 0196228 _____ () C:\Users\User\AppData\Local\134785ED_stp.CIS

2015-04-12 14:34 - 2015-04-12 14:34 - 0000290 _____ () C:\Users\User\AppData\Local\134785ED_stp.CIS.part

2015-04-13 23:59 - 2015-04-13 23:59 - 0047657 _____ () C:\Users\User\AppData\Local\2B763BC1_stp.CIS

2015-04-13 23:59 - 2015-04-13 23:59 - 0000289 _____ () C:\Users\User\AppData\Local\2B763BC1_stp.CIS.part

2015-04-12 14:34 - 2015-04-12 14:34 - 0385602 _____ () C:\Users\User\AppData\Local\5D515C96_stp.CIS

2015-04-12 14:34 - 2015-04-13 23:58 - 0000220 _____ () C:\Users\User\AppData\Local\5D515C96_stp.CIS.part

2015-04-12 14:34 - 2015-04-13 23:59 - 8250214 _____ () C:\Users\User\AppData\Local\65DE37E2_stp.CIS

2015-04-12 14:34 - 2015-04-13 23:59 - 0000373 _____ () C:\Users\User\AppData\Local\65DE37E2_stp.CIS.part

2016-09-27 17:13 - 2016-09-28 09:08 - 0003584 _____ () C:\Users\User\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

2017-01-06 13:55 - 2017-01-06 13:55 - 0004096 ____H () C:\Users\User\AppData\Local\keyfile3.drm

2015-10-06 11:23 - 2015-10-07 09:24 - 29249520 _____ (Sony Mobile Communications                                  ) C:\Users\User\AppData\Local\pcc.exe

2015-09-06 15:17 - 2015-09-06 15:17 - 0000000 _____ () C:\Users\User\AppData\Local\Settings.xml

2015-08-20 17:08 - 2015-08-20 17:08 - 0000132 _____ () C:\Users\User\AppData\Local\updt.js

2016-04-28 18:22 - 2016-04-28 18:22 - 0000000 _____ () C:\Users\User\AppData\Local\{DEBB28E6-C29A-4EFF-9857-53E5B2E566EC}

2017-03-02 15:50 - 2017-03-02 15:50 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

2016-03-20 20:17 - 2016-03-20 20:17 - 0000268 ___RH () C:\ProgramData\Filters

2016-03-20 20:18 - 2016-03-20 20:18 - 0000268 ___RH () C:\ProgramData\Flags

2016-03-20 20:17 - 2016-03-20 20:17 - 0000268 ___RH () C:\ProgramData\Flange Saw

2016-03-20 20:16 - 2016-03-20 20:16 - 0000268 ___RH () C:\ProgramData\Galactic Static

2016-03-20 20:16 - 2016-03-20 20:17 - 0000020 ____H () C:\ProgramData\PKP_DLeo.DAT

2016-03-20 20:18 - 2016-03-20 20:18 - 0000020 ____H () C:\ProgramData\PKP_DLes.DAT

2016-03-20 20:17 - 2017-01-15 13:34 - 0000020 ____H () C:\ProgramData\PKP_DLet.DAT

2016-03-20 20:17 - 2016-03-20 20:17 - 0000020 ____H () C:\ProgramData\PKP_DLev.DAT
 

Dateien, die verschoben oder gelöscht werden sollten:

====================

C:\Users\User\Delphi.exe
 
 

==================== Bamital & volsnap ======================
 

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
 

C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert

C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert

C:\WINDOWS\explorer.exe => Datei ist digital signiert

C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert

C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert

C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert

C:\WINDOWS\system32\services.exe => Datei ist digital signiert

C:\WINDOWS\system32\User32.dll => Datei ist digital signiert

C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert

C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert

C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert

C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert

C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert

C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert

C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert
 

LastRegBack: 2017-05-15 15:14
 

==================== Ende von FRST.txt ============================

--- --- ---

Sabimo

16.05.2017 21:22

Code:



ZusÃ¤tzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 14-05-2017

durchgefÃ¼hrt von User (16-05-2017 22:19:01)

Gestartet von C:\Users\User\Desktop

Windows 10 Home Version 1607 (X64) (2017-03-02 17:26:19)

Start-Modus: Normal

==========================================================
 
 

==================== Konten: =============================
 

Administrator (S-1-5-21-1603712690-2894388539-358268464-500 - Administrator - Disabled)

DefaultAccount (S-1-5-21-1603712690-2894388539-358268464-503 - Limited - Disabled)

Gast (S-1-5-21-1603712690-2894388539-358268464-501 - Limited - Disabled)

User (S-1-5-21-1603712690-2894388539-358268464-1001 - Administrator - Enabled) => C:\Users\User
 

==================== Sicherheits-Center ========================
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
 

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 

==================== Installierte Programme ======================
 

(Nur Adware-Programme mit dem Zusatz "Hidden" kÃ¶nnen in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
 

7-Zip 9.30 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0930-000001000000}) (Version: 9.30.00.0 - Igor Pavlov)

Acer Launch Manager (HKLM\...\{C18D55BD-1EC6-466D-B763-8EEDDDA9100E}) (Version: 8.00.8115 - Acer Incorporated)

Acer Quick Access (HKLM\...\{C1FA525F-D701-4B31-9D32-504FC0CF0B98}) (Version: 1.01.3012 - Acer Incorporated)

Ad-Aware Web Companion (x32 Version: 2.0.1025.2130 - Lavasoft) Hidden

Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 3.5.1.209 - Adobe Systems Incorporated)

Adobe Flash Player 25 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 25.0.0.127 - Adobe Systems Incorporated)

Adobe Lightroom (HKLM-x32\...\{8048A5DF-8A70-5BE1-954B-E0FDE1BD0D0D}) (Version: 6.5 - Adobe Systems Incorporated)

Adobe Reader XI (11.0.19)  MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AB0000000001}) (Version: 11.0.19 - Adobe Systems Incorporated)

Ansel (Version: 373.06 - NVIDIA Corporation) Hidden

Apple Application Support (32-Bit) (HKLM-x32\...\{E92BB800-BCC5-4C25-8102-AC2C3B7C7C1E}) (Version: 5.5 - Apple Inc.)

Apple Application Support (64-Bit) (HKLM\...\{9C912B1E-06DD-43EF-BB2B-45CB2C88BAAE}) (Version: 5.5 - Apple Inc.)

Apple Mobile Device Support (HKLM\...\{0A596141-97D5-45FA-9281-98DFAF48D579}) (Version: 10.3.2.3 - Apple Inc.)

Apple Software Update (HKLM-x32\...\{52D87F32-70E4-4348-8148-C0B9F35B1314}) (Version: 2.3.0.177 - Apple Inc.)

Audacity 2.1.2 (HKLM-x32\...\AudacityÂ®_is1) (Version: 2.1.2 - Audacity Team)

Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)

Borland Delphi 7 (HKLM-x32\...\{72263053-50D1-4598-9502-51ED64E54C51}) (Version: 7.0 - Borland Software Corporation)

Brother MFL-Pro Suite MFC-J625DW (HKLM-x32\...\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}) (Version: 1.1.6.0 - Brother Industries, Ltd.)

Brother P-touch Editor 5.1 (HKLM-x32\...\{39270390-A851-4E4B-94A9-D5C468216ED3}) (Version: 5.1.0620 - Brother Industries, Ltd.)

Bus-Simulator 2012 (HKLM-x32\...\Bus-Simulator 2012_is1) (Version:  - astragon)

CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.7.6521 - CDBurnerXP)

chip 1-click download service (HKLM-x32\...\{503CA94E-0834-4CEE-AD92-BA17AF4E809A}) (Version: 3.6.9.0 - Chip Digital GmbH)

D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden

Die Simsâ„¢ 3 (HKLM-x32\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}) (Version: 1.69.36.024017 - Electronic Arts Inc.)

Die Simsâ„¢ 3 Einfach tierisch (HKLM-x32\...\{C12631C6-804D-4B32-B0DD-8A496462F106}) (Version: 10.0.96 - Electronic Arts)

Die Simsâ„¢ 3 Jahreszeiten (HKLM-x32\...\{3DE92282-CB49-434F-81BF-94E5B380E889}) (Version: 16.0.136 - Electronic Arts)

Dolby Digital Plus Home Theater (HKLM\...\{7E3D8FA1-6092-469A-955B-68FC4A2C67CA}) (Version: 7.6.3.1 - Dolby Laboratories Inc)

Druckerdeinstallation fÃ¼r EPSON XP-332 335 Series (HKLM\...\EPSON XP-332 335 Series) (Version:  - Seiko Epson Corporation)

Fotogalerie (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden

Free Studio version 6.5.5.915 (HKLM-x32\...\Free Studio_is1) (Version: 6.5.5.915 - DVDVideoSoft Ltd.)

Google Chrome (HKLM-x32\...\{139D85BF-546D-3684-969A-98E5F5DE9801}) (Version: 58.0.3029.110 - Google, Inc.)

Google Talk Plugin (HKLM-x32\...\{F9B579C2-D854-300A-BE62-A09EB9D722E4}) (Version: 5.41.3.0 - Google)

Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden

Google Update Helper (x32 Version: 1.3.33.5 - Google Inc.) Hidden

HTC Driver Installer (HKLM-x32\...\{4CEEE5D0-F905-4688-B9F9-ECC710507796}) (Version: 4.17.0.001 - HTC Corporation)

HTC Sync Manager (HKLM-x32\...\{231D0C79-98A6-4693-A366-36DE7D7346EC}) (Version: 3.1.69.5 - HTC)

Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.0.1156 - Intel Corporation)

Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4549 - Intel Corporation)

Intel(R) Serial IO (HKLM\...\{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}) (Version: 1.1.165.0 - Intel Corporation)

Intel(R) Wireless Bluetooth(R) (HKLM-x32\...\{F352BFBE-5960-48EC-B189-7F744B2991F3}) (Version: 17.1.1527.1534 - Intel Corporation)

IntelÂ® Chipsatz-GerÃ¤tesoftware (x32 Version: 10.0.20 - Intel(R) Corporation) Hidden

IntelÂ® PROSet/Wireless Software (HKLM-x32\...\{47ce36dd-beb9-46b5-b71f-bb2c17c39305}) (Version: 18.11.1 - Intel Corporation)

IntelÂ® Security Assist (HKLM-x32\...\{4B230374-6475-4A73-BA6E-41015E9C5013}) (Version: 1.0.0.532 - Intel Corporation)

IPTInstaller (HKLM-x32\...\{08208143-777D-4A06-BB54-71BF0AD1BB70}) (Version: 4.0.9 - HTC)

iTunes (HKLM\...\{6C01A0A7-7440-4D48-93C6-2927A1E93FE6}) (Version: 12.6.0.100 - Apple Inc.)

Java 8 Update 131 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180131F0}) (Version: 8.0.1310.11 - Oracle Corporation)

LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version:  - )

LavasoftTcpService (x32 Version: 2.3.4.7 - Lavasoft) Hidden

LightZone 4.1.5 (HKLM-x32\...\3263-1164-2624-0047) (Version: 4.1.5 - LightZone Project)

Logitech Gaming Software 5.04 (HKLM\...\{8753DF4D-64B0-474E-9A97-0AB5585D9A53}) (Version: 5.04.110 - Logitech)

Malwarebytes Version 3.1.2.1733 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.1.2.1733 - Malwarebytes)

Media Go (HKLM-x32\...\{65256C0D-3FE7-4D2E-BB3E-53F1175481C8}) (Version: 3.0.403 - Sony)

Media Go Network Downloader (HKLM-x32\...\{C52148B9-19E0-433A-9422-3451B1BEE20F}) (Version: 1.6.01.0 - Sony)

Media Go Video Playback Engine 2.20.106.05220 (HKLM-x32\...\{ECAE7E40-24A6-9E8E-EA93-90D080C878B3}) (Version: 2.20.106.05220 - Sony)

Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)

Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)

Microsoft Office Live Add-in 1.5 (HKLM-x32\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)

Microsoft Office Professional Plus 2016 (HKLM\...\Office16.PROPLUS) (Version: 16.0.4266.1001 - Microsoft Corporation)

Microsoft OneDrive (HKU\S-1-5-21-1603712690-2894388539-358268464-1001\...\OneDriveSetup.exe) (Version: 17.3.6743.1212 - Microsoft Corporation)

Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50906.0 - Microsoft Corporation)

Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)

Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)

Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)

Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)

Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)

Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)

Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)

Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)

Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)

Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden

Mp3tag v2.71 (HKLM-x32\...\Mp3tag) (Version: v2.71 - Florian Heidenreich)

Nikon Message Center 2 (HKLM-x32\...\{B014EE44-9197-4513-9613-71E6EB1B514E}) (Version: 2.1.0 - Nikon)

Nikon Movie Editor (HKLM-x32\...\{5CAD3393-EEC0-44CE-9F93-BCAA365B77FB}) (Version: 2.8.0 - Nikon)

NVIDIA Grafiktreiber 376.54 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 376.54 - NVIDIA Corporation)

NVIDIA PhysX-Systemsoftware 9.16.0318 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.16.0318 - NVIDIA Corporation)

OpenOffice 4.1.1 (HKLM-x32\...\{ACD0FFF9-6B35-43C1-82DB-9FF6990E8602}) (Version: 4.11.9775 - Apache Software Foundation)

Origin (HKLM-x32\...\Origin) (Version: 10.4.2.12697 - Electronic Arts, Inc.)

Outils de vÃ©rification linguistique 2016 de Microsoft OfficeÂ*- FranÃ§ais (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden

PhotoScape (HKLM-x32\...\PhotoScape) (Version:  - )

Picture Control Utility x64 (HKLM\...\{11953C65-BB4E-4CA4-B0F0-2600A4B20040}) (Version: 1.4.15 - Nikon)

Pixum Fotowelt (HKLM-x32\...\Pixum Fotowelt) (Version: 6.1.2 - CEWE Stiftung u Co. KGaA)

Qualcomm Atheros 61x4 Wireless LAN&Bluetooth Installer (HKLM-x32\...\{3241744A-BA36-41F0-B4AA-EF3946D00632}) (Version: 11.0.0.0769 - Qualcomm Atheros)

Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 10.0.1.0 - Qualcomm Atheros)

Qualcomm Atheros WLAN and Bluetooth Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 12.65 - Qualcomm Atheros)

Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.10586.31225 - Realtek Semiconduct Corp.)

Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.32.508.2014 - Realtek)

Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7564 - Realtek Semiconductor Corp.)

RollerCoaster Tycoon 3 (HKLM-x32\...\RollerCoaster Tycoon 3_is1) (Version:  - Atari)

Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.55.0 - Samsung Electronics Co., Ltd.)

SHIELD Streaming (Version: 7.1.0280 - NVIDIA Corporation) Hidden

SHIELD Wireless Controller Driver (Version: 2.11.4.1 - NVIDIA Corporation) Hidden

Skypeâ„¢ 7.33 (HKLM-x32\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.33.105 - Skype Technologies S.A.)

Smart Switch (HKLM-x32\...\InstallShield_{74FA5314-85C8-4E2A-907D-D9ECCCB770A7}) (Version: 4.0.15093.11 - Samsung Electronics Co., Ltd.)

Smart Switch (x32 Version: 4.0.15093.11 - Samsung Electronics Co., Ltd.) Hidden

Sony Mobile Update Engine (HKLM-x32\...\Update Engine) (Version: 2.16.12.201608221014 - Sony Mobile Communications Inc.)

Sony PC Companion 2.10.303 (HKLM-x32\...\{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}) (Version: 2.10.303 - Sony)

Spotify (HKU\S-1-5-21-1603712690-2894388539-358268464-1001\...\Spotify) (Version: 1.0.51.693.g6ea1e7f6 - Spotify AB)

Strumenti di correzione di Microsoft Office 2016 - Italiano (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden

TeamViewer 11 (HKLM-x32\...\TeamViewer) (Version: 11.0.53254 - TeamViewer)

Telekom Internet Manager (HKLM-x32\...\Telekom Internet Manager) (Version: 11.301.05.05.748 - Huawei Technologies Co.,Ltd)

Unlocker 1.9.2 (HKLM\...\Unlocker) (Version: 1.9.2 - Cedrick Collomb)

ViewNX 2 (HKLM\...\{635BE602-BB9C-4C59-8CC5-93F9366E8A21}) (Version: 2.8.2 - Nikon)

Vulkan Run Time Libraries 1.0.26.0 (HKLM\...\VulkanRT1.0.26.0) (Version: 1.0.26.0 - LunarG, Inc.)

Web Companion (HKLM-x32\...\{88B10E3E-8911-4FAC-8663-CCF6E33C58B3}_WebCompanion) (Version: 2.0.1025.2130 - Lavasoft)

Windows 10-Upgrade-Assistent (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.17364 - Microsoft Corporation)

Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)

Wondershare Dr.Fone for Android(Build 6.0.2.20) (HKLM-x32\...\{1DB91A95-C548-4BA5-9D4C-18C7DEAAC39F}_is1) (Version: 6.0.2.20 - Wondershare Software Co.,Ltd.)

Xperia Companion (HKLM-x32\...\{efee6944-1231-492a-a157-93409130a098}) (Version: 1.4.7.0 - Sony)

Xperia Companion (x32 Version: 1.4.7.0 - Sony) Hidden

Xperia Companion Service (Version: 1.4.7.0 - Sony) Hidden
 

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
 

CustomCLSID: HKU\S-1-5-21-1603712690-2894388539-358268464-1001_Classes\CLSID\{087B3AE3-E237-4467-B8DB-5A38AB959AC9}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\shlxthdl_x64.dll (Apache Software Foundation)

CustomCLSID: HKU\S-1-5-21-1603712690-2894388539-358268464-1001_Classes\CLSID\{144DF3B2-2402-47AE-9583-5A045929A8D4}\InprocServer32 -> C:\Users\User\AppData\Local\Google\Update\1.3.33.5\psuser_64.dll (Google Inc.)

CustomCLSID: HKU\S-1-5-21-1603712690-2894388539-358268464-1001_Classes\CLSID\{3B092F0C-7696-40E3-A80F-68D74DA84210}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\shlxthdl_x64.dll (Apache Software Foundation)

CustomCLSID: HKU\S-1-5-21-1603712690-2894388539-358268464-1001_Classes\CLSID\{63542C48-9552-494A-84F7-73AA6A7C99C1}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\shlxthdl_x64.dll (Apache Software Foundation)

CustomCLSID: HKU\S-1-5-21-1603712690-2894388539-358268464-1001_Classes\CLSID\{7BC0E710-5703-45BE-A29D-5D46D8B39262}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\ooofilt_x64.dll (Apache Software Foundation)

CustomCLSID: HKU\S-1-5-21-1603712690-2894388539-358268464-1001_Classes\CLSID\{8C46158B-D978-483C-A312-16EE5013BE04}\InprocServer32 -> C:\Users\User\AppData\Local\Google\Update\1.3.33.3\psuser_64.dll => Keine Datei

CustomCLSID: HKU\S-1-5-21-1603712690-2894388539-358268464-1001_Classes\CLSID\{AE424E85-F6DF-4910-A6A9-438797986431}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\propertyhdl_x64.dll (Apache Software Foundation)

CustomCLSID: HKU\S-1-5-21-1603712690-2894388539-358268464-1001_Classes\CLSID\{C52AF81D-F7A0-4AAB-8E87-F80A60CCD396}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\shlxthdl_x64.dll (Apache Software Foundation)

CustomCLSID: HKU\S-1-5-21-1603712690-2894388539-358268464-1001_Classes\CLSID\{CB492AF1-2CEF-4E58-BE47-471C77D0C8BA}\InprocServer32 -> C:\Users\User\AppData\Local\Google\Update\1.3.32.7\psuser_64.dll => Keine Datei

CustomCLSID: HKU\S-1-5-21-1603712690-2894388539-358268464-1001_Classes\CLSID\{CC182BE1-84CE-4A57-B85C-FD4BBDF78CB2}\InprocServer32 -> C:\Users\User\AppData\Local\Google\Update\1.3.29.1\psuser_64.dll => Keine Datei

CustomCLSID: HKU\S-1-5-21-1603712690-2894388539-358268464-1001_Classes\CLSID\{D1EDC4F5-7F4D-4B12-906A-614ECF66DDAF}\InprocServer32 -> C:\Users\User\AppData\Local\Google\Update\1.3.28.15\psuser_64.dll => Keine Datei

CustomCLSID: HKU\S-1-5-21-1603712690-2894388539-358268464-1001_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)

CustomCLSID: HKU\S-1-5-21-1603712690-2894388539-358268464-1001_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\User\AppData\Local\Google\Update\1.3.33.5\psuser_64.dll (Google Inc.)
 

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
 

Task: {05150D9E-6BE7-42C9-8DE3-A8B2D858CDB1} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [2015-07-31] (Microsoft Corporation)

Task: {122D71EB-97AC-421A-8FEC-F3FE02E7261E} - System32\Tasks\Launch Manager => C:\Program Files\Acer\Acer Launch Manager\LMLauncher.exe [2014-12-30] (Acer Incorporate)

Task: {1771C8F9-263E-4DF4-A935-523002B65486} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2017-02-14] (Apple Inc.)

Task: {21FBF08F-72CC-4A41-92F5-C68598D7BBAD} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\Program Files\Windows Defender\\MpCmdRun.exe [2017-04-28] (Microsoft Corporation)

Task: {3BCCAEE4-2072-4314-8EBF-5A276515C20A} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-01] (Google Inc.)

Task: {42172A6E-D874-49EA-89EE-EA4BC43FE44A} - System32\Tasks\EPSON XP-332 335 Series Update {3C294C30-5BFA-4052-A098-4F2949DA4796} => C:\Windows\system32\spool\DRIVERS\x64\3\E_YTSPEE.EXE [2013-11-22] (SEIKO EPSON CORPORATION)

Task: {4C60FE33-F73A-488F-9FCD-23EF8BCA0BAA} - System32\Tasks\Quick Access => C:\Program Files\Acer\Acer Quick Access\QALauncher.exe [2014-03-21] (Acer Incorporate)

Task: {57FAD439-3F62-4A01-92B8-087D5FC77BA2} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1603712690-2894388539-358268464-1001UA1d2b42b3d108749 => C:\Users\User\AppData\Local\Google\Update\GoogleUpdate.exe [2017-02-16] (Google Inc.)

Task: {5852031E-346D-441F-8A07-C388CCE4C9F9} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\Program Files\Windows Defender\\MpCmdRun.exe [2017-04-28] (Microsoft Corporation)

Task: {6CEA1093-D0D0-484B-ADF3-129ED8658BBD} - System32\Tasks\{B5948241-8367-4E45-BD45-57FF933A1216} => pcalua.exe -a "C:\Program Files (x86)\astragon\Bus-Simulator 2012\Bin_Basic_Win32\BusSimulator2012.exe" -d "C:\Program Files (x86)\astragon\Bus-Simulator 2012\Bin_Basic_Win32"

Task: {87D1B6B1-9F98-4A00-BA6B-649237F6B06C} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-01] (Google Inc.)

Task: {87E3433B-9E1B-424C-B5A6-CB33E4E9F3A8} - System32\Tasks\DolbySelectorTask => C:\Program Files\Dolby Digital Plus\ddp.exe [2014-04-07] (Dolby Laboratories Inc.)

Task: {90B2A268-7DBD-4FEF-9EF5-D1D37ECF7220} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1603712690-2894388539-358268464-1001Core1d2b42b3ce86f9b => C:\Users\User\AppData\Local\Google\Update\GoogleUpdate.exe [2017-02-16] (Google Inc.)

Task: {97F87762-6F15-4688-9B4A-F32F5467C16D} - System32\Tasks\{8D23FEC7-C2E2-4CCB-BA01-0435C9214EDA} => pcalua.exe -a "C:\Program Files (x86)\Atari\RollerCoaster Tycoon 3\RCT3plus.exe" -d "C:\Program Files (x86)\Atari\RollerCoaster Tycoon 3"

Task: {C4ED4FE5-ED89-4319-9CB5-2399C546AB8B} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\Program Files\Windows Defender\\MpCmdRun.exe [2017-04-28] (Microsoft Corporation)

Task: {CA4D814C-0386-4B56-AB0D-DB8AACB4075C} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1603712690-2894388539-358268464-1001Core => C:\Users\User\AppData\Local\Google\Update\GoogleUpdate.exe [2017-02-16] (Google Inc.)

Task: {CF413B71-BACA-4AE3-92C9-D8615F4E281C} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2015-07-31] (Microsoft Corporation)

Task: {D24E5803-25AA-487C-BE06-8FB04B227D20} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [2015-07-31] (Microsoft Corporation)

Task: {D46E9D95-1366-4E60-9E0C-B39553168F8E} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-12-19] (Adobe Systems Incorporated)

Task: {DA3ED314-99DB-4F80-9756-E5A1E992C500} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1603712690-2894388539-358268464-1001UA => C:\Users\User\AppData\Local\Google\Update\GoogleUpdate.exe [2017-02-16] (Google Inc.)

Task: {E45A8323-D967-4223-98BA-20CBE3B9D54F} - System32\Tasks\Quick Access Quick Launcher => C:\Program Files\Acer\Acer Quick Access\QALauncher.exe [2014-03-21] (Acer Incorporate)

Task: {FBE9B889-861C-4EC5-A5DC-DA647A851480} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\Program Files\Windows Defender\\MpCmdRun.exe [2017-04-28] (Microsoft Corporation)
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
 

Task: C:\WINDOWS\Tasks\EPSON XP-332 335 Series Update {3C294C30-5BFA-4052-A098-4F2949DA4796}.job => C:\Windows\system32\spool\DRIVERS\x64\3\E_YTSPEE.EXE :/EXE:{3C294C30-5BFA-4052-A098-4F2949DA4796} /F:Update  WORKGROUP\ACER$ ÄŠSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi
 

==================== VerknÃ¼pfungen =============================
 

(Die EintrÃ¤ge kÃ¶nnen gelistet werden, um sie zurÃ¼ckzusetzen oder zu entfernen.)
 

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
 

2016-07-16 13:42 - 2016-07-16 13:42 - 00231424 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll

2017-05-10 19:49 - 2017-04-28 02:49 - 02681200 _____ () C:\WINDOWS\system32\CoreUIComponents.dll

2010-08-19 10:52 - 2010-08-19 10:52 - 00229376 _____ () C:\ProgramData\DatacardService\DCService.exe

2016-09-01 18:12 - 2016-09-01 18:12 - 00092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll

2017-05-09 00:44 - 2017-05-09 00:44 - 01354040 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll

2015-05-19 10:11 - 2015-05-19 10:11 - 00007680 _____ () C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe

2013-10-17 15:27 - 2013-10-17 15:27 - 00166912 _____ () C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe

2016-03-01 17:18 - 2016-06-15 03:14 - 00369208 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\MessageBus.dll

2016-01-14 17:42 - 2016-06-15 03:14 - 00289848 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamBase.dll

2016-05-03 09:33 - 2016-06-15 03:14 - 01148984 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\libprotobuf.dll

2016-03-01 17:18 - 2016-06-15 03:14 - 03613240 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Poco.dll

2017-05-11 18:07 - 2017-05-09 16:38 - 02270672 _____ () C:\USERS\USER\DESKTOP\ANTI-MALWARE\MwacLib.dll

2016-05-10 15:26 - 2005-04-22 06:36 - 00143360 _____ () C:\WINDOWS\system32\BrSNMP64.dll

2017-03-02 15:52 - 2016-12-29 15:16 - 00134712 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll

2016-05-03 09:33 - 2016-06-15 03:14 - 02667576 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\NvMdnsPlugin.dll

2016-05-03 09:33 - 2016-06-15 03:14 - 01990200 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\NvPortForwardPlugin.dll

2016-05-03 09:33 - 2016-06-15 03:14 - 01842232 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\RtspPlugin.dll

2016-01-14 17:42 - 2016-06-15 03:14 - 00208952 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\RtspServer.dll

2016-05-03 09:33 - 2016-06-15 03:14 - 00035896 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\boost_system-vc120-mt-1_58.dll

2016-05-03 09:33 - 2016-06-15 03:14 - 00921656 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\boost_regex-vc120-mt-1_58.dll

2017-05-10 19:49 - 2017-04-28 02:49 - 02681200 _____ () C:\WINDOWS\SYSTEM32\CoreUIComponents.dll

2016-01-22 13:55 - 2016-01-22 13:55 - 00553136 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll

2015-09-30 21:39 - 2016-12-19 08:16 - 00401880 _____ () C:\WINDOWS\system32\igfxTray.exe

2016-03-09 12:58 - 2016-03-09 12:58 - 00821240 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\HTC Sync\adb.exe

2017-03-02 15:36 - 2017-03-02 15:36 - 00134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll

2017-03-16 18:22 - 2017-03-04 08:31 - 00474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll

2017-03-16 18:23 - 2017-03-04 08:12 - 09760768 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll

2017-03-16 18:23 - 2017-03-04 08:05 - 01401856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll

2017-03-16 18:23 - 2017-03-04 08:05 - 00757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll

2017-05-10 19:48 - 2017-04-28 01:36 - 01033216 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Actions.dll

2017-05-10 19:48 - 2017-04-28 01:36 - 02424320 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll

2017-05-10 19:48 - 2017-04-28 01:37 - 04853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll

2017-02-19 20:07 - 2015-02-09 12:18 - 00124440 _____ () C:\Program Files\Realtek\Audio\HDA\FMAPP.exe

2017-05-14 11:58 - 2017-05-09 11:13 - 03767640 _____ () C:\Program Files (x86)\Google\Chrome\Application\58.0.3029.110\libglesv2.dll

2017-05-14 11:58 - 2017-05-09 11:13 - 00100696 _____ () C:\Program Files (x86)\Google\Chrome\Application\58.0.3029.110\libegl.dll

2017-04-27 14:21 - 2017-04-27 14:21 - 02167664 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.17032.10331.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll

2017-05-10 11:28 - 2017-05-10 11:38 - 00020480 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.425.10010.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe

2017-05-10 11:28 - 2017-05-10 11:38 - 26322944 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.425.10010.0_x64__8wekyb3d8bbwe\Microsoft.Photos.dll

2017-05-10 11:28 - 2017-05-10 11:38 - 00441856 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.425.10010.0_x64__8wekyb3d8bbwe\Microsoft.Photos.AGM.Native.Windows.dll

2017-05-10 11:28 - 2017-05-10 11:38 - 02139648 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.425.10010.0_x64__8wekyb3d8bbwe\MediaEngine.dll

2017-05-10 11:28 - 2017-05-10 11:38 - 02901928 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.425.10010.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll

2017-05-10 11:28 - 2017-05-10 11:38 - 00046080 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.425.10010.0_x64__8wekyb3d8bbwe\Microsoft.Photos.Edit.Services.dll

2017-03-02 20:33 - 2017-03-02 20:35 - 00680448 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.425.10010.0_x64__8wekyb3d8bbwe\Microsoft.DesignCore.dll

2017-05-10 11:28 - 2017-05-10 11:38 - 00641024 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.425.10010.0_x64__8wekyb3d8bbwe\Microsoft.RichMedia.Ink.Controls.dll

2017-05-10 11:28 - 2017-05-10 11:38 - 01062400 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.425.10010.0_x64__8wekyb3d8bbwe\Microsoft.Sharing.dll

2017-05-10 19:39 - 2017-05-01 12:59 - 31118328 _____ () C:\Users\User\AppData\Local\Google\Chrome\User Data\PepperFlash\25.0.0.171\pepflashplayer.dll

2016-03-09 12:58 - 2016-03-09 12:58 - 00030720 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\DbAccess.dll

2016-03-09 12:58 - 2016-03-09 12:58 - 00607016 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\sqlite3.dll

2016-03-09 12:58 - 2016-03-09 12:58 - 00059392 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\NAdvLog.dll

2016-03-09 12:58 - 2016-03-09 12:58 - 00035864 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\NFileCacheDBAccess.dll

2016-03-09 12:58 - 2016-03-09 12:58 - 00079888 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\ninstallerhelper.dll

2016-03-09 12:59 - 2016-03-09 12:59 - 00129016 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\zlib1.dll

2016-03-09 13:00 - 2016-03-09 13:00 - 00223240 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\DevConnMon.dll

2016-10-09 12:11 - 2017-01-31 12:48 - 02493440 _____ () C:\Program Files (x86)\Origin\libGLESv2.dll

2015-05-18 13:36 - 2016-06-15 03:14 - 00020536 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll

2015-07-06 21:36 - 2015-07-06 21:36 - 01243936 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
 

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
 
 

==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
 

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
 

==================== VerknÃ¼pfungen (Nicht auf der Ausnahmeliste) ===============
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurÃ¼ckgesetzt oder entfernt.)
 
 

==================== Internet Explorer VertrauenswÃ¼rdig/EingeschrÃ¤nkt ===============
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
 

IE trusted site: HKU\S-1-5-21-1603712690-2894388539-358268464-1001\...\localhost -> localhost
 

==================== Hosts Inhalt: ===============================
 

(Wenn benÃ¶tigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurÃ¼ckzusetzen.)
 

2015-09-16 17:13 - 2015-09-16 17:11 - 00000840 _____ C:\WINDOWS\system32\Drivers\etc\hosts
 
 

==================== Andere Bereiche ============================
 

(Aktuell gibt es keinen automatisierten Fix fÃ¼r diesen Bereich.)
 

HKU\S-1-5-21-1603712690-2894388539-358268464-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\User\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper

DNS Servers: 192.168.2.1

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)

Windows Firewall ist aktiviert.
 

==================== MSCONFIG/TASK MANAGER Deaktivierte EintrÃ¤ge ==
 

HKLM\...\StartupApproved\Run: => "NvBackend"

HKLM\...\StartupApproved\Run: => "Logitech Download Assistant"

HKLM\...\StartupApproved\Run: => "ShadowPlay"

HKLM\...\StartupApproved\Run: => "iTunesHelper"

HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"

HKLM\...\StartupApproved\Run: => "Start WingMan Profiler"

HKLM\...\StartupApproved\Run32: => "ControlCenter4"

HKLM\...\StartupApproved\Run32: => "BrStsMon00"

HKLM\...\StartupApproved\Run32: => "KiesTrayAgent"

HKLM\...\StartupApproved\Run32: => "Adobe Creative Cloud"

HKLM\...\StartupApproved\Run32: => "Nikon Message Center 2"

HKU\S-1-5-21-1603712690-2894388539-358268464-1001\...\StartupApproved\Run: => "Skype"

HKU\S-1-5-21-1603712690-2894388539-358268464-1001\...\StartupApproved\Run: => "Spotify"

HKU\S-1-5-21-1603712690-2894388539-358268464-1001\...\StartupApproved\Run: => "Spotify Web Helper"

HKU\S-1-5-21-1603712690-2894388539-358268464-1001\...\StartupApproved\Run: => "HW_OPENEYE_OUC_Telekom Internet Manager"

HKU\S-1-5-21-1603712690-2894388539-358268464-1001\...\StartupApproved\Run: => "Google Update"

HKU\S-1-5-21-1603712690-2894388539-358268464-1001\...\StartupApproved\Run: => "MusicManager"

HKU\S-1-5-21-1603712690-2894388539-358268464-1001\...\StartupApproved\Run: => "Sony PC Companion"

HKU\S-1-5-21-1603712690-2894388539-358268464-1001\...\StartupApproved\Run: => "XperiaCompanionAgent"

HKU\S-1-5-21-1603712690-2894388539-358268464-1001\...\StartupApproved\Run: => "EPLTarget\P0000000000000000"

HKU\S-1-5-21-1603712690-2894388539-358268464-1001\...\StartupApproved\Run: => "EPLTarget\P0000000000000001"

HKU\S-1-5-21-1603712690-2894388539-358268464-1001\...\StartupApproved\Run: => "OneDrive"
 

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
 

FirewallRules: [TCP Query User{8908B21F-843E-414E-B495-18E063E07586}C:\program files (x86)\google\chrome\application\chrome.exe] => (Block) C:\program files (x86)\google\chrome\application\chrome.exe

FirewallRules: [UDP Query User{0D9D9E61-92FC-45BB-AA15-53373CA52F2C}C:\program files (x86)\google\chrome\application\chrome.exe] => (Block) C:\program files (x86)\google\chrome\application\chrome.exe

FirewallRules: [{D042D602-4A61-494C-84A6-A9EDDE550424}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 

==================== Wiederherstellungspunkte =========================
 

10-05-2017 19:52:47 Windows Update

10-05-2017 19:54:46 Windows Update

16-05-2017 12:44:15 Windows Update
 

==================== Fehlerhafte GerÃ¤te im GerÃ¤temanager =============
 
 

==================== FehlereintrÃ¤ge in der Ereignisanzeige: =========================
 

Applikationsfehler:

==================

Error: (05/16/2017 05:53:37 PM) (Source: Microsoft-Windows-AppModel-State) (EventID: 11) (User: ACER)

Description: Microsoft.Windows.Cortana_cw5n1h2txyewy1018
 

Error: (05/16/2017 05:53:37 PM) (Source: Microsoft-Windows-AppModel-State) (EventID: 11) (User: ACER)

Description: Microsoft.Windows.Cortana_cw5n1h2txyewy1018
 

Error: (05/16/2017 05:53:36 PM) (Source: Microsoft-Windows-AppModel-State) (EventID: 11) (User: ACER)

Description: Microsoft.Windows.Cortana_cw5n1h2txyewy1018
 

Error: (05/16/2017 05:53:36 PM) (Source: Microsoft-Windows-AppModel-State) (EventID: 11) (User: ACER)

Description: Microsoft.Windows.Cortana_cw5n1h2txyewy1018
 

Error: (05/16/2017 12:44:26 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )

Description: Fehler beim Kryptografiedienst wÃ¤hrend der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".
 

Details:

AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.
 

System Error:

Zugriff verweigert

.
 

Error: (05/16/2017 12:42:40 PM) (Source: SideBySide) (EventID: 78) (User: )

Description: Fehler beim Generieren des Aktivierungskontexts fÃ¼r "c:\program files (x86)\adobe\adobe creative cloud\utils\Creative Cloud Uninstaller.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .

Eine fÃ¼r die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.

In Konflikt stehende Komponenten:.

Komponente 1: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.953_none_89c2555adb023171.manifest.

Komponente 2: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.953_none_42151e83c686086b.manifest.
 

Error: (05/15/2017 03:08:55 PM) (Source: SideBySide) (EventID: 78) (User: )

Description: Fehler beim Generieren des Aktivierungskontexts fÃ¼r "c:\program files (x86)\adobe\adobe creative cloud\utils\Creative Cloud Uninstaller.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .

Eine fÃ¼r die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.

In Konflikt stehende Komponenten:.

Komponente 1: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.953_none_89c2555adb023171.manifest.

Komponente 2: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.953_none_42151e83c686086b.manifest.
 

Error: (05/15/2017 03:06:44 PM) (Source: Windows Backup) (EventID: 4103) (User: )

Description: Die Sicherung wurde aufgrund eines Fehlers beim Schreiben am Sicherungsort "G:\" nicht abgeschlossen. Fehler: Der Sicherungsort wurde nicht gefunden oder ist ungÃ¼ltig. ÃœberprÃ¼fen Sie die Sicherungseinstellungen und den Sicherungsort. (0x81000006).
 

Error: (05/14/2017 06:57:28 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: ACER)

Description: Bei der Aktivierung der App â€žMicrosoft.Windows.ContentDeliveryManager_cw5n1h2txyewy!Appâ€œ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll â€žMicrosoft-Windows-TWinUI/Betriebsbereitâ€œ.
 

Error: (05/14/2017 06:57:28 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: ACER)

Description: Bei der Aktivierung der App â€žMicrosoft.Windows.ContentDeliveryManager_cw5n1h2txyewy!Appâ€œ ist folgender Fehler aufgetreten: -2147024865. Weitere Informationen finden Sie im Protokoll â€žMicrosoft-Windows-TWinUI/Betriebsbereitâ€œ.
 
 

Systemfehler:

=============

Error: (05/16/2017 10:00:20 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÃ„T)

Description: Durch die Berechtigungseinstellungen fÃ¼r "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÃ„T\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" fÃ¼r die COM-Serveranwendung mit der CLSID 

{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}

 und der APPID 

{F72671A9-012C-4725-9D2F-2A4D32D65169}

 im Anwendungscontainer "Nicht verfÃ¼gbar" (SID: Nicht verfÃ¼gbar) gewÃ¤hrt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool fÃ¼r Komponentendienste geÃ¤ndert werden.
 

Error: (05/16/2017 10:00:13 PM) (Source: Service Control Manager) (EventID: 7016) (User: )

Description: Der Dienst "chip1click" hat einen ungÃ¼ltigen aktuellen Status gemeldet: 0
 

Error: (05/16/2017 10:00:13 PM) (Source: Service Control Manager) (EventID: 7016) (User: )

Description: Der Dienst "chip1click" hat einen ungÃ¼ltigen aktuellen Status gemeldet: 0
 

Error: (05/16/2017 09:59:50 PM) (Source: Application Popup) (EventID: 875) (User: )

Description: BMLoad.sys
 

Error: (05/16/2017 09:59:30 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÃ„T)

Description: Durch die Berechtigungseinstellungen fÃ¼r "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÃ„T\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" fÃ¼r die COM-Serveranwendung mit der CLSID 

{D63B10C5-BB46-4990-A94F-E40B9D520160}

 und der APPID 

{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}

 im Anwendungscontainer "Nicht verfÃ¼gbar" (SID: Nicht verfÃ¼gbar) gewÃ¤hrt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool fÃ¼r Komponentendienste geÃ¤ndert werden.
 

Error: (05/16/2017 09:58:53 PM) (Source: Service Control Manager) (EventID: 7032) (User: )

Description: Der Versuch des Dienststeuerungs-Managers, nach dem unerwarteten Beenden des Dienstes "Windows Search" KorrekturmaÃŸnahmen (Neustart des Diensts) durchzufÃ¼hren, ist fehlgeschlagen. Fehler: 

Es wird bereits eine Instanz des Dienstes ausgefÃ¼hrt.
 

Error: (05/16/2017 09:58:23 PM) (Source: Service Control Manager) (EventID: 7034) (User: )

Description: Dienst "NVIDIA Streamer Network Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
 

Error: (05/16/2017 09:58:23 PM) (Source: Service Control Manager) (EventID: 7034) (User: )

Description: Dienst "Intel(R) Security Assist" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
 

Error: (05/16/2017 09:58:23 PM) (Source: Service Control Manager) (EventID: 7034) (User: )

Description: Dienst "Origin Web Helper Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
 

Error: (05/16/2017 09:58:23 PM) (Source: Service Control Manager) (EventID: 7031) (User: )

Description: Der Dienst "Windows Search" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende KorrekturmaÃŸnahmen werden in 30000 Millisekunden durchgefÃ¼hrt: Neustart des Diensts.
 
 

CodeIntegrity:

===================================

  Date: 2017-05-15 15:14:50.633

  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\DriverStore\FileRepository\nvacwu.inf_amd64_31f4ef4821269ebb\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 

  Date: 2017-05-15 15:14:50.365

  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Common Files\microsoft shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
 

  Date: 2017-05-12 11:04:19.830

  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\DriverStore\FileRepository\nvacwu.inf_amd64_31f4ef4821269ebb\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 

  Date: 2017-05-12 11:04:19.523

  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Common Files\microsoft shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
 

  Date: 2017-05-02 22:32:44.577

  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\DriverStore\FileRepository\nvacwu.inf_amd64_31f4ef4821269ebb\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 

  Date: 2017-05-02 22:32:44.446

  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Common Files\microsoft shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
 
 

==================== Speicherinformationen =========================== 
 

Prozessor: Intel(R) Core(TM) i5-4210U CPU @ 1.70GHz

Prozentuale Nutzung des RAM: 35%

Installierter physikalischer RAM: 8115.27 MB

Verfügbarer physikalischer RAM: 5234.71 MB

Summe virtueller Speicher: 9395.27 MB

Verfügbarer virtueller Speicher: 6233.25 MB
 

==================== Laufwerke ================================
 

Drive c: () (Fixed) (Total:269.49 GB) (Free:157.52 GB) NTFS

Drive d: () (Fixed) (Total:195.31 GB) (Free:18.98 GB) NTFS
 

==================== MBR & Partitionstabelle ==================
 

========================================================

Disk: 0 (Size: 465.8 GB) (Disk ID: 00000000)
 

Partition: GPT.
 

==================== Ende von Addition.txt ============================

M-K-D-B

17.05.2017 15:01

Servus,

wir kontrollieren nochmal alles.

Hinweis: Der Suchlauf mit ESET kann länger dauern.

Schritt 1
Downloade dir die passende Version von HitmanPro auf deinen Desktop: HitmanPro - 32 Bit | HitmanPro - 64 Bit.

Starte die HitmanPro.exe
Klicke auf
Entferne den Haken bei
Klicke auf
und
Akzeptiere die Lizenzbedingungen und klicke auf
Klicke auf

und auf
Wenn der Scan beendet wurde, nichts löschen lassen etc. sondern wähle unten links auf der Button-Leiste
und speichere die Logdatei auf Deinem Desktop.
Schließe HitmanPro und poste mir das Log.

Schritt 2

ESET Online Scanner

Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
Lade und starte Eset Online Scanner
Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
Klicke auf Starten.
Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
Klicke am Ende des Suchlaufs auf Fertig stellen.
Schließe das Fenster von ESET.
Explorer öffnen.
C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
Logfile hier posten.
Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset

Schritt 3

Starte die FRST.exe erneut. Vergewissere dich, dass vor Addition.txt ein Haken gesetzt ist und drücke auf Untersuchen.
FRST erstellt wieder zwei Logdateien (FRST.txt und Addition.txt).
Poste mir beide Logdateien mit deiner nächsten Antwort.

http://www.trojaner-board.de/extra/lesestoff.pngGibt es jetzt noch Probleme mit dem PC oder mit deinen Internet Browsern? Wenn ja, welche?

Bitte poste mit deiner nächsten Antwort

die Logdatei von HitmanPro,
die Logdatei von ESET,
die beiden neuen Logdateien von FRST,
die Beantwortung der gestellten Fragen.

Sabimo

18.05.2017 18:47

Code:


 

        Code:


        
HitmanPro 3.7.20.286

www.hitmanpro.com
 

   Computer name . . . . : ACER

   Windows . . . . . . . : 10.0.0.14393.X64/4

   User name . . . . . . : ACER\User

   UAC . . . . . . . . . : Enabled

   License . . . . . . . : Free
 

   Scan date . . . . . . : 2017-05-18 10:04:18

   Scan mode . . . . . . : Normal

   Scan duration . . . . : 6m 1s

   Disk access mode  . . : Direct disk access (SRB)

   Cloud . . . . . . . . : Internet

   Reboot  . . . . . . . : No
 

   Threats . . . . . . . : 3

   Traces  . . . . . . . : 8
 

   Objects scanned . . . : 2.218.180

   Files scanned . . . . : 54.766

   Remnants scanned  . . : 637.128 files / 1.526.286 keys
 

Malware _____________________________________________________________________
 

   C:\Users\User\AppData\Local\Microsoft\Windows\FileHistory\Data\11\D\_User_Data\Downloads\Paragon Backup Recovery 14 Free - CHIP-Installer.exe

      Size . . . . . . . : 1.496.584 bytes

      Age  . . . . . . . : 76.5 days (2017-03-02 21:11:33)

      Entropy  . . . . . : 7.1

      SHA-256  . . . . . : 2EF2A2243FE3E0C5A2FCC41C5253E882416ED5092DED815F01E5A8451E7649C2

      Needs elevation  . : Yes

      RSA Key Size . . . : 2048

      Authenticode . . . : Valid

    > Kaspersky  . . . . : not-a-virus:HEUR:Downloader.MSIL.DownloadSponsor.gen

      Fuzzy  . . . . . . : 103.0
 

   C:\Users\User\AppData\Local\Microsoft\Windows\FileHistory\Data\11\D\_User_Data\Downloads\Unlocker1.9.2.exe

      Size . . . . . . . : 1.078.591 bytes

      Age  . . . . . . . : 76.5 days (2017-03-02 21:11:09)

      Entropy  . . . . . : 8.0

      SHA-256  . . . . . : FB6B1171776554A808C62F4045F5167603F70BF7611DE64311ECE0624B365397

    > Kaspersky  . . . . : not-a-virus:WebToolbar.Win32.Babylon.i

      Fuzzy  . . . . . . : 114.0
 

   C:\Users\User\AppData\Local\Microsoft\Windows\FileHistory\Data\11\D\_User_Data\Downloads\Unlocker1.9.2_CB-DL-Manager.exe

      Size . . . . . . . : 516.632 bytes

      Age  . . . . . . . : 76.5 days (2017-03-02 21:11:09)

      Entropy  . . . . . : 7.7

      SHA-256  . . . . . : 81BC1E6AFE19F283FC2B60970BB21DF4A81825B99BDE220D6A5C7CB9D3B2562B

      Product  . . . . . : Software                                                    

      Publisher  . . . . :                                                             

      Description  . . . : Software Setup                                              

      Version

      RSA Key Size . . . : 2048

      LanguageID . . . . : 0

      Authenticode . . . : Valid

    > Kaspersky  . . . . : not-a-virus:Downloader.Win32.Ocna.asb

      Fuzzy  . . . . . . : 104.0
 
 

Suspicious files ____________________________________________________________
 

   C:\Users\User\Desktop\FRST-OlderVersion\FRST64 (1).exe

      Size . . . . . . . : 2.429.440 bytes

      Age  . . . . . . . : 7.8 days (2017-05-10 15:02:02)

      Entropy  . . . . . : 7.6

      SHA-256  . . . . . : 896B7B41B936A1A793C6BE0DE9B9857B106FA5EC70D3335E9380744CD09F19F4

      Needs elevation  . : Yes

      Fuzzy  . . . . . . : 23.0

         Program has no publisher information but prompts the user for permission elevation.

         Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.

         Authors name is missing in version info. This is not common to most programs.

         Version control is missing. This file is probably created by an individual. This is not typical for most programs.

         Time indicates that the file appeared recently on this computer.

      Forensic Cluster

         -17.4s C:\Windows\WinSxS\Manifests\wow64_microsoft-windows-retaildemo-retailinfo_31bf3856ad364e35_10.0.14393.1198_none_62df153045c76a61.manifest

         -17.3s C:\Windows\WinSxS\Manifests\amd64_microsoft-windows-s..y-spp-plugin-common_31bf3856ad364e35_10.0.14393.1198_none_38d5fba2e0ea1c4c.manifest

         -17.3s C:\Windows\WinSxS\Manifests\amd64_microsoft-windows-a..face-winnt-provider_31bf3856ad364e35_10.0.14393.1198_none_b067c1a5c1493770.manifest

         -17.2s C:\Windows\WinSxS\Manifests\wow64_microsoft-windows-gdi32full_31bf3856ad364e35_10.0.14393.1198_none_d6054627b6307541.manifest

         -17.2s C:\Windows\WinSxS\Manifests\x86_microsoft-windows-ie-runtimeutilities_31bf3856ad364e35_11.0.14393.1198_none_a5024b2e582812f8.manifest

         -17.1s C:\Windows\WinSxS\Manifests\amd64_microsoft-windows-devices-usb-winrt_31bf3856ad364e35_10.0.14393.1198_none_e930bcf59a73ddd3.manifest

         -17.1s C:\Windows\WinSxS\Manifests\amd64_microsoft-windows-n..x-eaprequesthandler_31bf3856ad364e35_10.0.14393.1198_none_03483148758cd49f.manifest

         -17.0s C:\Windows\WinSxS\Manifests\amd64_microsoft-windows-apprep_31bf3856ad364e35_10.0.14393.1198_none_81be5326814cf0ec.manifest

         -17.0s C:\Windows\WinSxS\Manifests\amd64_microsoft-windows-s..gementwmi.resources_31bf3856ad364e35_10.0.14393.1198_de-de_467b9f2db4b20a2f.manifest

         -16.9s C:\Windows\WinSxS\Manifests\amd64_windows-id-connecte..nt-provider-wlidcli_31bf3856ad364e35_10.0.14393.1198_none_16ae314613fe1d03.manifest

         -16.9s C:\Windows\WinSxS\Manifests\amd64_windows-defender-ui_31bf3856ad364e35_10.0.14393.1198_none_8bce46873a8a33fb.manifest

         -16.8s C:\Windows\WinSxS\Manifests\amd64_windows-defender-modern-app_31bf3856ad364e35_10.0.14393.1198_none_56abed0c171c6a56.manifest

         -16.8s C:\Windows\WinSxS\Manifests\wow64_windows-defender-ui_31bf3856ad364e35_10.0.14393.1198_none_9622f0d96eeaf5f6.manifest

         -16.8s C:\Windows\WinSxS\Manifests\amd64_windows-defender-service-datalayer_31bf3856ad364e35_10.0.14393.1198_none_787a21774b1409fa.manifest

         -16.8s C:\Windows\WinSxS\Manifests\amd64_windows-defender-service_31bf3856ad364e35_10.0.14393.1198_none_3b6b4b33b1594ff4.manifest

         -16.7s C:\Windows\WinSxS\Manifests\wow64_windows-defender-service-datalayer_31bf3856ad364e35_10.0.14393.1198_none_82cecbc97f74cbf5.manifest

         -16.7s C:\Windows\WinSxS\Manifests\wow64_windows-defender-service_31bf3856ad364e35_10.0.14393.1198_none_45bff585e5ba11ef.manifest

         -16.7s C:\Windows\WinSxS\Manifests\amd64_windows-defender-management-v1_31bf3856ad364e35_10.0.14393.1198_none_906abadb62d65aa4.manifest

         -16.6s C:\Windows\WinSxS\Manifests\amd64_windows-defender-management-onecore_31bf3856ad364e35_10.0.14393.1198_none_49f90c98f36c2ba0.manifest

         -16.6s C:\Windows\WinSxS\Manifests\amd64_windows-defender-management-mdm_31bf3856ad364e35_10.0.14393.1198_none_b825a3b0a4215f0b.manifest

         -16.6s C:\Windows\WinSxS\Manifests\amd64_windows-defender-nis-service_31bf3856ad364e35_10.0.14393.1198_none_93b7c8666d7c3385.manifest

         -16.6s C:\Windows\WinSxS\Manifests\x86_microsoft-windows-winre-recoveryagent_31bf3856ad364e35_10.0.14393.1198_none_d4732ac61212c4d4.manifest

         -16.5s C:\Windows\WinSxS\Manifests\amd64_microsoft-windows-s..rofessional-license_31bf3856ad364e35_10.0.14393.1198_none_f1b2822c506e74e0.manifest

         -16.4s C:\Windows\WinSxS\Temp\InFlight\060c47948dc9d201cb4b0000c42f4c12\

         -16.4s C:\Windows\WinSxS\amd64_microsoft-windows-s..rofessional-license_31bf3856ad364e35_10.0.14393.0_none_a961c5420c945d45\Professional-Volume-MAK-1-ul-oob-rtm.xrm-ms

         -16.4s C:\Windows\WinSxS\amd64_microsoft-windows-s..rofessional-license_31bf3856ad364e35_10.0.14393.0_none_a961c5420c945d45\Professional-OEM-DM-9-ul-oob-rtm.xrm-ms

         -16.4s C:\Windows\WinSxS\amd64_microsoft-windows-s..rofessional-license_31bf3856ad364e35_10.0.14393.0_none_a961c5420c945d45\Professional-OEM-DM-4-ul-store-rtm.xrm-ms

         -16.4s C:\Windows\WinSxS\amd64_microsoft-windows-s..rofessional-license_31bf3856ad364e35_10.0.14393.0_none_a961c5420c945d45\Professional-OEM-DM-1-pl-rtm.xrm-ms

         -16.3s C:\Windows\WinSxS\amd64_microsoft-windows-s..rofessional-license_31bf3856ad364e35_10.0.14393.0_none_a961c5420c945d45\Professional-OEM-DM-7-ul-phn-rtm.xrm-ms

         -16.3s C:\Windows\WinSxS\amd64_microsoft-windows-s..rofessional-license_31bf3856ad364e35_10.0.14393.0_none_a961c5420c945d45\Professional-OEM-DM-3-pl-rtm.xrm-ms

         -16.3s C:\Windows\WinSxS\amd64_microsoft-windows-s..rofessional-license_31bf3856ad364e35_10.0.14393.0_none_a961c5420c945d45\Professional-Retail-5-ul-oob-rtm.xrm-ms

         -16.3s C:\Windows\WinSxS\amd64_microsoft-windows-s..rofessional-license_31bf3856ad364e35_10.0.14393.0_none_a961c5420c945d45\Professional-OEM-DM-5-pl-rtm.xrm-ms

         -16.3s C:\Windows\WinSxS\amd64_microsoft-windows-s..rofessional-license_31bf3856ad364e35_10.0.14393.0_none_a961c5420c945d45\Professional-Volume-MAK-2-ul-store-rtm.xrm-ms

         -16.3s C:\Windows\WinSxS\amd64_microsoft-windows-s..rofessional-license_31bf3856ad364e35_10.0.14393.0_none_a961c5420c945d45\Professional-OEM-DM-7-pl-rtm.xrm-ms

         -16.3s C:\Windows\WinSxS\amd64_microsoft-windows-s..rofessional-license_31bf3856ad364e35_10.0.14393.0_none_a961c5420c945d45\Professional-Volume-CSVLK-4-ul-oob-rtm.xrm-ms

         -16.3s C:\Windows\WinSxS\amd64_microsoft-windows-s..rofessional-license_31bf3856ad364e35_10.0.14393.0_none_a961c5420c945d45\Professional-OEM-DM-9-pl-rtm.xrm-ms

         -16.3s C:\Windows\WinSxS\amd64_microsoft-windows-s..rofessional-license_31bf3856ad364e35_10.0.14393.0_none_a961c5420c945d45\Professional-Retail-3-ul-phn-rtm.xrm-ms

         -16.3s C:\Windows\WinSxS\amd64_microsoft-windows-s..rofessional-license_31bf3856ad364e35_10.0.14393.0_none_a961c5420c945d45\Professional-OEM-DM-4-ul-oob-rtm.xrm-ms

         -16.3s C:\Windows\WinSxS\amd64_microsoft-windows-s..rofessional-license_31bf3856ad364e35_10.0.14393.0_none_a961c5420c945d45\DefaultPpd-Professional-ppdlic.xrm-ms

         -16.3s C:\Windows\WinSxS\amd64_microsoft-windows-s..rofessional-license_31bf3856ad364e35_10.0.14393.0_none_a961c5420c945d45\Professional-Volume-CSVLK-2-ul-store-rtm.xrm-ms

         -16.3s C:\Windows\WinSxS\amd64_microsoft-windows-s..rofessional-license_31bf3856ad364e35_10.0.14393.0_none_a961c5420c945d45\Professional-OEM-NONSLP-1-ul-store-rtm.xrm-ms

         -16.3s C:\Windows\WinSxS\amd64_microsoft-windows-s..rofessional-license_31bf3856ad364e35_10.0.14393.0_none_a961c5420c945d45\Professional-Volume-GVLK-1-ul-rtm.xrm-ms

         -16.3s C:\Windows\WinSxS\amd64_microsoft-windows-s..rofessional-license_31bf3856ad364e35_10.0.14393.0_none_a961c5420c945d45\Professional-OEM-DM-2-ul-phn-rtm.xrm-ms

         -16.3s C:\Windows\WinSxS\amd64_microsoft-windows-s..rofessional-license_31bf3856ad364e35_10.0.14393.0_none_a961c5420c945d45\Professional-OEM-DM-3-ul-store-rtm.xrm-ms

         -16.3s C:\Windows\WinSxS\amd64_microsoft-windows-s..rofessional-license_31bf3856ad364e35_10.0.14393.0_none_a961c5420c945d45\Professional-Volume-MAK-1-ul-phn-rtm.xrm-ms

         -16.3s C:\Windows\WinSxS\amd64_microsoft-windows-s..rofessional-license_31bf3856ad364e35_10.0.14393.0_none_a961c5420c945d45\Professional-OEM-DM-9-ul-phn-rtm.xrm-ms

         -16.3s C:\Windows\WinSxS\amd64_microsoft-windows-s..rofessional-license_31bf3856ad364e35_10.0.14393.0_none_a961c5420c945d45\Professional-Volume-MAK-1-ul-store-rtm.xrm-ms

         -16.3s C:\Windows\WinSxS\amd64_microsoft-windows-s..rofessional-license_31bf3856ad364e35_10.0.14393.0_none_a961c5420c945d45\Professional-Volume-CSVLK-2-pl-rtm.xrm-ms

         -16.3s C:\Windows\WinSxS\amd64_microsoft-windows-s..rofessional-license_31bf3856ad364e35_10.0.14393.0_none_a961c5420c945d45\Professional-Volume-CSVLK-1-ul-oob-rtm.xrm-ms

         -16.3s C:\Windows\WinSxS\amd64_microsoft-windows-s..rofessional-license_31bf3856ad364e35_10.0.14393.0_none_a961c5420c945d45\Professional-Retail-5-ul-phn-rtm.xrm-ms

         -16.3s C:\Windows\WinSxS\amd64_microsoft-windows-s..rofessional-license_31bf3856ad364e35_10.0.14393.0_none_a961c5420c945d45\Professional-OEM-DM-6-ul-oob-rtm.xrm-ms

         -16.3s C:\Windows\WinSxS\amd64_microsoft-windows-s..rofessional-license_31bf3856ad364e35_10.0.14393.0_none_a961c5420c945d45\Professional-OEM-DM-2-ul-store-rtm.xrm-ms

         -16.3s C:\Windows\WinSxS\amd64_microsoft-windows-s..rofessional-license_31bf3856ad364e35_10.0.14393.0_none_a961c5420c945d45\Professional-OEM-DM-4-ul-phn-rtm.xrm-ms

         -16.3s C:\Windows\WinSxS\amd64_microsoft-windows-s..rofessional-license_31bf3856ad364e35_10.0.14393.0_none_a961c5420c945d45\Professional-OEM-DM-9-ul-store-rtm.xrm-ms

         -16.3s C:\Windows\WinSxS\amd64_microsoft-windows-s..rofessional-license_31bf3856ad364e35_10.0.14393.0_none_a961c5420c945d45\Professional-Retail-2-ul-oob-rtm.xrm-ms

         -16.3s C:\Windows\WinSxS\amd64_microsoft-windows-s..rofessional-license_31bf3856ad364e35_10.0.14393.0_none_a961c5420c945d45\Professional-Retail-2-pl-rtm.xrm-ms

         -16.2s C:\Windows\WinSxS\amd64_microsoft-windows-s..rofessional-license_31bf3856ad364e35_10.0.14393.0_none_a961c5420c945d45\Professional-Retail-5-ul-store-rtm.xrm-ms

         -16.2s C:\Windows\WinSxS\amd64_microsoft-windows-s..rofessional-license_31bf3856ad364e35_10.0.14393.0_none_a961c5420c945d45\Professional-Volume-GVLK-1-ul-oob-rtm.xrm-ms

         -16.2s C:\Windows\WinSxS\amd64_microsoft-windows-s..rofessional-license_31bf3856ad364e35_10.0.14393.0_none_a961c5420c945d45\Professional-Retail-4-pl-rtm.xrm-ms

         -16.2s C:\Windows\WinSxS\amd64_microsoft-windows-s..rofessional-license_31bf3856ad364e35_10.0.14393.0_none_a961c5420c945d45\Professional-Volume-CSVLK-3-ul-store-rtm.xrm-ms

         -16.2s C:\Windows\WinSxS\amd64_microsoft-windows-s..rofessional-license_31bf3856ad364e35_10.0.14393.0_none_a961c5420c945d45\Professional-Volume-CSVLK-2-ul-phn-rtm.xrm-ms

         -16.2s C:\Windows\WinSxS\amd64_microsoft-windows-s..rofessional-license_31bf3856ad364e35_10.0.14393.0_none_a961c5420c945d45\Professional-OEM-DM-1-ul-oob-rtm.xrm-ms

         -16.2s C:\Windows\WinSxS\amd64_microsoft-windows-s..rofessional-license_31bf3856ad364e35_10.0.14393.0_none_a961c5420c945d45\Professional-OEM-DM-8-ul-oob-rtm.xrm-ms

         -16.2s C:\Windows\WinSxS\amd64_microsoft-windows-s..rofessional-license_31bf3856ad364e35_10.0.14393.0_none_a961c5420c945d45\Professional-OEM-DM-1-ul-store-rtm.xrm-ms

         -16.2s C:\Windows\WinSxS\amd64_microsoft-windows-s..rofessional-license_31bf3856ad364e35_10.0.14393.0_none_a961c5420c945d45\Professional-OEM-DM-8-ul-store-rtm.xrm-ms

         -16.2s C:\Windows\WinSxS\amd64_microsoft-windows-s..rofessional-license_31bf3856ad364e35_10.0.14393.0_none_a961c5420c945d45\Professional-Volume-MAK-2-pl-rtm.xrm-ms

         -16.2s C:\Windows\WinSxS\amd64_microsoft-windows-s..rofessional-license_31bf3856ad364e35_10.0.14393.0_none_a961c5420c945d45\Professional-OEM-DM-6-ul-phn-rtm.xrm-ms

         -16.2s C:\Windows\WinSxS\amd64_microsoft-windows-s..rofessional-license_31bf3856ad364e35_10.0.14393.0_none_a961c5420c945d45\Professional-Volume-CSVLK-3-ul-oob-rtm.xrm-ms

         -16.2s C:\Windows\WinSxS\amd64_microsoft-windows-s..rofessional-license_31bf3856ad364e35_10.0.14393.0_none_a961c5420c945d45\Professional-Retail-4-ul-store-rtm.xrm-ms

         -16.2s C:\Windows\WinSxS\amd64_microsoft-windows-s..rofessional-license_31bf3856ad364e35_10.0.14393.0_none_a961c5420c945d45\Professional-Retail-4-ul-oob-rtm.xrm-ms

         -16.2s C:\Windows\WinSxS\amd64_microsoft-windows-s..rofessional-license_31bf3856ad364e35_10.0.14393.0_none_a961c5420c945d45\Professional-Retail-2-ul-phn-rtm.xrm-ms

         -16.2s C:\Windows\WinSxS\amd64_microsoft-windows-s..rofessional-license_31bf3856ad364e35_10.0.14393.0_none_a961c5420c945d45\Professional-OEM-DM-3-ul-oob-rtm.xrm-ms

         -16.2s C:\Windows\WinSxS\amd64_microsoft-windows-s..rofessional-license_31bf3856ad364e35_10.0.14393.0_none_a961c5420c945d45\Professional-OEM-DM-2-pl-rtm.xrm-ms

         -16.2s C:\Windows\WinSxS\amd64_microsoft-windows-s..rofessional-license_31bf3856ad364e35_10.0.14393.0_none_a961c5420c945d45\Professional-OEM-DM-4-pl-rtm.xrm-ms

         -16.2s C:\Windows\WinSxS\amd64_microsoft-windows-s..rofessional-license_31bf3856ad364e35_10.0.14393.0_none_a961c5420c945d45\Professional-OEM-DM-6-pl-rtm.xrm-ms

         -16.2s C:\Windows\WinSxS\amd64_microsoft-windows-s..rofessional-license_31bf3856ad364e35_10.0.14393.0_none_a961c5420c945d45\Professional-Volume-CSVLK-4-ul-store-rtm.xrm-ms

         -16.2s C:\Windows\WinSxS\amd64_microsoft-windows-s..rofessional-license_31bf3856ad364e35_10.0.14393.0_none_a961c5420c945d45\Professional-OEM-DM-1-ul-phn-rtm.xrm-ms

         -16.2s C:\Windows\WinSxS\amd64_microsoft-windows-s..rofessional-license_31bf3856ad364e35_10.0.14393.0_none_a961c5420c945d45\Professional-Volume-MAK-2-ul-oob-rtm.xrm-ms

         -16.2s C:\Windows\WinSxS\amd64_microsoft-windows-s..rofessional-license_31bf3856ad364e35_10.0.14393.0_none_a961c5420c945d45\Professional-Volume-CSVLK-4-ul-phn-rtm.xrm-ms

         -16.2s C:\Windows\WinSxS\amd64_microsoft-windows-s..rofessional-license_31bf3856ad364e35_10.0.14393.0_none_a961c5420c945d45\Professional-OEM-NONSLP-1-ul-oob-rtm.xrm-ms

         -16.2s C:\Windows\WinSxS\amd64_microsoft-windows-s..rofessional-license_31bf3856ad364e35_10.0.14393.0_none_a961c5420c945d45\Professional-OEM-DM-8-pl-rtm.xrm-ms

         -16.2s C:\Windows\WinSxS\amd64_microsoft-windows-s..rofessional-license_31bf3856ad364e35_10.0.14393.0_none_a961c5420c945d45\Professional-OEM-DM-7-ul-store-rtm.xrm-ms

         -16.2s C:\Windows\WinSxS\amd64_microsoft-windows-s..rofessional-license_31bf3856ad364e35_10.0.14393.0_none_a961c5420c945d45\Professional-Volume-CSVLK-3-pl-rtm.xrm-ms

         -16.2s C:\Windows\WinSxS\amd64_microsoft-windows-s..rofessional-license_31bf3856ad364e35_10.0.14393.0_none_a961c5420c945d45\Professional-OEM-NONSLP-1-pl-rtm.xrm-ms

         -16.1s C:\Windows\WinSxS\amd64_microsoft-windows-s..rofessional-license_31bf3856ad364e35_10.0.14393.0_none_a961c5420c945d45\Professional-OEM-DM-8-ul-phn-rtm.xrm-ms

         -16.1s C:\Windows\WinSxS\amd64_microsoft-windows-s..rofessional-license_31bf3856ad364e35_10.0.14393.0_none_a961c5420c945d45\Professional-Retail-3-ul-store-rtm.xrm-ms

         -16.1s C:\Windows\WinSxS\amd64_microsoft-windows-s..rofessional-license_31bf3856ad364e35_10.0.14393.0_none_a961c5420c945d45\Professional-Retail-4-ul-phn-rtm.xrm-ms

         -16.1s C:\Windows\WinSxS\amd64_microsoft-windows-s..rofessional-license_31bf3856ad364e35_10.0.14393.0_none_a961c5420c945d45\Professional-OEM-DM-5-ul-oob-rtm.xrm-ms

         -16.1s C:\Windows\WinSxS\amd64_microsoft-windows-s..rofessional-license_31bf3856ad364e35_10.0.14393.0_none_a961c5420c945d45\Professional-OEM-DM-3-ul-phn-rtm.xrm-ms

         -16.1s C:\Windows\WinSxS\amd64_microsoft-windows-s..rofessional-license_31bf3856ad364e35_10.0.14393.0_none_a961c5420c945d45\Professional-ppdlic.xrm-ms

         -16.1s C:\Windows\WinSxS\amd64_microsoft-windows-s..rofessional-license_31bf3856ad364e35_10.0.14393.0_none_a961c5420c945d45\Professional-OEM-DM-6-ul-store-rtm.xrm-ms

         -16.1s C:\Windows\WinSxS\amd64_microsoft-windows-s..rofessional-license_31bf3856ad364e35_10.0.14393.0_none_a961c5420c945d45\Professional-Volume-CSVLK-1-ul-phn-rtm.xrm-ms

         -16.1s C:\Windows\WinSxS\amd64_microsoft-windows-s..rofessional-license_31bf3856ad364e35_10.0.14393.0_none_a961c5420c945d45\Professional-Retail-1-ul-oob-rtm.xrm-ms

         -16.1s C:\Windows\WinSxS\amd64_microsoft-windows-s..rofessional-license_31bf3856ad364e35_10.0.14393.0_none_a961c5420c945d45\Professional-Retail-2-ul-store-rtm.xrm-ms

         -16.1s C:\Windows\WinSxS\amd64_microsoft-windows-s..rofessional-license_31bf3856ad364e35_10.0.14393.0_none_a961c5420c945d45\Professional-Volume-MAK-2-ul-phn-rtm.xrm-ms

         -16.1s C:\Windows\WinSxS\amd64_microsoft-windows-s..rofessional-license_31bf3856ad364e35_10.0.14393.0_none_a961c5420c945d45\Professional-OEM-NONSLP-1-ul-phn-rtm.xrm-ms

         -16.1s C:\Windows\WinSxS\amd64_microsoft-windows-s..rofessional-license_31bf3856ad364e35_10.0.14393.0_none_a961c5420c945d45\Professional-Retail-1-pl-rtm.xrm-ms

         -16.1s C:\Windows\WinSxS\amd64_microsoft-windows-s..rofessional-license_31bf3856ad364e35_10.0.14393.0_none_a961c5420c945d45\Professional-Retail-3-pl-rtm.xrm-ms

         -16.1s C:\Windows\WinSxS\amd64_microsoft-windows-s..rofessional-license_31bf3856ad364e35_10.0.14393.0_none_a961c5420c945d45\Professional-OEM-DM-7-ul-oob-rtm.xrm-ms

         -16.1s C:\Windows\WinSxS\amd64_microsoft-windows-s..rofessional-license_31bf3856ad364e35_10.0.14393.0_none_a961c5420c945d45\Professional-Retail-5-pl-rtm.xrm-ms

         -16.1s C:\Windows\WinSxS\amd64_microsoft-windows-s..rofessional-license_31bf3856ad364e35_10.0.14393.0_none_a961c5420c945d45\Professional-Volume-CSVLK-2-ul-oob-rtm.xrm-ms

         -16.1s C:\Windows\WinSxS\amd64_microsoft-windows-s..rofessional-license_31bf3856ad364e35_10.0.14393.0_none_a961c5420c945d45\Professional-Volume-CSVLK-1-pl-rtm.xrm-ms

         -16.1s C:\Windows\WinSxS\amd64_microsoft-windows-s..rofessional-license_31bf3856ad364e35_10.0.14393.0_none_a961c5420c945d45\Professional-OEM-DM-5-ul-store-rtm.xrm-ms

         -16.1s C:\Windows\WinSxS\amd64_microsoft-windows-s..rofessional-license_31bf3856ad364e35_10.0.14393.0_none_a961c5420c945d45\Professional-OEM-DM-5-ul-phn-rtm.xrm-ms

         -16.1s C:\Windows\WinSxS\amd64_microsoft-windows-s..rofessional-license_31bf3856ad364e35_10.0.14393.0_none_a961c5420c945d45\Professional-Retail-3-ul-oob-rtm.xrm-ms

         -16.1s C:\Windows\WinSxS\amd64_microsoft-windows-s..rofessional-license_31bf3856ad364e35_10.0.14393.0_none_a961c5420c945d45\Professional-Retail-1-ul-store-rtm.xrm-ms

         -16.0s C:\Windows\WinSxS\amd64_microsoft-windows-s..rofessional-license_31bf3856ad364e35_10.0.14393.0_none_a961c5420c945d45\Professional-Volume-CSVLK-1-ul-store-rtm.xrm-ms

         -16.0s C:\Windows\WinSxS\amd64_microsoft-windows-s..rofessional-license_31bf3856ad364e35_10.0.14393.0_none_a961c5420c945d45\Professional-Retail-1-ul-phn-rtm.xrm-ms

         -16.0s C:\Windows\WinSxS\amd64_microsoft-windows-s..rofessional-license_31bf3856ad364e35_10.0.14393.0_none_a961c5420c945d45\Professional-Volume-MAK-1-pl-rtm.xrm-ms

         -16.0s C:\Windows\WinSxS\amd64_microsoft-windows-s..rofessional-license_31bf3856ad364e35_10.0.14393.0_none_a961c5420c945d45\Professional-OEM-DM-2-ul-oob-rtm.xrm-ms

         -16.0s C:\Windows\WinSxS\amd64_microsoft-windows-s..rofessional-license_31bf3856ad364e35_10.0.14393.0_none_a961c5420c945d45\Professional-Volume-CSVLK-4-pl-rtm.xrm-ms

         -16.0s C:\Windows\WinSxS\amd64_microsoft-windows-s..rofessional-license_31bf3856ad364e35_10.0.14393.0_none_a961c5420c945d45\Professional-Volume-CSVLK-3-ul-phn-rtm.xrm-ms

         -13.7s C:\Windows\WinSxS\Temp\InFlight\9ea3e3958dc9d201254c0000c42f4c12\

         -13.6s C:\Windows\WinSxS\amd64_microsoft-windows-s..rofessional-license_31bf3856ad364e35_10.0.14393.1066_none_f1ba7eca5068d9a8\Professional-Volume-MAK-1-ul-oob-rtm.xrm-ms

         -13.6s C:\Windows\WinSxS\amd64_microsoft-windows-s..rofessional-license_31bf3856ad364e35_10.0.14393.1066_none_f1ba7eca5068d9a8\Professional-OEM-DM-4-ul-store-rtm.xrm-ms

         -13.6s C:\Windows\WinSxS\amd64_microsoft-windows-s..rofessional-license_31bf3856ad364e35_10.0.14393.1066_none_f1ba7eca5068d9a8\Professional-OEM-DM-1-pl-rtm.xrm-ms

         -13.6s C:\Windows\WinSxS\amd64_microsoft-windows-s..rofessional-license_31bf3856ad364e35_10.0.14393.1066_none_f1ba7eca5068d9a8\Professional-OEM-DM-3-pl-rtm.xrm-ms

         -13.6s C:\Windows\WinSxS\amd64_microsoft-windows-s..rofessional-license_31bf3856ad364e35_10.0.14393.1066_none_f1ba7eca5068d9a8\Professional-Retail-5-ul-oob-rtm.xrm-ms

         -13.6s C:\Windows\WinSxS\amd64_microsoft-windows-s..rofessional-license_31bf3856ad364e35_10.0.14393.1066_none_f1ba7eca5068d9a8\Professional-OEM-DM-5-pl-rtm.xrm-ms

         -13.6s C:\Windows\WinSxS\amd64_microsoft-windows-s..rofessional-license_31bf3856ad364e35_10.0.14393.1066_none_f1ba7eca5068d9a8\Professional-Volume-MAK-2-ul-store-rtm.xrm-ms

         -13.5s C:\Windows\WinSxS\amd64_microsoft-windows-s..rofessional-license_31bf3856ad364e35_10.0.14393.1066_none_f1ba7eca5068d9a8\Professional-Volume-CSVLK-4-ul-oob-rtm.xrm-ms

         -13.5s C:\Windows\WinSxS\amd64_microsoft-windows-s..rofessional-license_31bf3856ad364e35_10.0.14393.1066_none_f1ba7eca5068d9a8\Professional-Retail-3-ul-phn-rtm.xrm-ms

         -13.5s C:\Windows\WinSxS\amd64_microsoft-windows-s..rofessional-license_31bf3856ad364e35_10.0.14393.1066_none_f1ba7eca5068d9a8\Professional-OEM-DM-4-ul-oob-rtm.xrm-ms

         -13.5s C:\Windows\WinSxS\amd64_microsoft-windows-s..rofessional-license_31bf3856ad364e35_10.0.14393.1066_none_f1ba7eca5068d9a8\DefaultPpd-Professional-ppdlic.xrm-ms

         -13.5s C:\Windows\WinSxS\amd64_microsoft-windows-s..rofessional-license_31bf3856ad364e35_10.0.14393.1066_none_f1ba7eca5068d9a8\Professional-Volume-CSVLK-2-ul-store-rtm.xrm-ms

         -13.5s C:\Windows\WinSxS\amd64_microsoft-windows-s..rofessional-license_31bf3856ad364e35_10.0.14393.1066_none_f1ba7eca5068d9a8\Professional-OEM-NONSLP-1-ul-store-rtm.xrm-ms

         -13.5s C:\Windows\WinSxS\amd64_microsoft-windows-s..rofessional-license_31bf3856ad364e35_10.0.14393.1066_none_f1ba7eca5068d9a8\Professional-Volume-GVLK-1-ul-rtm.xrm-ms

         -13.5s C:\Windows\WinSxS\amd64_microsoft-windows-s..rofessional-license_31bf3856ad364e35_10.0.14393.1066_none_f1ba7eca5068d9a8\Professional-OEM-DM-2-ul-phn-rtm.xrm-ms

         -13.5s C:\Windows\WinSxS\amd64_microsoft-windows-s..rofessional-license_31bf3856ad364e35_10.0.14393.1066_none_f1ba7eca5068d9a8\Professional-OEM-DM-3-ul-store-rtm.xrm-ms

         -13.4s C:\Windows\WinSxS\amd64_microsoft-windows-s..rofessional-license_31bf3856ad364e35_10.0.14393.1066_none_f1ba7eca5068d9a8\Professional-Volume-MAK-1-ul-phn-rtm.xrm-ms

         -13.4s C:\Windows\WinSxS\amd64_microsoft-windows-s..rofessional-license_31bf3856ad364e35_10.0.14393.1066_none_f1ba7eca5068d9a8\Professional-Volume-MAK-1-ul-store-rtm.xrm-ms

         -13.4s C:\Windows\WinSxS\amd64_microsoft-windows-s..rofessional-license_31bf3856ad364e35_10.0.14393.1066_none_f1ba7eca5068d9a8\Professional-Volume-CSVLK-2-pl-rtm.xrm-ms

         -13.4s C:\Windows\WinSxS\amd64_microsoft-windows-s..rofessional-license_31bf3856ad364e35_10.0.14393.1066_none_f1ba7eca5068d9a8\Professional-Volume-CSVLK-1-ul-oob-rtm.xrm-ms

         -13.4s C:\Windows\WinSxS\amd64_microsoft-windows-s..rofessional-license_31bf3856ad364e35_10.0.14393.1066_none_f1ba7eca5068d9a8\Professional-Retail-5-ul-phn-rtm.xrm-ms

         -13.4s C:\Windows\WinSxS\amd64_microsoft-windows-s..rofessional-license_31bf3856ad364e35_10.0.14393.1066_none_f1ba7eca5068d9a8\Professional-OEM-DM-6-ul-oob-rtm.xrm-ms

         -13.4s C:\Windows\WinSxS\amd64_microsoft-windows-s..rofessional-license_31bf3856ad364e35_10.0.14393.1066_none_f1ba7eca5068d9a8\Professional-OEM-DM-2-ul-store-rtm.xrm-ms

         -13.4s C:\Windows\WinSxS\amd64_microsoft-windows-s..rofessional-license_31bf3856ad364e35_10.0.14393.1066_none_f1ba7eca5068d9a8\Professional-OEM-DM-4-ul-phn-rtm.xrm-ms

         -13.4s C:\Windows\WinSxS\amd64_microsoft-windows-s..rofessional-license_31bf3856ad364e35_10.0.14393.1066_none_f1ba7eca5068d9a8\Professional-Retail-2-ul-oob-rtm.xrm-ms

         -13.4s C:\Windows\WinSxS\amd64_microsoft-windows-s..rofessional-license_31bf3856ad364e35_10.0.14393.1066_none_f1ba7eca5068d9a8\Professional-Retail-2-pl-rtm.xrm-ms

         -13.4s C:\Windows\WinSxS\amd64_microsoft-windows-s..rofessional-license_31bf3856ad364e35_10.0.14393.1066_none_f1ba7eca5068d9a8\Professional-Retail-5-ul-store-rtm.xrm-ms

         -13.3s C:\Windows\WinSxS\amd64_microsoft-windows-s..rofessional-license_31bf3856ad364e35_10.0.14393.1066_none_f1ba7eca5068d9a8\Professional-Volume-GVLK-1-ul-oob-rtm.xrm-ms

         -13.3s C:\Windows\WinSxS\amd64_microsoft-windows-s..rofessional-license_31bf3856ad364e35_10.0.14393.1066_none_f1ba7eca5068d9a8\Professional-Retail-4-pl-rtm.xrm-ms

         -13.3s C:\Windows\WinSxS\amd64_microsoft-windows-s..rofessional-license_31bf3856ad364e35_10.0.14393.1066_none_f1ba7eca5068d9a8\Professional-Volume-CSVLK-3-ul-store-rtm.xrm-ms

         -13.3s C:\Windows\WinSxS\amd64_microsoft-windows-s..rofessional-license_31bf3856ad364e35_10.0.14393.1066_none_f1ba7eca5068d9a8\Professional-Volume-CSVLK-2-ul-phn-rtm.xrm-ms

         -13.3s C:\Windows\WinSxS\amd64_microsoft-windows-s..rofessional-license_31bf3856ad364e35_10.0.14393.1066_none_f1ba7eca5068d9a8\Professional-OEM-DM-1-ul-oob-rtm.xrm-ms

         -13.3s C:\Windows\WinSxS\amd64_microsoft-windows-s..rofessional-license_31bf3856ad364e35_10.0.14393.1066_none_f1ba7eca5068d9a8\Professional-OEM-DM-1-ul-store-rtm.xrm-ms

         -13.3s C:\Windows\WinSxS\amd64_microsoft-windows-s..rofessional-license_31bf3856ad364e35_10.0.14393.1066_none_f1ba7eca5068d9a8\Professional-Volume-MAK-2-pl-rtm.xrm-ms

         -13.3s C:\Windows\WinSxS\amd64_microsoft-windows-s..rofessional-license_31bf3856ad364e35_10.0.14393.1066_none_f1ba7eca5068d9a8\Professional-OEM-DM-6-ul-phn-rtm.xrm-ms

         -13.3s C:\Windows\WinSxS\amd64_microsoft-windows-s..rofessional-license_31bf3856ad364e35_10.0.14393.1066_none_f1ba7eca5068d9a8\Professional-Volume-CSVLK-3-ul-oob-rtm.xrm-ms

         -13.2s C:\Windows\WinSxS\amd64_microsoft-windows-s..rofessional-license_31bf3856ad364e35_10.0.14393.1066_none_f1ba7eca5068d9a8\Professional-Retail-4-ul-store-rtm.xrm-ms

         -13.2s C:\Windows\WinSxS\amd64_microsoft-windows-s..rofessional-license_31bf3856ad364e35_10.0.14393.1066_none_f1ba7eca5068d9a8\Professional-Retail-4-ul-oob-rtm.xrm-ms

         -13.2s C:\Windows\WinSxS\amd64_microsoft-windows-s..rofessional-license_31bf3856ad364e35_10.0.14393.1066_none_f1ba7eca5068d9a8\Professional-Retail-2-ul-phn-rtm.xrm-ms

         -13.2s C:\Windows\WinSxS\amd64_microsoft-windows-s..rofessional-license_31bf3856ad364e35_10.0.14393.1066_none_f1ba7eca5068d9a8\Professional-OEM-DM-3-ul-oob-rtm.xrm-ms

         -13.2s C:\Windows\WinSxS\amd64_microsoft-windows-s..rofessional-license_31bf3856ad364e35_10.0.14393.1066_none_f1ba7eca5068d9a8\Professional-OEM-DM-2-pl-rtm.xrm-ms

         -13.2s C:\Windows\WinSxS\amd64_microsoft-windows-s..rofessional-license_31bf3856ad364e35_10.0.14393.1066_none_f1ba7eca5068d9a8\Professional-OEM-DM-4-pl-rtm.xrm-ms

         -13.2s C:\Windows\WinSxS\amd64_microsoft-windows-s..rofessional-license_31bf3856ad364e35_10.0.14393.1066_none_f1ba7eca5068d9a8\Professional-OEM-DM-6-pl-rtm.xrm-ms

         -13.2s C:\Windows\WinSxS\amd64_microsoft-windows-s..rofessional-license_31bf3856ad364e35_10.0.14393.1066_none_f1ba7eca5068d9a8\Professional-Volume-CSVLK-4-ul-store-rtm.xrm-ms

         -13.2s C:\Windows\WinSxS\amd64_microsoft-windows-s..rofessional-license_31bf3856ad364e35_10.0.14393.1066_none_f1ba7eca5068d9a8\Professional-OEM-DM-1-ul-phn-rtm.xrm-ms

         -13.2s C:\Windows\WinSxS\amd64_microsoft-windows-s..rofessional-license_31bf3856ad364e35_10.0.14393.1066_none_f1ba7eca5068d9a8\Professional-Volume-MAK-2-ul-oob-rtm.xrm-ms

         -13.1s C:\Windows\WinSxS\amd64_microsoft-windows-s..rofessional-license_31bf3856ad364e35_10.0.14393.1066_none_f1ba7eca5068d9a8\Professional-Volume-CSVLK-4-ul-phn-rtm.xrm-ms

         -13.1s C:\Windows\WinSxS\amd64_microsoft-windows-s..rofessional-license_31bf3856ad364e35_10.0.14393.1066_none_f1ba7eca5068d9a8\Professional-OEM-NONSLP-1-ul-oob-rtm.xrm-ms

         -13.1s C:\Windows\WinSxS\amd64_microsoft-windows-s..rofessional-license_31bf3856ad364e35_10.0.14393.1066_none_f1ba7eca5068d9a8\Professional-Volume-CSVLK-3-pl-rtm.xrm-ms

         -13.1s C:\Windows\WinSxS\amd64_microsoft-windows-s..rofessional-license_31bf3856ad364e35_10.0.14393.1066_none_f1ba7eca5068d9a8\Professional-OEM-NONSLP-1-pl-rtm.xrm-ms

         -13.1s C:\Windows\WinSxS\amd64_microsoft-windows-s..rofessional-license_31bf3856ad364e35_10.0.14393.1066_none_f1ba7eca5068d9a8\Professional-Retail-3-ul-store-rtm.xrm-ms

         -13.1s C:\Windows\WinSxS\amd64_microsoft-windows-s..rofessional-license_31bf3856ad364e35_10.0.14393.1066_none_f1ba7eca5068d9a8\Professional-Retail-4-ul-phn-rtm.xrm-ms

         -13.1s C:\Windows\WinSxS\amd64_microsoft-windows-s..rofessional-license_31bf3856ad364e35_10.0.14393.1066_none_f1ba7eca5068d9a8\Professional-OEM-DM-5-ul-oob-rtm.xrm-ms

         -13.1s C:\Windows\WinSxS\amd64_microsoft-windows-s..rofessional-license_31bf3856ad364e35_10.0.14393.1066_none_f1ba7eca5068d9a8\Professional-OEM-DM-3-ul-phn-rtm.xrm-ms

         -13.1s C:\Windows\WinSxS\amd64_microsoft-windows-s..rofessional-license_31bf3856ad364e35_10.0.14393.1066_none_f1ba7eca5068d9a8\Professional-OEM-DM-6-ul-store-rtm.xrm-ms

         -13.1s C:\Windows\WinSxS\amd64_microsoft-windows-s..rofessional-license_31bf3856ad364e35_10.0.14393.1066_none_f1ba7eca5068d9a8\Professional-Volume-CSVLK-1-ul-phn-rtm.xrm-ms

         -13.0s C:\Windows\WinSxS\amd64_microsoft-windows-s..rofessional-license_31bf3856ad364e35_10.0.14393.1066_none_f1ba7eca5068d9a8\Professional-Retail-1-ul-oob-rtm.xrm-ms

         -13.0s C:\Windows\WinSxS\amd64_microsoft-windows-s..rofessional-license_31bf3856ad364e35_10.0.14393.1066_none_f1ba7eca5068d9a8\Professional-Retail-2-ul-store-rtm.xrm-ms

         -13.0s C:\Windows\WinSxS\amd64_microsoft-windows-s..rofessional-license_31bf3856ad364e35_10.0.14393.1066_none_f1ba7eca5068d9a8\Professional-Volume-MAK-2-ul-phn-rtm.xrm-ms

         -13.0s C:\Windows\WinSxS\amd64_microsoft-windows-s..rofessional-license_31bf3856ad364e35_10.0.14393.1066_none_f1ba7eca5068d9a8\Professional-OEM-NONSLP-1-ul-phn-rtm.xrm-ms

         -13.0s C:\Windows\WinSxS\amd64_microsoft-windows-s..rofessional-license_31bf3856ad364e35_10.0.14393.1066_none_f1ba7eca5068d9a8\Professional-Retail-1-pl-rtm.xrm-ms

         -13.0s C:\Windows\WinSxS\amd64_microsoft-windows-s..rofessional-license_31bf3856ad364e35_10.0.14393.1066_none_f1ba7eca5068d9a8\Professional-Retail-3-pl-rtm.xrm-ms

         -13.0s C:\Windows\WinSxS\amd64_microsoft-windows-s..rofessional-license_31bf3856ad364e35_10.0.14393.1066_none_f1ba7eca5068d9a8\Professional-Retail-5-pl-rtm.xrm-ms

         -13.0s C:\Windows\WinSxS\amd64_microsoft-windows-s..rofessional-license_31bf3856ad364e35_10.0.14393.1066_none_f1ba7eca5068d9a8\Professional-Volume-CSVLK-2-ul-oob-rtm.xrm-ms

         -13.0s C:\Windows\WinSxS\amd64_microsoft-windows-s..rofessional-license_31bf3856ad364e35_10.0.14393.1066_none_f1ba7eca5068d9a8\Professional-Volume-CSVLK-1-pl-rtm.xrm-ms

         -13.0s C:\Windows\WinSxS\amd64_microsoft-windows-s..rofessional-license_31bf3856ad364e35_10.0.14393.1066_none_f1ba7eca5068d9a8\Professional-OEM-DM-5-ul-store-rtm.xrm-ms

         -13.0s C:\Windows\WinSxS\amd64_microsoft-windows-s..rofessional-license_31bf3856ad364e35_10.0.14393.1066_none_f1ba7eca5068d9a8\Professional-OEM-DM-5-ul-phn-rtm.xrm-ms

         -13.0s C:\Windows\WinSxS\amd64_microsoft-windows-s..rofessional-license_31bf3856ad364e35_10.0.14393.1066_none_f1ba7eca5068d9a8\Professional-Retail-3-ul-oob-rtm.xrm-ms

         -13.0s C:\Windows\WinSxS\amd64_microsoft-windows-s..rofessional-license_31bf3856ad364e35_10.0.14393.1066_none_f1ba7eca5068d9a8\Professional-Retail-1-ul-store-rtm.xrm-ms

         -13.0s C:\Windows\WinSxS\amd64_microsoft-windows-s..rofessional-license_31bf3856ad364e35_10.0.14393.1066_none_f1ba7eca5068d9a8\Professional-Volume-CSVLK-1-ul-store-rtm.xrm-ms

         -13.0s C:\Windows\WinSxS\amd64_microsoft-windows-s..rofessional-license_31bf3856ad364e35_10.0.14393.1066_none_f1ba7eca5068d9a8\Professional-Retail-1-ul-phn-rtm.xrm-ms

         -12.9s C:\Windows\WinSxS\amd64_microsoft-windows-s..rofessional-license_31bf3856ad364e35_10.0.14393.1066_none_f1ba7eca5068d9a8\Professional-Volume-MAK-1-pl-rtm.xrm-ms

         -12.9s C:\Windows\WinSxS\amd64_microsoft-windows-s..rofessional-license_31bf3856ad364e35_10.0.14393.1066_none_f1ba7eca5068d9a8\Professional-OEM-DM-2-ul-oob-rtm.xrm-ms

         -12.9s C:\Windows\WinSxS\amd64_microsoft-windows-s..rofessional-license_31bf3856ad364e35_10.0.14393.1066_none_f1ba7eca5068d9a8\Professional-Volume-CSVLK-4-pl-rtm.xrm-ms

         -12.9s C:\Windows\WinSxS\amd64_microsoft-windows-s..rofessional-license_31bf3856ad364e35_10.0.14393.1066_none_f1ba7eca5068d9a8\Professional-Volume-CSVLK-3-ul-phn-rtm.xrm-ms

         -8.5s C:\Windows\WinSxS\Manifests\x86_microsoft-windows-f..rcluster-clientcore_31bf3856ad364e35_10.0.14393.1198_none_aaee154dda8ee6ff.manifest

         -8.1s C:\Windows\WinSxS\Manifests\x86_microsoft-windows-syncsettings_31bf3856ad364e35_10.0.14393.1198_none_a5178843cc6eed56.manifest

         -8.0s C:\Windows\WinSxS\Manifests\wow64_microsoft-windows-oleacc_31bf3856ad364e35_10.0.14393.1198_none_ea9e9085b1513980.manifest

         -8.0s C:\Windows\WinSxS\Manifests\wow64_microsoft-windows-virtualdiskservice_31bf3856ad364e35_10.0.14393.1198_none_eb04a557899c1a36.manifest

         -7.9s C:\Windows\WinSxS\Manifests\wow64_microsoft-windows-s..ementwmi-powershell_31bf3856ad364e35_10.0.14393.1198_none_6963c28716a18a58.manifest

         -7.5s C:\Windows\WinSxS\Manifests\wow64_microsoft-windows-kernel32_31bf3856ad364e35_10.0.14393.1198_none_13d7b7f8e53906ab.manifest

         -7.5s C:\Windows\WinSxS\Manifests\x86_microsoft-windows-s..on-wizard-framework_31bf3856ad364e35_10.0.14393.1198_none_cff97217f3a8844b.manifest

         -7.4s C:\Windows\WinSxS\Manifests\wow64_microsoft-windows-w..for-management-core_31bf3856ad364e35_10.0.14393.1198_none_4a7f48173bf54a52.manifest

         -7.2s C:\Windows\WinSxS\Manifests\amd64_microsoft-windows-d..ointofservice-winrt_31bf3856ad364e35_10.0.14393.1198_none_de058a57bbefd4f9.manifest

         -6.9s C:\Windows\WinSxS\Manifests\amd64_microsoft-windows-d..e-protocolproviders_31bf3856ad364e35_10.0.14393.1198_none_691a5a2b34aaddbb.manifest

         -6.9s C:\Windows\WinSxS\Manifests\wow64_microsoft-windows-wsp-fileserver_31bf3856ad364e35_10.0.14393.1198_none_b95c9b8e99b0009b.manifest

         -6.9s C:\Windows\WinSxS\Manifests\wow64_microsoft-windows-wsp-replication_31bf3856ad364e35_10.0.14393.1198_none_dd802f11a0d31936.manifest

         -6.8s C:\Windows\WinSxS\Manifests\wow64_microsoft-windows-wsp-health_31bf3856ad364e35_10.0.14393.1198_none_daf367aa0e35c9e8.manifest

         -6.8s C:\Windows\WinSxS\Manifests\wow64_microsoft-windows-d..ointofservice-winrt_31bf3856ad364e35_10.0.14393.1198_none_e85a34a9f05096f4.manifest

         -6.8s C:\Windows\WinSxS\Manifests\amd64_microsoft-windows-t..-collaboration-core_31bf3856ad364e35_10.0.14393.1198_none_30d41ec250b7742c.manifest

         -6.7s C:\Windows\WinSxS\Manifests\x86_microsoft-windows-com-ole.resources_31bf3856ad364e35_10.0.14393.1198_de-de_550c4d13d649017a.manifest

         -6.6s C:\Windows\WinSxS\Manifests\amd64_microsoft-windows-m..s-mdac-odbcconf-dll_31bf3856ad364e35_10.0.14393.1198_none_7d9e140e504e65a6.manifest

         -6.6s C:\Windows\WinSxS\Manifests\amd64_microsoft-windows-t..s-collaboration-api_31bf3856ad364e35_10.0.14393.1198_none_bb36589ff7d2c13b.manifest

         -6.6s C:\Windows\WinSxS\Manifests\wow64_microsoft-windows-com-base-qfe-ole32_31bf3856ad364e35_10.0.14393.1198_none_2c377a13813ede81.manifest

         -6.5s C:\Windows\WinSxS\Manifests\x86_microsoft-windows-c..fe-catsrvut-comsvcs_31bf3856ad364e35_10.0.14393.1198_none_8c68f20f420d45c9.manifest

         -6.5s C:\Windows\WinSxS\Manifests\wow64_microsoft-windows-com-complus-runtime_31bf3856ad364e35_10.0.14393.1198_none_d9e491c9639f0b87.manifest

         -6.4s C:\Windows\WinSxS\Manifests\x86_microsoft-windows-ole-automation-legacy_31bf3856ad364e35_10.0.14393.1198_none_53ba4774a3e3914a.manifest

         -6.3s C:\Windows\WinSxS\Manifests\amd64_microsoft-windows-m..ents-mdac-ado15-dll_31bf3856ad364e35_10.0.14393.1198_none_81f60aebcb336cd8.manifest

         -6.3s C:\Windows\WinSxS\Manifests\amd64_microsoft-windows-naturallanguage6-base_31bf3856ad364e35_10.0.14393.1198_none_c6b4134cb000d48f.manifest

         -6.3s C:\Windows\WinSxS\Manifests\x86_microsoft-windows-a..face-winnt-provider_31bf3856ad364e35_10.0.14393.1198_none_5449262208ebc63a.manifest

         -5.2s C:\Windows\WinSxS\Manifests\amd64_microsoft-hyper-v-vstack-vmms_31bf3856ad364e35_10.0.14393.1198_none_ac5b3005b97971be.manifest

         -4.9s C:\Windows\WinSxS\Manifests\amd64_microsoft-hyper-v-vstack-compute_31bf3856ad364e35_10.0.14393.1198_none_202f6485e73a098e.manifest

         -4.9s C:\Windows\WinSxS\Manifests\wow64_microsoft-windows-security-vault_31bf3856ad364e35_10.0.14393.1198_none_7182e36ec9f68d4e.manifest

         -4.8s C:\Windows\WinSxS\Manifests\wow64_microsoft-windows-f..mutilityrefslibrary_31bf3856ad364e35_10.0.14393.1198_none_7c12a7f7de042df9.manifest

         -4.4s C:\Windows\WinSxS\Manifests\amd64_microsoft-windows-d..wmanager-compositor_31bf3856ad364e35_10.0.14393.1198_none_7b477b5c99eaaa7f.manifest

         -4.3s C:\Windows\WinSxS\Manifests\amd64_microsoft-hyper-v-vstack-computelib_31bf3856ad364e35_10.0.14393.1198_none_236661bf161ef9f7.manifest

         -4.2s C:\Windows\WinSxS\Manifests\amd64_microsoft-windows-security-ngc-kspsvc_31bf3856ad364e35_10.0.14393.1198_none_ddbfe00094d47af6.manifest

         -4.1s C:\Windows\WinSxS\Manifests\x86_microsoft-windows-cryptui-dll_31bf3856ad364e35_10.0.14393.1198_none_9f94e8403a529de3.manifest

         -4.1s C:\Windows\WinSxS\Manifests\amd64_microsoft-windows-b..iagnostic.resources_31bf3856ad364e35_10.0.14393.1198_en-us_2cae7fc5e598d257.manifest

         -4.1s C:\Windows\WinSxS\Manifests\wow64_microsoft-windows-grouppolicy-base_31bf3856ad364e35_10.0.14393.1198_none_a83d349675f02402.manifest

         -4.0s C:\Windows\WinSxS\Manifests\wow64_microsoft-windows-apprep_31bf3856ad364e35_10.0.14393.1198_none_8c12fd78b5adb2e7.manifest

         -4.0s C:\Windows\WinSxS\Manifests\amd64_microsoft-windows-b..iagnostic.resources_31bf3856ad364e35_10.0.14393.1198_cs-cz_e9583469fe9e75f9.manifest

         -4.0s C:\Windows\WinSxS\Manifests\wow64_microsoft-windows-appid_31bf3856ad364e35_10.0.14393.1198_none_d765e3034114ca03.manifest

         -3.9s C:\Windows\WinSxS\Manifests\wow64_windows-id-connecte..nt-provider-wlidcli_31bf3856ad364e35_10.0.14393.1198_none_2102db98485edefe.manifest

         -3.9s C:\Windows\WinSxS\Manifests\amd64_microsoft-windows-b..iagnostic.resources_31bf3856ad364e35_10.0.14393.1198_da-dk_86921490f4e471f8.manifest

         -3.9s C:\Windows\WinSxS\Manifests\amd64_microsoft-windows-b..iagnostic.resources_31bf3856ad364e35_10.0.14393.1198_de-de_83bda9ccf6bac692.manifest

         -3.9s C:\Windows\WinSxS\Manifests\amd64_microsoft-windows-security-ngc-ctnrsvc_31bf3856ad364e35_10.0.14393.1198_none_b803b597da844bfd.manifest

         -3.8s C:\Windows\WinSxS\Manifests\amd64_microsoft-windows-b..iagnostic.resources_31bf3856ad364e35_10.0.14393.1198_el-gr_2c53d75fe5d02f20.manifest

         -3.8s C:\Windows\WinSxS\Manifests\x86_microsoft-windows-rasmprddm_31bf3856ad364e35_10.0.14393.1198_none_b2bcde066fc79662.manifest

         -3.8s C:\Windows\WinSxS\Manifests\x86_microsoft-windows-unimodem-core-tsp_31bf3856ad364e35_10.0.14393.1198_none_c7807f0c71c64d64.manifest

         -3.7s C:\Windows\WinSxS\Manifests\x86_microsoft-windows-rastls_31bf3856ad364e35_10.0.14393.1198_none_860bb8cff2532b19.manifest

         -3.7s C:\Windows\WinSxS\Manifests\amd64_microsoft-windows-b..iagnostic.resources_31bf3856ad364e35_10.0.14393.1198_es-es_2c79dca9e5bfc3fc.manifest

         -3.7s C:\Windows\WinSxS\Manifests\amd64_microsoft-windows-b..iagnostic.resources_31bf3856ad364e35_10.0.14393.1198_fi-fi_cb94e156dad9b626.manifest

         -3.7s C:\Windows\WinSxS\Manifests\amd64_microsoft-windows-b..iagnostic.resources_31bf3856ad364e35_10.0.14393.1198_fr-fr_cf3152a8d891da5e.manifest

         -3.6s C:\Windows\WinSxS\Manifests\amd64_microsoft-windows-b..iagnostic.resources_31bf3856ad364e35_10.0.14393.1198_hu-hu_16a1d2f0bcf1a97a.manifest

         -3.6s C:\Windows\WinSxS\Manifests\x86_microsoft-windows-comdlg32.resources_31bf3856ad364e35_10.0.14393.1198_ar-sa_6ffd179d4d1aa9c8.manifest

         -3.6s C:\Windows\WinSxS\Manifests\amd64_microsoft-windows-b..iagnostic.resources_31bf3856ad364e35_10.0.14393.1198_it-it_b95948efafc3bfdc.manifest

         -3.6s C:\Windows\WinSxS\Manifests\amd64_microsoft-windows-b..iagnostic.resources_31bf3856ad364e35_10.0.14393.1198_ja-jp_5b7ec7fca2ded1b7.manifest

         -3.6s C:\Windows\WinSxS\Manifests\x86_microsoft-windows-comdlg32.resources_31bf3856ad364e35_10.0.14393.1198_bg-bg_163cf9263d9afb1f.manifest

         -3.5s C:\Windows\WinSxS\Manifests\amd64_microsoft-windows-b..iagnostic.resources_31bf3856ad364e35_10.0.14393.1198_ko-kr_fee8a4b1954f98cd.manifest

         -3.5s C:\Windows\WinSxS\Manifests\amd64_microsoft-windows-b..iagnostic.resources_31bf3856ad364e35_10.0.14393.1198_nb-no_e77b25e66d74c489.manifest

         -3.5s C:\Windows\WinSxS\Manifests\x86_microsoft-windows-comdlg32.resources_31bf3856ad364e35_10.0.14393.1198_cs-cz_c1466fc12b22d74a.manifest

         -3.5s C:\Windows\WinSxS\Manifests\amd64_microsoft-windows-b..iagnostic.resources_31bf3856ad364e35_10.0.14393.1198_nl-nl_e5ba71246ea0ce5e.manifest

         -3.5s C:\Windows\WinSxS\Manifests\amd64_microsoft-windows-b..iagnostic.resources_31bf3856ad364e35_10.0.14393.1198_pl-pl_2bf6cba653c33c12.manifest

         -3.5s C:\Windows\WinSxS\Manifests\x86_microsoft-windows-comdlg32.resources_31bf3856ad364e35_10.0.14393.1198_da-dk_5e804fe82168d349.manifest

         -3.5s C:\Windows\WinSxS\Manifests\amd64_microsoft-windows-b..iagnostic.resources_31bf3856ad364e35_10.0.14393.1198_pt-br_2e4ab64a524ccff6.manifest

         -3.5s C:\Windows\WinSxS\Manifests\amd64_microsoft-windows-b..iagnostic.resources_31bf3856ad364e35_10.0.14393.1198_pt-pt_2f2c85b651bc3fd2.manifest

         -3.5s C:\Windows\WinSxS\Manifests\x86_microsoft-windows-comdlg32.resources_31bf3856ad364e35_10.0.14393.1198_de-de_5babe524233f27e3.manifest

         -3.5s C:\Windows\WinSxS\Manifests\amd64_microsoft-windows-b..iagnostic.resources_31bf3856ad364e35_10.0.14393.1198_ru-ru_75cf977a369dcdfe.manifest

         -3.4s C:\Windows\WinSxS\Manifests\amd64_microsoft-windows-b..iagnostic.resources_31bf3856ad364e35_10.0.14393.1198_sv-se_11ca81ef2dc6d859.manifest

         -3.4s C:\Windows\WinSxS\Manifests\amd64_microsoft-windows-b..iagnostic.resources_31bf3856ad364e35_10.0.14393.1198_tr-tr_bad7cc361c82da4a.manifest

         -3.4s C:\Windows\WinSxS\Manifests\x86_microsoft-windows-comdlg32.resources_31bf3856ad364e35_10.0.14393.1198_el-gr_044212b712549071.manifest

         -3.4s C:\Windows\WinSxS\Manifests\amd64_microsoft-windows-b..iagnostic.resources_31bf3856ad364e35_10.0.14393.1198_zh-cn_8c34ea33ccbaac69.manifest

         -3.4s C:\Windows\WinSxS\Manifests\amd64_microsoft-windows-b..iagnostic.resources_31bf3856ad364e35_10.0.14393.1198_zh-tw_90312789ca2b88d9.manifest

         -3.4s C:\Windows\WinSxS\Manifests\x86_microsoft-windows-comdlg32.resources_31bf3856ad364e35_10.0.14393.1198_en-gb_fd13ffff16f47fe3.manifest

         -3.3s C:\Windows\WinSxS\Manifests\amd64_microsoft-windows-s..aryauthfactor-winrt_31bf3856ad364e35_10.0.14393.1198_none_515f2c07f042cd75.manifest

         -3.3s C:\Windows\WinSxS\Manifests\amd64_microsoft-windows-os-kernel_31bf3856ad364e35_10.0.14393.1198_none_e1f58a060eafce6a.manifest

         -3.3s C:\Windows\WinSxS\Manifests\x86_microsoft-windows-comdlg32.resources_31bf3856ad364e35_10.0.14393.1198_en-us_049cbb1d121d33a8.manifest

         -3.3s C:\Windows\WinSxS\Manifests\amd64_microsoft-windows-s..cecontroller-minwin_31bf3856ad364e35_10.0.14393.1198_none_b4ddedd4572ffb77.manifest

         -3.2s C:\Windows\WinSxS\Manifests\wow64_microsoft-windows-s..aryauthfactor-winrt_31bf3856ad364e35_10.0.14393.1198_none_5bb3d65a24a38f70.manifest

         -3.2s C:\Windows\WinSxS\Manifests\x86_microsoft-windows-comdlg32.resources_31bf3856ad364e35_10.0.14393.1198_es-es_046818011244254d.manifest

         -3.2s C:\Windows\WinSxS\Manifests\wow64_microsoft-windows-printing3d-winrt-core_31bf3856ad364e35_10.0.14393.1198_none_1648a87904d90704.manifest

         -3.2s C:\Windows\WinSxS\Manifests\amd64_microsoft-windows-b..iagnostic.resources_31bf3856ad364e35_10.0.14393.1198_sr-..-cs_b3863a71a5aa3653.manifest

         -3.2s C:\Windows\WinSxS\Manifests\x86_microsoft-windows-comdlg32.resources_31bf3856ad364e35_10.0.14393.1198_es-mx_069f05a710d808f8.manifest

         -3.1s C:\Windows\WinSxS\Manifests\amd64_microsoft-windows-b..iagnostic.resources_31bf3856ad364e35_10.0.14393.1198_zh-hk_8adfe2c1cd961ef9.manifest

         -3.1s C:\Windows\WinSxS\Manifests\wow64_microsoft-windows-devices-printers-winrt_31bf3856ad364e35_10.0.14393.1198_none_7bc954e7bfc5485b.manifest

         -3.1s C:\Windows\WinSxS\Manifests\x86_microsoft-windows-comdlg32.resources_31bf3856ad364e35_10.0.14393.1198_et-ee_fe27e391164a01dc.manifest

         -3.1s C:\Windows\WinSxS\Manifests\amd64_microsoft-windows-b..iagnostic.resources_31bf3856ad364e35_10.0.14393.1198_qps-ploc_eb4a777728e3be56.manifest

         -3.1s C:\Windows\WinSxS\Manifests\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_10.0.14393.1198_none_d0ebe297c7339c4a.manifest

         -3.0s C:\Windows\WinSxS\Manifests\x86_microsoft-windows-comdlg32.resources_31bf3856ad364e35_10.0.14393.1198_fi-fi_a3831cae075e1777.manifest

         -3.0s C:\Windows\WinSxS\Manifests\amd64_microsoft-windows-b..environment-windows_31bf3856ad364e35_10.0.14393.1198_none_defdbf8fe7575a1b.manifest

         -3.0s C:\Windows\WinSxS\Manifests\wow64_microsoft-windows-virtualdiskapilibrary_31bf3856ad364e35_10.0.14393.1198_none_6d7c7301975f6168.manifest

         -3.0s C:\Windows\WinSxS\Manifests\x86_microsoft-windows-comdlg32.resources_31bf3856ad364e35_10.0.14393.1198_fr-ca_9f95d84a09eea1d5.manifest

         -2.9s C:\Windows\WinSxS\Manifests\wow64_microsoft-windows-devices-wifidirect_31bf3856ad364e35_10.0.14393.1198_none_174023f54fc1776b.manifest

         -2.9s C:\Windows\WinSxS\Manifests\amd64_windows-media-speech-winrt_31bf3856ad364e35_10.0.14393.1198_none_894038eba47bd727.manifest

         -2.9s C:\Windows\WinSxS\Manifests\x86_microsoft-windows-comdlg32.resources_31bf3856ad364e35_10.0.14393.1198_fr-fr_a71f8e0005163baf.manifest

         -2.8s C:\Windows\WinSxS\Manifests\amd64_microsoft-windows-speechcommon-onecore_31bf3856ad364e35_10.0.14393.1198_none_e91e3eda7850d7f3.manifest

         -2.7s C:\Windows\WinSxS\Manifests\wow64_microsoft-windows-energy-winrt_31bf3856ad364e35_10.0.14393.1198_none_8dce11ca53569816.manifest

         -2.7s C:\Windows\WinSxS\Manifests\x86_microsoft-windows-comdlg32.resources_31bf3856ad364e35_10.0.14393.1198_he-il_eb3f35a1eb853c9d.manifest

         -2.7s C:\Windows\WinSxS\Manifests\wow64_windows-media-speech-winrt_31bf3856ad364e35_10.0.14393.1198_none_9394e33dd8dc9922.manifest

         -2.6s C:\Windows\WinSxS\Manifests\wow64_microsoft-windows-speechcommon-onecore_31bf3856ad364e35_10.0.14393.1198_none_f372e92cacb199ee.manifest

         -2.6s C:\Windows\WinSxS\Manifests\x86_microsoft-windows-comdlg32.resources_31bf3856ad364e35_10.0.14393.1198_hr-hr_ed5be881ea38a963.manifest

         -2.5s C:\Windows\WinSxS\Manifests\amd64_microsoft-windows-cpfilters_31bf3856ad364e35_10.0.14393.1198_none_ad3019ee38bb0b8c.manifest

         -2.4s C:\Windows\WinSxS\Manifests\wow64_microsoft-windows-printing-winrt-core_31bf3856ad364e35_10.0.14393.1198_none_748ae26d9a735eff.manifest

         -2.4s C:\Windows\WinSxS\Manifests\x86_microsoft-windows-comdlg32.resources_31bf3856ad364e35_10.0.14393.1198_hu-hu_ee900e47e9760acb.manifest

         -2.4s C:\Windows\WinSxS\Manifests\amd64_microsoft-windows-u..ed-telemetry-client_31bf3856ad364e35_10.0.14393.1198_none_15b8182d617959f0.manifest

         -2.4s C:\Windows\WinSxS\Manifests\wow64_microsoft-windows-u..ed-telemetry-client_31bf3856ad364e35_10.0.14393.1198_none_200cc27f95da1beb.manifest

         -2.4s C:\Windows\WinSxS\Manifests\x86_microsoft-windows-comdlg32.resources_31bf3856ad364e35_10.0.14393.1198_it-it_91478446dc48212d.manifest

         -2.4s C:\Users\User\Desktop\tdsskiller (1).exe

         -2.2s C:\Windows\WinSxS\Manifests\amd64_microsoft-windows-dxp-deviceexperience_31bf3856ad364e35_10.0.14393.1198_none_bcea54295453faa3.manifest

         -2.1s C:\Windows\WinSxS\Manifests\wow64_microsoft-windows-n..-backgroundtransfer_31bf3856ad364e35_10.0.14393.1198_none_8bfef8736ce4fb27.manifest

         -2.1s C:\Windows\WinSxS\Manifests\x86_microsoft-windows-comdlg32.resources_31bf3856ad364e35_10.0.14393.1198_ja-jp_336d0353cf633308.manifest

         -2.0s C:\Windows\WinSxS\Manifests\amd64_microsoft-hyper-v-vstack-vsmb_31bf3856ad364e35_10.0.14393.1198_none_a4d737b3be4cbcd1.manifest

         -2.0s C:\Windows\WinSxS\Temp\InFlight\8770e39c8dc9d201de4c0000c42f4c12\

         -2.0s C:\Windows\WinSxS\amd64_microsoft-hyper-v-vstack-vsmb_31bf3856ad364e35_10.0.14393.953_none_68dd493101b446db\vmusrv.dll

         -2.0s C:\Windows\WinSxS\amd64_microsoft-hyper-v-vstack-vsmb_31bf3856ad364e35_10.0.14393.953_none_68dd493101b446db\vmsmb.dll

         -0.7s C:\Windows\WinSxS\Manifests\amd64_microsoft-xbox-gameoverlay_31bf3856ad364e35_10.0.14393.1198_none_b47af21781dd4d4a.manifest

         -0.7s C:\Windows\WinSxS\Manifests\x86_microsoft-windows-comdlg32.resources_31bf3856ad364e35_10.0.14393.1198_ko-kr_d6d6e008c1d3fa1e.manifest

         -0.6s C:\Windows\WinSxS\Manifests\amd64_microsoft-windows-s..e-windowsupdateauth_31bf3856ad364e35_10.0.14393.1198_none_747082ce5976b2f8.manifest

          0.0s C:\Users\User\Desktop\FRST-OlderVersion\FRST64 (1).exe

          0.3s C:\Windows\WinSxS\Manifests\wow64_microsoft-windows-web-http_31bf3856ad364e35_10.0.14393.1198_none_7a77820f3f1717aa.manifest

          0.6s C:\Windows\WinSxS\Manifests\x86_microsoft-windows-comdlg32.resources_31bf3856ad364e35_10.0.14393.1198_lt-lt_7aa20c09b3fbc5bb.manifest

          0.6s C:\Windows\WinSxS\Manifests\amd64_microsoft-windows-rasbase-raspppoe_31bf3856ad364e35_10.0.14393.1198_none_cbf8ac85f5249516.manifest

          1.0s C:\Windows\WinSxS\Manifests\amd64_microsoft-windows-unimodem-core-tsp_31bf3856ad364e35_10.0.14393.1198_none_239f1a902a23be9a.manifest

          1.2s C:\Windows\WinSxS\Manifests\amd64_netfx-wminet_utils_dll_b03f5f7f11d50a3a_10.0.14393.1198_none_a63e85051b08b2e5.manifest

          1.4s C:\Windows\WinSxS\Manifests\x86_netfx-wminet_utils_dll_b03f5f7f11d50a3a_10.0.14393.1198_none_edebbbdc2f84dbeb.manifest

          1.6s C:\Windows\WinSxS\Manifests\amd64_netfx-peverify_dll_b03f5f7f11d50a3a_10.0.14393.1198_none_cfa303ffea720849.manifest

          1.8s C:\Windows\WinSxS\Manifests\x86_netfx-peverify_dll_b03f5f7f11d50a3a_10.0.14393.1198_none_17503ad6feee314f.manifest

          1.8s C:\Windows\WinSxS\Manifests\msil_system.security_b03f5f7f11d50a3a_10.0.14393.1198_none_16c0d0de8358627a.manifest

          1.8s C:\Windows\WinSxS\Manifests\x86_microsoft-windows-comdlg32.resources_31bf3856ad364e35_10.0.14393.1198_lv-lv_7b6f7a8db37a06ab.manifest

          1.9s C:\Windows\WinSxS\Manifests\amd64_microsoft-windows-w..client-installagent_31bf3856ad364e35_10.0.14393.1198_none_5f9737465e897356.manifest

          1.9s C:\Windows\WinSxS\Manifests\amd64_microsoft-windows-store-licensemanager_31bf3856ad364e35_10.0.14393.1198_none_abd049101bc3b356.manifest

          1.9s C:\Windows\WinSxS\Manifests\x86_microsoft-windows-comdlg32.resources_31bf3856ad364e35_10.0.14393.1198_nb-no_bf69613d99f925da.manifest

          2.0s C:\Windows\WinSxS\Manifests\amd64_microsoft-windows-store-runtime_31bf3856ad364e35_10.0.14393.1198_none_66a9aebc99ea0d08.manifest

          2.1s C:\Windows\WinSxS\Manifests\amd64_microsoft-windows-smartscreen_31bf3856ad364e35_10.0.14393.1198_none_3326f4cc7aaf0139.manifest

          2.1s C:\Windows\WinSxS\Manifests\wow64_microsoft-windows-store-licensemanager_31bf3856ad364e35_10.0.14393.1198_none_b624f36250247551.manifest

          2.1s C:\Windows\WinSxS\Manifests\x86_microsoft-windows-comdlg32.resources_31bf3856ad364e35_10.0.14393.1198_nl-nl_bda8ac7b9b252faf.manifest

          2.2s C:\Windows\WinSxS\Manifests\amd64_netfx-mscordacwks_b03f5f7f11d50a3a_10.0.14393.1198_none_5e2e02a4a77ef051.manifest

          2.2s C:\Windows\WinSxS\Manifests\x86_netfx-mscordacwks_b03f5f7f11d50a3a_10.0.14393.1198_none_a5db397bbbfb1957.manifest

          2.2s C:\Windows\WinSxS\Manifests\amd64_microsoft-windows-networkbridge_31bf3856ad364e35_10.0.14393.1198_none_7daf194060a25529.manifest

          2.3s C:\Windows\WinSxS\Manifests\wow64_microsoft-windows-w..client-installagent_31bf3856ad364e35_10.0.14393.1198_none_69ebe19892ea3551.manifest

          2.3s C:\Windows\WinSxS\Manifests\x86_microsoft-windows-comdlg32.resources_31bf3856ad364e35_10.0.14393.1198_pl-pl_03e506fd80479d63.manifest

          2.4s C:\Windows\WinSxS\Manifests\wow64_microsoft-windows-store-runtime_31bf3856ad364e35_10.0.14393.1198_none_70fe590ece4acf03.manifest

          2.4s C:\Windows\WinSxS\Manifests\msil_system.management_b03f5f7f11d50a3a_10.0.14393.1198_none_99ef33d6c183851f.manifest

          2.4s C:\Windows\WinSxS\Manifests\x86_netfx-mscordbi_dll_b03f5f7f11d50a3a_10.0.14393.1198_none_eae0037f11851f48.manifest

          2.4s C:\Windows\WinSxS\Manifests\amd64_netfx-mscordbi_dll_b03f5f7f11d50a3a_10.0.14393.1198_none_a332cca7fd08f642.manifest

          2.5s C:\Windows\WinSxS\Manifests\amd64_mscorlib_b77a5c561934e089_10.0.14393.1198_none_fac310d061f67ff9.manifest

          2.7s C:\Windows\WinSxS\Manifests\x86_mscorlib_b77a5c561934e089_10.0.14393.1198_none_427047a77672a8ff.manifest

          2.7s C:\Windows\WinSxS\Manifests\x86_microsoft-windows-naturallanguage6-base_31bf3856ad364e35_10.0.14393.1198_none_6a9577c8f7a36359.manifest

          2.8s C:\Windows\WinSxS\Manifests\x86_microsoft-windows-comdlg32.resources_31bf3856ad364e35_10.0.14393.1198_pt-br_0638f1a17ed13147.manifest

          2.8s C:\Windows\WinSxS\Manifests\amd64_netfx-sos_dll_b03f5f7f11d50a3a_10.0.14393.1198_none_46fc4a659b73cc66.manifest

          2.8s C:\Windows\WinSxS\Manifests\x86_netfx-sos_dll_b03f5f7f11d50a3a_10.0.14393.1198_none_8ea9813cafeff56c.manifest

          2.8s C:\Windows\WinSxS\Manifests\amd64_microsoft-windows-w..wsupdateclient-core_31bf3856ad364e35_10.0.14393.1198_none_24a7854e04263533.manifest

          2.9s C:\Windows\WinSxS\Manifests\amd64_microsoft-windows-w..nt-extupdatesupport_31bf3856ad364e35_10.0.14393.1198_none_a3a89c2f4d5e5c89.manifest

          2.9s C:\Windows\WinSxS\Manifests\amd64_netfx-system.security_b03f5f7f11d50a3a_10.0.14393.1198_none_d7e2a23392709ff5.manifest

          3.0s C:\Windows\WinSxS\Manifests\amd64_netfx-system_b03f5f7f11d50a3a_10.0.14393.1198_none_658d0397f6438f11.manifest

          3.1s C:\Windows\WinSxS\Manifests\msil_system_b77a5c561934e089_10.0.14393.1198_none_55498e52110f633c.manifest

          3.1s C:\Windows\WinSxS\Manifests\amd64_netfx-system.management_b03f5f7f11d50a3a_10.0.14393.1198_none_9c96e19b8549c272.manifest

          3.1s C:\Windows\WinSxS\Manifests\x86_netfx35linq-system.core_31bf3856ad364e35_10.0.14393.1198_none_79011f2c310097e3.manifest

          3.1s C:\Windows\WinSxS\Manifests\amd64_netfx35linq-system.core_31bf3856ad364e35_10.0.14393.1198_none_d51fbaafe95e0919.manifest

          3.1s C:\Windows\WinSxS\Manifests\x86_microsoft-windows-comdlg32.resources_31bf3856ad364e35_10.0.14393.1198_pt-pt_071ac10d7e40a123.manifest

          3.1s C:\Windows\WinSxS\Manifests\amd64_microsoft-windows-u..ratorupdatehandlers_31bf3856ad364e35_10.0.14393.1198_none_74d387b4e60a345e.manifest

          3.5s C:\Windows\WinSxS\Manifests\wow64_microsoft-windows-directui_31bf3856ad364e35_10.0.14393.1198_none_370fc6647d837d70.manifest

          3.6s C:\Windows\WinSxS\Manifests\msil_system.core_b77a5c561934e089_10.0.14393.1198_none_b77f1c3ff07e3080.manifest

          3.6s C:\Windows\WinSxS\Manifests\amd64_wpf-presentationframework_31bf3856ad364e35_10.0.14393.1198_none_e44b846bb08323ab.manifest

          3.7s C:\Windows\WinSxS\Manifests\x86_wpf-presentationframework_31bf3856ad364e35_10.0.14393.1198_none_882ce8e7f825b275.manifest

          3.7s C:\Windows\WinSxS\Manifests\msil_windowsbase_31bf3856ad364e35_10.0.14393.1198_none_b0c57754d1d2e282.manifest

          3.7s C:\Windows\WinSxS\Manifests\x86_presentationcore_31bf3856ad364e35_10.0.14393.1198_none_c5d79f2132239448.manifest

          4.6s C:\Windows\WinSxS\Manifests\amd64_presentationcore_31bf3856ad364e35_10.0.14393.1198_none_21f63aa4ea81057e.manifest

          4.6s C:\Windows\WinSxS\Manifests\amd64_wpf-penimc_31bf3856ad364e35_10.0.14393.1198_none_21763b4d5f3a8feb.manifest

          4.7s C:\Windows\WinSxS\Manifests\x86_wpf-penimc_31bf3856ad364e35_10.0.14393.1198_none_c5579fc9a6dd1eb5.manifest

          4.7s C:\Windows\WinSxS\Manifests\x86_system.printing_31bf3856ad364e35_10.0.14393.1198_none_8ce6ef9f184b9873.manifest

          4.7s C:\Windows\WinSxS\Manifests\amd64_system.printing_31bf3856ad364e35_10.0.14393.1198_none_e9058b22d0a909a9.manifest

          4.8s C:\Windows\WinSxS\Manifests\msil_presentationframework_31bf3856ad364e35_10.0.14393.1198_none_905e22e6962c0644.manifest

          4.8s C:\Windows\WinSxS\Manifests\msil_reachframework_31bf3856ad364e35_10.0.14393.1198_none_5b55e485a3b0031f.manifest

          4.9s C:\Windows\WinSxS\Manifests\amd64_wpf-windowsbase_31bf3856ad364e35_10.0.14393.1198_none_cd323549a252db81.manifest

          4.9s C:\Windows\WinSxS\Manifests\x86_wpf-windowsbase_31bf3856ad364e35_10.0.14393.1198_none_711399c5e9f56a4b.manifest

          4.9s C:\Windows\WinSxS\Manifests\amd64_wpf-reachframework_31bf3856ad364e35_10.0.14393.1198_none_75ef539583463c66.manifest

          4.9s C:\Windows\WinSxS\Manifests\x86_wpf-reachframework_31bf3856ad364e35_10.0.14393.1198_none_19d0b811cae8cb30.manifest

          4.9s C:\Windows\WinSxS\Manifests\x86_microsoft-windows-comdlg32.resources_31bf3856ad364e35_10.0.14393.1198_ro-ro_4b55874564a76c7f.manifest

          4.9s C:\Windows\WinSxS\Manifests\amd64_microsoft-windows-u..te-orchestratorcore_31bf3856ad364e35_10.0.14393.1198_none_fc977c0adeffd819.manifest

          5.0s C:\Windows\WinSxS\Manifests\wow64_microsoft-windows-webapi_31bf3856ad364e35_10.0.14393.1198_none_8d3e463dc77fcc0b.manifest

          5.0s C:\Windows\WinSxS\Manifests\x86_microsoft-windows-comdlg32.resources_31bf3856ad364e35_10.0.14393.1198_ru-ru_4dbdd2d163222f4f.manifest

          5.0s C:\Windows\WinSxS\Manifests\wow64_microsoft-windows-networking_31bf3856ad364e35_10.0.14393.1198_none_a219e53b096f35ff.manifest

          5.0s C:\Windows\WinSxS\Manifests\amd64_microsoft-windows-updatepolicy_31bf3856ad364e35_10.0.14393.1198_none_d24ea352edcf6e4d.manifest

          5.0s C:\Windows\WinSxS\Manifests\x86_microsoft-windows-comdlg32.resources_31bf3856ad364e35_10.0.14393.1198_sk-sk_ecd8d77e583c2179.manifest

          5.0s C:\Windows\WinSxS\Manifests\wow64_microsoft-windows-ui-xaml-maps_31bf3856ad364e35_10.0.14393.1198_none_17677fc5590b6676.manifest

          5.1s C:\Windows\WinSxS\Manifests\amd64_microsoft-windows-security-vault_31bf3856ad364e35_10.0.14393.1198_none_672e391c9595cb53.manifest

          5.1s C:\Windows\WinSxS\Manifests\x86_microsoft-windows-comdlg32.resources_31bf3856ad364e35_10.0.14393.1198_sl-si_ebeaf93658d6345c.manifest

          5.2s C:\Windows\WinSxS\Manifests\amd64_microsoft-system-user-component_31bf3856ad364e35_10.0.14393.1198_none_dafee77395350017.manifest

          5.2s C:\Windows\WinSxS\Manifests\amd64_microsoft-system-user-service_31bf3856ad364e35_10.0.14393.1198_none_011d71f7cd896ae1.manifest

          5.3s C:\Windows\WinSxS\Manifests\x86_microsoft-windows-comdlg32.resources_31bf3856ad364e35_10.0.14393.1198_sr-..-rs_921b617acde7db8d.manifest

          5.3s C:\Windows\WinSxS\Manifests\wow64_windows-applicationmodel-core-winrt_31bf3856ad364e35_10.0.14393.1198_none_35fcf0d8f446e56a.manifest

          5.3s C:\Windows\WinSxS\wow64_microsoft-windows-retaildemo-retailinfo_31bf3856ad364e35_10.0.14393.1198_none_62df153045c76a61\

          5.3s C:\Windows\WinSxS\amd64_microsoft-windows-s..gementwmi.resources_31bf3856ad364e35_10.0.14393.1198_de-de_467b9f2db4b20a2f\

          5.4s C:\Windows\WinSxS\amd64_windows-id-connecte..nt-provider-wlidcli_31bf3856ad364e35_10.0.14393.1198_none_16ae314613fe1d03\

          5.4s C:\Windows\WinSxS\amd64_windows-defender-ui_31bf3856ad364e35_10.0.14393.1198_none_8bce46873a8a33fb\

          5.4s C:\Windows\WinSxS\amd64_windows-defender-modern-app_31bf3856ad364e35_10.0.14393.1198_none_56abed0c171c6a56\

          5.4s C:\Windows\WinSxS\amd64_windows-defender-service_31bf3856ad364e35_10.0.14393.1198_none_3b6b4b33b1594ff4\

          5.4s C:\Windows\WinSxS\amd64_windows-defender-service-datalayer_31bf3856ad364e35_10.0.14393.1198_none_787a21774b1409fa\

          5.4s C:\Windows\WinSxS\wow64_windows-defender-service_31bf3856ad364e35_10.0.14393.1198_none_45bff585e5ba11ef\

          5.4s C:\Windows\WinSxS\amd64_windows-defender-management-v1_31bf3856ad364e35_10.0.14393.1198_none_906abadb62d65aa4\

          5.4s C:\Windows\WinSxS\amd64_windows-defender-management-mdm_31bf3856ad364e35_10.0.14393.1198_none_b825a3b0a4215f0b\

          5.4s C:\Windows\WinSxS\amd64_windows-defender-management-onecore_31bf3856ad364e35_10.0.14393.1198_none_49f90c98f36c2ba0\

          5.4s C:\Windows\WinSxS\x86_microsoft-windows-winre-recoveryagent_31bf3856ad364e35_10.0.14393.1198_none_d4732ac61212c4d4\

          5.5s C:\Windows\WinSxS\wow64_microsoft-windows-oleacc_31bf3856ad364e35_10.0.14393.1198_none_ea9e9085b1513980\

          5.5s C:\Windows\WinSxS\wow64_microsoft-windows-virtualdiskservice_31bf3856ad364e35_10.0.14393.1198_none_eb04a557899c1a36\

          5.5s C:\Windows\WinSxS\amd64_microsoft-windows-s..rofessional-license_31bf3856ad364e35_10.0.14393.1198_none_f1b2822c506e74e0\

          5.5s C:\Windows\WinSxS\x86_microsoft-windows-f..rcluster-clientcore_31bf3856ad364e35_10.0.14393.1198_none_aaee154dda8ee6ff\

          5.5s C:\Windows\WinSxS\wow64_microsoft-windows-s..ementwmi-powershell_31bf3856ad364e35_10.0.14393.1198_none_6963c28716a18a58\

          5.5s C:\Windows\WinSxS\x86_microsoft-windows-s..on-wizard-framework_31bf3856ad364e35_10.0.14393.1198_none_cff97217f3a8844b\

          5.5s C:\Windows\WinSxS\wow64_microsoft-windows-wsp-fileserver_31bf3856ad364e35_10.0.14393.1198_none_b95c9b8e99b0009b\

          5.5s C:\Windows\WinSxS\wow64_microsoft-windows-wsp-replication_31bf3856ad364e35_10.0.14393.1198_none_dd802f11a0d31936\

          5.5s C:\Windows\WinSxS\wow64_microsoft-windows-w..for-management-core_31bf3856ad364e35_10.0.14393.1198_none_4a7f48173bf54a52\

          5.5s C:\Windows\WinSxS\wow64_microsoft-windows-wsp-health_31bf3856ad364e35_10.0.14393.1198_none_daf367aa0e35c9e8\

          5.5s C:\Windows\WinSxS\x86_microsoft-windows-c..fe-catsrvut-comsvcs_31bf3856ad364e35_10.0.14393.1198_none_8c68f20f420d45c9\

          5.5s C:\Windows\WinSxS\wow64_microsoft-windows-com-complus-runtime_31bf3856ad364e35_10.0.14393.1198_none_d9e491c9639f0b87\

          5.6s C:\Windows\WinSxS\amd64_microsoft-windows-naturallanguage6-base_31bf3856ad364e35_10.0.14393.1198_none_c6b4134cb000d48f\

          5.6s C:\Windows\WinSxS\wow64_microsoft-windows-grouppolicy-base_31bf3856ad364e35_10.0.14393.1198_none_a83d349675f02402\

          5.6s C:\Windows\WinSxS\amd64_microsoft-windows-b..iagnostic.resources_31bf3856ad364e35_10.0.14393.1198_en-us_2cae7fc5e598d257\

          5.6s C:\Windows\WinSxS\amd64_microsoft-windows-b..iagnostic.resources_31bf3856ad364e35_10.0.14393.1198_cs-cz_e9583469fe9e75f9\

          5.6s C:\Windows\WinSxS\wow64_microsoft-windows-appid_31bf3856ad364e35_10.0.14393.1198_none_d765e3034114ca03\

          5.6s C:\Windows\WinSxS\x86_microsoft-windows-cryptui-dll_31bf3856ad364e35_10.0.14393.1198_none_9f94e8403a529de3\

          5.6s C:\Windows\WinSxS\wow64_windows-id-connecte..nt-provider-wlidcli_31bf3856ad364e35_10.0.14393.1198_none_2102db98485edefe\

          5.6s C:\Windows\WinSxS\amd64_microsoft-windows-b..iagnostic.resources_31bf3856ad364e35_10.0.14393.1198_da-dk_86921490f4e471f8\

          5.6s C:\Windows\WinSxS\amd64_microsoft-windows-b..iagnostic.resources_31bf3856ad364e35_10.0.14393.1198_de-de_83bda9ccf6bac692\

          5.6s C:\Windows\WinSxS\amd64_microsoft-windows-b..iagnostic.resources_31bf3856ad364e35_10.0.14393.1198_el-gr_2c53d75fe5d02f20\

          5.6s C:\Windows\WinSxS\amd64_microsoft-windows-b..iagnostic.resources_31bf3856ad364e35_10.0.14393.1198_es-es_2c79dca9e5bfc3fc\

          5.6s C:\Windows\WinSxS\amd64_microsoft-windows-b..iagnostic.resources_31bf3856ad364e35_10.0.14393.1198_fi-fi_cb94e156dad9b626\

          5.6s C:\Windows\WinSxS\amd64_microsoft-windows-b..iagnostic.resources_31bf3856ad364e35_10.0.14393.1198_fr-fr_cf3152a8d891da5e\

          5.6s C:\Windows\WinSxS\x86_microsoft-windows-comdlg32.resources_31bf3856ad364e35_10.0.14393.1198_ar-sa_6ffd179d4d1aa9c8\

          5.6s C:\Windows\WinSxS\amd64_microsoft-windows-b..iagnostic.resources_31bf3856ad364e35_10.0.14393.1198_hu-hu_16a1d2f0bcf1a97a\

          5.6s C:\Windows\WinSxS\amd64_microsoft-windows-b..iagnostic.resources_31bf3856ad364e35_10.0.14393.1198_it-it_b95948efafc3bfdc\

          5.6s C:\Windows\WinSxS\amd64_microsoft-windows-b..iagnostic.resources_31bf3856ad364e35_10.0.14393.1198_ja-jp_5b7ec7fca2ded1b7\

          5.7s C:\Windows\WinSxS\x86_microsoft-windows-comdlg32.resources_31bf3856ad364e35_10.0.14393.1198_bg-bg_163cf9263d9afb1f\

          5.7s C:\Windows\WinSxS\x86_microsoft-windows-comdlg32.resources_31bf3856ad364e35_10.0.14393.1198_cs-cz_c1466fc12b22d74a\

          5.7s C:\Windows\WinSxS\amd64_microsoft-windows-b..iagnostic.resources_31bf3856ad364e35_10.0.14393.1198_ko-kr_fee8a4b1954f98cd\

          5.7s C:\Windows\WinSxS\amd64_microsoft-windows-b..iagnostic.resources_31bf3856ad364e35_10.0.14393.1198_nb-no_e77b25e66d74c489\

          5.7s C:\Windows\WinSxS\amd64_microsoft-windows-b..iagnostic.resources_31bf3856ad364e35_10.0.14393.1198_nl-nl_e5ba71246ea0ce5e\

          5.7s C:\Windows\WinSxS\amd64_microsoft-windows-b..iagnostic.resources_31bf3856ad364e35_10.0.14393.1198_pl-pl_2bf6cba653c33c12\

          5.7s C:\Windows\WinSxS\x86_microsoft-windows-comdlg32.resources_31bf3856ad364e35_10.0.14393.1198_da-dk_5e804fe82168d349\

          5.7s C:\Windows\WinSxS\amd64_microsoft-windows-b..iagnostic.resources_31bf3856ad364e35_10.0.14393.1198_pt-br_2e4ab64a524ccff6\

          5.7s C:\Windows\WinSxS\x86_microsoft-windows-comdlg32.resources_31bf3856ad364e35_10.0.14393.1198_de-de_5babe524233f27e3\

          5.7s C:\Windows\WinSxS\amd64_microsoft-windows-b..iagnostic.resources_31bf3856ad364e35_10.0.14393.1198_pt-pt_2f2c85b651bc3fd2\

          5.7s C:\Windows\WinSxS\amd64_microsoft-windows-b..iagnostic.resources_31bf3856ad364e35_10.0.14393.1198_ru-ru_75cf977a369dcdfe\

          5.7s C:\Windows\WinSxS\x86_microsoft-windows-comdlg32.resources_31bf3856ad364e35_10.0.14393.1198_el-gr_044212b712549071\

          5.7s C:\Windows\WinSxS\amd64_microsoft-windows-b..iagnostic.resources_31bf3856ad364e35_10.0.14393.1198_sv-se_11ca81ef2dc6d859\

          5.7s C:\Windows\WinSxS\amd64_microsoft-windows-b..iagnostic.resources_31bf3856ad364e35_10.0.14393.1198_tr-tr_bad7cc361c82da4a\

          5.7s C:\Windows\WinSxS\amd64_microsoft-windows-b..iagnostic.resources_31bf3856ad364e35_10.0.14393.1198_zh-cn_8c34ea33ccbaac69\

          5.7s C:\Windows\WinSxS\amd64_microsoft-windows-b..iagnostic.resources_31bf3856ad364e35_10.0.14393.1198_zh-tw_90312789ca2b88d9\

          5.7s C:\Windows\WinSxS\x86_microsoft-windows-comdlg32.resources_31bf3856ad364e35_10.0.14393.1198_en-gb_fd13ffff16f47fe3\

          5.7s C:\Windows\WinSxS\x86_microsoft-windows-comdlg32.resources_31bf3856ad364e35_10.0.14393.1198_en-us_049cbb1d121d33a8\

          5.7s C:\Windows\WinSxS\x86_microsoft-windows-comdlg32.resources_31bf3856ad364e35_10.0.14393.1198_es-es_046818011244254d\

          5.7s C:\Windows\WinSxS\x86_microsoft-windows-comdlg32.resources_31bf3856ad364e35_10.0.14393.1198_es-mx_069f05a710d808f8\

          5.7s C:\Windows\WinSxS\x86_microsoft-windows-comdlg32.resources_31bf3856ad364e35_10.0.14393.1198_et-ee_fe27e391164a01dc\

          5.7s C:\Windows\WinSxS\amd64_microsoft-windows-b..iagnostic.resources_31bf3856ad364e35_10.0.14393.1198_zh-hk_8adfe2c1cd961ef9\

          5.7s C:\Windows\WinSxS\wow64_microsoft-windows-devices-printers-winrt_31bf3856ad364e35_10.0.14393.1198_none_7bc954e7bfc5485b\

          5.7s C:\Windows\WinSxS\amd64_microsoft-windows-b..vironment-os-loader_31bf3856ad364e35_10.0.14393.1198_none_d0ebe297c7339c4a\

          5.7s C:\Windows\WinSxS\x86_microsoft-windows-comdlg32.resources_31bf3856ad364e35_10.0.14393.1198_fi-fi_a3831cae075e1777\

          5.7s C:\Windows\WinSxS\amd64_microsoft-windows-b..environment-windows_31bf3856ad364e35_10.0.14393.1198_none_defdbf8fe7575a1b\

          5.8s C:\Windows\WinSxS\x86_microsoft-windows-comdlg32.resources_31bf3856ad364e35_10.0.14393.1198_fr-ca_9f95d84a09eea1d5\

          5.8s C:\Windows\WinSxS\amd64_windows-media-speech-winrt_31bf3856ad364e35_10.0.14393.1198_none_894038eba47bd727\

          5.8s C:\Windows\WinSxS\wow64_microsoft-windows-speechcommon-onecore_31bf3856ad364e35_10.0.14393.1198_none_f372e92cacb199ee\

          5.8s C:\Windows\WinSxS\x86_microsoft-windows-comdlg32.resources_31bf3856ad364e35_10.0.14393.1198_fr-fr_a71f8e0005163baf\

          5.8s C:\Windows\WinSxS\x86_microsoft-windows-comdlg32.resources_31bf3856ad364e35_10.0.14393.1198_he-il_eb3f35a1eb853c9d\

          5.8s C:\Windows\WinSxS\x86_microsoft-windows-comdlg32.resources_31bf3856ad364e35_10.0.14393.1198_hr-hr_ed5be881ea38a963\

          5.8s C:\Windows\WinSxS\amd64_microsoft-windows-speechcommon-onecore_31bf3856ad364e35_10.0.14393.1198_none_e91e3eda7850d7f3\

          5.8s C:\Windows\WinSxS\wow64_windows-media-speech-winrt_31bf3856ad364e35_10.0.14393.1198_none_9394e33dd8dc9922\

          5.8s C:\Windows\WinSxS\wow64_microsoft-windows-u..ed-telemetry-client_31bf3856ad364e35_10.0.14393.1198_none_200cc27f95da1beb\

          5.8s C:\Windows\WinSxS\amd64_microsoft-windows-dxp-deviceexperience_31bf3856ad364e35_10.0.14393.1198_none_bcea54295453faa3\

          5.8s C:\Windows\WinSxS\x86_microsoft-windows-comdlg32.resources_31bf3856ad364e35_10.0.14393.1198_hu-hu_ee900e47e9760acb\

          5.8s C:\Windows\WinSxS\x86_microsoft-windows-comdlg32.resources_31bf3856ad364e35_10.0.14393.1198_it-it_91478446dc48212d\

          5.8s C:\Windows\WinSxS\x86_microsoft-windows-comdlg32.resources_31bf3856ad364e35_10.0.14393.1198_ja-jp_336d0353cf633308\

          5.8s C:\Windows\WinSxS\x86_microsoft-windows-comdlg32.resources_31bf3856ad364e35_10.0.14393.1198_ko-kr_d6d6e008c1d3fa1e\

          5.8s C:\Windows\WinSxS\x86_microsoft-windows-comdlg32.resources_31bf3856ad364e35_10.0.14393.1198_lt-lt_7aa20c09b3fbc5bb\

          5.8s C:\Windows\WinSxS\amd64_microsoft-hyper-v-vstack-vsmb_31bf3856ad364e35_10.0.14393.1198_none_a4d737b3be4cbcd1\

          5.8s C:\Windows\WinSxS\amd64_microsoft-xbox-gameoverlay_31bf3856ad364e35_10.0.14393.1198_none_b47af21781dd4d4a\

          5.9s C:\Windows\WinSxS\x86_netfx-peverify_dll_b03f5f7f11d50a3a_10.0.14393.1198_none_17503ad6feee314f\

          5.9s C:\Windows\WinSxS\amd64_netfx-peverify_dll_b03f5f7f11d50a3a_10.0.14393.1198_none_cfa303ffea720849\

          5.9s C:\Windows\WinSxS\x86_microsoft-windows-comdlg32.resources_31bf3856ad364e35_10.0.14393.1198_lv-lv_7b6f7a8db37a06ab\

          5.9s C:\Windows\WinSxS\x86_microsoft-windows-comdlg32.resources_31bf3856ad364e35_10.0.14393.1198_nb-no_bf69613d99f925da\

          5.9s C:\Windows\WinSxS\amd64_microsoft-windows-store-runtime_31bf3856ad364e35_10.0.14393.1198_none_66a9aebc99ea0d08\

          5.9s C:\Windows\WinSxS\amd64_microsoft-windows-networkbridge_31bf3856ad364e35_10.0.14393.1198_none_7daf194060a25529\

          5.9s C:\Windows\WinSxS\x86_netfx-mscordacwks_b03f5f7f11d50a3a_10.0.14393.1198_none_a5db397bbbfb1957\

          5.9s C:\Windows\WinSxS\x86_microsoft-windows-comdlg32.resources_31bf3856ad364e35_10.0.14393.1198_nl-nl_bda8ac7b9b252faf\

          5.9s C:\Windows\WinSxS\amd64_netfx-mscordacwks_b03f5f7f11d50a3a_10.0.14393.1198_none_5e2e02a4a77ef051\

          5.9s C:\Windows\WinSxS\amd64_microsoft-windows-smartscreen_31bf3856ad364e35_10.0.14393.1198_none_3326f4cc7aaf0139\

          5.9s C:\Windows\WinSxS\amd64_mscorlib_b77a5c561934e089_10.0.14393.1198_none_fac310d061f67ff9\

          5.9s C:\Windows\WinSxS\x86_microsoft-windows-comdlg32.resources_31bf3856ad364e35_10.0.14393.1198_pl-pl_03e506fd80479d63\

          5.9s C:\Windows\WinSxS\wow64_microsoft-windows-store-runtime_31bf3856ad364e35_10.0.14393.1198_none_70fe590ece4acf03\

          5.9s C:\Windows\WinSxS\amd64_netfx-mscordbi_dll_b03f5f7f11d50a3a_10.0.14393.1198_none_a332cca7fd08f642\

          5.9s C:\Windows\WinSxS\x86_netfx-mscordbi_dll_b03f5f7f11d50a3a_10.0.14393.1198_none_eae0037f11851f48\

          5.9s C:\Windows\WinSxS\x86_mscorlib_b77a5c561934e089_10.0.14393.1198_none_427047a77672a8ff\

          5.9s C:\Windows\WinSxS\x86_microsoft-windows-naturallanguage6-base_31bf3856ad364e35_10.0.14393.1198_none_6a9577c8f7a36359\

          5.9s C:\Windows\WinSxS\x86_microsoft-windows-comdlg32.resources_31bf3856ad364e35_10.0.14393.1198_pt-br_0638f1a17ed13147\

          5.9s C:\Windows\WinSxS\x86_netfx-sos_dll_b03f5f7f11d50a3a_10.0.14393.1198_none_8ea9813cafeff56c\

          5.9s C:\Windows\WinSxS\amd64_microsoft-windows-w..wsupdateclient-core_31bf3856ad364e35_10.0.14393.1198_none_24a7854e04263533\

          5.9s C:\Windows\WinSxS\amd64_netfx-sos_dll_b03f5f7f11d50a3a_10.0.14393.1198_none_46fc4a659b73cc66\

          5.9s C:\Windows\WinSxS\x86_microsoft-windows-comdlg32.resources_31bf3856ad364e35_10.0.14393.1198_pt-pt_071ac10d7e40a123\

          5.9s C:\Windows\WinSxS\amd64_netfx35linq-system.core_31bf3856ad364e35_10.0.14393.1198_none_d51fbaafe95e0919\

          5.9s C:\Windows\WinSxS\x86_netfx35linq-system.core_31bf3856ad364e35_10.0.14393.1198_none_79011f2c310097e3\

          6.0s C:\Windows\WinSxS\msil_system.core_b77a5c561934e089_10.0.14393.1198_none_b77f1c3ff07e3080\

          6.0s C:\Windows\WinSxS\x86_presentationcore_31bf3856ad364e35_10.0.14393.1198_none_c5d79f2132239448\

          6.0s C:\Windows\WinSxS\amd64_presentationcore_31bf3856ad364e35_10.0.14393.1198_none_21f63aa4ea81057e\

          6.0s C:\Windows\WinSxS\x86_microsoft-windows-comdlg32.resources_31bf3856ad364e35_10.0.14393.1198_ro-ro_4b55874564a76c7f\

          6.0s C:\Windows\WinSxS\x86_microsoft-windows-comdlg32.resources_31bf3856ad364e35_10.0.14393.1198_ru-ru_4dbdd2d163222f4f\

          6.0s C:\Windows\WinSxS\x86_microsoft-windows-comdlg32.resources_31bf3856ad364e35_10.0.14393.1198_sk-sk_ecd8d77e583c2179\

          6.0s C:\Windows\WinSxS\amd64_microsoft-windows-security-vault_31bf3856ad364e35_10.0.14393.1198_none_672e391c9595cb53\

          6.0s C:\Windows\WinSxS\x86_microsoft-windows-comdlg32.resources_31bf3856ad364e35_10.0.14393.1198_sl-si_ebeaf93658d6345c\

          6.0s C:\Windows\WinSxS\x86_microsoft-windows-comdlg32.resources_31bf3856ad364e35_10.0.14393.1198_sr-..-rs_921b617acde7db8d\
 

   C:\Users\User\Desktop\FRST64 (1).exe

      Size . . . . . . . : 2.429.952 bytes

      Age  . . . . . . . : 3.7 days (2017-05-14 16:42:57)

      Entropy  . . . . . : 7.6

      SHA-256  . . . . . : B29D55BCE7D53911FB96A3EA6CF46F656731DC932CBAF3A6E08FA9DDF4F1802C

      Needs elevation  . : Yes

      Fuzzy  . . . . . . : 24.0

         Program has no publisher information but prompts the user for permission elevation.

         Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.

         Authors name is missing in version info. This is not common to most programs.

         Version control is missing. This file is probably created by an individual. This is not typical for most programs.

         Time indicates that the file appeared recently on this computer.

      Forensic Cluster

         -0.3s C:\Users\User\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\6AF4EE75E3A4ABA658C0087EB9A0BB5B_556BB0FF4D382D90E7703209690E089E

         -0.3s C:\Users\User\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\6AF4EE75E3A4ABA658C0087EB9A0BB5B_556BB0FF4D382D90E7703209690E089E

          0.0s C:\Users\User\Desktop\FRST64 (1).exe

          3.3s C:\ProgramData\Microsoft\Windows Defender\Scans\History\Store\080AB8CE61930B4D641ACF185D1AFF4A

          3.6s C:\Users\User\Desktop\FRST-OlderVersion\
 
 

Potential Unwanted Programs _________________________________________________
 

   HKLM\SOFTWARE\Classes\f\ (Funmoods)

   HKLM\SOFTWARE\Classes\Interface\{9BB31AD8-5DB2-459E-A901-DEA536F23BA4}\ (ReimageRepair)

   HKLM\SOFTWARE\Classes\Interface\{BD51A48E-EB5F-4454-8774-EF962DF64546}\ (ReimageRepair)

Code:



ESETSmartInstaller@High as downloader log:

all ok

# product=EOS

# version=8

# OnlineScannerApp.exe=1.0.0.1

# EOSSerial=28e1789b09e1a74bb431802c85ce0896

# end=init

# utc_time=2017-05-18 08:43:25

# local_time=2017-05-18 10:43:25 (+0100, Mitteleuropäische Sommerzeit)

# country="Germany"

# osver=6.2.9200 NT 

Update Init

Update Download

esets_scanner_update returned -1 esets_gle=41221

Update Finalize

Updated modules version: 0

Old modules - leave modules

Update Init

Update Download

Update Finalize

Updated modules version: 33423

ESETSmartInstaller@High as downloader log:

all ok

# product=EOS

# version=8

# OnlineScannerApp.exe=1.0.0.1

# EOSSerial=28e1789b09e1a74bb431802c85ce0896

# end=init

# utc_time=2017-05-18 11:32:40

# local_time=2017-05-18 01:32:40 (+0100, Mitteleuropäische Sommerzeit)

# country="Germany"

# osver=6.2.9200 NT 

Update Init

Update Download

Update Finalize

Updated modules version: 33425

# product=EOS

# version=8

# OnlineScannerApp.exe=1.0.0.1

# EOSSerial=28e1789b09e1a74bb431802c85ce0896

# end=updated

# utc_time=2017-05-18 11:34:47

# local_time=2017-05-18 01:34:47 (+0100, Mitteleuropäische Sommerzeit)

# country="Germany"

# osver=6.2.9200 NT 

# product=EOS

# version=8

# OnlineScannerApp.exe=1.0.0.1

# OnlineScanner.ocx=1.0.0.7777

# api_version=3.1.1

# EOSSerial=28e1789b09e1a74bb431802c85ce0896

# engine=33425

# end=finished

# remove_checked=false

# archives_checked=true

# unwanted_checked=true

# unsafe_checked=false

# antistealth_checked=true

# utc_time=2017-05-18 02:41:27

# local_time=2017-05-18 04:41:27 (+0100, Mitteleuropäische Sommerzeit)

# country="Germany"

# lang=1031

# osver=6.2.9200 NT 

# compatibility_mode_1=''

# compatibility_mode=5893 16776573 100 94 23850 26449101 0 0

# scanned=352867

# found=22

# cleaned=0

# scan_time=11199

sh=B95C809B9E44B0B2EE9793A2E5FE81E13B321CF2 ft=1 fh=6a9e59e76d359503 vn="Variante von Win32/Adware.BrowSecX.AQ Anwendung" ac=I fn="C:\AdwCleaner\quarantine\files\aisefjyesahodlvybobejgwgjtflvdgm\safe_url.dll"

sh=2E896430EB91EAD369FA860B4FD34A0FF4EB0392 ft=1 fh=704cd14ba74eb80b vn="Variante von Win32/Adware.BrowSecX.AR Anwendung" ac=I fn="C:\AdwCleaner\quarantine\files\oeumxsvbtfjjzxvorqxdkeokishrpdjm\uninstall.exe"

sh=49ED51A192AD1A0B8EF02A961171F7B7ABCB1775 ft=1 fh=034065fca24abc19 vn="Variante von Win32/DownloadSponsor.C eventuell unerwÃ¼nschte Anwendung" ac=I fn="C:\Users\User\AppData\Local\Microsoft\Windows\FileHistory\Data\11\D\_User_Data\Downloads\Paragon Backup Recovery 14 Free - CHIP-Installer.exe"

sh=B6C0FB6F241553206288B5774E876BD2A0444D62 ft=1 fh=359711ac0513bbba vn="Variante von Win32/InstallCore.AJY eventuell unerwÃ¼nschte Anwendung" ac=I fn="C:\Users\User\AppData\Local\Microsoft\Windows\FileHistory\Data\11\D\_User_Data\Downloads\photoscape.exe"

sh=F1EFF6451CED129C0E5C0A510955F234A01158A0 ft=1 fh=332b4278a72373e2 vn="Variante von Win32/Toolbar.Babylon.E eventuell unerwÃ¼nschte Anwendung" ac=I fn="C:\Users\User\AppData\Local\Microsoft\Windows\FileHistory\Data\11\D\_User_Data\Downloads\Unlocker1.9.2.exe"

sh=2F6AA1158AF7E7B350656A40C5B029944FF53C35 ft=1 fh=6356157827214de8 vn="Win32/Adware.AdInstaller.F Anwendung" ac=I fn="C:\Users\User\AppData\Local\Microsoft\Windows\FileHistory\Data\11\D\_User_Data\Downloads\Unlocker1.9.2_CB-DL-Manager.exe"

sh=3480ED0F9C875D705FF2223C52E45DDF5A0EAFF0 ft=1 fh=758fff08f3239cd5 vn="Variante von Win32/FusionCore.I eventuell unerwÃ¼nschte Anwendung" ac=I fn="C:\Users\User\AppData\Roaming\DVDVideoSoft\FreeYTVDownloader.exe"

sh=161491A88AB2D1E53F327BE1E7EE5AC554789AAF ft=1 fh=ad197ad7be724e60 vn="Variante von Win32/DownloadSponsor.C eventuell unerwÃ¼nschte Anwendung" ac=I fn="D:\_User_Data\Downloads\3D Fahrschule - CHIP-Installer.exe"

sh=54CDCBFDA341467F5387CA9A7BBB790FC3173A97 ft=1 fh=2d5f3d6517a2798e vn="Variante von Win32/DownloadSponsor.C eventuell unerwÃ¼nschte Anwendung" ac=I fn="D:\_User_Data\Downloads\Hex Editor MX - CHIP-Installer.exe"

sh=28CB8EBA4DE9ADA5B72020E835AA0979BF341357 ft=1 fh=a3e6ccb7d50f45a0 vn="Variante von Win32/InstallCore.ACY.gen eventuell unerwÃ¼nschte Anwendung" ac=I fn="D:\_User_Data\Downloads\JavaSetup.exe"

sh=06D397F0A14647400F49A49FB821BF4945CAF97E ft=1 fh=8cfb4023ed0eb451 vn="Win32/Adware.AdInstaller.F Anwendung" ac=I fn="D:\_User_Data\Downloads\jetzt_installieren.exe"

sh=28237057863C8086250DCA0484C517415F34FE07 ft=0 fh=0000000000000000 vn="Variante von Win32/Adware.YoBrowser.O Anwendung" ac=I fn="D:\_User_Data\Downloads\KMSpico_10.2.0_Activator_Final_2016_Latest_For_Windows.iso"

sh=28237057863C8086250DCA0484C517415F34FE07 ft=0 fh=0000000000000000 vn="Variante von Win32/Adware.YoBrowser.O Anwendung" ac=I fn="D:\_User_Data\Downloads\KMSpico_10.2.0_Activator_Final_2016_Latest_Full_Version.iso"

sh=28237057863C8086250DCA0484C517415F34FE07 ft=0 fh=0000000000000000 vn="Variante von Win32/Adware.YoBrowser.O Anwendung" ac=I fn="D:\_User_Data\Downloads\Microsoft_Office_2016_Product_Key_Free_Download(1).iso"

sh=28237057863C8086250DCA0484C517415F34FE07 ft=0 fh=0000000000000000 vn="Variante von Win32/Adware.YoBrowser.O Anwendung" ac=I fn="D:\_User_Data\Downloads\Microsoft_Office_2016_Product_Key_Free_Download.iso"

sh=40B93689F295BDD88D31CC65E604C8BE82434F9C ft=1 fh=9db307639d7fc441 vn="Win32/Adware.AdInstaller.F Anwendung" ac=I fn="D:\_User_Data\Downloads\mp3DC220_CB-DL-Manager.exe"

sh=3C04CE50E8F90169E8F307750FE4E463B1B2DE15 ft=1 fh=83264b62d812d30c vn="Win32/Adware.AdInstaller.F Anwendung" ac=I fn="D:\_User_Data\Downloads\mp3joiner_setup_CB-DL-Manager.exe"

sh=D28ADA062A5167A4514764A8094CD3435F2228D8 ft=1 fh=271cf39de5c3cbbc vn="Variante von Win32/DownloadSponsor.C eventuell unerwÃ¼nschte Anwendung" ac=I fn="D:\_User_Data\Downloads\OpenOffice - CHIP-Installer.exe"

sh=49ED51A192AD1A0B8EF02A961171F7B7ABCB1775 ft=1 fh=034065fca24abc19 vn="Variante von Win32/DownloadSponsor.C eventuell unerwÃ¼nschte Anwendung" ac=I fn="D:\_User_Data\Downloads\Paragon Backup Recovery 14 Free - CHIP-Installer.exe"

sh=B6C0FB6F241553206288B5774E876BD2A0444D62 ft=1 fh=359711ac0513bbba vn="Variante von Win32/InstallCore.AJY eventuell unerwÃ¼nschte Anwendung" ac=I fn="D:\_User_Data\Downloads\photoscape.exe"

sh=F1EFF6451CED129C0E5C0A510955F234A01158A0 ft=1 fh=332b4278a72373e2 vn="Variante von Win32/Toolbar.Babylon.E eventuell unerwÃ¼nschte Anwendung" ac=I fn="D:\_User_Data\Downloads\Unlocker1.9.2.exe"

sh=2F6AA1158AF7E7B350656A40C5B029944FF53C35 ft=1 fh=6356157827214de8 vn="Win32/Adware.AdInstaller.F Anwendung" ac=I fn="D:\_User_Data\Downloads\Unlocker1.9.2_CB-DL-Manager.exe"

Sabimo

18.05.2017 18:48

FRST Logfile:

Code:

Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 14-05-2017

durchgeführt von User (Administrator) auf ACER (18-05-2017 19:44:34)

Gestartet von C:\Users\User\Desktop

Geladene Profile: User (Verfügbare Profile: User)

Platform: Windows 10 Home Version 1607 (X64) Sprache: Deutsch (Deutschland)

Internet Explorer Version 11 (Standard-Browser: Chrome)

Start-Modus: Normal

Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
 

==================== Prozesse (Nicht auf der Ausnahmeliste) =================
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
 

(Intel Corporation) C:\Windows\System32\igfxCUIService.exe

() C:\ProgramData\DatacardService\DCService.exe

(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe

(Windows (R) Win 7 DDK provider) C:\Windows\System32\AdminService.exe

(Chip Digital GmbH) C:\Program Files (x86)\Chip Digital GmbH\chip1click\chip 1-click installer.exe

(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe

(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe

(Nero AG) C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe

(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe

() C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe

(Electronic Arts) C:\Program Files (x86)\Origin\OriginWebHelperService.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe

(DEVGURU Co., LTD.) C:\Program Files (x86)\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe

(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe

(Sony) C:\Program Files\Sony\Xperia Companion\Service\XperiaCompanionService.exe

(Wondershare) C:\Program Files (x86)\Wondershare\WAF\2.1.7.1\WsAppService.exe

(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe

(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe

(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe

(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe

(Huawei Technologies Co., Ltd.) C:\ProgramData\DatacardService\DCSHelper.exe

(Intel Corporation) C:\Windows\System32\igfxEM.exe

(Intel Corporation) C:\Windows\System32\igfxHK.exe

() C:\Windows\System32\igfxTray.exe

() C:\Program Files (x86)\HTC\HTC Sync Manager\HTC Sync\adb.exe

(Microsoft Corporation) C:\Windows\System32\Speech_OneCore\Common\SpeechRuntime.exe

(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe

(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMEvent.exe

(Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\QASvc.exe

(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMLockHandler.exe

(Acer Incorporate) C:\Program Files\Acer\Acer Launch Manager\LMTray.exe

(Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\QAEvent.exe

(Dolby Laboratories Inc.) C:\Program Files\Dolby Digital Plus\ddp.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe

(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe

() C:\Program Files\Realtek\Audio\HDA\FMAPP.exe

() C:\Program Files\Realtek\Audio\HDA\FMAPP.exe

(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe

(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe

(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersServer.exe

(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\ActionUriServer.exe

(Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\QAMsg.exe

(Acer Incorporate) C:\Program Files\Acer\Acer Quick Access\QuickAccess.exe

(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.17032.10331.0_x64__8wekyb3d8bbwe\Music.UI.exe

() C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.425.10010.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe

(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe

() C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1703.601.0_x64__8wekyb3d8bbwe\Calculator.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Microsoft Corporation) C:\Windows\System32\smartscreen.exe

(Microsoft Corporation) C:\Windows\System32\dllhost.exe

(Microsoft Corporation) C:\Windows\System32\dllhost.exe

(Farbar) C:\Users\User\Desktop\FRST64 (1).exe
 

==================== Registry (Nicht auf der Ausnahmeliste) ====================
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
 

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [16152792 2015-07-17] (Realtek Semiconductor)

HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1394392 2015-07-14] (Realtek Semiconductor)

HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2398776 2016-06-15] (NVIDIA Corporation)

HKLM\...\Run: [Start WingMan Profiler] => C:\Program Files\Logitech\Gaming Software\LWEMon.exe [123400 2009-01-21] (Logitech Inc.)

HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508128 2016-01-07] (Adobe Systems Incorporated)

HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch

HKLM\...\Run: [WindowsDefender] => C:\Program Files\Windows Defender\MSASCuiL.exe [631808 2017-04-28] (Microsoft Corporation)

HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [303928 2017-05-09] (Apple Inc.)

HKLM-x32\...\Run: [ControlCenter4] => C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe [143360 2012-08-28] (Brother Industries, Ltd.)

HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [3076096 2012-06-06] (Brother Industries, Ltd.)

HKLM-x32\...\Run: [DataCardMonitor] => C:\Program Files (x86)\Telekom\InternetManager_H\DataCardMonitor.exe [253952 2015-04-23] (Huawei Technologies Co., Ltd.)

HKLM-x32\...\Run: [Nikon Message Center 2] => C:\Program Files (x86)\Nikon\Nikon Message Center 2\NkMC2.exe [571392 2011-10-30] (Nikon Corporation)

HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2312896 2016-02-12] (Adobe Systems Incorporated)

HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2017-03-15] (Oracle Corporation)

HKU\S-1-5-21-1603712690-2894388539-358268464-1001\...\Run: [Spotify Web Helper] => C:\Users\User\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1446000 2017-03-30] (Spotify Ltd)

HKU\S-1-5-21-1603712690-2894388539-358268464-1001\...\Run: [HW_OPENEYE_OUC_Telekom Internet Manager] => C:\Program Files (x86)\Telekom\InternetManager_H\UpdateDog\ouc.exe [110592 2009-12-31] (Huawei Technologies Co., Ltd.)

HKU\S-1-5-21-1603712690-2894388539-358268464-1001\...\Run: [Spotify] => C:\Users\User\AppData\Roaming\Spotify\Spotify.exe [7089776 2017-03-30] (Spotify Ltd)

HKU\S-1-5-21-1603712690-2894388539-358268464-1001\...\Run: [EPLTarget\P0000000000000001] => C:\Windows\system32\spool\DRIVERS\x64\3\E_YATIPEE.EXE [417776 2014-11-14] (SEIKO EPSON CORPORATION)

HKU\S-1-5-21-1603712690-2894388539-358268464-1001\...\Run: [EPLTarget\P0000000000000000] => C:\Windows\system32\spool\DRIVERS\x64\3\E_YATIPEE.EXE [417776 2014-11-14] (SEIKO EPSON CORPORATION)

HKU\S-1-5-21-1603712690-2894388539-358268464-1001\...\Run: [XperiaCompanionAgent] => C:\Program Files (x86)\Sony\Xperia Companion\XperiaCompanionAgent.exe [2088832 2016-12-22] (Sony)

HKU\S-1-5-21-1603712690-2894388539-358268464-1001\...\Run: [Google Update] => C:\Users\User\AppData\Local\Google\Update\1.3.33.5\GoogleUpdateCore.exe [601168 2017-05-01] (Google Inc.)

HKU\S-1-5-21-1603712690-2894388539-358268464-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [27545048 2017-03-14] (Skype Technologies S.A.)

ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-01-22] ()

ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-01-22] ()

ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-01-22] ()
 

==================== Internet (Nicht auf der Ausnahmeliste) ====================
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
 

Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

Tcpip\..\Interfaces\{c665f695-f486-4cfb-9e85-aacc2db3a7aa}: [DhcpNameServer] 192.168.178.1

Tcpip\..\Interfaces\{df2ccdb1-2b40-4835-8404-d44a77e8c602}: [DhcpNameServer] 192.168.178.1
 

Internet Explorer:

==================

BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office16\OCHelper.dll [2017-04-11] (Microsoft Corporation)

BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office16\GROOVEEX.DLL [2017-02-22] (Microsoft Corporation)

BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office16\OCHelper.dll [2015-07-31] (Microsoft Corporation)

BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_131\bin\ssv.dll [2017-04-22] (Oracle Corporation)

BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office16\GROOVEEX.DLL [2017-02-22] (Microsoft Corporation)

BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_131\bin\jp2ssv.dll [2017-04-22] (Oracle Corporation)

Handler: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2017-04-11] (Microsoft Corporation)

Handler-x32: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2017-04-11] (Microsoft Corporation)

Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2017-04-11] (Microsoft Corporation)

Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2017-04-11] (Microsoft Corporation)
 

FireFox:

========

FF DefaultProfile: iuq23bh7.default-1493412874328

FF ProfilePath: C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\42q34j6d.default [2017-05-16]

FF ProfilePath: C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\fcmo50m1.default-1493406853502 [2017-05-16]

FF ProfilePath: C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\iuq23bh7.default-1493412874328 [2017-05-16]

FF Homepage: Mozilla\Firefox\Profiles\iuq23bh7.default-1493412874328 -> www.google.de

FF Extension: (Adblock Plus) - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\iuq23bh7.default-1493412874328\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2017-04-28]

FF HKLM-x32\...\Firefox\Extensions: [ff-bmboc@bytemobile.com] - C:\Program Files\T-Mobile\InternetManager_H\OCx64\addon => nicht gefunden

FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_25_0_0_127.dll [2017-03-15] ()

FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50906.0\npctrl.dll [2017-03-09] ( Microsoft Corporation)

FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation)

FF Plugin: @videolan.org/vlc,version=2.2.0 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-02-27] (VideoLAN)

FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2016-02-12] (Adobe Systems)

FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWoW64\Macromed\Flash\NPSWF32_25_0_0_127.dll [2017-03-15] ()

FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-04-21] (Intel Corporation)

FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.68 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-04-21] (Intel Corporation)

FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2015-04-21] (Intel Corporation)

FF Plugin-x32: @java.com/DTPlugin,version=11.131.2 -> C:\Program Files (x86)\Java\jre1.8.0_131\bin\dtplugin\npDeployJava1.dll [2017-04-22] (Oracle Corporation)

FF Plugin-x32: @java.com/JavaPlugin,version=11.131.2 -> C:\Program Files (x86)\Java\jre1.8.0_131\bin\plugin2\npjp2.dll [2017-04-22] (Oracle Corporation)

FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2016-11-15] (Microsoft Corporation)

FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50906.0\npctrl.dll [2017-03-09] ( Microsoft Corporation)

FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll [2010-04-26] (Microsoft Corp.)

FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation)

FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)

FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-28] (Google Inc.)

FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-28] (Google Inc.)

FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2016-12-17] (Adobe Systems Inc.)

FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2016-02-12] (Adobe Systems)

FF Plugin HKU\S-1-5-21-1603712690-2894388539-358268464-1001: @talk.google.com/GoogleTalkPlugin -> C:\Users\User\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll [2015-12-08] (Google)

FF Plugin HKU\S-1-5-21-1603712690-2894388539-358268464-1001: @talk.google.com/O1DPlugin -> C:\Users\User\AppData\Roaming\Mozilla\plugins\npo1d.dll [2015-12-08] (Google)

FF Plugin HKU\S-1-5-21-1603712690-2894388539-358268464-1001: @tools.google.com/Google Update;version=3 -> C:\Users\User\AppData\Local\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-05-01] (Google Inc.)

FF Plugin HKU\S-1-5-21-1603712690-2894388539-358268464-1001: @tools.google.com/Google Update;version=9 -> C:\Users\User\AppData\Local\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-05-01] (Google Inc.)

FF Plugin HKU\S-1-5-21-1603712690-2894388539-358268464-1001: sony.com/MediaGoDetector -> C:\Program Files (x86)\Sony\Media Go\npMediaGoDetector.dll [2015-11-20] (Sony Network Entertainment International LLC)

FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2016-11-15] (Microsoft Corporation)

FF Plugin ProgramFiles/Appdata: C:\Users\User\AppData\Roaming\mozilla\plugins\npgoogletalk.dll [2015-12-08] (Google)

FF Plugin ProgramFiles/Appdata: C:\Users\User\AppData\Roaming\mozilla\plugins\npo1d.dll [2015-12-08] (Google)
 

Chrome: 

=======

CHR DefaultProfile: Default

CHR HomePage: Default -> hxxps://www.google.de/

CHR StartupUrls: Default -> "hxxps://www.google.de/"

CHR Profile: C:\Users\User\AppData\Local\Google\Chrome\User Data\Default [2017-05-18]

CHR Extension: (Google Docs) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-01-15]

CHR Extension: (Google Drive) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-01-15]

CHR Extension: (YouTube) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-01-15]

CHR Extension: (Google-Suche) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2017-01-15]

CHR Extension: (Google Docs Offline) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-01-15]

CHR Extension: (AdBlock) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2017-05-02]

CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-05-02]

CHR Extension: (Google Mail) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-01-15]

CHR Extension: (Chrome Media Router) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-05-14]

CHR HKLM-x32\...\Chrome\Extension: [ihenkjeihefokohmemphikjnjbmegdik] - "C:\Program Files (x86)\Sony\Media Go\MediaGoDetector.crx" <nicht gefunden>
 

==================== Dienste (Nicht auf der Ausnahmeliste) ====================
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
 

R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [693440 2016-01-28] (Adobe Systems Incorporated)

R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2227312 2017-02-27] (Adobe Systems, Incorporated)

R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2017-04-03] (Apple Inc.)

R2 AtherosSvc; C:\WINDOWS\system32\AdminService.exe [355760 2016-06-26] (Windows (R) Win 7 DDK provider)

S3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [266240 2012-06-05] (Brother Industries, Ltd.) [Datei ist nicht signiert]

R2 chip1click; C:\Program Files (x86)\Chip Digital GmbH\chip1click\chip 1-click installer.exe [91136 2016-10-27] (Chip Digital GmbH) [Datei ist nicht signiert]

R2 DCService.exe; C:\ProgramData\DatacardService\DCService.exe [229376 2010-08-19] () [Datei ist nicht signiert]

R2 HTCMonitorService; C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe [87368 2014-06-27] (Nero AG)

S2 ibtsiva; C:\Program Files (x86)\Intel\Bluetooth\utilities\ibtsiva.exe [165104 2015-06-30] (Intel Corporation)

R2 igfxCUIService2.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [373720 2016-12-19] (Intel Corporation)

S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [881152 2015-05-22] (Intel(R) Corporation)

R3 Intel(R) Security Assist; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe [335872 2015-05-19] (Intel Corporation) [Datei ist nicht signiert]

S2 isaHelperSvc; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe [7680 2015-05-19] () [Datei ist nicht signiert]

R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [223008 2015-07-06] (Intel Corporation)

R2 LMSvc; C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe [455912 2014-12-30] (Acer Incorporate)

R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [458176 2016-12-29] (NVIDIA Corporation)

R3 NvStreamNetworkSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [3634232 2016-06-15] (NVIDIA Corporation)

R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [2522680 2016-06-15] (NVIDIA Corporation)

S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2121736 2017-01-31] (Electronic Arts)

R2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [2183696 2017-01-31] (Electronic Arts)

R2 PassThru Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [166912 2013-10-17] () [Datei ist nicht signiert]

R3 QASvc; C:\Program Files\Acer\Acer Quick Access\QASvc.exe [457960 2014-03-21] (Acer Incorporate)

R2 ss_conn_service; C:\Program Files (x86)\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe [743688 2015-05-21] (DEVGURU Co., LTD.)

R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [6889232 2015-12-14] (TeamViewer GmbH)

R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347320 2017-04-28] (Microsoft Corporation)

R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103712 2017-04-28] (Microsoft Corporation)

R2 WsAppService; C:\Program Files (x86)\Wondershare\WAF\2.1.7.1\WsAppService.exe [404480 2016-02-17] (Wondershare) [Datei ist nicht signiert]

S3 WsDrvInst; C:\Program Files (x86)\Wondershare\Dr.Fone for Android\DriverInstall.exe [115856 2016-04-14] (Wondershare)

R2 XperiaCompanionService; C:\Program Files\Sony\Xperia Companion\Service\XperiaCompanionService.exe [2205568 2016-12-22] (Sony)
 

===================== Treiber (Nicht auf der Ausnahmeliste) ======================
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
 

S0 BMLoad; C:\WINDOWS\System32\drivers\BMLoad.sys [16512 2009-12-15] (Bytemobile, Inc.) [Datei ist nicht signiert]

S3 ggsomc; C:\WINDOWS\System32\drivers\ggsomc.sys [30424 2016-05-29] (Sony Mobile Communications)

S3 HtcVCom32; C:\WINDOWS\system32\DRIVERS\HtcVComV64.sys [121800 2010-03-08] (QUALCOMM Incorporated)

S3 hwusbdev; C:\WINDOWS\system32\DRIVERS\ewusbdev.sys [114304 2009-10-12] (Huawei Technologies Co., Ltd.)

R3 LMDriver; C:\WINDOWS\System32\drivers\LMDriver.sys [21360 2013-07-17] (Acer Incorporated)

S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()

R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nvacwu.inf_amd64_31f4ef4821269ebb\nvlddmkm.sys [14190520 2017-01-17] (NVIDIA Corporation)

R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [28216 2016-06-15] (NVIDIA Corporation)

R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [56384 2016-04-14] (NVIDIA Corporation)

R3 Qcamain10x64; C:\WINDOWS\System32\drivers\Qcamain10x64.sys [2336768 2016-07-16] (Qualcomm Atheros, Inc.)

R3 RadioShim; C:\WINDOWS\System32\drivers\RadioShim.sys [14680 2013-07-17] (Acer Incorporated)

R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [589824 2016-07-16] (Realtek                                            )

R3 RTSUER; C:\WINDOWS\system32\Drivers\RtsUer.sys [416472 2016-05-17] (Realsil Semiconductor Corporation)

R3 SynRMIHID; C:\WINDOWS\system32\DRIVERS\SynRMIHID.sys [56520 2015-06-08] (Synaptics Incorporated)

R1 tcpipBM; C:\Windows\system32\drivers\tcpipBM.sys [39552 2009-12-15] (Bytemobile, Inc.) [Datei ist nicht signiert]

S0 WdBoot; C:\WINDOWS\System32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)

R0 WdFilter; C:\WINDOWS\System32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)

R3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)
 

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
 
 

==================== Ein Monat: Erstellte Dateien und Ordner ========
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
 

2017-05-18 10:43 - 2017-05-18 10:43 - 00000000 ____D C:\Program Files (x86)\ESET

2017-05-18 10:38 - 2017-05-18 10:38 - 02870984 _____ (ESET) C:\Users\User\Desktop\esetsmartinstaller_deu.exe

2017-05-18 10:03 - 2017-05-18 10:37 - 00000000 ____D C:\ProgramData\HitmanPro

2017-05-16 22:22 - 2017-05-16 22:22 - 00001822 _____ C:\Users\Public\Desktop\iTunes.lnk

2017-05-16 22:22 - 2017-05-16 22:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes

2017-05-16 21:58 - 2017-05-16 21:59 - 00026690 _____ C:\Users\User\Desktop\Fixlog.txt

2017-05-14 16:43 - 2017-05-14 16:43 - 00000000 ____D C:\Users\User\Desktop\FRST-OlderVersion

2017-05-11 18:29 - 2017-05-16 22:20 - 00045293 _____ C:\Users\User\Desktop\Addition.txt

2017-05-11 18:27 - 2017-05-18 19:44 - 00025946 _____ C:\Users\User\Desktop\FRST.txt

2017-05-11 18:25 - 2017-05-11 18:25 - 00004089 _____ C:\Users\User\Desktop\mbam.txt

2017-05-11 18:05 - 2017-05-11 18:05 - 63035592 _____ (Malwarebytes ) C:\Users\User\Desktop\mb3-setup-consumer-3.1.2.1733.exe

2017-05-10 19:50 - 2017-04-28 03:28 - 00965472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReAgent.dll

2017-05-10 19:50 - 2017-04-28 02:59 - 00601712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll

2017-05-10 19:50 - 2017-04-28 02:56 - 02048488 _____ C:\WINDOWS\SysWOW64\CoreUIComponents.dll

2017-05-10 19:50 - 2017-04-28 02:55 - 00088416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\scmbus.sys

2017-05-10 19:50 - 2017-04-28 02:53 - 00616048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kernel32.dll

2017-05-10 19:50 - 2017-04-28 02:48 - 00263472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Storage.ApplicationData.dll

2017-05-10 19:50 - 2017-04-28 02:46 - 05722320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll

2017-05-10 19:50 - 2017-04-28 02:46 - 01504056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll

2017-05-10 19:50 - 2017-04-28 02:46 - 01431232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll

2017-05-10 19:50 - 2017-04-28 02:45 - 02263832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll

2017-05-10 19:50 - 2017-04-28 02:45 - 00975744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll

2017-05-10 19:50 - 2017-04-28 02:45 - 00861024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll

2017-05-10 19:50 - 2017-04-28 02:45 - 00781144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe

2017-05-10 19:50 - 2017-04-28 02:45 - 00493920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe

2017-05-10 19:50 - 2017-04-28 02:45 - 00116576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudExperienceHostCommon.dll

2017-05-10 19:50 - 2017-04-28 02:43 - 02168288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll

2017-05-10 19:50 - 2017-04-28 02:43 - 01980768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll

2017-05-10 19:50 - 2017-04-28 02:43 - 01557224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\crypt32.dll

2017-05-10 19:50 - 2017-04-28 02:43 - 00846560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll

2017-05-10 19:50 - 2017-04-28 02:42 - 00601952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupEngine.dll

2017-05-10 19:50 - 2017-04-28 02:41 - 00361104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsmf.dll

2017-05-10 19:50 - 2017-04-28 02:40 - 06665952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll

2017-05-10 19:50 - 2017-04-28 02:40 - 04023008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll

2017-05-10 19:50 - 2017-04-28 02:40 - 01851696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll

2017-05-10 19:50 - 2017-04-28 02:40 - 01360456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetsrc.dll

2017-05-10 19:50 - 2017-04-28 02:40 - 01277856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll

2017-05-10 19:50 - 2017-04-28 02:40 - 01202936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll

2017-05-10 19:50 - 2017-04-28 02:40 - 00981888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetcore.dll

2017-05-10 19:50 - 2017-04-28 02:40 - 00352760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MMDevAPI.dll

2017-05-10 19:50 - 2017-04-28 02:39 - 20967840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll

2017-05-10 19:50 - 2017-04-28 02:39 - 04312248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe

2017-05-10 19:50 - 2017-04-28 02:39 - 00962760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll

2017-05-10 19:50 - 2017-04-28 02:39 - 00715104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys

2017-05-10 19:50 - 2017-04-28 02:38 - 00557408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys

2017-05-10 19:50 - 2017-04-28 02:35 - 01414208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll

2017-05-10 19:50 - 2017-04-28 02:35 - 00276832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\input.dll

2017-05-10 19:50 - 2017-04-28 02:29 - 05685760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll

2017-05-10 19:50 - 2017-04-28 02:23 - 01631232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Resources.dll

2017-05-10 19:50 - 2017-04-28 02:23 - 00095232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTimeUtil.dll

2017-05-10 19:50 - 2017-04-28 02:22 - 00165376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReInfo.dll

2017-05-10 19:50 - 2017-04-28 02:22 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\odbcconf.dll

2017-05-10 19:50 - 2017-04-28 02:21 - 00224256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExSMime.dll

2017-05-10 19:50 - 2017-04-28 02:21 - 00027648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BthTelemetry.dll

2017-05-10 19:50 - 2017-04-28 02:20 - 00141824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Radios.dll

2017-05-10 19:50 - 2017-04-28 02:20 - 00044032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\virtdisk.dll

2017-05-10 19:50 - 2017-04-28 02:19 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDeviceRegistration.dll

2017-05-10 19:50 - 2017-04-28 02:19 - 00138240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DisplayManager.dll

2017-05-10 19:50 - 2017-04-28 02:18 - 00450560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastls.dll

2017-05-10 19:50 - 2017-04-28 02:18 - 00285184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.BlockedShutdown.dll

2017-05-10 19:50 - 2017-04-28 02:18 - 00255488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\unimdm.tsp

2017-05-10 19:50 - 2017-04-28 02:17 - 00328192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll

2017-05-10 19:50 - 2017-04-28 02:17 - 00142336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.WiFi.dll

2017-05-10 19:50 - 2017-04-28 02:17 - 00136192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinRtTracing.dll

2017-05-10 19:50 - 2017-04-28 02:17 - 00095232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BluetoothApis.dll

2017-05-10 19:50 - 2017-04-28 02:17 - 00094208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryClient.dll

2017-05-10 19:50 - 2017-04-28 02:16 - 00392192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Gaming.Input.dll

2017-05-10 19:50 - 2017-04-28 02:16 - 00374784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.LowLevel.dll

2017-05-10 19:50 - 2017-04-28 02:16 - 00315904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Gaming.XboxLive.Storage.dll

2017-05-10 19:50 - 2017-04-28 02:16 - 00231936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.LockScreen.dll

2017-05-10 19:50 - 2017-04-28 02:16 - 00203776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\credprovhost.dll

2017-05-10 19:50 - 2017-04-28 02:16 - 00184320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserMgrProxy.dll

2017-05-10 19:50 - 2017-04-28 02:16 - 00180224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe

2017-05-10 19:50 - 2017-04-28 02:16 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppointmentActivation.dll

2017-05-10 19:50 - 2017-04-28 02:16 - 00113152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Lights.dll

2017-05-10 19:50 - 2017-04-28 02:15 - 00557568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll

2017-05-10 19:50 - 2017-04-28 02:15 - 00404992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dsreg.dll

2017-05-10 19:50 - 2017-04-28 02:15 - 00334848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastlsext.dll

2017-05-10 19:50 - 2017-04-28 02:15 - 00237568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SyncSettings.dll

2017-05-10 19:50 - 2017-04-28 02:15 - 00206336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bthprops.cpl

2017-05-10 19:50 - 2017-04-28 02:15 - 00117760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AuthBroker.dll

2017-05-10 19:50 - 2017-04-28 02:15 - 00115712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Core.dll

2017-05-10 19:50 - 2017-04-28 02:14 - 00670208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.PointOfService.dll

2017-05-10 19:50 - 2017-04-28 02:14 - 00483840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.AllJoyn.dll

2017-05-10 19:50 - 2017-04-28 02:14 - 00223232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgentUserBroker.exe

2017-05-10 19:50 - 2017-04-28 02:13 - 13873664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll

2017-05-10 19:50 - 2017-04-28 02:13 - 01755136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DeviceFlows.DataModel.dll

2017-05-10 19:50 - 2017-04-28 02:13 - 01243136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.FaceAnalysis.dll

2017-05-10 19:50 - 2017-04-28 02:13 - 00562176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.SmartCards.dll

2017-05-10 19:50 - 2017-04-28 02:13 - 00506880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DevicePairing.dll

2017-05-10 19:50 - 2017-04-28 02:13 - 00426496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Wallet.dll

2017-05-10 19:50 - 2017-04-28 02:13 - 00386048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.WiFiDirect.dll

2017-05-10 19:50 - 2017-04-28 02:13 - 00332288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Bluetooth.dll

2017-05-10 19:50 - 2017-04-28 02:13 - 00325120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleacc.dll

2017-05-10 19:50 - 2017-04-28 02:13 - 00298496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll

2017-05-10 19:50 - 2017-04-28 02:13 - 00271360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\deviceaccess.dll

2017-05-10 19:50 - 2017-04-28 02:13 - 00218624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WwaApi.dll

2017-05-10 19:50 - 2017-04-28 02:13 - 00206336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vaultcli.dll

2017-05-10 19:50 - 2017-04-28 02:13 - 00202752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.HumanInterfaceDevice.dll

2017-05-10 19:50 - 2017-04-28 02:13 - 00185856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Identity.Provider.dll

2017-05-10 19:50 - 2017-04-28 02:13 - 00175616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Scanners.dll

2017-05-10 19:50 - 2017-04-28 02:13 - 00125952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apprepapi.dll

2017-05-10 19:50 - 2017-04-28 02:13 - 00114176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\setupugc.exe

2017-05-10 19:50 - 2017-04-28 02:12 - 00498688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mbsmsapi.dll

2017-05-10 19:50 - 2017-04-28 02:12 - 00431616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\efswrt.dll

2017-05-10 19:50 - 2017-04-28 02:12 - 00284672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apprepsync.dll

2017-05-10 19:50 - 2017-04-28 02:12 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Picker.dll

2017-05-10 19:50 - 2017-04-28 02:11 - 00747520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Ocr.dll

2017-05-10 19:50 - 2017-04-28 02:11 - 00075776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\updatepolicy.dll

2017-05-10 19:50 - 2017-04-28 02:10 - 00857600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EmailApis.dll

2017-05-10 19:50 - 2017-04-28 02:10 - 00819200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppContracts.dll

2017-05-10 19:50 - 2017-04-28 02:10 - 00816640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NaturalLanguage6.dll

2017-05-10 19:50 - 2017-04-28 02:10 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mprddm.dll

2017-05-10 19:50 - 2017-04-28 02:10 - 00314368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Usb.dll

2017-05-10 19:50 - 2017-04-28 02:10 - 00284672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.dll

2017-05-10 19:50 - 2017-04-28 02:10 - 00238080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AboveLockAppHost.dll

2017-05-10 19:50 - 2017-04-28 02:09 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll

2017-05-10 19:50 - 2017-04-28 02:09 - 00525824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintDialogs.dll

2017-05-10 19:50 - 2017-04-28 02:09 - 00509440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll

2017-05-10 19:50 - 2017-04-28 02:09 - 00368128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\puiobj.dll

2017-05-10 19:50 - 2017-04-28 02:09 - 00352256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Enumeration.dll

2017-05-10 19:50 - 2017-04-28 02:08 - 07626752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll

2017-05-10 19:50 - 2017-04-28 02:08 - 01534464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.Printing.3D.dll

2017-05-10 19:50 - 2017-04-28 02:08 - 01228288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usercpl.dll

2017-05-10 19:50 - 2017-04-28 02:08 - 00653312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.AccountsControl.dll

2017-05-10 19:50 - 2017-04-28 02:08 - 00288256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CryptoWinRT.dll

2017-05-10 19:50 - 2017-04-28 02:07 - 03689984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll

2017-05-10 19:50 - 2017-04-28 02:07 - 00525312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LogonController.dll

2017-05-10 19:50 - 2017-04-28 02:07 - 00256512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\thumbcache.dll

2017-05-10 19:50 - 2017-04-28 02:06 - 04614656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll

2017-05-10 19:50 - 2017-04-28 02:06 - 02333184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmSvc.dll

2017-05-10 19:50 - 2017-04-28 02:06 - 00901120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Bluetooth.dll

2017-05-10 19:50 - 2017-04-28 02:06 - 00675840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.dll

2017-05-10 19:50 - 2017-04-28 02:05 - 03733504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_47.dll

2017-05-10 19:50 - 2017-04-28 02:05 - 00886272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll

2017-05-10 19:50 - 2017-04-28 02:05 - 00709120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CPFilters.dll

2017-05-10 19:50 - 2017-04-28 02:05 - 00589312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Sensors.dll

2017-05-10 19:50 - 2017-04-28 02:04 - 01323008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_fs.dll

2017-05-10 19:50 - 2017-04-28 02:03 - 01137152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_health.dll

2017-05-10 19:50 - 2017-04-28 02:03 - 01077760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Editing.dll

2017-05-10 19:50 - 2017-04-28 02:03 - 00355328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RTMediaFrame.dll

2017-05-10 19:50 - 2017-04-28 02:03 - 00318464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LocationApi.dll

2017-05-10 19:50 - 2017-04-28 02:03 - 00291328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\adsnt.dll

2017-05-10 19:50 - 2017-04-28 02:03 - 00134656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Energy.dll

2017-05-10 19:50 - 2017-04-28 02:02 - 03307008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll

2017-05-10 19:50 - 2017-04-28 02:01 - 00795648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MiracastReceiver.dll

2017-05-10 19:50 - 2017-04-28 02:01 - 00713216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpnapps.dll

2017-05-10 19:50 - 2017-04-28 02:01 - 00343040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToDevice.dll

2017-05-10 19:50 - 2017-04-28 02:01 - 00295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\unimdm.tsp

2017-05-10 19:50 - 2017-04-28 02:01 - 00248832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dlnashext.dll

2017-05-10 19:50 - 2017-04-28 02:01 - 00141312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dialclient.dll

2017-05-10 19:50 - 2017-04-28 02:00 - 02749440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mispace.dll

2017-05-10 19:50 - 2017-04-28 02:00 - 01255936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll

2017-05-10 19:50 - 2017-04-28 02:00 - 00249856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BthLEEnum.sys

2017-05-10 19:50 - 2017-04-28 01:59 - 02154496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\storagewmi.dll

2017-05-10 19:50 - 2017-04-28 01:59 - 00895488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Streaming.dll

2017-05-10 19:50 - 2017-04-28 01:59 - 00220672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToReceiver.dll

2017-05-10 19:50 - 2017-04-28 01:58 - 07468544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll

2017-05-10 19:50 - 2017-04-28 01:58 - 00546304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\uReFS.dll

2017-05-10 19:50 - 2017-04-28 01:58 - 00433664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\imapi2.dll

2017-05-10 19:50 - 2017-04-28 01:58 - 00134144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ErrorDetails.dll

2017-05-10 19:50 - 2017-04-28 01:58 - 00090624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll

2017-05-10 19:50 - 2017-04-28 01:57 - 01247232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Globalization.dll

2017-05-10 19:50 - 2017-04-28 01:57 - 01221120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Audio.dll

2017-05-10 19:50 - 2017-04-28 01:57 - 00719872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_sr.dll

2017-05-10 19:50 - 2017-04-28 01:57 - 00641024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MCRecvSrc.dll

2017-05-10 19:50 - 2017-04-28 01:57 - 00089600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CameraCaptureUI.dll

2017-05-10 19:50 - 2017-04-28 01:56 - 00400384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToManager.dll

2017-05-10 19:50 - 2017-04-28 01:56 - 00357376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Geolocation.dll

2017-05-10 19:50 - 2017-04-28 01:56 - 00333312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsApi.dll

2017-05-10 19:50 - 2017-04-28 01:56 - 00103936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Devices.dll

2017-05-10 19:50 - 2017-04-28 01:55 - 01993216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll

2017-05-10 19:50 - 2017-04-28 01:55 - 01987584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll

2017-05-10 19:50 - 2017-04-28 01:55 - 01656320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Perception.dll

2017-05-10 19:50 - 2017-04-28 01:55 - 01413632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OpcServices.dll

2017-05-10 19:50 - 2017-04-28 01:55 - 01232384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Maps.dll

2017-05-10 19:50 - 2017-04-28 01:55 - 01170944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Speech.dll

2017-05-10 19:50 - 2017-04-28 01:55 - 01004544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Input.Inking.dll

2017-05-10 19:50 - 2017-04-28 01:54 - 02747904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpcore.dll

2017-05-10 19:50 - 2017-04-28 01:54 - 02646528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CertEnroll.dll

2017-05-10 19:50 - 2017-04-28 01:54 - 02483200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll

2017-05-10 19:50 - 2017-04-28 01:54 - 01883648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll

2017-05-10 19:50 - 2017-04-28 01:54 - 01013248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.Http.dll

2017-05-10 19:50 - 2017-04-28 01:54 - 00967680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys

2017-05-10 19:50 - 2017-04-28 01:54 - 00654336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MbaeApiPublic.dll

2017-05-10 19:50 - 2017-04-28 01:54 - 00598528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.dll

2017-05-10 19:50 - 2017-04-28 01:54 - 00566784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ShareHost.dll

2017-05-10 19:50 - 2017-04-28 01:54 - 00348160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Midi.dll

2017-05-10 19:50 - 2017-04-28 01:53 - 01170944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Phone.dll

2017-05-10 19:50 - 2017-04-28 01:53 - 00798208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll

2017-05-10 19:50 - 2017-04-28 01:53 - 00751104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.BackgroundTransfer.dll

2017-05-10 19:50 - 2017-04-28 01:53 - 00621056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll

2017-05-10 19:50 - 2017-04-28 01:52 - 03106304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstsc.exe

2017-05-10 19:50 - 2017-04-28 01:52 - 02994176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys

2017-05-10 19:50 - 2017-04-28 01:52 - 02008576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll

2017-05-10 19:50 - 2017-04-28 01:52 - 01600000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll

2017-05-10 19:50 - 2017-04-28 01:50 - 00783360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TSWorkspace.dll

2017-05-10 19:50 - 2017-04-28 01:39 - 04596224 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsrchvw.exe

2017-05-10 19:50 - 2017-04-28 01:30 - 00483840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll

2017-05-10 19:50 - 2017-03-04 09:57 - 00484584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll

2017-05-10 19:50 - 2017-03-04 08:23 - 00299520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataAccountApis.dll

2017-05-10 19:50 - 2017-03-04 08:22 - 00265728 _____ C:\WINDOWS\SysWOW64\Windows.Perception.Stub.dll

2017-05-10 19:50 - 2017-03-04 08:17 - 00529920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StructuredQuery.dll

2017-05-10 19:50 - 2017-03-04 08:16 - 00500224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.Printing.dll

2017-05-10 19:50 - 2017-03-04 08:05 - 03520512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xpsrchvw.exe

2017-05-10 19:50 - 2017-03-04 08:01 - 00827904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll

2017-05-10 19:50 - 2017-03-04 08:00 - 00691200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll

2017-05-10 19:49 - 2017-04-28 02:58 - 01706488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll

2017-05-10 19:49 - 2017-04-28 02:57 - 00794928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Shell.Broker.dll

2017-05-10 19:49 - 2017-04-28 02:53 - 07784288 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe

2017-05-10 19:49 - 2017-04-28 02:53 - 02213760 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll

2017-05-10 19:49 - 2017-04-28 02:53 - 00774224 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll

2017-05-10 19:49 - 2017-04-28 02:49 - 02681200 _____ C:\WINDOWS\system32\CoreUIComponents.dll

2017-05-10 19:49 - 2017-04-28 02:42 - 00328008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Storage.ApplicationData.dll

2017-05-10 19:49 - 2017-04-28 02:40 - 07220184 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll

2017-05-10 19:49 - 2017-04-28 02:40 - 02759704 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll

2017-05-10 19:49 - 2017-04-28 02:40 - 02187104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys

2017-05-10 19:49 - 2017-04-28 02:40 - 01860288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll

2017-05-10 19:49 - 2017-04-28 02:40 - 01738560 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll

2017-05-10 19:49 - 2017-04-28 02:40 - 01157000 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll

2017-05-10 19:49 - 2017-04-28 02:40 - 00857440 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe

2017-05-10 19:49 - 2017-04-28 02:40 - 00402784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys

2017-05-10 19:49 - 2017-04-28 02:38 - 00847200 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupEngine.dll

2017-05-10 19:49 - 2017-04-28 02:36 - 00408600 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsmf.dll

2017-05-10 19:49 - 2017-04-28 02:36 - 00092512 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll

2017-05-10 19:49 - 2017-04-28 02:35 - 08170600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll

2017-05-10 19:49 - 2017-04-28 02:35 - 04260576 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll

2017-05-10 19:49 - 2017-04-28 02:35 - 01988048 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll

2017-05-10 19:49 - 2017-04-28 02:35 - 01702392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll

2017-05-10 19:49 - 2017-04-28 02:35 - 01302136 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll

2017-05-10 19:49 - 2017-04-28 02:35 - 00596040 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll

2017-05-10 19:49 - 2017-04-28 02:34 - 22220856 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll

2017-05-10 19:49 - 2017-04-28 02:34 - 01277824 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll

2017-05-10 19:49 - 2017-04-28 02:34 - 01072248 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetcore.dll

2017-05-10 19:49 - 2017-04-28 02:34 - 00443232 _____ (Microsoft Corporation) C:\WINDOWS\system32\MMDevAPI.dll

2017-05-10 19:49 - 2017-04-28 02:34 - 00244824 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll

2017-05-10 19:49 - 2017-04-28 02:28 - 00453536 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe

2017-05-10 19:49 - 2017-04-28 02:28 - 00387864 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpps.dll

2017-05-10 19:49 - 2017-04-28 02:19 - 00081408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll

2017-05-10 19:49 - 2017-04-28 02:14 - 00270336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll

2017-05-10 19:49 - 2017-04-28 02:11 - 00846336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WebcamUi.dll

2017-05-10 19:49 - 2017-04-28 02:11 - 00340480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll

2017-05-10 19:49 - 2017-04-28 02:08 - 18365440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll

2017-05-10 19:49 - 2017-04-28 02:07 - 00372736 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXTaskFactory.dll

2017-05-10 19:49 - 2017-04-28 02:06 - 22569472 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll

2017-05-10 19:49 - 2017-04-28 02:06 - 00691712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll

2017-05-10 19:49 - 2017-04-28 02:05 - 19414016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll

2017-05-10 19:49 - 2017-04-28 02:04 - 00119808 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTimeUtil.dll

2017-05-10 19:49 - 2017-04-28 02:03 - 00081408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\raspppoe.sys

2017-05-10 19:49 - 2017-04-28 02:03 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\odbcconf.dll

2017-05-10 19:49 - 2017-04-28 02:02 - 00123904 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll

2017-05-10 19:49 - 2017-04-28 02:02 - 00115200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bridge.sys

2017-05-10 19:49 - 2017-04-28 02:02 - 00040448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vwifimp.sys

2017-05-10 19:49 - 2017-04-28 02:01 - 00233472 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe

2017-05-10 19:49 - 2017-04-28 02:00 - 12349440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll

2017-05-10 19:49 - 2017-04-28 02:00 - 00193536 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinRtTracing.dll

2017-05-10 19:49 - 2017-04-28 02:00 - 00165376 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll

2017-05-10 19:49 - 2017-04-28 02:00 - 00149504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Core.dll

2017-05-10 19:49 - 2017-04-28 01:59 - 12187136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll

2017-05-10 19:49 - 2017-04-28 01:59 - 00635904 _____ (Microsoft Corporation) C:\WINDOWS\system32\FlightSettings.dll

2017-05-10 19:49 - 2017-04-28 01:59 - 00467968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Gaming.XboxLive.Storage.dll

2017-05-10 19:49 - 2017-04-28 01:59 - 00375296 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastlsext.dll

2017-05-10 19:49 - 2017-04-28 01:58 - 00418304 _____ C:\WINDOWS\system32\Windows.Perception.Stub.dll

2017-05-10 19:49 - 2017-04-28 01:58 - 00360448 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpencom.dll

2017-05-10 19:49 - 2017-04-28 01:58 - 00276992 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll

2017-05-10 19:49 - 2017-04-28 01:58 - 00211968 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe

2017-05-10 19:49 - 2017-04-28 01:57 - 01507840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.FaceAnalysis.dll

2017-05-10 19:49 - 2017-04-28 01:57 - 00502784 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastls.dll

2017-05-10 19:49 - 2017-04-28 01:57 - 00223744 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe

2017-05-10 19:49 - 2017-04-28 01:57 - 00216576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Scanners.dll

2017-05-10 19:49 - 2017-04-28 01:57 - 00132096 _____ (Microsoft Corporation) C:\WINDOWS\system32\PrintWSDAHost.dll

2017-05-10 19:49 - 2017-04-28 01:56 - 00748544 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll

2017-05-10 19:49 - 2017-04-28 01:56 - 00590336 _____ (Microsoft Corporation) C:\WINDOWS\system32\efswrt.dll

2017-05-10 19:49 - 2017-04-28 01:56 - 00387584 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll

2017-05-10 19:49 - 2017-04-28 01:56 - 00358912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.dll

2017-05-10 19:49 - 2017-04-28 01:56 - 00293888 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll

2017-05-10 19:49 - 2017-04-28 01:56 - 00260608 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgentUserBroker.exe

2017-05-10 19:49 - 2017-04-28 01:56 - 00088576 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll

2017-05-10 19:49 - 2017-04-28 01:55 - 00561664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Wallet.dll

2017-05-10 19:49 - 2017-04-28 01:55 - 00431616 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpAXHolder.dll

2017-05-10 19:49 - 2017-04-28 01:55 - 00307200 _____ (Microsoft Corporation) C:\WINDOWS\system32\PrintDialogs3D.dll

2017-05-10 19:49 - 2017-04-28 01:55 - 00252416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Identity.Provider.dll

2017-05-10 19:49 - 2017-04-28 01:54 - 02027008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl

2017-05-10 19:49 - 2017-04-28 01:54 - 01509376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll

2017-05-10 19:49 - 2017-04-28 01:54 - 00425984 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll

2017-05-10 19:49 - 2017-04-28 01:54 - 00284160 _____ (Microsoft Corporation) C:\WINDOWS\system32\AboveLockAppHost.dll

2017-05-10 19:49 - 2017-04-28 01:53 - 06288384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll

2017-05-10 19:49 - 2017-04-28 01:53 - 03059200 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll

2017-05-10 19:49 - 2017-04-28 01:53 - 00671744 _____ (Microsoft Corporation) C:\WINDOWS\system32\mbsmsapi.dll

2017-05-10 19:49 - 2017-04-28 01:53 - 00579584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.UX.EapRequestHandler.dll

2017-05-10 19:49 - 2017-04-28 01:53 - 00245760 _____ (Microsoft Corporation) C:\WINDOWS\system32\WwaApi.dll

2017-05-10 19:49 - 2017-04-28 01:51 - 01589760 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdtctm.dll

2017-05-10 19:49 - 2017-04-28 01:51 - 00713216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys

2017-05-10 19:49 - 2017-04-28 01:51 - 00458752 _____ (Microsoft Corporation) C:\WINDOWS\system32\RTMediaFrame.dll

2017-05-10 19:49 - 2017-04-28 01:51 - 00409600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys

2017-05-10 19:49 - 2017-04-28 01:50 - 03778048 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll

2017-05-10 19:49 - 2017-04-28 01:50 - 00329728 _____ (Microsoft Corporation) C:\WINDOWS\system32\fvecpl.dll

2017-05-10 19:49 - 2017-04-28 01:49 - 00864256 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnapps.dll

2017-05-10 19:49 - 2017-04-28 01:47 - 01908224 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll

2017-05-10 19:49 - 2017-04-28 01:47 - 01078784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.dll

2017-05-10 19:49 - 2017-04-28 01:47 - 00796672 _____ (Microsoft Corporation) C:\WINDOWS\system32\fvewiz.dll

2017-05-10 19:49 - 2017-04-28 01:47 - 00627200 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpaceControl.dll

2017-05-10 19:49 - 2017-04-28 01:45 - 23677440 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll

2017-05-10 19:49 - 2017-04-28 01:45 - 01217024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Audio.dll

2017-05-10 19:49 - 2017-04-28 01:45 - 00411648 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsApi.dll

2017-05-10 19:49 - 2017-04-28 01:44 - 13091328 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll

2017-05-10 19:49 - 2017-04-28 01:44 - 01366016 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll

2017-05-10 19:49 - 2017-04-28 01:44 - 01145344 _____ (Microsoft Corporation) C:\WINDOWS\system32\EmailApis.dll

2017-05-10 19:49 - 2017-04-28 01:44 - 00937984 _____ (Microsoft Corporation) C:\WINDOWS\system32\MCRecvSrc.dll

2017-05-10 19:49 - 2017-04-28 01:44 - 00583680 _____ (Microsoft Corporation) C:\WINDOWS\system32\PrintDialogs.dll

2017-05-10 19:49 - 2017-04-28 01:44 - 00548864 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll

2017-05-10 19:49 - 2017-04-28 01:43 - 01184256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Unistore.dll

2017-05-10 19:49 - 2017-04-28 01:43 - 00963584 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebcamUi.dll

2017-05-10 19:49 - 2017-04-28 01:43 - 00646656 _____ (Microsoft Corporation) C:\WINDOWS\system32\wiaservc.dll

2017-05-10 19:49 - 2017-04-28 01:43 - 00539136 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToManager.dll

2017-05-10 19:49 - 2017-04-28 01:43 - 00526336 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv

2017-05-10 19:49 - 2017-04-28 01:43 - 00467968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Geolocation.dll

2017-05-10 19:49 - 2017-04-28 01:43 - 00331264 _____ (Microsoft Corporation) C:\WINDOWS\system32\NgcCtnrSvc.dll

2017-05-10 19:49 - 2017-04-28 01:42 - 13441536 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll

2017-05-10 19:49 - 2017-04-28 01:42 - 08125440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll

2017-05-10 19:49 - 2017-04-28 01:42 - 08076288 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll

2017-05-10 19:49 - 2017-04-28 01:42 - 02390016 _____ (Microsoft Corporation) C:\WINDOWS\system32\smartscreen.exe

2017-05-10 19:49 - 2017-04-28 01:41 - 01080320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Ocr.dll

2017-05-10 19:49 - 2017-04-28 01:41 - 00983040 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcsvc.dll

2017-05-10 19:49 - 2017-04-28 01:41 - 00860160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mprddm.dll

2017-05-10 19:49 - 2017-04-28 01:41 - 00759296 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll

2017-05-10 19:49 - 2017-04-28 01:41 - 00611328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Printing.dll

2017-05-10 19:49 - 2017-04-28 01:40 - 04474368 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_47.dll

2017-05-10 19:49 - 2017-04-28 01:40 - 02096640 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl

2017-05-10 19:49 - 2017-04-28 01:40 - 01040896 _____ (Microsoft Corporation) C:\WINDOWS\system32\NaturalLanguage6.dll

2017-05-10 19:49 - 2017-04-28 01:40 - 00913920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.dll

2017-05-10 19:49 - 2017-04-28 01:40 - 00816640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll

2017-05-10 19:49 - 2017-04-28 01:39 - 00846336 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApiPublic.dll

2017-05-10 19:49 - 2017-04-28 01:38 - 05611008 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll

2017-05-10 19:49 - 2017-04-28 01:38 - 02424320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Perception.dll

2017-05-10 19:49 - 2017-04-28 01:38 - 01359360 _____ (Microsoft Corporation) C:\WINDOWS\system32\usercpl.dll

2017-05-10 19:49 - 2017-04-28 01:38 - 00765440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Sensors.dll

2017-05-10 19:49 - 2017-04-28 01:37 - 04149248 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll

2017-05-10 19:49 - 2017-04-28 01:37 - 03134976 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcore.dll

2017-05-10 19:49 - 2017-04-28 01:37 - 02895872 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll

2017-05-10 19:49 - 2017-04-28 01:37 - 02538496 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll

2017-05-10 19:49 - 2017-04-28 01:37 - 01984000 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll

2017-05-10 19:49 - 2017-04-28 01:37 - 01783296 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll

2017-05-10 19:49 - 2017-04-28 01:37 - 01637888 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll

2017-05-10 19:49 - 2017-04-28 01:37 - 01424896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Maps.dll

2017-05-10 19:49 - 2017-04-28 01:37 - 01266176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Input.Inking.dll

2017-05-10 19:49 - 2017-04-28 01:37 - 00875520 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll

2017-05-10 19:49 - 2017-04-28 01:37 - 00391168 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll

2017-05-10 19:49 - 2017-04-28 01:36 - 01513472 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys

2017-05-10 19:49 - 2017-04-28 01:36 - 01328640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.Http.dll

2017-05-10 19:49 - 2017-04-28 01:36 - 01131008 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll

2017-05-10 19:49 - 2017-04-28 01:36 - 00774656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.dll

2017-05-10 19:49 - 2017-04-28 01:35 - 03299840 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstsc.exe

2017-05-10 19:49 - 2017-04-28 01:35 - 00924672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.BackgroundTransfer.dll

2017-05-10 19:49 - 2017-04-28 01:34 - 00999424 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWorkspace.dll

2017-05-10 19:49 - 2017-04-28 01:34 - 00439296 _____ (Microsoft Corporation) C:\WINDOWS\system32\wksprt.exe

2017-05-10 19:49 - 2017-04-28 01:34 - 00394240 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpclip.exe

2017-05-10 19:49 - 2017-03-04 09:09 - 01293152 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll

2017-05-10 19:49 - 2017-03-04 08:27 - 00456192 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiobj.dll

2017-05-10 19:49 - 2017-03-04 08:26 - 00261632 _____ (Microsoft Corporation) C:\WINDOWS\system32\indexeddbserver.dll

2017-05-10 19:49 - 2017-03-04 08:25 - 01388544 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Cred.dll

2017-05-10 19:49 - 2017-03-04 08:19 - 01403392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Editing.dll

2017-05-10 19:49 - 2017-03-04 08:06 - 01369088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Phone.dll

2017-05-10 19:48 - 2017-04-28 02:57 - 00603488 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContentDeliveryManager.Utilities.dll

2017-05-10 19:48 - 2017-04-28 02:56 - 01117024 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReAgent.dll

2017-05-10 19:48 - 2017-04-28 02:52 - 02255712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys

2017-05-10 19:48 - 2017-04-28 02:49 - 00764392 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll

2017-05-10 19:48 - 2017-04-28 02:49 - 00700936 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel32.dll

2017-05-10 19:48 - 2017-04-28 02:47 - 00699744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimgapi.dll

2017-05-10 19:48 - 2017-04-28 02:47 - 00501088 _____ (Microsoft Corporation) C:\WINDOWS\system32\spwizeng.dll

2017-05-10 19:48 - 2017-04-28 02:46 - 00410464 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinSetupUI.dll

2017-05-10 19:48 - 2017-04-28 02:44 - 00062816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fsdepends.sys

2017-05-10 19:48 - 2017-04-28 02:42 - 00526176 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimserv.exe

2017-05-10 19:48 - 2017-04-28 02:40 - 00578400 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe

2017-05-10 19:48 - 2017-04-28 02:40 - 00146784 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostCommon.dll

2017-05-10 19:48 - 2017-04-28 02:40 - 00026976 _____ (Microsoft Corporation) C:\WINDOWS\system32\browser_broker.exe

2017-05-10 19:48 - 2017-04-28 02:39 - 00624048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys

2017-05-10 19:48 - 2017-04-28 02:38 - 02915704 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll

2017-05-10 19:48 - 2017-04-28 02:38 - 02446704 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll

2017-05-10 19:48 - 2017-04-28 02:38 - 01852200 _____ (Microsoft Corporation) C:\WINDOWS\system32\crypt32.dll

2017-05-10 19:48 - 2017-04-28 02:38 - 01267512 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll

2017-05-10 19:48 - 2017-04-28 02:38 - 00431968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys

2017-05-10 19:48 - 2017-04-28 02:34 - 04674360 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe

2017-05-10 19:48 - 2017-04-28 02:34 - 01600624 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll

2017-05-10 19:48 - 2017-04-28 02:34 - 00241504 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHost.dll

2017-05-10 19:48 - 2017-04-28 02:30 - 01569184 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll

2017-05-10 19:48 - 2017-04-28 02:30 - 00322912 _____ (Microsoft Corporation) C:\WINDOWS\system32\input.dll

2017-05-10 19:48 - 2017-04-28 02:28 - 00455520 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe

2017-05-10 19:48 - 2017-04-28 02:21 - 00073728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdc.ocx

2017-05-10 19:48 - 2017-04-28 02:19 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbonRes.dll

2017-05-10 19:48 - 2017-04-28 02:15 - 00822784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll

2017-05-10 19:48 - 2017-04-28 02:15 - 00126464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll

2017-05-10 19:48 - 2017-04-28 02:14 - 00306688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll

2017-05-10 19:48 - 2017-04-28 02:12 - 00635904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll

2017-05-10 19:48 - 2017-04-28 02:12 - 00236544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll

2017-05-10 19:48 - 2017-04-28 02:10 - 07216640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll

2017-05-10 19:48 - 2017-04-28 02:10 - 00661504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll

2017-05-10 19:48 - 2017-04-28 02:05 - 01631232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll

2017-05-10 19:48 - 2017-04-28 02:03 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbonRes.dll

2017-05-10 19:48 - 2017-04-28 02:03 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdc.ocx

2017-05-10 19:48 - 2017-04-28 02:03 - 00032256 _____ (Microsoft Corporation) C:\WINDOWS\system32\BthTelemetry.dll

2017-05-10 19:48 - 2017-04-28 02:02 - 00019456 _____ (Microsoft Corporation) C:\WINDOWS\system32\appidcertstorecheck.exe

2017-05-10 19:48 - 2017-04-28 02:01 - 00259072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Family.SyncEngine.dll

2017-05-10 19:48 - 2017-04-28 02:01 - 00185344 _____ (Microsoft Corporation) C:\WINDOWS\system32\DisplayManager.dll

2017-05-10 19:48 - 2017-04-28 02:01 - 00156160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Family.Client.dll

2017-05-10 19:48 - 2017-04-28 02:01 - 00129536 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_ClosedCaptioning.dll

2017-05-10 19:48 - 2017-04-28 02:01 - 00090624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Printers.dll

2017-05-10 19:48 - 2017-04-28 02:01 - 00051712 _____ (Microsoft Corporation) C:\WINDOWS\system32\virtdisk.dll

2017-05-10 19:48 - 2017-04-28 02:00 - 00196096 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDeviceRegistration.dll

2017-05-10 19:48 - 2017-04-28 02:00 - 00193536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.WiFi.dll

2017-05-10 19:48 - 2017-04-28 02:00 - 00148480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.System.Profile.RetailInfo.dll

2017-05-10 19:48 - 2017-04-28 02:00 - 00120832 _____ (Microsoft Corporation) C:\WINDOWS\system32\BluetoothApis.dll

2017-05-10 19:48 - 2017-04-28 02:00 - 00101888 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDeviceRegistration.Ngc.dll

2017-05-10 19:48 - 2017-04-28 02:00 - 00099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll

2017-05-10 19:48 - 2017-04-28 02:00 - 00073216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryBroker.dll

2017-05-10 19:48 - 2017-04-28 01:59 - 00567296 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevicePairing.dll

2017-05-10 19:48 - 2017-04-28 01:59 - 00186368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Radios.dll

2017-05-10 19:48 - 2017-04-28 01:59 - 00124416 _____ (Microsoft Corporation) C:\WINDOWS\system32\appidsvc.dll

2017-05-10 19:48 - 2017-04-28 01:59 - 00122880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryClient.dll

2017-05-10 19:48 - 2017-04-28 01:58 - 00547840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Gaming.Input.dll

2017-05-10 19:48 - 2017-04-28 01:58 - 00418304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.BlockedShutdown.dll

2017-05-10 19:48 - 2017-04-28 01:58 - 00289792 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeveloperOptionsSettingsHandlers.dll

2017-05-10 19:48 - 2017-04-28 01:58 - 00231424 _____ (Microsoft Corporation) C:\WINDOWS\system32\shutdownux.dll

2017-05-10 19:48 - 2017-04-28 01:58 - 00150016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.AppDefaults.dll

2017-05-10 19:48 - 2017-04-28 01:58 - 00144896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Lights.dll

2017-05-10 19:48 - 2017-04-28 01:58 - 00130560 _____ (Microsoft Corporation) C:\WINDOWS\system32\ConsentUX.dll

2017-05-10 19:48 - 2017-04-28 01:57 - 00651264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.AllJoyn.dll

2017-05-10 19:48 - 2017-04-28 01:57 - 00568320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.LowLevel.dll

2017-05-10 19:48 - 2017-04-28 01:57 - 00505856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.WiFiDirect.dll

2017-05-10 19:48 - 2017-04-28 01:57 - 00279552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.HumanInterfaceDevice.dll

2017-05-10 19:48 - 2017-04-28 01:57 - 00268800 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserMgrProxy.dll

2017-05-10 19:48 - 2017-04-28 01:57 - 00243712 _____ (Microsoft Corporation) C:\WINDOWS\system32\credprovhost.dll

2017-05-10 19:48 - 2017-04-28 01:57 - 00241152 _____ (Microsoft Corporation) C:\WINDOWS\system32\dafBth.dll

2017-05-10 19:48 - 2017-04-28 01:57 - 00157184 _____ (Microsoft Corporation) C:\WINDOWS\system32\bthserv.dll

2017-05-10 19:48 - 2017-04-28 01:57 - 00139264 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll

2017-05-10 19:48 - 2017-04-28 01:56 - 00947712 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll

2017-05-10 19:48 - 2017-04-28 01:56 - 00912384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.SmartCards.dll

2017-05-10 19:48 - 2017-04-28 01:56 - 00692224 _____ (Microsoft Corporation) C:\WINDOWS\system32\CellularAPI.dll

2017-05-10 19:48 - 2017-04-28 01:56 - 00691200 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll

2017-05-10 19:48 - 2017-04-28 01:56 - 00379904 _____ (Microsoft Corporation) C:\WINDOWS\system32\apprepsync.dll

2017-05-10 19:48 - 2017-04-28 01:56 - 00324608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.LockScreen.dll

2017-05-10 19:48 - 2017-04-28 01:56 - 00311296 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncSettings.dll

2017-05-10 19:48 - 2017-04-28 01:56 - 00267264 _____ (Microsoft Corporation) C:\WINDOWS\system32\vaultcli.dll

2017-05-10 19:48 - 2017-04-28 01:56 - 00147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll

2017-05-10 19:48 - 2017-04-28 01:56 - 00146432 _____ (Microsoft Corporation) C:\WINDOWS\system32\AuthBroker.dll

2017-05-10 19:48 - 2017-04-28 01:55 - 06042624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll

2017-05-10 19:48 - 2017-04-28 01:55 - 02084352 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceFlows.DataModel.dll

2017-05-10 19:48 - 2017-04-28 01:55 - 00657920 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmans.dll

2017-05-10 19:48 - 2017-04-28 01:55 - 00407552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll

2017-05-10 19:48 - 2017-04-28 01:55 - 00391168 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleacc.dll

2017-05-10 19:48 - 2017-04-28 01:55 - 00337408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Picker.dll

2017-05-10 19:48 - 2017-04-28 01:55 - 00231424 _____ (Microsoft Corporation) C:\WINDOWS\system32\bthprops.cpl

2017-05-10 19:48 - 2017-04-28 01:55 - 00176128 _____ (Microsoft Corporation) C:\WINDOWS\system32\apprepapi.dll

2017-05-10 19:48 - 2017-04-28 01:54 - 03664384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll

2017-05-10 19:48 - 2017-04-28 01:54 - 00949248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.PointOfService.dll

2017-05-10 19:48 - 2017-04-28 01:54 - 00472064 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Bluetooth.dll

2017-05-10 19:48 - 2017-04-28 01:54 - 00339456 _____ (Microsoft Corporation) C:\WINDOWS\system32\ConhostV2.dll

2017-05-10 19:48 - 2017-04-28 01:54 - 00329728 _____ (Microsoft Corporation) C:\WINDOWS\system32\deviceaccess.dll

2017-05-10 19:48 - 2017-04-28 01:54 - 00091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll

2017-05-10 19:48 - 2017-04-28 01:53 - 00458752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Enumeration.dll

2017-05-10 19:48 - 2017-04-28 01:53 - 00437248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Usb.dll

2017-05-10 19:48 - 2017-04-28 01:51 - 02104320 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll

2017-05-10 19:48 - 2017-04-28 01:51 - 01913856 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_fs.dll

2017-05-10 19:48 - 2017-04-28 01:51 - 01584128 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_health.dll

2017-05-10 19:48 - 2017-04-28 01:51 - 00169984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Energy.dll

2017-05-10 19:48 - 2017-04-28 01:50 - 01476608 _____ (Microsoft Corporation) C:\WINDOWS\system32\RecoveryDrive.exe

2017-05-10 19:48 - 2017-04-28 01:50 - 00380416 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationApi.dll

2017-05-10 19:48 - 2017-04-28 01:50 - 00338944 _____ (Microsoft Corporation) C:\WINDOWS\system32\adsnt.dll

2017-05-10 19:48 - 2017-04-28 01:49 - 17198592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll

2017-05-10 19:48 - 2017-04-28 01:49 - 01105408 _____ (Microsoft Corporation) C:\WINDOWS\system32\MiracastReceiver.dll

2017-05-10 19:48 - 2017-04-28 01:49 - 00442368 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToDevice.dll

2017-05-10 19:48 - 2017-04-28 01:48 - 00337920 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll

2017-05-10 19:48 - 2017-04-28 01:48 - 00295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\dlnashext.dll

2017-05-10 19:48 - 2017-04-28 01:48 - 00187904 _____ (Microsoft Corporation) C:\WINDOWS\system32\dialclient.dll

2017-05-10 19:48 - 2017-04-28 01:47 - 09131008 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll

2017-05-10 19:48 - 2017-04-28 01:47 - 03290112 _____ (Microsoft Corporation) C:\WINDOWS\system32\mispace.dll

2017-05-10 19:48 - 2017-04-28 01:47 - 01790464 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationFramework.dll

2017-05-10 19:48 - 2017-04-28 01:47 - 00942080 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll

2017-05-10 19:48 - 2017-04-28 01:47 - 00649216 _____ (Microsoft Corporation) C:\WINDOWS\system32\vds.exe

2017-05-10 19:48 - 2017-04-28 01:46 - 02861056 _____ (Microsoft Corporation) C:\WINDOWS\system32\storagewmi.dll

2017-05-10 19:48 - 2017-04-28 01:46 - 01547264 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbengine.exe

2017-05-10 19:48 - 2017-04-28 01:46 - 01443328 _____ (Microsoft Corporation) C:\WINDOWS\system32\VSSVC.exe

2017-05-10 19:48 - 2017-04-28 01:46 - 00501248 _____ (Microsoft Corporation) C:\WINDOWS\system32\imapi2.dll

2017-05-10 19:48 - 2017-04-28 01:46 - 00374784 _____ (Microsoft Corporation) C:\WINDOWS\system32\resutils.dll

2017-05-10 19:48 - 2017-04-28 01:46 - 00279552 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToReceiver.dll

2017-05-10 19:48 - 2017-04-28 01:46 - 00049664 _____ (Microsoft Corporation) C:\WINDOWS\system32\catsrvps.dll

2017-05-10 19:48 - 2017-04-28 01:45 - 00946688 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_sr.dll

2017-05-10 19:48 - 2017-04-28 01:45 - 00628736 _____ (Microsoft Corporation) C:\WINDOWS\system32\uReFS.dll

2017-05-10 19:48 - 2017-04-28 01:45 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll

2017-05-10 19:48 - 2017-04-28 01:45 - 00167936 _____ (Microsoft Corporation) C:\WINDOWS\system32\ErrorDetails.dll

2017-05-10 19:48 - 2017-04-28 01:45 - 00130560 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpaceAgent.exe

2017-05-10 19:48 - 2017-04-28 01:45 - 00112640 _____ (Microsoft Corporation) C:\WINDOWS\system32\CameraCaptureUI.dll

2017-05-10 19:48 - 2017-04-28 01:44 - 04749824 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll

2017-05-10 19:48 - 2017-04-28 01:44 - 01010176 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll

2017-05-10 19:48 - 2017-04-28 01:44 - 00896512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.AccountsControl.dll

2017-05-10 19:48 - 2017-04-28 01:44 - 00775168 _____ (Microsoft Corporation) C:\WINDOWS\system32\GamePanel.exe

2017-05-10 19:48 - 2017-04-28 01:44 - 00410112 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevicesFlowBroker.dll

2017-05-10 19:48 - 2017-04-28 01:44 - 00139776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Devices.dll

2017-05-10 19:48 - 2017-04-28 01:43 - 00634368 _____ (Microsoft Corporation) C:\WINDOWS\system32\StructuredQuery.dll

2017-05-10 19:48 - 2017-04-28 01:43 - 00600576 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptui.dll

2017-05-10 19:48 - 2017-04-28 01:43 - 00560128 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppReadiness.dll

2017-05-10 19:48 - 2017-04-28 01:43 - 00460800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Midi.dll

2017-05-10 19:48 - 2017-04-28 01:43 - 00320512 _____ (Microsoft Corporation) C:\WINDOWS\system32\thumbcache.dll

2017-05-10 19:48 - 2017-04-28 01:42 - 01692160 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll

2017-05-10 19:48 - 2017-04-28 01:42 - 01021440 _____ (Microsoft Corporation) C:\WINDOWS\system32\usermgr.dll

2017-05-10 19:48 - 2017-04-28 01:42 - 00945664 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll

2017-05-10 19:48 - 2017-04-28 01:42 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll

2017-05-10 19:48 - 2017-04-28 01:41 - 01359872 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModel.dll

2017-05-10 19:48 - 2017-04-28 01:41 - 00890368 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll

2017-05-10 19:48 - 2017-04-28 01:41 - 00828416 _____ (Microsoft Corporation) C:\WINDOWS\system32\appwiz.cpl

2017-05-10 19:48 - 2017-04-28 01:41 - 00650752 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll

2017-05-10 19:48 - 2017-04-28 01:41 - 00591360 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll

2017-05-10 19:48 - 2017-04-28 01:41 - 00376832 _____ (Microsoft Corporation) C:\WINDOWS\system32\CryptoWinRT.dll

2017-05-10 19:48 - 2017-04-28 01:40 - 02914816 _____ (Microsoft Corporation) C:\WINDOWS\system32\CertEnroll.dll

2017-05-10 19:48 - 2017-04-28 01:40 - 02510848 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll

2017-05-10 19:48 - 2017-04-28 01:40 - 02208768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Printing.3D.dll

2017-05-10 19:48 - 2017-04-28 01:40 - 01643008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.dll

2017-05-10 19:48 - 2017-04-28 01:40 - 01586176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Globalization.dll

2017-05-10 19:48 - 2017-04-28 01:40 - 00971264 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll

2017-05-10 19:48 - 2017-04-28 01:40 - 00886784 _____ (Microsoft Corporation) C:\WINDOWS\system32\CPFilters.dll

2017-05-10 19:48 - 2017-04-28 01:40 - 00770560 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll

2017-05-10 19:48 - 2017-04-28 01:39 - 00673792 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe

2017-05-10 19:48 - 2017-04-28 01:38 - 01490432 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll

2017-05-10 19:48 - 2017-04-28 01:38 - 01275392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Bluetooth.dll

2017-05-10 19:48 - 2017-04-28 01:37 - 04744192 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll

2017-05-10 19:48 - 2017-04-28 01:37 - 02316288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll

2017-05-10 19:48 - 2017-04-28 01:37 - 02286592 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll

2017-05-10 19:48 - 2017-04-28 01:37 - 02216960 _____ (Microsoft Corporation) C:\WINDOWS\system32\OpcServices.dll

2017-05-10 19:48 - 2017-04-28 01:37 - 00881664 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll

2017-05-10 19:48 - 2017-04-28 01:36 - 03613184 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys

2017-05-10 19:48 - 2017-04-28 01:36 - 02691072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll

2017-05-10 19:48 - 2017-04-28 01:36 - 02478080 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll

2017-05-10 19:48 - 2017-04-28 01:36 - 01844224 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll

2017-05-10 19:48 - 2017-04-28 01:36 - 00735744 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll

2017-05-10 19:48 - 2017-04-28 01:36 - 00716800 _____ (Microsoft Corporation) C:\WINDOWS\system32\ShareHost.dll

2017-05-10 19:48 - 2017-04-28 01:35 - 01121280 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll

2017-05-10 19:48 - 2017-04-28 01:34 - 00035328 _____ (Microsoft Corporation) C:\WINDOWS\system32\spaceman.exe

2017-05-10 19:48 - 2017-04-28 01:33 - 01817088 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.dll

2017-05-10 19:48 - 2017-03-04 08:25 - 01060352 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppContracts.dll

2017-05-10 19:48 - 2016-12-21 09:09 - 00368640 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneBackupHandler.dll

2017-05-10 15:07 - 2017-05-10 15:09 - 00281802 _____ C:\TDSSKiller.3.1.0.15_10.05.2017_15.07.29_log.txt

2017-05-10 15:02 - 2017-05-14 16:43 - 02429952 _____ (Farbar) C:\Users\User\Desktop\FRST64 (1).exe

2017-05-08 17:20 - 2017-05-18 19:44 - 00000000 ____D C:\FRST

2017-05-03 13:56 - 2017-05-03 13:56 - 00000780 _____ C:\Users\User\Desktop\JRT.txt

2017-05-02 18:51 - 2017-05-02 18:51 - 00000000 ____D C:\Users\User\AppData\Roaming\Google

2017-05-02 18:07 - 2017-05-02 18:08 - 00000000 ____D C:\Users\User\AppData\Local\MSfree Inc

2017-04-28 22:59 - 2017-04-28 21:13 - 00030938 _____ C:\Users\User\bookmarks-2017-04-28.json

2017-04-28 22:54 - 2017-05-02 18:51 - 00000000 ____D C:\Users\User\AppData\LocalLow\Mozilla

2017-04-28 22:46 - 2017-05-11 17:43 - 00000000 ____D C:\AdwCleaner

2017-04-19 17:57 - 2017-04-19 17:57 - 00000000 ____D C:\Program Files (x86)\Lame For Audacity
 

==================== Ein Monat: Geänderte Dateien und Ordner ========
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
 

2017-05-18 19:31 - 2017-03-02 15:48 - 00000000 ____D C:\WINDOWS\system32\SleepStudy

2017-05-18 13:30 - 2017-03-02 15:51 - 00000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat

2017-05-18 13:30 - 2016-04-09 10:12 - 00000000 ____D C:\Users\User\AppData\Local\HTC MediaHub

2017-05-18 13:30 - 2015-03-25 23:04 - 00000000 __SHD C:\Users\User\IntelGraphicsProfiles

2017-05-18 13:28 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\AppReadiness

2017-05-18 13:27 - 2017-03-02 16:12 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT

2017-05-18 13:27 - 2017-03-02 15:52 - 00000000 ____D C:\ProgramData\NVIDIA

2017-05-18 13:27 - 2016-07-16 08:04 - 00524288 _____ C:\WINDOWS\system32\config\BBI

2017-05-18 13:26 - 2017-04-03 19:07 - 143754240 _____ C:\Users\User\backup.pst

2017-05-18 10:02 - 2016-07-16 13:47 - 00000000 ___HD C:\Program Files\WindowsApps

2017-05-16 22:21 - 2015-08-14 16:00 - 00000000 ____D C:\Program Files\iTunes

2017-05-16 22:21 - 2015-08-14 16:00 - 00000000 ____D C:\Program Files\iPod

2017-05-16 22:18 - 2016-07-16 13:45 - 00000000 ____D C:\WINDOWS\INF

2017-05-16 17:19 - 2017-03-02 16:14 - 01947698 _____ C:\WINDOWS\system32\PerfStringBackup.INI

2017-05-16 17:19 - 2016-07-17 00:51 - 00757908 _____ C:\WINDOWS\system32\perfh007.dat

2017-05-16 17:19 - 2016-07-17 00:51 - 00161172 _____ C:\WINDOWS\system32\perfc007.dat

2017-05-16 12:44 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\appraiser

2017-05-16 12:44 - 2016-07-16 13:36 - 00000000 ____D C:\WINDOWS\CbsTemp

2017-05-15 17:19 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\rescache

2017-05-14 11:58 - 2015-03-25 22:56 - 00002264 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk

2017-05-11 18:18 - 2015-08-17 09:44 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox

2017-05-11 17:29 - 2015-04-12 10:39 - 00000000 __RHD C:\Users\Public\AccountPictures

2017-05-11 17:27 - 2017-03-02 15:47 - 00464600 _____ C:\WINDOWS\system32\FNTCACHE.DAT

2017-05-11 14:40 - 2016-07-16 13:47 - 00000000 ___SD C:\WINDOWS\SysWOW64\F12

2017-05-11 14:40 - 2016-07-16 13:47 - 00000000 ___SD C:\WINDOWS\system32\F12

2017-05-11 14:40 - 2016-07-16 13:47 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel

2017-05-11 14:40 - 2016-07-16 13:47 - 00000000 ___RD C:\Program Files\Windows Defender

2017-05-11 14:40 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\SystemResetPlatform

2017-05-11 14:40 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\oobe

2017-05-11 14:40 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\ShellExperiences

2017-05-11 14:40 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\Provisioning

2017-05-11 14:40 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\PolicyDefinitions

2017-05-11 14:40 - 2016-07-16 13:47 - 00000000 ____D C:\Program Files\Windows Photo Viewer

2017-05-11 14:40 - 2016-07-16 13:47 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer

2017-05-11 14:40 - 2016-07-16 13:47 - 00000000 ____D C:\Program Files (x86)\Windows Defender

2017-05-11 14:40 - 2016-07-16 08:04 - 00000000 ____D C:\WINDOWS\SysWOW64\Dism

2017-05-11 14:08 - 2016-03-27 14:30 - 00000000 ____D C:\Users\User\AppData\Roaming\Audacity

2017-05-11 13:51 - 2015-04-12 13:55 - 00000000 ____D C:\Users\User\AppData\Roaming\DVDVideoSoft

2017-05-11 13:39 - 2015-03-25 23:40 - 00000000 ____D C:\WINDOWS\system32\MRT

2017-05-11 13:37 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\LiveKernelReports

2017-05-10 20:06 - 2015-03-25 23:40 - 156335152 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe

2017-05-10 19:59 - 2013-08-22 15:25 - 00000167 _____ C:\WINDOWS\win.ini

2017-05-10 11:38 - 2016-07-16 13:42 - 00073728 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSManMigrationPlugin.dll

2017-05-10 11:29 - 2015-03-26 05:50 - 00000000 ____D C:\Users\User\AppData\Local\Packages

2017-05-10 11:27 - 2016-02-03 11:58 - 00000000 ____D C:\Users\User\AppData\Local\CrashDumps

2017-05-07 15:41 - 2015-04-12 08:08 - 00000000 ____D C:\Users\User\AppData\Roaming\Skype

2017-05-03 13:42 - 2015-07-31 13:48 - 00000000 ____D C:\ProgramData\F-Secure

2017-05-03 13:40 - 2016-07-16 08:04 - 00032768 _____ C:\WINDOWS\system32\config\ELAM

2017-05-02 18:12 - 2015-04-12 10:13 - 00532136 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe

2017-05-01 16:53 - 2017-04-13 09:54 - 00003916 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1603712690-2894388539-358268464-1001UA1d2b42b3d108749

2017-05-01 16:53 - 2017-04-13 09:54 - 00003648 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1603712690-2894388539-358268464-1001Core1d2b42b3ce86f9b

2017-04-29 02:59 - 2016-07-16 13:49 - 00835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe

2017-04-29 02:59 - 2016-07-16 13:49 - 00177656 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl

2017-04-28 22:49 - 2015-07-31 18:14 - 00000000 ____D C:\Users\User\AppData\Roaming\Lavasoft

2017-04-28 22:49 - 2015-07-31 18:14 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft

2017-04-28 22:49 - 2015-07-31 18:14 - 00000000 ____D C:\ProgramData\Lavasoft

2017-04-28 22:49 - 2015-07-31 18:14 - 00000000 ____D C:\Program Files (x86)\Lavasoft

2017-04-28 22:13 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\registration

2017-04-28 21:25 - 2017-01-12 15:32 - 00000000 ____D C:\Program Files (x86)\CDBurnerXP

2017-04-28 12:03 - 2017-03-02 16:12 - 00003628 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA

2017-04-28 12:03 - 2017-03-02 16:12 - 00003504 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore

2017-04-28 03:01 - 2017-03-02 15:50 - 02717184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll

2017-04-23 17:07 - 2015-04-12 22:13 - 00000000 ____D C:\Users\User\AppData\Local\Spotify

2017-04-23 16:36 - 2015-04-12 22:12 - 00000000 ____D C:\Users\User\AppData\Roaming\Spotify

2017-04-22 12:51 - 2015-03-26 00:05 - 00000000 ____D C:\ProgramData\Oracle

2017-04-22 12:47 - 2015-04-12 20:40 - 00000000 ____D C:\Users\User\AppData\Roaming\vlc

2017-04-22 12:47 - 2015-03-25 22:57 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java

2017-04-22 12:47 - 2015-03-25 22:57 - 00000000 ____D C:\Program Files (x86)\Java

2017-04-22 12:46 - 2015-03-25 22:57 - 00097856 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll

2017-04-19 17:49 - 2017-01-12 15:32 - 00001224 _____ C:\Users\Public\Desktop\CDBurnerXP.lnk

2017-04-19 17:49 - 2017-01-12 15:32 - 00001174 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CDBurnerXP.lnk
 

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
 

2016-03-20 20:17 - 2016-03-20 20:17 - 0000268 ___RH () C:\Users\User\AppData\Roaming\External Build System

2016-03-20 20:18 - 2016-03-20 20:18 - 0000268 ___RH () C:\Users\User\AppData\Roaming\File Templates

2016-03-20 20:17 - 2016-03-20 20:17 - 0000268 ___RH () C:\Users\User\AppData\Roaming\Filesystems

2016-03-20 20:16 - 2016-03-20 20:16 - 0000268 ___RH () C:\Users\User\AppData\Roaming\Framework

2015-04-12 14:34 - 2015-04-12 14:34 - 0196228 _____ () C:\Users\User\AppData\Local\134785ED_stp.CIS

2015-04-12 14:34 - 2015-04-12 14:34 - 0000290 _____ () C:\Users\User\AppData\Local\134785ED_stp.CIS.part

2015-04-13 23:59 - 2015-04-13 23:59 - 0047657 _____ () C:\Users\User\AppData\Local\2B763BC1_stp.CIS

2015-04-13 23:59 - 2015-04-13 23:59 - 0000289 _____ () C:\Users\User\AppData\Local\2B763BC1_stp.CIS.part

2015-04-12 14:34 - 2015-04-12 14:34 - 0385602 _____ () C:\Users\User\AppData\Local\5D515C96_stp.CIS

2015-04-12 14:34 - 2015-04-13 23:58 - 0000220 _____ () C:\Users\User\AppData\Local\5D515C96_stp.CIS.part

2015-04-12 14:34 - 2015-04-13 23:59 - 8250214 _____ () C:\Users\User\AppData\Local\65DE37E2_stp.CIS

2015-04-12 14:34 - 2015-04-13 23:59 - 0000373 _____ () C:\Users\User\AppData\Local\65DE37E2_stp.CIS.part

2016-09-27 17:13 - 2016-09-28 09:08 - 0003584 _____ () C:\Users\User\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

2017-01-06 13:55 - 2017-01-06 13:55 - 0004096 ____H () C:\Users\User\AppData\Local\keyfile3.drm

2015-10-06 11:23 - 2015-10-07 09:24 - 29249520 _____ (Sony Mobile Communications                                  ) C:\Users\User\AppData\Local\pcc.exe

2015-09-06 15:17 - 2015-09-06 15:17 - 0000000 _____ () C:\Users\User\AppData\Local\Settings.xml

2015-08-20 17:08 - 2015-08-20 17:08 - 0000132 _____ () C:\Users\User\AppData\Local\updt.js

2016-04-28 18:22 - 2016-04-28 18:22 - 0000000 _____ () C:\Users\User\AppData\Local\{DEBB28E6-C29A-4EFF-9857-53E5B2E566EC}

2017-03-02 15:50 - 2017-03-02 15:50 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

2016-03-20 20:17 - 2016-03-20 20:17 - 0000268 ___RH () C:\ProgramData\Filters

2016-03-20 20:18 - 2016-03-20 20:18 - 0000268 ___RH () C:\ProgramData\Flags

2016-03-20 20:17 - 2016-03-20 20:17 - 0000268 ___RH () C:\ProgramData\Flange Saw

2016-03-20 20:16 - 2016-03-20 20:16 - 0000268 ___RH () C:\ProgramData\Galactic Static

2016-03-20 20:16 - 2016-03-20 20:17 - 0000020 ____H () C:\ProgramData\PKP_DLeo.DAT

2016-03-20 20:18 - 2016-03-20 20:18 - 0000020 ____H () C:\ProgramData\PKP_DLes.DAT

2016-03-20 20:17 - 2017-01-15 13:34 - 0000020 ____H () C:\ProgramData\PKP_DLet.DAT

2016-03-20 20:17 - 2016-03-20 20:17 - 0000020 ____H () C:\ProgramData\PKP_DLev.DAT
 

Dateien, die verschoben oder gelöscht werden sollten:

====================

C:\Users\User\Delphi.exe
 
 

==================== Bamital & volsnap ======================
 

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
 

C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert

C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert

C:\WINDOWS\explorer.exe => Datei ist digital signiert

C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert

C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert

C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert

C:\WINDOWS\system32\services.exe => Datei ist digital signiert

C:\WINDOWS\system32\User32.dll => Datei ist digital signiert

C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert

C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert

C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert

C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert

C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert

C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert

C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert
 

LastRegBack: 2017-05-15 15:14
 

==================== Ende von FRST.txt ============================

--- --- ---

Sabimo

18.05.2017 18:51

Code:



ZusÃ¤tzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 14-05-2017

durchgefÃ¼hrt von User (18-05-2017 19:45:46)

Gestartet von C:\Users\User\Desktop

Windows 10 Home Version 1607 (X64) (2017-03-02 17:26:19)

Start-Modus: Normal

==========================================================
 
 

==================== Konten: =============================
 

Administrator (S-1-5-21-1603712690-2894388539-358268464-500 - Administrator - Disabled)

DefaultAccount (S-1-5-21-1603712690-2894388539-358268464-503 - Limited - Disabled)

Gast (S-1-5-21-1603712690-2894388539-358268464-501 - Limited - Disabled)

User (S-1-5-21-1603712690-2894388539-358268464-1001 - Administrator - Enabled) => C:\Users\User
 

==================== Sicherheits-Center ========================
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
 

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 

==================== Installierte Programme ======================
 

(Nur Adware-Programme mit dem Zusatz "Hidden" kÃ¶nnen in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
 

7-Zip 9.30 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0930-000001000000}) (Version: 9.30.00.0 - Igor Pavlov)

Acer Launch Manager (HKLM\...\{C18D55BD-1EC6-466D-B763-8EEDDDA9100E}) (Version: 8.00.8115 - Acer Incorporated)

Acer Quick Access (HKLM\...\{C1FA525F-D701-4B31-9D32-504FC0CF0B98}) (Version: 1.01.3012 - Acer Incorporated)

Ad-Aware Web Companion (x32 Version: 2.0.1025.2130 - Lavasoft) Hidden

Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 3.5.1.209 - Adobe Systems Incorporated)

Adobe Flash Player 25 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 25.0.0.127 - Adobe Systems Incorporated)

Adobe Lightroom (HKLM-x32\...\{8048A5DF-8A70-5BE1-954B-E0FDE1BD0D0D}) (Version: 6.5 - Adobe Systems Incorporated)

Adobe Reader XI (11.0.19)  MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AB0000000001}) (Version: 11.0.19 - Adobe Systems Incorporated)

Ansel (Version: 373.06 - NVIDIA Corporation) Hidden

Apple Application Support (32-Bit) (HKLM-x32\...\{E92BB800-BCC5-4C25-8102-AC2C3B7C7C1E}) (Version: 5.5 - Apple Inc.)

Apple Application Support (64-Bit) (HKLM\...\{9C912B1E-06DD-43EF-BB2B-45CB2C88BAAE}) (Version: 5.5 - Apple Inc.)

Apple Mobile Device Support (HKLM\...\{0A596141-97D5-45FA-9281-98DFAF48D579}) (Version: 10.3.2.3 - Apple Inc.)

Apple Software Update (HKLM-x32\...\{52D87F32-70E4-4348-8148-C0B9F35B1314}) (Version: 2.3.0.177 - Apple Inc.)

Audacity 2.1.2 (HKLM-x32\...\AudacityÂ®_is1) (Version: 2.1.2 - Audacity Team)

Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)

Borland Delphi 7 (HKLM-x32\...\{72263053-50D1-4598-9502-51ED64E54C51}) (Version: 7.0 - Borland Software Corporation)

Brother MFL-Pro Suite MFC-J625DW (HKLM-x32\...\{A1B36B88-AF90-43A3-8906-6DBEE89B4FBD}) (Version: 1.1.6.0 - Brother Industries, Ltd.)

Brother P-touch Editor 5.1 (HKLM-x32\...\{39270390-A851-4E4B-94A9-D5C468216ED3}) (Version: 5.1.0620 - Brother Industries, Ltd.)

Bus-Simulator 2012 (HKLM-x32\...\Bus-Simulator 2012_is1) (Version:  - astragon)

CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.7.6521 - CDBurnerXP)

chip 1-click download service (HKLM-x32\...\{503CA94E-0834-4CEE-AD92-BA17AF4E809A}) (Version: 3.6.9.0 - Chip Digital GmbH)

D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden

Die Simsâ„¢ 3 (HKLM-x32\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}) (Version: 1.69.36.024017 - Electronic Arts Inc.)

Die Simsâ„¢ 3 Einfach tierisch (HKLM-x32\...\{C12631C6-804D-4B32-B0DD-8A496462F106}) (Version: 10.0.96 - Electronic Arts)

Die Simsâ„¢ 3 Jahreszeiten (HKLM-x32\...\{3DE92282-CB49-434F-81BF-94E5B380E889}) (Version: 16.0.136 - Electronic Arts)

Dolby Digital Plus Home Theater (HKLM\...\{7E3D8FA1-6092-469A-955B-68FC4A2C67CA}) (Version: 7.6.3.1 - Dolby Laboratories Inc)

Druckerdeinstallation fÃ¼r EPSON XP-332 335 Series (HKLM\...\EPSON XP-332 335 Series) (Version:  - Seiko Epson Corporation)

ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version:  - )

Fotogalerie (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden

Free Studio version 6.5.5.915 (HKLM-x32\...\Free Studio_is1) (Version: 6.5.5.915 - DVDVideoSoft Ltd.)

Google Chrome (HKLM-x32\...\{139D85BF-546D-3684-969A-98E5F5DE9801}) (Version: 58.0.3029.110 - Google, Inc.)

Google Talk Plugin (HKLM-x32\...\{F9B579C2-D854-300A-BE62-A09EB9D722E4}) (Version: 5.41.3.0 - Google)

Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden

Google Update Helper (x32 Version: 1.3.33.5 - Google Inc.) Hidden

HTC Driver Installer (HKLM-x32\...\{4CEEE5D0-F905-4688-B9F9-ECC710507796}) (Version: 4.17.0.001 - HTC Corporation)

HTC Sync Manager (HKLM-x32\...\{231D0C79-98A6-4693-A366-36DE7D7346EC}) (Version: 3.1.69.5 - HTC)

Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.0.1156 - Intel Corporation)

Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4549 - Intel Corporation)

Intel(R) Serial IO (HKLM\...\{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}) (Version: 1.1.165.0 - Intel Corporation)

Intel(R) Wireless Bluetooth(R) (HKLM-x32\...\{F352BFBE-5960-48EC-B189-7F744B2991F3}) (Version: 17.1.1527.1534 - Intel Corporation)

IntelÂ® Chipsatz-GerÃ¤tesoftware (x32 Version: 10.0.20 - Intel(R) Corporation) Hidden

IntelÂ® PROSet/Wireless Software (HKLM-x32\...\{47ce36dd-beb9-46b5-b71f-bb2c17c39305}) (Version: 18.11.1 - Intel Corporation)

IntelÂ® Security Assist (HKLM-x32\...\{4B230374-6475-4A73-BA6E-41015E9C5013}) (Version: 1.0.0.532 - Intel Corporation)

IPTInstaller (HKLM-x32\...\{08208143-777D-4A06-BB54-71BF0AD1BB70}) (Version: 4.0.9 - HTC)

iTunes (HKLM\...\{F0C7385A-9D20-45F3-8101-05D383885180}) (Version: 12.6.1.25 - Apple Inc.)

Java 8 Update 131 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180131F0}) (Version: 8.0.1310.11 - Oracle Corporation)

LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version:  - )

LavasoftTcpService (x32 Version: 2.3.4.7 - Lavasoft) Hidden

LightZone 4.1.5 (HKLM-x32\...\3263-1164-2624-0047) (Version: 4.1.5 - LightZone Project)

Logitech Gaming Software 5.04 (HKLM\...\{8753DF4D-64B0-474E-9A97-0AB5585D9A53}) (Version: 5.04.110 - Logitech)

Media Go (HKLM-x32\...\{65256C0D-3FE7-4D2E-BB3E-53F1175481C8}) (Version: 3.0.403 - Sony)

Media Go Network Downloader (HKLM-x32\...\{C52148B9-19E0-433A-9422-3451B1BEE20F}) (Version: 1.6.01.0 - Sony)

Media Go Video Playback Engine 2.20.106.05220 (HKLM-x32\...\{ECAE7E40-24A6-9E8E-EA93-90D080C878B3}) (Version: 2.20.106.05220 - Sony)

Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)

Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)

Microsoft Office Live Add-in 1.5 (HKLM-x32\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)

Microsoft Office Professional Plus 2016 (HKLM\...\Office16.PROPLUS) (Version: 16.0.4266.1001 - Microsoft Corporation)

Microsoft OneDrive (HKU\S-1-5-21-1603712690-2894388539-358268464-1001\...\OneDriveSetup.exe) (Version: 17.3.6743.1212 - Microsoft Corporation)

Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50906.0 - Microsoft Corporation)

Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)

Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)

Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)

Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)

Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)

Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)

Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)

Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)

Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)

Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden

Mp3tag v2.71 (HKLM-x32\...\Mp3tag) (Version: v2.71 - Florian Heidenreich)

Nikon Message Center 2 (HKLM-x32\...\{B014EE44-9197-4513-9613-71E6EB1B514E}) (Version: 2.1.0 - Nikon)

Nikon Movie Editor (HKLM-x32\...\{5CAD3393-EEC0-44CE-9F93-BCAA365B77FB}) (Version: 2.8.0 - Nikon)

NVIDIA Grafiktreiber 376.54 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 376.54 - NVIDIA Corporation)

NVIDIA PhysX-Systemsoftware 9.16.0318 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.16.0318 - NVIDIA Corporation)

OpenOffice 4.1.1 (HKLM-x32\...\{ACD0FFF9-6B35-43C1-82DB-9FF6990E8602}) (Version: 4.11.9775 - Apache Software Foundation)

Origin (HKLM-x32\...\Origin) (Version: 10.4.2.12697 - Electronic Arts, Inc.)

Outils de vÃ©rification linguistique 2016 de Microsoft OfficeÂ*- FranÃ§ais (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden

PhotoScape (HKLM-x32\...\PhotoScape) (Version:  - )

Picture Control Utility x64 (HKLM\...\{11953C65-BB4E-4CA4-B0F0-2600A4B20040}) (Version: 1.4.15 - Nikon)

Pixum Fotowelt (HKLM-x32\...\Pixum Fotowelt) (Version: 6.1.2 - CEWE Stiftung u Co. KGaA)

Qualcomm Atheros 61x4 Wireless LAN&Bluetooth Installer (HKLM-x32\...\{3241744A-BA36-41F0-B4AA-EF3946D00632}) (Version: 11.0.0.0769 - Qualcomm Atheros)

Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 10.0.1.0 - Qualcomm Atheros)

Qualcomm Atheros WLAN and Bluetooth Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 12.65 - Qualcomm Atheros)

Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.10586.31225 - Realtek Semiconduct Corp.)

Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.32.508.2014 - Realtek)

Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7564 - Realtek Semiconductor Corp.)

RollerCoaster Tycoon 3 (HKLM-x32\...\RollerCoaster Tycoon 3_is1) (Version:  - Atari)

Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.55.0 - Samsung Electronics Co., Ltd.)

SHIELD Streaming (Version: 7.1.0280 - NVIDIA Corporation) Hidden

SHIELD Wireless Controller Driver (Version: 2.11.4.1 - NVIDIA Corporation) Hidden

Skypeâ„¢ 7.33 (HKLM-x32\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.33.105 - Skype Technologies S.A.)

Smart Switch (HKLM-x32\...\InstallShield_{74FA5314-85C8-4E2A-907D-D9ECCCB770A7}) (Version: 4.0.15093.11 - Samsung Electronics Co., Ltd.)

Smart Switch (x32 Version: 4.0.15093.11 - Samsung Electronics Co., Ltd.) Hidden

Sony Mobile Update Engine (HKLM-x32\...\Update Engine) (Version: 2.16.12.201608221014 - Sony Mobile Communications Inc.)

Sony PC Companion 2.10.303 (HKLM-x32\...\{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}) (Version: 2.10.303 - Sony)

Spotify (HKU\S-1-5-21-1603712690-2894388539-358268464-1001\...\Spotify) (Version: 1.0.51.693.g6ea1e7f6 - Spotify AB)

Strumenti di correzione di Microsoft Office 2016 - Italiano (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden

TeamViewer 11 (HKLM-x32\...\TeamViewer) (Version: 11.0.53254 - TeamViewer)

Telekom Internet Manager (HKLM-x32\...\Telekom Internet Manager) (Version: 11.301.05.05.748 - Huawei Technologies Co.,Ltd)

Unlocker 1.9.2 (HKLM\...\Unlocker) (Version: 1.9.2 - Cedrick Collomb)

ViewNX 2 (HKLM\...\{635BE602-BB9C-4C59-8CC5-93F9366E8A21}) (Version: 2.8.2 - Nikon)

Vulkan Run Time Libraries 1.0.26.0 (HKLM\...\VulkanRT1.0.26.0) (Version: 1.0.26.0 - LunarG, Inc.)

Web Companion (HKLM-x32\...\{88B10E3E-8911-4FAC-8663-CCF6E33C58B3}_WebCompanion) (Version: 2.0.1025.2130 - Lavasoft)

Windows 10-Upgrade-Assistent (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.17364 - Microsoft Corporation)

Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)

Wondershare Dr.Fone for Android(Build 6.0.2.20) (HKLM-x32\...\{1DB91A95-C548-4BA5-9D4C-18C7DEAAC39F}_is1) (Version: 6.0.2.20 - Wondershare Software Co.,Ltd.)

Xperia Companion (HKLM-x32\...\{efee6944-1231-492a-a157-93409130a098}) (Version: 1.4.7.0 - Sony)

Xperia Companion (x32 Version: 1.4.7.0 - Sony) Hidden

Xperia Companion Service (Version: 1.4.7.0 - Sony) Hidden
 

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
 

CustomCLSID: HKU\S-1-5-21-1603712690-2894388539-358268464-1001_Classes\CLSID\{087B3AE3-E237-4467-B8DB-5A38AB959AC9}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\shlxthdl_x64.dll (Apache Software Foundation)

CustomCLSID: HKU\S-1-5-21-1603712690-2894388539-358268464-1001_Classes\CLSID\{144DF3B2-2402-47AE-9583-5A045929A8D4}\InprocServer32 -> C:\Users\User\AppData\Local\Google\Update\1.3.33.5\psuser_64.dll (Google Inc.)

CustomCLSID: HKU\S-1-5-21-1603712690-2894388539-358268464-1001_Classes\CLSID\{3B092F0C-7696-40E3-A80F-68D74DA84210}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\shlxthdl_x64.dll (Apache Software Foundation)

CustomCLSID: HKU\S-1-5-21-1603712690-2894388539-358268464-1001_Classes\CLSID\{63542C48-9552-494A-84F7-73AA6A7C99C1}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\shlxthdl_x64.dll (Apache Software Foundation)

CustomCLSID: HKU\S-1-5-21-1603712690-2894388539-358268464-1001_Classes\CLSID\{7BC0E710-5703-45BE-A29D-5D46D8B39262}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\ooofilt_x64.dll (Apache Software Foundation)

CustomCLSID: HKU\S-1-5-21-1603712690-2894388539-358268464-1001_Classes\CLSID\{8C46158B-D978-483C-A312-16EE5013BE04}\InprocServer32 -> C:\Users\User\AppData\Local\Google\Update\1.3.33.3\psuser_64.dll => Keine Datei

CustomCLSID: HKU\S-1-5-21-1603712690-2894388539-358268464-1001_Classes\CLSID\{AE424E85-F6DF-4910-A6A9-438797986431}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\propertyhdl_x64.dll (Apache Software Foundation)

CustomCLSID: HKU\S-1-5-21-1603712690-2894388539-358268464-1001_Classes\CLSID\{C52AF81D-F7A0-4AAB-8E87-F80A60CCD396}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\shlxthdl_x64.dll (Apache Software Foundation)

CustomCLSID: HKU\S-1-5-21-1603712690-2894388539-358268464-1001_Classes\CLSID\{CB492AF1-2CEF-4E58-BE47-471C77D0C8BA}\InprocServer32 -> C:\Users\User\AppData\Local\Google\Update\1.3.32.7\psuser_64.dll => Keine Datei

CustomCLSID: HKU\S-1-5-21-1603712690-2894388539-358268464-1001_Classes\CLSID\{CC182BE1-84CE-4A57-B85C-FD4BBDF78CB2}\InprocServer32 -> C:\Users\User\AppData\Local\Google\Update\1.3.29.1\psuser_64.dll => Keine Datei

CustomCLSID: HKU\S-1-5-21-1603712690-2894388539-358268464-1001_Classes\CLSID\{D1EDC4F5-7F4D-4B12-906A-614ECF66DDAF}\InprocServer32 -> C:\Users\User\AppData\Local\Google\Update\1.3.28.15\psuser_64.dll => Keine Datei

CustomCLSID: HKU\S-1-5-21-1603712690-2894388539-358268464-1001_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)

CustomCLSID: HKU\S-1-5-21-1603712690-2894388539-358268464-1001_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\User\AppData\Local\Google\Update\1.3.33.5\psuser_64.dll (Google Inc.)
 

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
 

Task: {05150D9E-6BE7-42C9-8DE3-A8B2D858CDB1} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [2015-07-31] (Microsoft Corporation)

Task: {122D71EB-97AC-421A-8FEC-F3FE02E7261E} - System32\Tasks\Launch Manager => C:\Program Files\Acer\Acer Launch Manager\LMLauncher.exe [2014-12-30] (Acer Incorporate)

Task: {1771C8F9-263E-4DF4-A935-523002B65486} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2017-02-14] (Apple Inc.)

Task: {21FBF08F-72CC-4A41-92F5-C68598D7BBAD} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\Program Files\Windows Defender\\MpCmdRun.exe [2017-04-28] (Microsoft Corporation)

Task: {3BCCAEE4-2072-4314-8EBF-5A276515C20A} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-01] (Google Inc.)

Task: {42172A6E-D874-49EA-89EE-EA4BC43FE44A} - System32\Tasks\EPSON XP-332 335 Series Update {3C294C30-5BFA-4052-A098-4F2949DA4796} => C:\Windows\system32\spool\DRIVERS\x64\3\E_YTSPEE.EXE [2013-11-22] (SEIKO EPSON CORPORATION)

Task: {4C60FE33-F73A-488F-9FCD-23EF8BCA0BAA} - System32\Tasks\Quick Access => C:\Program Files\Acer\Acer Quick Access\QALauncher.exe [2014-03-21] (Acer Incorporate)

Task: {57FAD439-3F62-4A01-92B8-087D5FC77BA2} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1603712690-2894388539-358268464-1001UA1d2b42b3d108749 => C:\Users\User\AppData\Local\Google\Update\GoogleUpdate.exe [2017-02-16] (Google Inc.)

Task: {5852031E-346D-441F-8A07-C388CCE4C9F9} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\Program Files\Windows Defender\\MpCmdRun.exe [2017-04-28] (Microsoft Corporation)

Task: {6CEA1093-D0D0-484B-ADF3-129ED8658BBD} - System32\Tasks\{B5948241-8367-4E45-BD45-57FF933A1216} => pcalua.exe -a "C:\Program Files (x86)\astragon\Bus-Simulator 2012\Bin_Basic_Win32\BusSimulator2012.exe" -d "C:\Program Files (x86)\astragon\Bus-Simulator 2012\Bin_Basic_Win32"

Task: {87D1B6B1-9F98-4A00-BA6B-649237F6B06C} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-01] (Google Inc.)

Task: {87E3433B-9E1B-424C-B5A6-CB33E4E9F3A8} - System32\Tasks\DolbySelectorTask => C:\Program Files\Dolby Digital Plus\ddp.exe [2014-04-07] (Dolby Laboratories Inc.)

Task: {90B2A268-7DBD-4FEF-9EF5-D1D37ECF7220} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1603712690-2894388539-358268464-1001Core1d2b42b3ce86f9b => C:\Users\User\AppData\Local\Google\Update\GoogleUpdate.exe [2017-02-16] (Google Inc.)

Task: {97F87762-6F15-4688-9B4A-F32F5467C16D} - System32\Tasks\{8D23FEC7-C2E2-4CCB-BA01-0435C9214EDA} => pcalua.exe -a "C:\Program Files (x86)\Atari\RollerCoaster Tycoon 3\RCT3plus.exe" -d "C:\Program Files (x86)\Atari\RollerCoaster Tycoon 3"

Task: {C4ED4FE5-ED89-4319-9CB5-2399C546AB8B} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\Program Files\Windows Defender\\MpCmdRun.exe [2017-04-28] (Microsoft Corporation)

Task: {CA4D814C-0386-4B56-AB0D-DB8AACB4075C} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1603712690-2894388539-358268464-1001Core => C:\Users\User\AppData\Local\Google\Update\GoogleUpdate.exe [2017-02-16] (Google Inc.)

Task: {CF413B71-BACA-4AE3-92C9-D8615F4E281C} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2015-07-31] (Microsoft Corporation)

Task: {D24E5803-25AA-487C-BE06-8FB04B227D20} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [2015-07-31] (Microsoft Corporation)

Task: {D46E9D95-1366-4E60-9E0C-B39553168F8E} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-12-19] (Adobe Systems Incorporated)

Task: {DA3ED314-99DB-4F80-9756-E5A1E992C500} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1603712690-2894388539-358268464-1001UA => C:\Users\User\AppData\Local\Google\Update\GoogleUpdate.exe [2017-02-16] (Google Inc.)

Task: {E45A8323-D967-4223-98BA-20CBE3B9D54F} - System32\Tasks\Quick Access Quick Launcher => C:\Program Files\Acer\Acer Quick Access\QALauncher.exe [2014-03-21] (Acer Incorporate)

Task: {FBE9B889-861C-4EC5-A5DC-DA647A851480} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\Program Files\Windows Defender\\MpCmdRun.exe [2017-04-28] (Microsoft Corporation)
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
 

Task: C:\WINDOWS\Tasks\EPSON XP-332 335 Series Update {3C294C30-5BFA-4052-A098-4F2949DA4796}.job => C:\Windows\system32\spool\DRIVERS\x64\3\E_YTSPEE.EXE :/EXE:{3C294C30-5BFA-4052-A098-4F2949DA4796} /F:Update  WORKGROUP\ACER$ ÄŠSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi
 

==================== VerknÃ¼pfungen =============================
 

(Die EintrÃ¤ge kÃ¶nnen gelistet werden, um sie zurÃ¼ckzusetzen oder zu entfernen.)
 

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
 

2016-07-16 13:42 - 2016-07-16 13:42 - 00231424 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll

2017-05-10 19:49 - 2017-04-28 02:49 - 02681200 _____ () C:\WINDOWS\system32\CoreUIComponents.dll

2010-08-19 10:52 - 2010-08-19 10:52 - 00229376 _____ () C:\ProgramData\DatacardService\DCService.exe

2016-09-01 18:12 - 2016-09-01 18:12 - 00092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll

2017-05-09 00:44 - 2017-05-09 00:44 - 01354040 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll

2013-10-17 15:27 - 2013-10-17 15:27 - 00166912 _____ () C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe

2016-03-01 17:18 - 2016-06-15 03:14 - 00369208 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\MessageBus.dll

2016-01-14 17:42 - 2016-06-15 03:14 - 00289848 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamBase.dll

2016-03-01 17:18 - 2016-06-15 03:14 - 03613240 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Poco.dll

2016-05-03 09:33 - 2016-06-15 03:14 - 01148984 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\libprotobuf.dll

2016-05-10 15:26 - 2005-04-22 06:36 - 00143360 _____ () C:\WINDOWS\system32\BrSNMP64.dll

2017-03-02 15:52 - 2016-12-29 15:16 - 00134712 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll

2016-05-03 09:33 - 2016-06-15 03:14 - 01990200 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\NvPortForwardPlugin.dll

2016-05-03 09:33 - 2016-06-15 03:14 - 02667576 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\NvMdnsPlugin.dll

2016-05-03 09:33 - 2016-06-15 03:14 - 01842232 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\RtspPlugin.dll

2016-01-14 17:42 - 2016-06-15 03:14 - 00208952 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\RtspServer.dll

2016-05-03 09:33 - 2016-06-15 03:14 - 00035896 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\boost_system-vc120-mt-1_58.dll

2016-05-03 09:33 - 2016-06-15 03:14 - 00921656 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\boost_regex-vc120-mt-1_58.dll

2017-05-10 19:49 - 2017-04-28 02:49 - 02681200 _____ () C:\WINDOWS\SYSTEM32\CoreUIComponents.dll

2016-01-22 13:55 - 2016-01-22 13:55 - 00553136 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll

2015-09-30 21:39 - 2016-12-19 08:16 - 00401880 _____ () C:\WINDOWS\system32\igfxTray.exe

2017-03-02 15:36 - 2017-03-02 15:36 - 00134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll

2017-03-16 18:22 - 2017-03-04 08:31 - 00474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll

2017-03-16 18:23 - 2017-03-04 08:12 - 09760768 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll

2017-03-16 18:23 - 2017-03-04 08:05 - 01401856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll

2017-03-16 18:23 - 2017-03-04 08:05 - 00757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll

2017-05-10 19:48 - 2017-04-28 01:36 - 01033216 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Actions.dll

2017-05-10 19:48 - 2017-04-28 01:36 - 02424320 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll

2017-05-10 19:48 - 2017-04-28 01:37 - 04853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll

2016-03-09 12:58 - 2016-03-09 12:58 - 00821240 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\HTC Sync\adb.exe

2017-02-19 20:07 - 2015-02-09 12:18 - 00124440 _____ () C:\Program Files\Realtek\Audio\HDA\FMAPP.exe

2017-04-27 14:21 - 2017-04-27 14:21 - 02167664 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.17032.10331.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll

2017-05-10 11:28 - 2017-05-10 11:38 - 00020480 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.425.10010.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe

2017-05-10 11:28 - 2017-05-10 11:38 - 26322944 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.425.10010.0_x64__8wekyb3d8bbwe\Microsoft.Photos.dll

2017-05-10 11:28 - 2017-05-10 11:38 - 00441856 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.425.10010.0_x64__8wekyb3d8bbwe\Microsoft.Photos.AGM.Native.Windows.dll

2017-05-10 11:28 - 2017-05-10 11:38 - 02139648 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.425.10010.0_x64__8wekyb3d8bbwe\MediaEngine.dll

2017-05-10 11:28 - 2017-05-10 11:38 - 02901928 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.425.10010.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll

2017-05-10 11:28 - 2017-05-10 11:38 - 00046080 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.425.10010.0_x64__8wekyb3d8bbwe\Microsoft.Photos.Edit.Services.dll

2017-03-02 20:33 - 2017-03-02 20:35 - 00680448 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.425.10010.0_x64__8wekyb3d8bbwe\Microsoft.DesignCore.dll

2017-05-10 11:28 - 2017-05-10 11:38 - 00641024 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.425.10010.0_x64__8wekyb3d8bbwe\Microsoft.RichMedia.Ink.Controls.dll

2017-05-10 11:28 - 2017-05-10 11:38 - 01062400 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.425.10010.0_x64__8wekyb3d8bbwe\Microsoft.Sharing.dll

2017-03-15 13:42 - 2017-03-15 13:42 - 03879424 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1703.601.0_x64__8wekyb3d8bbwe\Calculator.exe

2017-05-14 11:58 - 2017-05-09 11:13 - 03767640 _____ () C:\Program Files (x86)\Google\Chrome\Application\58.0.3029.110\libglesv2.dll

2017-05-14 11:58 - 2017-05-09 11:13 - 00100696 _____ () C:\Program Files (x86)\Google\Chrome\Application\58.0.3029.110\libegl.dll

2016-03-09 12:58 - 2016-03-09 12:58 - 00030720 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\DbAccess.dll

2016-03-09 12:58 - 2016-03-09 12:58 - 00607016 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\sqlite3.dll

2016-03-09 12:58 - 2016-03-09 12:58 - 00059392 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\NAdvLog.dll

2016-03-09 12:58 - 2016-03-09 12:58 - 00035864 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\NFileCacheDBAccess.dll

2016-03-09 12:58 - 2016-03-09 12:58 - 00079888 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\ninstallerhelper.dll

2016-03-09 12:59 - 2016-03-09 12:59 - 00129016 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\zlib1.dll

2016-03-09 13:00 - 2016-03-09 13:00 - 00223240 _____ () C:\Program Files (x86)\HTC\HTC Sync Manager\DevConnMon.dll

2016-10-09 12:11 - 2017-01-31 12:48 - 02493440 _____ () C:\Program Files (x86)\Origin\libGLESv2.dll

2015-07-06 21:36 - 2015-07-06 21:36 - 01243936 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll

2015-05-18 13:36 - 2016-06-15 03:14 - 00020536 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
 

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
 
 

==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
 

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
 

==================== VerknÃ¼pfungen (Nicht auf der Ausnahmeliste) ===============
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurÃ¼ckgesetzt oder entfernt.)
 
 

==================== Internet Explorer VertrauenswÃ¼rdig/EingeschrÃ¤nkt ===============
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
 

IE trusted site: HKU\S-1-5-21-1603712690-2894388539-358268464-1001\...\localhost -> localhost
 

==================== Hosts Inhalt: ===============================
 

(Wenn benÃ¶tigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurÃ¼ckzusetzen.)
 

2015-09-16 17:13 - 2015-09-16 17:11 - 00000840 _____ C:\WINDOWS\system32\Drivers\etc\hosts
 
 

==================== Andere Bereiche ============================
 

(Aktuell gibt es keinen automatisierten Fix fÃ¼r diesen Bereich.)
 

HKU\S-1-5-21-1603712690-2894388539-358268464-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\User\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper

DNS Servers: 192.168.178.1

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)

Windows Firewall ist aktiviert.
 

==================== MSCONFIG/TASK MANAGER Deaktivierte EintrÃ¤ge ==
 

HKLM\...\StartupApproved\Run: => "NvBackend"

HKLM\...\StartupApproved\Run: => "Logitech Download Assistant"

HKLM\...\StartupApproved\Run: => "ShadowPlay"

HKLM\...\StartupApproved\Run: => "iTunesHelper"

HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"

HKLM\...\StartupApproved\Run: => "Start WingMan Profiler"

HKLM\...\StartupApproved\Run32: => "ControlCenter4"

HKLM\...\StartupApproved\Run32: => "BrStsMon00"

HKLM\...\StartupApproved\Run32: => "KiesTrayAgent"

HKLM\...\StartupApproved\Run32: => "Adobe Creative Cloud"

HKLM\...\StartupApproved\Run32: => "Nikon Message Center 2"

HKU\S-1-5-21-1603712690-2894388539-358268464-1001\...\StartupApproved\Run: => "Skype"

HKU\S-1-5-21-1603712690-2894388539-358268464-1001\...\StartupApproved\Run: => "Spotify"

HKU\S-1-5-21-1603712690-2894388539-358268464-1001\...\StartupApproved\Run: => "Spotify Web Helper"

HKU\S-1-5-21-1603712690-2894388539-358268464-1001\...\StartupApproved\Run: => "HW_OPENEYE_OUC_Telekom Internet Manager"

HKU\S-1-5-21-1603712690-2894388539-358268464-1001\...\StartupApproved\Run: => "Google Update"

HKU\S-1-5-21-1603712690-2894388539-358268464-1001\...\StartupApproved\Run: => "MusicManager"

HKU\S-1-5-21-1603712690-2894388539-358268464-1001\...\StartupApproved\Run: => "Sony PC Companion"

HKU\S-1-5-21-1603712690-2894388539-358268464-1001\...\StartupApproved\Run: => "XperiaCompanionAgent"

HKU\S-1-5-21-1603712690-2894388539-358268464-1001\...\StartupApproved\Run: => "EPLTarget\P0000000000000000"

HKU\S-1-5-21-1603712690-2894388539-358268464-1001\...\StartupApproved\Run: => "EPLTarget\P0000000000000001"

HKU\S-1-5-21-1603712690-2894388539-358268464-1001\...\StartupApproved\Run: => "OneDrive"
 

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
 

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
 

FirewallRules: [TCP Query User{8908B21F-843E-414E-B495-18E063E07586}C:\program files (x86)\google\chrome\application\chrome.exe] => (Block) C:\program files (x86)\google\chrome\application\chrome.exe

FirewallRules: [UDP Query User{0D9D9E61-92FC-45BB-AA15-53373CA52F2C}C:\program files (x86)\google\chrome\application\chrome.exe] => (Block) C:\program files (x86)\google\chrome\application\chrome.exe

FirewallRules: [{D042D602-4A61-494C-84A6-A9EDDE550424}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

FirewallRules: [{086A11BB-4574-4E06-B10A-E798864D6F27}] => (Allow) C:\Program Files\iTunes\iTunes.exe
 

==================== Wiederherstellungspunkte =========================
 

16-05-2017 12:44:15 Windows Update
 

==================== Fehlerhafte GerÃ¤te im GerÃ¤temanager =============
 
 

==================== FehlereintrÃ¤ge in der Ereignisanzeige: =========================
 

Applikationsfehler:

==================

Error: (05/18/2017 07:43:58 PM) (Source: SideBySide) (EventID: 78) (User: )

Description: Fehler beim Generieren des Aktivierungskontexts fÃ¼r "C:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .

Eine fÃ¼r die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.

In Konflikt stehende Komponenten:.

Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.953_none_42151e83c686086b.manifest.

Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.953_none_89c2555adb023171.manifest.
 

Error: (05/18/2017 01:33:47 PM) (Source: SideBySide) (EventID: 78) (User: )

Description: Fehler beim Generieren des Aktivierungskontexts fÃ¼r "c:\program files (x86)\adobe\adobe creative cloud\utils\Creative Cloud Uninstaller.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .

Eine fÃ¼r die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.

In Konflikt stehende Komponenten:.

Komponente 1: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.953_none_89c2555adb023171.manifest.

Komponente 2: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.953_none_42151e83c686086b.manifest.
 

Error: (05/18/2017 01:33:43 PM) (Source: SideBySide) (EventID: 78) (User: )

Description: Fehler beim Generieren des Aktivierungskontexts fÃ¼r "C:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .

Eine fÃ¼r die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.

In Konflikt stehende Komponenten:.

Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.953_none_42151e83c686086b.manifest.

Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.953_none_89c2555adb023171.manifest.
 

Error: (05/18/2017 01:31:47 PM) (Source: SideBySide) (EventID: 78) (User: )

Description: Fehler beim Generieren des Aktivierungskontexts fÃ¼r "C:\Users\User\Desktop\esetsmartinstaller_deu.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .

Eine fÃ¼r die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.

In Konflikt stehende Komponenten:.

Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.953_none_42151e83c686086b.manifest.

Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.953_none_89c2555adb023171.manifest.
 

Error: (05/18/2017 01:26:53 PM) (Source: SideBySide) (EventID: 78) (User: )

Description: Fehler beim Generieren des Aktivierungskontexts fÃ¼r "c:\program files (x86)\eset\eset online scanner\ESETSmartInstaller.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .

Eine fÃ¼r die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.

In Konflikt stehende Komponenten:.

Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.953_none_42151e83c686086b.manifest.

Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.953_none_89c2555adb023171.manifest.
 

Error: (05/18/2017 10:44:28 AM) (Source: SideBySide) (EventID: 78) (User: )

Description: Fehler beim Generieren des Aktivierungskontexts fÃ¼r "c:\program files (x86)\adobe\adobe creative cloud\utils\Creative Cloud Uninstaller.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .

Eine fÃ¼r die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.

In Konflikt stehende Komponenten:.

Komponente 1: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.953_none_89c2555adb023171.manifest.

Komponente 2: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.953_none_42151e83c686086b.manifest.
 

Error: (05/18/2017 10:44:23 AM) (Source: SideBySide) (EventID: 78) (User: )

Description: Fehler beim Generieren des Aktivierungskontexts fÃ¼r "C:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .

Eine fÃ¼r die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.

In Konflikt stehende Komponenten:.

Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.953_none_42151e83c686086b.manifest.

Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.953_none_89c2555adb023171.manifest.
 

Error: (05/18/2017 10:44:00 AM) (Source: SideBySide) (EventID: 78) (User: )

Description: Fehler beim Generieren des Aktivierungskontexts fÃ¼r "C:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .

Eine fÃ¼r die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.

In Konflikt stehende Komponenten:.

Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.953_none_42151e83c686086b.manifest.

Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.953_none_89c2555adb023171.manifest.
 

Error: (05/18/2017 10:43:16 AM) (Source: SideBySide) (EventID: 78) (User: )

Description: Fehler beim Generieren des Aktivierungskontexts fÃ¼r "C:\Users\User\Desktop\esetsmartinstaller_deu.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .

Eine fÃ¼r die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.

In Konflikt stehende Komponenten:.

Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.953_none_42151e83c686086b.manifest.

Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.953_none_89c2555adb023171.manifest.
 

Error: (05/18/2017 10:43:10 AM) (Source: SideBySide) (EventID: 78) (User: )

Description: Fehler beim Generieren des Aktivierungskontexts fÃ¼r "c:\users\user\desktop\esetsmartinstaller_deu.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .

Eine fÃ¼r die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.

In Konflikt stehende Komponenten:.

Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.953_none_42151e83c686086b.manifest.

Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.953_none_89c2555adb023171.manifest.
 
 

Systemfehler:

=============

Error: (05/18/2017 01:34:38 PM) (Source: Service Control Manager) (EventID: 7000) (User: )

Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet: 

Der Treiber konnte nicht geladen werden.
 

Error: (05/18/2017 01:34:38 PM) (Source: Application Popup) (EventID: 1060) (User: )

Description: \??\C:\Users\User\AppData\Local\Temp\ehdrv.sys
 

Error: (05/18/2017 01:34:38 PM) (Source: Service Control Manager) (EventID: 7000) (User: )

Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet: 

Der Treiber konnte nicht geladen werden.
 

Error: (05/18/2017 01:34:38 PM) (Source: Application Popup) (EventID: 1060) (User: )

Description: \??\C:\Users\User\AppData\Local\Temp\ehdrv.sys
 

Error: (05/18/2017 01:34:38 PM) (Source: Service Control Manager) (EventID: 7000) (User: )

Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet: 

Der Treiber konnte nicht geladen werden.
 

Error: (05/18/2017 01:34:38 PM) (Source: Application Popup) (EventID: 1060) (User: )

Description: \??\C:\Users\User\AppData\Local\Temp\ehdrv.sys
 

Error: (05/18/2017 01:34:09 PM) (Source: Service Control Manager) (EventID: 7000) (User: )

Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet: 

Der Treiber konnte nicht geladen werden.
 

Error: (05/18/2017 01:34:09 PM) (Source: Application Popup) (EventID: 1060) (User: )

Description: \??\C:\Users\User\AppData\Local\Temp\ehdrv.sys
 

Error: (05/18/2017 01:34:08 PM) (Source: Service Control Manager) (EventID: 7000) (User: )

Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet: 

Der Treiber konnte nicht geladen werden.
 

Error: (05/18/2017 01:34:08 PM) (Source: Application Popup) (EventID: 1060) (User: )

Description: \??\C:\Users\User\AppData\Local\Temp\ehdrv.sys
 
 

CodeIntegrity:

===================================

  Date: 2017-05-18 16:43:54.895

  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\DriverStore\FileRepository\nvacwu.inf_amd64_31f4ef4821269ebb\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 

  Date: 2017-05-18 16:43:54.475

  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Common Files\microsoft shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
 

  Date: 2017-05-15 15:14:50.633

  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\DriverStore\FileRepository\nvacwu.inf_amd64_31f4ef4821269ebb\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 

  Date: 2017-05-15 15:14:50.365

  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Common Files\microsoft shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
 

  Date: 2017-05-12 11:04:19.830

  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\DriverStore\FileRepository\nvacwu.inf_amd64_31f4ef4821269ebb\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 

  Date: 2017-05-12 11:04:19.523

  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Common Files\microsoft shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
 

  Date: 2017-05-02 22:32:44.577

  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\DriverStore\FileRepository\nvacwu.inf_amd64_31f4ef4821269ebb\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.
 

  Date: 2017-05-02 22:32:44.446

  Description: Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume4\Program Files\Common Files\microsoft shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
 
 

==================== Speicherinformationen =========================== 
 

Prozessor: Intel(R) Core(TM) i5-4210U CPU @ 1.70GHz

Prozentuale Nutzung des RAM: 34%

Installierter physikalischer RAM: 8115.27 MB

Verfügbarer physikalischer RAM: 5311.92 MB

Summe virtueller Speicher: 9395.27 MB

Verfügbarer virtueller Speicher: 6360.93 MB
 

==================== Laufwerke ================================
 

Drive c: () (Fixed) (Total:269.49 GB) (Free:161.99 GB) NTFS

Drive d: () (Fixed) (Total:195.31 GB) (Free:18.97 GB) NTFS
 

==================== MBR & Partitionstabelle ==================
 

========================================================

Disk: 0 (Size: 465.8 GB) (Disk ID: 00000000)
 

Partition: GPT.
 

==================== Ende von Addition.txt ============================

Vielen herzlichen Dank für deine UNSAGBAR tolle Hilfe!!! Dieses Generve ist endlich vorbei und ich kann mir sicher sein, dass ich nun wieder sicher surfe. (Denk ich doch :D)

Ganz viele liebe Grüße!

Alle Zeitangaben in WEZ +1. Es ist jetzt 13:13 Uhr.

Seite 2 von 3

100 Beiträge dieses Themas auf einer Seite anzeigen

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131