| |
| |||||||
Log-Analyse und Auswertung: HILFE: Programme können keine Internetverbindung herstellenWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML |
 |
25.10.2015, 15:51
| #1 |
| |  HILFE: Programme können keine Internetverbindung herstellen Hallo, ich bin neu hier und seit heute erst registriert. Ich benötige dringend Hilfe mit meinem Laptop bzw. dem Laptop meines Neffen. Seit ein paar Tagen können Programme wie z. B. Dropbox keine Verbindung zum Internet herstellen. Ich habe daher z. B. Dropbox deinstalliert und dachte, nach einer Neuinstallation funktioniert bestimmt alles wieder. Ich konnte den Installer zwar runterladen aber bekomme dann die Meldung, dass Dropboxupdate.exe keine Verbindung mit dem Internet herstellen kann. Das gleiche nun auch mit Chrome, den ich neu installieren wollte, oder Avira. Ich kann zwar immer das Setup runterladen, aber sobald eine Internetverbindung hergestellt werden soll, klappt nichts mehr. Natürlich habe ich schon einiges probiert. Firewall aus, Sicherheitsprogramme aus, Systemwiederherstellung, abgesicherter Modus etc. etc. Ich weiß einfach nicht mehr weiter. Surfen im Internet ist auch problemlos möglich. Windows neu installieren möchte ich wirklich ungern. Mein Neffe ist Autist und wird bei jeder kleinsten Änderung am Laptop total durchdrehen, zumal er den Trainz Simulator installiert hat und ich nicht weiß und ich nicht weiß, ob ich die Einstellungen und Daten 1:1 wieder herstellen kann. Vielleicht hat hier ja noch jemand eine Idee, was ich machen könnte. Es ist auch soviel Mist auf dem Laptop installiert, dass es leicht sein kann, dass er sich was eingefangen hat. Vor einigen Wochen war das auch der Fall und ich konnte aber alles entfernen und die Sicherheitsprogramme finden auch nichts mehr. Ich hab auch einige Diagnosetools laufen lassen, wie es hier beschrieben wurde. Die Logfiles hänge ich an. Es wäre wirklich super, wenn mir einer von euch helfen kann. Tausend Dank schon mal im Voraus fürs Durchlesen!  Viele Grüße Nordlicht Code:
ATTFilter FRST Additions Logfile:
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:25-10-2015 01
durchgeführt von Caro (2015-10-25 15:14:11)
Gestartet von C:\Users\Caro\Downloads
Windows 7 Professional Service Pack 1 (X64) (2013-05-14 13:54:03)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-145023533-3589648127-3996658433-500 - Administrator - Disabled)
Caro (S-1-5-21-145023533-3589648127-3996658433-1000 - Administrator - Enabled) => C:\Users\Caro
Gast (S-1-5-21-145023533-3589648127-3996658433-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-145023533-3589648127-3996658433-1002 - Limited - Enabled)
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
64 Bit HP CIO Components Installer (Version: 6.2.2 - Hewlett-Packard) Hidden
Adobe Flash Player 19 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 19.0.0.226 - Adobe Systems Incorporated)
Adobe Flash Player 19 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 19.0.0.207 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.13) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.13 - Adobe Systems Incorporated)
aerosoft's - Berliner S-Bahn Teil 1 (HKLM-x32\...\{2AEB2EFA-477F-4F3F-9864-356AC2141F45}) (Version: - )
Apple Application Support (HKLM-x32\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{2EF5D87E-B7BD-458F-8428-E4D0B8B4E65C}) (Version: 7.0.0.117 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Bejeweled 2 (HKLM-x32\...\Bejeweled 2) (Version: - )
Berlin Subway (HKLM-x32\...\Berlin Subway) (Version: - )
Big Fish: Game Manager (HKLM-x32\...\BFGC) (Version: 3.3.0.2 - )
BlueStacks App Player (HKLM-x32\...\BlueStacks App Player) (Version: 0.8.3.3026 - BlueStack Systems, Inc.)
BlueStacks Notification Center (HKLM-x32\...\{757C4173-6457-48F5-898E-CF6A8E62287F}) (Version: 0.8.3.3026 - BlueStack Systems, Inc.)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.10 - Piriform)
Conexant 20585 SmartAudio HD (HKLM\...\CNXT_AUDIO_HDA) (Version: 4.95.48.50 - Conexant)
Dienstprogramm "ThinkPad UltraNav" (HKLM-x32\...\{17CBC505-D1AE-459D-B445-3D2000A85842}) (Version: 2.13.0 - Lenovo)
Ditto (HKLM-x32\...\Ditto_is1) (Version: - Scott Brogden)
DVD Shrink 3.2 (HKLM-x32\...\DVD Shrink_is1) (Version: - DVD Shrink)
Energie-Manager (HKLM-x32\...\{DAC01CEE-5BAE-42D5-81FC-B687E84E8405}) (Version: 6.54 - )
Freemake Video Converter Version 4.1.3 (HKLM-x32\...\Freemake Video Converter_is1) (Version: 4.1.3 - Ellora Assets Corporation)
Google Earth Plug-in (HKLM-x32\...\{4AB54F11-2F8C-11E3-B09F-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (x32 Version: 1.3.28.15 - Google Inc.) Hidden
Gutterball 2 (HKLM-x32\...\Gutterball 2) (Version: - )
HP Photosmart B109a-m All-in-One Driver 14.0 Rel. 6 (HKLM\...\{A253A57F-4319-49B5-B405-64587FFBCFE2}) (Version: 14.0 - HP)
Insaniquarium (HKLM-x32\...\9a14c916588716e1e4a91a4414907685) (Version: - Zylom)
Insaniquarium (HKLM-x32\...\Insaniquarium) (Version: - )
Insaniquarium Deluxe (HKLM-x32\...\83613e33cdfb26e53eee08e5d2a7a45d) (Version: - Zylom)
Integrated Camera Driver Installer Package Ver.1.1.0.48 (HKLM-x32\...\{C3CD17B4-08B0-492D-8A4C-81716D33E520}) (Version: 1.1.0.48 - RICOH)
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 6.0.0.1179 - Intel Corporation)
Intel(R) Network Connections Drivers (HKLM\...\PROSet) (Version: 16.8 - Intel)
Intel® PROSet/Wireless WiFi-Software (HKLM\...\{ECE5B218-A086-4E18-A362-D11181681457}) (Version: 15.03.1000.1637 - Intel Corporation)
iTunes (HKLM\...\{D601CEAD-2E4F-4BBB-85CC-C29A4CE6A3C0}) (Version: 11.1.3.8 - Apple Inc.)
Java 8 Update 60 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418060F0}) (Version: 8.0.600.27 - Oracle Corporation)
Java 8 Update 60 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218060F0}) (Version: 8.0.600.27 - Oracle Corporation)
Jewel Quest (HKLM-x32\...\Jewel Quest) (Version: - )
Jewel Quest 2 (HKLM-x32\...\Jewel Quest 2_is1) (Version: 1.0 - Media Contact LLC)
Jewel Quest Mysteries: The Seventh Gate (nur deinstallation) (HKLM-x32\...\Jewel Quest Mysteries: The Seventh Gate) (Version: - )
Lenovo Patch Utility (x32 Version: 1.3.2.4 - Lenovo Group Limited) Hidden
Lenovo Patch Utility 64 bit (HKLM\...\{0369F866-2CE0-4EB9-B426-88FA122C6E82}) (Version: 1.3.0.9 - Lenovo Group Limited)
Lenovo Power Management Driver (HKLM\...\Power Management Driver) (Version: 1.66.00.22 - )
Lenovo System Interface Driver (HKLM\...\LENOVO.SMIIF) (Version: 1.05 - )
Lenovo System Update (HKLM-x32\...\{25C64847-B900-48AD-A164-1B4F9B774650}) (Version: 5.07.0008 - Lenovo)
Loksim3D (HKLM\...\Loksim3D_is1) (Version: 2.9.1 - Loksim3D)
Luxor (HKLM-x32\...\Luxor) (Version: - )
Magic Ball 2 (HKLM-x32\...\Magic Ball 2) (Version: - )
Metric Collection SDK (x32 Version: 1.1.0005.00 - Lenovo Group Limited) Hidden
MetroSimulator Beta (HKLM-x32\...\{441747C6-3DC7-4DB5-9D2A-0C1C25DEF1D7}) (Version: 0.5.39 - MetroSimulator)
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Office Home and Business 2010 (HKLM\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Korrekturhilfen 2013 - Deutsch (HKLM\...\{90150000-001F-0407-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40728.0 - Microsoft Corporation)
Microsoft Train Simulator (HKLM-x32\...\Train Simulator 1.0) (Version: - )
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Mobile Partner (HKLM-x32\...\Mobile Partner) (Version: 21.005.15.02.382 - Huawei Technologies Co.,Ltd)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
NVIDIA 3D Vision Treiber 311.00 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 311.00 - NVIDIA Corporation)
NVIDIA Grafiktreiber 311.00 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 311.00 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.18.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.18.0 - NVIDIA Corporation)
openBVE (HKLM-x32\...\openBVE) (Version: - )
Opera Stable 31.0.1889.230 (HKLM-x32\...\Opera 31.0.1889.230) (Version: 31.0.1889.230 - Opera Software)
PDF24 Creator 5.7.0 (HKLM-x32\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version: - PDF24.org)
Project 64 version 2.1.0.1 (HKLM-x32\...\Project 64_is1) (Version: 2.1.0.1 - )
ProTrain Perfect 2 - Aufgabenpack Berlin - (HKLM-x32\...\{A2F978D1-1FD9-4B75-BC29-DE0C3011FBA4}) (Version: 1.0 - Blue Sky Interactive)
ProTrain Perfect 2 (HKLM-x32\...\AuranTS2009_ptp2_is1) (Version: - Auran)
PS_AIO_06_B109a-m_SW_Min (x32 Version: 140.0.690.000 - Hewlett-Packard) Hidden
PuzzleExpress (HKLM-x32\...\PuzzleExpress) (Version: - )
RailDriver for MSTS (HKLM-x32\...\{32C47C66-6393-413B-92D6-295E8A1D65DC}) (Version: - )
RailDriver for TS2009 (HKLM-x32\...\RDTS2009) (Version: - P.I. Engineering)
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
Scan (x32 Version: 140.0.80.000 - Hewlett-Packard) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (HKLM\...\{90140000-003D-0000-1000-0000000FF1CE}_Office14.SingleImage_{A3364707-2F53-4C83-8F68-C9877A9080C7}) (Version: - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (Version: - Microsoft) Hidden
Shape Shifter (HKLM-x32\...\Shape Shifter) (Version: - )
Shark007 STANDARD Codecs (HKLM-x32\...\{898E81AD-6DB9-4750-866B-B8958C5DC7AA}) (Version: 2.8.2 - Shark007)
Shark007 STANDARD x64Components (HKLM\...\STANDARD x64Components_is1) (Version: 2.8.2 - Shark007)
Solitaire Meister (HKLM-x32\...\Solitaire Meister_is1) (Version: - )
SpongeBob Collapse (HKLM-x32\...\SpongeBob Collapse) (Version: - )
Teletubbies Pairs version 2.03 (HKLM-x32\...\Teletubbies Pairs_is1) (Version: 2.03 - )
Tennis Titans (HKLM-x32\...\Tennis Titans) (Version: - )
ThinkPad Bluetooth with Enhanced Data Rate Software (HKLM\...\{9E9D49A4-1DF4-4138-B7DB-5D87A893088E}) (Version: 6.2.1.3100 - Broadcom Corporation)
ThinkPad FullScreen Magnifier (HKLM\...\ThinkPad FullScreen Magnifier) (Version: 2.42 - )
ThinkPad Modem Adapter (HKLM\...\CNXT_MODEM_HDA_HSF) (Version: 7.80.5.0 - Conexant Systems)
ThinkPad UltraNav Driver (HKLM\...\SynTPDeinstKey) (Version: 15.1.19.0 - )
ThinkVantage Access Connections (HKLM-x32\...\{8E537894-A559-4D60-B3CB-F4485E3D24E3}) (Version: 6.25.65 - Lenovo)
ThinkVantage Communications Utility (HKLM\...\{88C6A6D9-324C-46E8-BA87-563D14021442}_is1) (Version: 2.10.0.0 - Lenovo)
ThinkVantage System für aktiven Festplattenschutz (HKLM\...\{46A84694-59EC-48F0-964C-7E76E9F8A2ED}) (Version: 1.77.0.11 - Lenovo)
Toolbox (x32 Version: 140.0.428.000 - Hewlett-Packard) Hidden
Trainz: Engineer's Edition (HKLM-x32\...\AuranTS2009_is1) (Version: - Auran)
Tubby Toast! version 2.0 (HKLM-x32\...\Tubby Toast!_is1) (Version: 2.0 - )
TubbyBuddy 1.1 (HKLM-x32\...\TubbyBuddy_is1) (Version: - Complete Control Limited)
Tumblebugs (HKLM-x32\...\Tumblebugs) (Version: - )
VLC media player (HKLM\...\VLC media player) (Version: 2.2.1 - VideoLAN)
Windows Driver Package - Broadcom (BTHUSB) Bluetooth (04/08/2010 6.3.5.430) (HKLM\...\DE7217D2A8B057F15EC6E52329FDAB84231521E8) (Version: 04/08/2010 6.3.5.430 - Broadcom)
Windows Driver Package - Broadcom HIDClass (07/28/2009 6.2.0.9800) (HKLM\...\3BA80AB4C7E9F8497C115C844953A3D4BEB84D21) (Version: 07/28/2009 6.2.0.9800 - Broadcom)
WinRAR 5.01 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH)
World of Subways Vol.2 (HKLM-x32\...\{0A902DF4-B767-49DB-98D3-D413E6F1E703}) (Version: 1.30 - TML-Studios)
Zuma (HKLM-x32\...\Zuma) (Version: - )
Zylom Games Player Plugin (HKLM-x32\...\Zylom Games Player Plugin) (Version: - Zylom Games)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Wiederherstellungspunkte =========================
22-10-2015 14:39:46 Windows Update
25-10-2015 11:16:51 Windows Update
25-10-2015 11:21:33 Windows Update
25-10-2015 13:16:44 Wiederherstellungsvorgang
25-10-2015 14:43:04 JRT Pre-Junkware Removal
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {0AB3756C-C8A7-4DBC-8ADE-A51B2319014E} - System32\Tasks\{6CBF6E45-F0CC-41E0-97C1-40386FEB46AA} => pcalua.exe -a "C:\Program Files (x86)\VS Revo Group\Revo Uninstaller\Revouninstaller.exe" -d "C:\Program Files (x86)\VS Revo Group\Revo Uninstaller"
Task: {0FE27E65-EBF4-4968-9E20-9828FE973C59} - System32\Tasks\3IUdz27uKHE3 => C:\Users\Caro\AppData\Roaming\3IUdz27uKHE3.exe <==== ACHTUNG
Task: {1C277A6A-44B6-4A7B-8BF7-792B8EF8913E} - System32\Tasks\0HY6jnMulJz => C:\Users\Caro\AppData\Roaming\0HY6jnMulJz.exe <==== ACHTUNG
Task: {30D6C625-33C6-4994-9B59-4C6664809E4F} - System32\Tasks\SW => C:\Users\Caro\AppData\Roaming\SW.exe <==== ACHTUNG
Task: {37DA7E4A-872B-4CA9-AD6F-86905B514B3B} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
Task: {44CBA40D-6DE3-440F-88B0-C47D4DB6E7C9} - System32\Tasks\{0085BA02-87BD-416E-AAFB-DC79392C0368} => pcalua.exe -a C:\Users\Caro\Downloads\gamesplayerinstall.exe -d C:\Users\Caro\Downloads
Task: {653DA39A-1567-47F6-9CD2-752D1C988983} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-09-16] (Piriform Ltd)
Task: {75D9BD6B-0FDB-4A0A-8271-CBE4C2D3C3BE} - System32\Tasks\9VFLCh0TRTTT5P => C:\Users\Caro\AppData\Roaming\9VFLCh0TRTTT5P.exe <==== ACHTUNG
Task: {76CAA7AB-A309-4757-9241-6C6A762C88E1} - System32\Tasks\dXWO2ljrxOsM8BUr51A4uhDh => C:\Users\Caro\AppData\Roaming\dXWO2ljrxOsM8BUr51A4uhDh.exe <==== ACHTUNG
Task: {9B4FDEA1-4FA5-45A6-BA90-606E2335592C} - System32\Tasks\Opera scheduled Autoupdate 1441648625 => C:\Program Files (x86)\Opera\launcher.exe [2015-09-02] (Opera Software)
Task: {9B902D04-A3D0-40CD-9759-FD3EC9C99BCC} - System32\Tasks\TVT\TVSUUpdateTask => C:\Program Files (x86)\Lenovo\System Update\tvsuShim.exe [2015-09-10] ()
Task: {9C9C8F5A-6C11-47BA-80EA-66C6C02436C5} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-10-19] (Adobe Systems Incorporated)
Task: {B41F9A1B-A14C-496F-92F1-A73951F1DEA6} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-09-14] (Adobe Systems Incorporated)
Task: {C2E1FDA6-FD14-476B-B61F-207222B84D57} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 => C:\Program Files (x86)\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe [2014-02-13] (Lenovo)
Task: {C5FE05C9-D45B-4688-BE28-A63CB5FDE7F4} - System32\Tasks\OXQC => C:\Users\Caro\AppData\Roaming\OXQC.exe <==== ACHTUNG
Task: {D036D7D4-769B-4865-BC42-E16084BC9A78} - System32\Tasks\{AA4CA655-6E1C-41EE-9FF0-1AFF970B1AF0} => pcalua.exe -a C:\Users\Caro\Downloads\Setup.exe -d C:\Users\Caro\Downloads
Task: {E0496293-BBD1-496E-9928-EB2D73CBA428} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {E5A67C7B-1A8E-4D2F-9C4B-1FEA00F5FEEA} - System32\Tasks\{A133D3E3-449F-48CC-9258-143C7DB2AF6E} => pcalua.exe -a "C:\Users\Caro\Downloads\gamesplayerinstall (1).exe" -d C:\Users\Caro\Downloads
Task: {EBEA4AAC-8A6D-47BA-B6CF-93878093B99F} - \cfr3011 -> Keine Datei <==== ACHTUNG
Task: {F068D328-7B06-466B-BE3A-93B62952FBD4} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-30] (Google Inc.)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\Windows\Tasks\0HY6jnMulJz.job => C:\Users\Caro\AppData\Roaming\0HY6jnMulJz.exe <==== ACHTUNG
Task: C:\Windows\Tasks\3IUdz27uKHE3.job => C:\Users\Caro\AppData\Roaming\3IUdz27uKHE3.exe <==== ACHTUNG
Task: C:\Windows\Tasks\9VFLCh0TRTTT5P.job => C:\Users\Caro\AppData\Roaming\9VFLCh0TRTTT5P.exe <==== ACHTUNG
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\dXWO2ljrxOsM8BUr51A4uhDh.job => C:\Users\Caro\AppData\Roaming\dXWO2ljrxOsM8BUr51A4uhDh.exe <==== ACHTUNG
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\OXQC.job => C:\Users\Caro\AppData\Roaming\OXQC.exe <==== ACHTUNG
Task: C:\Windows\Tasks\SW.job => C:\Users\Caro\AppData\Roaming\SW.exe <==== ACHTUNG
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2013-05-17 08:48 - 2013-04-23 05:54 - 00104960 ____N () C:\Program Files (x86)\ThinkPad\Utilities\GR\PWMRT64V.DLL
2015-09-10 19:32 - 2013-04-05 20:27 - 02231296 _____ () C:\Windows\system32\ac3filter.acm
2013-04-21 20:44 - 2013-04-21 20:44 - 00087952 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2013-04-21 20:44 - 2013-04-21 20:44 - 01242952 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2015-10-25 15:13 - 2015-10-25 15:13 - 00380416 _____ () C:\Users\Caro\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\D2N3QU7F\Gmer-19357.exe
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
AlternateDataStreams: C:\Windows\system32\Drivers\ezdnwtyt.sys:changelist
AlternateDataStreams: C:\ProgramData\TEMP:2CB9631F
AlternateDataStreams: C:\ProgramData\TEMP:862BDB1A
AlternateDataStreams: C:\ProgramData\TEMP:AD022376
AlternateDataStreams: C:\ProgramData\TEMP:ADF211B1
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-145023533-3589648127-3996658433-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Caro\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist deaktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Digital Line Detect.lnk => C:\Windows\pss\Digital Line Detect.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^Caro^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk => C:\Windows\pss\Dropbox.lnk.Startup
MSCONFIG\startupreg: BlueStacks Agent => C:\Program Files (x86)\BlueStacks\HD-Agent.exe
MSCONFIG\startupreg: Ditto => C:\Program Files (x86)\Ditto\Ditto.exe
MSCONFIG\startupreg: gmsd_de_005010083 =>
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: NextLive => C:\Windows\SysWOW64\rundll32.exe "C:\Users\Caro\AppData\Roaming\newnext.me\nengine.dll",EntryPoint -m l
MSCONFIG\startupreg: PDFPrint => C:\Program Files (x86)\PDF24\pdf24.exe
MSCONFIG\startupreg: RotateImage => C:\Program Files (x86)\Integrated Camera Driver\X64\RCIMGDIR.exe
MSCONFIG\startupreg: SmartAudio => C:\Program Files\CONEXANT\SAII\SAIICpl.exe /t
MSCONFIG\startupreg: YTDownloader => "C:\Program Files (x86)\YTDownloader\YTDownloader.exe" /boot
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [TCP Query User{450FBB68-6CD2-4724-8B2A-E0D59FF3D87F}C:\program files (x86)\ditto\ditto.exe] => (Allow) C:\program files (x86)\ditto\ditto.exe
FirewallRules: [UDP Query User{972A32D8-58EC-48BA-9446-D7E0DF0D78F6}C:\program files (x86)\ditto\ditto.exe] => (Allow) C:\program files (x86)\ditto\ditto.exe
FirewallRules: [{04AA4169-818F-489C-8753-6041237482DC}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe
FirewallRules: [{78CA72CB-323B-49A7-8D8B-9ABFC0F704B2}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{34C575AE-A92E-4188-ADCE-F8885AA1431C}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{7577B79A-03DF-4CEE-AE4F-3045C6CEFE2D}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{53BE1623-46C0-418B-B7B1-4A98F3D3065B}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [TCP Query User{9544A5F8-C61B-4E9F-9039-BAEA824E746E}C:\program files (x86)\ditto\ditto.exe] => (Allow) C:\program files (x86)\ditto\ditto.exe
FirewallRules: [UDP Query User{311DC358-CFD8-4042-AC32-D99F2C2FE249}C:\program files (x86)\ditto\ditto.exe] => (Allow) C:\program files (x86)\ditto\ditto.exe
FirewallRules: [{78A1C0FA-1995-4511-AF76-C2C5711FCE5A}] => (Allow) C:\Program Files (x86)\iTunes\iTunes.exe
FirewallRules: [{3F83D1CB-F33C-4516-8AE1-EABA7B6F9BF1}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqkygrp.exe
FirewallRules: [{7C2A6D26-E46A-413F-BE77-C4DCB66BC93D}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpfccopy.exe
FirewallRules: [{A9F2845D-C262-4466-885C-E1814CBB12BD}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpiscnapp.exe
FirewallRules: [{5522456B-735F-4531-BD3D-31CF76586D93}] => (Allow) C:\Program Files (x86)\Lenovo\System Update\uncserver.exe
FirewallRules: [{7E7CB952-BAB2-459B-AF67-C28BA6610956}] => (Allow) C:\Program Files (x86)\Lenovo\System Update\uncserver.exe
FirewallRules: [{D29B395C-2328-448C-BF9B-66199EEB074B}] => (Allow) C:\Users\Caro\Downloads\DropboxInstaller.exe
FirewallRules: [{68BFCE3A-3D5A-4566-97B0-EC9B2A8AF174}] => (Allow) C:\Users\Caro\Downloads\DropboxInstaller.exe
FirewallRules: [{C77F1B64-1041-4056-918E-7F86CB67ED79}] => (Allow) C:\Users\Caro\Downloads\DropboxInstaller.exe
FirewallRules: [{DC29D231-9592-4B53-95DA-78F2D6EC63AA}] => (Allow) C:\Users\Caro\Downloads\DropboxInstaller.exe
==================== Fehlerhafte Geräte im Gerätemanager =============
Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft-Teredo-Tunneling-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (10/25/2015 02:24:49 PM) (Source: Windows Search Service) (EventID: 7010) (User: )
Description: Der Index kann nicht initialisiert werden.
Details:
Der Inhaltsindexkatalog ist fehlerhaft. (HRESULT : 0xc0041801) (0xc0041801)
Error: (10/25/2015 02:24:49 PM) (Source: Windows Search Service) (EventID: 3058) (User: )
Description: Die Anwendung kann nicht initialisiert werden.
Kontext: Windows Anwendung
Details:
Der Inhaltsindexkatalog ist fehlerhaft. (HRESULT : 0xc0041801) (0xc0041801)
Error: (10/25/2015 02:24:49 PM) (Source: Windows Search Service) (EventID: 3028) (User: )
Description: Das Gatherer-Objekt kann nicht initialisiert werden.
Kontext: Windows Anwendung, SystemIndex Katalog
Details:
Der Inhaltsindexkatalog ist fehlerhaft. (HRESULT : 0xc0041801) (0xc0041801)
Error: (10/25/2015 02:24:49 PM) (Source: Windows Search Service) (EventID: 3029) (User: )
Description: Plug-In in <Search.TripoliIndexer> kann nicht initialisiert werden.
Kontext: Windows Anwendung, SystemIndex Katalog
Details:
Element nicht gefunden. (HRESULT : 0x80070490) (0x80070490)
Error: (10/25/2015 02:24:47 PM) (Source: Windows Search Service) (EventID: 3029) (User: )
Description: Plug-In in <Search.JetPropStore> kann nicht initialisiert werden.
Kontext: Windows Anwendung, SystemIndex Katalog
Details:
Der Inhaltsindexkatalog ist fehlerhaft. (HRESULT : 0xc0041801) (0xc0041801)
Error: (10/25/2015 02:24:47 PM) (Source: Windows Search Service) (EventID: 9002) (User: )
Description: Die Eigenschaftenspeicherdaten können von Windows Search nicht geladen werden.
Kontext: Windows Anwendung, SystemIndex Katalog
Details:
Die Inhaltsindexdatenbank ist fehlerhaft. (HRESULT : 0xc0041800) (0xc0041800)
Error: (10/25/2015 02:24:47 PM) (Source: Windows Search Service) (EventID: 7042) (User: )
Description: Windows Search wird aufgrund eines Problems bei der Indizierung The catalog is corrupt beendet.
Details:
Der Inhaltsindexkatalog ist fehlerhaft. (HRESULT : 0xc0041801) (0xc0041801)
Error: (10/25/2015 02:24:47 PM) (Source: Windows Search Service) (EventID: 7040) (User: )
Description: Vom Suchdienst wurden beschädigte Datendateien im Index {id=4700} erkannt. Vom Dienst wird versucht, dieses Problem durch Neuerstellung des Indexes automatisch zu beheben.
Details:
Der Inhaltsindexkatalog ist fehlerhaft. (HRESULT : 0xc0041801) (0xc0041801)
Error: (10/25/2015 02:24:47 PM) (Source: Windows Search Service) (EventID: 9000) (User: )
Description: Der Jet-Eigenschaftenspeicher kann von Windows Search nicht geöffnet werden.
Details:
0x%08x (0xc0041800 - Die Inhaltsindexdatenbank ist fehlerhaft. (HRESULT : 0xc0041800))
Error: (10/25/2015 02:24:47 PM) (Source: ESENT) (EventID: 455) (User: )
Description: Windows (1144) Windows: Fehler -1811 beim Öffnen von Protokolldatei C:\ProgramData\Microsoft\Search\Data\Applications\Windows\MSS0029D.log.
Systemfehler:
=============
Error: (10/25/2015 02:43:46 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Microsoft .NET Framework NGEN v4.0.30319_X86" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 120000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (10/25/2015 02:43:46 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Microsoft .NET Framework NGEN v4.0.30319_X64" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 120000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (10/25/2015 02:43:46 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Power Manager DBC Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (10/25/2015 02:43:46 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Media Player-Netzwerkfreigabedienst" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (10/25/2015 02:43:45 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "AcSvc" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (10/25/2015 02:43:45 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Intel(R) PROSet/Wireless Zero Configuration Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (10/25/2015 02:43:45 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Intel(R) PROSet/Wireless Registry Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (10/25/2015 02:43:45 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Lenovo Keyboard Noise Reduction" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (10/25/2015 02:43:45 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Lenovo Camera Mute" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (10/25/2015 02:43:45 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "HWDeviceService64.exe" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
CodeIntegrity:
===================================
Date: 2015-10-25 15:14:03.854
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\appid.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2015-10-25 15:14:03.781
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\appid.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2015-10-25 15:13:57.916
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\SysWOW64\appidapi.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2015-10-25 15:13:57.824
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\SysWOW64\appidapi.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2015-10-25 15:13:49.966
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\appidapi.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2015-10-25 15:13:49.864
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\appidapi.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2015-10-25 15:13:30.726
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\appid.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2015-10-25 15:13:30.646
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Windows\System32\drivers\appid.sys" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2015-09-10 19:38:22.101
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\BubbleSound\BubbleSound.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
Date: 2015-09-10 19:38:22.059
Description: Die Abbildintegrität der Datei "\Device\HarddiskVolume2\Program Files\BubbleSound\BubbleSound.dll" konnte nicht überprüft werden, da der Satz seitenbezogener Abbildhashes auf dem System nicht gefunden wurde.
==================== Speicherinformationen ===========================
Prozessor: Intel(R) Core(TM) i5 CPU M 560 @ 2.67GHz
Prozentuale Nutzung des RAM: 25%
Installierter physikalischer RAM: 8051.67 MB
Verfügbarer physikalischer RAM: 5981.06 MB
Summe virtueller Speicher: 16101.55 MB
Verfügbarer virtueller Speicher: 13930.99 MB
==================== Laufwerke ================================
Drive c: () (Fixed) (Total:297.99 GB) (Free:185.88 GB) NTFS
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298.1 GB) (Disk ID: CABC8876)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=298 GB) - (Type=07 NTFS)
==================== Ende von Addition.txt ============================
FRST Logfile: Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:25-10-2015 01
durchgeführt von Caro (Administrator) auf CARO-PC (25-10-2015 15:13:05)
Gestartet von C:\Users\Caro\Downloads
Geladene Profile: Caro (Verfügbare Profile: Caro)
Platform: Windows 7 Professional Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser nicht gefunden!)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Broadcom Corporation.) C:\Program Files\ThinkPad\Bluetooth Software\btwdins.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
==================== Registry (Nicht auf der Ausnahmeliste) ===========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [TpShocks] => C:\Windows\system32\TpShocks.exe [382248 2013-02-12] (Lenovo.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2392872 2010-10-14] (Synaptics Incorporated)
HKLM\...\Run: [AcWin7Hlpr] => C:\Program Files (x86)\Lenovo\Access Connections\AcTBenabler.exe [63728 2015-06-08] (Lenovo)
HKLM\...\Run: [LENOVO.TPKNRRES] => C:\Program Files\Lenovo\Communications Utility\TPKNRRES.exe [60920 2013-02-26] (Lenovo Group Limited)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [IMSS] => C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe [112152 2010-05-03] (Intel Corporation)
HKLM-x32\...\Run: [PWMTRV] => rundll32 C:\PROGRA~2\ThinkPad\UTILIT~1\PWMTR64V.DLL,PwrMgrBkGndMonitor
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [597552 2015-08-04] (Oracle Corporation)
HKU\S-1-5-21-145023533-3589648127-3996658433-1000\...\MountPoints2: {3a28fba0-ad0a-11e4-8ad2-f0def163c0f0} - E:\AutoRun.exe
HKU\S-1-5-21-145023533-3589648127-3996658433-1000\...\MountPoints2: {3a28fbac-ad0a-11e4-8ad2-f0def163c0f0} - E:\AutoRun.exe
HKU\S-1-5-21-145023533-3589648127-3996658433-1000\...\MountPoints2: {3a28fbca-ad0a-11e4-8ad2-f0def163c0f0} - E:\AutoRun.exe
HKU\S-1-5-21-145023533-3589648127-3996658433-1000\...\MountPoints2: {3a28fc04-ad0a-11e4-8ad2-f0def163c0f0} - E:\AutoRun.exe
Lsa: [Notification Packages] scecli ACGina
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk [2015-09-13]
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\ThinkPad\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
GroupPolicy: Beschränkung - Chrome <======= ACHTUNG
CHR HKLM\SOFTWARE\Policies\Google: Beschränkung <======= ACHTUNG
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
ProxyEnable: [.DEFAULT] => Proxy ist aktiviert.
ProxyServer: [.DEFAULT] => http=127.0.0.1:52851;https=127.0.0.1:52851
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{61EEAB80-7F66-4E0A-BFD8-78705CB57E63}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{775D536E-00D5-46C8-ABB1-8771F31D20D3}: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{8548C658-5475-46BF-869F-22C1BE46B852}: [NameServer] 193.189.244.206 193.189.244.225
Tcpip\..\Interfaces\{A7E26715-3896-4703-9A5C-0465A09EC3BB}: [NameServer] 193.189.244.225 193.189.244.206
Tcpip\..\Interfaces\{C9964565-564F-4F22-A939-D1A2E30B3D7D}: [NameServer] 193.189.244.206 193.189.244.225
Internet Explorer:
==================
HKU\S-1-5-21-145023533-3589648127-3996658433-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
HKU\S-1-5-21-145023533-3589648127-3996658433-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617911&ResetID=130897454302500722&GUID=10043CF9-2A33-4998-A72C-EA56A006887C
SearchScopes: HKLM-x32 -> DefaultScope {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL =
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_60\bin\ssv.dll [2015-09-13] (Oracle Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_60\bin\jp2ssv.dll [2015-09-13] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\ssv.dll [2015-09-13] (Oracle Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\jp2ssv.dll [2015-09-13] (Oracle Corporation)
DPF: HKLM {166B1BCA-3F9C-11CF-8075-444553540000} hxxps://fpdownload.macromedia.com/pub/shockwave/cabs/director/sw.cab
FireFox:
========
FF ProfilePath: C:\Users\Caro\AppData\Roaming\Mozilla\Firefox\Profiles\8v8aqpji.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_19_0_0_207.dll [2015-10-15] ()
FF Plugin: @java.com/DTPlugin,version=11.60.2 -> C:\Program Files\Java\jre1.8.0_60\bin\dtplugin\npDeployJava1.dll [2015-09-13] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.60.2 -> C:\Program Files\Java\jre1.8.0_60\bin\plugin2\npjp2.dll [2015-09-13] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2015-04-16] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_19_0_0_207.dll [2015-10-15] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2013-10-01] ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google)
FF Plugin-x32: @java.com/DTPlugin,version=11.60.2 -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\dtplugin\npDeployJava1.dll [2015-09-13] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.60.2 -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\plugin2\npjp2.dll [2015-09-13] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2013-01-10] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2013-01-10] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-20] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-20] (Google Inc.)
FF Plugin-x32: @zylom.com/ZylomGamesPlayer -> C:\ProgramData\Zylom\ZylomGamesPlayer\npzylomgamesplayer.dll [2009-10-23] (Zylom)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-09-27] (Adobe Systems Inc.)
FF Extension: ALoneliveyaru - C:\Users\Caro\AppData\Roaming\Mozilla\Firefox\Profiles\8v8aqpji.default\Extensions\ALone-live@ya.ru [2015-09-13] [ist nicht signiert]
FF Extension: heartbleeddactylgooglecodecom - C:\Users\Caro\AppData\Roaming\Mozilla\Firefox\Profiles\8v8aqpji.default\Extensions\heartbleed@dactyl.googlecode.com [2015-09-13] [ist nicht signiert]
FF Extension: html5notificationspaxalnet - C:\Users\Caro\AppData\Roaming\Mozilla\Firefox\Profiles\8v8aqpji.default\Extensions\html5notifications@paxal.net [2015-09-13] [ist nicht signiert]
FF Extension: skipcerterrorfoudilfr - C:\Users\Caro\AppData\Roaming\Mozilla\Firefox\Profiles\8v8aqpji.default\Extensions\skipcerterror@foudil.fr [2015-09-13] [ist nicht signiert]
FF Extension: DD7B8D8DC0B5412296524FCB1E788CD8 - C:\Users\Caro\AppData\Roaming\Mozilla\Firefox\Profiles\8v8aqpji.default\Extensions\{DD7B8D8D-C0B5-4122-9652-4FCB1E788CD8} [2015-09-13] [ist nicht signiert]
FF Extension: Adblock Plus - C:\Users\Caro\AppData\Roaming\Mozilla\Firefox\Profiles\8v8aqpji.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-08-06]
FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\browser\defaults\preferences\prefs.js [2015-09-13] <==== ACHTUNG (Zeigt auf eine *.cfg Datei)
FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\cfg [2015-09-13] <==== ACHTUNG
Chrome:
=======
CHR Profile: C:\Users\Caro\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Kein Name) - C:\Users\Caro\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-10-25]
CHR Extension: (Kein Name) - C:\Users\Caro\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-10-25]
CHR Extension: (Kein Name) - C:\Users\Caro\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-10-25]
CHR Extension: (Kein Name) - C:\Users\Caro\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-10-25]
CHR HKU\S-1-5-21-145023533-3589648127-3996658433-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [jlcgehabolcakkjhgmgpkagpolbjlhfa] - hxxps://clients2.google.com/service/update2/crx
Opera:
=======
OPR Extension: (blelaljgakacjdeaggpjilljobdmboff) - C:\Users\Caro\AppData\Roaming\Opera Software\Opera Stable\Extensions\blelaljgakacjdeaggpjilljobdmboff [2015-09-13]
OPR Extension: (blelaljgakacjdeaggpjilljobdmboff) - C:\Users\Caro\AppData\Roaming\Opera Software\Opera Stable\Extensions\eggkanocgddhmamlbiijnphhppkpkmkl [2015-09-13]
OPR Extension: (blelaljgakacjdeaggpjilljobdmboff) - C:\Users\Caro\AppData\Roaming\Opera Software\Opera Stable\Extensions\gllmkcahdekdbapmdfnffclacbpnicaj [2015-09-13]
OPR Extension: (blelaljgakacjdeaggpjilljobdmboff) - C:\Users\Caro\AppData\Roaming\Opera Software\Opera Stable\Extensions\heildphpnddilhkemkielfhnkaagiabh [2015-09-13]
OPR Extension: (hgcbffeicehlpmgmnhnkjbjoldkfhoin) - C:\Users\Caro\AppData\Roaming\Opera Software\Opera Stable\Extensions\hgcbffeicehlpmgmnhnkjbjoldkfhoin [2015-09-13]
OPR Extension: (oogmkbpkoblajkomflhkkdmbfggdmefd) - C:\Users\Caro\AppData\Roaming\Opera Software\Opera Stable\Extensions\oogmkbpkoblajkomflhkkdmbfggdmefd [2015-09-13]
==================== Dienste (Nicht auf der Ausnahmeliste) ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
S3 AppIDSvc; C:\Windows\System32\appidsvc.dll [32768 2015-10-01] (Microsoft Corporation) [Datei ist nicht signiert]
R3 Appinfo; C:\Windows\System32\appinfo.dll [70656 2015-06-25] (Microsoft Corporation) [Datei ist nicht signiert]
S2 BstHdAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Service.exe [402192 2013-12-05] (BlueStack Systems, Inc.)
S2 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [385808 2013-12-05] (BlueStack Systems, Inc.)
R2 CryptSvc; C:\Windows\system32\cryptsvc.dll [188416 2015-04-27] (Microsoft Corporation) [Datei ist nicht signiert]
R2 CryptSvc; C:\Windows\SysWOW64\cryptsvc.dll [143872 2015-04-27] (Microsoft Corporation) [Datei ist nicht signiert]
R2 DiagTrack; C:\Windows\system32\diagtrack.dll [1390592 2015-07-23] (Microsoft Corporation) [Datei ist nicht signiert]
S3 DozeSvc; C:\Program Files (x86)\ThinkPad\Utilities\DZSVC64.EXE [320576 2013-04-23] (Lenovo.)
S3 EFS; C:\Windows\System32\lsass.exe [31232 2015-09-15] (Microsoft Corporation) [Datei ist nicht signiert]
R2 FontCache; C:\Windows\system32\FntCache.dll [1180160 2015-07-30] (Microsoft Corporation) [Datei ist nicht signiert]
S2 HWDeviceService64.exe; C:\ProgramData\DatacardService\HWDeviceService64.exe [346976 2011-03-14] ()
S3 IEEtwCollectorService; C:\Windows\system32\IEEtwCollector.exe [114688 2015-09-16] (Microsoft Corporation) [Datei ist nicht signiert]
R3 KeyIso; C:\Windows\system32\lsass.exe [31232 2015-09-15] (Microsoft Corporation) [Datei ist nicht signiert]
S2 Mobile Partner. RunOuc; C:\Program Files (x86)\Mobile Partner\UpdateDog\ouc.exe [239968 2015-02-07] ()
S3 msiserver; C:\Windows\System32\msiexec.exe [128000 2015-06-15] (Microsoft Corporation) [Datei ist nicht signiert]
S3 msiserver; C:\Windows\SysWOW64\msiexec.exe [73216 2015-06-15] (Microsoft Corporation) [Datei ist nicht signiert]
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2009-05-14] (Hewlett-Packard) [Datei ist nicht signiert]
S3 Netlogon; C:\Windows\system32\lsass.exe [31232 2015-09-15] (Microsoft Corporation) [Datei ist nicht signiert]
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2009-05-14] (Hewlett-Packard) [Datei ist nicht signiert]
S3 ProtectedStorage; C:\Windows\system32\lsass.exe [31232 2015-09-15] (Microsoft Corporation) [Datei ist nicht signiert]
R2 SamSs; C:\Windows\system32\lsass.exe [31232 2015-09-15] (Microsoft Corporation) [Datei ist nicht signiert]
R2 Schedule; C:\Windows\system32\schedsvc.dll [1110016 2015-08-05] (Microsoft Corporation) [Datei ist nicht signiert]
S3 SUService; C:\Program Files (x86)\Lenovo\System Update\SUService.exe [22008 2015-09-10] ()
R2 SysMain; C:\Windows\system32\sysmain.dll [1743360 2015-07-15] (Microsoft Corporation) [Datei ist nicht signiert]
S3 VaultSvc; C:\Windows\system32\lsass.exe [31232 2015-09-15] (Microsoft Corporation) [Datei ist nicht signiert]
S3 WebClient; C:\Windows\System32\webclnt.dll [260096 2015-07-01] (Microsoft Corporation) [Datei ist nicht signiert]
S3 WebClient; C:\Windows\SysWOW64\webclnt.dll [206848 2015-07-01] (Microsoft Corporation) [Datei ist nicht signiert]
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
R2 wuauserv; C:\Windows\system32\wuaueng.dll [2607104 2015-09-25] (Microsoft Corporation) [Datei ist nicht signiert]
S2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3342640 2012-08-23] (Intel® Corporation)
===================== Treiber (Nicht auf der Ausnahmeliste) ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
S3 AppID; C:\Windows\system32\drivers\appid.sys [61440 2015-10-01] (Microsoft Corporation) [Datei ist nicht signiert]
R2 BstHdDrv; C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [113424 2013-12-05] (BlueStack Systems)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R3 mrxsmb; C:\Windows\System32\DRIVERS\mrxsmb.sys [159232 2015-09-29] (Microsoft Corporation) [Datei ist nicht signiert]
R3 mrxsmb10; C:\Windows\System32\DRIVERS\mrxsmb10.sys [290816 2015-09-29] (Microsoft Corporation) [Datei ist nicht signiert]
R3 mrxsmb20; C:\Windows\System32\DRIVERS\mrxsmb20.sys [129024 2015-09-29] (Microsoft Corporation) [Datei ist nicht signiert]
R3 SmbDrvI; C:\Windows\System32\DRIVERS\Smb_driver_Intel.sys [44784 2013-04-17] (Synaptics Incorporated)
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2015-10-25 15:13 - 2015-10-25 15:13 - 00380416 _____ C:\Users\Caro\Downloads\Gmer-19357.exe
2015-10-25 15:13 - 2015-10-25 15:13 - 00017257 _____ C:\Users\Caro\Downloads\FRST.txt
2015-10-25 15:12 - 2015-10-25 15:13 - 00000000 ____D C:\FRST
2015-10-25 15:11 - 2015-10-25 15:12 - 02196992 _____ (Farbar) C:\Users\Caro\Downloads\FRST64.exe
2015-10-25 15:10 - 2015-10-25 15:10 - 00050477 _____ C:\Users\Caro\Downloads\Defogger.exe
2015-10-25 14:46 - 2015-10-25 14:46 - 00002464 _____ C:\Users\Caro\Desktop\JRT.txt
2015-10-25 14:24 - 2015-10-25 14:24 - 00000056 _____ C:\Windows\setupact.log
2015-10-25 14:24 - 2015-10-25 14:24 - 00000000 _____ C:\Windows\setuperr.log
2015-10-25 11:20 - 2015-10-25 13:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-10-25 11:18 - 2015-10-25 11:18 - 00448968 _____ (AVAST Software) C:\Windows\system32\Drivers\rvrtuqxr.sys
2015-10-25 11:15 - 2015-10-25 11:15 - 00448968 _____ (AVAST Software) C:\Windows\system32\Drivers\bptavlnz.sys
2015-10-25 11:15 - 2015-10-25 11:15 - 00000000 ____D C:\ProgramData\AVAST Software
2015-10-25 11:13 - 2015-10-25 11:15 - 154429024 _____ (AVAST Software) C:\Users\Public\Desktop\avast_104free_antivirus_setup.exe
2015-10-25 11:13 - 2015-10-25 11:15 - 154429024 _____ (AVAST Software) C:\Users\Caro\Downloads\avast_104free_antivirus_setup.exe
2015-10-25 10:58 - 2015-10-25 13:30 - 00000000 ____D C:\Windows\system32\appraiser
2015-10-25 10:57 - 2015-10-25 10:57 - 02239542 _____ C:\Users\Caro\Desktop\menschen.bmp
2015-10-25 10:57 - 2015-10-25 10:57 - 02239542 _____ C:\Users\Caro\Desktop\bill neu.bmp
2015-10-23 18:38 - 2015-10-25 13:29 - 00000000 ____D C:\Windows\SysWOW64\Adobe
2015-10-22 20:57 - 2005-05-09 06:19 - 03013305 _____ (Igor Pavlov) C:\Windows\SysWOW64\MAIN.exe
2015-10-22 14:56 - 2015-07-30 14:13 - 00124624 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-10-22 14:56 - 2015-07-30 14:13 - 00103120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-10-22 14:48 - 2015-10-22 14:48 - 00000000 ____D C:\Program Files (x86)\MSXML 4.0
2015-10-22 14:16 - 2015-09-18 20:31 - 00391784 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-10-22 14:16 - 2015-09-18 19:58 - 00345688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-10-22 14:16 - 2015-09-16 05:36 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-10-22 14:16 - 2015-09-16 05:36 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-10-22 14:16 - 2015-09-16 05:21 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-10-22 14:16 - 2015-09-16 05:13 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-10-22 14:16 - 2015-09-16 05:08 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-10-22 14:16 - 2015-09-16 05:01 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-10-22 14:16 - 2015-09-16 04:58 - 20357632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-10-22 14:16 - 2015-09-16 04:50 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-10-22 14:16 - 2015-09-16 04:45 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-10-22 14:16 - 2015-09-16 04:43 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-10-22 14:16 - 2015-09-16 04:41 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2015-10-22 14:16 - 2015-09-16 04:33 - 00504832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-10-22 14:16 - 2015-09-16 04:33 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-10-22 14:16 - 2015-09-16 04:32 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-10-22 14:16 - 2015-09-16 04:31 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-10-22 14:16 - 2015-09-16 04:29 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-10-22 14:16 - 2015-09-16 04:29 - 00720896 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-10-22 14:16 - 2015-09-16 04:28 - 02279936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-10-22 14:16 - 2015-09-16 04:26 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-10-22 14:16 - 2015-09-16 04:26 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-10-22 14:16 - 2015-09-16 04:24 - 00480256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-10-22 14:16 - 2015-09-16 04:22 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-10-22 14:16 - 2015-09-16 04:22 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-10-22 14:16 - 2015-09-16 04:15 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-10-22 14:16 - 2015-09-16 04:10 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-10-22 14:16 - 2015-09-16 04:06 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-10-22 14:16 - 2015-09-16 04:05 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-10-22 14:16 - 2015-09-16 04:04 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2015-10-22 14:16 - 2015-09-16 03:59 - 01546752 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-10-22 14:16 - 2015-09-16 03:58 - 12853760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-10-22 14:16 - 2015-09-16 03:56 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-10-22 14:16 - 2015-09-16 03:55 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-10-22 14:16 - 2015-09-16 03:34 - 01311232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-10-22 14:16 - 2015-09-16 03:32 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-10-22 14:16 - 2015-07-15 04:19 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\basesrv.dll
2015-10-22 14:16 - 2015-06-02 01:07 - 00254976 _____ (Microsoft Corporation) C:\Windows\system32\cewmdm.dll
2015-10-22 14:16 - 2015-06-02 00:47 - 00210432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cewmdm.dll
2015-10-22 14:16 - 2015-05-25 19:19 - 00113664 _____ (Microsoft Corporation) C:\Windows\system32\sechost.dll
2015-10-22 14:16 - 2015-05-25 19:18 - 00404992 _____ (Microsoft Corporation) C:\Windows\system32\tracerpt.exe
2015-10-22 14:16 - 2015-05-25 19:18 - 00104448 _____ (Microsoft Corporation) C:\Windows\system32\logman.exe
2015-10-22 14:16 - 2015-05-25 19:18 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\typeperf.exe
2015-10-22 14:16 - 2015-05-25 19:18 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\relog.exe
2015-10-22 14:16 - 2015-05-25 19:18 - 00019456 _____ (Microsoft Corporation) C:\Windows\system32\diskperf.exe
2015-10-22 14:16 - 2015-05-25 19:01 - 00092160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sechost.dll
2015-10-22 14:16 - 2015-05-25 19:00 - 00364544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tracerpt.exe
2015-10-22 14:16 - 2015-05-25 19:00 - 00082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\logman.exe
2015-10-22 14:16 - 2015-05-25 19:00 - 00040448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\typeperf.exe
2015-10-22 14:16 - 2015-05-25 19:00 - 00037888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\relog.exe
2015-10-22 14:16 - 2015-05-25 19:00 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\diskperf.exe
2015-10-22 14:16 - 2015-04-27 20:23 - 01480192 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2015-10-22 14:16 - 2015-04-27 20:23 - 00229376 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2015-10-22 14:16 - 2015-04-27 20:23 - 00188416 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2015-10-22 14:16 - 2015-04-27 20:23 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2015-10-22 14:16 - 2015-04-27 20:05 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2015-10-22 14:16 - 2015-04-27 20:04 - 01174528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2015-10-22 14:16 - 2015-04-27 20:04 - 00143872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2015-10-22 14:16 - 2015-04-27 20:04 - 00103936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2015-10-22 14:15 - 2015-09-29 04:16 - 05569472 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-10-22 14:15 - 2015-09-29 04:13 - 01730496 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-10-22 14:15 - 2015-09-29 04:11 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-10-22 14:15 - 2015-09-29 04:11 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2015-10-22 14:15 - 2015-09-29 04:11 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2015-10-22 14:15 - 2015-09-29 04:11 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2015-10-22 14:15 - 2015-09-29 04:11 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-10-22 14:15 - 2015-09-29 04:11 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-10-22 14:15 - 2015-09-29 04:11 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-10-22 14:15 - 2015-09-29 04:11 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2015-10-22 14:15 - 2015-09-29 04:10 - 01216512 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2015-10-22 14:15 - 2015-09-29 04:10 - 01164800 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-10-22 14:15 - 2015-09-29 04:10 - 00729088 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-10-22 14:15 - 2015-09-29 04:10 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2015-10-22 14:15 - 2015-09-29 04:10 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-10-22 14:15 - 2015-09-29 04:10 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-10-22 14:15 - 2015-09-29 04:10 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-10-22 14:15 - 2015-09-29 04:10 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2015-10-22 14:15 - 2015-09-29 04:10 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-10-22 14:15 - 2015-09-29 04:10 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-10-22 14:15 - 2015-09-29 04:10 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2015-10-22 14:15 - 2015-09-29 04:09 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2015-10-22 14:15 - 2015-09-29 04:09 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-10-22 14:15 - 2015-09-29 04:05 - 03990976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-10-22 14:15 - 2015-09-29 04:05 - 03936192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-10-22 14:15 - 2015-09-29 04:05 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-10-22 14:15 - 2015-09-29 04:05 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-10-22 14:15 - 2015-09-29 04:02 - 01311768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-10-22 14:15 - 2015-09-29 04:01 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-10-22 14:15 - 2015-09-29 04:01 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-10-22 14:15 - 2015-09-29 04:01 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-10-22 14:15 - 2015-09-29 04:01 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-10-22 14:15 - 2015-09-29 04:01 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-10-22 14:15 - 2015-09-29 04:01 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-10-22 14:15 - 2015-09-29 04:01 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-10-22 14:15 - 2015-09-29 04:01 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-10-22 14:15 - 2015-09-29 04:01 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-10-22 14:15 - 2015-09-29 04:01 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-10-22 14:15 - 2015-09-29 04:01 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-10-22 14:15 - 2015-09-29 04:01 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-10-22 14:15 - 2015-09-29 04:01 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-10-22 14:15 - 2015-09-29 04:01 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-10-22 14:15 - 2015-09-29 04:01 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-10-22 14:15 - 2015-09-29 04:01 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-10-22 14:15 - 2015-09-29 04:01 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-10-22 14:15 - 2015-09-29 04:01 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-10-22 14:15 - 2015-09-29 04:01 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-10-22 14:15 - 2015-09-29 04:01 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-10-22 14:15 - 2015-09-29 04:01 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-10-22 14:15 - 2015-09-29 04:01 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-10-22 14:15 - 2015-09-29 04:01 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-10-22 14:15 - 2015-09-29 04:01 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-10-22 14:15 - 2015-09-29 04:01 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-10-22 14:15 - 2015-09-29 04:01 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-10-22 14:15 - 2015-09-29 04:01 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-10-22 14:15 - 2015-09-29 04:01 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-10-22 14:15 - 2015-09-29 04:01 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-10-22 14:15 - 2015-09-29 04:01 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-10-22 14:15 - 2015-09-29 03:59 - 00552960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-10-22 14:15 - 2015-09-29 03:59 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-10-22 14:15 - 2015-09-29 03:59 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-10-22 14:15 - 2015-09-29 03:59 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-10-22 14:15 - 2015-09-29 03:59 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-10-22 14:15 - 2015-09-29 03:59 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2015-10-22 14:15 - 2015-09-29 03:58 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-10-22 14:15 - 2015-09-29 03:58 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2015-10-22 14:15 - 2015-09-29 03:58 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2015-10-22 14:15 - 2015-09-29 03:58 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-10-22 14:15 - 2015-09-29 03:57 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2015-10-22 14:15 - 2015-09-29 03:57 - 00665088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2015-10-22 14:15 - 2015-09-29 03:57 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2015-10-22 14:15 - 2015-09-29 03:57 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2015-10-22 14:15 - 2015-09-29 03:53 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-10-22 14:15 - 2015-09-29 03:53 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-10-22 14:15 - 2015-09-29 03:49 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-10-22 14:15 - 2015-09-29 03:49 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2015-10-22 14:15 - 2015-09-29 03:49 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2015-10-22 14:15 - 2015-09-29 03:49 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-10-22 14:15 - 2015-09-29 03:49 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-10-22 14:15 - 2015-09-29 03:49 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-10-22 14:15 - 2015-09-29 03:49 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-10-22 14:15 - 2015-09-29 03:49 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-10-22 14:15 - 2015-09-29 03:49 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-10-22 14:15 - 2015-09-29 03:49 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-10-22 14:15 - 2015-09-29 03:49 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-10-22 14:15 - 2015-09-29 03:49 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-10-22 14:15 - 2015-09-29 03:49 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-10-22 14:15 - 2015-09-29 03:49 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-10-22 14:15 - 2015-09-29 03:49 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-10-22 14:15 - 2015-09-29 03:49 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2015-10-22 14:15 - 2015-09-29 03:49 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-10-22 14:15 - 2015-09-29 03:49 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-10-22 14:15 - 2015-09-29 03:49 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2015-10-22 14:15 - 2015-09-29 03:49 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-10-22 14:15 - 2015-09-29 03:49 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-10-22 14:15 - 2015-09-29 03:49 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-10-22 14:15 - 2015-09-29 03:49 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-10-22 14:15 - 2015-09-29 03:49 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-10-22 14:15 - 2015-09-29 03:49 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-10-22 14:15 - 2015-09-29 03:49 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2015-10-22 14:15 - 2015-09-29 02:50 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2015-10-22 14:15 - 2015-09-29 02:49 - 00290816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2015-10-22 14:15 - 2015-09-29 02:49 - 00129024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2015-10-22 14:15 - 2015-09-29 02:43 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2015-10-22 14:15 - 2015-09-29 02:43 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2015-10-22 14:15 - 2015-09-29 02:40 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2015-10-22 14:15 - 2015-09-29 02:40 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-10-22 14:15 - 2015-09-29 02:40 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-10-22 14:15 - 2015-09-29 02:40 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2015-10-22 14:15 - 2015-09-16 05:48 - 25851904 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-10-22 14:15 - 2015-09-16 05:22 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-10-22 14:15 - 2015-09-16 05:21 - 02886656 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-10-22 14:15 - 2015-09-16 05:21 - 00585728 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-10-22 14:15 - 2015-09-16 05:21 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-10-22 14:15 - 2015-09-16 05:21 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-10-22 14:15 - 2015-09-16 05:14 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-10-22 14:15 - 2015-09-16 05:10 - 00616960 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-10-22 14:15 - 2015-09-16 05:09 - 05990912 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-10-22 14:15 - 2015-09-16 05:08 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-10-22 14:15 - 2015-09-16 05:08 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-10-22 14:15 - 2015-09-16 05:08 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-10-22 14:15 - 2015-09-16 04:58 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-10-22 14:15 - 2015-09-16 04:46 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-10-22 14:15 - 2015-09-16 04:45 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-10-22 14:15 - 2015-09-16 04:32 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-10-22 14:15 - 2015-09-16 04:31 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2015-10-22 14:15 - 2015-09-16 04:28 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-10-22 14:15 - 2015-09-16 04:26 - 02126336 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-10-22 14:15 - 2015-09-16 04:23 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-10-22 14:15 - 2015-09-16 04:22 - 14458368 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-10-22 14:15 - 2015-09-16 04:11 - 02487808 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-10-22 14:15 - 2015-09-16 04:07 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-10-22 14:15 - 2015-09-16 04:05 - 04527616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-10-22 14:15 - 2015-09-16 03:58 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2015-10-22 14:15 - 2015-09-16 03:55 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-10-22 14:15 - 2015-09-16 03:48 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-10-22 14:15 - 2015-09-16 03:37 - 02011136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-10-22 14:15 - 2015-09-15 19:17 - 00157016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-10-22 14:15 - 2015-09-15 19:17 - 00097112 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-10-22 14:15 - 2015-09-15 19:11 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-10-22 14:15 - 2015-09-15 19:11 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-10-22 14:15 - 2015-09-15 19:11 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-10-22 14:15 - 2015-09-15 19:11 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-10-22 14:15 - 2015-09-15 19:11 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-10-22 14:15 - 2015-09-15 19:11 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-10-22 14:15 - 2015-09-15 19:10 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-10-22 14:15 - 2015-09-15 18:36 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-10-22 14:15 - 2015-09-15 18:36 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-10-22 14:15 - 2015-09-15 18:36 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-10-22 14:15 - 2015-09-15 18:35 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-10-22 14:15 - 2015-08-05 18:56 - 00275456 _____ (Microsoft Corporation) C:\Windows\system32\InkEd.dll
2015-10-22 14:15 - 2015-08-05 18:56 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\jnwmon.dll
2015-10-22 14:15 - 2015-08-05 18:40 - 00216064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InkEd.dll
2015-10-22 14:15 - 2015-07-23 01:02 - 01390592 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
2015-10-22 14:15 - 2015-07-23 01:02 - 00879104 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2015-10-22 14:15 - 2015-07-23 01:02 - 00879104 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2015-10-22 14:15 - 2015-07-22 18:53 - 00641536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2015-10-22 14:15 - 2015-07-22 18:53 - 00635392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll
2015-10-22 14:15 - 2015-07-22 17:48 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\UtcResources.dll
2015-10-22 14:14 - 2015-10-01 19:06 - 00692672 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2015-10-22 14:14 - 2015-10-01 19:04 - 00616360 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2015-10-22 14:14 - 2015-10-01 19:00 - 00147456 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2015-10-22 14:14 - 2015-10-01 19:00 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2015-10-22 14:14 - 2015-10-01 19:00 - 00059392 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2015-10-22 14:14 - 2015-10-01 19:00 - 00032768 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2015-10-22 14:14 - 2015-10-01 19:00 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2015-10-22 14:14 - 2015-10-01 18:50 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2015-10-22 14:14 - 2015-10-01 18:00 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2015-10-22 14:14 - 2015-09-18 20:22 - 00025432 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2015-10-22 14:14 - 2015-09-18 20:19 - 01291264 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-10-22 14:14 - 2015-09-18 20:19 - 00766464 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-10-22 14:14 - 2015-09-18 20:19 - 00700416 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-10-22 14:14 - 2015-09-18 20:19 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-10-22 14:14 - 2015-09-18 20:19 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-10-22 14:14 - 2015-09-18 20:09 - 01163776 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-10-22 14:14 - 2015-08-06 19:04 - 14176768 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2015-10-22 14:14 - 2015-08-06 19:03 - 01866752 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll
2015-10-22 14:14 - 2015-08-06 18:44 - 12875776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2015-10-22 14:14 - 2015-07-15 19:15 - 00094656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys
2015-10-22 14:14 - 2015-07-15 19:10 - 01743360 _____ (Microsoft Corporation) C:\Windows\system32\sysmain.dll
2015-10-22 14:14 - 2015-07-15 19:10 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\msmmsp.dll
2015-10-22 14:14 - 2015-07-15 04:17 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2015-10-22 14:14 - 2015-07-15 03:54 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2015-10-22 14:14 - 2015-06-03 21:16 - 01239720 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2015-10-22 14:14 - 2015-06-03 21:16 - 00193536 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2015-10-22 14:13 - 2015-09-25 19:07 - 03168768 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-10-22 14:13 - 2015-09-25 19:07 - 02607104 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-10-22 14:13 - 2015-09-25 19:07 - 00696320 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-10-22 14:13 - 2015-09-25 19:07 - 00192512 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-10-22 14:13 - 2015-09-25 19:07 - 00098816 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-10-22 14:13 - 2015-09-25 19:07 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-10-22 14:13 - 2015-09-25 19:07 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-10-22 14:13 - 2015-09-25 19:06 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-10-22 14:13 - 2015-09-25 19:06 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-10-22 14:13 - 2015-09-25 19:06 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-10-22 14:13 - 2015-09-25 19:06 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-10-22 14:13 - 2015-09-25 18:59 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-10-22 14:13 - 2015-09-25 18:59 - 00174080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-10-22 14:13 - 2015-09-25 18:59 - 00093696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-10-22 14:13 - 2015-09-25 18:59 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-10-22 14:13 - 2015-09-25 18:58 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-10-22 14:13 - 2015-08-06 18:44 - 01498624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExplorerFrame.dll
2015-10-22 14:13 - 2015-07-30 19:06 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2015-10-22 14:13 - 2015-07-30 19:06 - 01648128 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2015-10-22 14:13 - 2015-07-30 19:06 - 01180160 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2015-10-22 14:13 - 2015-07-30 18:57 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2015-10-22 14:13 - 2015-07-30 18:57 - 01251328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2015-10-22 14:13 - 2015-07-10 18:51 - 03722752 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2015-10-22 14:13 - 2015-07-10 18:51 - 00158720 _____ (Microsoft Corporation) C:\Windows\system32\aaclient.dll
2015-10-22 14:13 - 2015-07-10 18:51 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2015-10-22 14:13 - 2015-07-10 18:34 - 03221504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2015-10-22 14:13 - 2015-07-10 18:34 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll
2015-10-22 14:13 - 2015-07-10 18:33 - 00131584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aaclient.dll
2015-10-22 14:13 - 2015-07-09 18:58 - 01632256 _____ (Microsoft Corporation) C:\Windows\system32\dwmcore.dll
2015-10-22 14:13 - 2015-07-09 18:58 - 00082944 _____ (Microsoft Corporation) C:\Windows\system32\dwmapi.dll
2015-10-22 14:13 - 2015-07-09 18:42 - 01372160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmcore.dll
2015-10-22 14:13 - 2015-07-09 18:42 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmapi.dll
2015-10-22 14:13 - 2015-07-04 19:07 - 02087424 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2015-10-22 14:13 - 2015-07-04 18:48 - 01414656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2015-10-22 14:13 - 2015-07-01 21:49 - 00260096 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
2015-10-22 14:13 - 2015-07-01 21:48 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll
2015-10-22 14:13 - 2015-07-01 21:30 - 00206848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll
2015-10-22 14:13 - 2015-07-01 21:30 - 00082432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\davclnt.dll
2015-10-22 14:13 - 2015-06-17 18:47 - 00404992 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2015-10-22 14:13 - 2015-06-17 18:37 - 00312320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2015-10-22 14:13 - 2015-06-15 22:45 - 03242496 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2015-10-22 14:13 - 2015-06-15 22:45 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2015-10-22 14:13 - 2015-06-15 22:44 - 00128000 _____ (Microsoft Corporation) C:\Windows\system32\msiexec.exe
2015-10-22 14:13 - 2015-06-15 22:43 - 02364416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2015-10-22 14:13 - 2015-06-15 22:43 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2015-10-22 14:13 - 2015-06-15 22:42 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msiexec.exe
2015-10-22 14:13 - 2015-06-15 22:42 - 00025088 _____ (Microsoft Corporation) C:\Windows\system32\msimsg.dll
2015-10-22 14:13 - 2015-06-15 22:37 - 00025088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msimsg.dll
2015-10-22 14:13 - 2015-04-24 19:17 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll
2015-10-22 14:13 - 2015-04-24 18:56 - 00530432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comctl32.dll
2015-10-22 14:12 - 2015-08-27 19:18 - 02004480 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2015-10-22 14:12 - 2015-08-27 19:18 - 01887232 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2015-10-22 14:12 - 2015-08-27 19:13 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll
2015-10-22 14:12 - 2015-08-27 19:13 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2015-10-22 14:12 - 2015-08-27 18:58 - 01391104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2015-10-22 14:12 - 2015-08-27 18:58 - 01241088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2015-10-22 14:12 - 2015-08-27 18:51 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll
2015-10-22 14:12 - 2015-08-27 18:51 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2015-10-22 14:12 - 2015-07-18 14:08 - 00984448 _____ (Microsoft Corporation) C:\Windows\system32\ucrtbase.dll
2015-10-22 14:12 - 2015-07-18 14:08 - 00901264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ucrtbase.dll
2015-10-22 14:12 - 2015-07-18 14:08 - 00066400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-private-l1-1-0.dll
2015-10-22 14:12 - 2015-07-18 14:08 - 00063840 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-private-l1-1-0.dll
2015-10-22 14:12 - 2015-07-18 14:08 - 00022368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-math-l1-1-0.dll
2015-10-22 14:12 - 2015-07-18 14:08 - 00020832 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-math-l1-1-0.dll
2015-10-22 14:12 - 2015-07-18 14:08 - 00019808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-multibyte-l1-1-0.dll
2015-10-22 14:12 - 2015-07-18 14:08 - 00019808 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll
2015-10-22 14:12 - 2015-07-18 14:08 - 00017760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-string-l1-1-0.dll
2015-10-22 14:12 - 2015-07-18 14:08 - 00017760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-stdio-l1-1-0.dll
2015-10-22 14:12 - 2015-07-18 14:08 - 00017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-string-l1-1-0.dll
2015-10-22 14:12 - 2015-07-18 14:08 - 00017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-stdio-l1-1-0.dll
2015-10-22 14:12 - 2015-07-18 14:08 - 00016224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-runtime-l1-1-0.dll
2015-10-22 14:12 - 2015-07-18 14:08 - 00016224 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-runtime-l1-1-0.dll
2015-10-22 14:12 - 2015-07-18 14:08 - 00015712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-convert-l1-1-0.dll
2015-10-22 14:12 - 2015-07-18 14:08 - 00015712 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-convert-l1-1-0.dll
2015-10-22 14:12 - 2015-07-18 14:08 - 00014176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-time-l1-1-0.dll
2015-10-22 14:12 - 2015-07-18 14:08 - 00014176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-2-0.dll
2015-10-22 14:12 - 2015-07-18 14:08 - 00014176 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-time-l1-1-0.dll
2015-10-22 14:12 - 2015-07-18 14:08 - 00014176 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-2-0.dll
2015-10-22 14:12 - 2015-07-18 14:08 - 00013664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-filesystem-l1-1-0.dll
2015-10-22 14:12 - 2015-07-18 14:08 - 00013664 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll
2015-10-22 14:12 - 2015-07-18 14:08 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-process-l1-1-0.dll
2015-10-22 14:12 - 2015-07-18 14:08 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-heap-l1-1-0.dll
2015-10-22 14:12 - 2015-07-18 14:08 - 00012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-conio-l1-1-0.dll
2015-10-22 14:12 - 2015-07-18 14:08 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-process-l1-1-0.dll
2015-10-22 14:12 - 2015-07-18 14:08 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-heap-l1-1-0.dll
2015-10-22 14:12 - 2015-07-18 14:08 - 00012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-conio-l1-1-0.dll
2015-10-22 14:12 - 2015-07-18 14:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-utility-l1-1-0.dll
2015-10-22 14:12 - 2015-07-18 14:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-locale-l1-1-0.dll
2015-10-22 14:12 - 2015-07-18 14:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-environment-l1-1-0.dll
2015-10-22 14:12 - 2015-07-18 14:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-2-0.dll
2015-10-22 14:12 - 2015-07-18 14:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-1.dll
2015-10-22 14:12 - 2015-07-18 14:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-utility-l1-1-0.dll
2015-10-22 14:12 - 2015-07-18 14:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-locale-l1-1-0.dll
2015-10-22 14:12 - 2015-07-18 14:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-environment-l1-1-0.dll
2015-10-22 14:12 - 2015-07-18 14:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-2-0.dll
2015-10-22 14:12 - 2015-07-18 14:08 - 00012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-1.dll
2015-10-22 14:12 - 2015-07-18 14:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-eventing-provider-l1-1-0.dll
2015-10-22 14:12 - 2015-07-18 14:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l2-1-0.dll
2015-10-22 14:12 - 2015-07-18 14:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-timezone-l1-1-0.dll
2015-10-22 14:12 - 2015-07-18 14:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l2-1-0.dll
2015-10-22 14:12 - 2015-07-18 14:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-2-0.dll
2015-10-22 14:12 - 2015-07-18 14:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-eventing-provider-l1-1-0.dll
2015-10-22 14:12 - 2015-07-18 14:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l2-1-0.dll
2015-10-22 14:12 - 2015-07-18 14:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-timezone-l1-1-0.dll
2015-10-22 14:12 - 2015-07-18 14:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l2-1-0.dll
2015-10-22 14:12 - 2015-07-18 14:08 - 00011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-2-0.dll
2015-10-22 14:12 - 2015-07-09 18:57 - 00193536 _____ (Microsoft Corporation) C:\Windows\system32\notepad.exe
2015-10-22 14:12 - 2015-07-09 18:57 - 00193536 _____ (Microsoft Corporation) C:\Windows\notepad.exe
2015-10-22 14:12 - 2015-07-09 18:42 - 00179712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
2015-10-22 14:12 - 2015-06-25 11:06 - 00115136 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2015-10-22 14:12 - 2015-06-25 11:01 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2015-10-22 14:12 - 2015-06-25 11:01 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2015-10-22 14:12 - 2015-06-25 10:44 - 01805824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2015-10-22 14:12 - 2015-04-29 19:22 - 14635008 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2015-10-22 14:12 - 2015-04-29 19:21 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2015-10-22 14:12 - 2015-04-29 19:21 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2015-10-22 14:12 - 2015-04-29 19:21 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2015-10-22 14:12 - 2015-04-29 19:19 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2015-10-22 14:12 - 2015-04-29 19:07 - 11411456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2015-10-22 14:12 - 2015-04-29 19:07 - 00008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwmp.dll
2015-10-22 14:12 - 2015-04-29 19:07 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx
2015-10-22 14:12 - 2015-04-29 19:07 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxmasf.dll
2015-10-22 14:12 - 2015-04-29 19:05 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2015-10-22 14:12 - 2015-04-11 04:19 - 00069888 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\stream.sys
2015-10-22 14:11 - 2015-08-05 18:56 - 01110016 _____ (Microsoft Corporation) C:\Windows\system32\schedsvc.dll
2015-10-22 14:00 - 2015-10-22 14:00 - 00074435 _____ C:\Users\Caro\Downloads\produkey18-x64.zip
2015-10-22 13:59 - 2015-09-02 04:04 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2015-10-22 13:59 - 2015-09-02 04:04 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-10-22 13:59 - 2015-09-02 04:04 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2015-10-22 13:59 - 2015-09-02 04:04 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2015-10-22 13:59 - 2015-09-02 03:48 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2015-10-22 13:59 - 2015-09-02 03:48 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2015-10-22 13:59 - 2015-09-02 03:48 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2015-10-22 13:59 - 2015-09-02 03:47 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2015-10-22 13:59 - 2015-09-02 02:51 - 03209216 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-10-22 13:59 - 2015-09-02 02:47 - 00372736 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-10-22 13:59 - 2015-09-02 02:33 - 00299520 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2015-10-22 13:58 - 2015-10-22 13:59 - 01402862 _____ C:\Users\Caro\Downloads\licensecrawler148.zip
2015-10-22 13:56 - 2015-10-22 13:56 - 00060965 _____ C:\Users\Caro\Downloads\pkeyuibx_v1.5.0.zip
2015-10-22 13:15 - 2015-10-22 13:15 - 00660960 _____ (Dropbox, Inc.) C:\Users\Caro\Downloads\DropboxInstaller.exe
2015-10-22 12:16 - 2015-10-22 12:16 - 02239542 _____ C:\Users\Caro\Desktop\bill.bmp
2015-10-22 11:01 - 2015-10-24 12:51 - 00000000 ____D C:\Users\Caro\Desktop\U-Bahn Bilder
2015-10-22 10:51 - 2015-10-22 11:01 - 618223842 _____ C:\Users\Caro\Downloads\U-Bahn Bilder.zip
2015-10-19 20:11 - 2015-10-19 20:11 - 00000000 ____D C:\ProgramData\Dropbox
2015-10-19 20:01 - 2015-10-19 20:17 - 00000000 ____D C:\Users\Caro\Doctor Web
2015-10-19 19:49 - 2015-10-19 19:58 - 174999424 _____ C:\Users\Caro\Downloads\db4cly0l.exe
2015-10-19 17:51 - 2015-10-19 17:53 - 140048144 _____ (Microsoft Corporation) C:\Users\Caro\Downloads\msert.exe
2015-10-19 17:44 - 2015-10-19 17:44 - 00321848 _____ (Malwarebytes Corporation) C:\Users\Caro\Downloads\mbam-clean-2.1.1.1001.exe
2015-10-19 11:31 - 2015-10-19 11:31 - 24345872 _____ (Malwarebytes Corporation ) C:\Users\Caro\Downloads\mbam.exe
2015-10-09 21:22 - 2015-10-09 21:22 - 03097628 _____ C:\Users\Caro\Downloads\Berliner Stadtbahn TS10.cdp
2015-10-09 21:21 - 2015-10-09 21:21 - 00070489 _____ C:\Users\Caro\Downloads\U-Bhnnetz Ver.1.5.rar
2015-10-09 21:19 - 2015-10-09 21:20 - 11544518 _____ C:\Users\Caro\Downloads\BR480 (3).cdp
2015-10-09 21:12 - 2015-10-09 21:13 - 15677059 _____ C:\Users\Caro\Downloads\TrsBerlin - S-Bahn 481 482 - Public-Beta v01.cdp
2015-10-09 21:11 - 2015-10-09 21:11 - 00100456 _____ C:\Users\Caro\Downloads\BVG_U-Bahn_Hornsound.cdp
2015-10-09 19:38 - 2015-10-09 19:40 - 14914382 _____ C:\Users\Caro\Downloads\Berliner_U-Bahn_v2.0_Pack_4_von_6 (5).cdp
2015-10-09 19:36 - 2015-10-09 19:36 - 35621425 _____ C:\Users\Caro\Downloads\1706_Fahrzeug_Update (5).cdp
2015-10-08 17:57 - 2015-10-08 17:57 - 00000000 ____D C:\BAHN
2015-10-08 17:56 - 2015-10-08 17:56 - 14082972 _____ (Jan Bochmann, Dresden, DE ) C:\Users\Caro\Downloads\b388r2ade.exe
2015-10-05 20:03 - 2015-10-05 20:03 - 01138649 _____ C:\Users\Caro\Downloads\14_tc_br146-022-9.cdp
2015-10-05 20:02 - 2015-10-05 20:02 - 01009018 _____ C:\Users\Caro\Downloads\br146-023-7_spark.cdp
2015-10-05 18:43 - 2015-10-05 18:43 - 00028650 _____ C:\Users\Caro\Downloads\0_big.jpg-v=1356315592000
2015-10-01 19:07 - 2015-10-01 19:28 - 248951650 _____ C:\Users\Caro\Downloads\Talent2_TANE (1).cdp
2015-10-01 19:07 - 2015-10-01 19:12 - 78022020 _____ C:\Users\Caro\Downloads\et42x_TANE (1).cdp
2015-10-01 19:07 - 2015-10-01 19:08 - 00915389 _____ C:\Users\Caro\Downloads\442_Update_1 (1).cdp
2015-10-01 13:41 - 2015-10-01 13:46 - 248951650 _____ C:\Users\Caro\Downloads\Talent2_TANE.cdp
2015-10-01 13:41 - 2015-10-01 13:43 - 78022020 _____ C:\Users\Caro\Downloads\et42x_TANE.cdp
2015-10-01 13:41 - 2015-10-01 13:41 - 00915389 _____ C:\Users\Caro\Downloads\442_Update_1.cdp
2015-10-01 13:35 - 2015-10-01 13:36 - 79338603 _____ C:\Users\Caro\Downloads\424_425_426.cdp
2015-09-27 19:52 - 2015-09-27 19:52 - 03903007 _____ C:\Users\Caro\Downloads\u-bahn_hamburg_u1__ts_2010_ (5).cdp
2015-09-27 18:32 - 2015-09-27 18:32 - 01970874 _____ C:\Users\Caro\Downloads\bahnsteigzugang_walddoerferbahn_486260_1031 (2).cdp
2015-09-27 18:32 - 2015-09-27 18:32 - 01593677 _____ C:\Users\Caro\Downloads\bahnsteigzugang_walddoerferbahn_2_486260_100124_1 (1).cdp
2015-09-27 18:31 - 2015-09-27 18:32 - 01501457 _____ C:\Users\Caro\Downloads\bahnsteigzugang_modern_1_486260_1070_1 (1).cdp
2015-09-27 18:31 - 2015-09-27 18:31 - 03290366 _____ C:\Users\Caro\Downloads\bahnsteigtreppe_niedrig_2_486260_1063 (1).cdp
2015-09-27 18:31 - 2015-09-27 18:31 - 00628246 _____ C:\Users\Caro\Downloads\t-wagen_6_lieferung__hha__creme-rot_486260_1004.cdp
2015-09-27 18:31 - 2015-09-27 18:31 - 00627219 _____ C:\Users\Caro\Downloads\t-wagen_6l_sparlackierung_486260_100118.cdp
2015-09-27 18:31 - 2015-09-27 18:31 - 00168152 _____ C:\Users\Caro\Downloads\oc_prellbock.cdp
2015-09-27 18:31 - 2015-09-27 18:31 - 00117580 _____ C:\Users\Caro\Downloads\kabelkanal_holzabdeckung_kuid_486260_100132_1.cdp
2015-09-27 18:31 - 2015-09-27 18:31 - 00084262 _____ C:\Users\Caro\Downloads\hektometertafel_2s_486260_100137.cdp
2015-09-27 18:31 - 2015-09-27 18:31 - 00013144 _____ C:\Users\Caro\Downloads\hektometertafel_1s_486260_100135.cdp
2015-09-27 18:30 - 2015-09-27 18:30 - 03606587 _____ C:\Users\Caro\Downloads\eg_walddoerferbahn_kuid_486260_100096 (1).cdp
2015-09-27 18:30 - 2015-09-27 18:30 - 03565231 _____ C:\Users\Caro\Downloads\eg-wandsbek-gartenstadt_kuid_486260_100087 (1).cdp
2015-09-27 18:30 - 2015-09-27 18:30 - 01838207 _____ C:\Users\Caro\Downloads\eg_walddoerferbahn_einstoeckig_486260_1061_1 (2).cdp
2015-09-27 18:30 - 2015-09-27 18:30 - 01585071 _____ C:\Users\Caro\Downloads\eg_walddoerferbahn_einstoeckig_2_kuid_486260_1073.cdp
2015-09-27 18:30 - 2015-09-27 18:30 - 00863033 _____ C:\Users\Caro\Downloads\eg_kiekut_486260_1062 (1).cdp
2015-09-27 18:29 - 2015-09-27 18:30 - 03776398 _____ C:\Users\Caro\Downloads\eg_buchenkamp_486260_100121_1 (1).cdp
2015-09-27 18:29 - 2015-09-27 18:29 - 03382556 _____ C:\Users\Caro\Downloads\eg_buckhorn_486260_100131.cdp
2015-09-27 18:27 - 2015-09-27 18:27 - 06577660 _____ C:\Users\Caro\Downloads\U-Bahn_Hamburg_U1_(TS 2010)_kuid2_486260_1042_6.cdp
2015-09-27 18:27 - 2015-09-27 18:27 - 00114591 _____ C:\Users\Caro\Downloads\Bus_26_Farmsen-Alsterdorf_kuid_486260_1007.cdp
2015-09-27 18:27 - 2015-09-27 18:27 - 00095274 _____ C:\Users\Caro\Downloads\Bus_26_Ruebenkamp-Farmsen_kuid_486260_1131.cdp
2015-09-27 12:52 - 2015-10-22 11:07 - 00000000 ____D C:\Users\Caro\Desktop\Bus S-Bahn und U-Bahn
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2015-10-25 15:10 - 2013-11-28 08:58 - 00001110 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-10-25 14:48 - 2015-07-23 13:20 - 00000000 ____D C:\Program Files (x86)\Dropbox
2015-10-25 14:33 - 2009-07-14 05:45 - 00031680 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-10-25 14:33 - 2009-07-14 05:45 - 00031680 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-10-25 14:31 - 2011-04-12 08:43 - 00699666 _____ C:\Windows\system32\perfh007.dat
2015-10-25 14:31 - 2011-04-12 08:43 - 00149774 _____ C:\Windows\system32\perfc007.dat
2015-10-25 14:31 - 2009-07-14 06:13 - 01620612 _____ C:\Windows\system32\PerfStringBackup.INI
2015-10-25 14:28 - 2013-05-14 14:41 - 01294480 _____ C:\Windows\WindowsUpdate.log
2015-10-25 14:25 - 2013-12-02 17:35 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-10-25 14:24 - 2015-09-10 15:25 - 00001016 _____ C:\Windows\Tasks\dXWO2ljrxOsM8BUr51A4uhDh.job
2015-10-25 14:24 - 2015-09-10 15:25 - 00000990 _____ C:\Windows\Tasks\0HY6jnMulJz.job
2015-10-25 14:24 - 2015-09-10 15:23 - 00000996 _____ C:\Windows\Tasks\9VFLCh0TRTTT5P.job
2015-10-25 14:24 - 2015-09-10 15:23 - 00000992 _____ C:\Windows\Tasks\3IUdz27uKHE3.job
2015-10-25 14:24 - 2014-11-27 19:46 - 00001326 _____ C:\Windows\Tasks\SW.job
2015-10-25 14:24 - 2014-11-27 19:45 - 00001330 _____ C:\Windows\Tasks\OXQC.job
2015-10-25 14:24 - 2013-11-28 08:58 - 00001106 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-10-25 14:24 - 2013-05-14 15:27 - 00000000 ____D C:\ProgramData\NVIDIA
2015-10-25 14:24 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-10-25 14:16 - 2013-05-17 08:33 - 00000000 ____D C:\Program Files\CCleaner
2015-10-25 14:16 - 2013-05-17 08:29 - 00000000 ____D C:\Program Files (x86)\Google
2015-10-25 14:11 - 2015-08-13 20:58 - 00000000 __SHD C:\Users\Caro\AppData\Local\EmieUserList
2015-10-25 14:11 - 2015-08-13 20:58 - 00000000 __SHD C:\Users\Caro\AppData\Local\EmieSiteList
2015-10-25 14:11 - 2015-08-13 20:58 - 00000000 __SHD C:\Users\Caro\AppData\Local\EmieBrowserModeList
2015-10-25 13:39 - 2015-05-12 14:19 - 00000000 ____D C:\ProgramData\Package Cache
2015-10-25 13:32 - 2013-05-14 14:54 - 00000000 ____D C:\Users\Caro
2015-10-25 13:30 - 2015-06-05 11:12 - 00000000 ___SD C:\Windows\system32\GWX
2015-10-25 13:30 - 2014-04-26 09:22 - 00000000 ___SD C:\Windows\system32\CompatTel
2015-10-25 13:30 - 2011-04-12 08:55 - 00000000 ____D C:\Program Files\Windows Journal
2015-10-25 13:30 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2015-10-25 13:29 - 2009-07-14 06:09 - 00000000 ____D C:\Windows\System32\Tasks\WPD
2015-10-25 13:29 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\system32\NDF
2015-10-25 13:29 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\servicing
2015-10-25 13:28 - 2014-10-05 14:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-10-25 13:28 - 2014-10-05 14:48 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2015-10-25 13:28 - 2014-10-05 14:48 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2015-10-25 13:28 - 2013-11-28 10:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Shape Shifter
2015-10-25 13:28 - 2013-11-28 10:08 - 00000000 ____D C:\Program Files (x86)\Shape Shifter
2015-10-25 13:28 - 2013-11-28 09:49 - 00000000 ____D C:\Users\Caro\Documents\Gamehouse
2015-10-25 13:28 - 2013-05-17 08:29 - 00000000 ____D C:\Users\Caro\AppData\Local\Google
2015-10-25 13:28 - 2013-05-14 15:56 - 00000000 ____D C:\Program Files\Microsoft Security Client
2015-10-25 13:28 - 2009-07-14 04:20 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared
2015-10-25 13:27 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\registration
2015-10-25 13:23 - 2013-12-02 17:35 - 00000000 ____D C:\Windows\system32\Macromed
2015-10-25 13:21 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\AppCompat
2015-10-25 12:13 - 2011-04-12 08:54 - 00000000 ___RD C:\Users\Public\Recorded TV
2015-10-25 12:09 - 2013-10-11 09:31 - 00000000 ____D C:\Users\Caro\AppData\Local\Mozilla
2015-10-25 12:01 - 2013-05-17 08:28 - 00000000 ____D C:\Users\Caro\AppData\Local\Deployment
2015-10-25 11:21 - 2015-07-23 13:20 - 00000000 ____D C:\Users\Caro\AppData\Local\Dropbox
2015-10-25 11:20 - 2013-05-17 09:17 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-10-25 11:16 - 2015-09-13 15:54 - 00000000 ____D C:\AdwCleaner
2015-10-25 11:01 - 2009-07-14 05:45 - 00346880 _____ C:\Windows\system32\FNTCACHE.DAT
2015-10-25 10:58 - 2015-06-05 11:12 - 00000000 ___SD C:\Windows\SysWOW64\GWX
2015-10-22 20:57 - 2014-05-01 15:13 - 00001023 _____ C:\Users\Caro\Desktop\Shape Shifter.lnk
2015-10-22 15:05 - 2013-08-16 12:05 - 00000000 ____D C:\Windows\system32\MRT
2015-10-22 14:49 - 2009-07-14 03:34 - 00000478 _____ C:\Windows\win.ini
2015-10-22 14:02 - 2013-05-14 16:03 - 00001912 _____ C:\Windows\epplauncher.mif
2015-10-22 12:14 - 2015-09-10 19:18 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-10-22 10:30 - 2015-09-10 19:25 - 00000000 ____D C:\Users\Caro\AppData\Roaming\vlc
2015-10-22 10:30 - 2014-04-05 17:33 - 00000000 ____D C:\Users\Caro\AppData\Roaming\dvdcss
2015-10-22 10:30 - 2013-11-28 09:50 - 00000000 ____D C:\Users\Caro\Documents\Bob der Baumeister
2015-10-19 20:28 - 2015-08-16 22:16 - 00000000 ___RD C:\Users\Caro\Dropbox
2015-10-19 11:17 - 2013-05-17 08:37 - 00000000 ____D C:\Users\Caro\AppData\Roaming\Dropbox
2015-10-19 11:00 - 2013-12-02 17:35 - 00780488 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-10-19 11:00 - 2013-12-02 17:35 - 00142536 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-10-19 11:00 - 2013-12-02 17:35 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-10-15 18:10 - 2013-05-17 12:47 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2015-10-15 18:09 - 2014-12-31 10:11 - 00003886 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2015-10-02 11:09 - 2013-05-14 17:12 - 143481208 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-09-28 16:24 - 2013-05-14 15:16 - 00000000 ____D C:\Windows\System32\Tasks\TVT
2015-09-28 16:24 - 2013-05-14 15:16 - 00000000 ____D C:\ProgramData\Lenovo
2015-09-28 16:23 - 2013-05-14 15:16 - 00000000 ___HD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lenovo ThinkVantage Tools
2015-09-28 16:23 - 2013-05-14 15:16 - 00000000 ____D C:\Program Files (x86)\Lenovo
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2014-02-20 19:21 - 2012-05-09 06:29 - 0006148 _____ () C:\Program Files (x86)\.DS_Store
2014-02-20 19:21 - 2008-10-26 01:27 - 0028672 _____ () C:\Program Files (x86)\AtsPluginProxy.dll
2014-02-20 19:21 - 2008-01-15 10:07 - 0001147 _____ () C:\Program Files (x86)\COPYING
2014-02-20 19:21 - 2012-06-09 08:21 - 0000868 _____ () C:\Program Files (x86)\Credits.txt
2014-02-20 19:21 - 2013-11-20 04:10 - 0053248 _____ () C:\Program Files (x86)\ObjectBender.exe
2014-02-20 19:21 - 2013-11-20 04:10 - 0262144 _____ () C:\Program Files (x86)\ObjectViewer.exe
2014-02-20 19:21 - 2012-02-12 22:15 - 0000101 _____ () C:\Program Files (x86)\ObjectViewer.exe.config
2014-02-20 19:21 - 2013-11-20 04:11 - 0937984 _____ () C:\Program Files (x86)\OpenBve.exe
2014-02-20 19:21 - 2012-02-12 22:15 - 0000101 _____ () C:\Program Files (x86)\OpenBve.exe.config
2014-02-20 19:21 - 2013-07-28 11:54 - 0049152 _____ () C:\Program Files (x86)\OpenBveApi.dll
2014-02-20 19:21 - 2013-07-28 11:54 - 0127543 _____ () C:\Program Files (x86)\OpenBveApi.xml
2014-02-20 19:21 - 2007-07-20 08:25 - 0000438 _____ () C:\Program Files (x86)\README-SDL.txt
2014-02-20 19:21 - 2012-06-09 08:22 - 0001639 _____ () C:\Program Files (x86)\Readme.txt
2014-02-20 19:21 - 2013-11-20 04:11 - 0483328 _____ () C:\Program Files (x86)\RouteViewer.exe
2014-02-20 19:21 - 2012-02-12 22:15 - 0000101 _____ () C:\Program Files (x86)\RouteViewer.exe.config
2014-02-20 19:21 - 2012-01-15 15:49 - 0303616 _____ () C:\Program Files (x86)\SDL.dll
2014-02-20 19:21 - 2013-11-20 04:11 - 0000238 _____ () C:\Program Files (x86)\settings.sav
2014-02-20 19:21 - 2011-05-23 16:34 - 0069632 _____ (Tao Framework -- hxxp://www.taoframework.com) C:\Program Files (x86)\Tao.OpenAl.dll
2014-02-20 19:21 - 2010-11-17 13:09 - 0000457 _____ () C:\Program Files (x86)\Tao.OpenAl.dll.config
2014-02-20 19:21 - 2011-05-23 16:33 - 1138688 _____ (Tao Framework -- hxxp://www.taoframework.com) C:\Program Files (x86)\Tao.OpenGl.dll
2014-02-20 19:21 - 2010-11-28 19:52 - 0000508 _____ () C:\Program Files (x86)\Tao.OpenGl.dll.config
2014-03-27 17:27 - 2011-05-23 16:32 - 0081920 _____ (Tao Framework -- hxxp://www.taoframework.com) C:\Program Files (x86)\Tao.Sdl.dll
2014-02-20 19:21 - 2008-05-01 19:47 - 0001539 _____ () C:\Program Files (x86)\Tao.Sdl.dll.config
2014-02-20 19:21 - 2013-11-20 04:11 - 0126976 _____ () C:\Program Files (x86)\TrainEditor.exe
2014-03-27 17:27 - 2014-03-27 17:27 - 0116013 _____ () C:\Program Files (x86)\Uninstal.exe
2015-04-14 17:28 - 2015-04-14 17:28 - 0001171 _____ () C:\Users\Caro\AppData\Roaming\0HY6jnMulJz
2015-04-14 17:28 - 2015-04-14 17:28 - 0001171 _____ () C:\Users\Caro\AppData\Roaming\3IUdz27uKHE3
2015-04-19 13:20 - 2015-04-19 13:20 - 0005872 _____ () C:\Users\Caro\AppData\Roaming\9VFLCh0TRTTT5P
2015-04-19 13:20 - 2015-04-19 13:20 - 0005872 _____ () C:\Users\Caro\AppData\Roaming\dXWO2ljrxOsM8BUr51A4uhDh
2013-11-25 19:54 - 2015-07-05 17:01 - 0000000 _____ () C:\Users\Caro\AppData\Roaming\FileIn.cns
2013-11-25 19:54 - 2015-07-05 17:01 - 0000000 _____ () C:\Users\Caro\AppData\Roaming\FileOut.cns
2015-04-30 22:07 - 2015-04-30 22:10 - 0000353 _____ () C:\ProgramData\hpzinstall.log
Dateien, die verschoben oder gelöscht werden sollten:
====================
C:\Users\Caro\OpenBve.exe
Einige Dateien in TEMP:
====================
C:\Users\Caro\AppData\Local\Temp\sqlite3.dll
==================== Bamital & volsnap =================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll
[2013-05-14 16:51] - [2015-09-07 19:17] - 0357888 ____A (Microsoft Corporation) 0E4E27DDEC7F5282C284799613F814FC
C:\Windows\SysWOW64\dnsapi.dll FEHLT <==== ACHTUNG
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2015-10-23 17:10
==================== Ende von FRST.txt ============================
Geändert von nordlicht81 (25.10.2015 um 16:10 Uhr) |
|
25.10.2015, 15:56
| #2 |
| /// the machine /// TB-Ausbilder    | HILFE: Programme können keine Internetverbindung herstellen Hi,
__________________Logs bitte immer in den Thread posten. Zur Not aufteilen und mehrere Posts nutzen. Ich kann auf Arbeit keine Anhänge öffnen, danke.  So funktioniert es:Posten in CODE-Tags Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
__________________ |
|
25.10.2015, 16:08
| #3 |
| | HILFE: Programme können keine Internetverbindung herstellen Ich habe die beiden ersten Files in meinem Ursprungsbeitrag eingefügt - hier kommt nun noch der letzte log-file. Danke für deinen Hinweis!
__________________[CODE] GMER Logfile: Code:
ATTFilter GMER 2.1.19357 - hxxp://www.gmer.net
Rootkit scan 2015-10-25 15:28:32
Windows 6.1.7601 Service Pack 1 x64 \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1 WDC_WD32 rev.02.0 298,09GB
Running: Gmer-19357.exe; Driver: C:\Users\Caro\AppData\Local\Temp\kxldqpog.sys
---- User code sections - GMER 2.1 ----
.text C:\Program Files (x86)\Google\Update\GoogleUpdate.exe[4184] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExW + 17 0000000074c11401 2 bytes JMP 759bb21b C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Google\Update\GoogleUpdate.exe[4184] C:\Windows\syswow64\PSAPI.DLL!EnumProcessModules + 17 0000000074c11419 2 bytes JMP 759bb346 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Google\Update\GoogleUpdate.exe[4184] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 17 0000000074c11431 2 bytes JMP 75a38fd1 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Google\Update\GoogleUpdate.exe[4184] C:\Windows\syswow64\PSAPI.DLL!GetModuleInformation + 42 0000000074c1144a 2 bytes CALL 7599489d C:\Windows\syswow64\kernel32.dll
.text ... * 9
.text C:\Program Files (x86)\Google\Update\GoogleUpdate.exe[4184] C:\Windows\syswow64\PSAPI.DLL!EnumDeviceDrivers + 17 0000000074c114dd 2 bytes JMP 75a388c4 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Google\Update\GoogleUpdate.exe[4184] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameA + 17 0000000074c114f5 2 bytes JMP 75a38aa0 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Google\Update\GoogleUpdate.exe[4184] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSetEx + 17 0000000074c1150d 2 bytes JMP 75a387ba C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Google\Update\GoogleUpdate.exe[4184] C:\Windows\syswow64\PSAPI.DLL!GetDeviceDriverBaseNameW + 17 0000000074c11525 2 bytes JMP 75a38b8a C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Google\Update\GoogleUpdate.exe[4184] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameW + 17 0000000074c1153d 2 bytes JMP 759afca8 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Google\Update\GoogleUpdate.exe[4184] C:\Windows\syswow64\PSAPI.DLL!EnumProcesses + 17 0000000074c11555 2 bytes JMP 759b68ef C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Google\Update\GoogleUpdate.exe[4184] C:\Windows\syswow64\PSAPI.DLL!GetProcessMemoryInfo + 17 0000000074c1156d 2 bytes JMP 75a39089 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Google\Update\GoogleUpdate.exe[4184] C:\Windows\syswow64\PSAPI.DLL!GetPerformanceInfo + 17 0000000074c11585 2 bytes JMP 75a38bea C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Google\Update\GoogleUpdate.exe[4184] C:\Windows\syswow64\PSAPI.DLL!QueryWorkingSet + 17 0000000074c1159d 2 bytes JMP 75a3877e C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Google\Update\GoogleUpdate.exe[4184] C:\Windows\syswow64\PSAPI.DLL!GetModuleBaseNameA + 17 0000000074c115b5 2 bytes JMP 759afd41 C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Google\Update\GoogleUpdate.exe[4184] C:\Windows\syswow64\PSAPI.DLL!GetModuleFileNameExA + 17 0000000074c115cd 2 bytes JMP 759bb2dc C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Google\Update\GoogleUpdate.exe[4184] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 20 0000000074c116b2 2 bytes JMP 75a38f4c C:\Windows\syswow64\kernel32.dll
.text C:\Program Files (x86)\Google\Update\GoogleUpdate.exe[4184] C:\Windows\syswow64\PSAPI.DLL!GetProcessImageFileNameW + 31 0000000074c116bd 2 bytes JMP 75a38713 C:\Windows\syswow64\kernel32.dll
---- Threads - GMER 2.1 ----
Thread C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [4688:1684] 0000000074d57587
Thread C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [4688:4840] 00000000745e8aa6
Thread C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [4688:3176] 0000000076f6c557
Thread C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [4688:3996] 0000000076f827c1
Thread C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [4688:3256] 0000000076f827c1
Thread C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [4688:3376] 0000000076f827c1
---- Registry - GMER 2.1 ----
Reg HKLM\SYSTEM\ControlSet001\services\BTHPORT\Parameters\Keys\ec55f9f6fa46 (not active ControlSet)
Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\ec55f9f6fa46
Reg HKLM\SYSTEM\ControlSet003\services\BTHPORT\Parameters\Keys\ec55f9f6fa46 (not active ControlSet)
---- EOF - GMER 2.1 ----
|
|
26.10.2015, 18:15
| #4 |
| /// the machine /// TB-Ausbilder | HILFE: Programme können keine Internetverbindung herstellen hi, Scan mit Combofix
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
27.10.2015, 11:12
| #5 |
| | HILFE: Programme können keine Internetverbindung herstellen Hab ich alles gemacht. Neustart des Systems durch Combofix. Daraufhin sah ich nur noch einen blauen Bildschirm, worauf dann die Windows Starthilfe startete. Jedoch ist keine Reparatur oder Systemwiederherstellung möglich, was bedeutet, ich kann nun, nachdem Combofix lief, den Laptop überhaupt nicht mehr hochfahren?! Was ist da denn jetzt passiert und was kann ich nun machen?????? Nachtrag: Wie von Zauberhand ging es jetzt doch wieder. Ich versuche mich dann einfach nochmal an Combofix Hab Combofix nun nochmal durchlaufen lassen und bekam nach dem Neustart/einloggen nun die Meldung "ipconfig.exe - Systemfehler....Das Programm kann nicht gestartet werden, da DNSAPI.dll auf dem Computer fehlt". Und Combofix sagt "Bereite Logdatei vor" aber da tut sich nichts mehr. Glaube das hängt. So, hab dann jetzt die Logdatei: Code:
ATTFilter ComboFix 15-10-27.01 - Caro 27.10.2015 10:44:25.1.4 - x64
Microsoft Windows 7 Professional 6.1.7601.1.1252.49.1031.18.8052.6563 [GMT 1:00]
ausgeführt von:: c:\users\Caro\Desktop\ComboFix.exe
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((( Weitere Löschungen ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\ntuser.pol
c:\windows\SysWow64\main.exe
.
---- Vorheriger Suchlauf -------
.
c:\program files (x86)\readme.txt
c:\programdata\Roaming
c:\windows\SysWow64\main.exe
.
.
((((((((((((((((((((((( Dateien erstellt von 2015-09-27 bis 2015-10-27 ))))))))))))))))))))))))))))))
.
.
2015-10-26 09:26 . 2015-10-27 09:03 -------- d-----w- c:\program files (x86)\Cobian Backup 11
2015-10-25 14:12 . 2015-10-25 14:14 -------- d-----w- C:\FRST
2015-10-25 13:32 . 2015-10-25 13:32 75888 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{9F44329F-4A5A-4462-94A9-547F459BC262}\offreg.3320.dll
2015-10-25 12:52 . 2015-10-26 15:31 -------- d-----w- c:\users\Caro\AppData\Local\ElevatedDiagnostics
2015-10-25 10:20 . 2015-10-20 02:33 11140960 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{9F44329F-4A5A-4462-94A9-547F459BC262}\mpengine.dll
2015-10-25 10:18 . 2015-10-25 10:18 448968 ----a-w- c:\windows\system32\drivers\rvrtuqxr.sys
2015-10-25 10:15 . 2015-10-25 10:15 448968 ----a-w- c:\windows\system32\drivers\bptavlnz.sys
2015-10-25 10:15 . 2015-10-25 10:15 -------- d-----w- c:\programdata\AVAST Software
2015-10-25 09:58 . 2015-10-25 12:30 -------- d-----w- c:\windows\system32\appraiser
2015-10-23 17:38 . 2015-10-25 12:29 -------- d-----w- c:\windows\SysWow64\Adobe
2015-10-22 13:56 . 2015-07-30 13:13 103120 ----a-w- c:\windows\SysWow64\PresentationCFFRasterizerNative_v0300.dll
2015-10-22 13:56 . 2015-07-30 13:13 124624 ----a-w- c:\windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-10-22 13:48 . 2015-10-22 13:48 -------- d-----w- c:\program files (x86)\MSXML 4.0
2015-10-22 13:15 . 2015-09-16 04:22 66560 ----a-w- c:\windows\system32\iesetup.dll
2015-10-22 13:14 . 2015-07-15 18:15 94656 ----a-w- c:\windows\system32\drivers\mountmgr.sys
2015-10-22 13:13 . 2015-09-25 18:07 3168768 ----a-w- c:\windows\system32\wucltux.dll
2015-10-22 13:12 . 2015-08-27 18:18 2004480 ----a-w- c:\windows\system32\msxml6.dll
2015-10-22 13:11 . 2015-08-05 17:56 1110016 ----a-w- c:\windows\system32\schedsvc.dll
2015-10-22 12:59 . 2015-09-02 01:51 3209216 ----a-w- c:\windows\system32\win32k.sys
2015-10-22 12:59 . 2015-09-02 03:04 41984 ----a-w- c:\windows\system32\lpk.dll
2015-10-22 12:59 . 2015-09-02 03:04 100864 ----a-w- c:\windows\system32\fontsub.dll
2015-10-22 12:59 . 2015-09-02 03:04 14336 ----a-w- c:\windows\system32\dciman32.dll
2015-10-22 12:59 . 2015-09-02 03:04 46080 ----a-w- c:\windows\system32\atmlib.dll
2015-10-22 12:59 . 2015-09-02 02:48 70656 ----a-w- c:\windows\SysWow64\fontsub.dll
2015-10-22 12:59 . 2015-09-02 02:48 10240 ----a-w- c:\windows\SysWow64\dciman32.dll
2015-10-22 12:59 . 2015-09-02 02:48 34304 ----a-w- c:\windows\SysWow64\atmlib.dll
2015-10-22 12:59 . 2015-09-02 02:47 25600 ----a-w- c:\windows\SysWow64\lpk.dll
2015-10-22 12:59 . 2015-09-02 01:47 372736 ----a-w- c:\windows\system32\atmfd.dll
2015-10-22 12:59 . 2015-09-02 01:33 299520 ----a-w- c:\windows\SysWow64\atmfd.dll
2015-10-19 19:11 . 2015-10-19 19:11 -------- d-----w- c:\programdata\Dropbox
2015-10-19 19:01 . 2015-10-19 19:17 -------- d-----w- c:\users\Caro\Doctor Web
2015-10-08 16:57 . 2015-10-08 16:57 -------- d-----w- C:\BAHN
.
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2015-10-19 10:00 . 2013-12-02 16:35 780488 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2015-10-19 10:00 . 2013-12-02 16:35 142536 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2015-10-02 10:09 . 2013-05-14 16:12 143481208 ----a-w- c:\windows\system32\MRT.exe
2015-09-29 02:58 . 2015-10-22 13:15 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2015-09-13 15:42 . 2015-09-13 15:42 0 ----a-w- c:\windows\SysWow64\REN902E.tmp
2015-09-13 15:40 . 2014-04-16 10:05 110688 ----a-w- c:\windows\system32\WindowsAccessBridge-64.dll
2015-09-07 20:31 . 2015-09-07 20:31 55168 ----a-w- c:\windows\system32\drivers\ezdnwtyt.sys
2015-09-07 18:17 . 2013-05-14 15:51 357888 ----a-w- c:\windows\system32\dnsapi.dll
2014-03-27 16:27 . 2014-03-27 16:27 116013 ----a-w- c:\program files (x86)\Uninstal.exe
2013-11-20 03:11 . 2014-02-20 18:21 126976 ----a-w- c:\program files (x86)\TrainEditor.exe
2013-11-20 03:11 . 2014-02-20 18:21 483328 ----a-w- c:\program files (x86)\RouteViewer.exe
2013-11-20 03:11 . 2014-02-20 18:21 937984 ----a-w- c:\program files (x86)\OpenBve.exe
2013-11-20 03:10 . 2014-02-20 18:21 262144 ----a-w- c:\program files (x86)\ObjectViewer.exe
2013-11-20 03:10 . 2014-02-20 18:21 53248 ----a-w- c:\program files (x86)\ObjectBender.exe
2013-07-28 10:54 . 2014-02-20 18:21 49152 ----a-w- c:\program files (x86)\OpenBveApi.dll
2012-01-15 14:49 . 2014-02-20 18:21 303616 ----a-w- c:\program files (x86)\SDL.dll
2011-05-23 15:34 . 2014-02-20 18:21 69632 ----a-w- c:\program files (x86)\Tao.OpenAl.dll
2011-05-23 15:33 . 2014-02-20 18:21 1138688 ----a-w- c:\program files (x86)\Tao.OpenGl.dll
2011-05-23 15:32 . 2014-03-27 16:27 81920 ----a-w- c:\program files (x86)\Tao.Sdl.dll
2008-10-26 00:27 . 2014-02-20 18:21 28672 ----a-w- c:\program files (x86)\AtsPluginProxy.dll
.
.
------- Sigcheck -------
Note: Unsigned files aren't necessarily malware.
.
[-] 2015-09-15 . 5424EC756808C1002457033D969115C7 . 31232 . . [6.1.7601.19007] .. c:\windows\system32\lsass.exe
.
[-] 2015-09-25 . 64B432FB351118B222A5342A7A461696 . 140288 . . [7.6.7601.19016] .. c:\windows\winsxs\amd64_microsoft-windows-w..wsupdateclient-core_31bf3856ad364e35_7.6.7601.19016_none_e764aa7a6516de13\wuauclt.exe
[7] 2015-03-25 . AEA602B4036CF95522818E911654F52E . 135168 . . [7.6.7601.18804] .. c:\windows\winsxs\amd64_microsoft-windows-w..wsupdateclient-core_31bf3856ad364e35_7.6.7601.18804_none_e76d9fca65105f0b\wuauclt.exe
[7] 2014-05-14 . EAD9E413A6CEB9FD8E2AD9DC0716C061 . 58336 . . [7.6.7600.320] .. c:\windows\winsxs\amd64_microsoft-windows-w..wsupdateclient-core_31bf3856ad364e35_7.6.7600.320_none_d5f64d30518fd000\wuauclt.exe
[7] 2012-06-02 . C1C03EA437EDDA8A7D4D8786E5AE6751 . 57880 . . [7.6.7600.256] .. c:\windows\winsxs\amd64_microsoft-windows-w..wsupdateclient-core_31bf3856ad364e35_7.6.7600.256_none_d5f513f25190f276\wuauclt.exe
[7] 2010-11-21 . 7FBFAA84FE176D9AE932ABC585AB68D5 . 51200 . . [7.5.7601.17514] .. c:\windows\winsxs\amd64_microsoft-windows-w..wsupdateclient-core_31bf3856ad364e35_7.5.7601.17514_none_1f3413afc64d10c5\wuauclt.exe
[-] 2015-09-25 . 64B432FB351118B222A5342A7A461696 . 140288 . . [7.6.7601.19016] .. c:\windows\system32\wuauclt.exe
.
[-] 2015-04-24 . 8B2DB34CCD937CD4ADF7DE62C9E79069 . 633856 . . [5.82] .. c:\windows\winsxs\amd64_microsoft-windows-shell-comctl32-v5_31bf3856ad364e35_6.1.7601.23039_none_983ae9e107c0a872\comctl32.dll
[-] 2015-04-24 . 8B2DB34CCD937CD4ADF7DE62C9E79069 . 633856 . . [5.82] .. c:\windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.23039_none_a6b7fbc96e401250\comctl32.dll
[-] 2015-04-24 . 51F89CE2D0FEC66070354504E6C4C3E4 . 633856 . . [5.82] .. c:\windows\winsxs\amd64_microsoft-windows-shell-comctl32-v5_31bf3856ad364e35_6.1.7601.18837_none_97af745feea4a2b8\comctl32.dll
[-] 2015-04-24 . 51F89CE2D0FEC66070354504E6C4C3E4 . 633856 . . [5.82] .. c:\windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.18837_none_a4d981ff711297b6\comctl32.dll
[-] 2015-04-24 . E6FD06E7948B35B604CF188B554E9760 . 2030592 . . [5.82] .. c:\windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.23039_none_e36d4d173100d4ed\comctl32.dll
[-] 2015-04-24 . 271DC9A33422D9A85E3790A0AF0A91EF . 2030592 . . [5.82] .. c:\windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757\comctl32.dll
[7] 2015-03-30 . 4AE5551E961CC766CC1488A7A7E1A68F . 2030592 . . [5.82] .. c:\windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_fa381d5f175bfb52\comctl32.dll
[7] 2015-03-30 . 47B2383EF858719225311A4A259A4CD6 . 2030592 . . [5.82] .. c:\windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.23011_none_e36c02c33101d537\comctl32.dll
[7] 2013-07-04 . 9028D1621C43DF8DFBD1C76860412A11 . 633856 . . [5.82] .. c:\windows\winsxs\amd64_microsoft-windows-shell-comctl32-v5_31bf3856ad364e35_6.1.7601.18201_none_97c9d703ee91c7f1\comctl32.dll
[7] 2013-07-04 . 9028D1621C43DF8DFBD1C76860412A11 . 633856 . . [5.82] .. c:\windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.18201_none_a4d3b9377117c3df\comctl32.dll
[7] 2013-07-04 . 4F3C5CE9EF990E1C62B7E7EBA0EBA1C2 . 633856 . . [5.82] .. c:\windows\winsxs\amd64_microsoft-windows-shell-comctl32-v5_31bf3856ad364e35_6.1.7601.22376_none_980cc5cd07e3aa05\comctl32.dll
[7] 2013-07-04 . 4F3C5CE9EF990E1C62B7E7EBA0EBA1C2 . 633856 . . [5.82] .. c:\windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.22376_none_a6ba9bf96e3dcd13\comctl32.dll
[7] 2010-11-21 . 14DFDEAF4E589ED3F1FF187A86B9408C . 633856 . . [5.82] .. c:\windows\winsxs\amd64_microsoft-windows-shell-comctl32-v5_31bf3856ad364e35_6.1.7601.17514_none_97c2246fee970dbb\comctl32.dll
[7] 2010-11-21 . 14DFDEAF4E589ED3F1FF187A86B9408C . 633856 . . [5.82] .. c:\windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_a4d6a923711520a9\comctl32.dll
[7] 2010-11-21 . 7FA8FDC2C2A27817FD0F624E78D3B50C . 2030080 . . [5.82] .. c:\windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac\comctl32.dll
[-] 2015-04-24 . 51F89CE2D0FEC66070354504E6C4C3E4 . 633856 . . [5.82] .. c:\windows\system32\comctl32.dll
.
[-] 2015-04-27 . 7BC3E861F7E8EB543A630090FAE779E0 . 188416 . . [6.1.7601.18839] .. c:\windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.18839_none_d414ef57b17a9fd5\cryptsvc.dll
[-] 2015-04-27 . 0925E2BEAC4493C887099F850D69BA3B . 190976 . . [6.1.7601.23040] .. c:\windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.23040_none_d48a91becaa8aac3\cryptsvc.dll
[7] 2015-02-03 . 00D0F7BA3B27126A3E25B540979A9F39 . 190976 . . [6.1.7601.22948] .. c:\windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22948_none_d492bbeccaa14239\cryptsvc.dll
[7] 2015-02-03 . 1CD76A83B9E8E9A5A3519B39E28354D9 . 187904 . . [6.1.7601.18741] .. c:\windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.18741_none_d4021b35b189f3e7\cryptsvc.dll
[7] 2013-10-05 . 509D31797A4B8A3D6ED78A330B19A919 . 186880 . . [6.1.7601.22473] .. c:\windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22473_none_d46d4138cabe2596\cryptsvc.dll
[7] 2013-07-09 . 434CCE8E7150CD1324C5FAA088D1D061 . 186880 . . [6.1.7601.22380] .. c:\windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22380_none_d45f6e88cac8f85b\cryptsvc.dll
[7] 2013-07-09 . 6B400F211BEE880A37A1ED0368776BF4 . 184320 . . [6.1.7601.18205] .. c:\windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.18205_none_d431528fb165f7bc\cryptsvc.dll
[7] 2013-05-13 . D8129C49798CBBFB2E4351D4B7B8EF9C . 184320 . . [6.1.7601.18151] .. c:\windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.18151_none_d3f73fe5b19220ee\cryptsvc.dll
[7] 2013-05-11 . 8122252F0A4ACFA92FA0C1D50D18493B . 186880 . . [6.1.7601.22322] .. c:\windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22322_none_d4a24ea4ca968363\cryptsvc.dll
[7] 2013-05-10 . 7FDC4626B01106A8EF328C88C7C0DEE3 . 184320 . . [6.1.7601.18150] .. c:\windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.18150_none_d3f63f9bb1930797\cryptsvc.dll
[7] 2013-05-10 . CA13C4F92BEE66DB48E58AB3223DDF6E . 186880 . . [6.1.7601.22321] .. c:\windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22321_none_d4a14e5aca976a0c\cryptsvc.dll
[7] 2012-06-04 . 7E7D2DACF65D750D466F36BD3D09AE20 . 186880 . . [6.1.7601.22010] .. c:\windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22010_none_d4ab184aca903d4f\cryptsvc.dll
[7] 2012-06-02 . 9C01375BE382E834CC26D1B7EAF2C4FE . 184320 . . [6.1.7601.17856] .. c:\windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17856_none_d3fc6569b18d7211\cryptsvc.dll
[7] 2010-11-21 . 15597883FBE9B056F276ADA3AD87D9AF . 177152 . . [6.1.7601.17514] .. c:\windows\winsxs\amd64_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17514_none_d4259ed3b16ed82a\cryptsvc.dll
[-] 2015-04-27 . 7BC3E861F7E8EB543A630090FAE779E0 . 188416 . . [6.1.7600.16385] .. c:\windows\system32\cryptsvc.dll
.
[-] 2015-10-01 . 2E52D789C4B17017556ED45D771DA5EB . 1166336 . . [6.1.7601.23226] .. c:\windows\winsxs\amd64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.23226_none_f26482fb860f3ffe\kernel32.dll
[-] 2015-09-29 . 11C18D613F66CB5CE829B821599ED339 . 1164800 . . [6.1.7601.19018] .. c:\windows\winsxs\amd64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.19018_none_f1e7b4ca6ce7b9ca\kernel32.dll
[-] 2015-09-28 . FA37233F148A06C9995854B890DEACBD . 1166336 . . [6.1.7601.23223] .. c:\windows\winsxs\amd64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.23223_none_f261821d8611f3f9\kernel32.dll
[-] 2015-07-23 . 9C261AB78DE420AA52FC08D69FD5745D . 1163264 . . [6.1.7601.18939] .. c:\windows\winsxs\amd64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.18939_none_f1d33d1a6cf6d7c1\kernel32.dll
[-] 2015-07-22 . 313D319AB74D0218F44CC66BE393E38A . 1164288 . . [6.1.7601.23142] .. c:\windows\winsxs\amd64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.23142_none_f24ae0158623155d\kernel32.dll
[7] 2015-07-15 . 72585BDAF2EC5237EBD71D540657D6A2 . 1163264 . . [6.1.7601.18933] .. c:\windows\winsxs\amd64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.18933_none_f1cd3b5e6cfc3fb7\kernel32.dll
[7] 2015-07-15 . A3A71E4BEE2BA121C969B39AD1EB30FC . 1164288 . . [6.1.7601.23136] .. c:\windows\winsxs\amd64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.23136_none_f259b12986175ec8\kernel32.dll
[-] 2015-07-15 . 093861BB2A36B95CE824683714737CAD . 1164288 . . [6.1.7601.23126] .. c:\windows\winsxs\amd64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.23126_none_f2648115860f42d7\kernel32.dll
[-] 2015-07-15 . 9D0A88DF1CCB89596DDB876093CD16A4 . 1163264 . . [6.1.7601.18923] .. c:\windows\winsxs\amd64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.18923_none_f1d80b4a6cf423c6\kernel32.dll
[-] 2015-05-25 . 3A2E4CB43CC4AE0195F686146ADCAD3D . 1163776 . . [6.1.7601.23072] .. c:\windows\winsxs\amd64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.23072_none_f22a6e6b863b6c09\kernel32.dll
[-] 2015-05-25 . 6FDF03A3B110C5264F52F979335AE301 . 1162752 . . [6.1.7601.18869] .. c:\windows\winsxs\amd64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.18869_none_f1b2cb706d0f2e6d\kernel32.dll
[7] 2015-03-17 . E75074EFBE3C24FBC95C7C1985E08FDE . 1163264 . . [6.1.7601.18798] .. c:\windows\winsxs\amd64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.18798_none_f191597c6d286bc2\kernel32.dll
[7] 2015-03-17 . 36F241A637A424A75C98926189115502 . 1164800 . . [6.1.7601.23002] .. c:\windows\winsxs\amd64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.23002_none_f2761ddf8602a872\kernel32.dll
[7] 2014-04-12 . 77BBBF70BCE286CD19E1E68F248363FA . 1164800 . . [6.1.7601.22653] .. c:\windows\winsxs\amd64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.22653_none_f24130b9862a22c7\kernel32.dll
[7] 2014-03-04 . 52E77DC8E31C89FBB1E968699C8121C5 . 1164800 . . [6.1.7601.22616] .. c:\windows\winsxs\amd64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.22616_none_f26f71478606ff08\kernel32.dll
[7] 2014-03-04 . D2A513EE880D71BDE7F0257F38B9D019 . 1163264 . . [6.1.7601.18409] .. c:\windows\winsxs\amd64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.18409_none_f1f3a3606cde922b\kernel32.dll
[7] 2013-08-29 . 786D234A90FCAC72633AE6FC52653A49 . 1162240 . . [6.1.7601.22436] .. c:\windows\winsxs\amd64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.22436_none_f259cda386173c9c\kernel32.dll
[7] 2013-08-02 . C525D51A79B01342344F02E38866CF60 . 1162240 . . [6.1.7601.22411] .. c:\windows\winsxs\amd64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.22411_none_f26a6c09860b8607\kernel32.dll
[7] 2013-08-02 . D8973E71F1B35CD3F3DEA7C12D49D0F0 . 1161216 . . [6.1.7601.18229] .. c:\windows\winsxs\amd64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.18229_none_f1ddffbc6ceecfbf\kernel32.dll
[7] 2013-01-04 . B844114B247D8EF1E5E4E93A282D2E6F . 1162240 . . [6.1.7601.22209] .. c:\windows\winsxs\amd64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.22209_none_f27d3a7985fc3a80\kernel32.dll
[7] 2012-11-30 . B3BEA6420D482356E53B7C728E05C637 . 1163264 . . [6.1.7601.22177] .. c:\windows\winsxs\amd64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.22177_none_f22f888b8636ce42\kernel32.dll
[7] 2012-11-30 . 65C113214F7B05820F6D8A65B1485196 . 1161216 . . [6.1.7601.18015] .. c:\windows\winsxs\amd64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.18015_none_f1e4cab46cea5424\kernel32.dll
[7] 2012-10-04 . 1DC3504CA4C57900F1557E9A3F01D272 . 1161216 . . [6.1.7601.17965] .. c:\windows\winsxs\amd64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.17965_none_f1aee2f66d12ac97\kernel32.dll
[7] 2012-10-04 . F3C594D0DA3ACFA6C7B781A490AB4282 . 1162240 . . [6.1.7601.22125] .. c:\windows\winsxs\amd64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.22125_none_f263979386100fdf\kernel32.dll
[7] 2010-11-21 . 7A6326D96D53048FDEC542DF23D875A0 . 1161216 . . [6.1.7601.17514] .. c:\windows\winsxs\amd64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.17514_none_f1e3eab06ceb12ef\kernel32.dll
[-] 2015-09-29 . 11C18D613F66CB5CE829B821599ED339 . 1164800 . . [6.1.7601.18015] .. c:\windows\system32\kernel32.dll
.
[-] 2015-09-02 . 38E22ADC0D95A1C860C900513A8DC5E9 . 41984 . . [6.1.7601.23188] .. c:\windows\winsxs\amd64_microsoft-windows-gdi_31bf3856ad364e35_6.1.7601.23188_none_083ad5588a78f1c9\lpk.dll
[-] 2015-09-02 . 0E8D254B70E880F032036BFD45266754 . 41984 . . [6.1.7601.18985] .. c:\windows\winsxs\amd64_microsoft-windows-gdi_31bf3856ad364e35_6.1.7601.18985_none_07ae5f8d715dd2b8\lpk.dll
[-] 2015-07-30 . 6399191EEE641F711E094B95B91DBA4B . 41984 . . [6.1.7601.23149] .. c:\windows\winsxs\amd64_microsoft-windows-gdi_31bf3856ad364e35_6.1.7601.23149_none_086715528a579b5c\lpk.dll
[-] 2015-07-30 . 0365E7AED8A38CB5FFF1DFB4458C0593 . 41984 . . [6.1.7601.18946] .. c:\windows\winsxs\amd64_microsoft-windows-gdi_31bf3856ad364e35_6.1.7601.18946_none_07da9f87713c7c4b\lpk.dll
[7] 2015-02-20 . DEEE064A330560593BBED835F591F0A5 . 41984 . . [6.1.7601.22974] .. c:\windows\winsxs\amd64_microsoft-windows-gdi_31bf3856ad364e35_6.1.7601.22974_none_0841ca148a744013\lpk.dll
[7] 2015-02-20 . F351B0E520502552734BE70AA5940784 . 41984 . . [6.1.7601.18768] .. c:\windows\winsxs\amd64_microsoft-windows-gdi_31bf3856ad364e35_6.1.7601.18768_none_07c6fc77714aec8d\lpk.dll
[7] 2013-06-06 . 796B47A4B82EF1C39F13435B88834C48 . 41472 . . [6.1.7601.18177] .. c:\windows\winsxs\amd64_microsoft-windows-gdi_31bf3856ad364e35_6.1.7601.18177_none_07bb20dd7154003d\lpk.dll
[7] 2013-06-06 . 22FC61B8E1EBA296FF416C3678E26DD3 . 41472 . . [6.1.7601.22350] .. c:\windows\winsxs\amd64_microsoft-windows-gdi_31bf3856ad364e35_6.1.7601.22350_none_08535d608a67b3eb\lpk.dll
[7] 2009-07-14 . D202223587518B13D72D68937B7E3F70 . 41984 . . [6.1.7600.16385] .. c:\windows\winsxs\amd64_microsoft-windows-gdi_31bf3856ad364e35_6.1.7601.17514_none_07f91de77125e78d\lpk.dll
[7] 2009-07-14 . D202223587518B13D72D68937B7E3F70 . 41984 . . [6.1.7600.16385] .. c:\windows\winsxs\amd64_microsoft-windows-gdi_31bf3856ad364e35_6.1.7601.18032_none_07e15d357138149f\lpk.dll
[7] 2009-07-14 . D202223587518B13D72D68937B7E3F70 . 41984 . . [6.1.7600.16385] .. c:\windows\winsxs\amd64_microsoft-windows-gdi_31bf3856ad364e35_6.1.7601.22195_none_082d1b568a83a814\lpk.dll
[-] 2015-09-02 . 0E8D254B70E880F032036BFD45266754 . 41984 . . [6.1.7601.18985] .. c:\windows\system32\lpk.dll
.
[-] 2015-09-16 . 99BA96F5AC545D857E662A9FC576D919 . 25851904 . . [11.00.9600.18057] .. c:\windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_11.2.9600.18059_none_f5c8533c37149cf2\mshtml.dll
[7] 2015-04-21 . C31D57F7A58FACDA2671075CEBA75199 . 24971776 . . [11.00.9600.17801] .. c:\windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_11.2.9600.17801_none_f56d86c437593398\mshtml.dll
[7] 2015-01-12 . CD726C899BD9A398E8420564A957320B . 25056256 . . [11.00.9600.17631] .. c:\windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_11.2.9600.17633_none_f585f9ea37467afd\mshtml.dll
[7] 2014-11-06 . BBD6A636AAA65D874F3863280CD8373D . 25110016 . . [11.00.9600.17420] .. c:\windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_11.2.9600.17420_none_f59addd03736dce1\mshtml.dll
[7] 2014-09-19 . 7415B29AFE2E4494A57358B8C7E78600 . 23631360 . . [11.00.9600.17344] .. c:\windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_11.2.9600.17358_none_f5a7f85a372cd9fd\mshtml.dll
[7] 2014-08-18 . 920BD93A0B64657A20CA66C2EBB167EA . 23591424 . . [11.00.9600.17280] .. c:\windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_11.2.9600.17280_none_f5b67f6437213d09\mshtml.dll
[7] 2014-07-25 . ECA387DCD57F683C52171C766CF400F0 . 23645696 . . [11.00.9600.17239] .. c:\windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_11.2.9600.17239_none_f5b0b0ea3726a4ff\mshtml.dll
[7] 2014-06-19 . FEC19C351EF1B2C998A85D1BFD765675 . 23464448 . . [11.00.9600.17207] .. c:\windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_11.2.9600.17207_none_f5addd9c372925b8\mshtml.dll
[7] 2014-05-30 . 56803B20D168C1B740D12CE0BE4588F5 . 23414784 . . [11.00.9600.17126] .. c:\windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_11.2.9600.17126_none_f5bac4e4371f22d4\mshtml.dll
[7] 2014-05-06 . 797E2E5C309AFF76990D5B7AF457EACA . 23544320 . . [11.00.9600.17107] .. c:\windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_11.2.9600.17107_none_f5b8ad88372109c7\mshtml.dll
[7] 2014-04-29 . A98DA2EC1E56CF52C682D072F77D9874 . 23547904 . . [11.00.9600.17105] .. c:\windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_11.2.9600.17105_none_f5b8db183720d685\mshtml.dll
[7] 2014-03-31 . C3E3EFD320D0000BE6F9CDB00CD6086F . 23134208 . . [11.00.9600.16659] .. c:\windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_11.2.9600.16659_none_f5876fe837454a4a\mshtml.dll
[7] 2014-03-06 . 37D0FB9E5E8EDA40B66FC3FB3D660261 . 23549440 . . [11.00.9600.17041] .. c:\windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_11.2.9600.17041_none_f5c8074c3714b96c\mshtml.dll
[7] 2014-03-01 . 4E0709D9BB951AD1C22E4FF519B90839 . 23133696 . . [11.00.9600.16521] .. c:\windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_11.2.9600.16521_none_f58ff536373f154c\mshtml.dll
[7] 2014-02-06 . D016F5092E4FFC41147E8555A71D2DDE . 23170048 . . [11.00.9600.16518] .. c:\windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_11.2.9600.16518_none_f58e55743740af5c\mshtml.dll
[7] 2013-11-26 . 16B0A65F52531B769B891DC251ECC6C0 . 23183360 . . [11.00.9600.16476] .. c:\windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_11.2.9600.16476_none_f59f54ac3732f833\mshtml.dll
[7] 2013-11-20 . D233E1A32CE6AF918C9DE1BC44AFEB2A . 23212032 . . [11.00.9600.16428] .. c:\windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_11.2.9600.16428_none_f59a25aa3737acc2\mshtml.dll
[7] 2013-10-12 . 25C356A79B7002E0A20AAF592ED59DE4 . 19269632 . . [10.00.9200.16736] .. c:\windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_10.2.9200.16736_none_91079aba92acea3d\mshtml.dll
[7] 2013-10-12 . BED01C981AA5D47941F6BAF30B6FE12C . 19510784 . . [10.00.9200.20848] .. c:\windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_10.2.9200.20848_none_7a2ff6ecac5bb27c\mshtml.dll
[7] 2013-09-22 . 9958430CE5BFC43D693D6138C31788CC . 19494912 . . [10.00.9200.20831] .. c:\windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_10.2.9200.20831_none_7a2f961aac5be5be\mshtml.dll
[7] 2013-09-22 . F026C6F104758D0EB215B017016FAE27 . 19252224 . . [10.00.9200.16721] .. c:\windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_10.2.9200.16721_none_91070c5892ad50c1\mshtml.dll
[7] 2013-08-10 . CC4AE7E2ECAEE7612B3C0D3AB302375C . 19246592 . . [10.00.9200.16686] .. c:\windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_10.2.9200.16686_none_91176c1892a04cff\mshtml.dll
[7] 2013-08-10 . C2793FDC1EDB82635C538630FE192CC9 . 19488768 . . [10.00.9200.20794] .. c:\windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_10.2.9200.20794_none_7a40236aac4eaeba\mshtml.dll
[7] 2013-07-26 . 396889142BD839DB8A055A0BE0AD2F79 . 19239424 . . [10.00.9200.16660] .. c:\windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_10.2.9200.16660_none_9115f43492a1808b\mshtml.dll
[7] 2013-07-26 . 865EB4E69DAF2DE052E8D020F4F7D313 . 19482112 . . [10.00.9200.20768] .. c:\windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_10.2.9200.20768_none_7a3cc76cac51c939\mshtml.dll
[7] 2013-06-12 . 884691F819503DD2191A2641CC827A52 . 19482112 . . [10.00.9200.20742] .. c:\windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_10.2.9200.20742_none_7a3b4f88ac52fcc5\mshtml.dll
[7] 2013-06-11 . 9586EC4E1CC39CCBA26A5E7DFE774C9E . 19238912 . . [10.00.9200.16635] .. c:\windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_10.2.9200.16635_none_9112816e92a4b4ab\mshtml.dll
[7] 2013-06-08 . 5C41AF3F4B83340D2783CE8FDE30566A . 19233792 . . [10.00.9200.16618] .. c:\windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_10.2.9200.16618_none_91103c8292a6cee0\mshtml.dll
[7] 2013-06-08 . D8FEA3117BEA18064DA7F0668FA94F38 . 19479552 . . [10.00.9200.20723] .. c:\windows\winsxs\amd64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_10.2.9200.20723_none_7a39382cac54e3b8\mshtml.dll
[-] 2015-09-16 . 99BA96F5AC545D857E662A9FC576D919 . 25851904 . . [11.00.9600.18057] .. c:\windows\system32\mshtml.dll
.
[-] 2015-09-16 . BD06D875FB79E92DAF724C91DE743AFA . 2487808 . . [11.00.9600.18057] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_11.2.9600.18059_none_e46e341db6be33bc\wininet.dll
[7] 2015-04-21 . F0289B3A341429117696F0279DA977B6 . 2352128 . . [11.00.9600.17801] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_11.2.9600.17801_none_e41367a5b702ca62\wininet.dll
[7] 2015-01-12 . 9DFE41A69DF70AAB75CB5BA8C1109EA2 . 2358272 . . [11.00.9600.17631] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_11.2.9600.17633_none_e42bdacbb6f011c7\wininet.dll
[7] 2014-11-06 . 6FC2819A4F80AAB2DADEDFC1EFEE3C3F . 2365440 . . [11.00.9600.17420] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_11.2.9600.17420_none_e440beb1b6e073ab\wininet.dll
[7] 2014-09-19 . 9D98D4F390F0B14A782F3B931E613A1A . 2309632 . . [11.00.9600.17344] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_11.2.9600.17358_none_e44dd93bb6d670c7\wininet.dll
[7] 2014-08-18 . 39EBB9708453036A74C30C9A294023FF . 2310656 . . [11.00.9600.17280] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_11.2.9600.17280_none_e45c6045b6cad3d3\wininet.dll
[7] 2014-07-25 . 8E71A5CB5312B8392D4DA4CA37BB5868 . 2266624 . . [11.00.9600.17239] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_11.2.9600.17239_none_e45691cbb6d03bc9\wininet.dll
[7] 2014-06-18 . 2EE102DF0EDD8A1EDD3D1E9B99A91BEC . 2266112 . . [11.00.9600.17207] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_11.2.9600.17207_none_e453be7db6d2bc82\wininet.dll
[7] 2014-05-30 . 40BFD9D6EC8E174145F012246CA73CCD . 2266112 . . [11.00.9600.17126] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_11.2.9600.17126_none_e460a5c5b6c8b99e\wininet.dll
[7] 2014-03-06 . F220BA78AB542C70211D73AE4729B2CD . 2260480 . . [11.00.9600.17041] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_11.2.9600.17041_none_e46de82db6be5036\wininet.dll
[7] 2014-03-01 . DF79CE9B950C62677D232154E93A81C7 . 2334208 . . [11.00.9600.16521] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_11.2.9600.16521_none_e435d617b6e8ac16\wininet.dll
[7] 2014-02-06 . 263B6E451526A90FF8B1CEC759F22956 . 2334208 . . [11.00.9600.16518] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_11.2.9600.16518_none_e4343655b6ea4626\wininet.dll
[7] 2013-11-26 . 9B6678DB9C6A232C5A84D2FDFFF8B0E1 . 2334208 . . [11.00.9600.16476] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_11.2.9600.16476_none_e445358db6dc8efd\wininet.dll
[7] 2013-11-20 . E6CB36B85BE59095337427E853A5B65A . 2332160 . . [11.00.9600.16428] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_11.2.9600.16428_none_e440068bb6e1438c\wininet.dll
[7] 2013-10-12 . 9706C99DAEBE3FEAC811B239617E98C4 . 2241536 . . [10.00.9200.16736] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_10.2.9200.16736_none_7fad7b9c12568107\wininet.dll
[7] 2013-10-12 . 7E7F32C588DA6A4554046804D8EEAC55 . 2249216 . . [10.00.9200.20848] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_10.2.9200.20848_none_68d5d7ce2c054946\wininet.dll
[7] 2013-09-22 . 1377A310439639A610097ED56975AE19 . 2248704 . . [10.00.9200.20830] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_10.2.9200.20831_none_68d576fc2c057c88\wininet.dll
[7] 2013-09-22 . D28B35DE88D27EFB27DF4B1E8319E3C0 . 2241024 . . [10.00.9200.16720] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_10.2.9200.16721_none_7faced3a1256e78b\wininet.dll
[7] 2013-08-10 . AAFA952E774DDDB0956D3BDFAE5B5B99 . 2241024 . . [10.00.9200.16686] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_10.2.9200.16686_none_7fbd4cfa1249e3c9\wininet.dll
[7] 2013-08-10 . 0A380C8E396975463E3F643E88AE8BDF . 2248704 . . [10.00.9200.20794] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_10.2.9200.20794_none_68e6044c2bf84584\wininet.dll
[7] 2013-07-26 . AC155DD9BD1E6D3B740826A4D1C68AAE . 2241024 . . [10.00.9200.16660] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_10.2.9200.16660_none_7fbbd516124b1755\wininet.dll
[7] 2013-07-26 . 5C49F5A791B944AD8247473ABD35602D . 2248704 . . [10.00.9200.20768] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_10.2.9200.20768_none_68e2a84e2bfb6003\wininet.dll
[7] 2013-06-12 . 09BF0D9701F9D846BBC5ABED003851CB . 2248704 . . [10.00.9200.20742] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_10.2.9200.20742_none_68e1306a2bfc938f\wininet.dll
[7] 2013-06-11 . FAF6EC2460AD5FBBD38D8E1AE28B0D77 . 2241024 . . [10.00.9200.16635] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_10.2.9200.16635_none_7fb86250124e4b75\wininet.dll
[7] 2013-05-17 . 7E43B93C0E9C138AC1008F646B06E919 . 2248704 . . [10.00.9200.20716] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_10.2.9200.20719_none_68dd90142bfffaf1\wininet.dll
[7] 2013-05-17 . 12716D987D475B051F35895659159705 . 2241024 . . [10.00.9200.16611] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_10.2.9200.16614_none_7fb67884124fff26\wininet.dll
[7] 2013-05-14 . 753C0848AE7872A3F59663078A517293 . 2240512 . . [10.00.9200.16540] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_10.2.9200.16540_none_7fc4a46e1244c8b6\wininet.dll
[7] 2013-05-14 . A4F6142CABA82FB7293ECE5FF864B440 . 1392128 . . [9.00.8112.16476] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.4.8112.16476_none_76562395749adef9\wininet.dll
[7] 2013-04-05 . 27A9000C534AA9BADC9EE74940F50C6D . 2242048 . . [10.00.9200.16576] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_10.2.9200.16576_none_7fc71c9c1242ae81\wininet.dll
[7] 2013-04-05 . 61962C7A2D6E32827F089E6F0A03E533 . 2247168 . . [10.00.9200.20681] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_10.2.9200.20681_none_68f018462bf0c359\wininet.dll
[7] 2013-03-02 . 9E7687984107C81B859200C9BD570AFF . 1188864 . . [8.00.7601.18106] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7601.18106_none_7ad5f2442f6ad066\wininet.dll
[7] 2013-03-02 . 6E8A768CEA17C6542E3031812745AC3F . 1189888 . . [8.00.7601.22272] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7601.22272_none_7b0fde7348c4ce6b\wininet.dll
[7] 2010-11-21 . F6C5302E1F4813D552F41A0AC82455E5 . 1188864 . . [8.00.7601.17514] .. c:\windows\winsxs\amd64_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7601.17514_none_7ac940242f7494a4\wininet.dll
[-] 2015-09-16 . BD06D875FB79E92DAF724C91DE743AFA . 2487808 . . [11.00.9600.16428] .. c:\windows\system32\wininet.dll
.
[-] 2015-07-04 . C0EACFB89F9F32705F5576D49CC32E9B . 2086912 . . [6.1.7601.23118] .. c:\windows\winsxs\amd64_microsoft-windows-com-base-qfe-ole32_31bf3856ad364e35_6.1.7601.23118_none_0ad113b0220b316a\ole32.dll
[-] 2015-07-04 . E3EB94B45A2735D4559558B5899732E8 . 2087424 . . [6.1.7601.18915] .. c:\windows\winsxs\amd64_microsoft-windows-com-base-qfe-ole32_31bf3856ad364e35_6.1.7601.18915_none_0a449de508f01259\ole32.dll
[7] 2010-11-21 . 6C60B5ACA7442EFB794082CDACFC001C . 2086912 . . [6.1.7601.17514] .. c:\windows\winsxs\amd64_microsoft-windows-com-base-qfe-ole32_31bf3856ad364e35_6.1.7601.17514_none_0a43accb08f0eac5\ole32.dll
[-] 2015-07-04 . E3EB94B45A2735D4559558B5899732E8 . 2087424 . . [6.1.7600.16385] .. c:\windows\system32\ole32.dll
.
[-] 2015-08-05 . E1F233CE5DA10AC41C0545F5DAD25998 . 1110528 . . [6.1.7601.23154] .. c:\windows\winsxs\amd64_microsoft-windows-taskscheduler-service_31bf3856ad364e35_6.1.7601.23154_none_8d854a0dc6e05406\schedsvc.dll
[-] 2015-08-05 . 40686B59C127F0C93B4234E4A1E3472A . 1110016 . . [6.1.7601.18951] .. c:\windows\winsxs\amd64_microsoft-windows-taskscheduler-service_31bf3856ad364e35_6.1.7601.18951_none_8cf8d442adc534f5\schedsvc.dll
[7] 2010-11-21 . 262F6592C3299C005FD6BEC90FC4463A . 1110016 . . [6.1.7601.17514] .. c:\windows\winsxs\amd64_microsoft-windows-taskscheduler-service_31bf3856ad364e35_6.1.7601.17514_none_8d272400ada202f9\schedsvc.dll
[-] 2015-08-05 . 40686B59C127F0C93B4234E4A1E3472A . 1110016 . . [6.1.7600.16385] .. c:\windows\system32\schedsvc.dll
.
[-] 2015-04-24 . 71DD9528DD7D36EB853020401D66089D . 530432 . . [5.82] .. c:\windows\winsxs\x86_microsoft-windows-shell-comctl32-v5_31bf3856ad364e35_6.1.7601.23039_none_3c1c4e5d4f63373c\comctl32.dll
[-] 2015-04-24 . 71DD9528DD7D36EB853020401D66089D . 530432 . . [5.82] .. c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.23039_none_ee6532a082bc3b56\comctl32.dll
[-] 2015-04-24 . F7F754DDAA6AF9D3F3549F7013BFDF70 . 1680896 . . [5.82] .. c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.23039_none_2b1a83ee457cfdf3\comctl32.dll
[-] 2015-04-24 . 58788565442368B0615DDAF1D452B843 . 530432 . . [5.82] .. c:\windows\SysWOW64\comctl32.dll
[-] 2015-04-24 . 58788565442368B0615DDAF1D452B843 . 530432 . . [5.82] .. c:\windows\winsxs\x86_microsoft-windows-shell-comctl32-v5_31bf3856ad364e35_6.1.7601.18837_none_3b90d8dc36473182\comctl32.dll
[-] 2015-04-24 . 58788565442368B0615DDAF1D452B843 . 530432 . . [5.82] .. c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.18837_none_ec86b8d6858ec0bc\comctl32.dll
[-] 2015-04-24 . 885E18B2D0A445FB637850282530EB72 . 1680896 . . [5.82] .. c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d\comctl32.dll
[7] 2015-03-30 . 346DAA8204508A44B7211CC28B830CC5 . 1680896 . . [5.82] .. c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_41e554362bd82458\comctl32.dll
[7] 2015-03-30 . 791206E0343AD8E61826E063F2E4C885 . 1680896 . . [5.82] .. c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.23011_none_2b19399a457dfe3d\comctl32.dll
[7] 2013-07-04 . 700BD5A6AA5381D1D8ADC4045149DBF6 . 530432 . . [5.82] .. c:\windows\winsxs\x86_microsoft-windows-shell-comctl32-v5_31bf3856ad364e35_6.1.7601.22376_none_3bee2a494f8638cf\comctl32.dll
[7] 2013-07-04 . 700BD5A6AA5381D1D8ADC4045149DBF6 . 530432 . . [5.82] .. c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.22376_none_ee67d2d082b9f619\comctl32.dll
[7] 2013-07-04 . 75F5E1FE8D55CF8E577E0EC5F2290D3F . 530432 . . [5.82] .. c:\windows\winsxs\x86_microsoft-windows-shell-comctl32-v5_31bf3856ad364e35_6.1.7601.18201_none_3bab3b80363456bb\comctl32.dll
[7] 2013-07-04 . 75F5E1FE8D55CF8E577E0EC5F2290D3F . 530432 . . [5.82] .. c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.18201_none_ec80f00e8593ece5\comctl32.dll
[7] 2010-11-21 . BDAC1AA64495D0F7E1FF810EBBF1F018 . 530432 . . [5.82] .. c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_ec83dffa859149af\comctl32.dll
[7] 2010-11-21 . BDAC1AA64495D0F7E1FF810EBBF1F018 . 530432 . . [5.82] .. c:\windows\winsxs\x86_microsoft-windows-shell-comctl32-v5_31bf3856ad364e35_6.1.7601.17514_none_3ba388ec36399c85\comctl32.dll
[7] 2010-11-21 . 352B3DC62A0D259A82A052238425C872 . 1680896 . . [5.82] .. c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
.
[-] 2015-04-27 . 33F67BBCC3C0499D3F3382473114CFA8 . 143872 . . [6.1.7600.16385] .. c:\windows\SysWOW64\cryptsvc.dll
[-] 2015-04-27 . 33F67BBCC3C0499D3F3382473114CFA8 . 143872 . . [6.1.7601.18839] .. c:\windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.18839_none_77f653d3f91d2e9f\cryptsvc.dll
[-] 2015-04-27 . 59AF628BEF750EE470FD36751CA52137 . 145920 . . [6.1.7601.23040] .. c:\windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.23040_none_786bf63b124b398d\cryptsvc.dll
[7] 2015-02-03 . B97E16D36DB7B7DD22C97857506FA58A . 145920 . . [6.1.7601.22948] .. c:\windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22948_none_787420691243d103\cryptsvc.dll
[7] 2015-02-03 . 49474B3E37969AF4B5C076F42B623AFF . 143872 . . [6.1.7601.18741] .. c:\windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.18741_none_77e37fb1f92c82b1\cryptsvc.dll
[7] 2013-10-05 . F2D9242C3BBD1C36467FCAE1AE01733F . 142848 . . [6.1.7601.22473] .. c:\windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22473_none_784ea5b51260b460\cryptsvc.dll
[7] 2013-07-09 . 6DB499DEFCC827317C5371164A7CDB27 . 142848 . . [6.1.7601.22380] .. c:\windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22380_none_7840d305126b8725\cryptsvc.dll
[7] 2013-07-09 . 7CA1BECEA5DE2643ADDAD32670E7A4C9 . 140288 . . [6.1.7601.18205] .. c:\windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.18205_none_7812b70bf9088686\cryptsvc.dll
[7] 2013-05-13 . 3897DFF247D9ED0006190349DE264E14 . 140288 . . [6.1.7601.18151] .. c:\windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.18151_none_77d8a461f934afb8\cryptsvc.dll
[7] 2013-05-11 . AC04D05309BB2C418D0D80B9FB014642 . 142848 . . [6.1.7601.22322] .. c:\windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22322_none_7883b3211239122d\cryptsvc.dll
[7] 2013-05-10 . E122AA1C9A3CC46FF9DDDE46E5EB0C58 . 142848 . . [6.1.7601.22321] .. c:\windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22321_none_7882b2d71239f8d6\cryptsvc.dll
[7] 2013-05-10 . 33ADF6E0853AB39EA1723BE82842C1D3 . 140288 . . [6.1.7601.18150] .. c:\windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.18150_none_77d7a417f9359661\cryptsvc.dll
[7] 2012-06-02 . 063DD65889D21035311463337BD268E7 . 142336 . . [6.1.7601.22010] .. c:\windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.22010_none_788c7cc71232cc19\cryptsvc.dll
[7] 2012-06-02 . 96C0E38905CFD788313BE8E11DAE3F2F . 140288 . . [6.1.7601.17856] .. c:\windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17856_none_77ddc9e5f93000db\cryptsvc.dll
[7] 2010-11-21 . A585BEBF7D054BD9618EDA0922D5484A . 136192 . . [6.1.7601.17514] .. c:\windows\winsxs\x86_microsoft-windows-cryptsvc-dll_31bf3856ad364e35_6.1.7601.17514_none_7807034ff91166f4\cryptsvc.dll
.
[-] 2015-09-29 . 9E83A4F6E776F7A3E5F7FB90180FBC0B . 1114112 . . [6.1.7601.18015] .. c:\windows\SysWOW64\kernel32.dll
[-] 2015-09-29 . 9E83A4F6E776F7A3E5F7FB90180FBC0B . 1114112 . . [6.1.7601.18015] .. c:\windows\winsxs\wow64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.19018_none_fc3c5f1ca1487bc5\kernel32.dll
[-] 2015-09-28 . A0CFCED64576C13EC04AD7B39940BE93 . 1114112 . . [6.1.7601.23223] .. c:\windows\SoftwareDistribution\Download\222a3c4e39641398f42eec415c489de3\wow64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.23223_none_fcb62c6fba72b5f4\kernel32.dll
[-] 2015-09-28 . A0CFCED64576C13EC04AD7B39940BE93 . 1114112 . . [6.1.7601.23223] .. c:\windows\winsxs\wow64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.23223_none_fcb62c6fba72b5f4\kernel32.dll
[-] 2015-07-22 . 6F5C056D1AEB8713E403259B5FB38EE8 . 1114112 . . [6.1.7601.23142] .. c:\windows\winsxs\wow64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.23142_none_fc9f8a67ba83d758\kernel32.dll
[-] 2015-07-22 . 1E679BB6671C67B2097A5E53D884D4D0 . 1114112 . . [6.1.7601.18939] .. c:\windows\winsxs\wow64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.18939_none_fc27e76ca15799bc\kernel32.dll
[7] 2015-07-15 . A38E10B4143A19F32D64517B6A1FCB98 . 1114112 . . [6.1.7601.18933] .. c:\windows\winsxs\wow64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.18933_none_fc21e5b0a15d01b2\kernel32.dll
[7] 2015-07-15 . 50159C0AEE9029D43B7E27022B6C0B37 . 1114112 . . [6.1.7601.23136] .. c:\windows\winsxs\wow64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.23136_none_fcae5b7bba7820c3\kernel32.dll
[-] 2015-07-15 . CA1A5EE549FE248BC127C1A5CAB72B70 . 1114112 . . [6.1.7601.23126] .. c:\windows\winsxs\wow64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.23126_none_fcb92b67ba7004d2\kernel32.dll
[-] 2015-07-15 . C3856345C4FB053140237236D1146242 . 1114112 . . [6.1.7601.18923] .. c:\windows\winsxs\wow64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.18923_none_fc2cb59ca154e5c1\kernel32.dll
[-] 2015-05-25 . 5EA4D6D52DB2679B8F9DE67A7F8BC41A . 1114112 . . [6.1.7601.23072] .. c:\windows\winsxs\wow64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.23072_none_fc7f18bdba9c2e04\kernel32.dll
[-] 2015-05-25 . F81920ADB15012CF4E9FF8238C85686A . 1114112 . . [6.1.7601.18869] .. c:\windows\winsxs\wow64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.18869_none_fc0775c2a16ff068\kernel32.dll
[7] 2015-03-17 . 99DE8BADC0E85C9AB4A8301A3723FFEA . 1114112 . . [6.1.7601.18798] .. c:\windows\winsxs\wow64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.18798_none_fbe603cea1892dbd\kernel32.dll
[7] 2015-03-17 . 9FBA00AA15C45A2F1D26776193E543C1 . 1114112 . . [6.1.7601.23002] .. c:\windows\winsxs\wow64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.23002_none_fccac831ba636a6d\kernel32.dll
[7] 2014-04-12 . C8C41EBEE097FEB29FB816854D3AD1E7 . 1114112 . . [6.1.7601.22653] .. c:\windows\winsxs\wow64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.22653_none_fc95db0bba8ae4c2\kernel32.dll
[7] 2014-03-04 . 866696FBE24914047462E34812169954 . 1114112 . . [6.1.7601.22616] .. c:\windows\winsxs\wow64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.22616_none_fcc41b99ba67c103\kernel32.dll
[7] 2014-03-04 . 76161B9D78A275F8F28DD67436013110 . 1114112 . . [6.1.7601.18409] .. c:\windows\winsxs\wow64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.18409_none_fc484db2a13f5426\kernel32.dll
[7] 2013-08-29 . EE751CBD5D0C332FDF3DF7187B612416 . 1114112 . . [6.1.7601.22436] .. c:\windows\winsxs\wow64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.22436_none_fcae77f5ba77fe97\kernel32.dll
[7] 2013-08-02 . 61579F821AB5FF7FA2966D64D1070BA8 . 1114112 . . [6.1.7601.22411] .. c:\windows\winsxs\wow64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.22411_none_fcbf165bba6c4802\kernel32.dll
[7] 2013-08-02 . 365A5034093AD9E04F433046C4CDF6AB . 1114112 . . [6.1.7601.18229] .. c:\windows\winsxs\wow64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.18229_none_fc32aa0ea14f91ba\kernel32.dll
[7] 2013-01-04 . 7E55988F5CB3BA67E2732370E8D71BBB . 1114112 . . [6.1.7601.22209] .. c:\windows\winsxs\wow64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.22209_none_fcd1e4cbba5cfc7b\kernel32.dll
[7] 2012-11-30 . 9CC2571E3646B9A24296AD7ADCC71682 . 1114112 . . [6.1.7601.22177] .. c:\windows\winsxs\wow64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.22177_none_fc8432ddba97903d\kernel32.dll
[7] 2012-11-30 . AC0B6F41882FC6ED186962D770EBF1D2 . 1114112 . . [6.1.7601.18015] .. c:\windows\winsxs\wow64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.18015_none_fc397506a14b161f\kernel32.dll
[7] 2012-10-04 . D4F3176082566CEFA633B4945802D4C4 . 1114112 . . [6.1.7601.17965] .. c:\windows\winsxs\wow64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.17965_none_fc038d48a1736e92\kernel32.dll
[7] 2012-10-04 . 5FA395364EE727E4BEE6B1406C207F98 . 1114112 . . [6.1.7601.22125] .. c:\windows\winsxs\wow64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.22125_none_fcb841e5ba70d1da\kernel32.dll
[7] 2010-11-21 . E80758CF485DB142FCA1EE03A34EAD05 . 837632 . . [6.1.7601.17514] .. c:\windows\winsxs\wow64_microsoft-windows-kernel32_31bf3856ad364e35_6.1.7601.17514_none_fc389502a14bd4ea\kernel32.dll
.
[-] 2015-09-02 . 415FB89174E6D8BFC885A00A01C3446B . 25600 . . [6.1.7601.18985] .. c:\windows\SysWOW64\lpk.dll
[-] 2015-09-02 . 415FB89174E6D8BFC885A00A01C3446B . 25600 . . [6.1.7601.18985] .. c:\windows\winsxs\wow64_microsoft-windows-gdi_31bf3856ad364e35_6.1.7601.18985_none_120309dfa5be94b3\lpk.dll
[-] 2015-09-02 . 3EDCBF9078520F613922E0D70A5906A7 . 25600 . . [6.1.7601.23188] .. c:\windows\winsxs\wow64_microsoft-windows-gdi_31bf3856ad364e35_6.1.7601.23188_none_128f7faabed9b3c4\lpk.dll
[-] 2015-07-30 . 9E2F12744DD9810961031C56FBB691F4 . 25600 . . [6.1.7601.18946] .. c:\windows\winsxs\wow64_microsoft-windows-gdi_31bf3856ad364e35_6.1.7601.18946_none_122f49d9a59d3e46\lpk.dll
[-] 2015-07-30 . FFE0FA7543E1B9B37352710BC8B9121C . 25600 . . [6.1.7601.23149] .. c:\windows\winsxs\wow64_microsoft-windows-gdi_31bf3856ad364e35_6.1.7601.23149_none_12bbbfa4beb85d57\lpk.dll
[7] 2015-02-20 . 7B1CABC4896210612AE600238E59CF15 . 25600 . . [6.1.7601.22974] .. c:\windows\winsxs\wow64_microsoft-windows-gdi_31bf3856ad364e35_6.1.7601.22974_none_12967466bed5020e\lpk.dll
[7] 2015-02-20 . 01D9C9A70323BC7E5835B92442DD7EC2 . 25600 . . [6.1.7601.18768] .. c:\windows\winsxs\wow64_microsoft-windows-gdi_31bf3856ad364e35_6.1.7601.18768_none_121ba6c9a5abae88\lpk.dll
[7] 2013-06-06 . 84CA3579EEB69D8E1EE67E4F721BF71C . 25600 . . [6.1.7601.22350] .. c:\windows\winsxs\wow64_microsoft-windows-gdi_31bf3856ad364e35_6.1.7601.22350_none_12a807b2bec875e6\lpk.dll
[7] 2013-06-06 . CC23295DA8F7B5C53F93804D2F5D30EB . 25600 . . [6.1.7601.18177] .. c:\windows\winsxs\wow64_microsoft-windows-gdi_31bf3856ad364e35_6.1.7601.18177_none_120fcb2fa5b4c238\lpk.dll
[7] 2009-07-14 . 384721EF4024890092625E20CADFAF85 . 25600 . . [6.1.7600.16385] .. c:\windows\winsxs\wow64_microsoft-windows-gdi_31bf3856ad364e35_6.1.7601.17514_none_124dc839a586a988\lpk.dll
[7] 2009-07-14 . 384721EF4024890092625E20CADFAF85 . 25600 . . [6.1.7600.16385] .. c:\windows\winsxs\wow64_microsoft-windows-gdi_31bf3856ad364e35_6.1.7601.18032_none_12360787a598d69a\lpk.dll
[7] 2009-07-14 . 384721EF4024890092625E20CADFAF85 . 25600 . . [6.1.7600.16385] .. c:\windows\winsxs\wow64_microsoft-windows-gdi_31bf3856ad364e35_6.1.7601.22195_none_1281c5a8bee46a0f\lpk.dll
.
[-] 2015-09-16 . D586CB95B4EADC0525E8929A241898F5 . 20357632 . . [11.00.9600.18057] .. c:\windows\SysWOW64\mshtml.dll
[-] 2015-09-16 . D586CB95B4EADC0525E8929A241898F5 . 20357632 . . [11.00.9600.18057] .. c:\windows\winsxs\wow64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_11.2.9600.18059_none_001cfd8e6b755eed\mshtml.dll
[7] 2015-04-21 . D74445161E58644309F858342F5E265C . 19691008 . . [11.00.9600.17801] .. c:\windows\winsxs\wow64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_11.2.9600.17801_none_ffc231166bb9f593\mshtml.dll
[7] 2015-01-12 . 61C74D794C14E9FC94D93F5F0F72A3F9 . 19740160 . . [11.00.9600.17631] .. c:\windows\winsxs\wow64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_11.2.9600.17633_none_ffdaa43c6ba73cf8\mshtml.dll
[7] 2014-11-06 . 93074C4FA92A8399404D032F6AF72C1B . 19781632 . . [11.00.9600.17420] .. c:\windows\winsxs\wow64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_11.2.9600.17420_none_ffef88226b979edc\mshtml.dll
[7] 2014-09-19 . F91E55DA404B834648A3B0A2477C10DB . 17484800 . . [11.00.9600.17344] .. c:\windows\winsxs\wow64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_11.2.9600.17358_none_fffca2ac6b8d9bf8\mshtml.dll
[7] 2014-08-18 . 7BF1CE9240CB9DD27C3E30733176EB8E . 17455104 . . [11.00.9600.17280] .. c:\windows\winsxs\wow64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_11.2.9600.17280_none_000b29b66b81ff04\mshtml.dll
[7] 2014-07-25 . 8453DDF167CE2986AA4AB04BC6824925 . 17524224 . . [11.00.9600.17239] .. c:\windows\winsxs\wow64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_11.2.9600.17239_none_00055b3c6b8766fa\mshtml.dll
[7] 2014-06-19 . DFA59840BB1220AFD261FDAE83543959 . 17276416 . . [11.00.9600.17207] .. c:\windows\winsxs\wow64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_11.2.9600.17207_none_000287ee6b89e7b3\mshtml.dll
[7] 2014-05-30 . D5ECBB3BFDC73A59440D9CA79AB3A342 . 17271296 . . [11.00.9600.17126] .. c:\windows\winsxs\wow64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_11.2.9600.17126_none_000f6f366b7fe4cf\mshtml.dll
[7] 2014-05-06 . EB5347F6149D3FF25F4D609A21A3BD67 . 17382912 . . [11.00.9600.17107] .. c:\windows\winsxs\wow64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_11.2.9600.17107_none_000d57da6b81cbc2\mshtml.dll
[7] 2014-04-29 . 5869FBC754578A59C8C8635B99DB79DE . 17384448 . . [11.00.9600.17105] .. c:\windows\winsxs\wow64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_11.2.9600.17105_none_000d856a6b819880\mshtml.dll
[7] 2014-03-30 . CCF19C82F6145E4A467F7CB9AF82026C . 17073152 . . [11.00.9600.16659] .. c:\windows\winsxs\wow64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_11.2.9600.16659_none_ffdc1a3a6ba60c45\mshtml.dll
[7] 2014-03-06 . EA85144F35EDE6EE25C484D4242FF2C8 . 17387008 . . [11.00.9600.17041] .. c:\windows\winsxs\wow64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_11.2.9600.17041_none_001cb19e6b757b67\mshtml.dll
[7] 2014-03-01 . 70462E0A4E293FC80620AB945D8A59BB . 17074688 . . [11.00.9600.16521] .. c:\windows\winsxs\wow64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_11.2.9600.16521_none_ffe49f886b9fd747\mshtml.dll
[7] 2014-02-06 . C863E5A2417DF0F2A31ED32C3B2CB23F . 17103872 . . [11.00.9600.16518] .. c:\windows\winsxs\wow64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_11.2.9600.16518_none_ffe2ffc66ba17157\mshtml.dll
[7] 2013-11-26 . BFAFE990C4A191E83843362B5AC64A9B . 17112576 . . [11.00.9600.16476] .. c:\windows\winsxs\wow64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_11.2.9600.16476_none_fff3fefe6b93ba2e\mshtml.dll
[7] 2013-11-20 . F9F114B2A6F876C92D317A755494F233 . 17142784 . . [11.00.9600.16428] .. c:\windows\winsxs\wow64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_11.2.9600.16428_none_ffeecffc6b986ebd\mshtml.dll
[7] 2013-10-12 . 02A04841906A8892AD6CC7BDBCB5F61D . 14355968 . . [10.00.9200.16736] .. c:\windows\winsxs\wow64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_10.2.9200.16736_none_9b5c450cc70dac38\mshtml.dll
[7] 2013-10-12 . 9C2714E4CF56DD8CD27BF6DEE9E7A1BF . 14381568 . . [10.00.9200.20848] .. c:\windows\winsxs\wow64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_10.2.9200.20848_none_8484a13ee0bc7477\mshtml.dll
[7] 2013-09-22 . 9D6D52AED095BC8C9023AA739E978EAC . 14364672 . . [10.00.9200.20831] .. c:\windows\winsxs\wow64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_10.2.9200.20831_none_8484406ce0bca7b9\mshtml.dll
[7] 2013-09-22 . A7221924181C8EB92B64C5A2D888BEA5 . 14335488 . . [10.00.9200.16721] .. c:\windows\winsxs\wow64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_10.2.9200.16721_none_9b5bb6aac70e12bc\mshtml.dll
[7] 2013-08-10 . A0FAB45701EFAA4EDA60B7614ED431BE . 14362624 . . [10.00.9200.20794] .. c:\windows\winsxs\wow64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_10.2.9200.20794_none_8494cdbce0af70b5\mshtml.dll
[7] 2013-08-10 . 5D2D7E7850CE963C2F401D4DEE7BB32A . 14332928 . . [10.00.9200.16686] .. c:\windows\winsxs\wow64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_10.2.9200.16686_none_9b6c166ac7010efa\mshtml.dll
[7] 2013-07-26 . E631B408882F8320739F6E0CAF444397 . 14329344 . . [10.00.9200.16660] .. c:\windows\winsxs\wow64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_10.2.9200.16660_none_9b6a9e86c7024286\mshtml.dll
[7] 2013-07-26 . 523D2E830830FD6DA5B7FAAE3C251BC5 . 14356480 . . [10.00.9200.20768] .. c:\windows\winsxs\wow64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_10.2.9200.20768_none_849171bee0b28b34\mshtml.dll
[7] 2013-06-12 . E6CC3F7EAA761794E13E0F99393EEB97 . 14358528 . . [10.00.9200.20742] .. c:\windows\winsxs\wow64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_10.2.9200.20742_none_848ff9dae0b3bec0\mshtml.dll
[7] 2013-06-11 . AF31E7D2C385F647ADFD5F5736B3BA64 . 14329856 . . [10.00.9200.16635] .. c:\windows\winsxs\wow64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_10.2.9200.16635_none_9b672bc0c70576a6\mshtml.dll
[7] 2013-06-08 . 2C01EA6CBF9E7C6A96535BEA1AB35580 . 14355456 . . [10.00.9200.20723] .. c:\windows\winsxs\wow64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_10.2.9200.20723_none_848de27ee0b5a5b3\mshtml.dll
[7] 2013-06-08 . 05920BD009621D06722A1CD339DA6481 . 14327808 . . [10.00.9200.16618] .. c:\windows\winsxs\wow64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_10.2.9200.16618_none_9b64e6d4c70790db\mshtml.dll
[7] 2013-05-17 . D77D1A53C38DF6CE26749D77BED6A527 . 14355968 . . [10.00.9200.20719] .. c:\windows\winsxs\wow64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_10.2.9200.20719_none_848c5984e0b72622\mshtml.dll
[7] 2013-05-17 . 69A03AB053CAD761E51BAE1B01F95F55 . 14327808 . . [10.00.9200.16614] .. c:\windows\winsxs\wow64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_10.2.9200.16614_none_9b6541f4c7072a57\mshtml.dll
[7] 2013-05-14 . D017BF8D92938EEB9B3A1D1C53FDA152 . 14323200 . . [10.00.9200.16540] .. c:\windows\winsxs\wow64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_10.2.9200.16540_none_9b736ddec6fbf3e7\mshtml.dll
[7] 2013-05-14 . 658EBC74BD38D16805648C4775F7FA82 . 12324352 . . [9.00.8112.16476] .. c:\windows\winsxs\wow64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_9.4.8112.16476_none_9204ed0629520a2a\mshtml.dll
[7] 2013-04-05 . 7A468BC721C1D34E60389D3F2F87BBEA . 14323712 . . [10.00.9200.16576] .. c:\windows\winsxs\wow64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_10.2.9200.16576_none_9b75e60cc6f9d9b2\mshtml.dll
[7] 2013-04-05 . 92D1C395680C2878F9778C1649C00CB0 . 14353408 . . [10.00.9200.20681] .. c:\windows\winsxs\wow64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_10.2.9200.20681_none_849ee1b6e0a7ee8a\mshtml.dll
[7] 2013-03-02 . E3828BFBF2605ABF13BAB26F6C89CF2B . 6032384 . . [8.00.7601.18106] .. c:\windows\winsxs\wow64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.7601.18106_none_9684bbb4e421fb97\mshtml.dll
[7] 2013-03-02 . 6A54A85FA37E01066346884680965FEE . 6033408 . . [8.00.7601.22272] .. c:\windows\winsxs\wow64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.7601.22272_none_96bea7e3fd7bf99c\mshtml.dll
[7] 2010-11-21 . C50799F0D47DFB9774F721521B6C41D5 . 5977600 . . [8.00.7601.17514] .. c:\windows\winsxs\wow64_microsoft-windows-ie-htmlrendering_31bf3856ad364e35_8.0.7601.17514_none_96780994e42bbfd5\mshtml.dll
.
[-] 2015-09-16 . E401E66CCB2AE219CF41F7F901C410C1 . 2011136 . . [11.00.9600.16428] .. c:\windows\SysWOW64\wininet.dll
[-] 2015-09-16 . E401E66CCB2AE219CF41F7F901C410C1 . 2011136 . . [11.00.9600.18057] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_11.2.9600.18059_none_884f9899fe60c286\wininet.dll
[7] 2015-04-21 . CB5F450D21B9D76B7F01D006E4AEDB40 . 1882112 . . [11.00.9600.17801] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_11.2.9600.17801_none_87f4cc21fea5592c\wininet.dll
[7] 2015-01-12 . F285D499EC42969D963CA49EADA63218 . 1888256 . . [11.00.9600.17631] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_11.2.9600.17633_none_880d3f47fe92a091\wininet.dll
[7] 2014-11-06 . 6DD7D61A8EF3DFEC4FAEFEB395E77424 . 1892864 . . [11.00.9600.17420] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_11.2.9600.17420_none_8822232dfe830275\wininet.dll
[7] 2014-09-18 . 7AE80F921027CF88CB9D0433088A3E55 . 1810944 . . [11.00.9600.17344] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_11.2.9600.17358_none_882f3db7fe78ff91\wininet.dll
[7] 2014-08-18 . D58988722C72D265B51A54103DFC2C6F . 1812992 . . [11.00.9600.17280] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_11.2.9600.17280_none_883dc4c1fe6d629d\wininet.dll
[7] 2014-07-25 . B945BAA81B4805AD6BDDF4D026DCFB47 . 1792512 . . [11.00.9600.17239] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_11.2.9600.17239_none_8837f647fe72ca93\wininet.dll
[7] 2014-06-18 . CCC198257901BEEA2FBF8EB1E7678356 . 1791488 . . [11.00.9600.17207] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_11.2.9600.17207_none_883522f9fe754b4c\wininet.dll
[7] 2014-05-30 . 771CDBC3D62437D6DB070820BB1EDCCF . 1790976 . . [11.00.9600.17126] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_11.2.9600.17126_none_88420a41fe6b4868\wininet.dll
[7] 2014-03-06 . E4E829EE073E046B0EB19B5FECB19B8C . 1789440 . . [11.00.9600.17041] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_11.2.9600.17041_none_884f4ca9fe60df00\wininet.dll
[7] 2014-03-01 . AAFEAB4FC9D70253F8C7E353E879E8A2 . 1820160 . . [11.00.9600.16521] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_11.2.9600.16521_none_88173a93fe8b3ae0\wininet.dll
[7] 2014-02-06 . 9C89246184979A070B0C6CCF61C68136 . 1820160 . . [11.00.9600.16518] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_11.2.9600.16518_none_88159ad1fe8cd4f0\wininet.dll
[7] 2013-11-26 . 927FA6456AD6D7630F6854828D2FD16B . 1820160 . . [11.00.9600.16476] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_11.2.9600.16476_none_88269a09fe7f1dc7\wininet.dll
[7] 2013-11-20 . B5EB5BD3066959611E1F7A80FD6CC172 . 1818112 . . [11.00.9600.16428] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_11.2.9600.16428_none_88216b07fe83d256\wininet.dll
[7] 2013-10-12 . 5FD4335DCD343D0FEA9FA6B18ED408D9 . 1767936 . . [10.00.9200.16736] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_10.2.9200.16736_none_238ee01859f90fd1\wininet.dll
[7] 2013-10-12 . 06715E12E72EFBC2D660A779FFF32944 . 1777152 . . [10.00.9200.20848] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_10.2.9200.20848_none_0cb73c4a73a7d810\wininet.dll
[7] 2013-09-22 . 67220EB57550F10E1219D57D89937456 . 1777152 . . [10.00.9200.20830] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_10.2.9200.20831_none_0cb6db7873a80b52\wininet.dll
[7] 2013-09-22 . E4FEB264B47360B7296AEA4E052F88D8 . 1767936 . . [10.00.9200.16720] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_10.2.9200.16721_none_238e51b659f97655\wininet.dll
[7] 2013-08-10 . 26BD13BB9196C2D8F8155C3C6169BC22 . 1777664 . . [10.00.9200.20794] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_10.2.9200.20794_none_0cc768c8739ad44e\wininet.dll
[7] 2013-08-10 . 535F6263035F2530A62D5D64EF6E73D3 . 1767936 . . [10.00.9200.16686] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_10.2.9200.16686_none_239eb17659ec7293\wininet.dll
[7] 2013-07-26 . DAA3903F06116AE9EE7AC1D1B93684A4 . 1767936 . . [10.00.9200.16660] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_10.2.9200.16660_none_239d399259eda61f\wininet.dll
[7] 2013-07-26 . DE581A5E0E70BB63898F8776EB274428 . 1777664 . . [10.00.9200.20768] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_10.2.9200.20768_none_0cc40cca739deecd\wininet.dll
[7] 2013-06-12 . 24AE444B165D11835EF3D38CF3CC7FA4 . 1777664 . . [10.00.9200.20742] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_10.2.9200.20742_none_0cc294e6739f2259\wininet.dll
[7] 2013-06-11 . 9BF7C7654EFD098EE3A27B49492A382A . 1767936 . . [10.00.9200.16635] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_10.2.9200.16635_none_2399c6cc59f0da3f\wininet.dll
[7] 2013-05-17 . 425A20F1C6855222944BFD4FA9BE61A5 . 1777664 . . [10.00.9200.20716] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_10.2.9200.20719_none_0cbef49073a289bb\wininet.dll
[7] 2013-05-17 . 2473CA6595A2659D7039A4A89FECA269 . 1767936 . . [10.00.9200.16611] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_10.2.9200.16614_none_2397dd0059f28df0\wininet.dll
[7] 2013-05-14 . CFE0CEE587F9CEA4C29DEEC6D85FC91C . 1766912 . . [10.00.9200.16540] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_10.2.9200.16540_none_23a608ea59e75780\wininet.dll
[7] 2013-05-14 . C5B6468422DB1C8AA36C32CBB0197E5E . 1129472 . . [9.00.8112.16476] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_9.4.8112.16476_none_1a378811bc3d6dc3\wininet.dll
[7] 2013-04-05 . 5ABB3F36AF17007F33FA275E96A2C95E . 1767424 . . [10.00.9200.16576] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_10.2.9200.16576_none_23a8811859e53d4b\wininet.dll
[7] 2013-04-05 . 1D48B7F4618EE77430ACECCA1BCA88E1 . 1775616 . . [10.00.9200.20681] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_10.2.9200.20681_none_0cd17cc273935223\wininet.dll
[7] 2013-03-02 . C3D43E21FA49657BC1645E9D745656C6 . 981504 . . [8.00.7601.18106] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7601.18106_none_1eb756c0770d5f30\wininet.dll
[7] 2013-03-02 . 073488F3805ADC63DFFDDC6247DD9F4E . 982016 . . [8.00.7601.22272] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7601.22272_none_1ef142ef90675d35\wininet.dll
[7] 2010-11-21 . 44214C94911C7CFB1D52CB64D5E8368D . 980992 . . [8.00.7601.17514] .. c:\windows\winsxs\x86_microsoft-windows-i..tocolimplementation_31bf3856ad364e35_8.0.7601.17514_none_1eaaa4a07717236e\wininet.dll
.
[-] 2015-07-04 . 4548507ED3C17DB4739DBBEAF6378004 . 1414656 . . [6.1.7600.16385] .. c:\windows\SysWOW64\ole32.dll
[-] 2015-07-04 . 4548507ED3C17DB4739DBBEAF6378004 . 1414656 . . [6.1.7600.16385] .. c:\windows\winsxs\x86_microsoft-windows-com-base-qfe-ole32_31bf3856ad364e35_6.1.7601.18915_none_ae2602615092a123\ole32.dll
[-] 2015-07-04 . 1327BE7F332B0695C0158D6DDE9551A9 . 1414656 . . [6.1.7601.23118] .. c:\windows\winsxs\x86_microsoft-windows-com-base-qfe-ole32_31bf3856ad364e35_6.1.7601.23118_none_aeb2782c69adc034\ole32.dll
[7] 2010-11-21 . 928CF7268086631F54C3D8E17238C6DD . 1414144 . . [6.1.7601.17514] .. c:\windows\winsxs\x86_microsoft-windows-com-base-qfe-ole32_31bf3856ad364e35_6.1.7601.17514_none_ae2511475093798f\ole32.dll
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2013-04-21 59720]
"IMSS"="c:\program files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe" [2010-05-03 112152]
"PWMTRV"="c:\progra~2\ThinkPad\UTILIT~1\PWMTR64V.DLL" [2013-04-23 6002984]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2015-08-04 597552]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Bluetooth.lnk - c:\program files\ThinkPad\Bluetooth Software\BTTray.exe [2011-1-24 1090848]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
R2 BstHdAndroidSvc;BlueStacks Android Service;c:\program files (x86)\BlueStacks\HD-Service.exe BstHdAndroidSvc Android;c:\program files (x86)\BlueStacks\HD-Service.exe BstHdAndroidSvc Android [x]
R2 Mobile Partner. RunOuc;Mobile Partner. OUC;c:\program files (x86)\Mobile Partner\UpdateDog\ouc.exe;c:\program files (x86)\Mobile Partner\UpdateDog\ouc.exe [x]
R2 UNS;Intel(R) Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys;c:\windows\SYSNATIVE\drivers\dmvsc.sys [x]
R3 DozeSvc;Lenovo Doze Mode Service;c:\program files (x86)\ThinkPad\Utilities\DZSVC64.EXE;c:\program files (x86)\ThinkPad\Utilities\DZSVC64.EXE [x]
R3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device;c:\windows\system32\DRIVERS\ew_hwusbdev.sys;c:\windows\SYSNATIVE\DRIVERS\ew_hwusbdev.sys [x]
R3 ewusbmbb;HUAWEI USB-WWAN miniport;c:\windows\system32\DRIVERS\ewusbwwan.sys;c:\windows\SYSNATIVE\DRIVERS\ewusbwwan.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 ose64;Office 64 Source Engine;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [x]
R3 Power Manager DBC Service;Power Manager DBC Service;c:\program files (x86)\ThinkPad\Utilities\PWMDBSVC.EXE;c:\program files (x86)\ThinkPad\Utilities\PWMDBSVC.EXE [x]
R3 PwmEWSvc;Cisco EnergyWise Enabler;c:\program files (x86)\ThinkPad\Utilities\PWMEWSVC.EXE;c:\program files (x86)\ThinkPad\Utilities\PWMEWSVC.EXE [x]
R3 SrvHsfHDA;SrvHsfHDA;c:\windows\system32\DRIVERS\VSTAZL6.SYS;c:\windows\SYSNATIVE\DRIVERS\VSTAZL6.SYS [x]
R3 SrvHsfV92;SrvHsfV92;c:\windows\system32\DRIVERS\VSTDPV6.SYS;c:\windows\SYSNATIVE\DRIVERS\VSTDPV6.SYS [x]
R3 SrvHsfWinac;SrvHsfWinac;c:\windows\system32\DRIVERS\VSTCNXT6.SYS;c:\windows\SYSNATIVE\DRIVERS\VSTCNXT6.SYS [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x]
S0 DzHDD64;DzHDD64;c:\windows\System32\DRIVERS\DzHDD64.sys;c:\windows\SYSNATIVE\DRIVERS\DzHDD64.sys [x]
S0 TPDIGIMN;TPDIGIMN;c:\windows\System32\DRIVERS\ApsHM64.sys;c:\windows\SYSNATIVE\DRIVERS\ApsHM64.sys [x]
S1 lenovo.smi;Lenovo System Interface Driver;c:\windows\system32\DRIVERS\smiifx64.sys;c:\windows\SYSNATIVE\DRIVERS\smiifx64.sys [x]
S2 BstHdDrv;BlueStacks Hypervisor;c:\program files (x86)\BlueStacks\HD-Hypervisor-amd64.sys;c:\program files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [x]
S2 BstHdLogRotatorSvc;BlueStacks Log Rotator Service;c:\program files (x86)\BlueStacks\HD-LogRotatorService.exe;c:\program files (x86)\BlueStacks\HD-LogRotatorService.exe [x]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
S2 DiagTrack;Diagnostics Tracking Service;c:\windows\System32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
S2 HsfXAudioService;HsfXAudioService;c:\windows\system32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
S2 HWDeviceService64.exe;HWDeviceService64.exe;c:\programdata\DatacardService\HWDeviceService64.exe;c:\programdata\DatacardService\HWDeviceService64.exe [x]
S2 LENOVO.CAMMUTE;Lenovo Camera Mute;c:\program files\Lenovo\Communications Utility\CAMMUTE.exe;c:\program files\Lenovo\Communications Utility\CAMMUTE.exe [x]
S2 LENOVO.TPKNRSVC;Lenovo Keyboard Noise Reduction;c:\program files\Lenovo\Communications Utility\TPKNRSVC.exe;c:\program files\Lenovo\Communications Utility\TPKNRSVC.exe [x]
S2 rimspci;rimspci;c:\windows\system32\DRIVERS\rimspe64.sys;c:\windows\SYSNATIVE\DRIVERS\rimspe64.sys [x]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
S2 ZeroConfigService;Intel(R) PROSet/Wireless Zero Configuration Service;c:\program files\Intel\WiFi\bin\ZeroConfigService.exe;c:\program files\Intel\WiFi\bin\ZeroConfigService.exe [x]
S3 5U877;USB Video Device;c:\windows\system32\DRIVERS\5U877.sys;c:\windows\SYSNATIVE\DRIVERS\5U877.sys [x]
S3 btusbflt;Bluetooth USB Filter;c:\windows\system32\drivers\btusbflt.sys;c:\windows\SYSNATIVE\drivers\btusbflt.sys [x]
S3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys;c:\windows\SYSNATIVE\DRIVERS\btwl2cap.sys [x]
S3 CAXHWAZL;CAXHWAZL;c:\windows\system32\DRIVERS\CAXHWAZL.sys;c:\windows\SYSNATIVE\DRIVERS\CAXHWAZL.sys [x]
S3 e1kexpress;Intel(R) PRO/1000 PCI Express Network Connection Driver K;c:\windows\system32\DRIVERS\e1k62x64.sys;c:\windows\SYSNATIVE\DRIVERS\e1k62x64.sys [x]
S3 HECIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys;c:\windows\SYSNATIVE\DRIVERS\HECIx64.sys [x]
S3 huawei_enumerator;huawei_enumerator;c:\windows\system32\DRIVERS\ew_jubusenum.sys;c:\windows\SYSNATIVE\DRIVERS\ew_jubusenum.sys [x]
S3 SmbDrvI;SmbDrvI;c:\windows\system32\DRIVERS\Smb_driver_Intel.sys;c:\windows\SYSNATIVE\DRIVERS\Smb_driver_Intel.sys [x]
.
.
Inhalt des "geplante Tasks" Ordners
.
2015-10-25 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-12-02 10:00]
.
2015-10-27 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-11-28 11:24]
.
2015-10-25 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-11-28 11:24]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"TpShocks"="TpShocks.exe" [2013-02-12 382248]
"AcWin7Hlpr"="c:\program files (x86)\Lenovo\Access Connections\AcTBenabler.exe" [2015-06-08 63728]
"LENOVO.TPKNRRES"="c:\program files\Lenovo\Communications Utility\TPKNRRES.exe" [2013-02-26 60920]
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = <-loopback>
uSearchAssistant = hxxp://www.google.com
IE: Bild an &Bluetooth-Gerät senden... - c:\program files\ThinkPad\Bluetooth Software\btsendto_ie_ctx.htm
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - c:\progra~1\MICROS~2\Office14\ONBttnIE.dll/105
IE: Seite an &Bluetooth-Gerät senden... - c:\program files\ThinkPad\Bluetooth Software\btsendto_ie.htm
TCP: DhcpNameServer = 192.168.1.1
TCP: Interfaces\{8548C658-5475-46BF-869F-22C1BE46B852}: NameServer = 193.189.244.206 193.189.244.225
TCP: Interfaces\{A7E26715-3896-4703-9A5C-0465A09EC3BB}: NameServer = 193.189.244.225 193.189.244.206
TCP: Interfaces\{C9964565-564F-4F22-A939-D1A2E30B3D7D}: NameServer = 193.189.244.206 193.189.244.225
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\software\BlueStacks]
"SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,4d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_19_0_0_226_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_19_0_0_226_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_19_0_0_226_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_19_0_0_226_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_19_0_0_226.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.19"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_19_0_0_226.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_19_0_0_226.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_19_0_0_226.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\system\ControlSet002\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet002\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet002\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet002\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet002\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\program files (x86)\Lenovo\Access Connections\AcPrfMgrSvc.exe
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\programdata\Mobile Partner\OnlineUpdate\ouc.exe
c:\program files (x86)\Lenovo\Access Connections\AcSvc.exe
c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2015-10-27 11:02:22 - PC wurde neu gestartet
ComboFix-quarantined-files.txt 2015-10-27 10:02
.
Vor Suchlauf: 16 Verzeichnis(se), 195.803.602.944 Bytes frei
Nach Suchlauf: 22 Verzeichnis(se), 195.281.756.160 Bytes frei
.
- - End Of File - - 6E43181A598B49B2BDFF8603E1A3DBC8
Geändert von nordlicht81 (27.10.2015 um 10:41 Uhr) |
|
28.10.2015, 08:54
| #6 |
| /// the machine /// TB-Ausbilder | HILFE: Programme können keine Internetverbindung herstellen Downloade Dir bitte  Malwarebytes Anti-Malware
Downloade Dir bitte  AdwCleaner auf deinen Desktop.
Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
und ein frisches FRST log bitte.
__________________ --> HILFE: Programme können keine Internetverbindung herstellen |
|
28.10.2015, 10:27
| #7 |
| | HILFE: Programme können keine Internetverbindung herstellen Malwarebytes versuche ich schon seit Tagen zu installieren. Geht leider nicht. Das Programm hat immer wegen der fehlenden DNSAPI.dll gemeckert. Die anderen beiden hab ich auch schon mehrfach laufen lassen, ohne Erfolg leider. Mache ich aber nachher nochmal. Danke! |
|
28.10.2015, 20:27
| #8 |
| /// the machine /// TB-Ausbilder | HILFE: Programme können keine Internetverbindung herstellen
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
28.10.2015, 23:55
| #9 |
| | HILFE: Programme können keine Internetverbindung herstellen Leider keine Änderung - alles beim Alten  Ich hab jetzt schon so viele Programme durchlaufen lassen und nichts hilft. Sogar die Netzwerktreiber hab ich schon einmal neu installiert. Es läuft wirklich ansonsten alles. Das ist ja das komische. Irgendeine Idee, was es denn vielleicht sein könnte? |
|
30.10.2015, 07:46
| #10 |
| /// the machine /// TB-Ausbilder | HILFE: Programme können keine Internetverbindung herstellen Nö. Ich würde ein Inplace Upgrade machen.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
| Themen zu HILFE: Programme können keine Internetverbindung herstellen |
| daten, dringend, einfach, einstellungen, entfernen, feedback, firewall, funktioniert, internet, internetverbindung, keine verbindung, laptop, logfiles, meldung, modus, neu, neuinstallation, nicht mehr, nichts, programme, programme können keine internetverbindung herstellen, setup, super, surfen, systemwiederherstellung, teredo, total, verbindung, wieder herstellen, windows |
