Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung

Log-Analyse und Auswertung: Banking Trojaner auf Smartphone, Online Konto gehackt, Login mit Laptop nicht möglich

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.

Antwort
Alt 01.07.2016, 17:39   #1
pinocchio
 
Banking Trojaner auf Smartphone, Online Konto gehackt, Login mit Laptop nicht möglich - Standard

Banking Trojaner auf Smartphone, Online Konto gehackt, Login mit Laptop nicht möglich



Hallo liebes Trojaner Board Team,

vor ca. 2 Wochen wurde mein Online-Banking Konto gehackt und eine größere Menge Geld an ein fremdes Konto überwiesen. (Strafanzeige läuft, Polizei ist ebenfalls am Nachforschen).

Da ich seit dem mit meinem Laptop nicht mehr in mein Online Konto komme sondern sich jedes mal eine zwar domainmäßig richtige, jedoch jedes mal mit einer Fehlermeldung versehene Seite öffnet, befürchte ich, dass ich auf meinem Laptop etwas draufhabe, was da nicht hingehört. Auf meinem Handy, welches zwecks Überprüfung von der Polizei beschlagnahmt wurde, befand sich ein Banking Trojaner.

Ich bitte um eure Hilfe und möchte mich jetzt schon dafür bedanken.

Grüße
Gerhard

Folgende Logfiles kann ich fürs erste hier reinstellen:

FRST.txt Teil 1

Code:
ATTFilter
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 29-06-2016
durchgeführt von Gerhard (ACHTUNG: der Benutzer ist kein Administrator) auf ADMIN-PC (01-07-2016 17:05:41)
Gestartet von D:\DOWNLOADS 2
Geladene Profile: Admin & Gerhard & Acronis Agent User & DefaultAppPool (Verfügbare Profile: Admin & Gerhard & Acronis Agent User & DefaultAppPool)
Platform: Windows 10 Home Version 1511 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

konnte nicht auf den Prozess zugreifen -> smss.exe
konnte nicht auf den Prozess zugreifen -> csrss.exe
konnte nicht auf den Prozess zugreifen -> wininit.exe
konnte nicht auf den Prozess zugreifen -> csrss.exe
konnte nicht auf den Prozess zugreifen -> winlogon.exe
konnte nicht auf den Prozess zugreifen -> services.exe
konnte nicht auf den Prozess zugreifen -> lsass.exe
konnte nicht auf den Prozess zugreifen -> svchost.exe
konnte nicht auf den Prozess zugreifen -> svchost.exe
konnte nicht auf den Prozess zugreifen -> dwm.exe
konnte nicht auf den Prozess zugreifen -> svchost.exe
konnte nicht auf den Prozess zugreifen -> svchost.exe
konnte nicht auf den Prozess zugreifen -> svchost.exe
konnte nicht auf den Prozess zugreifen -> svchost.exe
konnte nicht auf den Prozess zugreifen -> vsserv.exe
konnte nicht auf den Prozess zugreifen -> svchost.exe
konnte nicht auf den Prozess zugreifen -> dasHost.exe
konnte nicht auf den Prozess zugreifen -> nvvsvc.exe
konnte nicht auf den Prozess zugreifen -> nvscpapisvr.exe
konnte nicht auf den Prozess zugreifen -> nvxdsync.exe
konnte nicht auf den Prozess zugreifen -> svchost.exe
konnte nicht auf den Prozess zugreifen -> a2service.exe
konnte nicht auf den Prozess zugreifen -> svchost.exe
konnte nicht auf den Prozess zugreifen -> GFNEXSrv.exe
konnte nicht auf den Prozess zugreifen -> AsLdrSrv.exe
konnte nicht auf den Prozess zugreifen -> HControl.exe
konnte nicht auf den Prozess zugreifen -> spoolsv.exe
konnte nicht auf den Prozess zugreifen -> svchost.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\SynptSync64.exe
konnte nicht auf den Prozess zugreifen -> svchost.exe
konnte nicht auf den Prozess zugreifen -> mDNSResponder.exe
konnte nicht auf den Prozess zugreifen -> OfficeClickToRun.exe
konnte nicht auf den Prozess zugreifen -> AppleMobileDeviceService.exe
konnte nicht auf den Prozess zugreifen -> schedul2.exe
konnte nicht auf den Prozess zugreifen -> agent.exe
konnte nicht auf den Prozess zugreifen -> AGSService.exe
konnte nicht auf den Prozess zugreifen -> svchost.exe
konnte nicht auf den Prozess zugreifen -> GfExperienceService.exe
konnte nicht auf den Prozess zugreifen -> GingerUpdateService.exe
konnte nicht auf den Prozess zugreifen -> ReflectService.exe
konnte nicht auf den Prozess zugreifen -> nlssrv32.exe
konnte nicht auf den Prozess zugreifen -> mqsvc.exe
konnte nicht auf den Prozess zugreifen -> NvNetworkService.exe
konnte nicht auf den Prozess zugreifen -> ss_conn_service.exe
konnte nicht auf den Prozess zugreifen -> svchost.exe
konnte nicht auf den Prozess zugreifen -> ProductAgentService.exe
konnte nicht auf den Prozess zugreifen -> svchost.exe
konnte nicht auf den Prozess zugreifen -> NvStreamService.exe
konnte nicht auf den Prozess zugreifen -> updatesrv.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe
konnte nicht auf den Prozess zugreifen -> mms.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
konnte nicht auf den Prozess zugreifen -> SearchIndexer.exe
konnte nicht auf den Prozess zugreifen -> svchost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
konnte nicht auf den Prozess zugreifen -> SMSvcHost.exe
konnte nicht auf den Prozess zugreifen -> SMSvcHost.exe
konnte nicht auf den Prozess zugreifen -> NvStreamNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Acronis) C:\Program Files\BackupClient\TrayMonitor\MmsMonitor.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe
(Emsisoft Ltd) C:\Program Files (x86)\Emsisoft Anti-Malware\a2guard.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2016\bdagent.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Logitech, Inc.) C:\Program Files\Logitech\LogiOptions\LogiOptions.exe
(Logitech, Inc.) C:\ProgramData\Logishrd\LogiOptions\Software\3.40.25\LogiOptionsMgr.exe
(Ashampoo Development GmbH & Co. KG) C:\Program Files (x86)\Ashampoo\Ashampoo UnInstaller 6\UI6Guard.exe
konnte nicht auf den Prozess zugreifen -> iPodService.exe
(eM Client s.r.o.) C:\Program Files (x86)\eM Client\MailClient.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2016\bdwtxag.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2016\antispam32\bdwtxapps.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe
(Siber Systems) C:\Program Files (x86)\Siber Systems\AI RoboForm\robotaskbaricon.exe
(Ginger Software) C:\Program Files (x86)\Ginger\GingerClient.exe
(Apple, Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\secd.exe
(Ginger Software) C:\Program Files (x86)\Ginger\GingerServices\GingerServices.exe
(Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\acrotray.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe
konnte nicht auf den Prozess zugreifen -> fontdrvhost.exe
() C:\Program Files (x86)\Syncios\SynciosDeviceService.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe
(CANON INC.) C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
() C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\CCXProcess.exe
(Joyent, Inc) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\libs\node.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe
(Emsisoft Ltd) C:\Program Files (x86)\Emsisoft Anti-Malware\a2start.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2016\bdwtxcr.exe
konnte nicht auf den Prozess zugreifen -> FABS.exe
(Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
konnte nicht auf den Prozess zugreifen -> csrss.exe
konnte nicht auf den Prozess zugreifen -> winlogon.exe
konnte nicht auf den Prozess zugreifen -> dwm.exe
konnte nicht auf den Prozess zugreifen -> nvxdsync.exe
konnte nicht auf den Prozess zugreifen -> sihost.exe
konnte nicht auf den Prozess zugreifen -> RuntimeBroker.exe
konnte nicht auf den Prozess zugreifen -> taskhostw.exe
konnte nicht auf den Prozess zugreifen -> HControl.exe
konnte nicht auf den Prozess zugreifen -> SynptSync64.exe
konnte nicht auf den Prozess zugreifen -> explorer.exe
konnte nicht auf den Prozess zugreifen -> SkypeHost.exe
konnte nicht auf den Prozess zugreifen -> ATKOSD2.exe
konnte nicht auf den Prozess zugreifen -> DMedia.exe
konnte nicht auf den Prozess zugreifen -> ShellExperienceHost.exe
konnte nicht auf den Prozess zugreifen -> SearchUI.exe
konnte nicht auf den Prozess zugreifen -> nvtray.exe
konnte nicht auf den Prozess zugreifen -> NvBackend.exe
konnte nicht auf den Prozess zugreifen -> SynTPEnh.exe
konnte nicht auf den Prozess zugreifen -> SynTPHelper.exe
konnte nicht auf den Prozess zugreifen -> RAVCpl64.exe
konnte nicht auf den Prozess zugreifen -> MmsMonitor.exe
konnte nicht auf den Prozess zugreifen -> schedhlp.exe
konnte nicht auf den Prozess zugreifen -> AthBtTray.exe
konnte nicht auf den Prozess zugreifen -> a2guard.exe
konnte nicht auf den Prozess zugreifen -> bdagent.exe
konnte nicht auf den Prozess zugreifen -> iTunesHelper.exe
konnte nicht auf den Prozess zugreifen -> LogiOptions.exe
konnte nicht auf den Prozess zugreifen -> LogiOptionsMgr.exe
konnte nicht auf den Prozess zugreifen -> UI6Guard.exe
konnte nicht auf den Prozess zugreifen -> acrotray.exe
konnte nicht auf den Prozess zugreifen -> robotaskbaricon.exe
konnte nicht auf den Prozess zugreifen -> bdwtxag.exe
konnte nicht auf den Prozess zugreifen -> iCloudServices.exe
konnte nicht auf den Prozess zugreifen -> OneDrive.exe
konnte nicht auf den Prozess zugreifen -> dllhost.exe
konnte nicht auf den Prozess zugreifen -> ashsnap.exe
konnte nicht auf den Prozess zugreifen -> GingerClient.exe
konnte nicht auf den Prozess zugreifen -> GingerServices.exe
konnte nicht auf den Prozess zugreifen -> Creative Cloud.exe
konnte nicht auf den Prozess zugreifen -> AdobeIPCBroker.exe
konnte nicht auf den Prozess zugreifen -> Adobe CEF Helper.exe
konnte nicht auf den Prozess zugreifen -> fontdrvhost.exe
konnte nicht auf den Prozess zugreifen -> HControlUser.exe
konnte nicht auf den Prozess zugreifen -> Adobe CEF Helper.exe
konnte nicht auf den Prozess zugreifen -> Adobe Desktop Service.exe
konnte nicht auf den Prozess zugreifen -> SynciosDeviceService.exe
konnte nicht auf den Prozess zugreifen -> CNMNSST.exe
konnte nicht auf den Prozess zugreifen -> CoreSync.exe
konnte nicht auf den Prozess zugreifen -> CCXProcess.exe
konnte nicht auf den Prozess zugreifen -> node.exe
konnte nicht auf den Prozess zugreifen -> conhost.exe
konnte nicht auf den Prozess zugreifen -> jusched.exe
konnte nicht auf den Prozess zugreifen -> Adobe CEF Helper.exe
konnte nicht auf den Prozess zugreifen -> taskhostw.exe
konnte nicht auf den Prozess zugreifen -> a2start.exe
konnte nicht auf den Prozess zugreifen -> svchost.exe
konnte nicht auf den Prozess zugreifen -> FRST64.exe
konnte nicht auf den Prozess zugreifen -> ApplicationFrameHost.exe
konnte nicht auf den Prozess zugreifen -> SystemSettings.exe
konnte nicht auf den Prozess zugreifen -> notepad.exe
konnte nicht auf den Prozess zugreifen -> notepad.exe
konnte nicht auf den Prozess zugreifen -> NvStreamUserAgent.exe
konnte nicht auf den Prozess zugreifen -> conhost.exe
konnte nicht auf den Prozess zugreifen -> SearchFilterHost.exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2869008 2012-01-26] (Synaptics Incorporated)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12446824 2012-01-31] (Realtek Semiconductor)
HKLM\...\Run: [SynAsusAcpi] => C:\Program Files\Synaptics\SynTP\SynAsusAcpi.exe [100112 2012-01-26] (Synaptics Incorporated)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2398776 2016-05-02] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => "C:\Windows\system32\rundll32.exe" C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [MmsMonitor.exe] => C:\Program Files\BackupClient\TrayMonitor\MmsMonitor.exe [1435816 2015-07-16] (Acronis)
HKLM\...\Run: [Acronis Scheduler2 Service] => C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe [373984 2015-04-30] (Acronis)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508128 2016-01-07] (Adobe Systems Incorporated)
HKLM\...\Run: [AthBtTray] => C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe [799904 2011-09-30] (Atheros Commnucations)
HKLM\...\Run: [emsisoft anti-malware] => c:\program files (x86)\emsisoft anti-malware\a2guard.exe [9511912 2016-06-28] (Emsisoft Ltd)
HKLM\...\Run: [Bdagent] => C:\Program Files\Bitdefender\Bitdefender 2016\bdagent.exe [1654160 2016-06-28] (Bitdefender)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [176952 2016-06-01] (Apple Inc.)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM\...\Run: [LogiOptions] => C:\Program Files\Logitech\LogiOptions\LogiOptions.exe [1553528 2015-11-14] (Logitech, Inc.)
HKLM\...\Run: [Ashampoo Uninstaller 6 Guard] => C:\Program Files (x86)\Ashampoo\Ashampoo UnInstaller 6\UI6Guard.exe [2377032 2016-01-20] (Ashampoo Development GmbH & Co. KG)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [emsisoft anti-malware] => c:\program files (x86)\emsisoft anti-malware\a2guard.exe [9511912 2016-06-28] (Emsisoft Ltd)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Acrotray.exe [1867448 2016-05-27] (Adobe Systems Inc.)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2304688 2015-11-25] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [ATKOSD2] => C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [406328 2013-09-09] (ASUSTek Computer Inc.)
HKLM-x32\...\Run: [ATKMEDIA] => C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe [205624 2013-05-30] (ASUSTek Computer Inc.)
HKLM-x32\...\Run: [HControlUser] => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe [105016 2009-06-19] (ASUS)
HKLM-x32\...\Run: [Syncios device service] => C:\Program Files (x86)\Syncios\SynciosDeviceService.exe [269824 2015-12-21] ()
HKLM-x32\...\Run: [IJNetworkScannerSelectorEX] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [452016 2011-01-15] (CANON INC.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [595992 2016-05-20] (Oracle Corporation)
HKU\S-1-5-21-3206007939-3703904605-1476991908-1001\...\Run: [eM Client] => C:\Program Files (x86)\eM Client\MailClient.exe [15698792 2016-02-29] (eM Client s.r.o.)
HKU\S-1-5-21-3206007939-3703904605-1476991908-1001\...\Run: [Bitdefender-Geldb�rse-Agent] => C:\Program Files\Bitdefender\Bitdefender 2016\bdwtxag.exe [1450520 2016-06-28] (Bitdefender)
HKU\S-1-5-21-3206007939-3703904605-1476991908-1001\...\Run: [Google Update] => C:\Users\Gerhard\AppData\Local\Google\Update\GoogleUpdate.exe [144200 2015-08-28] (Google Inc.)
HKU\S-1-5-21-3206007939-3703904605-1476991908-1001\...\Run: [Adobe Acrobat Synchronizer] => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe [882872 2016-05-27] (Adobe Systems Incorporated)
HKU\S-1-5-21-3206007939-3703904605-1476991908-1001\...\Run: [SpybotPostWindows10UpgradeReInstall] => C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [1011200 2015-07-28] (Safer-Networking Ltd.)
HKU\S-1-5-21-3206007939-3703904605-1476991908-1001\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [67384 2016-04-22] (Apple Inc.)
HKU\S-1-5-21-3206007939-3703904605-1476991908-1001\...\Run: [iCloudDrive] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe [110392 2016-04-22] (Apple Inc.)
HKU\S-1-5-21-3206007939-3703904605-1476991908-1001\...\Run: [iCloudPhotos] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe [356664 2016-04-22] (Apple Inc.)
HKU\S-1-5-21-3206007939-3703904605-1476991908-1001\...\Run: [RoboForm] => C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe [110376 2016-04-09] (Siber Systems)
HKU\S-1-5-21-3206007939-3703904605-1476991908-1001\...\Run: [AudialsNotifier] => C:\Program Files (x86)\Audials\Audials 12\AudialsNotifier.exe [2411784 2015-03-17] ()
HKU\S-1-5-21-3206007939-3703904605-1476991908-1001\...\Run: [Mailbird] => "C:\Program Files (x86)\Mailbird\Mailbird.exe" startup
SSODL: EldosMountNotificator - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\Windows\system32\CbFsMntNtf3.dll (EldoS Corporation)
SSODL-x32: EldosMountNotificator - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\Windows\SysWOW64\CbFsMntNtf3.dll (EldoS Corporation)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2015-11-14] ()
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2015-11-14] ()
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2015-11-14] ()
ShellIconOverlayIdentifiers: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Gerhard\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll [2016-06-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Gerhard\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll [2016-06-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Gerhard\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll [2016-06-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Gerhard\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll [2016-06-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Gerhard\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll [2016-06-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Gerhard\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll [2016-06-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Gerhard\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll [2016-06-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Gerhard\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll [2016-06-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [EldosIconOverlay] -> {5BB532A2-BF14-4CCC-86B7-71B81EF6F8BC} => C:\Windows\system32\CbFsMntNtf3.dll [2012-11-10] (EldoS Corporation)
ShellIconOverlayIdentifiers-x32: [EldosIconOverlay] -> {5BB532A2-BF14-4CCC-86B7-71B81EF6F8BC} => C:\Windows\SysWOW64\CbFsMntNtf3.dll [2012-11-10] (EldoS Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\BdBkpFolder [2016-05-31] ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Ginger.lnk [2016-06-06]
ShortcutTarget: Ginger.lnk -> C:\Windows\Installer\{1EBF9A59-F4E3-4EA7-BA97-76703C1432F6}\GingerClientStartu_E7648186C0BE4AE6AF2E431C614DBB20.exe (Flexera Software LLC)
BootExecute: autocheck autochk * sdnclean64.exe
CHR HKLM\SOFTWARE\Policies\Google: Beschränkung <======= ACHTUNG

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

AutoConfigURL: [S-1-5-21-3206007939-3703904605-1476991908-1001] => hxxps://7msnnd4jf32qsz5a.onion.to/YFDfl9k5.js?ip=217.199.89.225
Hosts: Es ist mehr als ein Eintrag in der Hosts Datei zu finden. Siehe Hosts-Bereich in Addition.txt
Tcpip\Parameters: [DhcpNameServer] 217.16.112.21 112.15.112.22
Tcpip\..\Interfaces\{10e2e093-18ac-4782-864f-6b9511f18ac0}: [DhcpNameServer] 217.16.112.21 112.15.112.22
Tcpip\..\Interfaces\{30fbff49-9694-48d5-a1c3-9467b21817f9}: [DhcpNameServer] 172.20.10.1
Tcpip\..\Interfaces\{8a5b15c7-5e7a-4124-a0ac-58a687eb7161}: [NameServer] 217.16.112.21,217.16.112.22
Tcpip\..\Interfaces\{8f4d24e6-82ff-492b-affb-a3cc5b723df4}: [DhcpNameServer] 192.168.42.129
Tcpip\..\Interfaces\{afd2c3be-c16f-48e4-b66c-02199ce55eb3}: [DhcpNameServer] 192.168.42.129

Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Beschränkung <======= ACHTUNG
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKU\S-1-5-21-3206007939-3703904605-1476991908-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
URLSearchHook: [S-1-5-21-3206007939-3703904605-1476991908-1000] ACHTUNG => Standard URLSearchHook fehlt
URLSearchHook: [S-1-5-21-3206007939-3703904605-1476991908-1009] ACHTUNG => Standard URLSearchHook fehlt
URLSearchHook: [S-1-5-82-3006700770-424185619-1745488364-794895919-4004696415] ACHTUNG => Standard URLSearchHook fehlt
SearchScopes: HKLM -> {2E00D31D-D171-423D-836D-1A4D7EA7F1A9} URL = 
BHO: Bitdefender-Geldbörse -> {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} -> C:\Program Files\Bitdefender\Bitdefender 2016\pmbxie.dll [2016-06-28] (Bitdefender)
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2016-06-10] (Microsoft Corporation)
BHO: RoboForm Toolbar Helper -> {724d43a9-0d85-11d4-9908-00400523e39a} -> C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboForm-x64.dll [2016-04-09] (Siber Systems Inc.)
BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2015-09-30] (Adobe Systems Incorporated)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\URLREDIR.DLL [2016-06-10] (Microsoft Corporation)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2016-06-10] (Microsoft Corporation)
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2015-09-30] (Adobe Systems Incorporated)
BHO-x32: Bitdefender-Geldbörse -> {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} -> C:\Program Files\Bitdefender\Bitdefender 2016\Antispam32\pmbxie.dll [2016-06-28] (Bitdefender)
BHO-x32: RoboForm Toolbar Helper -> {724d43a9-0d85-11d4-9908-00400523e39a} -> C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll [2016-04-09] (Siber Systems Inc.)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\ssv.dll [2016-06-28] (Oracle Corporation)
BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2015-09-30] (Adobe Systems Incorporated)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\jp2ssv.dll [2016-06-28] (Oracle Corporation)
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2015-09-30] (Adobe Systems Incorporated)
Toolbar: HKLM - &RoboForm Toolbar - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboForm-x64.dll [2016-04-09] (Siber Systems Inc.)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2015-09-30] (Adobe Systems Incorporated)
Toolbar: HKLM - Bitdefender-Geldbörse - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender 2016\pmbxie.dll [2016-06-28] (Bitdefender)
Toolbar: HKLM-x32 - &RoboForm Toolbar - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll [2016-04-09] (Siber Systems Inc.)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2015-09-30] (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Bitdefender-Geldbörse - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender 2016\Antispam32\pmbxie.dll [2016-06-28] (Bitdefender)
Toolbar: HKU\S-1-5-21-3206007939-3703904605-1476991908-1001 -> &RoboForm Toolbar - {724D43A0-0D85-11D4-9908-00400523E39A} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboForm-x64.dll [2016-04-09] (Siber Systems Inc.)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-06-10] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-06-10] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-06-10] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-06-10] (Microsoft Corporation)
Handler: WSAllMyTubechrome - {0A0C95CF-A116-4C74 -  Keine Datei

FireFox:
========
FF ProfilePath: C:\Users\Gerhard\AppData\Roaming\Mozilla\Firefox\Profiles\3y3wk84z.default
FF Homepage: hxxp://derstandard.at/
FF Session Restore: -> ist aktiviert.
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_22_0_0_192.dll [2016-06-17] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50428.0\npctrl.dll [2016-04-27] ( Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2015-11-25] (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_22_0_0_192.dll [2016-06-17] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-12-18] ()
FF Plugin-x32: @java.com/DTPlugin,version=11.91.2 -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\dtplugin\npDeployJava1.dll [2016-06-28] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.91.2 -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\plugin2\npjp2.dll [2016-06-28] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50428.0\npctrl.dll [2016-04-27] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2016-06-10] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2016-06-03] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2016-06-03] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-11] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-11] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2016-05-27] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2015-11-25] (Adobe Systems)
FF Plugin HKU\S-1-5-21-3206007939-3703904605-1476991908-1001: @citrixonline.com/appdetectorplugin -> C:\Users\Gerhard\AppData\Local\Citrix\Plugins\104\npappdetector.dll [2014-09-23] (Citrix Online)
FF Plugin HKU\S-1-5-21-3206007939-3703904605-1476991908-1001: @talk.google.com/GoogleTalkPlugin -> C:\Users\Gerhard\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll [2015-12-08] (Google)
FF Plugin HKU\S-1-5-21-3206007939-3703904605-1476991908-1001: @talk.google.com/O1DPlugin -> C:\Users\Gerhard\AppData\Roaming\Mozilla\plugins\npo1d.dll [2015-12-08] (Google)
FF Plugin HKU\S-1-5-21-3206007939-3703904605-1476991908-1001: @tools.google.com/Google Update;version=3 -> C:\Users\Gerhard\AppData\Local\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-11] (Google Inc.)
FF Plugin HKU\S-1-5-21-3206007939-3703904605-1476991908-1001: @tools.google.com/Google Update;version=9 -> C:\Users\Gerhard\AppData\Local\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-11] (Google Inc.)
FF user.js: detected! => C:\Users\Gerhard\AppData\Roaming\Mozilla\Firefox\Profiles\3y3wk84z.default\user.js [2014-10-17]
FF Plugin ProgramFiles/Appdata: C:\Users\Gerhard\AppData\Roaming\mozilla\plugins\npgoogletalk.dll [2015-12-08] (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\Gerhard\AppData\Roaming\mozilla\plugins\npo1d.dll [2015-12-08] (Google)
FF SearchPlugin: C:\Users\Gerhard\AppData\Roaming\Mozilla\Firefox\Profiles\3y3wk84z.default\searchplugins\google-com.xml [2014-09-28]
FF Extension: Bitdefender Wallet - C:\Program Files\Bitdefender\Bitdefender 2016\antispam32\bdwteff [2015-12-16]
FF Extension: Adobe Acrobat DC - Create PDF - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn [2016-02-18]
FF Extension: CSSsir - C:\Users\Gerhard\AppData\Roaming\Mozilla\Firefox\Profiles\3y3wk84z.default\extensions\{0103572f-d20f-4039-9eaa-ded7c4a97124}.xpi [2016-04-29]
FF Extension: GeoEdge - C:\Users\Gerhard\AppData\Roaming\Mozilla\Firefox\Profiles\3y3wk84z.default\extensions\geoedge@geoedge.com.xpi [2016-06-27]
FF Extension: Youzign - C:\Users\Gerhard\AppData\Roaming\Mozilla\Firefox\Profiles\3y3wk84z.default\Extensions\jid1-IFAUc37oV7RToQ@jetpack.xpi [2016-04-27]
FF Extension: Dict.cc Translation - C:\Users\Gerhard\AppData\Roaming\Mozilla\Firefox\Profiles\3y3wk84z.default\Extensions\searchdictcc@roughael.xpi [2016-05-08]
FF Extension: Ginger - C:\Program Files (x86)\Mozilla Firefox\extensions\adapter@gingersoftware.com [2016-06-10] [ist nicht signiert]
FF HKLM\...\Firefox\Extensions: [bdwteffv20@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender 2016\\antispam32\bdwteff
FF Extension: Bitdefender Wallet - C:\Program Files\Bitdefender\Bitdefender 2016\\antispam32\bdwteff [2015-12-16]
FF HKLM\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender 2016\bdtbext
FF Extension: Bitdefender Antispam Toolbar - C:\Program Files\Bitdefender\Bitdefender 2016\bdtbext [2015-12-16] [ist nicht signiert]
FF HKLM-x32\...\Firefox\Extensions: [bdwteffv20@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender 2016\antispam32\bdwteff
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension.15@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn
FF HKLM-x32\...\Firefox\Extensions: [{22119944-ED35-4ab1-910B-E619EA06A115}] - C:\Program Files (x86)\Siber Systems\AI RoboForm\Firefox\roboform.xpi
FF Extension: RoboForm Toolbar - C:\Program Files (x86)\Siber Systems\AI RoboForm\Firefox\roboform.xpi [2016-04-09]
FF HKLM-x32\...\Firefox\Extensions: [adapter@gingersoftware.com] - C:\Program Files (x86)\Ginger\Mozilla\adapter@gingersoftware.com
FF Extension: Ginger - C:\Program Files (x86)\Ginger\Mozilla\adapter@gingersoftware.com [2016-06-06] [ist nicht signiert]
FF HKLM-x32\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt => nicht gefunden
FF HKLM-x32\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender 2016\bdtbext

Chrome: 
=======
CHR HomePage: Default -> hxxp://www.google.com/
CHR StartupUrls: Default -> "hxxp://www.google.com/"
CHR DefaultSearchURL: Default -> hxxps://de.search.yahoo.com/search?p={searchTerms}&fr=yset_chr_syc_oracle&type=orcl_default
CHR DefaultSearchKeyword: Default -> Yahoo
CHR DefaultSuggestURL: Default -> hxxps://de.search.yahoo.com/sugg/ie?output=fxjson&command={searchTerms}&nResults=10
CHR Session Restore: Default -> ist aktiviert.
CHR Profile: C:\Users\Gerhard\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Shopified App) - C:\Users\Gerhard\AppData\Local\Google\Chrome\User Data\Default\Extensions\aogkkekoinpipjlolpcicigndjlcpdcn [2016-06-29]
CHR Extension: (Google Docs) - C:\Users\Gerhard\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-05]
CHR Extension: (Google Drive) - C:\Users\Gerhard\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-11-05]
CHR Extension: (YouTube) - C:\Users\Gerhard\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-10-02]
CHR Extension: (Google-Suche) - C:\Users\Gerhard\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-05]
CHR Extension: (Adobe Acrobat) - C:\Users\Gerhard\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2015-11-12]
CHR Extension: (Facebook Pixel Helper) - C:\Users\Gerhard\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdgfkebogiimcoedlicjlajpkdmockpc [2016-06-29]
CHR Extension: (Google Tabellen) - C:\Users\Gerhard\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-02-05]
CHR Extension: (Audience Intersect) - C:\Users\Gerhard\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjeffkdcbmggkbkedhbjemcpmgfccpil [2016-02-05]
CHR Extension: (Google Docs Offline) - C:\Users\Gerhard\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-04-07]
CHR Extension: (Zapable Supercharged Bonus) - C:\Users\Gerhard\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbkjbepcnjfhipbcpcljikjhocaclkbc [2015-04-10]
CHR Extension: (Spell checker and Grammar checker by Ginger) - C:\Users\Gerhard\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdfieneakcjfaiglcfcgkidlkmlijjnh [2016-06-29]
CHR Extension: (Insight Hero) - C:\Users\Gerhard\AppData\Local\Google\Chrome\User Data\Default\Extensions\kmghabppaehakcpfcbipiljjchejdmob [2016-06-29]
CHR Extension: (Skype) - C:\Users\Gerhard\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2016-06-29]
CHR Extension: (ASINspector) - C:\Users\Gerhard\AppData\Local\Google\Chrome\User Data\Default\Extensions\loaoiieggncbfabanjgeangdocikpccb [2016-06-29]
CHR Extension: (Video Speed Controller) - C:\Users\Gerhard\AppData\Local\Google\Chrome\User Data\Default\Extensions\nffaoalbilbmmfgbnbgppjihopabppdk [2016-06-29]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Gerhard\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-07]
CHR Extension: (Yahoo Web) - C:\Users\Gerhard\AppData\Local\Google\Chrome\User Data\Default\Extensions\npdicihegicnhaangkdmcgbjceoemeoo [2015-11-22]
CHR Extension: (Chrome Apps & Extensions Developer Tool) - C:\Users\Gerhard\AppData\Local\Google\Chrome\User Data\Default\Extensions\ohmmkhmmmpcnpikjeljgnaoabkaalbgc [2015-01-12]
CHR Extension: (Google Mail) - C:\Users\Gerhard\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-04-02]
CHR Extension: (Headlinr) - C:\Users\Gerhard\AppData\Local\Google\Chrome\User Data\Default\Extensions\plhlpcokjhajajgmpbapiohjhldkjdbi [2015-10-02]
CHR Extension: (RoboForm Password Manager) - C:\Users\Gerhard\AppData\Local\Google\Chrome\User Data\Default\Extensions\pnlccmojcmeohlpggmfnbbiapkmbliob [2016-04-04]
CHR HKLM\...\Chrome\Extension: [pnlccmojcmeohlpggmfnbbiapkmbliob] - C:\Program Files (x86)\Siber Systems\AI RoboForm\Chrome\rf-chrome.crx [2014-09-16]
CHR HKLM-x32\...\Chrome\Extension: [dhhejlifdlcgcmogbggeomfodgklfaem] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [npdicihegicnhaangkdmcgbjceoemeoo] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [pnlccmojcmeohlpggmfnbbiapkmbliob] - C:\Program Files (x86)\Siber Systems\AI RoboForm\Chrome\rf-chrome.crx [2014-09-16]

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 a2AntiMalware; C:\Program Files (x86)\Emsisoft Anti-Malware\a2service.exe [11446000 2016-06-28] (Emsisoft Ltd)
R2 AcronisAgent; C:\Program Files (x86)\Common Files\Acronis\Agent\agent.exe [2875232 2014-06-10] (Acronis)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2021592 2016-04-05] (Adobe Systems, Incorporated)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2016-03-02] (Apple Inc.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [2944768 2016-06-10] (Microsoft Corporation)
S3 DfSdkS; C:\Program Files (x86)\Ashampoo\Ashampoo UnInstaller 6\DfSdkS64.exe [544768 2009-08-24] (mst software GmbH, Germany) [Datei ist nicht signiert]
R2 Fabs; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe [1858048 2012-01-23] (MAGIX AG) [Datei ist nicht signiert]
S3 FirebirdServerMAGIXInstance; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe [2702848 2011-04-26] (MAGIX®) [Datei ist nicht signiert]
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1165368 2016-05-02] (NVIDIA Corporation)
R2 GingerUpdateService; C:\Program Files (x86)\Ginger\GingerUpdateService\GingerUpdateService.exe [527360 2015-11-23] (Ginger Software) [Datei ist nicht signiert]
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [Datei ist nicht signiert]
R3 lmhosts; C:\Windows\System32\svchost.exe [43944 2015-10-30] (Microsoft Corporation)
R3 lmhosts; C:\WINDOWS\SysWOW64\svchost.exe [37256 2015-10-30] (Microsoft Corporation)
R2 MMS; C:\Program Files\BackupClient\BackupAndRecovery\mms.exe [17480648 2015-07-16] (Acronis)
R2 NlaSvc; C:\Windows\System32\svchost.exe [43944 2015-10-30] (Microsoft Corporation)
R2 NlaSvc; C:\WINDOWS\SysWOW64\svchost.exe [37256 2015-10-30] (Microsoft Corporation)
R2 nsi; C:\Windows\system32\svchost.exe [43944 2015-10-30] (Microsoft Corporation)
R2 nsi; C:\WINDOWS\SysWOW64\svchost.exe [37256 2015-10-30] (Microsoft Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1881144 2016-05-02] (NVIDIA Corporation)
R3 NvStreamNetworkSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [3634232 2016-05-02] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [2522680 2016-05-02] (NVIDIA Corporation)
S3 OpenVPNService; C:\Program Files (x86)\HMA! Pro VPN\bin\openvpnserv.exe [37176 2015-03-17] (The OpenVPN Project)
R2 ProductAgentService; C:\Program Files\Bitdefender Agent\ProductAgentService.exe [947640 2016-03-30] (Bitdefender)
R2 ReflectService.exe; C:\Program Files\Macrium\Reflect\ReflectService.exe [3476432 2015-10-12] (Paramount Software UK Ltd)
R2 ss_conn_service; C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [754784 2016-01-08] (DEVGURU Co., LTD.)
R2 UPDATESRV; C:\Program Files\Bitdefender\Bitdefender 2016\updatesrv.exe [156016 2016-06-28] (Bitdefender)
R2 VSSERV; C:\Program Files\Bitdefender\Bitdefender 2016\vsserv.exe [1693104 2016-06-28] (Bitdefender)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2015-10-30] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-10-30] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S3 Apowersoft_AudioDevice; C:\Windows\System32\drivers\Apowersoft_AudioDevice.sys [31920 2014-04-09] (Wondershare)
R3 athr; C:\Windows\System32\drivers\athwnx.sys [4207104 2015-10-30] (Qualcomm Atheros Communications, Inc.)
R0 avc3; C:\Windows\System32\DRIVERS\avc3.sys [1623536 2016-04-27] (BitDefender)
R3 avckf; C:\Windows\System32\DRIVERS\avckf.sys [842152 2016-04-27] (BitDefender)
S0 bdelam; C:\Windows\System32\drivers\bdelam.sys [23568 2016-05-31] (Bitdefender)
R1 bdfwfpf; C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys [128400 2016-06-28] (BitDefender LLC)
R1 BDVEDISK; C:\Windows\System32\DRIVERS\bdvedisk.sys [87912 2015-12-04] (BitDefender)
R1 cbfs3; C:\Windows\system32\drivers\cbfs3.sys [352008 2012-11-10] (EldoS Corporation)
S3 dg_ssudbus; C:\Windows\system32\DRIVERS\ssudbus.sys [129152 2016-04-25] (Samsung Electronics Co., Ltd.)
R1 epp; C:\PROGRAM FILES (X86)\EMSISOFT ANTI-MALWARE\epp.sys [116944 2016-07-01] (Emsisoft Ltd)
R3 FLxHCIh; C:\Windows\System32\drivers\FLxHCIh.sys [76584 2012-07-19] (Fresco Logic)
R0 gzflt; C:\Windows\System32\DRIVERS\gzflt.sys [182936 2016-04-27] (BitDefender LLC)
R0 ignis; C:\Windows\System32\DRIVERS\ignis.sys [299816 2016-06-28] (Bitdefender)
R2 npf; C:\Windows\System32\drivers\npf.sys [35344 2011-02-11] (CACE Technologies, Inc.)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [28216 2016-05-02] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [56384 2016-04-14] (NVIDIA Corporation)
R1 RrNetCapFilterDriver; C:\Windows\system32\DRIVERS\RrNetCapFilterDriver.sys [24744 2015-03-17] (Audials AG)
R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [589824 2015-10-30] (Realtek                                            )
U5 RTSPER; C:\Windows\System32\Drivers\RTSPER.sys [777944 2016-01-13] (Realsil Semiconductor Corporation)
R3 RTSUER; C:\Windows\system32\Drivers\RtsUer.sys [413912 2015-12-22] (Realsil Semiconductor Corporation)
R1 SDHookDriver; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDHookDrv64.sys [64160 2014-04-25] ()
R3 SmbDrv; C:\Windows\system32\DRIVERS\Smb_driver.sys [22800 2012-01-26] (Synaptics Incorporated)
R0 trufos; C:\Windows\System32\DRIVERS\trufos.sys [520032 2016-06-28] (BitDefender S.R.L.)
R2 UI5IFS; C:\Program Files (x86)\Ashampoo\Ashampoo UnInstaller 6\IFS64.sys [31320 2015-12-07] ()
R0 volume_tracker; C:\Windows\System32\DRIVERS\volume_tracker.sys [192288 2015-08-25] (Acronis International GmbH)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation)
S3 WirelessKeyboardFilter; C:\Windows\System32\drivers\WirelessKeyboardFilter.sys [49384 2016-03-29] (Microsoft Corporation)
U3 idsvc; kein ImagePath
S3 RSUSBVSTOR; \SystemRoot\System32\Drivers\RtsUVStor.sys [X]
S3 VBoxNetFlt; \SystemRoot\system32\DRIVERS\VBoxNetFlt.sys [X]
U3 wpcsvc; kein ImagePath

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
         

Alt 01.07.2016, 17:44   #2
pinocchio
 
Banking Trojaner auf Smartphone, Online Konto gehackt, Login mit Laptop nicht möglich - Standard

Banking Trojaner auf Smartphone, Online Konto gehackt, Login mit Laptop nicht möglich



FRST.txt Teil 2
Code:
ATTFilter
==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-07-01 16:15 - 2016-07-01 15:58 - 02728337 _____ C:\Users\Gerhard\Desktop\1467377582_1_01.xml
2016-07-01 14:20 - 2016-07-01 14:21 - 00816568 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-07-01 14:19 - 2016-07-01 14:19 - 00001805 _____ C:\Users\Gerhard\Desktop\TrojanerBoard Text.txt
2016-07-01 14:14 - 2016-07-01 14:13 - 00003570 _____ C:\Users\Gerhard\Desktop\1467375210_1_01.xml
2016-07-01 12:19 - 2016-07-01 12:18 - 02728338 _____ C:\Users\Gerhard\Desktop\1467358142_1_01.xml
2016-07-01 09:10 - 2016-07-01 17:05 - 00000000 ____D C:\FRST
2016-07-01 01:05 - 2016-07-01 01:05 - 00000000 ____D C:\WINDOWS\SysWOW64\sda
2016-07-01 01:05 - 2016-01-13 09:32 - 00777944 _____ (Realsil Semiconductor Corporation) C:\WINDOWS\system32\Drivers\RtsPer.sys
2016-07-01 01:05 - 2016-01-05 11:50 - 00328920 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\Drivers\RtsP2Stor.sys
2016-07-01 01:05 - 2015-12-24 09:06 - 00313048 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\Drivers\RtsBaStor.sys
2016-07-01 01:05 - 2015-12-22 03:39 - 00413912 _____ (Realsil Semiconductor Corporation) C:\WINDOWS\system32\Drivers\RtsUer.sys
2016-07-01 01:05 - 2015-12-18 04:06 - 04330200 _____ (TODO: <Company name>) C:\WINDOWS\RtCRU64.exe
2016-07-01 01:05 - 2015-10-16 05:26 - 00367320 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\Drivers\RtsPStor.sys
2016-07-01 01:05 - 2014-10-20 11:50 - 00083160 _____ (Realtek Semiconductor.) C:\WINDOWS\system32\RtCRX64.dll
2016-07-01 01:05 - 2014-01-27 07:39 - 09890008 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\SysWOW64\RsCRIcon.dll
2016-06-30 11:19 - 2016-06-30 11:19 - 00001257 _____ C:\Users\Public\Desktop\Ashampoo Snap 9.lnk
2016-06-29 11:07 - 2016-06-29 11:07 - 00001205 _____ C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Emsisoft Anti-Malware Guard.lnk
2016-06-28 09:47 - 2016-06-28 09:47 - 00097344 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2016-06-28 09:47 - 2016-06-28 09:47 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2016-06-28 09:45 - 2016-06-28 09:45 - 00000000 ____D C:\Users\Admin\AppData\Temp
2016-06-27 08:55 - 2016-06-27 08:55 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2016-06-27 08:54 - 2016-06-27 08:54 - 00001175 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2016-06-27 08:54 - 2016-06-27 08:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2016-06-27 08:54 - 2016-06-27 08:54 - 00000000 ____D C:\ProgramData\Malwarebytes
2016-06-27 08:54 - 2016-06-27 08:54 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2016-06-27 08:54 - 2016-03-10 14:09 - 00065408 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2016-06-27 08:54 - 2016-03-10 14:08 - 00140672 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2016-06-27 08:54 - 2016-03-10 14:08 - 00027008 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2016-06-25 14:40 - 2016-06-25 14:40 - 00000000 ____D C:\Users\Gerhard\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2016-06-24 16:28 - 2016-06-24 16:28 - 00000000 ____D C:\SpybotBootCD
2016-06-24 16:04 - 2016-06-27 14:06 - 00000000 ____D C:\WINDOWS\Minidump
2016-06-24 15:52 - 2016-06-24 16:40 - 00000000 ____D C:\Users\DefaultAppPool
2016-06-24 11:56 - 2016-06-24 11:56 - 00000000 ____D C:\Users\Gerhard\Documents\Samsung
2016-06-24 11:47 - 2016-06-24 12:04 - 00000000 ____D C:\Users\Gerhard\AppData\Roaming\Samsung
2016-06-24 11:47 - 2016-06-24 11:47 - 00002200 _____ C:\Users\Public\Desktop\Smart Switch.lnk
2016-06-24 11:47 - 2016-06-24 11:47 - 00000000 ____D C:\WINDOWS\LastGood.Tmp
2016-06-24 11:47 - 2016-06-24 11:47 - 00000000 ____D C:\Users\Public\Documents\NativeFus_Log
2016-06-24 11:47 - 2016-06-24 11:47 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung
2016-06-24 11:46 - 2016-06-24 11:48 - 00000000 ____D C:\ProgramData\Samsung
2016-06-24 11:46 - 2016-06-24 11:46 - 00000000 ____D C:\Users\Admin\AppData\Roaming\Samsung
2016-06-24 11:46 - 2016-06-24 11:46 - 00000000 ____D C:\Program Files (x86)\Samsung
2016-06-24 11:46 - 2016-04-25 00:36 - 01499408 _____ (Microsoft Corporation) C:\WINDOWS\system32\WdfCoInstaller01007.dll
2016-06-24 11:46 - 2016-04-25 00:36 - 00716928 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinUSBCoInstaller.dll
2016-06-24 11:46 - 2016-04-25 00:35 - 00129152 _____ (Samsung Electronics Co., Ltd.) C:\WINDOWS\system32\Drivers\ssudbus.sys
2016-06-24 11:46 - 2016-03-31 11:18 - 00144664 _____ (MAPILab Ltd. & Add-in Express Ltd.) C:\WINDOWS\SysWOW64\secman.dll
2016-06-24 11:46 - 2016-01-08 10:51 - 00213088 _____ (DEVGURU Co., LTD.(www.devguru.co.kr)) C:\WINDOWS\system32\Drivers\ssudmdm.sys
2016-06-23 16:54 - 2016-06-23 16:54 - 00000000 ____D C:\Users\Admin\AppData\Local\NetworkTiles
2016-06-23 16:42 - 2016-06-23 16:42 - 00000000 ____D C:\Users\Admin\AppData\LocalLow\Adobe
2016-06-23 16:42 - 2016-06-23 16:42 - 00000000 ____D C:\Users\Admin\AppData\Local\CEF
2016-06-23 16:36 - 2016-06-23 16:36 - 00000000 ____D C:\Users\Admin\AppData\Roaming\Sublime Text 3
2016-06-23 16:36 - 2016-06-23 16:36 - 00000000 ____D C:\Users\Admin\AppData\Local\Sublime Text 3
2016-06-19 13:19 - 2016-06-19 13:19 - 00001069 _____ C:\Users\Gerhard\Desktop\texteditor.exe - Verknüpfung.lnk
2016-06-19 12:51 - 2016-06-19 12:51 - 00000000 ____D C:\Program Files\ObjectNews2
2016-06-19 12:26 - 2016-06-19 12:51 - 00000000 ____D C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ObjectNews2
2016-06-19 11:47 - 2016-06-19 11:47 - 00000000 ____D C:\Program Files (x86)\VulkanRT
2016-06-19 11:47 - 2016-06-03 05:28 - 00111552 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvStreaming.exe
2016-06-19 11:47 - 2016-05-04 04:23 - 00129824 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2016-06-19 11:47 - 2016-05-04 04:22 - 00130848 _____ C:\WINDOWS\system32\vulkan-1.dll
2016-06-19 11:47 - 2016-05-04 04:22 - 00045344 _____ C:\WINDOWS\system32\vulkaninfo.exe
2016-06-19 11:47 - 2016-05-04 04:22 - 00040224 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2016-06-19 11:45 - 2016-06-03 09:22 - 39977920 _____ C:\WINDOWS\system32\nvcompiler.dll
2016-06-19 11:45 - 2016-06-03 09:22 - 35115968 _____ C:\WINDOWS\SysWOW64\nvcompiler.dll
2016-06-19 11:45 - 2016-06-03 09:22 - 31641656 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll
2016-06-19 11:45 - 2016-06-03 09:22 - 25404864 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll
2016-06-19 11:45 - 2016-06-03 09:22 - 21812056 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll
2016-06-19 11:45 - 2016-06-03 09:22 - 21355464 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2016-06-19 11:45 - 2016-06-03 09:22 - 18151128 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll
2016-06-19 11:45 - 2016-06-03 09:22 - 17746664 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2016-06-19 11:45 - 2016-06-03 09:22 - 10643240 _____ C:\WINDOWS\system32\nvptxJitCompiler.dll
2016-06-19 11:45 - 2016-06-03 09:22 - 08733792 _____ C:\WINDOWS\SysWOW64\nvptxJitCompiler.dll
2016-06-19 11:45 - 2016-06-03 09:22 - 02844608 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2016-06-19 11:45 - 2016-06-03 09:22 - 02470336 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2016-06-19 11:45 - 2016-06-03 09:22 - 01920960 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6436839.dll
2016-06-19 11:45 - 2016-06-03 09:22 - 01571776 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6436839.dll
2016-06-19 11:45 - 2016-06-03 09:22 - 00983488 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2016-06-19 11:45 - 2016-06-03 09:22 - 00910392 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2016-06-19 11:45 - 2016-06-03 09:22 - 00769984 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2016-06-19 11:45 - 2016-06-03 09:22 - 00707520 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2016-06-19 11:45 - 2016-06-03 09:22 - 00669952 _____ C:\WINDOWS\system32\nvfatbinaryLoader.dll
2016-06-19 11:45 - 2016-06-03 09:22 - 00565208 _____ C:\WINDOWS\SysWOW64\nvfatbinaryLoader.dll
2016-06-18 11:31 - 2016-06-18 11:31 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logitech
2016-06-18 11:31 - 2016-06-18 11:31 - 00000000 ____D C:\Program Files\Logitech
2016-06-15 09:05 - 2016-05-28 08:13 - 01401024 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2016-06-15 09:05 - 2016-05-28 08:13 - 00290496 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2016-06-15 09:05 - 2016-05-28 08:13 - 00046784 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2016-06-15 09:05 - 2016-05-28 07:25 - 04268880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\setupapi.dll
2016-06-15 09:05 - 2016-05-28 07:22 - 07474528 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2016-06-15 09:05 - 2016-05-28 07:22 - 04387680 _____ (Microsoft Corporation) C:\WINDOWS\system32\setupapi.dll
2016-06-15 09:05 - 2016-05-28 07:20 - 00430312 _____ (Microsoft Corporation) C:\WINDOWS\system32\ws2_32.dll
2016-06-15 09:05 - 2016-05-28 07:09 - 00501600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupEngine.dll
2016-06-15 09:05 - 2016-05-28 07:08 - 00693600 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupEngine.dll
2016-06-15 09:05 - 2016-05-28 07:07 - 03675512 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2016-06-15 09:05 - 2016-05-28 07:07 - 02921880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2016-06-15 09:05 - 2016-05-28 07:07 - 01322248 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2016-06-15 09:05 - 2016-05-28 07:07 - 00808288 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2016-06-15 09:05 - 2016-05-28 07:07 - 00703840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2016-06-15 09:05 - 2016-05-28 07:06 - 00730344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Shell.Broker.dll
2016-06-15 09:05 - 2016-05-28 07:05 - 04515264 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2016-06-15 09:05 - 2016-05-28 06:58 - 01996640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2016-06-15 09:05 - 2016-05-28 06:58 - 00379232 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2016-06-15 09:05 - 2016-05-28 06:57 - 02548944 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10warp.dll
2016-06-15 09:05 - 2016-05-28 06:57 - 02195632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10warp.dll
2016-06-15 09:05 - 2016-05-28 06:57 - 01594416 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2016-06-15 09:05 - 2016-05-28 06:57 - 01372312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
2016-06-15 09:05 - 2016-05-28 06:57 - 00649792 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2016-06-15 09:05 - 2016-05-28 06:57 - 00636304 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2016-06-15 09:05 - 2016-05-28 06:57 - 00546456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2016-06-15 09:05 - 2016-05-28 06:57 - 00521664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2016-06-15 09:05 - 2016-05-28 06:57 - 00316256 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2016-06-15 09:05 - 2016-05-28 06:35 - 00123392 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdlrecover.exe
2016-06-15 09:05 - 2016-05-28 06:35 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsCSP.dll
2016-06-15 09:05 - 2016-05-28 06:35 - 00031744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsdport.sys
2016-06-15 09:05 - 2016-05-28 06:31 - 00091648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdlrecover.exe
2016-06-15 09:05 - 2016-05-28 06:31 - 00066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosHostClient.dll
2016-06-15 09:05 - 2016-05-28 06:29 - 22379008 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2016-06-15 09:05 - 2016-05-28 06:29 - 00045568 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2016-06-15 09:05 - 2016-05-28 06:28 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
2016-06-15 09:05 - 2016-05-28 06:27 - 00050176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MosHostClient.dll
2016-06-15 09:05 - 2016-05-28 06:27 - 00028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\mapsupdatetask.dll
2016-06-15 09:05 - 2016-05-28 06:26 - 00120320 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsBtSvc.dll
2016-06-15 09:05 - 2016-05-28 06:26 - 00074752 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosStorage.dll
2016-06-15 09:05 - 2016-05-28 06:25 - 00037376 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2016-06-15 09:05 - 2016-05-28 06:24 - 00093696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll
2016-06-15 09:05 - 2016-05-28 06:24 - 00072704 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshost.dll
2016-06-15 09:05 - 2016-05-28 06:22 - 00269824 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshostcore.dll
2016-06-15 09:05 - 2016-05-28 06:22 - 00163328 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringservice.dll
2016-06-15 09:05 - 2016-05-28 06:22 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapsBtSvc.dll
2016-06-15 09:05 - 2016-05-28 06:22 - 00059904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MosStorage.dll
2016-06-15 09:05 - 2016-05-28 06:21 - 00190464 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscsvc.dll
2016-06-15 09:05 - 2016-05-28 06:19 - 24605696 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-06-15 09:05 - 2016-05-28 06:19 - 00567808 _____ (Microsoft Corporation) C:\WINDOWS\system32\MBMediaManager.dll
2016-06-15 09:05 - 2016-05-28 06:18 - 11545088 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2016-06-15 09:05 - 2016-05-28 06:18 - 07977472 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2016-06-15 09:05 - 2016-05-28 06:18 - 00460800 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapConfiguration.dll
2016-06-15 09:05 - 2016-05-28 06:18 - 00380416 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemEventsBrokerServer.dll
2016-06-15 09:05 - 2016-05-28 06:18 - 00285184 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEEventDispatcher.dll
2016-06-15 09:05 - 2016-05-28 06:17 - 09918976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2016-06-15 09:05 - 2016-05-28 06:17 - 00963072 _____ (Microsoft Corporation) C:\WINDOWS\system32\iphlpsvc.dll
2016-06-15 09:05 - 2016-05-28 06:17 - 00630784 _____ (Microsoft Corporation) C:\WINDOWS\system32\MessagingDataModel2.dll
2016-06-15 09:05 - 2016-05-28 06:16 - 19344384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2016-06-15 09:05 - 2016-05-28 06:16 - 00684544 _____ (Microsoft Corporation) C:\WINDOWS\system32\StructuredQuery.dll
2016-06-15 09:05 - 2016-05-28 06:16 - 00592896 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppContracts.dll
2016-06-15 09:05 - 2016-05-28 06:16 - 00503808 _____ (Microsoft Corporation) C:\WINDOWS\system32\tileobjserver.dll
2016-06-15 09:05 - 2016-05-28 06:15 - 01056256 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpMapControl.dll
2016-06-15 09:05 - 2016-05-28 06:15 - 00853504 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
2016-06-15 09:05 - 2016-05-28 06:15 - 00794624 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
2016-06-15 09:05 - 2016-05-28 06:15 - 00349696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapConfiguration.dll
2016-06-15 09:05 - 2016-05-28 06:14 - 18674176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2016-06-15 09:05 - 2016-05-28 06:14 - 01716736 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRHInproc.dll
2016-06-15 09:05 - 2016-05-28 06:14 - 00988160 _____ (Microsoft Corporation) C:\WINDOWS\system32\NMAA.dll
2016-06-15 09:05 - 2016-05-28 06:14 - 00784384 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2016-06-15 09:05 - 2016-05-28 06:14 - 00606208 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2016-06-15 09:05 - 2016-05-28 06:14 - 00499712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MessagingDataModel2.dll
2016-06-15 09:05 - 2016-05-28 06:13 - 00990208 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModel.dll
2016-06-15 09:05 - 2016-05-28 06:13 - 00982016 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxPackaging.dll
2016-06-15 09:05 - 2016-05-28 06:13 - 00939520 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlCore.dll
2016-06-15 09:05 - 2016-05-28 06:13 - 00467456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppContracts.dll
2016-06-15 09:05 - 2016-05-28 06:12 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JpMapControl.dll
2016-06-15 09:05 - 2016-05-28 06:12 - 00614400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll
2016-06-15 09:05 - 2016-05-28 06:12 - 00521728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StructuredQuery.dll
2016-06-15 09:05 - 2016-05-28 06:11 - 00890368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxPackaging.dll
2016-06-15 09:05 - 2016-05-28 06:11 - 00784896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NMAA.dll
2016-06-15 09:05 - 2016-05-28 06:11 - 00711680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapControlCore.dll
2016-06-15 09:05 - 2016-05-28 06:11 - 00687616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2016-06-15 09:05 - 2016-05-28 06:11 - 00504320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2016-06-15 09:05 - 2016-05-28 06:08 - 13385728 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2016-06-15 09:05 - 2016-05-28 06:08 - 06295552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll
2016-06-15 09:05 - 2016-05-28 06:06 - 12128256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2016-06-15 09:05 - 2016-05-28 06:06 - 07200256 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2016-06-15 09:05 - 2016-05-28 06:06 - 01339904 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpsvc.dll
2016-06-15 09:05 - 2016-05-28 06:05 - 03994624 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2016-06-15 09:05 - 2016-05-28 06:05 - 03664896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2016-06-15 09:05 - 2016-05-28 06:05 - 02582016 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2016-06-15 09:05 - 2016-05-28 06:05 - 01797120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2016-06-15 09:05 - 2016-05-28 06:04 - 06973952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2016-06-15 09:05 - 2016-05-28 06:03 - 05323776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2016-06-15 09:05 - 2016-05-28 06:03 - 05205504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2016-06-15 09:05 - 2016-05-28 06:03 - 02609664 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2016-06-15 09:05 - 2016-05-28 06:03 - 01185280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LocationFramework.dll
2016-06-15 09:05 - 2016-05-28 06:02 - 03590144 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2016-06-15 09:05 - 2016-05-28 06:02 - 02061824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2016-06-15 09:05 - 2016-05-28 06:02 - 01534464 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationFramework.dll
2016-06-15 09:05 - 2016-05-28 06:01 - 01799680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
2016-06-15 09:05 - 2016-05-28 06:01 - 01582080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2016-06-15 09:05 - 2016-05-28 06:01 - 01500160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2016-06-15 09:05 - 2016-05-28 06:00 - 05660160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2016-06-15 09:05 - 2016-05-28 06:00 - 03585536 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll
2016-06-15 09:05 - 2016-05-28 06:00 - 02635776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2016-06-15 09:05 - 2016-05-28 06:00 - 02168320 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2016-06-15 09:05 - 2016-05-28 06:00 - 01730560 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2016-06-15 09:05 - 2016-05-28 06:00 - 01707520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActiveSyncProvider.dll
2016-06-15 09:05 - 2016-05-28 05:58 - 07832576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2016-06-15 09:05 - 2016-05-28 05:58 - 04896256 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2016-06-15 09:05 - 2016-05-28 05:58 - 02066432 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2016-06-15 09:05 - 2016-05-28 05:58 - 01996288 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActiveSyncProvider.dll
2016-06-15 09:05 - 2016-05-28 05:57 - 02281472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2016-06-15 09:05 - 2016-05-28 05:55 - 01390080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll
2016-06-15 09:04 - 2016-05-28 08:13 - 01184960 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2016-06-15 09:04 - 2016-05-28 08:13 - 00514752 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2016-06-15 09:04 - 2016-05-28 08:13 - 00092352 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2016-06-15 09:04 - 2016-05-28 07:23 - 00388384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ws2_32.dll
2016-06-15 09:04 - 2016-05-28 07:23 - 00312160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mswsock.dll
2016-06-15 09:04 - 2016-05-28 07:22 - 00428896 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2016-06-15 09:04 - 2016-05-28 07:22 - 00211296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tpm.sys
2016-06-15 09:04 - 2016-05-28 07:22 - 00118624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\partmgr.sys
2016-06-15 09:04 - 2016-05-28 07:18 - 00357216 _____ (Microsoft Corporation) C:\WINDOWS\system32\mswsock.dll
2016-06-15 09:04 - 2016-05-28 07:16 - 00026408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2016-06-15 09:04 - 2016-05-28 07:09 - 00170848 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkUXBroker.exe
2016-06-15 09:04 - 2016-05-28 07:09 - 00084832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupApi.dll
2016-06-15 09:04 - 2016-05-28 07:08 - 00258912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ufx01000.sys
2016-06-15 09:04 - 2016-05-28 07:08 - 00115040 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupApi.dll
2016-06-15 09:04 - 2016-05-28 07:07 - 00957608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2016-06-15 09:04 - 2016-05-28 07:07 - 00331616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2016-06-15 09:04 - 2016-05-28 07:06 - 22561256 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2016-06-15 09:04 - 2016-05-28 07:06 - 04074160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2016-06-15 09:04 - 2016-05-28 07:06 - 00303216 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppHost.exe
2016-06-15 09:04 - 2016-05-28 07:06 - 00254656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppHost.exe
2016-06-15 09:04 - 2016-05-28 07:04 - 00604928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2016-06-15 09:04 - 2016-05-28 07:04 - 00431296 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcryptprimitives.dll
2016-06-15 09:04 - 2016-05-28 07:04 - 00360480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcryptprimitives.dll
2016-06-15 09:04 - 2016-05-28 07:04 - 00161632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2016-06-15 09:04 - 2016-05-28 07:04 - 00111064 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncryptsslp.dll
2016-06-15 09:04 - 2016-05-28 07:04 - 00097096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncryptsslp.dll
2016-06-15 09:04 - 2016-05-28 07:03 - 00131248 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpapi.dll
2016-06-15 09:04 - 2016-05-28 06:57 - 00577376 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2016-06-15 09:04 - 2016-05-28 06:31 - 00088576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll
2016-06-15 09:04 - 2016-05-28 06:29 - 00079360 _____ (Microsoft Corporation) C:\WINDOWS\system32\adhsvc.dll
2016-06-15 09:04 - 2016-05-28 06:29 - 00019456 _____ (Microsoft Corporation) C:\WINDOWS\system32\httpprxp.dll
2016-06-15 09:04 - 2016-05-28 06:28 - 00166400 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2016-06-15 09:04 - 2016-05-28 06:28 - 00090112 _____ (Microsoft Corporation) C:\WINDOWS\system32\FwRemoteSvr.dll
2016-06-15 09:04 - 2016-05-28 06:26 - 00199168 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2016-06-15 09:04 - 2016-05-28 06:26 - 00157184 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcertinst.exe
2016-06-15 09:04 - 2016-05-28 06:26 - 00145920 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmclient.exe
2016-06-15 09:04 - 2016-05-28 06:25 - 00112640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthenum.sys
2016-06-15 09:04 - 2016-05-28 06:24 - 00218624 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll
2016-06-15 09:04 - 2016-05-28 06:24 - 00124928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Ndu.sys
2016-06-15 09:04 - 2016-05-28 06:24 - 00091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2016-06-15 09:04 - 2016-05-28 06:24 - 00086528 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppCapture.dll
2016-06-15 09:04 - 2016-05-28 06:24 - 00067072 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcsvc6.dll
2016-06-15 09:04 - 2016-05-28 06:24 - 00053760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FwRemoteSvr.dll
2016-06-15 09:04 - 2016-05-28 06:23 - 00155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidclass.sys
2016-06-15 09:04 - 2016-05-28 06:23 - 00086016 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcsvc.dll
2016-06-15 09:04 - 2016-05-28 06:22 - 00406528 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2016-06-15 09:04 - 2016-05-28 06:22 - 00368640 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2016-06-15 09:04 - 2016-05-28 06:22 - 00278528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netbt.sys
2016-06-15 09:04 - 2016-05-28 06:22 - 00161280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
2016-06-15 09:04 - 2016-05-28 06:22 - 00079872 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptsvc.dll
2016-06-15 09:04 - 2016-05-28 06:21 - 00550912 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2016-06-15 09:04 - 2016-05-28 06:21 - 00239104 _____ (Microsoft Corporation) C:\WINDOWS\system32\BrokerLib.dll
2016-06-15 09:04 - 2016-05-28 06:21 - 00207360 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupSvc.dll
2016-06-15 09:04 - 2016-05-28 06:20 - 00641536 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2016-06-15 09:04 - 2016-05-28 06:20 - 00511488 _____ (Microsoft Corporation) C:\WINDOWS\system32\newdev.dll
2016-06-15 09:04 - 2016-05-28 06:20 - 00332288 _____ (Microsoft Corporation) C:\WINDOWS\system32\polstore.dll
2016-06-15 09:04 - 2016-05-28 06:20 - 00267264 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore6.dll
2016-06-15 09:04 - 2016-05-28 06:20 - 00199168 _____ (Microsoft Corporation) C:\WINDOWS\system32\GnssAdapter.dll
2016-06-15 09:04 - 2016-05-28 06:20 - 00174080 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Privacy.dll
2016-06-15 09:04 - 2016-05-28 06:20 - 00057344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcsvc6.dll
2016-06-15 09:04 - 2016-05-28 06:19 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2016-06-15 09:04 - 2016-05-28 06:19 - 00414720 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.exe
2016-06-15 09:04 - 2016-05-28 06:19 - 00355840 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore.dll
2016-06-15 09:04 - 2016-05-28 06:19 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcsvc.dll
2016-06-15 09:04 - 2016-05-28 06:18 - 00610816 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastls.dll
2016-06-15 09:04 - 2016-05-28 06:18 - 00591360 _____ (Microsoft Corporation) C:\WINDOWS\system32\vpnike.dll
2016-06-15 09:04 - 2016-05-28 06:18 - 00392192 _____ (Microsoft Corporation) C:\WINDOWS\system32\IPSECSVC.DLL
2016-06-15 09:04 - 2016-05-28 06:17 - 00485888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\newdev.dll
2016-06-15 09:04 - 2016-05-28 06:17 - 00415232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll
2016-06-15 09:04 - 2016-05-28 06:17 - 00315392 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXTaskFactory.dll
2016-06-15 09:04 - 2016-05-28 06:17 - 00278016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2016-06-15 09:04 - 2016-05-28 06:17 - 00173056 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmmigrator.dll
2016-06-15 09:04 - 2016-05-28 06:16 - 00690176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2016-06-15 09:04 - 2016-05-28 06:16 - 00406528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys
2016-06-15 09:04 - 2016-05-28 06:16 - 00291328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\polstore.dll
2016-06-15 09:04 - 2016-05-28 06:16 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore6.dll
2016-06-15 09:04 - 2016-05-28 06:15 - 00535040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastls.dll
2016-06-15 09:04 - 2016-05-28 06:15 - 00293888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore.dll
2016-06-15 09:04 - 2016-05-28 06:15 - 00237056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys
2016-06-15 09:04 - 2016-05-28 06:14 - 00965632 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2016-06-15 09:04 - 2016-05-28 06:14 - 00219136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VEEventDispatcher.dll
2016-06-15 09:04 - 2016-05-28 06:14 - 00200192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2016-06-15 09:04 - 2016-05-28 06:13 - 01387520 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2016-06-15 09:04 - 2016-05-28 06:13 - 00954368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2016-06-15 09:04 - 2016-05-28 06:13 - 00587776 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2016-06-15 09:04 - 2016-05-28 06:13 - 00084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BTHUSB.SYS
2016-06-15 09:04 - 2016-05-28 06:11 - 01445888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRHInproc.dll
2016-06-15 09:04 - 2016-05-28 06:11 - 00799744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRH.dll
2016-06-15 09:04 - 2016-05-28 06:11 - 00128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\httpprxm.dll
2016-06-15 09:04 - 2016-05-28 06:09 - 01073152 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2016-06-15 09:04 - 2016-05-28 06:04 - 00555520 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncController.dll
2016-06-15 09:04 - 2016-05-28 06:04 - 00450560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SyncController.dll
2016-06-15 09:04 - 2016-05-28 06:03 - 00693760 _____ (Microsoft Corporation) C:\WINDOWS\system32\internetmail.dll
2016-06-15 09:04 - 2016-05-28 06:03 - 00417792 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll
2016-06-15 09:04 - 2016-05-28 06:02 - 00103424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\updatepolicy.dll
2016-06-15 09:04 - 2016-05-28 06:01 - 00111104 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll
2016-06-15 09:04 - 2016-05-28 06:00 - 02230272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2016-06-15 09:04 - 2016-05-28 06:00 - 00162816 _____ (Microsoft Corporation) C:\WINDOWS\system32\enrollmentapi.dll
2016-06-15 09:04 - 2016-05-28 06:00 - 00151040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mdmregistration.dll
2016-06-15 09:04 - 2016-05-28 06:00 - 00090624 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceEnroller.exe
2016-06-15 09:04 - 2016-05-28 05:59 - 00176640 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll
2016-06-15 09:04 - 2016-05-28 05:58 - 02755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2016-06-15 09:04 - 2016-05-28 05:53 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcpopkeysrv.dll
2016-06-14 15:05 - 2016-06-14 15:05 - 00025906 _____ C:\ProgramData\1465909525.bdinstall.bin
2016-06-14 15:05 - 2016-06-14 15:05 - 00025902 _____ C:\ProgramData\1465909544.bdinstall.bin
2016-06-14 09:28 - 2016-06-14 09:28 - 00000000 ____D C:\Users\Gerhard\AppData\Roaming\Mailbird
2016-06-14 09:18 - 2016-06-14 09:18 - 00001262 _____ C:\Users\Gerhard\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Amazon Drive.lnk
2016-06-14 09:18 - 2016-06-14 09:18 - 00001250 _____ C:\Users\Gerhard\Desktop\Amazon Drive.lnk
2016-06-14 09:18 - 2016-06-14 09:18 - 00000000 ____D C:\Users\Gerhard\AppData\Roaming\Amazon Cloud Drive
2016-06-14 09:18 - 2016-06-14 09:18 - 00000000 ____D C:\Users\Gerhard\AppData\Local\Amazon Drive
2016-06-13 14:58 - 2016-06-13 14:58 - 00000000 ____D C:\ProgramData\Mailbird
2016-06-13 14:57 - 2016-07-01 16:32 - 00000000 ____D C:\Program Files (x86)\Mailbird
2016-06-13 14:57 - 2016-06-19 11:42 - 00000000 ____D C:\Users\Admin\AppData\Local\Mailbird
2016-06-13 14:57 - 2016-06-13 14:58 - 00000000 ____D C:\Users\Gerhard\AppData\Local\Mailbird
2016-06-13 14:57 - 2016-06-13 14:57 - 00000000 ____D C:\Users\Admin\AppData\Roaming\Mailbird
2016-06-13 09:55 - 2016-06-13 09:55 - 00000000 ____D C:\Users\Gerhard\Documents\MAGIX_MusicEditor
2016-06-13 09:53 - 2016-06-13 09:53 - 00000000 ____D C:\Users\Gerhard\Documents\Outlook-Dateien
2016-06-11 17:06 - 2016-06-11 17:06 - 00000000 ____D C:\Users\Admin\AppData\Roaming\sp6_log
2016-06-11 09:50 - 2016-06-11 09:50 - 00018960 _____ (Logitech, Inc.) C:\WINDOWS\system32\Drivers\LNonPnP.sys
2016-06-11 09:50 - 2016-06-11 09:50 - 00000000 ____D C:\Users\Public\Documents\Logishrd
2016-06-11 09:49 - 2016-06-19 10:55 - 00000000 ____D C:\ProgramData\Logishrd
2016-06-11 09:49 - 2016-06-11 09:49 - 00000000 ____D C:\Users\Admin\AppData\Roaming\Logitech
2016-06-11 09:48 - 2016-06-19 11:42 - 00000000 ____D C:\Users\Admin\AppData\Roaming\Logishrd
2016-06-11 09:48 - 2016-06-18 11:31 - 00000000 ____D C:\Users\Gerhard\AppData\Roaming\Logishrd
2016-06-11 09:48 - 2016-06-11 09:50 - 00000000 ____D C:\Users\Gerhard\AppData\Roaming\Logitech
2016-06-11 09:24 - 2016-06-11 09:24 - 00000000 ____D C:\ProgramData\Synaptics
2016-06-10 10:56 - 2016-06-11 17:45 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-06-07 11:09 - 2016-06-07 11:09 - 00001822 _____ C:\Users\Public\Desktop\iTunes.lnk
2016-06-07 11:09 - 2016-06-07 11:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2016-06-07 11:09 - 2016-06-07 11:09 - 00000000 ____D C:\Program Files\iTunes
2016-06-07 11:09 - 2016-06-07 11:09 - 00000000 ____D C:\Program Files\iPod
2016-06-07 11:09 - 2016-06-07 11:09 - 00000000 ____D C:\Program Files (x86)\iTunes
2016-06-06 11:06 - 2016-06-06 11:06 - 00002929 _____ C:\Users\Public\Desktop\Ginger.lnk
2016-06-06 11:06 - 2016-06-06 11:06 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ginger
2016-06-03 08:05 - 2016-06-03 08:05 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
2016-06-03 08:05 - 2016-06-03 08:05 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_WinUSB_01007.Wdf
2016-06-01 17:27 - 2016-06-01 17:27 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2016-06-01 08:34 - 2016-04-23 07:09 - 21123320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2016-06-01 08:34 - 2016-04-23 07:09 - 05240960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2016-06-01 08:34 - 2016-04-23 07:08 - 06605504 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2016-06-01 08:34 - 2016-04-23 06:28 - 16984576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2016-06-01 08:34 - 2016-04-23 06:05 - 05502976 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll
2016-06-01 08:34 - 2016-03-29 12:20 - 02656952 _____ C:\WINDOWS\system32\CoreUIComponents.dll
2016-06-01 08:34 - 2016-03-29 12:18 - 02152280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2016-06-01 08:34 - 2016-03-29 11:56 - 01297752 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2016-06-01 08:34 - 2016-03-29 11:37 - 01862008 _____ C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2016-06-01 08:34 - 2016-03-29 11:13 - 00986976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2016-06-01 08:34 - 2016-03-29 10:26 - 02403680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2016-06-01 08:34 - 2016-03-29 09:02 - 02624512 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
2016-06-01 08:34 - 2016-03-29 08:36 - 03351040 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2016-06-01 08:34 - 2016-03-29 08:32 - 01588224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2016-06-01 08:34 - 2016-03-29 08:32 - 01098240 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2016-06-01 08:34 - 2016-03-29 08:28 - 01944576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll
2016-06-01 08:34 - 2016-03-29 08:10 - 03671040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2016-06-01 08:34 - 2016-03-29 07:45 - 03078144 _____ (Microsoft Corporation) C:\WINDOWS\system32\esent.dll
2016-06-01 08:34 - 2016-03-29 07:43 - 03428864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2016-06-01 08:34 - 2016-03-29 07:38 - 02798080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2016-06-01 08:34 - 2016-03-29 07:36 - 02722816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\esent.dll
2016-06-01 08:34 - 2016-02-24 11:28 - 03449168 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSService.dll
2016-06-01 08:34 - 2016-02-24 08:18 - 01490432 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataService.dll
2016-06-01 08:34 - 2016-02-24 07:05 - 12586496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2016-06-01 08:34 - 2016-02-24 07:03 - 14252544 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2016-06-01 08:34 - 2016-02-23 12:32 - 08705672 _____ (Microsoft Corp.) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2016-06-01 08:34 - 2016-02-23 12:32 - 02544264 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2016-06-01 08:34 - 2016-02-23 12:32 - 01062480 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2016-06-01 08:34 - 2016-02-23 11:45 - 02773096 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll
2016-06-01 08:34 - 2016-02-23 11:38 - 06952088 _____ (Microsoft Corp.) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2016-06-01 08:34 - 2016-02-23 11:38 - 02180136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2016-06-01 08:34 - 2016-02-23 11:20 - 01139712 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblGameSave.dll
2016-06-01 08:34 - 2016-02-23 10:56 - 02186864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll
2016-06-01 08:34 - 2016-02-23 10:10 - 00997376 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2016-06-01 08:34 - 2016-02-23 09:24 - 04827136 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
2016-06-01 08:34 - 2016-02-23 08:56 - 04412928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll
2016-06-01 08:34 - 2016-02-23 08:41 - 02912256 _____ (Microsoft Corporation) C:\WINDOWS\system32\CertEnroll.dll
2016-06-01 08:34 - 2016-02-23 08:35 - 07533568 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2016-06-01 08:34 - 2016-02-23 08:33 - 02604032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CertEnroll.dll
2016-06-01 08:34 - 2016-02-23 08:28 - 06740992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2016-06-01 08:34 - 2016-01-27 07:57 - 01824264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2016-06-01 08:34 - 2016-01-27 07:46 - 02606824 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2016-06-01 08:34 - 2016-01-16 08:21 - 01750440 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcMon.exe
2016-06-01 08:34 - 2016-01-16 07:24 - 02057216 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll
2016-06-01 08:34 - 2016-01-05 04:45 - 02587696 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2016-06-01 08:34 - 2016-01-05 04:42 - 02026736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2016-06-01 08:34 - 2016-01-05 04:37 - 01299504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetsrc.dll
2016-06-01 08:34 - 2015-11-22 11:54 - 00138240 _____ (Microsoft Corporation) C:\WINDOWS\system32\ETWCoreUIComponentsResources.dll
2016-06-01 08:34 - 2015-11-22 11:42 - 00138240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ETWCoreUIComponentsResources.dll
2016-06-01 08:34 - 2015-11-22 11:34 - 02843136 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
2016-06-01 08:34 - 2015-11-22 11:26 - 03355136 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll
2016-06-01 08:34 - 2015-11-22 11:20 - 01860096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll
2016-06-01 08:34 - 2015-11-22 11:17 - 02680320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll
2016-06-01 08:33 - 2016-05-06 06:53 - 00095072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdport.sys
2016-06-01 08:33 - 2016-05-06 06:05 - 00241664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cryptngc.dll
2016-06-01 08:33 - 2016-05-06 06:03 - 00649216 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcsvc.dll
2016-06-01 08:33 - 2016-05-06 05:53 - 00351232 _____ (Microsoft Corporation) C:\WINDOWS\system32\NgcCtnr.dll
2016-06-01 08:33 - 2016-05-06 05:49 - 00289792 _____ (Microsoft Corporation) C:\WINDOWS\system32\NgcCtnrSvc.dll
2016-06-01 08:33 - 2016-05-06 05:44 - 00582656 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngccredprov.dll
2016-06-01 08:33 - 2016-05-06 05:43 - 00320000 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptngc.dll
2016-06-01 08:33 - 2016-04-23 08:12 - 00713920 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2016-06-01 08:33 - 2016-04-23 08:12 - 00190144 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2016-06-01 08:33 - 2016-04-23 07:28 - 01557768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2016-06-01 08:33 - 2016-04-23 07:28 - 01542816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2016-06-01 08:33 - 2016-04-23 07:26 - 00707608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll
2016-06-01 08:33 - 2016-04-23 07:24 - 01997328 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2016-06-01 08:33 - 2016-04-23 07:24 - 01819208 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2016-06-01 08:33 - 2016-04-23 07:24 - 00754664 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2016-06-01 08:33 - 2016-04-23 07:24 - 00638816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fvevol.sys
2016-06-01 08:33 - 2016-04-23 07:24 - 00335712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fastfat.sys
2016-06-01 08:33 - 2016-04-23 07:24 - 00099680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys
2016-06-01 08:33 - 2016-04-23 07:22 - 01161120 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll
2016-06-01 08:33 - 2016-04-23 07:13 - 00306832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanapi.dll
2016-06-01 08:33 - 2016-04-23 07:12 - 00925064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2016-06-01 08:33 - 2016-04-23 07:12 - 00451928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFCaptureEngine.dll
2016-06-01 08:33 - 2016-04-23 07:12 - 00413536 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifitask.exe
2016-06-01 08:33 - 2016-04-23 07:11 - 01092464 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2016-06-01 08:33 - 2016-04-23 07:11 - 00498960 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFCaptureEngine.dll
2016-06-01 08:33 - 2016-04-23 07:11 - 00390496 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanapi.dll
2016-06-01 08:33 - 2016-04-23 07:11 - 00131424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ufxsynopsys.sys
2016-06-01 08:33 - 2016-04-23 07:09 - 00569744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SHCore.dll
2016-06-01 08:33 - 2016-04-23 07:09 - 00565600 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2016-06-01 08:33 - 2016-04-23 07:09 - 00465760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2016-06-01 08:33 - 2016-04-23 07:08 - 00725776 _____ (Microsoft Corporation) C:\WINDOWS\system32\SHCore.dll
2016-06-01 08:33 - 2016-04-23 07:07 - 01848072 _____ (Microsoft Corporation) C:\WINDOWS\system32\crypt32.dll
2016-06-01 08:33 - 2016-04-23 07:07 - 01536088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\crypt32.dll
2016-06-01 08:33 - 2016-04-23 07:07 - 00204048 _____ (Microsoft Corporation) C:\WINDOWS\system32\rsaenh.dll
2016-06-01 08:33 - 2016-04-23 07:07 - 00183904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rsaenh.dll
2016-06-01 08:33 - 2016-04-23 07:06 - 00291360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininit.exe
2016-06-01 08:33 - 2016-04-23 07:02 - 00188256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2016-06-01 08:33 - 2016-04-23 07:01 - 00619296 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10level9.dll
2016-06-01 08:33 - 2016-04-23 07:01 - 00513368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10level9.dll
2016-06-01 08:33 - 2016-04-23 07:01 - 00393568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2016-06-01 08:33 - 2016-04-23 07:01 - 00217440 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2016-06-01 08:33 - 2016-04-23 07:00 - 01776768 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2016-06-01 08:33 - 2016-04-23 07:00 - 01522152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2016-06-01 08:33 - 2016-04-23 07:00 - 01399224 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2016-06-01 08:33 - 2016-04-23 07:00 - 01337240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2016-06-01 08:33 - 2016-04-23 07:00 - 00550656 _____ (Microsoft Corporation) C:\WINDOWS\system32\directmanipulation.dll
2016-06-01 08:33 - 2016-04-23 07:00 - 00453472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\directmanipulation.dll
2016-06-01 08:33 - 2016-04-23 07:00 - 00058208 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwminit.dll
2016-06-01 08:33 - 2016-04-23 06:56 - 00534872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2016-06-01 08:33 - 2016-04-23 06:34 - 00067072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbser.sys
2016-06-01 08:33 - 2016-04-23 06:34 - 00059392 _____ (Microsoft Corporation) C:\WINDOWS\system32\hmkd.dll
2016-06-01 08:33 - 2016-04-23 06:34 - 00048128 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
2016-06-01 08:33 - 2016-04-23 06:33 - 00063488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\UcmCx.sys
2016-06-01 08:33 - 2016-04-23 06:33 - 00038400 _____ (Microsoft Corporation) C:\WINDOWS\system32\ByteCodeGenerator.exe
2016-06-01 08:33 - 2016-04-23 06:32 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseDesktopAppMgmtCSP.dll
2016-06-01 08:33 - 2016-04-23 06:31 - 13018112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2016-06-01 08:33 - 2016-04-23 06:29 - 00192000 _____ (Microsoft Corporation) C:\WINDOWS\system32\provisioningcsp.dll
2016-06-01 08:33 - 2016-04-23 06:29 - 00151040 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEStoreEventHandlers.dll
2016-06-01 08:33 - 2016-04-23 06:29 - 00087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\filecrypt.sys
2016-06-01 08:33 - 2016-04-23 06:29 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAppInstaller.exe
2016-06-01 08:33 - 2016-04-23 06:29 - 00047104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hmkd.dll
2016-06-01 08:33 - 2016-04-23 06:29 - 00031232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ByteCodeGenerator.exe
2016-06-01 08:33 - 2016-04-23 06:29 - 00023552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wups.dll
2016-06-01 08:33 - 2016-04-23 06:28 - 00130560 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudDomainJoinDataModelServer.dll
2016-06-01 08:33 - 2016-04-23 06:28 - 00127488 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEDataLayerHelpers.dll
2016-06-01 08:33 - 2016-04-23 06:28 - 00104448 _____ (Microsoft Corporation) C:\WINDOWS\system32\BluetoothApis.dll
2016-06-01 08:33 - 2016-04-23 06:27 - 00039424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wfdprov.dll
2016-06-01 08:33 - 2016-04-23 06:26 - 00086528 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpdbusenum.dll
2016-06-01 08:33 - 2016-04-23 06:25 - 00630784 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneProviders.dll
2016-06-01 08:33 - 2016-04-23 06:25 - 00617984 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2016-06-01 08:33 - 2016-04-23 06:25 - 00210432 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmcsp.dll
2016-06-01 08:33 - 2016-04-23 06:24 - 00689152 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2016-06-01 08:33 - 2016-04-23 06:24 - 00292864 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2016-06-01 08:33 - 2016-04-23 06:24 - 00287232 _____ (Microsoft Corporation) C:\WINDOWS\system32\provhandlers.dll
2016-06-01 08:33 - 2016-04-23 06:24 - 00181248 _____ (Microsoft Corporation) C:\WINDOWS\system32\shacct.dll
2016-06-01 08:33 - 2016-04-23 06:24 - 00166400 _____ (Microsoft Corporation) C:\WINDOWS\system32\SubscriptionMgr.dll
2016-06-01 08:33 - 2016-04-23 06:24 - 00084480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VEDataLayerHelpers.dll
2016-06-01 08:33 - 2016-04-23 06:23 - 00279040 _____ (Microsoft Corporation) C:\WINDOWS\system32\ListSvc.dll
2016-06-01 08:33 - 2016-04-23 06:23 - 00179712 _____ (Microsoft Corporation) C:\WINDOWS\system32\BrowserSettingSync.dll
2016-06-01 08:33 - 2016-04-23 06:23 - 00080896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BluetoothApis.dll
2016-06-01 08:33 - 2016-04-23 06:21 - 00479232 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2016-06-01 08:33 - 2016-04-23 06:20 - 00606720 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2016-06-01 08:33 - 2016-04-23 06:20 - 00484352 _____ (Microsoft Corporation) C:\WINDOWS\system32\DataSenseHandlers.dll
2016-06-01 08:33 - 2016-04-23 06:20 - 00356864 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActivationManager.dll
2016-06-01 08:33 - 2016-04-23 06:20 - 00307200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2016-06-01 08:33 - 2016-04-23 06:20 - 00137728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shacct.dll
2016-06-01 08:33 - 2016-04-23 06:19 - 00970752 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2016-06-01 08:33 - 2016-04-23 06:19 - 00440320 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredProvDataModel.dll
2016-06-01 08:33 - 2016-04-23 06:19 - 00140800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BrowserSettingSync.dll
2016-06-01 08:33 - 2016-04-23 06:18 - 00870400 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2016-06-01 08:33 - 2016-04-23 06:18 - 00804352 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2016-06-01 08:33 - 2016-04-23 06:18 - 00585728 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2016-06-01 08:33 - 2016-04-23 06:18 - 00515072 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneDriveSettingSyncProvider.dll
2016-06-01 08:33 - 2016-04-23 06:18 - 00471552 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupShim.dll
2016-06-01 08:33 - 2016-04-23 06:18 - 00436736 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2016-06-01 08:33 - 2016-04-23 06:17 - 01213440 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2016-06-01 08:33 - 2016-04-23 06:17 - 00529920 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2016-06-01 08:33 - 2016-04-23 06:17 - 00388608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2016-06-01 08:33 - 2016-04-23 06:17 - 00337920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanmsm.dll
2016-06-01 08:33 - 2016-04-23 06:16 - 01319424 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll
2016-06-01 08:33 - 2016-04-23 06:16 - 00848896 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2016-06-01 08:33 - 2016-04-23 06:15 - 00865792 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2016-06-01 08:33 - 2016-04-23 06:15 - 00792064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2016-06-01 08:33 - 2016-04-23 06:15 - 00673280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
2016-06-01 08:33 - 2016-04-23 06:15 - 00400896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneDriveSettingSyncProvider.dll
2016-06-01 08:33 - 2016-04-23 06:15 - 00348672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredProvDataModel.dll
2016-06-01 08:33 - 2016-04-23 06:14 - 00870912 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll
2016-06-01 08:33 - 2016-04-23 06:14 - 00821760 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2016-06-01 08:33 - 2016-04-23 06:14 - 00647680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2016-06-01 08:33 - 2016-04-23 06:14 - 00354304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupShim.dll
2016-06-01 08:33 - 2016-04-23 06:14 - 00342528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2016-06-01 08:33 - 2016-04-23 06:13 - 00705536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2016-06-01 08:33 - 2016-04-23 06:13 - 00489984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll
2016-06-01 08:33 - 2016-04-23 06:13 - 00434688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LogonController.dll
2016-06-01 08:33 - 2016-04-23 06:12 - 00667648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll
2016-06-01 08:33 - 2016-04-23 06:10 - 00639488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2016-06-01 08:33 - 2016-04-23 06:07 - 00848896 _____ (Microsoft Corporation) C:\WINDOWS\system32\samsrv.dll
2016-06-01 08:33 - 2016-04-23 06:05 - 01946112 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2016-06-01 08:33 - 2016-04-23 06:05 - 01626624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2016-06-01 08:33 - 2016-04-23 06:05 - 00613376 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSync.dll
2016-06-01 08:33 - 2016-04-23 06:04 - 04759040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2016-06-01 08:33 - 2016-04-23 06:03 - 02193408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2016-06-01 08:33 - 2016-04-23 06:03 - 02000896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll
2016-06-01 08:33 - 2016-04-23 06:03 - 00754176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2016-06-01 08:33 - 2016-04-23 06:03 - 00503296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSync.dll
2016-06-01 08:33 - 2016-04-23 06:02 - 02444288 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll
2016-06-01 08:33 - 2016-04-23 06:01 - 04775424 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2016-06-01 08:33 - 2016-04-23 06:00 - 00984576 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2016-06-01 08:33 - 2016-04-23 05:45 - 00461824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2016-06-01 08:33 - 2016-04-23 04:10 - 00215040 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2016-06-01 08:33 - 2016-04-02 06:13 - 00369912 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2016-06-01 08:33 - 2016-04-02 06:10 - 00770640 _____ (Microsoft Corporation) C:\WINDOWS\system32\iuilp.dll
2016-06-01 08:33 - 2016-04-02 06:10 - 00374008 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2016-06-01 08:33 - 2016-04-02 05:25 - 00278528 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationObjFactory.dll
2016-06-01 08:33 - 2016-04-02 05:25 - 00239104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NotificationObjFactory.dll
2016-06-01 08:33 - 2016-04-02 05:19 - 01054208 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2016-06-01 08:33 - 2016-03-29 12:23 - 00277856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2016-06-01 08:33 - 2016-03-29 12:22 - 01030416 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2016-06-01 08:33 - 2016-03-29 12:22 - 00874968 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2016-06-01 08:33 - 2016-03-29 12:20 - 01317640 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2016-06-01 08:33 - 2016-03-29 12:20 - 01141504 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2016-06-01 08:33 - 2016-03-29 12:15 - 00100232 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmapi.dll
2016-06-01 08:33 - 2016-03-29 12:11 - 00686976 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll
2016-06-01 08:33 - 2016-03-29 12:05 - 01152864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2016-06-01 08:33 - 2016-03-29 12:02 - 00989536 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2016-06-01 08:33 - 2016-03-29 12:02 - 00334736 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanager.dll
2016-06-01 08:33 - 2016-03-29 11:28 - 00535080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll
2016-06-01 08:33 - 2016-03-29 11:25 - 00058400 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsNativeApi.dll
2016-06-01 08:33 - 2016-03-29 11:19 - 00296488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\policymanager.dll
2016-06-01 08:33 - 2016-03-29 11:18 - 00185184 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2016-06-01 08:33 - 2016-03-29 11:11 - 00074424 _____ (Microsoft Corporation) C:\WINDOWS\system32\easinvoker.exe
2016-06-01 08:33 - 2016-03-29 11:10 - 00110584 _____ (Microsoft Corporation) C:\WINDOWS\system32\srvcli.dll
2016-06-01 08:33 - 2016-03-29 11:09 - 00078040 _____ (Microsoft Corporation) C:\WINDOWS\system32\wkscli.dll
2016-06-01 08:33 - 2016-03-29 11:08 - 00358752 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2016-06-01 08:33 - 2016-03-29 11:08 - 00261376 _____ (Microsoft Corporation) C:\WINDOWS\system32\LsaIso.exe
2016-06-01 08:33 - 2016-03-29 11:07 - 00081144 _____ (Microsoft Corporation) C:\WINDOWS\system32\netapi32.dll
2016-06-01 08:33 - 2016-03-29 10:41 - 00051128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsNativeApi.dll
2016-06-01 08:33 - 2016-03-29 10:26 - 01089888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys
2016-06-01 08:33 - 2016-03-29 10:26 - 00073872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srvcli.dll
2016-06-01 08:33 - 2016-03-29 10:25 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wkscli.dll
2016-06-01 08:33 - 2016-03-29 10:24 - 00294752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2016-06-01 08:33 - 2016-03-29 10:23 - 00069744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netapi32.dll
2016-06-01 08:33 - 2016-03-29 10:21 - 00378208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2016-06-01 08:33 - 2016-03-29 10:07 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsNativeApi.V2.dll
2016-06-01 08:33 - 2016-03-29 10:07 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanagerprecheck.dll
2016-06-01 08:33 - 2016-03-29 10:07 - 00031232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsdchngr.dll
2016-06-01 08:33 - 2016-03-29 10:00 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveskybackup.dll
2016-06-01 08:33 - 2016-03-29 09:59 - 00027648 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManagerShellext.exe
2016-06-01 08:33 - 2016-03-29 09:58 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininetlui.dll
2016-06-01 08:33 - 2016-03-29 09:58 - 00052224 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2016-06-01 08:33 - 2016-03-29 09:57 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\samlib.dll
2016-06-01 08:33 - 2016-03-29 09:57 - 00058368 _____ (Microsoft Corporation) C:\WINDOWS\system32\browcli.dll
2016-06-01 08:33 - 2016-03-29 09:55 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\serial.sys
2016-06-01 08:33 - 2016-03-29 09:55 - 00036352 _____ (Microsoft Corporation) C:\WINDOWS\system32\tbauth.dll
2016-06-01 08:33 - 2016-03-29 09:54 - 00147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\mtxoci.dll
2016-06-01 08:33 - 2016-03-29 09:53 - 00116224 _____ (Microsoft Corporation) C:\WINDOWS\system32\FontProvider.dll
2016-06-01 08:33 - 2016-03-29 09:52 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBrokerCookies.exe
2016-06-01 08:33 - 2016-03-29 09:51 - 00181248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rfcomm.sys
2016-06-01 08:33 - 2016-03-29 09:51 - 00167936 _____ (Microsoft Corporation) C:\WINDOWS\system32\dafBth.dll
2016-06-01 08:33 - 2016-03-29 09:51 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzautoupdate.dll
2016-06-01 08:33 - 2016-03-29 09:50 - 00088576 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxSysprep.dll
2016-06-01 08:33 - 2016-03-29 09:50 - 00066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\OnDemandConnRouteHelper.dll
2016-06-01 08:33 - 2016-03-29 09:50 - 00033280 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuautoappupdate.dll
2016-06-01 08:33 - 2016-03-29 09:48 - 00144896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Devices.dll
2016-06-01 08:33 - 2016-03-29 09:46 - 00134656 _____ (Microsoft Corporation) C:\WINDOWS\system32\browser.dll
2016-06-01 08:33 - 2016-03-29 09:44 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\system32\DAFWSD.dll
2016-06-01 08:33 - 2016-03-29 09:36 - 00530432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nwifi.sys
2016-06-01 08:33 - 2016-03-29 09:36 - 00209408 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll
2016-06-01 08:33 - 2016-03-29 09:35 - 00411648 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleacc.dll
2016-06-01 08:33 - 2016-03-29 09:35 - 00239616 _____ (Microsoft Corporation) C:\WINDOWS\system32\credprovhost.dll
2016-06-01 08:33 - 2016-03-29 09:34 - 00333824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\portcls.sys
2016-06-01 08:33 - 2016-03-29 09:34 - 00284672 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsrslvr.dll
2016-06-01 08:33 - 2016-03-29 09:33 - 00174592 _____ (Microsoft Corporation) C:\WINDOWS\system32\easwrt.dll
2016-06-01 08:33 - 2016-03-29 09:30 - 00328192 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2016-06-01 08:33 - 2016-03-29 09:30 - 00161792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msorcl32.dll
2016-06-01 08:33 - 2016-03-29 09:27 - 00339968 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorService.dll
2016-06-01 08:33 - 2016-03-29 09:23 - 00694784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdiWiFi.sys
2016-06-01 08:33 - 2016-03-29 09:22 - 00438784 _____ (Microsoft Corporation) C:\WINDOWS\system32\AccountsRt.dll
2016-06-01 08:33 - 2016-03-29 09:21 - 00330240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2016-06-01 08:33 - 2016-03-29 09:20 - 00948736 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblAuthManager.dll
2016-06-01 08:33 - 2016-03-29 09:20 - 00166400 _____ (Microsoft Corporation) C:\WINDOWS\system32\AboveLockAppHost.dll
2016-06-01 08:33 - 2016-03-29 09:20 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsdchngr.dll
2016-06-01 08:33 - 2016-03-29 09:19 - 00556032 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll
2016-06-01 08:33 - 2016-03-29 09:18 - 00676352 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSDApi.dll
2016-06-01 08:33 - 2016-03-29 09:17 - 00708608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2016-06-01 08:33 - 2016-03-29 09:14 - 00859136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2016-06-01 08:33 - 2016-03-29 09:12 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininetlui.dll
2016-06-01 08:33 - 2016-03-29 09:12 - 00045568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2016-06-01 08:33 - 2016-03-29 09:11 - 00881664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Input.Inking.dll
2016-06-01 08:33 - 2016-03-29 09:11 - 00043520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\browcli.dll
2016-06-01 08:33 - 2016-03-29 09:09 - 01239552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Bluetooth.dll
2016-06-01 08:33 - 2016-03-29 09:09 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tbauth.dll
2016-06-01 08:33 - 2016-03-29 09:08 - 00888320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.dll
2016-06-01 08:33 - 2016-03-29 09:08 - 00841216 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
2016-06-01 08:33 - 2016-03-29 09:08 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mtxoci.dll
2016-06-01 08:33 - 2016-03-29 09:07 - 01902592 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2016-06-01 08:33 - 2016-03-29 09:06 - 01575936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.dll
2016-06-01 08:33 - 2016-03-29 09:06 - 00022528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBrokerCookies.exe
2016-06-01 08:33 - 2016-03-29 09:05 - 01395712 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll
2016-06-01 08:33 - 2016-03-29 09:04 - 00103936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Devices.dll
2016-06-01 08:33 - 2016-03-29 09:03 - 00148480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dfsc.sys
2016-06-01 08:33 - 2016-03-29 09:02 - 01211904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Cred.dll
2016-06-01 08:33 - 2016-03-29 09:00 - 00345600 _____ (Microsoft Corporation) C:\WINDOWS\system32\TextInputFramework.dll
2016-06-01 08:33 - 2016-03-29 09:00 - 00235008 _____ C:\WINDOWS\system32\MTF.dll
2016-06-01 08:33 - 2016-03-29 09:00 - 00176128 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.DeviceEncryptionHandlers.dll
2016-06-01 08:33 - 2016-03-29 09:00 - 00175616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll
2016-06-01 08:33 - 2016-03-29 08:59 - 00223232 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapibase.dll
2016-06-01 08:33 - 2016-03-29 08:59 - 00119808 _____ (Microsoft Corporation) C:\WINDOWS\system32\BitLockerDeviceEncryption.exe
2016-06-01 08:33 - 2016-03-29 08:55 - 01052160 _____ (Microsoft Corporation) C:\WINDOWS\system32\MsSpellCheckingFacility.dll
2016-06-01 08:33 - 2016-03-29 08:53 - 00323072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleacc.dll
2016-06-01 08:33 - 2016-03-29 08:53 - 00193024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\credprovhost.dll
2016-06-01 08:33 - 2016-03-29 08:52 - 00141824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\easwrt.dll
2016-06-01 08:33 - 2016-03-29 08:49 - 00288256 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveui.dll
2016-06-01 08:33 - 2016-03-29 08:43 - 00358400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AccountsRt.dll
2016-06-01 08:33 - 2016-03-29 08:42 - 01410560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.Http.dll
2016-06-01 08:33 - 2016-03-29 08:42 - 00250880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2016-06-01 08:33 - 2016-03-29 08:41 - 00129024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AboveLockAppHost.dll
2016-06-01 08:33 - 2016-03-29 08:40 - 00787456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.dll
2016-06-01 08:33 - 2016-03-29 08:39 - 00564224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSDApi.dll
2016-06-01 08:33 - 2016-03-29 08:39 - 00496128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2016-06-01 08:33 - 2016-03-29 08:36 - 00649728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2016-06-01 08:33 - 2016-03-29 08:34 - 00682496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Input.Inking.dll
2016-06-01 08:33 - 2016-03-29 08:32 - 00854528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Bluetooth.dll
2016-06-01 08:33 - 2016-03-29 08:32 - 00638464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.dll
2016-06-01 08:33 - 2016-03-29 08:32 - 00128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcsps.dll
2016-06-01 08:33 - 2016-03-29 08:31 - 01117184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Speech.dll
2016-06-01 08:33 - 2016-03-29 08:30 - 01139712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll
2016-06-01 08:33 - 2016-03-29 08:29 - 00256000 _____ (Microsoft Corporation) C:\WINDOWS\system32\accountaccessor.dll
2016-06-01 08:33 - 2016-03-29 08:28 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Cred.dll
2016-06-01 08:33 - 2016-03-29 08:27 - 00245760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TextInputFramework.dll
2016-06-01 08:33 - 2016-03-29 08:27 - 00162816 _____ C:\WINDOWS\SysWOW64\MTF.dll
2016-06-01 08:33 - 2016-03-29 08:27 - 00133632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Core.TextInput.dll
2016-06-01 08:33 - 2016-03-29 08:23 - 00777728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MsSpellCheckingFacility.dll
2016-06-01 08:33 - 2016-03-29 08:17 - 00765952 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2016-06-01 08:33 - 2016-03-29 08:14 - 01072128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.Http.dll
2016-06-01 08:33 - 2016-03-29 08:13 - 00592384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.dll
2016-06-01 08:33 - 2016-03-29 08:05 - 01388032 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2016-06-01 08:33 - 2016-03-29 08:05 - 00361472 _____ (Microsoft Corporation) C:\WINDOWS\system32\bdesvc.dll
2016-06-01 08:33 - 2016-03-29 08:04 - 00688640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Connectivity.dll
2016-06-01 08:33 - 2016-03-29 08:01 - 00957952 _____ (Microsoft Corporation) C:\WINDOWS\system32\IKEEXT.DLL
2016-06-01 08:33 - 2016-03-29 07:45 - 00338432 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncbservice.dll
2016-06-01 08:33 - 2016-03-29 07:43 - 00521728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.Connectivity.dll
2016-06-01 08:33 - 2016-03-29 07:35 - 00821248 _____ (Microsoft Corporation) C:\WINDOWS\system32\fvewiz.dll
2016-06-01 08:33 - 2016-03-29 07:28 - 00324608 _____ (Microsoft Corporation) C:\WINDOWS\system32\fvecpl.dll
2016-06-01 08:33 - 2016-03-29 07:27 - 00794112 _____ (Microsoft Corporation) C:\WINDOWS\system32\BFE.DLL
2016-06-01 08:33 - 2016-03-29 07:26 - 00958976 _____ (Microsoft Corporation) C:\WINDOWS\system32\RemoteNaturalLanguage.dll
2016-06-01 08:33 - 2016-03-29 07:26 - 00402432 _____ (Microsoft Corporation) C:\WINDOWS\system32\FWPUCLNT.DLL
2016-06-01 08:33 - 2016-03-29 07:25 - 00712704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RemoteNaturalLanguage.dll
2016-06-01 08:33 - 2016-03-29 07:25 - 00269824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FWPUCLNT.DLL
2016-06-01 08:33 - 2016-03-29 07:21 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\system32\basesrv.dll
2016-06-01 08:33 - 2016-03-01 07:31 - 00848168 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2016-06-01 08:33 - 2016-03-01 07:22 - 00709688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2016-06-01 08:33 - 2016-02-24 11:34 - 01613664 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2016-06-01 08:33 - 2016-02-24 10:58 - 00794888 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfds.dll
2016-06-01 08:33 - 2016-02-24 10:54 - 00127840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBSTOR.SYS
2016-06-01 08:33 - 2016-02-24 10:43 - 00625000 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipSVC.dll
2016-06-01 08:33 - 2016-02-24 10:39 - 00141560 _____ (Microsoft Corporation) C:\WINDOWS\system32\AuthHost.exe
2016-06-01 08:33 - 2016-02-24 10:19 - 00670928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfds.dll
2016-06-01 08:33 - 2016-02-24 10:11 - 00258280 _____ (Microsoft Corporation) C:\WINDOWS\system32\sqmapi.dll
2016-06-01 08:33 - 2016-02-24 10:09 - 00640472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2016-06-01 08:33 - 2016-02-24 10:09 - 00147808 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe
2016-06-01 08:33 - 2016-02-24 09:39 - 00045568 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTypeHelperUtil.dll
2016-06-01 08:33 - 2016-02-24 09:39 - 00023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExtrasXmlParser.dll
2016-06-01 08:33 - 2016-02-24 09:38 - 00111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTimeUtil.dll
2016-06-01 08:33 - 2016-02-24 09:37 - 00045056 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataLanguageUtil.dll
2016-06-01 08:33 - 2016-02-24 09:36 - 00060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\PimIndexMaintenanceClient.dll
2016-06-01 08:33 - 2016-02-24 09:35 - 00220064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sqmapi.dll
2016-06-01 08:33 - 2016-02-24 09:33 - 00538736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2016-06-01 08:33 - 2016-02-24 09:33 - 00141664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wermgr.exe
2016-06-01 08:33 - 2016-02-24 09:30 - 00025600 _____ (Microsoft Corporation) C:\WINDOWS\system32\wfapigp.dll
2016-06-01 08:33 - 2016-02-24 09:28 - 00070656 _____ (Microsoft Corporation) C:\WINDOWS\system32\POSyncServices.dll
2016-06-01 08:33 - 2016-02-24 09:23 - 00091648 _____ (Microsoft Corporation) C:\WINDOWS\system32\asycfilt.dll
2016-06-01 08:33 - 2016-02-24 09:23 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataPlatformHelperUtil.dll
2016-06-01 08:33 - 2016-02-24 09:20 - 00195072 _____ (Microsoft Corporation) C:\WINDOWS\system32\VCardParser.dll
2016-06-01 08:33 - 2016-02-24 09:19 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\dssvc.dll
2016-06-01 08:33 - 2016-02-24 09:19 - 00031232 _____ (Microsoft Corporation) C:\WINDOWS\system32\seclogon.dll
2016-06-01 08:33 - 2016-02-24 09:14 - 00274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExSMime.dll
2016-06-01 08:33 - 2016-02-24 09:13 - 00121856 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppointmentActivation.dll
2016-06-01 08:33 - 2016-02-24 09:12 - 00243712 _____ (Microsoft Corporation) C:\WINDOWS\system32\cemapi.dll
2016-06-01 08:33 - 2016-02-24 09:12 - 00221184 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneCallHistoryApis.dll
2016-06-01 08:33 - 2016-02-24 09:10 - 00093184 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpninprc.dll
2016-06-01 08:33 - 2016-02-24 09:09 - 00258560 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataAccountApis.dll
2016-06-01 08:33 - 2016-02-24 09:09 - 00161792 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxSip.dll
2016-06-01 08:33 - 2016-02-24 09:07 - 00252928 _____ (Microsoft Corporation) C:\WINDOWS\system32\PimIndexMaintenance.dll
2016-06-01 08:33 - 2016-02-24 09:02 - 00161280 _____ (Microsoft Corporation) C:\WINDOWS\system32\CallHistoryClient.dll
2016-06-01 08:33 - 2016-02-24 09:01 - 00146432 _____ (Microsoft Corporation) C:\WINDOWS\system32\AuthBroker.dll
2016-06-01 08:33 - 2016-02-24 09:01 - 00067584 _____ (Microsoft Corporation) C:\WINDOWS\system32\profext.dll
2016-06-01 08:33 - 2016-02-24 09:00 - 00214528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Scanners.dll
2016-06-01 08:33 - 2016-02-24 08:59 - 00450560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Bluetooth.dll
2016-06-01 08:33 - 2016-02-24 08:59 - 00360448 _____ (Microsoft Corporation) C:\WINDOWS\system32\vaultsvc.dll
2016-06-01 08:33 - 2016-02-24 08:59 - 00318976 _____ (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll
2016-06-01 08:33 - 2016-02-24 08:58 - 00685568 _____ (Microsoft Corporation) C:\WINDOWS\system32\scapi.dll
2016-06-01 08:33 - 2016-02-24 08:55 - 00790528 _____ (Microsoft Corporation) C:\WINDOWS\system32\EmailApis.dll
2016-06-01 08:33 - 2016-02-24 08:55 - 00224256 _____ (Microsoft Corporation) C:\WINDOWS\system32\PackageStateRoaming.dll
2016-06-01 08:33 - 2016-02-24 08:55 - 00018944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExtrasXmlParser.dll
2016-06-01 08:33 - 2016-02-24 08:54 - 00526336 _____ (Microsoft Corporation) C:\WINDOWS\system32\FirewallAPI.dll
2016-06-01 08:33 - 2016-02-24 08:54 - 00288768 _____ (Microsoft Corporation) C:\WINDOWS\system32\vaultcli.dll
2016-06-01 08:33 - 2016-02-24 08:54 - 00228352 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsqmcons.exe
2016-06-01 08:33 - 2016-02-24 08:54 - 00037888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTypeHelperUtil.dll
2016-06-01 08:33 - 2016-02-24 08:53 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTimeUtil.dll
2016-06-01 08:33 - 2016-02-24 08:53 - 00037888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataLanguageUtil.dll
2016-06-01 08:33 - 2016-02-24 08:52 - 00451584 _____ (Microsoft Corporation) C:\WINDOWS\system32\werui.dll
2016-06-01 08:33 - 2016-02-24 08:52 - 00048128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PimIndexMaintenanceClient.dll
2016-06-01 08:33 - 2016-02-24 08:49 - 00726528 _____ (Microsoft Corporation) C:\WINDOWS\system32\ChatApis.dll
2016-06-01 08:33 - 2016-02-24 08:44 - 00915456 _____ (Microsoft Corporation) C:\WINDOWS\system32\configurationclient.dll
2016-06-01 08:33 - 2016-02-24 08:44 - 00700416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppointmentApis.dll
2016-06-01 08:33 - 2016-02-24 08:44 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\POSyncServices.dll
2016-06-01 08:33 - 2016-02-24 08:43 - 00286720 _____ (Microsoft Corporation) C:\WINDOWS\system32\deviceaccess.dll
2016-06-01 08:33 - 2016-02-24 08:40 - 01224704 _____ (Microsoft Corporation) C:\WINDOWS\system32\Unistore.dll
2016-06-01 08:33 - 2016-02-24 08:40 - 00078848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\asycfilt.dll
2016-06-01 08:33 - 2016-02-24 08:40 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataPlatformHelperUtil.dll
2016-06-01 08:33 - 2016-02-24 08:38 - 00150528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VCardParser.dll
2016-06-01 08:33 - 2016-02-24 08:36 - 01847808 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPDMC.exe
2016-06-01 08:33 - 2016-02-24 08:34 - 00938496 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContactApis.dll
2016-06-01 08:33 - 2016-02-24 08:32 - 00223744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExSMime.dll
2016-06-01 08:33 - 2016-02-24 08:32 - 00098304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppointmentActivation.dll
2016-06-01 08:33 - 2016-02-24 08:31 - 00200704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cemapi.dll
2016-06-01 08:33 - 2016-02-24 08:31 - 00169984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhoneCallHistoryApis.dll
2016-06-01 08:33 - 2016-02-24 08:28 - 00196608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataAccountApis.dll
2016-06-01 08:33 - 2016-02-24 08:28 - 00135168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxSip.dll
2016-06-01 08:33 - 2016-02-24 08:25 - 00401408 _____ (Microsoft Corporation) C:\WINDOWS\system32\sharemediacpl.dll
2016-06-01 08:33 - 2016-02-24 08:23 - 00129024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CallHistoryClient.dll
2016-06-01 08:33 - 2016-02-24 08:22 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\profext.dll
2016-06-01 08:33 - 2016-02-24 08:21 - 00315904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Bluetooth.dll
2016-06-01 08:33 - 2016-02-24 08:21 - 00168448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Scanners.dll
2016-06-01 08:33 - 2016-02-24 08:18 - 00575488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EmailApis.dll
2016-06-01 08:33 - 2016-02-24 08:18 - 00184832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PackageStateRoaming.dll
2016-06-01 08:33 - 2016-02-24 08:17 - 00369664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FirewallAPI.dll
2016-06-01 08:33 - 2016-02-24 08:16 - 00394752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werui.dll
2016-06-01 08:33 - 2016-02-24 08:13 - 00540160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ChatApis.dll
2016-06-01 08:33 - 2016-02-24 08:09 - 00552960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppointmentApis.dll
2016-06-01 08:33 - 2016-02-24 08:09 - 00228352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\deviceaccess.dll
2016-06-01 08:33 - 2016-02-24 08:07 - 00949248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Unistore.dll
2016-06-01 08:33 - 2016-02-24 08:04 - 01497088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMPDMC.exe
2016-06-01 08:33 - 2016-02-24 08:03 - 00769536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ContactApis.dll
2016-06-01 08:33 - 2016-02-24 07:43 - 00184320 _____ (Microsoft Corporation) C:\WINDOWS\system32\fwbase.dll
2016-06-01 08:33 - 2016-02-24 07:22 - 00163328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fwbase.dll
2016-06-01 08:33 - 2016-02-23 13:25 - 00563552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\acpi.sys
2016-06-01 08:33 - 2016-02-23 13:15 - 00779384 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskschd.dll
2016-06-01 08:33 - 2016-02-23 12:32 - 01152328 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
2016-06-01 08:33 - 2016-02-23 12:31 - 01017032 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsrcsnk.dll
2016-06-01 08:33 - 2016-02-23 12:31 - 00819648 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2016-06-01 08:33 - 2016-02-23 12:31 - 00536256 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2016-06-01 08:33 - 2016-02-23 12:31 - 00476728 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll
2016-06-01 08:33 - 2016-02-23 12:31 - 00408120 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2016-06-01 08:33 - 2016-02-23 12:22 - 00572272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\taskschd.dll
2016-06-01 08:33 - 2016-02-23 12:17 - 00146272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\appid.sys
2016-06-01 08:33 - 2016-02-23 11:40 - 00430944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2016-06-01 08:33 - 2016-02-23 11:38 - 00980352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll
2016-06-01 08:33 - 2016-02-23 11:38 - 00895080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsrcsnk.dll
2016-06-01 08:33 - 2016-02-23 11:38 - 00882720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2016-06-01 08:33 - 2016-02-23 11:38 - 00420928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvproc.dll
2016-06-01 08:33 - 2016-02-23 11:37 - 00713824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2016-06-01 08:33 - 2016-02-23 11:27 - 00376536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.MediaControl.dll
2016-06-01 08:33 - 2016-02-23 11:20 - 00238592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\xboxgip.sys
2016-06-01 08:33 - 2016-02-23 11:12 - 00077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\provpackageapidll.dll
2016-06-01 08:33 - 2016-02-23 11:10 - 00027648 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiConfigSP.dll
2016-06-01 08:33 - 2016-02-23 11:07 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvcpal.dll
2016-06-01 08:33 - 2016-02-23 11:06 - 00129536 _____ (Microsoft Corporation) C:\WINDOWS\system32\flvprophandler.dll
2016-06-01 08:33 - 2016-02-23 11:01 - 00104960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rasl2tp.sys
2016-06-01 08:33 - 2016-02-23 11:00 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\wfdprov.dll
2016-06-01 08:33 - 2016-02-23 10:58 - 00025088 _____ (Microsoft Corporation) C:\WINDOWS\system32\irmon.dll
2016-06-01 08:33 - 2016-02-23 10:55 - 00114688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bridge.sys
2016-06-01 08:33 - 2016-02-23 10:53 - 00099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngckeyenum.dll
2016-06-01 08:33 - 2016-02-23 10:40 - 00074240 _____ (Microsoft Corporation) C:\WINDOWS\system32\SMSRouter.dll
2016-06-01 08:33 - 2016-02-23 10:39 - 00178176 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll
2016-06-01 08:33 - 2016-02-23 10:38 - 00320000 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSFlacDecoder.dll
2016-06-01 08:33 - 2016-02-23 10:38 - 00287712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.MediaControl.dll
2016-06-01 08:33 - 2016-02-23 10:37 - 00274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\DisplayManager.dll
2016-06-01 08:33 - 2016-02-23 10:36 - 00216576 _____ (Microsoft Corporation) C:\WINDOWS\system32\QuickActionsDataModel.dll
2016-06-01 08:33 - 2016-02-23 10:34 - 00305664 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifiprofilessettinghandler.dll
2016-06-01 08:33 - 2016-02-23 10:34 - 00189952 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiDisplay.dll
2016-06-01 08:33 - 2016-02-23 10:31 - 00463360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansec.dll
2016-06-01 08:33 - 2016-02-23 10:29 - 00591872 _____ (Microsoft Corporation) C:\WINDOWS\system32\SmsRouterSvc.dll
2016-06-01 08:33 - 2016-02-23 10:28 - 00275456 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2016-06-01 08:33 - 2016-02-23 10:27 - 00307712 _____ (Microsoft Corporation) C:\WINDOWS\system32\usbmon.dll
2016-06-01 08:33 - 2016-02-23 10:26 - 00372224 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDEServer.exe
2016-06-01 08:33 - 2016-02-23 10:23 - 00412672 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanmsm.dll
2016-06-01 08:33 - 2016-02-23 10:22 - 00567808 _____ (Microsoft Corporation) C:\WINDOWS\system32\MCRecvSrc.dll
2016-06-01 08:33 - 2016-02-23 10:20 - 00847360 _____ (Microsoft Corporation) C:\WINDOWS\system32\netlogon.dll
2016-06-01 08:33 - 2016-02-23 10:20 - 00493568 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmkvsrcsnk.dll
2016-06-01 08:33 - 2016-02-23 10:19 - 00517632 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2016-06-01 08:33 - 2016-02-23 10:14 - 00828928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.AccountsControl.dll
2016-06-01 08:33 - 2016-02-23 10:04 - 01131520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Audio.dll
2016-06-01 08:33 - 2016-02-23 10:04 - 00382464 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2016-06-01 08:33 - 2016-02-23 10:02 - 00755712 _____ (Microsoft Corporation) C:\WINDOWS\system32\spoolsv.exe
2016-06-01 08:33 - 2016-02-23 10:02 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb10.sys
2016-06-01 08:33 - 2016-02-23 09:58 - 00163840 _____ (Microsoft Corporation) C:\WINDOWS\system32\TimeBrokerServer.dll
2016-06-01 08:33 - 2016-02-23 09:52 - 00456704 _____ (Microsoft Corporation) C:\WINDOWS\system32\ipnathlp.dll
2016-06-01 08:33 - 2016-02-23 09:50 - 00266752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSFlacDecoder.dll
2016-06-01 08:33 - 2016-02-23 09:49 - 00200704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DisplayManager.dll
2016-06-01 08:33 - 2016-02-23 09:48 - 00838144 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll
2016-06-01 08:33 - 2016-02-23 09:47 - 00157184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WiFiDisplay.dll
2016-06-01 08:33 - 2016-02-23 09:38 - 00480256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MCRecvSrc.dll
2016-06-01 08:33 - 2016-02-23 09:37 - 01118208 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2016-06-01 08:33 - 2016-02-23 09:36 - 00713728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netlogon.dll
2016-06-01 08:33 - 2016-02-23 09:36 - 00379392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmkvsrcsnk.dll
2016-06-01 08:33 - 2016-02-23 09:35 - 00400896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2016-06-01 08:33 - 2016-02-23 09:31 - 00585216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.AccountsControl.dll
2016-06-01 08:33 - 2016-02-23 09:24 - 01105920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Audio.dll
2016-06-01 08:33 - 2016-02-23 09:01 - 02295808 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2016-06-01 08:33 - 2016-02-09 05:18 - 00297472 _____ (Microsoft Corporation) C:\WINDOWS\system32\thumbcache.dll
2016-06-01 08:33 - 2016-02-09 05:18 - 00237056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\thumbcache.dll
2016-06-01 08:33 - 2016-01-27 07:57 - 00820704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll
2016-06-01 08:33 - 2016-01-27 07:55 - 00081112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OpenWith.exe
2016-06-01 08:33 - 2016-01-27 07:46 - 01270072 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2016-06-01 08:33 - 2016-01-27 07:44 - 00085320 _____ (Microsoft Corporation) C:\WINDOWS\system32\OpenWith.exe
2016-06-01 08:33 - 2016-01-27 07:15 - 00031232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ztrace_maps.dll
2016-06-01 08:33 - 2016-01-27 07:10 - 00099840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hlink.dll
2016-06-01 08:33 - 2016-01-27 07:08 - 00299008 _____ (Microsoft Corporation) C:\WINDOWS\system32\microsoft-windows-system-events.dll
2016-06-01 08:33 - 2016-01-27 07:08 - 00036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\ztrace_maps.dll
2016-06-01 08:33 - 2016-01-27 07:07 - 00203264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iassam.dll
2016-06-01 08:33 - 2016-01-27 07:02 - 00109056 _____ (Microsoft Corporation) C:\WINDOWS\system32\hlink.dll
2016-06-01 08:33 - 2016-01-27 06:59 - 00258048 _____ (Microsoft Corporation) C:\WINDOWS\system32\iassam.dll
2016-06-01 08:33 - 2016-01-27 06:50 - 00144384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxdav.sys
2016-06-01 08:33 - 2016-01-27 06:44 - 00063488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cfgbkend.dll
2016-06-01 08:33 - 2016-01-27 06:31 - 00079360 _____ (Microsoft Corporation) C:\WINDOWS\system32\cfgbkend.dll
2016-06-01 08:33 - 2016-01-16 08:37 - 00202472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscapi.dll
2016-06-01 08:33 - 2016-01-16 08:24 - 00538632 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWanAPI.dll
2016-06-01 08:33 - 2016-01-16 08:23 - 00785088 _____ (Microsoft Corporation) C:\WINDOWS\system32\evr.dll
2016-06-01 08:33 - 2016-01-16 08:20 - 00652312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\evr.dll
2016-06-01 08:33 - 2016-01-16 08:20 - 00431240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWanAPI.dll
2016-06-01 08:33 - 2016-01-16 08:20 - 00366224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AUDIOKSE.dll
2016-06-01 08:33 - 2016-01-16 08:19 - 00405568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2016-06-01 08:33 - 2016-01-16 08:12 - 01415200 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2016-06-01 08:33 - 2016-01-16 08:08 - 01174008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2016-06-01 08:33 - 2016-01-16 08:08 - 00440152 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe
2016-06-01 08:33 - 2016-01-16 07:44 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasadhlp.dll
2016-06-01 08:33 - 2016-01-16 07:42 - 00013824 _____ (Microsoft Corporation) C:\WINDOWS\system32\sscoreext.dll
2016-06-01 08:33 - 2016-01-16 07:41 - 00055296 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2016-06-01 08:33 - 2016-01-16 07:40 - 00049152 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcaui.exe
2016-06-01 08:33 - 2016-01-16 07:40 - 00019456 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasautou.exe
2016-06-01 08:33 - 2016-01-16 07:39 - 00149504 _____ (Microsoft Corporation) C:\WINDOWS\system32\FilterDS.dll
2016-06-01 08:33 - 2016-01-16 07:38 - 00193024 _____ (Microsoft Corporation) C:\WINDOWS\system32\SimCfg.dll
2016-06-01 08:33 - 2016-01-16 07:36 - 00475648 _____ (Microsoft Corporation) C:\WINDOWS\system32\DDDS.dll
2016-06-01 08:33 - 2016-01-16 07:36 - 00221696 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2016-06-01 08:33 - 2016-01-16 07:36 - 00160768 _____ (Microsoft Corporation) C:\WINDOWS\system32\SimAuth.dll
2016-06-01 08:33 - 2016-01-16 07:35 - 00383488 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2016-06-01 08:33 - 2016-01-16 07:34 - 00477696 _____ (Microsoft Corporation) C:\WINDOWS\system32\srcore.dll
2016-06-01 08:33 - 2016-01-16 07:33 - 00726528 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidcli.dll
2016-06-01 08:33 - 2016-01-16 07:33 - 00574976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.UX.EapRequestHandler.dll
2016-06-01 08:33 - 2016-01-16 07:32 - 00621568 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbiosrvc.dll
2016-06-01 08:33 - 2016-01-16 07:32 - 00041984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pcaui.exe
2016-06-01 08:33 - 2016-01-16 07:31 - 00343552 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsApi.dll
2016-06-01 08:33 - 2016-01-16 07:31 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasautou.exe
2016-06-01 08:33 - 2016-01-16 07:30 - 02127360 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2016-06-01 08:33 - 2016-01-16 07:30 - 00157696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SimCfg.dll
2016-06-01 08:33 - 2016-01-16 07:29 - 01500672 _____ (Microsoft Corporation) C:\WINDOWS\system32\RecoveryDrive.exe
2016-06-01 08:33 - 2016-01-16 07:28 - 00884736 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasdlg.dll
2016-06-01 08:33 - 2016-01-16 07:28 - 00129024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SimAuth.dll
2016-06-01 08:33 - 2016-01-16 07:27 - 00335872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2016-06-01 08:33 - 2016-01-16 07:26 - 00260608 _____ C:\WINDOWS\system32\MTFServer.dll
2016-06-01 08:33 - 2016-01-16 07:25 - 00510976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidcli.dll
2016-06-01 08:33 - 2016-01-16 07:24 - 00273408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsApi.dll
2016-06-01 08:33 - 2016-01-16 07:23 - 02050048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2016-06-01 08:33 - 2016-01-16 07:20 - 00799744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasdlg.dll
2016-06-01 08:33 - 2016-01-16 07:19 - 00733184 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasapi32.dll
2016-06-01 08:33 - 2016-01-16 07:18 - 01674240 _____ (Microsoft Corporation) C:\WINDOWS\system32\quartz.dll
2016-06-01 08:33 - 2016-01-16 07:16 - 01542656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\quartz.dll
2016-06-01 08:33 - 2016-01-16 07:11 - 00653312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasapi32.dll
2016-06-01 08:33 - 2016-01-05 04:50 - 00671472 _____ (Microsoft Corporation) C:\WINDOWS\system32\advapi32.dll
2016-06-01 08:33 - 2016-01-05 04:48 - 00499432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\advapi32.dll
2016-06-01 08:33 - 2016-01-05 04:37 - 00858952 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetcore.dll
2016-06-01 08:33 - 2016-01-05 04:37 - 00245840 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2016-06-01 08:33 - 2016-01-05 04:37 - 00234504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mftranscode.dll
2016-06-01 08:33 - 2016-01-05 04:33 - 01118208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetsrc.dll
2016-06-01 08:33 - 2016-01-05 04:33 - 00701384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetcore.dll
2016-06-01 08:33 - 2016-01-05 04:33 - 00208176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mftranscode.dll
2016-06-01 08:33 - 2016-01-05 04:33 - 00116728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfps.dll
2016-06-01 08:33 - 2016-01-05 04:23 - 01804664 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMALFXGFXDSP.dll
2016-06-01 08:33 - 2016-01-05 04:23 - 00786696 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMADMOD.DLL
2016-06-01 08:33 - 2016-01-05 04:23 - 00119320 _____ (Microsoft Corporation) C:\WINDOWS\system32\MP3DMOD.DLL
2016-06-01 08:33 - 2016-01-05 04:17 - 00695752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMADMOD.DLL
2016-06-01 08:33 - 2016-01-05 04:16 - 00100160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MP3DMOD.DLL
2016-06-01 08:33 - 2016-01-05 03:57 - 00076288 _____ (Microsoft Corporation) C:\WINDOWS\system32\RMSRoamingSecurity.dll
2016-06-01 08:33 - 2016-01-05 03:57 - 00043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\usermgrcli.dll
2016-06-01 08:33 - 2016-01-05 03:53 - 00148992 _____ (Microsoft Corporation) C:\WINDOWS\system32\wshom.ocx
2016-06-01 08:33 - 2016-01-05 03:51 - 00472576 _____ (Microsoft Corporation) C:\WINDOWS\system32\DscCore.dll
2016-06-01 08:33 - 2016-01-05 03:51 - 00248832 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserMgrProxy.dll
2016-06-01 08:33 - 2016-01-05 03:50 - 00644096 _____ (Microsoft Corporation) C:\WINDOWS\system32\uReFS.dll
2016-06-01 08:33 - 2016-01-05 03:49 - 01582080 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitstatic.exe
2016-06-01 08:33 - 2016-01-05 03:49 - 01255936 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMSPDMOE.DLL
2016-06-01 08:33 - 2016-01-05 03:49 - 00749056 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneService.dll
2016-06-01 08:33 - 2016-01-05 03:49 - 00167936 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProximityCommon.dll
2016-06-01 08:33 - 2016-01-05 03:48 - 01009152 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMSPDMOD.DLL
2016-06-01 08:33 - 2016-01-05 03:48 - 00387072 _____ (Microsoft Corporation) C:\WINDOWS\system32\qdvd.dll
2016-06-01 08:33 - 2016-01-05 03:48 - 00034816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usermgrcli.dll
2016-06-01 08:33 - 2016-01-05 03:47 - 00305664 _____ (Microsoft Corporation) C:\WINDOWS\system32\ksproxy.ax
2016-06-01 08:33 - 2016-01-05 03:45 - 00678912 _____ (Microsoft Corporation) C:\WINDOWS\system32\qedit.dll
2016-06-01 08:33 - 2016-01-05 03:45 - 00275968 _____ (Microsoft Corporation) C:\WINDOWS\system32\facecredentialprovider.dll
2016-06-01 08:33 - 2016-01-05 03:44 - 00125440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wshom.ocx
2016-06-01 08:33 - 2016-01-05 03:43 - 00912384 _____ (Microsoft Corporation) C:\WINDOWS\system32\usermgr.dll
2016-06-01 08:33 - 2016-01-05 03:41 - 01070080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMSPDMOE.DLL
2016-06-01 08:33 - 2016-01-05 03:41 - 00558592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\uReFS.dll
2016-06-01 08:33 - 2016-01-05 03:40 - 00890880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMSPDMOD.DLL
2016-06-01 08:33 - 2016-01-05 03:40 - 00123392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ProximityCommon.dll
2016-06-01 08:33 - 2016-01-05 03:39 - 00569856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\qdvd.dll
2016-06-01 08:33 - 2016-01-05 03:39 - 00235008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ksproxy.ax
2016-06-01 08:33 - 2016-01-05 03:36 - 00573440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\qedit.dll
2016-06-01 08:33 - 2015-12-07 06:48 - 00526856 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfreadwrite.dll
2016-06-01 08:33 - 2015-12-07 06:48 - 00462760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfreadwrite.dll
2016-06-01 08:33 - 2015-12-07 06:48 - 00337840 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFPlay.dll
2016-06-01 08:33 - 2015-12-07 06:48 - 00289248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFPlay.dll
2016-06-01 08:33 - 2015-12-07 06:45 - 00264544 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContentDeliveryManager.Utilities.dll
2016-06-01 08:33 - 2015-12-07 06:15 - 01035776 _____ (Microsoft Corporation) C:\WINDOWS\system32\XboxNetApiSvc.dll
2016-06-01 08:33 - 2015-12-07 06:10 - 00824320 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll
2016-06-01 08:33 - 2015-12-07 06:07 - 00077312 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProvPluginEng.dll
2016-06-01 08:33 - 2015-12-07 06:06 - 00572928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll
2016-06-01 08:33 - 2015-12-07 06:06 - 00231936 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCore.dll
2016-06-01 08:33 - 2015-12-07 06:04 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\system32\provtool.exe
2016-06-01 08:33 - 2015-12-07 05:59 - 00165376 _____ (Microsoft Corporation) C:\WINDOWS\system32\provdatastore.dll
2016-06-01 08:33 - 2015-12-07 05:45 - 00900608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.BackgroundTransfer.dll
2016-06-01 08:33 - 2015-12-07 05:45 - 00683008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.BackgroundTransfer.dll
2016-06-01 08:33 - 2015-12-07 05:43 - 00931328 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSMPEG2ENC.DLL
2016-06-01 08:33 - 2015-12-07 05:38 - 00871936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSMPEG2ENC.DLL
2016-06-01 08:33 - 2015-12-07 05:32 - 00126464 _____ (Microsoft Corporation) C:\WINDOWS\system32\dialserver.dll
2016-06-01 08:33 - 2015-11-24 11:37 - 00147968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rmcast.sys
2016-06-01 08:33 - 2015-11-24 11:19 - 00182784 _____ (Microsoft Corporation) C:\WINDOWS\system32\shutdownux.dll
2016-06-01 08:33 - 2015-11-24 11:12 - 00523776 _____ (Microsoft Corporation) C:\WINDOWS\system32\catsrvut.dll
2016-06-01 08:33 - 2015-11-24 10:52 - 01717248 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2016-06-01 08:33 - 2015-11-24 10:49 - 01648640 _____ (Microsoft Corporation) C:\WINDOWS\system32\comsvcs.dll
2016-06-01 08:33 - 2015-11-24 10:14 - 00415744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\catsrvut.dll
2016-06-01 08:33 - 2015-11-24 09:59 - 01467392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2016-06-01 08:33 - 2015-11-24 09:57 - 01328128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comsvcs.dll
2016-06-01 08:33 - 2015-11-24 09:29 - 02352128 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2016-06-01 08:33 - 2015-11-24 09:04 - 02155008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2016-06-01 08:33 - 2015-11-22 12:34 - 00080600 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwapi.dll
2016-06-01 08:33 - 2015-11-22 12:33 - 00095072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdstor.sys
2016-06-01 08:33 - 2015-11-22 12:33 - 00051680 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsUtilsV2.dll
2016-06-01 08:33 - 2015-11-22 12:25 - 00063528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wwapi.dll
2016-06-01 08:33 - 2015-11-22 11:55 - 00070656 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblAuthManagerProxy.dll
2016-06-01 08:33 - 2015-11-22 11:54 - 00117248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\capimg.sys
2016-06-01 08:33 - 2015-11-22 11:50 - 00074240 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssign32.dll
2016-06-01 08:33 - 2015-11-22 11:43 - 00704000 _____ (Microsoft Corporation) C:\WINDOWS\system32\CellularAPI.dll
2016-06-01 08:33 - 2015-11-22 11:43 - 00041984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XblAuthManagerProxy.dll
2016-06-01 08:33 - 2015-11-22 11:42 - 00589312 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApi.dll
2016-06-01 08:33 - 2015-11-22 11:38 - 00060928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssign32.dll
2016-06-01 08:33 - 2015-11-22 11:36 - 01042432 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingOnlineServices.dll
2016-06-01 08:33 - 2015-11-22 11:32 - 00340480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToDevice.dll
2016-06-01 08:33 - 2015-11-22 11:31 - 00470528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MbaeApi.dll
2016-06-01 08:33 - 2015-11-22 11:28 - 00870400 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2016-06-01 08:33 - 2015-11-22 11:26 - 00709120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingOnlineServices.dll
2016-06-01 08:33 - 2015-11-22 11:18 - 00697856 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToManager.dll
2016-06-01 08:33 - 2015-11-22 11:18 - 00458752 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToDevice.dll
2016-06-01 08:33 - 2015-11-22 11:11 - 00517632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToManager.dll
2016-06-01 08:33 - 2015-11-21 07:44 - 00204800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft-Windows-AppModelExecEvents.dll
2016-06-01 08:33 - 2015-11-13 08:55 - 00035680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wimmount.sys
2016-06-01 08:33 - 2015-11-13 08:51 - 00698208 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimgapi.dll
2016-06-01 08:33 - 2015-11-13 08:51 - 00523616 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimserv.exe
2016-06-01 08:33 - 2015-11-13 08:43 - 00586208 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2016-06-01 08:33 - 2015-11-13 08:43 - 00110032 _____ (Microsoft Corporation) C:\WINDOWS\system32\EncDump.dll
2016-06-01 08:33 - 2015-11-13 08:43 - 00035656 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfpmp.exe
2016-06-01 08:33 - 2015-11-13 08:42 - 00516544 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2016-06-01 08:33 - 2015-11-13 08:42 - 00088392 _____ (Microsoft Corporation) C:\WINDOWS\system32\remoteaudioendpoint.dll
2016-06-01 08:33 - 2015-11-13 08:33 - 00911648 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcomp.dll
2016-06-01 08:33 - 2015-11-13 08:33 - 00586080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wimgapi.dll
2016-06-01 08:33 - 2015-11-13 08:21 - 00511320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf.dll
2016-06-01 08:33 - 2015-11-13 08:21 - 00454056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
2016-06-01 08:33 - 2015-11-13 08:21 - 00073360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\remoteaudioendpoint.dll
2016-06-01 08:33 - 2015-11-13 08:21 - 00032040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfpmp.exe
2016-06-01 08:33 - 2015-11-13 08:09 - 00675064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dcomp.dll
2016-06-01 08:33 - 2015-11-05 14:05 - 00118624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tdx.sys
2016-06-01 08:33 - 2015-11-05 12:25 - 00578912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afd.sys
2016-06-01 08:32 - 2016-06-01 08:32 - 00000000 ____D C:\Users\Gerhard\AppData\Local\NetworkTiles
2016-06-01 08:32 - 2016-04-23 06:33 - 00089600 _____ (Microsoft Corporation) C:\WINDOWS\system32\NFCProvisioningPlugin.dll
2016-06-01 08:32 - 2016-04-23 06:33 - 00063488 _____ (Microsoft Corporation) C:\WINDOWS\system32\wshbth.dll
2016-06-01 08:32 - 2016-04-23 06:32 - 00134656 _____ (Microsoft Corporation) C:\WINDOWS\system32\wificonnapi.dll
2016-06-01 08:32 - 2016-04-23 06:28 - 00051712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wshbth.dll
2016-06-01 08:32 - 2016-04-23 06:19 - 00395264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlansec.dll
2016-06-01 08:32 - 2016-04-23 04:10 - 00002186 _____ C:\WINDOWS\system32\AppxProvisioning.xml
2016-06-01 08:32 - 2016-04-19 00:30 - 00002186 _____ C:\WINDOWS\SysWOW64\AppxProvisioning.xml
2016-06-01 08:32 - 2016-03-29 10:16 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\xinputhid.sys
2016-06-01 08:32 - 2016-03-29 10:07 - 00034816 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenterprisediagnostics.dll
2016-06-01 08:32 - 2016-03-29 10:06 - 00012800 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleacchooks.dll
2016-06-01 08:32 - 2016-03-29 10:00 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetCfgNotifyObjectHost.exe
2016-06-01 08:32 - 2016-03-29 09:50 - 00107520 _____ (Microsoft Corporation) C:\WINDOWS\system32\BdeHdCfgLib.dll
2016-06-01 08:32 - 2016-03-29 09:20 - 00080384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsNativeApi.V2.dll
2016-06-01 08:32 - 2016-03-29 09:19 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleacchooks.dll
2016-06-01 08:32 - 2016-03-29 09:11 - 00061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\samlib.dll
2016-06-01 08:32 - 2016-03-29 09:05 - 00052736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OnDemandConnRouteHelper.dll
2016-06-01 08:32 - 2016-03-29 08:59 - 00108544 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputLocaleManager.dll
2016-06-01 08:32 - 2016-03-29 08:27 - 00083456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputLocaleManager.dll
2016-06-01 08:32 - 2016-02-24 09:22 - 00196608 _____ (Microsoft Corporation) C:\WINDOWS\system32\fwpolicyiomgr.dll
2016-06-01 08:32 - 2016-02-24 08:46 - 00020480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wfapigp.dll
2016-06-01 08:32 - 2016-02-24 08:39 - 00164864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fwpolicyiomgr.dll
2016-06-01 08:32 - 2016-02-23 11:07 - 00037376 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchWinApp.exe
2016-06-01 08:32 - 2016-02-23 10:53 - 00115712 _____ (Microsoft Corporation) C:\WINDOWS\system32\srpapi.dll
2016-06-01 08:32 - 2016-02-23 10:48 - 00041984 _____ (Microsoft Corporation) C:\WINDOWS\system32\TimeBrokerClient.dll
2016-06-01 08:32 - 2016-02-23 10:14 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LaunchWinApp.exe
2016-06-01 08:32 - 2016-02-23 09:57 - 00031744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TimeBrokerClient.dll
2016-06-01 08:32 - 2016-01-16 07:44 - 00013824 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastlsext.dll
2016-06-01 08:32 - 2016-01-16 07:43 - 00097280 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttpcom.dll
2016-06-01 08:32 - 2016-01-16 07:40 - 00106496 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasauto.dll
2016-06-01 08:32 - 2016-01-16 07:38 - 00130560 _____ (Microsoft Corporation) C:\WINDOWS\system32\winbio.dll
2016-06-01 08:32 - 2016-01-16 07:36 - 00011776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastlsext.dll
2016-06-01 08:32 - 2016-01-16 07:35 - 00013312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasadhlp.dll
2016-06-01 08:32 - 2016-01-16 07:34 - 00079360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttpcom.dll
2016-06-01 08:32 - 2016-01-16 07:30 - 00093696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winbio.dll
2016-06-01 08:32 - 2016-01-05 03:42 - 00166912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserMgrProxy.dll
2016-06-01 08:32 - 2015-12-07 06:15 - 00075776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.XboxLive.ProxyStub.dll
2016-06-01 08:32 - 2015-12-07 06:09 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorageUsage.dll
2016-06-01 08:32 - 2015-12-07 06:05 - 00036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\BackgroundTransferHost.exe
2016-06-01 08:32 - 2015-12-07 06:01 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BackgroundTransferHost.exe
2016-06-01 08:32 - 2015-11-24 12:01 - 02756096 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2016-06-01 08:32 - 2015-11-24 11:54 - 00007680 _____ (Microsoft Corporation) C:\WINDOWS\system32\readingviewresources.dll
2016-06-01 08:32 - 2015-11-24 11:53 - 00115200 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2016-06-01 08:32 - 2015-11-24 11:45 - 00018944 _____ (Microsoft Corporation) C:\WINDOWS\system32\wshrm.dll
2016-06-01 08:32 - 2015-11-24 10:54 - 02756096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2016-06-01 08:32 - 2015-11-22 12:00 - 00058368 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosResource.dll
2016-06-01 08:32 - 2015-11-22 11:57 - 00110592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft-Windows-MapControls.dll
2016-06-01 08:32 - 2015-11-22 11:57 - 00036352 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCoreRes.dll
2016-06-01 08:32 - 2015-11-22 11:57 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft-Windows-MosTrace.dll
2016-06-01 08:32 - 2015-11-22 11:57 - 00009728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft-Windows-MosHost.dll
2016-06-01 08:32 - 2015-11-22 11:56 - 01268736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll
2016-06-01 08:32 - 2015-11-22 11:56 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\ihvrilproxy.dll
2016-06-01 08:32 - 2015-11-22 11:56 - 00055808 _____ (Microsoft Corporation) C:\WINDOWS\system32\rilproxy.dll
2016-06-01 08:32 - 2015-11-22 11:55 - 00013312 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsBtSvcProxy.dll
2016-06-01 08:32 - 2015-11-22 11:54 - 00075264 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanprotdim.dll
2016-06-01 08:32 - 2015-11-22 11:54 - 00044032 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsplib.dll
2016-06-01 08:32 - 2015-11-22 11:54 - 00032256 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
2016-06-01 08:32 - 2015-11-22 11:54 - 00028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\WordBreakers.dll
2016-06-01 08:32 - 2015-11-22 11:54 - 00028160 _____ (Microsoft Corporation) C:\WINDOWS\system32\nativemap.dll
2016-06-01 08:32 - 2015-11-22 11:54 - 00003072 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlStringsRes.dll
2016-06-01 08:32 - 2015-11-22 11:52 - 00060928 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblAuthTokenBrokerExt.dll
2016-06-01 08:32 - 2015-11-22 11:51 - 00042496 _____ (Microsoft Corporation) C:\WINDOWS\system32\mapstoasttask.dll
2016-06-01 08:32 - 2015-11-22 11:51 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\system32\iernonce.dll
2016-06-01 08:32 - 2015-11-22 11:49 - 00066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesetup.dll
2016-06-01 08:32 - 2015-11-22 11:49 - 00052224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wwanpref.dll
2016-06-01 08:32 - 2015-11-22 11:48 - 00058368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MosResource.dll
2016-06-01 08:32 - 2015-11-22 11:45 - 06572032 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanmm.dll
2016-06-01 08:32 - 2015-11-22 11:45 - 00264192 _____ (Nokia) C:\WINDOWS\system32\NmaDirect.dll
2016-06-01 08:32 - 2015-11-22 11:45 - 00110592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Microsoft-Windows-MapControls.dll
2016-06-01 08:32 - 2015-11-22 11:45 - 00073728 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwancfg.dll
2016-06-01 08:32 - 2015-11-22 11:45 - 00036352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCoreRes.dll
2016-06-01 08:32 - 2015-11-22 11:45 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Microsoft-Windows-MosTrace.dll
2016-06-01 08:32 - 2015-11-22 11:45 - 00009728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Microsoft-Windows-MosHost.dll
2016-06-01 08:32 - 2015-11-22 11:44 - 01268736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Resources.dll
2016-06-01 08:32 - 2015-11-22 11:42 - 00024064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WordBreakers.dll
2016-06-01 08:32 - 2015-11-22 11:42 - 00003072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapControlStringsRes.dll
2016-06-01 08:32 - 2015-11-22 11:41 - 01814528 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnidui.dll
2016-06-01 08:32 - 2015-11-22 11:40 - 00465920 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanconn.dll
2016-06-01 08:32 - 2015-11-22 11:40 - 00049152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XblAuthTokenBrokerExt.dll
2016-06-01 08:32 - 2015-11-22 11:39 - 00114688 _____ (Microsoft Corporation) C:\WINDOWS\system32\offlinelsa.dll
2016-06-01 08:32 - 2015-11-22 11:34 - 00075264 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditBufferTestHook.dll
         
__________________


Alt 01.07.2016, 18:43   #3
pinocchio
 
Banking Trojaner auf Smartphone, Online Konto gehackt, Login mit Laptop nicht möglich - Standard

Banking Trojaner auf Smartphone, Online Konto gehackt, Login mit Laptop nicht möglich



FRST.txt Teil 3

Code:
ATTFilter
2016-06-01 08:32 - 2015-11-22 11:33 - 00205824 _____ (Nokia) C:\WINDOWS\SysWOW64\NmaDirect.dll
2016-06-01 08:32 - 2015-11-22 11:28 - 00100864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offlinelsa.dll
2016-06-01 08:32 - 2015-11-22 11:24 - 00059904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EditBufferTestHook.dll
2016-06-01 08:32 - 2015-11-13 08:07 - 00028160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.Provisioning.ProxyStub.dll
2016-06-01 08:32 - 2015-11-13 08:06 - 00052736 _____ (Microsoft Corporation) C:\WINDOWS\system32\RemovableMediaProvisioningPlugin.dll
2016-06-01 08:32 - 2015-11-13 08:05 - 00122368 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCsp.dll
2016-06-01 08:32 - 2015-11-13 08:05 - 00078336 _____ (Microsoft Corporation) C:\WINDOWS\system32\BarcodeProvisioningPlugin.dll
2016-06-01 08:32 - 2015-11-13 08:05 - 00043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.proxy.dll
2016-06-01 08:32 - 2015-11-13 08:05 - 00030720 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringconfigsp.dll
2016-06-01 08:32 - 2015-11-13 08:04 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\IcsEntitlementHost.exe
2016-06-01 08:32 - 2015-11-13 08:03 - 00052736 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringclient.dll
2016-06-01 08:32 - 2015-11-13 07:56 - 00163328 _____ (Microsoft Corporation) C:\WINDOWS\system32\provops.dll
2016-06-01 08:32 - 2015-11-13 07:40 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcastdvr.proxy.dll
2016-06-01 08:32 - 2015-11-13 07:34 - 00070656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppCapture.dll
2016-06-01 08:32 - 2015-11-13 07:30 - 00334336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcastdvr.exe
2016-06-01 08:32 - 2015-11-05 12:08 - 00014336 _____ (Microsoft Corporation) C:\WINDOWS\system32\dciman32.dll
2016-06-01 08:32 - 2015-11-05 12:08 - 00003072 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpk.dll
2016-06-01 08:32 - 2015-11-05 11:03 - 00003072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\lpk.dll
2016-06-01 08:32 - 2015-11-05 11:02 - 00011776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dciman32.dll

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-07-01 16:56 - 2015-10-30 09:21 - 00000000 ____D C:\WINDOWS\INF
2016-07-01 16:43 - 2014-09-17 01:06 - 00000884 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2016-07-01 16:37 - 2015-06-20 22:27 - 00001232 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-3206007939-3703904605-1476991908-1001UA.job
2016-07-01 16:37 - 2014-09-23 16:45 - 00000592 _____ C:\WINDOWS\Tasks\G2MUpdateTask-S-1-5-21-3206007939-3703904605-1476991908-1001.job
2016-07-01 16:35 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-07-01 16:32 - 2014-09-17 14:10 - 00000000 ____D C:\Program Files (x86)\Emsisoft Anti-Malware
2016-07-01 16:30 - 2016-01-25 11:53 - 00000000 ____D C:\Users\Admin\AppData\Roaming\SynciOS Data Transfer
2016-07-01 16:29 - 2015-01-09 11:48 - 00001106 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2016-07-01 16:29 - 2014-09-17 01:05 - 00000000 ____D C:\Users\Admin\AppData\Local\Adobe
2016-07-01 16:28 - 2014-12-04 19:53 - 00001128 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3206007939-3703904605-1476991908-1001UA.job
2016-07-01 16:22 - 2016-01-20 01:11 - 00000000 ____D C:\Program Files\Bitdefender Agent
2016-07-01 16:13 - 2015-01-09 11:48 - 00001110 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2016-07-01 15:53 - 2015-05-30 22:42 - 00000688 _____ C:\WINDOWS\Tasks\G2MUploadTask-S-1-5-21-3206007939-3703904605-1476991908-1001.job
2016-07-01 15:37 - 2015-06-20 22:27 - 00001180 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-3206007939-3703904605-1476991908-1001Core.job
2016-07-01 14:27 - 2016-05-31 13:23 - 02113406 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-07-01 14:27 - 2015-10-30 20:35 - 00899366 _____ C:\WINDOWS\system32\perfh007.dat
2016-07-01 14:27 - 2015-10-30 20:35 - 00201816 _____ C:\WINDOWS\system32\perfc007.dat
2016-07-01 14:21 - 2016-05-31 13:34 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-07-01 14:21 - 2016-05-31 13:23 - 00000000 ____D C:\Users\Gerhard
2016-07-01 14:21 - 2016-05-31 13:22 - 00000000 ____D C:\ProgramData\NVIDIA
2016-07-01 14:21 - 2016-01-25 12:44 - 00000000 ___RD C:\Users\Gerhard\iCloudDrive
2016-07-01 14:21 - 2016-01-25 10:11 - 00000000 ____D C:\Users\Gerhard\AppData\Roaming\SynciOS Data Transfer
2016-07-01 14:20 - 2014-09-17 00:31 - 00540943 _____ C:\bdlog.txt
2016-07-01 14:10 - 2016-05-31 15:18 - 00000000 ____D C:\Users\Gerhard\AppData\Local\Packages
2016-07-01 13:34 - 2016-02-20 20:44 - 00000000 ____D C:\Users\Gerhard\AppData\LocalLow\Temp
2016-07-01 13:09 - 2016-03-25 10:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AbiWord Word Processor
2016-07-01 13:09 - 2016-01-20 17:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Franzis HDR Projects Professional 3 (64-bit)
2016-07-01 13:09 - 2014-10-15 09:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TheBestSpinner3
2016-07-01 13:07 - 2016-05-31 14:21 - 00000000 ___DC C:\WINDOWS\Panther
2016-07-01 12:47 - 2016-05-31 14:18 - 00000000 ____D C:\Windows.old
2016-07-01 09:04 - 2015-10-30 09:24 - 00000000 ___HD C:\Program Files\WindowsApps
2016-07-01 09:03 - 2014-09-17 16:00 - 00000000 ____D C:\Users\Gerhard\AppData\Local\Adobe
2016-07-01 01:05 - 2014-09-16 18:43 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2016-07-01 01:05 - 2014-09-16 18:43 - 00000000 ____D C:\Program Files (x86)\Realtek
2016-07-01 00:28 - 2014-12-04 19:53 - 00001076 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3206007939-3703904605-1476991908-1001Core.job
2016-07-01 00:16 - 2014-12-14 22:36 - 00000000 ____D C:\Users\Admin\AppData\Local\CrashDumps
2016-07-01 00:16 - 2014-11-18 18:30 - 00000000 ____D C:\Users\Admin\AppData\Roaming\inkscape
2016-06-30 23:55 - 2015-10-30 12:31 - 00000000 ____D C:\Program Files\Common Files\Topaz Labs
2016-06-30 23:53 - 2015-03-18 20:33 - 00000000 ____D C:\ProgramData\TechSmith
2016-06-30 23:53 - 2015-03-18 19:01 - 00000000 ____D C:\Users\Admin\AppData\Local\TechSmith
2016-06-30 23:53 - 2014-09-17 14:24 - 00000000 ____D C:\ProgramData\Package Cache
2016-06-30 23:30 - 2014-09-20 11:53 - 00000000 ____D C:\Program Files\Xara
2016-06-30 23:26 - 2015-05-28 17:07 - 00000000 ____D C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PhotoZoom Pro 6
2016-06-30 11:19 - 2015-07-21 15:35 - 00000214 _____ C:\Users\Public\Desktop\My Software Deals.url
2016-06-30 11:19 - 2014-09-20 14:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ashampoo
2016-06-30 11:19 - 2014-09-20 14:21 - 00000000 ____D C:\ProgramData\Ashampoo
2016-06-30 11:19 - 2014-09-20 14:21 - 00000000 ____D C:\Program Files (x86)\Ashampoo
2016-06-29 17:05 - 2016-05-31 15:20 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2016-06-29 14:01 - 2014-10-15 09:09 - 00000000 ____D C:\Program Files (x86)\TheBestSpinner3
2016-06-29 14:00 - 2016-01-20 00:25 - 00000085 _____ C:\WINDOWS\wininit.ini
2016-06-29 14:00 - 2015-12-04 10:53 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2016-06-29 13:57 - 2016-04-19 17:18 - 00000000 ____D C:\ProgramData\Skype
2016-06-29 13:49 - 2016-04-27 21:53 - 00000000 ____D C:\Users\Gerhard\AppData\Roaming\MyPhoneExplorer
2016-06-29 13:47 - 2015-07-01 17:38 - 00000000 ____D C:\WINDOWS\lhsp
2016-06-29 13:44 - 2014-11-11 18:37 - 00000000 ____D C:\Program Files (x86)\Explaindio Video Creator
2016-06-29 13:43 - 2015-06-05 11:26 - 00000000 ____D C:\Program Files (x86)\Explaindio Video Creator 2
2016-06-29 13:40 - 2015-09-24 09:41 - 00000000 ____D C:\Program Files (x86)\EasySketchPro3
2016-06-29 13:38 - 2015-03-18 20:33 - 00000000 ____D C:\Program Files (x86)\QuickTime
2016-06-29 13:27 - 2016-03-25 21:02 - 00000000 ____D C:\Program Files (x86)\AbiWord
2016-06-28 19:19 - 2016-01-20 01:22 - 00299816 _____ (Bitdefender) C:\WINDOWS\system32\Drivers\ignis.sys
2016-06-28 19:19 - 2016-01-20 01:21 - 00520032 _____ (BitDefender S.R.L.) C:\WINDOWS\system32\Drivers\trufos.sys
2016-06-28 11:43 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2016-06-28 09:48 - 2014-10-17 19:12 - 00000000 ____D C:\ProgramData\Oracle
2016-06-28 09:47 - 2014-10-17 19:12 - 00000000 ____D C:\Program Files (x86)\Java
2016-06-28 09:44 - 2016-05-20 15:37 - 00000000 ____D C:\Users\Admin\AppData\Roaming\Skype
2016-06-27 10:56 - 2015-07-09 09:37 - 02748416 _____ C:\Users\Gerhard\Desktop\Kurz Kunden_Kopie.accdb
2016-06-27 10:00 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\addins
2016-06-25 14:40 - 2014-10-30 10:53 - 00000000 ____D C:\Users\Gerhard\AppData\Roaming\Dropbox
2016-06-24 16:17 - 2016-05-31 13:23 - 00000000 ____D C:\Users\Acronis Agent User.Admin-PC
2016-06-24 16:12 - 2016-05-31 13:23 - 00000000 ____D C:\Users\Admin
2016-06-23 17:22 - 2014-09-22 12:57 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2016-06-23 17:22 - 2014-09-22 12:57 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2016-06-23 13:58 - 2015-10-30 09:24 - 00000000 ___SD C:\WINDOWS\Downloaded Program Files
2016-06-23 13:58 - 2015-10-30 09:24 - 00000000 ___RD C:\WINDOWS\Offline Web Pages
2016-06-23 12:32 - 2014-09-22 12:57 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2016-06-22 10:53 - 2015-06-20 22:27 - 00000000 ____D C:\Users\Gerhard\AppData\Local\Dropbox
2016-06-22 08:51 - 2015-10-30 09:24 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2016-06-22 08:49 - 2014-09-17 12:09 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2016-06-19 20:12 - 2015-12-11 18:30 - 00000000 ____D C:\AddOns
2016-06-19 12:40 - 2016-03-07 17:46 - 00000000 ____D C:\Users\Admin\AppData\Roaming\ObjectNews2
2016-06-19 12:31 - 2014-11-14 10:56 - 00000000 ____D C:\Users\Gerhard\AppData\Roaming\SpiderOak
2016-06-19 11:48 - 2016-05-31 13:22 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2016-06-19 11:41 - 2016-05-31 13:55 - 00000000 __RHD C:\Users\Public\AccountPictures
2016-06-18 11:32 - 2015-01-09 11:48 - 00002264 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-06-18 11:32 - 2015-01-09 11:48 - 00002252 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-06-17 14:40 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\rescache
2016-06-17 14:38 - 2015-10-30 09:11 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-06-16 14:56 - 2015-10-30 09:24 - 00000000 ___SD C:\WINDOWS\system32\DiagSvcs
2016-06-16 14:56 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2016-06-16 14:56 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\bcastdvr
2016-06-15 10:29 - 2014-09-17 00:43 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-06-15 10:24 - 2014-09-17 00:43 - 142482544 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-06-14 20:33 - 2015-10-30 09:26 - 00828408 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2016-06-14 20:33 - 2015-10-30 09:26 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2016-06-13 09:56 - 2016-04-26 17:51 - 00000000 ____D C:\Program Files (x86)\deepinvent
2016-06-11 17:45 - 2014-09-16 20:57 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-06-09 13:40 - 2016-05-20 14:28 - 00000000 ____D C:\Users\Gerhard\HDR Projects 4 Pro
2016-06-09 08:24 - 2016-05-31 13:55 - 00000000 ____D C:\Users\Admin\AppData\Local\Packages
2016-06-09 08:09 - 2014-09-17 16:00 - 00000000 ____D C:\Users\Gerhard\AppData\Local\NVIDIA
2016-06-07 17:23 - 2014-09-18 13:21 - 00000000 ____D C:\Users\Gerhard\AppData\Roaming\eM Client
2016-06-07 11:09 - 2014-12-20 19:43 - 00000000 ____D C:\Program Files\Common Files\Apple
2016-06-06 11:06 - 2015-08-06 17:57 - 00000000 ____D C:\Program Files (x86)\Ginger
2016-06-06 09:06 - 2015-10-25 17:44 - 00002469 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat DC.lnk
2016-06-06 09:06 - 2015-10-25 17:44 - 00002114 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat Distiller DC.lnk
2016-06-04 02:51 - 2015-07-13 20:45 - 13553096 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvlddmkm.sys
2016-06-03 09:22 - 2016-05-31 14:38 - 17432544 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvd3dumx.dll
2016-06-03 09:22 - 2015-07-13 20:45 - 20375488 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvwgf2umx.dll
2016-06-03 09:22 - 2015-07-13 20:45 - 17729184 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvwgf2um.dll
2016-06-03 09:22 - 2015-07-13 20:45 - 14462536 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvd3dum.dll
2016-06-03 09:22 - 2015-07-13 20:45 - 03811256 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2016-06-03 09:22 - 2015-07-13 20:45 - 03371624 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2016-06-03 09:22 - 2015-07-13 20:45 - 00040084 _____ C:\WINDOWS\system32\nvinfo.pb
2016-06-03 05:59 - 2016-05-31 13:22 - 06452948 _____ C:\WINDOWS\system32\nvcoproc.bin
2016-06-03 05:59 - 2016-05-31 13:22 - 06364216 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2016-06-03 05:59 - 2016-05-31 13:22 - 02455608 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2016-06-03 05:59 - 2016-05-31 13:22 - 01762752 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2016-06-03 05:59 - 2016-05-31 13:22 - 01352760 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvvsvc.exe
2016-06-03 05:59 - 2016-05-31 13:22 - 00392128 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2016-06-03 05:59 - 2016-05-31 13:22 - 00069568 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2016-06-03 05:59 - 2016-02-02 11:09 - 00534072 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll
2016-06-03 05:59 - 2016-02-02 11:09 - 00081856 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll
2016-06-02 12:33 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\NDF
2016-06-01 15:39 - 2016-05-31 15:23 - 00000000 ____D C:\Users\Gerhard\AppData\Local\MicrosoftEdge
2016-06-01 15:07 - 2015-10-30 20:44 - 00000000 ____D C:\Program Files\Windows Journal
2016-06-01 15:07 - 2015-10-30 09:24 - 00015703 _____ C:\WINDOWS\system32\OEMDefaultAssociations.xml
2016-06-01 15:07 - 2015-10-30 09:24 - 00000000 __RSD C:\WINDOWS\Media
2016-06-01 15:07 - 2015-10-30 09:24 - 00000000 ___SD C:\WINDOWS\system32\F12
2016-06-01 15:07 - 2015-10-30 09:24 - 00000000 ___RD C:\WINDOWS\PurchaseDialog
2016-06-01 15:07 - 2015-10-30 09:24 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2016-06-01 15:07 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2016-06-01 15:07 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\oobe
2016-06-01 15:07 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\appraiser
2016-06-01 15:07 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\Provisioning
2016-06-01 15:07 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\PolicyDefinitions
2016-06-01 15:07 - 2015-10-30 09:24 - 00000000 ____D C:\Program Files\Windows Portable Devices
2016-06-01 15:07 - 2015-10-30 09:24 - 00000000 ____D C:\Program Files\Windows Multimedia Platform
2016-06-01 15:07 - 2015-10-30 09:24 - 00000000 ____D C:\Program Files (x86)\Windows Portable Devices
2016-06-01 15:07 - 2015-10-30 09:24 - 00000000 ____D C:\Program Files (x86)\Windows Multimedia Platform
2016-06-01 15:07 - 2015-10-30 08:28 - 00000000 ____D C:\WINDOWS\SysWOW64\Dism
2016-06-01 15:07 - 2015-10-30 08:28 - 00000000 ____D C:\WINDOWS\system32\Dism
2016-06-01 13:40 - 2014-09-16 18:58 - 00000000 ____D C:\Users\Admin\AppData\Local\ElevatedDiagnostics
2016-06-01 08:35 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\appcompat

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2014-11-21 12:12 - 2014-11-21 12:12 - 0000017 _____ () C:\Program Files (x86)\Setup.ini
2015-09-18 12:00 - 2016-06-13 09:57 - 16790552 _____ (LastPass) C:\Program Files (x86)\Common Files\lpuninstall.exe
2014-12-11 14:48 - 2015-11-05 15:31 - 0000034 _____ () C:\Users\Gerhard\AppData\Roaming\AdobeWLCMCache.dat
2014-12-04 16:26 - 2014-12-04 16:26 - 0000323 _____ () C:\Users\Gerhard\AppData\Roaming\FotoSketcher.ini
2014-12-11 12:16 - 2014-12-11 12:16 - 0000112 _____ () C:\Users\Gerhard\AppData\Roaming\JP2K CS6 Prefs
2014-10-03 08:40 - 2014-10-03 08:40 - 0000038 ___SH () C:\Users\Gerhard\AppData\Local\9d79c3153f8f90cc74501.90881086
2014-10-02 18:16 - 2015-04-23 11:27 - 0001456 _____ () C:\Users\Gerhard\AppData\Local\Adobe Für Web speichern 13.0 Prefs
2015-03-20 19:45 - 2015-03-20 19:45 - 0004608 _____ () C:\Users\Gerhard\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-07-02 10:14 - 2015-07-02 10:14 - 0000095 _____ () C:\Users\Gerhard\AppData\Local\fusioncache.dat
2015-04-16 18:07 - 2015-04-16 18:17 - 0000600 _____ () C:\Users\Gerhard\AppData\Local\PUTTY.RND
2015-10-25 17:18 - 2015-10-25 17:18 - 0003892 _____ () C:\Users\Gerhard\AppData\Local\recently-used.xbel
2016-01-20 01:23 - 2016-01-20 01:23 - 0423469 _____ () C:\ProgramData\1453245669.bdinstall.bin
2016-02-16 09:28 - 2016-02-16 09:28 - 0025136 _____ () C:\ProgramData\1455607689.bdinstall.bin
2016-03-22 17:18 - 2016-03-22 17:18 - 0025834 _____ () C:\ProgramData\1458659890.bdinstall.bin
2016-03-31 18:01 - 2016-03-31 18:01 - 0025906 _____ () C:\ProgramData\1459440110.bdinstall.bin
2016-06-14 15:05 - 2016-06-14 15:05 - 0025906 _____ () C:\ProgramData\1465909525.bdinstall.bin
2016-06-14 15:05 - 2016-06-14 15:05 - 0025902 _____ () C:\ProgramData\1465909544.bdinstall.bin
2015-03-12 01:33 - 2015-03-12 01:33 - 0000119 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc

==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert


ACHTUNG: ==> Auf den BCD konnte nicht zugegriffen werden. der Benutzer ist kein Administrator

==================== Ende von FRST.txt ============================
         
Addition.txt

Code:
ATTFilter
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 29-06-2016
durchgeführt von Gerhard (2016-07-01 17:06:24)
Gestartet von D:\DOWNLOADS 2
Windows 10 Home Version 1511 (X64) (2016-05-31 11:55:28)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Acronis Agent User (S-1-5-21-3206007939-3703904605-1476991908-1009 - Administrator - Enabled) => C:\Users\Acronis Agent User.Admin-PC
Admin (S-1-5-21-3206007939-3703904605-1476991908-1000 - Administrator - Enabled) => C:\Users\Admin
Administrator (S-1-5-21-3206007939-3703904605-1476991908-500 - Administrator - Disabled)
ASPNET (S-1-5-21-3206007939-3703904605-1476991908-1005 - Limited - Enabled)
DefaultAccount (S-1-5-21-3206007939-3703904605-1476991908-503 - Limited - Disabled)
Gast (S-1-5-21-3206007939-3703904605-1476991908-501 - Limited - Disabled)
Gerhard (S-1-5-21-3206007939-3703904605-1476991908-1001 - Limited - Enabled) => C:\Users\Gerhard
HomeGroupUser$ (S-1-5-21-3206007939-3703904605-1476991908-1003 - Limited - Enabled)

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Emsisoft Anti-Malware (Enabled - Up to date) {15510D9D-6530-DA29-224F-7BA1BDD1CB58}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Bitdefender Virenschutz (Enabled - Up to date) {3FB17364-4FCC-0FA7-6BBF-973897395371}
AS: Bitdefender Spyware-Schutz (Enabled - Up to date) {84D09280-69F6-0029-510F-AC4AECBE19CC}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Emsisoft Anti-Malware (Enabled - Up to date) {AE30EC79-430A-D5A7-18FF-40D3C65681E5}
FW: Bitdefender Firewall (Enabled) {078AF241-05A3-0EFF-40E0-3E0D69EA140A}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Acronis Backup Client (HKLM\...\9EBDE6F5-EAE6-4326-A3A1-DEAA29F32D1D_BackupAndRecovery) (Version: 12.0.1150 - Acronis)
Acronis Backup Client (Version: 12.0.1150 - Acronis) Hidden
Adalyzer (HKU\S-1-5-21-3206007939-3703904605-1476991908-1001\...\5b021bb11398c934) (Version: 1.0.4.0 - Richard Grear)
Adobe Acrobat DC (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-0C0F074E4100}) (Version: 15.016.20045 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 19.0.0.241 - Adobe Systems Incorporated)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 3.4.1.181 - Adobe Systems Incorporated)
Adobe Flash Player 22 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 22.0.0.192 - Adobe Systems Incorporated)
Adobe Illustrator CC 2015 (HKLM-x32\...\ILST_19_2_1) (Version: 19.2.1 - Adobe Systems Incorporated)
Adobe Photoshop CC 2015 (HKLM-x32\...\{793C2BF7-A4FE-4608-91C9-9282C5801C21}) (Version: 16.1.2 - Adobe Systems Incorporated)
Akeeba eXtract Wizard 3.3 (HKLM-x32\...\{C5A52C02-1618-47DB-8A92-559DE29048EC}_is1) (Version:  - Akeeba Developers)
Amazon Drive (HKU\S-1-5-21-3206007939-3703904605-1476991908-1001\...\Amazon Drive) (Version: 3.5.2.48 - Amazon.com, Inc.)
Amazon Kindle (HKLM-x32\...\Amazon Kindle) (Version:  - Amazon)
Amazon Kindle (HKU\S-1-5-21-3206007939-3703904605-1476991908-1001\...\Amazon Kindle) (Version:  - Amazon)
Apple Application Support (32-Bit) (HKLM-x32\...\{26356515-5821-40FA-9C3D-9785052A1062}) (Version: 4.3.1 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{C2651553-6CA3-4822-B2E6-BC4ACA6E0EA2}) (Version: 4.3.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{2E4AF2A6-50EA-4260-9BA4-5E582D11879A}) (Version: 9.3.0.15 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: 2.2.0.150 - Apple Inc.)
Ashampoo Burning Studio 14 v.14.0.5 (HKLM-x32\...\{91B33C97-7BCF-CDFE-4321-58EBF3E8641C}_is1) (Version: 14.0.5 - Ashampoo GmbH & Co. KG)
Ashampoo Snap 9 (HKLM-x32\...\{0A11EA01-D628-EEFD-B5E8-864238AE9105}_is1) (Version: 9.0.1 - Ashampoo GmbH & Co. KG)
Ashampoo UnInstaller 6 (HKLM-x32\...\{4209F371-7DE5-9DF2-5DEF-91667EBBBBC5}_is1) (Version: 6.00.14 - Ashampoo GmbH & Co. KG)
Atheros Bluetooth Suite (64) (HKLM\...\{230D1595-57DA-4933-8C4E-375797EBB7E1}) (Version: 7.04.000.98 - Atheros)
ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0031 - ASUS)
Audials (HKLM-x32\...\{1AF206E6-6828-44F8-8518-43FF76F43F0C}) (Version: 12.0.63100.0 - Audials AG)
Bitdefender Agent (HKLM\...\Bitdefender Agent) (Version: 20.0.23.1252 - Bitdefender)
Bitdefender Total Security 2016 (HKLM\...\Bitdefender) (Version: 20.0.24.1290 - Bitdefender)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Canon IJ Network Scanner Selector EX (HKLM-x32\...\Canon_IJ_Network_Scanner_Selector_EX) (Version:  - )
Canon IJ Network Tool (HKLM-x32\...\Canon_IJ_Network_UTILITY) (Version: 3.1.1 - Canon Inc.)
Canon MG6200 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG6200_series) (Version:  - Canon Inc.)
Canon MP Navigator EX 5.0 (HKLM-x32\...\MP Navigator EX 5.0) (Version:  - )
Citrix Online Launcher (HKLM-x32\...\{DB014C85-A264-4BCA-A66F-6DD1FCF8EC36}) (Version: 1.0.335 - Citrix)
Crowd Force Pro (HKLM-x32\...\CrowdForce) (Version: 0.46.0 - UNKNOWN)
Crowd Force Pro (x32 Version: 0.46.0 - UNKNOWN) Hidden
Cyberduck 19355 (4.8.4) (HKLM-x32\...\Cyberduck) (Version: 19355 (4.8.4) - )
Dropbox (HKU\S-1-5-21-3206007939-3703904605-1476991908-1001\...\Dropbox) (Version: 5.4.24 - Dropbox, Inc.)
eM Client (HKLM-x32\...\{7B35918E-43E4-45AF-8F1B-C15D86CA919D}) (Version: 6.0.24928.0 - eM Client Inc.)
Emsisoft Anti-Malware (HKLM-x32\...\{5502032C-88C1-4303-99FE-B5CBD7684CEA}_is1) (Version: 9.0 - Emsisoft GmbH)
FileZilla Client 3.17.0 (HKLM-x32\...\FileZilla Client) (Version: 3.17.0 - Tim Kosse)
Firebird SQL Server - MAGIX Edition (HKLM-x32\...\{39AB2E37-1A55-4292-A5D3-971E9F70D0F8}) (Version: 2.1.32.0 - MAGIX AG)
Fresco Logic USB3.0 Host Controller (HKLM\...\{FFF6BB59-380A-4338-AEFB-226F511C0713}) (Version: 3.5.73.0 - Fresco Logic Inc.)
FreshTitle (HKLM-x32\...\FreshTitle1.0.0.4) (Version: 1.0.0.4 - AppBreed)
Ginger (HKLM-x32\...\InstallShield_{1EBF9A59-F4E3-4EA7-BA97-76703C1432F6}) (Version: 3.7.63 - Ginger Software)
Ginger (x32 Version: 3.7.63 - Ginger Software) Hidden
GMX ProfiFax (HKLM-x32\...\GMX ProfiFax) (Version: 2.00.236 - 1&1 Mail & Media GmbH)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 51.0.2704.103 - Google Inc.)
Google Talk Plugin (HKLM-x32\...\{F9B579C2-D854-300A-BE62-A09EB9D722E4}) (Version: 5.41.3.0 - Google)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.30.3 - Google Inc.) Hidden
GoToMeeting 7.19.0.5102 (HKU\S-1-5-21-3206007939-3703904605-1476991908-1001\...\GoToMeeting) (Version: 7.19.0.5102 - CitrixOnline)
Grammarly for Microsoft® Office Suite (Version: 6.5.43 - Grammarly) Hidden
HappyFingers Version 3.0.0 (HKLM-x32\...\{3C2AE644-A64E-4291-92F1-800380989EE2}_is1) (Version: 3.0.0 - Red Trolley Software Pty Ltd)
HMA! Pro VPN 2.8.24.0 (HKLM-x32\...\HMA! Pro VPN) (Version: 2.8.24.0 - Privax Ltd)
iCloud (HKLM\...\{ADFDB647-35C0-4254-9EE6-2D9C3B7104BD}) (Version: 5.2.1.69 - Apple Inc.)
Inkscape 0.48.5 (HKLM-x32\...\Inkscape) (Version: 0.48.5 - )
Inkscape 0.91 (HKLM\...\{81922150-317E-4BB0-A31D-FF1C14F707C5}) (Version: 0.91 - inkscape.org)
InstantArticleWizard (HKLM-x32\...\InstantArticleWizard) (Version:  - )
Interst Architect (HKLM-x32\...\Interst Architect1.0.0.6) (Version: 1.0.0.6 - InnAnTech Industries Inc.)
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.38 - Irfan Skiljan)
iTunes (HKLM\...\{9F4BF859-C3A4-4AB6-BDD1-9C5D58188598}) (Version: 12.4.1.6 - Apple Inc.)
Java 8 Update 91 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218091F0}) (Version: 8.0.910.15 - Oracle Corporation)
Keyword Blaze 2.0 (HKLM-x32\...\com.vaival.keywordtool) (Version: 0.0.8 - UNKNOWN)
Keyword Blaze 2.0 (x32 Version: 0.0.8 - UNKNOWN) Hidden
Keyword Master (HKLM-x32\...\{7C46AC08-8DE3-2088-E72D-001A34D8E536}) (Version: 1.0 - Cliff Carrigan)
L&H TTS3000 Deutsch (HKLM-x32\...\LHTTSGED) (Version:  - )
Lernout & Hauspie TruVoice American English TTS Engine (HKLM-x32\...\tv_enua) (Version:  - )
Logitech Options (HKLM\...\LogiOptions) (Version:  - Logitech)
Macrium Reflect Free Edition (HKLM\...\MacriumReflect) (Version: 6.1 - Paramount Software (UK) Ltd.)
Macrium Reflect Free Edition (Version: 6.1.1311 - Paramount Software (UK) Ltd.) Hidden
MAGIX Fonts Package 2 (x32 Version: 1.0.0.0 - MAGIX Software GmbH) Hidden
MAGIX Fotostory 2015 Deluxe (HKLM-x32\...\MX.{B051358D-748D-4969-9FE7-C116D730CAAD}) (Version: 14.0.1.42 - MAGIX Software GmbH)
MAGIX Fotostory 2015 Deluxe (Version: 14.0.1.42 - MAGIX Software GmbH) Hidden
MAGIX Speed burnR (MSI) (HKLM-x32\...\MX.{61124E02-0FFC-4390-8943-4B5C1E3713CE}) (Version: 7.0.2.6 - MAGIX Software GmbH)
MAGIX Speed burnR (MSI) (Version: 7.0.2.6 - MAGIX Software GmbH) Hidden
MAGIX Video deluxe 2015 Premium (HKLM\...\MX.{EAC79752-A0A4-45DB-9F99-9F6445920F77}) (Version: 14.0.0.159 - MAGIX Software GmbH)
MAGIX Video deluxe 2015 Premium (Version: 14.0.0.159 - MAGIX Software GmbH) Hidden
MAGIX Video Sound Cleaning Lab 2014 (HKLM-x32\...\MX.{6D904F95-F965-4475-A3DD-9F52C5AD0CB7}) (Version: 20.0.0.14 - MAGIX AG)
MAGIX Video Sound Cleaning Lab 2014 (Version: 20.0.0.14 - MAGIX AG) Hidden
Malwarebytes Anti-Malware Version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Mein 3DataManager (HKLM-x32\...\3DataManager) (Version: 1.1.1 - Mein 3DataManager)
Microsoft .NET Framework 1.1 (HKLM-x32\...\{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}) (Version: 1.1.4322 - Microsoft)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Office 365 - de-de (HKLM\...\O365HomePremRetail - de-de) (Version: 16.0.6965.2058 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50428.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
MOBackup - Datensicherung für Outlook (Vollversion) (HKLM-x32\...\MOBackup-DatensicherungfürOutlook) (Version: 7.95 - Heiko Schröder)
Mozilla Firefox 47.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 47.0 (x86 de)) (Version: 47.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 47.0.0.5999 - Mozilla)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2721691) (HKLM-x32\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
My Solodex (HKLM-x32\...\SolodexReloaded) (Version: 2.00 - UNKNOWN)
My Solodex (x32 Version: 2.00 - UNKNOWN) Hidden
MyPhoneExplorer (HKLM-x32\...\MPE) (Version: 1.8.7 - F.J. Wechselberger)
NaturalReaderFree (HKLM-x32\...\{262EFBD9-A907-490F-81F4-561FDD3A8C5C}) (Version: 1.00.0000 - Naturalsoft limited)
NVIDIA 3D Vision Treiber 368.39 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 368.39 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.11.3.5 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.11.3.5 - NVIDIA Corporation)
NVIDIA Grafiktreiber 368.39 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 368.39 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.34.14 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.14 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.16.0318 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.16.0318 - NVIDIA Corporation)
ObjectNews2 (HKU\S-1-5-21-3206007939-3703904605-1476991908-1001\...\ObjectNews2) (Version: 02.58 - ObjectNews2)
Office 16 Click-to-Run Extensibility Component (x32 Version: 16.0.6925.1018 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (Version: 16.0.6925.1018 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (x32 Version: 16.0.6925.1018 - Microsoft Corporation) Hidden
Oracle VM VirtualBox 4.3.20 (HKLM\...\{86401870-7AB7-4A8D-8AD6-12B27DF2E6E3}) (Version: 4.3.20 - Oracle Corporation)
PagePlusX7ContentDeclaration (x32 Version: 1.0.0.0 - Serif (Europe) Ltd) Hidden
Penguinator Connect (HKLM-x32\...\{395BBB78-0644-45D3-A0FB-E925E82BFAB8}) (Version: 1.0.0 - Antification)
Phase 5 HTML-Editor (HKLM-x32\...\{20B1B020-DEAE-48D1-9960-D4C3185D758B}) (Version: 5.6.2.3 - Systemberatung Schommer)
Photo to Sketch Converter 2.0 (HKLM-x32\...\Photo to Sketch Converter_is1) (Version: 2.0 - SoftOrbits)
Pop-up Excel Calendar 2.12 (HKLM-x32\...\Pop-up Excel Calendar_is1) (Version: 2.12 - OFFICE-KIT.COM, Uniform Software Ltd)
PowerLine Utility (HKLM-x32\...\{5D1E5ED5-E436-4A0D-8812-953FFBDFF3B3}) (Version: 1.2.709 - TP-LINK)
QuickTime 7 (HKLM-x32\...\{FF59BD75-466A-4D5A-AD23-AAD87C5FD44C}) (Version: 7.79.80.95 - Apple Inc.)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.10586.31222 - Realtek Semiconduct Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.44.421.2011 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6564 - Realtek Semiconductor Corp.)
RoboForm 7-9-9-1 (All Users) (HKLM-x32\...\AI RoboForm) (Version: 7-9-9-1 - Siber Systems)
Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.59.0 - Samsung Electronics Co., Ltd.)
SHIELD Streaming (Version: 7.1.0280 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.11.3.5 - NVIDIA Corporation) Hidden
Smart Switch (HKLM-x32\...\InstallShield_{74FA5314-85C8-4E2A-907D-D9ECCCB770A7}) (Version: 4.1.16052.2 - Samsung Electronics Co., Ltd.)
Smart Switch (x32 Version: 4.1.16052.2 - Samsung Electronics Co., Ltd.) Hidden
Social Post Browser (HKLM-x32\...\Social Post Browser1.0.0.0) (Version: 1.0.0.0 - AppBreed Software of InnAnTech Industries Inc.)
SocialFormula (HKLM-x32\...\SocialFormula) (Version: 0.0.0 - UNKNOWN)
SocialFormula (x32 Version: 0.0.0 - UNKNOWN) Hidden
Softwarenetz Rechnung5 (HKLM-x32\...\Rechnung5) (Version:  - Softwarenetz)
Springly (HKLM-x32\...\Springly) (Version: 1.7 - JHS Marketing LLC)
Springly (x32 Version: 1.7 - JHS Marketing LLC) Hidden
Sublime Text Build 3103 (HKLM\...\Sublime Text 3_is1) (Version:  - Sublime HQ Pty Ltd)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.3.43.0 - Synaptics Incorporated)
SynciOS Data Transfer version 1.2.6 (HKLM-x32\...\{6C4BB520-3416-4D67-B7EA-A9FF6662345F}_is1) (Version: 1.2.6 - Anvsoft, Inc.)
Syncios Version 5.0.2 (HKLM-x32\...\{068A5D84-8419-4BDE-9689-FE65F412EFBB}_is1) (Version: 5.0.2 - Anvsoft, Inc.)
Target Generator (HKLM-x32\...\Target Generator1.0.0.3) (Version: 1.0.0.3 - AppBreed Software of InnAnTech Industries Inc.)
Tee Inspector (HKLM-x32\...\Tee Inspector1.0.1.3) (Version: 1.0.1.3 - AppBreed Software of InnAnTech Industries Inc.)
Text-To-Speech-Runtime (HKLM-x32\...\{7B3F0113-E63C-4D6D-AF19-111A3165CCA2}) (Version: 1.0.0.0 - Magix Development GmbH)
Title Analyzer (HKLM-x32\...\Title Analyzer1.0.0.4) (Version: 1.0.0.4 - AppBreed)
UmmyVideoDownloader (HKLM-x32\...\{E028DBDA-EEE7-48A0-ADF7-D250589A02C5}_is1) (Version: 1.5.0.0 - )
VideosAlchemey (HKLM-x32\...\VideosAlchemey) (Version: 0.0.0 - InspiredSoft LTD)
VideosAlchemey (x32 Version: 0.0.0 - InspiredSoft LTD) Hidden
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN)
Vulkan Run Time Libraries 1.0.11.1 (HKLM\...\VulkanRT1.0.11.1) (Version: 1.0.11.1 - LunarG, Inc.)
WinPcap 4.1.2 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2001 - CACE Technologies)
Xara Designer Pro X11 (HKLM\...\MX.{6FDCA3A7-DF35-4E18-AF77-A30FDF193897}) (Version: 11.2.3.40674 - Xara Group Ltd)
Xara Designer Pro X11 (Version: 11.2.3.40674 - Xara Group Ltd) Hidden
Yahoo Search Set (HKLM-x32\...\Yahoo! SearchSet) (Version:  - Yahoo Inc.)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-3206007939-3703904605-1476991908-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Gerhard\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3206007939-3703904605-1476991908-1001_Classes\CLSID\{00A3944A-BCF0-4796-9C15-D69606B6F3AB}\InprocServer32 -> C:\Program Files\Xara\Xara Designer Pro X10\Filters\DEU\HDPImport.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-3206007939-3703904605-1476991908-1001_Classes\CLSID\{045281D6-AFD2-4cd6-A93D-C07AD6FB20A2}\InprocServer32 -> C:\Program Files\Xara\Xara Designer Pro X10\Filters\DEU\SVGFilter.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-3206007939-3703904605-1476991908-1001_Classes\CLSID\{05E88098-3750-457A-AC42-1B019F9E3FE8}\InprocServer32 -> C:\Program Files\Xara\Xara Designer Pro X11\Filters\DEU\HDPImport.dll ()
CustomCLSID: HKU\S-1-5-21-3206007939-3703904605-1476991908-1001_Classes\CLSID\{0A352EAA-8FF3-404c-AFED-1F9AA02818DD}\InprocServer32 -> C:\Program Files\Xara\Xara Designer Pro X10\Filters\DEU\ODPImport.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-3206007939-3703904605-1476991908-1001_Classes\CLSID\{133547BE-D10F-4399-B1BA-D8CC983DA841}\InprocServer32 -> C:\Program Files\Xara\Xara Designer Pro X10\Filters\DEU\WSMFilter.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-3206007939-3703904605-1476991908-1001_Classes\CLSID\{1423F872-3F7F-4E57-B621-8B1A9D49B448}\InprocServer32 -> C:\Users\Gerhard\AppData\Local\Google\Update\1.3.27.5\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-3206007939-3703904605-1476991908-1001_Classes\CLSID\{171740BB-DE5D-4A3B-A5DD-43D171192819}\InprocServer32 -> C:\Program Files\Xara\Xara Designer Pro X11\Filters\DEU\RTFfilter.dll (Xara Group Ltd.)
CustomCLSID: HKU\S-1-5-21-3206007939-3703904605-1476991908-1001_Classes\CLSID\{1B00816B-14D7-4442-82B3-15CCF43C0254}\InprocServer32 -> C:\Program Files\Xara\Xara Designer Pro X10\Filters\DEU\RTFfilter.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-3206007939-3703904605-1476991908-1001_Classes\CLSID\{23F5AD84-9742-4A1F-BA77-B39828938730}\InprocServer32 -> C:\Program Files\Xara\Xara Designer Pro X11\Filters\DEU\PDFXFilter\PDFXFilter.dll (Xara)
CustomCLSID: HKU\S-1-5-21-3206007939-3703904605-1476991908-1001_Classes\CLSID\{2DD6B8AC-9015-4347-A47B-CEDCA2E4C2EA}\InprocServer32 -> C:\Program Files\Xara\Xara Designer Pro X11\Filters\DEU\XPSFilter.dll ()
CustomCLSID: HKU\S-1-5-21-3206007939-3703904605-1476991908-1001_Classes\CLSID\{3E2079FE-4DB5-4914-B9A0-FBBDA87890C0}\InprocServer32 -> C:\Program Files\Xara\Xara Designer Pro X11\Filters\DEU\ODPImport.dll ()
CustomCLSID: HKU\S-1-5-21-3206007939-3703904605-1476991908-1001_Classes\CLSID\{44B8B2C4-AFC2-44B3-8F05-02EC6E235862}\InprocServer32 -> C:\Program Files\Xara\Xara Designer Pro X11\Filters\DEU\PSDFilter.dll ()
CustomCLSID: HKU\S-1-5-21-3206007939-3703904605-1476991908-1001_Classes\CLSID\{4954639E-4AD5-4232-9FC6-753ED3E19DE1}\InprocServer32 -> C:\Program Files\Xara\Xara Designer Pro X11\Filters\DEU\PPImport.dll ()
CustomCLSID: HKU\S-1-5-21-3206007939-3703904605-1476991908-1001_Classes\CLSID\{55E4C8A1-601C-407f-9DF5-A2652A241AAE}\InprocServer32 -> C:\Program Files\Xara\Xara Designer Pro X10\Filters\DEU\EMFFilter.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-3206007939-3703904605-1476991908-1001_Classes\CLSID\{590C4387-5EBD-4D46-8A84-CD0BA2EF2856}\InprocServer32 -> C:\Users\Gerhard\AppData\Local\Google\Update\1.3.30.3\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3206007939-3703904605-1476991908-1001_Classes\CLSID\{5C8C2A98-6133-4EBA-BBCC-34D9EA01FC2E}\InprocServer32 -> C:\Users\Gerhard\AppData\Local\Google\Update\1.3.28.1\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-3206007939-3703904605-1476991908-1001_Classes\CLSID\{5C8E7C70-D9DC-4AB9-B748-4ED125D0CD74}\InprocServer32 -> C:\Program Files\Xara\Xara Designer Pro X11\Filters\DEU\WSMFilter.dll ()
CustomCLSID: HKU\S-1-5-21-3206007939-3703904605-1476991908-1001_Classes\CLSID\{6363B1AE-9DCC-24C0-1CB3-37B93064DF47}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-3206007939-3703904605-1476991908-1001_Classes\CLSID\{65545209-E245-4026-94AE-DEABE04DA1BF}\localserver32 -> C:\Program Files\Xara\Xara Designer Pro X11\DesignerPro.exe (Xara Group Ltd.)
CustomCLSID: HKU\S-1-5-21-3206007939-3703904605-1476991908-1001_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\Gerhard\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\FileCoAuth.exe (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3206007939-3703904605-1476991908-1001_Classes\CLSID\{78550997-5DEF-4A8A-BAF9-D5774E87AC98}\InprocServer32 -> C:\Users\Gerhard\AppData\Local\Google\Update\1.3.28.13\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-3206007939-3703904605-1476991908-1001_Classes\CLSID\{793EE463-1304-471C-ADF1-68C2FFB01247}\InprocServer32 -> C:\Users\Gerhard\AppData\Local\Google\Update\1.3.29.5\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-3206007939-3703904605-1476991908-1001_Classes\CLSID\{7DCC32F2-DAEF-4CDE-A81A-F45DAA3EB0B0}\InprocServer32 -> C:\Program Files\Xara\Xara Designer Pro X10\Filters\DEU\HTMLfilter.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-3206007939-3703904605-1476991908-1001_Classes\CLSID\{7F75D6E7-EE09-46d8-A83E-040926610774}\InprocServer32 -> C:\Program Files\Xara\Xara Designer Pro X10\Filters\DEU\DocImport\DocImport.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-3206007939-3703904605-1476991908-1001_Classes\CLSID\{84B5A313-CD5D-4904-8BA2-AFDC81C1B309}\InprocServer32 -> C:\Users\Gerhard\AppData\Local\Citrix\GoToMeeting\5102\G2MOutlookAddin64.dll (Citrix Online, a division of Citrix Systems, Inc.)
CustomCLSID: HKU\S-1-5-21-3206007939-3703904605-1476991908-1001_Classes\CLSID\{91C4D714-252D-4660-90AF-F999F8D3EA76}\InprocServer32 -> C:\Program Files\Xara\Xara Designer Pro X10\Filters\DEU\PSDFilter.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-3206007939-3703904605-1476991908-1001_Classes\CLSID\{96379E3B-23DA-4F75-A23A-DBCF805CC406}\InprocServer32 -> C:\Program Files\Xara\Xara Designer Pro X11\Filters\DEU\DocImport\DocImport.dll ()
CustomCLSID: HKU\S-1-5-21-3206007939-3703904605-1476991908-1001_Classes\CLSID\{ACFF41B0-7315-4c16-A459-E7A5880EA0E5}\InprocServer32 -> C:\Program Files\Xara\Xara Designer Pro X10\Filters\DEU\XPSFilter.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-3206007939-3703904605-1476991908-1001_Classes\CLSID\{B189AF08-C20E-44e6-A12E-3790640BBCD0}\InprocServer32 -> C:\Program Files\Xara\Xara Designer Pro X10\Filters\DEU\RAWImport\RAWImport.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-3206007939-3703904605-1476991908-1001_Classes\CLSID\{B27868B8-49B9-450c-BC04-907704465D79}\InprocServer32 -> C:\Program Files\Xara\Xara Designer Pro X10\Filters\DEU\PDFXFilter\PDFXFilter.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-3206007939-3703904605-1476991908-1001_Classes\CLSID\{B3D4021A-E5F5-4ba6-ABAB-B6B6445A5549}\InprocServer32 -> C:\Program Files\Xara\Xara Designer Pro X10\Filters\DEU\TIFFImport.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-3206007939-3703904605-1476991908-1001_Classes\CLSID\{BD1631EA-6D82-4407-9B96-5B40DA7BCCC1}\InprocServer32 -> C:\Program Files\Xara\Xara Designer Pro X10\Filters\DEU\PDFImport\PDFImport.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-3206007939-3703904605-1476991908-1001_Classes\CLSID\{C0908775-F5BD-4caf-B8BE-7138F7EBAAEE}\InprocServer32 -> C:\Program Files\Xara\Xara Designer Pro X10\Filters\DEU\PPImport.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-3206007939-3703904605-1476991908-1001_Classes\CLSID\{C2A30267-3451-441F-93AD-8C8399CB426B}\InprocServer32 -> C:\Program Files\Xara\Xara Designer Pro X11\Filters\DEU\HTMLfilter.dll (Xara Group Ltd.)
CustomCLSID: HKU\S-1-5-21-3206007939-3703904605-1476991908-1001_Classes\CLSID\{C3BC25C0-FCD3-4F01-AFDD-41373F017C9A}\InprocServer32 -> C:\Users\Gerhard\AppData\Local\Google\Update\1.3.26.9\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-3206007939-3703904605-1476991908-1001_Classes\CLSID\{CB58FF31-2539-11D0-BDEE-0020AFE14B84}\localserver32 -> C:\Program Files\Xara\Xara Designer Pro X11\DesignerPro.exe (Xara Group Ltd.)
CustomCLSID: HKU\S-1-5-21-3206007939-3703904605-1476991908-1001_Classes\CLSID\{CB58FF32-2539-11D0-BDEE-0020AFE14B84}\localserver32 -> C:\Program Files\Xara\Xara Designer Pro X11\DesignerPro.exe (Xara Group Ltd.)
CustomCLSID: HKU\S-1-5-21-3206007939-3703904605-1476991908-1001_Classes\CLSID\{CC182BE1-84CE-4A57-B85C-FD4BBDF78CB2}\InprocServer32 -> C:\Users\Gerhard\AppData\Local\Google\Update\1.3.29.1\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-3206007939-3703904605-1476991908-1001_Classes\CLSID\{CCC4FDE7-EE88-454F-9B6E-60FD6B562289}\InprocServer32 -> C:\Program Files\Xara\Xara Designer Pro X11\Filters\DEU\RAWImport\RAWImport.dll ()
CustomCLSID: HKU\S-1-5-21-3206007939-3703904605-1476991908-1001_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}\InprocServer32 -> C:\Users\Gerhard\AppData\Local\Google\Update\1.3.25.11\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-3206007939-3703904605-1476991908-1001_Classes\CLSID\{D1EDC4F5-7F4D-4B12-906A-614ECF66DDAF}\InprocServer32 -> C:\Users\Gerhard\AppData\Local\Google\Update\1.3.28.15\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-3206007939-3703904605-1476991908-1001_Classes\CLSID\{E44A4F31-0C8B-42C2-A2A4-E743A0395B5F}\InprocServer32 -> C:\Program Files\Xara\Xara Designer Pro X11\Filters\DEU\PDFImport\PDFImport.dll ()
CustomCLSID: HKU\S-1-5-21-3206007939-3703904605-1476991908-1001_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Gerhard\AppData\Local\Google\Update\1.3.30.3\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3206007939-3703904605-1476991908-1001_Classes\CLSID\{E99245A1-DE06-4770-8208-B0494C933C65}\InprocServer32 -> C:\Program Files\Xara\Xara Designer Pro X11\Filters\DEU\SVGFilter.dll ()
CustomCLSID: HKU\S-1-5-21-3206007939-3703904605-1476991908-1001_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Gerhard\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3206007939-3703904605-1476991908-1001_Classes\CLSID\{EDC4A498-53B4-496C-A750-3AABCD48A6A3}\InprocServer32 -> C:\Program Files\Xara\Xara Designer Pro X11\Filters\DEU\EMFFilter.dll ()
CustomCLSID: HKU\S-1-5-21-3206007939-3703904605-1476991908-1001_Classes\CLSID\{FABA52C3-2D0F-4070-8086-57522F3A9D82}\InprocServer32 -> C:\Program Files\Xara\Xara Designer Pro X11\Filters\DEU\TIFFImport.dll ()
CustomCLSID: HKU\S-1-5-21-3206007939-3703904605-1476991908-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Gerhard\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3206007939-3703904605-1476991908-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Gerhard\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3206007939-3703904605-1476991908-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Gerhard\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3206007939-3703904605-1476991908-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Gerhard\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3206007939-3703904605-1476991908-1001_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Gerhard\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3206007939-3703904605-1476991908-1001_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Gerhard\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3206007939-3703904605-1476991908-1001_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Gerhard\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3206007939-3703904605-1476991908-1001_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Gerhard\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3206007939-3703904605-1476991908-1001_Classes\CLSID\{FBC9D74C-AF55-4309-9FB2-C426E071637F}\InprocServer32 -> C:\Users\Gerhard\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.)

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => 
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-3206007939-3703904605-1476991908-1001Core.job => C:\Users\Gerhard\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-3206007939-3703904605-1476991908-1001UA.job => C:\Users\Gerhard\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\G2MUpdateTask-S-1-5-21-3206007939-3703904605-1476991908-1001.job => C:\Users\Gerhard\AppData\Local\Citrix\GoToMeeting\5102\g2mupdate.exe
Task: C:\WINDOWS\Tasks\G2MUploadTask-S-1-5-21-3206007939-3703904605-1476991908-1001.job => C:\Users\Gerhard\AppData\Local\Citrix\GoToMeeting\5102\g2mupload.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job =>  <==== ACHTUNG
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job =>  <==== ACHTUNG
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3206007939-3703904605-1476991908-1001Core.job => C:\Users\Gerhard\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3206007939-3703904605-1476991908-1001UA.job => C:\Users\Gerhard\AppData\Local\Google\Update\GoogleUpdate.exe

==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2016-06-01 08:34 - 2016-03-29 12:20 - 02656952 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2016-06-01 08:34 - 2016-03-29 12:20 - 02656952 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2015-11-28 19:13 - 2015-11-14 05:23 - 00553120 ____N () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll
2016-04-22 15:15 - 2016-04-22 15:15 - 00052912 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext_64.dll
2016-06-01 08:32 - 2015-12-07 06:14 - 00093696 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\Windows.UI.Shell.SharedUtilities.dll
2016-06-01 08:33 - 2016-04-23 06:25 - 00472064 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2016-06-15 09:05 - 2016-05-28 05:59 - 07992832 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2016-06-15 09:05 - 2016-05-28 05:53 - 00591360 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-06-15 09:05 - 2016-05-28 05:54 - 02483200 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2016-06-15 09:05 - 2016-05-28 05:56 - 04089856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2015-07-15 22:21 - 2015-07-15 22:21 - 00023872 _____ () C:\Program Files\Common Files\Acronis\BackupAndRecovery\Common\core_workers_shared_context.dll
2016-04-22 01:07 - 2016-04-22 01:07 - 00092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2016-04-22 01:07 - 2016-04-22 01:07 - 01337144 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2016-01-20 01:22 - 2013-09-03 14:29 - 00101328 _____ () C:\Program Files\Bitdefender\Bitdefender 2016\bdmetrics.dll
2016-01-25 10:09 - 2015-12-21 12:16 - 00269824 _____ () C:\Program Files (x86)\Syncios\SynciosDeviceService.exe
2015-11-28 19:12 - 2015-11-14 05:22 - 31401120 ____N () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)

AlternateDataStreams: C:\Users\Admin\Downloads\setup_syncios.exe:BDU [0]
AlternateDataStreams: C:\Users\Gerhard\Downloads\HMA-Pro-VPN-2.8.24.0-installer.exe:BDU [0]

==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)


==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)

IE restricted site: HKU\S-1-5-21-3206007939-3703904605-1476991908-1001\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-21-3206007939-3703904605-1476991908-1001\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-3206007939-3703904605-1476991908-1001\...\008k.com -> www.008k.com
IE restricted site: HKU\S-1-5-21-3206007939-3703904605-1476991908-1001\...\00hq.com -> www.00hq.com
IE restricted site: HKU\S-1-5-21-3206007939-3703904605-1476991908-1001\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-21-3206007939-3703904605-1476991908-1001\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-3206007939-3703904605-1476991908-1001\...\0scan.com -> www.0scan.com
IE restricted site: HKU\S-1-5-21-3206007939-3703904605-1476991908-1001\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\S-1-5-21-3206007939-3703904605-1476991908-1001\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-3206007939-3703904605-1476991908-1001\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\S-1-5-21-3206007939-3703904605-1476991908-1001\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\S-1-5-21-3206007939-3703904605-1476991908-1001\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\S-1-5-21-3206007939-3703904605-1476991908-1001\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\S-1-5-21-3206007939-3703904605-1476991908-1001\...\10sek.com -> www.10sek.com
IE restricted site: HKU\S-1-5-21-3206007939-3703904605-1476991908-1001\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\S-1-5-21-3206007939-3703904605-1476991908-1001\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\S-1-5-21-3206007939-3703904605-1476991908-1001\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\S-1-5-21-3206007939-3703904605-1476991908-1001\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\S-1-5-21-3206007939-3703904605-1476991908-1001\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\S-1-5-21-3206007939-3703904605-1476991908-1001\...\123simsen.com -> www.123simsen.com

Da befinden sich 7849 mehr Seiten.


==================== Hosts Inhalt: ==========================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2009-07-14 04:34 - 2016-07-01 16:21 - 00000989 ____A C:\WINDOWS\system32\Drivers\etc\hosts

127.0.0.1       www.softwarenetz.de
127.0.0.1 activation.cloud.techsmith.com
127.0.0.1 support.apowersoft.com
127.0.0.1 apowersoft.com
127.0.0.1 apowersoft.com

==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-3206007939-3703904605-1476991908-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Windows\img0.jpg
DNS Servers: 217.16.112.21 - 112.15.112.22
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

MSCONFIG\Services: MpsSvc => 2
MSCONFIG\startupreg: Acrobat Assistant 8.0 => 
MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
MSCONFIG\startupreg: iTunesHelper => 
MSCONFIG\startupreg: Wondershare Helper Compact.exe => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
HKU\S-1-5-21-3206007939-3703904605-1476991908-1001\...\StartupApproved\Run: => "AudialsNotifier"
HKU\S-1-5-21-3206007939-3703904605-1476991908-1001\...\StartupApproved\Run: => "SpybotPostWindows10UpgradeReInstall"
HKU\S-1-5-21-3206007939-3703904605-1476991908-1001\...\StartupApproved\Run: => "Mailbird"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [MSMQ-In-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-In-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [WCF-NetTcpActivator-In-TCP-64bit] => (Allow) LPort=808
FirewallRules: [{DF0961B8-5FFB-4D8C-835E-F20DB52AB2C1}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe
FirewallRules: [{344FE62C-F5C3-4B1D-A080-646EF62D4961}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{EC2346D7-7D91-48BB-B8D9-2BE23D5C5C27}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{4373B100-02EB-40FB-A42B-582C9828E782}] => (Allow) C:\Program Files\BackupClient\BackupAndRecovery\mms.exe
FirewallRules: [{FD87C8A6-E919-44E4-BDED-2B0BCF7BE7C9}] => (Allow) C:\Program Files\BackupClient\BackupAndRecovery\mms.exe
FirewallRules: [{6DE1297D-7458-40AB-B5D1-94BD6D5C21EC}] => (Allow) C:\Program Files\BackupClient\BackupAndRecovery\mms.exe
FirewallRules: [{F157F8F4-7763-4649-9D77-802D14B03553}] => (Allow) C:\Program Files\BackupClient\BackupAndRecovery\mms.exe
FirewallRules: [{98CBFA30-3BE5-482D-9D40-395AA38557A2}] => (Allow) C:\Program Files\BackupClient\BackupAndRecovery\mms.exe
FirewallRules: [{C54713A1-7F5A-47BE-B88F-56DBEB0BB8FD}] => (Allow) C:\Program Files\BackupClient\BackupAndRecovery\mms.exe
FirewallRules: [{C219B68D-107D-4ED6-A8F4-62078C9FA3E7}] => (Allow) C:\Program Files (x86)\Common Files\Acronis\Agent\agent.exe
FirewallRules: [{89EF4EAF-AD22-472B-B596-8FB3A09DA617}] => (Allow) C:\Program Files (x86)\Common Files\Acronis\Agent\agent.exe
FirewallRules: [{2906CA5B-2EB8-45C6-8FB5-78E73F1E78F2}] => (Allow) C:\Program Files (x86)\Common Files\Acronis\Agent\agent.exe
FirewallRules: [{AAFFDD27-18DD-4C62-BF40-B6375A5A0E87}] => (Allow) C:\Program Files (x86)\Common Files\Acronis\Agent\agent.exe
FirewallRules: [{6B920B10-4172-4CD7-8C5B-1B19B5728707}] => (Allow) C:\Program Files (x86)\Common Files\Acronis\Agent\agent.exe
FirewallRules: [{3917D885-7A3D-4250-9F22-6F79AE07311F}] => (Allow) C:\Program Files (x86)\Common Files\Acronis\Agent\agent.exe
FirewallRules: [{7C33CAB8-81EA-4FF7-93D5-FFCF6A7DECF1}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{F5799F4D-8C3A-4886-8037-4B7C4A96047E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{993254D7-D46E-4F0C-90DC-5553B1C4D7CB}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{F5327A53-6AE4-4444-B641-E28871D00E35}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{75616997-624E-453D-88C1-9DB4C2DEF35E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{AB873D58-FC63-4C82-BB8A-71E1A351D3FF}] => (Allow) C:\Users\Gerhard\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{CD7B6402-9108-41E1-B1F7-CD3E4B6D37F3}] => (Allow) C:\Users\Gerhard\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{F34D2806-7817-4FA7-942E-CD97F97D78D3}] => (Allow) C:\Users\Gerhard\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{30E17762-A5DD-4D7C-A9DF-A7ED68A37F56}] => (Allow) C:\Users\Gerhard\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{9FC98E83-922A-4CED-88DD-534B9669CC07}] => (Allow) LPort=31931
FirewallRules: [{270E5188-42D0-4796-9DDE-DC99A8FAB9D8}] => (Allow) LPort=14714
FirewallRules: [{0DFDE7C3-EF83-4750-BC6B-C8236871A478}] => (Allow) LPort=12972
FirewallRules: [{8B8570CF-B9A2-4912-91C7-96EA544AB508}] => (Allow) C:\Program Files (x86)\Audials\Audials 12\Audials.exe
FirewallRules: [{10D1FFDD-5D80-4C9B-88A8-755F66733D56}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{891E2C80-7443-45FF-A22E-C5A9EED44116}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{F44FA888-5BE1-40BF-BDEE-D5CD48065F62}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{E86A1B46-7192-466E-8E8B-26D48EB5B786}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{6F04EB14-97A7-48A4-B759-902C493B4001}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{501D221F-1194-4D82-844C-C5C9C732E926}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Wiederherstellungspunkte =========================

ACHTUNG: Systemwiederherstellung ist deaktiviert
Überprüfen Sie den "winmgmt" Dienst oder reparieren Sie den WMI.


==================== Fehlerhafte Geräte im Gerätemanager =============


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (07/01/2016 02:19:19 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: a2service.exe, Version: 11.9.0.6513, Zeitstempel: 0x5772c632
Name des fehlerhaften Moduls: ntdll.dll, Version: 10.0.10586.306, Zeitstempel: 0x571af2eb
Ausnahmecode: 0xc0000374
Fehleroffset: 0x00000000000ee6fc
ID des fehlerhaften Prozesses: 0x21b8
Startzeit der fehlerhaften Anwendung: 0xa2service.exe0
Pfad der fehlerhaften Anwendung: a2service.exe1
Pfad des fehlerhaften Moduls: a2service.exe2
Berichtskennung: a2service.exe3
Vollständiger Name des fehlerhaften Pakets: a2service.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: a2service.exe5

Error: (07/01/2016 02:17:17 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: a2service.exe, Version: 11.9.0.6513, Zeitstempel: 0x5772c632
Name des fehlerhaften Moduls: ntdll.dll, Version: 10.0.10586.306, Zeitstempel: 0x571af2eb
Ausnahmecode: 0xc0000374
Fehleroffset: 0x00000000000ee6fc
ID des fehlerhaften Prozesses: 0x39c0
Startzeit der fehlerhaften Anwendung: 0xa2service.exe0
Pfad der fehlerhaften Anwendung: a2service.exe1
Pfad des fehlerhaften Moduls: a2service.exe2
Berichtskennung: a2service.exe3
Vollständiger Name des fehlerhaften Pakets: a2service.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: a2service.exe5

Error: (07/01/2016 02:16:05 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: a2service.exe, Version: 11.9.0.6513, Zeitstempel: 0x5772c632
Name des fehlerhaften Moduls: ntdll.dll, Version: 10.0.10586.306, Zeitstempel: 0x571af2eb
Ausnahmecode: 0xc0000374
Fehleroffset: 0x00000000000ee6fc
ID des fehlerhaften Prozesses: 0x880
Startzeit der fehlerhaften Anwendung: 0xa2service.exe0
Pfad der fehlerhaften Anwendung: a2service.exe1
Pfad des fehlerhaften Moduls: a2service.exe2
Berichtskennung: a2service.exe3
Vollständiger Name des fehlerhaften Pakets: a2service.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: a2service.exe5

Error: (07/01/2016 02:15:17 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: a2service.exe, Version: 11.9.0.6513, Zeitstempel: 0x5772c632
Name des fehlerhaften Moduls: ntdll.dll, Version: 10.0.10586.306, Zeitstempel: 0x571af2eb
Ausnahmecode: 0xc0000374
Fehleroffset: 0x00000000000ee6fc
ID des fehlerhaften Prozesses: 0x3f48
Startzeit der fehlerhaften Anwendung: 0xa2service.exe0
Pfad der fehlerhaften Anwendung: a2service.exe1
Pfad des fehlerhaften Moduls: a2service.exe2
Berichtskennung: a2service.exe3
Vollständiger Name des fehlerhaften Pakets: a2service.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: a2service.exe5

Error: (07/01/2016 02:13:16 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: a2service.exe, Version: 11.9.0.6513, Zeitstempel: 0x5772c632
Name des fehlerhaften Moduls: ntdll.dll, Version: 10.0.10586.306, Zeitstempel: 0x571af2eb
Ausnahmecode: 0xc0000374
Fehleroffset: 0x00000000000ee6fc
ID des fehlerhaften Prozesses: 0x36a8
Startzeit der fehlerhaften Anwendung: 0xa2service.exe0
Pfad der fehlerhaften Anwendung: a2service.exe1
Pfad des fehlerhaften Moduls: a2service.exe2
Berichtskennung: a2service.exe3
Vollständiger Name des fehlerhaften Pakets: a2service.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: a2service.exe5

Error: (07/01/2016 02:11:16 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: a2service.exe, Version: 11.9.0.6513, Zeitstempel: 0x5772c632
Name des fehlerhaften Moduls: ntdll.dll, Version: 10.0.10586.306, Zeitstempel: 0x571af2eb
Ausnahmecode: 0xc0000374
Fehleroffset: 0x00000000000ee6fc
ID des fehlerhaften Prozesses: 0x534
Startzeit der fehlerhaften Anwendung: 0xa2service.exe0
Pfad der fehlerhaften Anwendung: a2service.exe1
Pfad des fehlerhaften Moduls: a2service.exe2
Berichtskennung: a2service.exe3
Vollständiger Name des fehlerhaften Pakets: a2service.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: a2service.exe5

Error: (07/01/2016 02:09:17 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: a2service.exe, Version: 11.9.0.6513, Zeitstempel: 0x5772c632
Name des fehlerhaften Moduls: ntdll.dll, Version: 10.0.10586.306, Zeitstempel: 0x571af2eb
Ausnahmecode: 0xc0000374
Fehleroffset: 0x00000000000ee6fc
ID des fehlerhaften Prozesses: 0x3ad4
Startzeit der fehlerhaften Anwendung: 0xa2service.exe0
Pfad der fehlerhaften Anwendung: a2service.exe1
Pfad des fehlerhaften Moduls: a2service.exe2
Berichtskennung: a2service.exe3
Vollständiger Name des fehlerhaften Pakets: a2service.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: a2service.exe5

Error: (07/01/2016 02:07:11 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: a2service.exe, Version: 11.9.0.6513, Zeitstempel: 0x5772c632
Name des fehlerhaften Moduls: ntdll.dll, Version: 10.0.10586.306, Zeitstempel: 0x571af2eb
Ausnahmecode: 0xc0000374
Fehleroffset: 0x00000000000ee6fc
ID des fehlerhaften Prozesses: 0x3068
Startzeit der fehlerhaften Anwendung: 0xa2service.exe0
Pfad der fehlerhaften Anwendung: a2service.exe1
Pfad des fehlerhaften Moduls: a2service.exe2
Berichtskennung: a2service.exe3
Vollständiger Name des fehlerhaften Pakets: a2service.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: a2service.exe5

Error: (07/01/2016 02:05:17 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: a2service.exe, Version: 11.9.0.6513, Zeitstempel: 0x5772c632
Name des fehlerhaften Moduls: ntdll.dll, Version: 10.0.10586.306, Zeitstempel: 0x571af2eb
Ausnahmecode: 0xc0000374
Fehleroffset: 0x00000000000ee6fc
ID des fehlerhaften Prozesses: 0x3f50
Startzeit der fehlerhaften Anwendung: 0xa2service.exe0
Pfad der fehlerhaften Anwendung: a2service.exe1
Pfad des fehlerhaften Moduls: a2service.exe2
Berichtskennung: a2service.exe3
Vollständiger Name des fehlerhaften Pakets: a2service.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: a2service.exe5

Error: (07/01/2016 02:05:05 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: a2service.exe, Version: 11.9.0.6513, Zeitstempel: 0x5772c632
Name des fehlerhaften Moduls: ntdll.dll, Version: 10.0.10586.306, Zeitstempel: 0x571af2eb
Ausnahmecode: 0xc0000374
Fehleroffset: 0x00000000000ee6fc
ID des fehlerhaften Prozesses: 0x3914
Startzeit der fehlerhaften Anwendung: 0xa2service.exe0
Pfad der fehlerhaften Anwendung: a2service.exe1
Pfad des fehlerhaften Moduls: a2service.exe2
Berichtskennung: a2service.exe3
Vollständiger Name des fehlerhaften Pakets: a2service.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: a2service.exe5


Systemfehler:
=============
Error: (07/01/2016 04:59:36 PM) (Source: DCOM) (EventID: 10016) (User: Admin-PC)
Description: AnwendungsspezifischLokalAktivierung{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}Admin-PCGerhardS-1-5-21-3206007939-3703904605-1476991908-1001LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (07/01/2016 04:40:00 PM) (Source: DCOM) (EventID: 10016) (User: Admin-PC)
Description: AnwendungsspezifischLokalAktivierung{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}Admin-PCAdminS-1-5-21-3206007939-3703904605-1476991908-1000LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (07/01/2016 04:34:40 PM) (Source: DCOM) (EventID: 10016) (User: Admin-PC)
Description: AnwendungsspezifischLokalAktivierung{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}Admin-PCAdminS-1-5-21-3206007939-3703904605-1476991908-1000LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (07/01/2016 04:34:30 PM) (Source: DCOM) (EventID: 10016) (User: Admin-PC)
Description: AnwendungsspezifischLokalAktivierung{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}Admin-PCAdminS-1-5-21-3206007939-3703904605-1476991908-1000LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (07/01/2016 04:32:50 PM) (Source: DCOM) (EventID: 10016) (User: Admin-PC)
Description: ComputerstandardLokalAktivierung{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}Admin-PCGerhardS-1-5-21-3206007939-3703904605-1476991908-1001LocalHost (unter Verwendung von LRPC)Microsoft.Windows.Cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewyS-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742

Error: (07/01/2016 04:32:50 PM) (Source: DCOM) (EventID: 10016) (User: Admin-PC)
Description: ComputerstandardLokalAktivierung{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}Admin-PCGerhardS-1-5-21-3206007939-3703904605-1476991908-1001LocalHost (unter Verwendung von LRPC)Microsoft.Windows.Cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewyS-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742

Error: (07/01/2016 04:32:50 PM) (Source: DCOM) (EventID: 10016) (User: Admin-PC)
Description: ComputerstandardLokalAktivierung{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}Admin-PCGerhardS-1-5-21-3206007939-3703904605-1476991908-1001LocalHost (unter Verwendung von LRPC)Microsoft.Windows.Cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewyS-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742

Error: (07/01/2016 04:32:50 PM) (Source: DCOM) (EventID: 10016) (User: Admin-PC)
Description: ComputerstandardLokalAktivierung{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}Admin-PCGerhardS-1-5-21-3206007939-3703904605-1476991908-1001LocalHost (unter Verwendung von LRPC)Microsoft.Windows.Cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewyS-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742

Error: (07/01/2016 04:32:50 PM) (Source: DCOM) (EventID: 10016) (User: Admin-PC)
Description: ComputerstandardLokalAktivierung{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}Admin-PCGerhardS-1-5-21-3206007939-3703904605-1476991908-1001LocalHost (unter Verwendung von LRPC)Microsoft.Windows.Cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewyS-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742

Error: (07/01/2016 04:32:50 PM) (Source: DCOM) (EventID: 10016) (User: Admin-PC)
Description: ComputerstandardLokalAktivierung{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}Admin-PCGerhardS-1-5-21-3206007939-3703904605-1476991908-1001LocalHost (unter Verwendung von LRPC)Microsoft.Windows.Cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewyS-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742


CodeIntegrity:
===================================
  Date: 2016-07-01 17:03:56.134
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Emsisoft Anti-Malware\a2hooks64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-07-01 16:51:10.542
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Emsisoft Anti-Malware\a2hooks64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-07-01 16:29:30.041
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Emsisoft Anti-Malware\a2hooks64.dll that did not meet the Windows signing level requirements.

  Date: 2016-07-01 16:25:24.427
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Emsisoft Anti-Malware\a2hooks64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-07-01 15:59:38.669
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Emsisoft Anti-Malware\a2hooks32.dll that did not meet the Microsoft signing level requirements.

  Date: 2016-07-01 15:59:37.814
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Emsisoft Anti-Malware\a2hooks32.dll that did not meet the Microsoft signing level requirements.

  Date: 2016-07-01 15:59:36.790
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Emsisoft Anti-Malware\a2hooks32.dll that did not meet the Microsoft signing level requirements.

  Date: 2016-07-01 15:59:36.574
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Emsisoft Anti-Malware\a2hooks32.dll that did not meet the Microsoft signing level requirements.

  Date: 2016-07-01 15:59:36.296
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Emsisoft Anti-Malware\a2hooks32.dll that did not meet the Microsoft signing level requirements.

  Date: 2016-07-01 15:59:36.001
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Emsisoft Anti-Malware\a2hooks32.dll that did not meet the Microsoft signing level requirements.


==================== Speicherinformationen =========================== 

Prozessor: Intel(R) Core(TM) i5-2430M CPU @ 2.40GHz
Prozentuale Nutzung des RAM: 63%
Installierter physikalischer RAM: 8169.16 MB
Verfügbarer physikalischer RAM: 2952.62 MB
Summe virtueller Speicher: 9137.16 MB
Verfügbarer virtueller Speicher: 2938.7 MB

==================== Laufwerke ================================

Drive c: () (Fixed) (Total:129.28 GB) (Free:32.7 GB) NTFS ==>[System mit Startkomponenten (eingeholt von Laufwerk)]
Drive d: () (Fixed) (Total:349.3 GB) (Free:92.76 GB) NTFS
Drive e: () (Fixed) (Total:349.33 GB) (Free:34.26 GB) NTFS

==================== MBR & Partitionstabelle ==================

==================== Ende von Addition.txt ============================
         
Emsisoft

Emsisoft Anti-Malware - Version 11.9.0.6513
Letztes Update: 01.07.2016 17:22:15
Benutzerkonto: Admin-PC\Gerhard
Computer name: ADMIN-PC
OS version: Windows 10x64

Scaneinstellungen:

Scantyp:
Objekte: Rootkits, Speicher, Traces, C:\, D:\, E:\

Erkenne PUPs: An
Archive scannen: An
ADS-Scan: An
Dateierweiterungen: Aus
Advanced Caching: An
Direct Disk Access: Aus

Scan Beginn: 01.07.2016 17:59:57

Gescannt 625783
Gefunden 0

Scan Ende: 01.07.2016 18:39:32
Scanzeit: 0:39:35
__________________

Alt 01.07.2016, 19:34   #4
deeprybka
/// TB-Ausbilder
/// Anleitungs-Guru
 
Banking Trojaner auf Smartphone, Online Konto gehackt, Login mit Laptop nicht möglich - Standard

Banking Trojaner auf Smartphone, Online Konto gehackt, Login mit Laptop nicht möglich





Mein Name ist Jürgen und ich werde Dir bei Deinem Problem behilflich sein. Zusammen schaffen wir das...
  • Bitte arbeite alle Schritte der Reihe nach ab.
  • Lies die Anleitungen sorgfältig durch bevor Du beginnst. Wenn es Probleme gibt oder Du etwas nicht verstehst, dann stoppe mit Deiner Ausführung und beschreibe mir das Problem.
  • Führe bitte nur Scans durch, zu denen Du von mir aufgefordert wurdest.
  • Bitte kein Crossposting (posten in mehreren Foren).
  • Installiere oder deinstalliere während der Bereinigung keine Software, außer Du wurdest dazu aufgefordert.
  • Speichere alle unsere Tools auf dem Desktop ab. Link: So ladet Ihr unsere Tools richtig
  • Poste die Logfiles direkt in Deinen Thread in Code-Tags.
  • Bedenke, dass wir hier alle während unserer Freizeit tätig sind, wenn du innerhalb von 24 Stunden nichts von mir liest, dann schreibe mir bitte eine PM.

Hinweis:
Ich kann Dir niemals eine Garantie geben, dass wir alle schädlichen Dateien finden werden.
Eine Formatierung ist meist der schnellere und immer der sicherste Weg, aber auch nur bei wirklicher Malware empfehlenswert.
Adware & Co. können wir sehr gut entfernen.
Solltest Du Dich für eine Bereinigung entscheiden, arbeite solange mit, bis Du mein clean bekommst.



Los geht's:

Ja, ich sehe was. Bitte wiederhole den Scan aber mit Admin-Rechten.

Schritt 1



Bitte starte FRST erneut, markiere auch die checkbox und drücke auf Untersuchen.
Bitte poste mir den Inhalt der beiden Logs die erstellt werden.
__________________
Gruß
deeprybka

Lob, Kritik, Wünsche?

Spende fürs trojaner-board?
_______________________________________________
„Neminem laede, immo omnes, quantum potes, iuva.“ Arthur Schopenhauer

Alt 01.07.2016, 21:11   #5
pinocchio
 
Banking Trojaner auf Smartphone, Online Konto gehackt, Login mit Laptop nicht möglich - Standard

Banking Trojaner auf Smartphone, Online Konto gehackt, Login mit Laptop nicht möglich



Hallo Jürgen,
zuerst recht herzlichen Dank dass du dich meines Problems annimmst. Großes Lob schon mal für die rasche Antwort.

Gerne sende ich dir die beiden Dateien nochmals, dieses mal mit Adminrechten. - Vielen Dank!

Hier die FRST.txt Teil 1
Code:
ATTFilter
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 29-06-2016
durchgeführt von Admin (Administrator) auf ADMIN-PC (01-07-2016 20:53:21)
Gestartet von D:\DOWNLOADS 2
Geladene Profile: Admin & Gerhard & Acronis Agent User (Verfügbare Profile: Admin & Gerhard & Acronis Agent User & DefaultAppPool)
Platform: Windows 10 Home Version 1511 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2016\vsserv.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvscpapisvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(Emsisoft Ltd) C:\Program Files (x86)\Emsisoft Anti-Malware\a2service.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\SynptSync64.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\Agent\agent.exe
(Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Ginger Software) C:\Program Files (x86)\Ginger\GingerUpdateService\GingerUpdateService.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2016\updatesrv.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
(Nalpeiron Ltd.) C:\Windows\SysWOW64\nlssrv32.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(DEVGURU Co., LTD.) C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
(Bitdefender) C:\Program Files\Bitdefender Agent\ProductAgentService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(Paramount Software UK Ltd) C:\Program Files\Macrium\Reflect\ReflectService.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe
(Acronis) C:\Program Files\BackupClient\BackupAndRecovery\mms.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Acronis) C:\Program Files\BackupClient\TrayMonitor\MmsMonitor.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe
(Emsisoft Ltd) C:\Program Files (x86)\Emsisoft Anti-Malware\a2guard.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2016\bdagent.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Logitech, Inc.) C:\Program Files\Logitech\LogiOptions\LogiOptions.exe
(Logitech, Inc.) C:\ProgramData\Logishrd\LogiOptions\Software\3.40.25\LogiOptionsMgr.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Ashampoo Development GmbH & Co. KG) C:\Program Files (x86)\Ashampoo\Ashampoo UnInstaller 6\UI6Guard.exe
(eM Client s.r.o.) C:\Program Files (x86)\eM Client\MailClient.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2016\bdwtxag.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2016\antispam32\bdwtxapps.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe
(Siber Systems) C:\Program Files (x86)\Siber Systems\AI RoboForm\robotaskbaricon.exe
(Apple, Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\secd.exe
(Ginger Software) C:\Program Files (x86)\Ginger\GingerClient.exe
(Ginger Software) C:\Program Files (x86)\Ginger\GingerServices\GingerServices.exe
(Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\acrotray.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe
() C:\Program Files (x86)\Syncios\SynciosDeviceService.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe
(CANON INC.) C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
() C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\CCXProcess.exe
(Joyent, Inc) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\libs\node.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe
(Emsisoft Ltd) C:\Program Files (x86)\Emsisoft Anti-Malware\a2start.exe
(MAGIX AG) C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe
(Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe
(Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
(Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2016\bdwtxcr.exe
(iterate GmbH) C:\Program Files (x86)\Cyberduck\Cyberduck.exe
(Siber Systems) C:\Program Files (x86)\Siber Systems\AI RoboForm\passwordgenerator.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
() C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe
(Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\SynptSync64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Acronis) C:\Program Files\BackupClient\TrayMonitor\MmsMonitor.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe
(Emsisoft Ltd) C:\Program Files (x86)\Emsisoft Anti-Malware\a2guard.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2016\bdagent.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Logitech, Inc.) C:\Program Files\Logitech\LogiOptions\LogiOptions.exe
(Logitech, Inc.) C:\ProgramData\Logishrd\LogiOptions\Software\3.40.25\LogiOptionsMgr.exe
(Ashampoo Development GmbH & Co. KG) C:\Program Files (x86)\Ashampoo\Ashampoo UnInstaller 6\UI6Guard.exe
(Siber Systems) C:\Program Files (x86)\Siber Systems\AI RoboForm\robotaskbaricon.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2016\bdwtxag.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Ashampoo GmbH & Co. KG) C:\Program Files (x86)\Ashampoo\Ashampoo Snap 9\ashsnap.exe
(Ginger Software) C:\Program Files (x86)\Ginger\GingerClient.exe
(Ginger Software) C:\Program Files (x86)\Ginger\GingerServices\GingerServices.exe
(Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\acrotray.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
() C:\Program Files (x86)\Syncios\SynciosDeviceService.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe
(CANON INC.) C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe
() C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\CCXProcess.exe
(Joyent, Inc) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\libs\node.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe
(Emsisoft Ltd) C:\Program Files (x86)\Emsisoft Anti-Malware\a2start.exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2869008 2012-01-26] (Synaptics Incorporated)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12446824 2012-01-31] (Realtek Semiconductor)
HKLM\...\Run: [SynAsusAcpi] => C:\Program Files\Synaptics\SynTP\SynAsusAcpi.exe [100112 2012-01-26] (Synaptics Incorporated)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2398776 2016-05-02] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => "C:\Windows\system32\rundll32.exe" C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [MmsMonitor.exe] => C:\Program Files\BackupClient\TrayMonitor\MmsMonitor.exe [1435816 2015-07-16] (Acronis)
HKLM\...\Run: [Acronis Scheduler2 Service] => C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe [373984 2015-04-30] (Acronis)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508128 2016-01-07] (Adobe Systems Incorporated)
HKLM\...\Run: [AthBtTray] => C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe [799904 2011-09-30] (Atheros Commnucations)
HKLM\...\Run: [emsisoft anti-malware] => c:\program files (x86)\emsisoft anti-malware\a2guard.exe [9511912 2016-06-28] (Emsisoft Ltd)
HKLM\...\Run: [Bdagent] => C:\Program Files\Bitdefender\Bitdefender 2016\bdagent.exe [1654160 2016-06-28] (Bitdefender)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [176952 2016-06-01] (Apple Inc.)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM\...\Run: [LogiOptions] => C:\Program Files\Logitech\LogiOptions\LogiOptions.exe [1553528 2015-11-14] (Logitech, Inc.)
HKLM\...\Run: [Ashampoo Uninstaller 6 Guard] => C:\Program Files (x86)\Ashampoo\Ashampoo UnInstaller 6\UI6Guard.exe [2377032 2016-01-20] (Ashampoo Development GmbH & Co. KG)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [emsisoft anti-malware] => c:\program files (x86)\emsisoft anti-malware\a2guard.exe [9511912 2016-06-28] (Emsisoft Ltd)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Acrotray.exe [1867448 2016-05-27] (Adobe Systems Inc.)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2304688 2015-11-25] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [ATKOSD2] => C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [406328 2013-09-09] (ASUSTek Computer Inc.)
HKLM-x32\...\Run: [ATKMEDIA] => C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe [205624 2013-05-30] (ASUSTek Computer Inc.)
HKLM-x32\...\Run: [HControlUser] => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe [105016 2009-06-19] (ASUS)
HKLM-x32\...\Run: [Syncios device service] => C:\Program Files (x86)\Syncios\SynciosDeviceService.exe [269824 2015-12-21] ()
HKLM-x32\...\Run: [IJNetworkScannerSelectorEX] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [452016 2011-01-15] (CANON INC.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [595992 2016-05-20] (Oracle Corporation)
HKU\S-1-5-21-3206007939-3703904605-1476991908-1000\...\Run: [RoboForm] => C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe [110376 2016-04-09] (Siber Systems)
HKU\S-1-5-21-3206007939-3703904605-1476991908-1000\...\Run: [Bitdefender-Geldb�rse-Agent] => C:\Program Files\Bitdefender\Bitdefender 2016\bdwtxag.exe [1450520 2016-06-28] (Bitdefender)
HKU\S-1-5-21-3206007939-3703904605-1476991908-1000\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [67384 2016-04-22] (Apple Inc.)
HKU\S-1-5-21-3206007939-3703904605-1476991908-1000\...\Run: [AshSnap] => C:\Program Files (x86)\Ashampoo\Ashampoo Snap 9\ashsnap.exe [7227696 2016-06-02] (Ashampoo GmbH & Co. KG)
HKU\S-1-5-21-3206007939-3703904605-1476991908-1000\...\Policies\Explorer: [NoDrives] 62914560
HKU\S-1-5-21-3206007939-3703904605-1476991908-1001\...\Run: [eM Client] => C:\Program Files (x86)\eM Client\MailClient.exe [15698792 2016-02-29] (eM Client s.r.o.)
HKU\S-1-5-21-3206007939-3703904605-1476991908-1001\...\Run: [Bitdefender-Geldb�rse-Agent] => C:\Program Files\Bitdefender\Bitdefender 2016\bdwtxag.exe [1450520 2016-06-28] (Bitdefender)
HKU\S-1-5-21-3206007939-3703904605-1476991908-1001\...\Run: [Google Update] => C:\Users\Gerhard\AppData\Local\Google\Update\GoogleUpdate.exe [144200 2015-08-28] (Google Inc.)
HKU\S-1-5-21-3206007939-3703904605-1476991908-1001\...\Run: [Adobe Acrobat Synchronizer] => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe [882872 2016-05-27] (Adobe Systems Incorporated)
HKU\S-1-5-21-3206007939-3703904605-1476991908-1001\...\Run: [SpybotPostWindows10UpgradeReInstall] => C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [1011200 2015-07-28] (Safer-Networking Ltd.)
HKU\S-1-5-21-3206007939-3703904605-1476991908-1001\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [67384 2016-04-22] (Apple Inc.)
HKU\S-1-5-21-3206007939-3703904605-1476991908-1001\...\Run: [iCloudDrive] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe [110392 2016-04-22] (Apple Inc.)
HKU\S-1-5-21-3206007939-3703904605-1476991908-1001\...\Run: [iCloudPhotos] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe [356664 2016-04-22] (Apple Inc.)
HKU\S-1-5-21-3206007939-3703904605-1476991908-1001\...\Run: [RoboForm] => C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe [110376 2016-04-09] (Siber Systems)
HKU\S-1-5-21-3206007939-3703904605-1476991908-1001\...\Run: [AudialsNotifier] => C:\Program Files (x86)\Audials\Audials 12\AudialsNotifier.exe [2411784 2015-03-17] ()
HKU\S-1-5-21-3206007939-3703904605-1476991908-1001\...\Run: [Mailbird] => "C:\Program Files (x86)\Mailbird\Mailbird.exe" startup
HKU\S-1-5-21-3206007939-3703904605-1476991908-1009\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [517632 2015-10-30] (Microsoft Corporation)
SSODL: EldosMountNotificator - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\Windows\system32\CbFsMntNtf3.dll (EldoS Corporation)
SSODL-x32: EldosMountNotificator - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\Windows\SysWOW64\CbFsMntNtf3.dll (EldoS Corporation)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2015-11-14] ()
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2015-11-14] ()
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2015-11-14] ()
ShellIconOverlayIdentifiers: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} =>  Keine Datei
ShellIconOverlayIdentifiers: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} =>  Keine Datei
ShellIconOverlayIdentifiers: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} =>  Keine Datei
ShellIconOverlayIdentifiers: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} =>  Keine Datei
ShellIconOverlayIdentifiers: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} =>  Keine Datei
ShellIconOverlayIdentifiers: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} =>  Keine Datei
ShellIconOverlayIdentifiers: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} =>  Keine Datei
ShellIconOverlayIdentifiers: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} =>  Keine Datei
ShellIconOverlayIdentifiers: [EldosIconOverlay] -> {5BB532A2-BF14-4CCC-86B7-71B81EF6F8BC} => C:\Windows\system32\CbFsMntNtf3.dll [2012-11-10] (EldoS Corporation)
ShellIconOverlayIdentifiers-x32: [EldosIconOverlay] -> {5BB532A2-BF14-4CCC-86B7-71B81EF6F8BC} => C:\Windows\SysWOW64\CbFsMntNtf3.dll [2012-11-10] (EldoS Corporation)
Startup: C:\Users\Acronis Agent User.Admin-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Uninstall LastPass RunOnce.lnk [2016-06-13]
ShortcutTarget: Uninstall LastPass RunOnce.lnk -> C:\Program Files (x86)\Common Files\lpuninstall.exe (LastPass)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\BdBkpFolder [2016-05-31] ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Ginger.lnk [2016-06-06]
ShortcutTarget: Ginger.lnk -> C:\Windows\Installer\{1EBF9A59-F4E3-4EA7-BA97-76703C1432F6}\GingerClientStartu_E7648186C0BE4AE6AF2E431C614DBB20.exe (Flexera Software LLC)
BootExecute: autocheck autochk * sdnclean64.exe
CHR HKLM\SOFTWARE\Policies\Google: Beschränkung <======= ACHTUNG

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

AutoConfigURL: [S-1-5-21-3206007939-3703904605-1476991908-1001] => hxxps://7msnnd4jf32qsz5a.onion.to/YFDfl9k5.js?ip=217.199.89.225
Hosts: Es ist mehr als ein Eintrag in der Hosts Datei zu finden. Siehe Hosts-Bereich in Addition.txt
Tcpip\Parameters: [DhcpNameServer] 217.16.112.21 112.15.112.22
Tcpip\..\Interfaces\{10e2e093-18ac-4782-864f-6b9511f18ac0}: [DhcpNameServer] 217.16.112.21 112.15.112.22
Tcpip\..\Interfaces\{30fbff49-9694-48d5-a1c3-9467b21817f9}: [DhcpNameServer] 172.20.10.1
Tcpip\..\Interfaces\{8a5b15c7-5e7a-4124-a0ac-58a687eb7161}: [NameServer] 217.16.112.21,217.16.112.22
Tcpip\..\Interfaces\{8f4d24e6-82ff-492b-affb-a3cc5b723df4}: [DhcpNameServer] 192.168.42.129
Tcpip\..\Interfaces\{afd2c3be-c16f-48e4-b66c-02199ce55eb3}: [DhcpNameServer] 192.168.42.129

Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Beschränkung <======= ACHTUNG
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKU\S-1-5-21-3206007939-3703904605-1476991908-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/p/?LinkId=619797&pc=UE01&ocid=UE01DHP
HKU\S-1-5-21-3206007939-3703904605-1476991908-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKLM -> {2E00D31D-D171-423D-836D-1A4D7EA7F1A9} URL = 
SearchScopes: HKU\S-1-5-21-3206007939-3703904605-1476991908-1000 -> {2E00D31D-D171-423D-836D-1A4D7EA7F1A9} URL = hxxp://www.findamo.com/search.html?&q={searchTerms}&cid=4151ch=2
SearchScopes: HKU\S-1-5-21-3206007939-3703904605-1476991908-1000 -> {E6DE1D50-B165-4AF9-817F-42708144CA6B} URL = hxxps://at.search.yahoo.com/search?p={searchTerms}&fr=yset_ie_syc_oracle&type=orcl_default
BHO: Bitdefender-Geldbörse -> {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} -> C:\Program Files\Bitdefender\Bitdefender 2016\pmbxie.dll [2016-06-28] (Bitdefender)
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2016-06-10] (Microsoft Corporation)
BHO: RoboForm Toolbar Helper -> {724d43a9-0d85-11d4-9908-00400523e39a} -> C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboForm-x64.dll [2016-04-09] (Siber Systems Inc.)
BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2015-09-30] (Adobe Systems Incorporated)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\URLREDIR.DLL [2016-06-10] (Microsoft Corporation)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2016-06-10] (Microsoft Corporation)
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2015-09-30] (Adobe Systems Incorporated)
BHO-x32: Bitdefender-Geldbörse -> {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} -> C:\Program Files\Bitdefender\Bitdefender 2016\Antispam32\pmbxie.dll [2016-06-28] (Bitdefender)
BHO-x32: RoboForm Toolbar Helper -> {724d43a9-0d85-11d4-9908-00400523e39a} -> C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll [2016-04-09] (Siber Systems Inc.)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\ssv.dll [2016-06-28] (Oracle Corporation)
BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2015-09-30] (Adobe Systems Incorporated)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\jp2ssv.dll [2016-06-28] (Oracle Corporation)
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2015-09-30] (Adobe Systems Incorporated)
Toolbar: HKLM - &RoboForm Toolbar - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboForm-x64.dll [2016-04-09] (Siber Systems Inc.)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2015-09-30] (Adobe Systems Incorporated)
Toolbar: HKLM - Bitdefender-Geldbörse - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender 2016\pmbxie.dll [2016-06-28] (Bitdefender)
Toolbar: HKLM-x32 - &RoboForm Toolbar - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll [2016-04-09] (Siber Systems Inc.)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2015-09-30] (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Bitdefender-Geldbörse - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender 2016\Antispam32\pmbxie.dll [2016-06-28] (Bitdefender)
Toolbar: HKU\S-1-5-21-3206007939-3703904605-1476991908-1000 -> &RoboForm Toolbar - {724D43A0-0D85-11D4-9908-00400523E39A} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboForm-x64.dll [2016-04-09] (Siber Systems Inc.)
Toolbar: HKU\S-1-5-21-3206007939-3703904605-1476991908-1001 -> &RoboForm Toolbar - {724D43A0-0D85-11D4-9908-00400523E39A} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboForm-x64.dll [2016-04-09] (Siber Systems Inc.)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-06-10] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-06-10] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-06-10] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-06-10] (Microsoft Corporation)
Handler: WSAllMyTubechrome - {0A0C95CF-A116-4C74 -  Keine Datei

FireFox:
========
FF ProfilePath: C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\hnslaumw.default-1464681390370
FF Homepage: hxxp://derstandard.at/
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_22_0_0_192.dll [2016-06-17] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50428.0\npctrl.dll [2016-04-27] ( Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2015-11-25] (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_22_0_0_192.dll [2016-06-17] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-12-18] ()
FF Plugin-x32: @java.com/DTPlugin,version=11.91.2 -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\dtplugin\npDeployJava1.dll [2016-06-28] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.91.2 -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\plugin2\npjp2.dll [2016-06-28] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50428.0\npctrl.dll [2016-04-27] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2016-06-10] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2016-06-03] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2016-06-03] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-11] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-11] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2016-05-27] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2015-11-25] (Adobe Systems)
FF Plugin HKU\S-1-5-21-3206007939-3703904605-1476991908-1000: gingersoftware.com/gingerPlugin -> C:\Program Files (x86)\Ginger\GingerServices\GingerServicesProxy.dll [2015-11-23] (Ginger Software)
FF Plugin HKU\S-1-5-21-3206007939-3703904605-1476991908-1001: @citrixonline.com/appdetectorplugin -> C:\Users\Gerhard\AppData\Local\Citrix\Plugins\104\npappdetector.dll [2014-09-23] (Citrix Online)
FF Plugin HKU\S-1-5-21-3206007939-3703904605-1476991908-1001: @talk.google.com/GoogleTalkPlugin -> C:\Users\Gerhard\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll [2015-12-08] (Google)
FF Plugin HKU\S-1-5-21-3206007939-3703904605-1476991908-1001: @talk.google.com/O1DPlugin -> C:\Users\Gerhard\AppData\Roaming\Mozilla\plugins\npo1d.dll [2015-12-08] (Google)
FF Plugin HKU\S-1-5-21-3206007939-3703904605-1476991908-1001: @tools.google.com/Google Update;version=3 -> C:\Users\Gerhard\AppData\Local\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-11] (Google Inc.)
FF Plugin HKU\S-1-5-21-3206007939-3703904605-1476991908-1001: @tools.google.com/Google Update;version=9 -> C:\Users\Gerhard\AppData\Local\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-11] (Google Inc.)
FF Extension: Ginger - C:\Program Files (x86)\Mozilla Firefox\extensions\adapter@gingersoftware.com [2016-06-10] [ist nicht signiert]
FF HKLM\...\Firefox\Extensions: [bdwteffv20@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender 2016\\antispam32\bdwteff
FF Extension: Bitdefender Wallet - C:\Program Files\Bitdefender\Bitdefender 2016\\antispam32\bdwteff [2015-12-16]
FF HKLM\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender 2016\bdtbext
FF Extension: Bitdefender Antispam Toolbar - C:\Program Files\Bitdefender\Bitdefender 2016\bdtbext [2015-12-16] [ist nicht signiert]
FF HKLM-x32\...\Firefox\Extensions: [bdwteffv20@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender 2016\antispam32\bdwteff
FF Extension: Bitdefender Wallet - C:\Program Files\Bitdefender\Bitdefender 2016\antispam32\bdwteff [2015-12-16]
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension.15@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn
FF Extension: Adobe Acrobat DC - Create PDF - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn [2016-02-18]
FF HKLM-x32\...\Firefox\Extensions: [{22119944-ED35-4ab1-910B-E619EA06A115}] - C:\Program Files (x86)\Siber Systems\AI RoboForm\Firefox\roboform.xpi
FF Extension: RoboForm Toolbar - C:\Program Files (x86)\Siber Systems\AI RoboForm\Firefox\roboform.xpi [2016-04-09]
FF HKLM-x32\...\Firefox\Extensions: [adapter@gingersoftware.com] - C:\Program Files (x86)\Ginger\Mozilla\adapter@gingersoftware.com
FF Extension: Ginger - C:\Program Files (x86)\Ginger\Mozilla\adapter@gingersoftware.com [2016-06-06] [ist nicht signiert]
FF HKLM-x32\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt => nicht gefunden
FF HKLM-x32\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender 2016\bdtbext
FF HKU\S-1-5-21-3206007939-3703904605-1476991908-1000\...\Firefox\Extensions: [{22119944-ED35-4ab1-910B-E619EA06A115}] - C:\Program Files (x86)\Siber Systems\AI RoboForm\Firefox\roboform.xpi

Chrome: 
=======
CHR Profile: C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Präsentationen) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-02-11]
CHR Extension: (Google Docs) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-11]
CHR Extension: (Google Drive) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-09-03]
CHR Extension: (YouTube) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-02-11]
CHR Extension: (Google-Suche) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-09-03]
CHR Extension: (Adobe Acrobat – PDF-Datei erstellen) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2015-01-09]
CHR Extension: (Google Tabellen) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-02-11]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-09-03]
CHR Extension: (Google Mail) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-09-03]
CHR Extension: (RoboForm Password Manager) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pnlccmojcmeohlpggmfnbbiapkmbliob [2015-09-03]
CHR HKLM\...\Chrome\Extension: [pnlccmojcmeohlpggmfnbbiapkmbliob] - C:\Program Files (x86)\Siber Systems\AI RoboForm\Chrome\rf-chrome.crx [2014-09-16]
CHR HKU\S-1-5-21-3206007939-3703904605-1476991908-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [dhdgffkkebhmkfjojejmpbldmpobfkfo] - hxxp://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [dhhejlifdlcgcmogbggeomfodgklfaem] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [npdicihegicnhaangkdmcgbjceoemeoo] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [pnlccmojcmeohlpggmfnbbiapkmbliob] - C:\Program Files (x86)\Siber Systems\AI RoboForm\Chrome\rf-chrome.crx [2014-09-16]

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 a2AntiMalware; C:\Program Files (x86)\Emsisoft Anti-Malware\a2service.exe [11446000 2016-06-28] (Emsisoft Ltd)
R2 AcronisAgent; C:\Program Files (x86)\Common Files\Acronis\Agent\agent.exe [2875232 2014-06-10] (Acronis)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2021592 2016-04-05] (Adobe Systems, Incorporated)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2016-03-02] (Apple Inc.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [2944768 2016-06-10] (Microsoft Corporation)
S3 DfSdkS; C:\Program Files (x86)\Ashampoo\Ashampoo UnInstaller 6\DfSdkS64.exe [544768 2009-08-24] (mst software GmbH, Germany) [Datei ist nicht signiert]
R2 Fabs; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe [1858048 2012-01-23] (MAGIX AG) [Datei ist nicht signiert]
S3 FirebirdServerMAGIXInstance; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe [2702848 2011-04-26] (MAGIX®) [Datei ist nicht signiert]
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1165368 2016-05-02] (NVIDIA Corporation)
R2 GingerUpdateService; C:\Program Files (x86)\Ginger\GingerUpdateService\GingerUpdateService.exe [527360 2015-11-23] (Ginger Software) [Datei ist nicht signiert]
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [Datei ist nicht signiert]
R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1514464 2016-03-10] (Malwarebytes)
R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1136608 2016-03-10] (Malwarebytes)
R2 MMS; C:\Program Files\BackupClient\BackupAndRecovery\mms.exe [17480648 2015-07-16] (Acronis)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1881144 2016-05-02] (NVIDIA Corporation)
R3 NvStreamNetworkSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [3634232 2016-05-02] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [2522680 2016-05-02] (NVIDIA Corporation)
S3 OpenVPNService; C:\Program Files (x86)\HMA! Pro VPN\bin\openvpnserv.exe [37176 2015-03-17] (The OpenVPN Project)
R2 ProductAgentService; C:\Program Files\Bitdefender Agent\ProductAgentService.exe [947640 2016-03-30] (Bitdefender)
R2 ReflectService.exe; C:\Program Files\Macrium\Reflect\ReflectService.exe [3476432 2015-10-12] (Paramount Software UK Ltd)
R2 ss_conn_service; C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [754784 2016-01-08] (DEVGURU Co., LTD.)
R2 UPDATESRV; C:\Program Files\Bitdefender\Bitdefender 2016\updatesrv.exe [156016 2016-06-28] (Bitdefender)
R2 VSSERV; C:\Program Files\Bitdefender\Bitdefender 2016\vsserv.exe [1693104 2016-06-28] (Bitdefender)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2015-10-30] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-10-30] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S3 Apowersoft_AudioDevice; C:\Windows\System32\drivers\Apowersoft_AudioDevice.sys [31920 2014-04-09] (Wondershare)
R3 athr; C:\Windows\System32\drivers\athwnx.sys [4207104 2015-10-30] (Qualcomm Atheros Communications, Inc.)
R0 avc3; C:\Windows\System32\DRIVERS\avc3.sys [1623536 2016-04-27] (BitDefender)
R3 avckf; C:\Windows\System32\DRIVERS\avckf.sys [842152 2016-04-27] (BitDefender)
S0 bdelam; C:\Windows\System32\drivers\bdelam.sys [23568 2016-05-31] (Bitdefender)
R1 bdfwfpf; C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys [128400 2016-06-28] (BitDefender LLC)
R1 BDVEDISK; C:\Windows\System32\DRIVERS\bdvedisk.sys [87912 2015-12-04] (BitDefender)
R1 cbfs3; C:\Windows\system32\drivers\cbfs3.sys [352008 2012-11-10] (EldoS Corporation)
S3 dg_ssudbus; C:\Windows\system32\DRIVERS\ssudbus.sys [129152 2016-04-25] (Samsung Electronics Co., Ltd.)
R1 epp; C:\PROGRAM FILES (X86)\EMSISOFT ANTI-MALWARE\epp.sys [116944 2016-07-01] (Emsisoft Ltd)
R3 FLxHCIh; C:\Windows\System32\drivers\FLxHCIh.sys [76584 2012-07-19] (Fresco Logic)
R0 gzflt; C:\Windows\System32\DRIVERS\gzflt.sys [182936 2016-04-27] (BitDefender LLC)
R0 ignis; C:\Windows\System32\DRIVERS\ignis.sys [299816 2016-06-28] (Bitdefender)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [27008 2016-03-10] (Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [192216 2016-07-01] (Malwarebytes)
R3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [65408 2016-03-10] (Malwarebytes Corporation)
R2 npf; C:\Windows\System32\drivers\npf.sys [35344 2011-02-11] (CACE Technologies, Inc.)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [28216 2016-05-02] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [56384 2016-04-14] (NVIDIA Corporation)
R1 RrNetCapFilterDriver; C:\Windows\system32\DRIVERS\RrNetCapFilterDriver.sys [24744 2015-03-17] (Audials AG)
R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [589824 2015-10-30] (Realtek                                            )
U5 RTSPER; C:\Windows\System32\Drivers\RTSPER.sys [777944 2016-01-13] (Realsil Semiconductor Corporation)
R3 RTSUER; C:\Windows\system32\Drivers\RtsUer.sys [413912 2015-12-22] (Realsil Semiconductor Corporation)
R1 SDHookDriver; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDHookDrv64.sys [64160 2014-04-25] ()
R3 SmbDrv; C:\Windows\system32\DRIVERS\Smb_driver.sys [22800 2012-01-26] (Synaptics Incorporated)
R0 trufos; C:\Windows\System32\DRIVERS\trufos.sys [520032 2016-06-28] (BitDefender S.R.L.)
R2 UI5IFS; C:\Program Files (x86)\Ashampoo\Ashampoo UnInstaller 6\IFS64.sys [31320 2015-12-07] ()
R0 volume_tracker; C:\Windows\System32\DRIVERS\volume_tracker.sys [192288 2015-08-25] (Acronis International GmbH)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation)
S3 WirelessKeyboardFilter; C:\Windows\System32\drivers\WirelessKeyboardFilter.sys [49384 2016-03-29] (Microsoft Corporation)
U3 idsvc; kein ImagePath
S3 RSUSBVSTOR; \SystemRoot\System32\Drivers\RtsUVStor.sys [X]
S3 VBoxNetFlt; \SystemRoot\system32\DRIVERS\VBoxNetFlt.sys [X]
U3 wpcsvc; kein ImagePath
         


Geändert von pinocchio (01.07.2016 um 21:31 Uhr)

Alt 01.07.2016, 21:21   #6
pinocchio
 
Banking Trojaner auf Smartphone, Online Konto gehackt, Login mit Laptop nicht möglich - Standard

Banking Trojaner auf Smartphone, Online Konto gehackt, Login mit Laptop nicht möglich



FRST.txt Teil 2

Code:
ATTFilter
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-07-01 19:48 - 2016-07-01 19:49 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2016-07-01 19:48 - 2016-07-01 19:48 - 00001175 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2016-07-01 19:48 - 2016-07-01 19:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2016-07-01 19:48 - 2016-07-01 19:48 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2016-07-01 19:48 - 2016-03-10 14:09 - 00065408 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2016-07-01 19:48 - 2016-03-10 14:08 - 00140672 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2016-07-01 19:48 - 2016-03-10 14:08 - 00027008 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2016-07-01 16:15 - 2016-07-01 15:58 - 02728337 _____ C:\Users\Gerhard\Desktop\1467377582_1_01.xml
2016-07-01 14:20 - 2016-07-01 14:21 - 00816568 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-07-01 14:19 - 2016-07-01 14:19 - 00001805 _____ C:\Users\Gerhard\Desktop\TrojanerBoard Text.txt
2016-07-01 14:14 - 2016-07-01 14:13 - 00003570 _____ C:\Users\Gerhard\Desktop\1467375210_1_01.xml
2016-07-01 12:19 - 2016-07-01 12:18 - 02728338 _____ C:\Users\Gerhard\Desktop\1467358142_1_01.xml
2016-07-01 09:10 - 2016-07-01 20:53 - 00000000 ____D C:\FRST
2016-07-01 01:05 - 2016-07-01 01:05 - 00000000 ____D C:\WINDOWS\SysWOW64\sda
2016-07-01 01:05 - 2016-01-13 09:32 - 00777944 _____ (Realsil Semiconductor Corporation) C:\WINDOWS\system32\Drivers\RtsPer.sys
2016-07-01 01:05 - 2016-01-05 11:50 - 00328920 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\Drivers\RtsP2Stor.sys
2016-07-01 01:05 - 2015-12-24 09:06 - 00313048 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\Drivers\RtsBaStor.sys
2016-07-01 01:05 - 2015-12-22 03:39 - 00413912 _____ (Realsil Semiconductor Corporation) C:\WINDOWS\system32\Drivers\RtsUer.sys
2016-07-01 01:05 - 2015-12-18 04:06 - 04330200 _____ (TODO: <Company name>) C:\WINDOWS\RtCRU64.exe
2016-07-01 01:05 - 2015-10-16 05:26 - 00367320 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\Drivers\RtsPStor.sys
2016-07-01 01:05 - 2014-10-20 11:50 - 00083160 _____ (Realtek Semiconductor.) C:\WINDOWS\system32\RtCRX64.dll
2016-07-01 01:05 - 2014-01-27 07:39 - 09890008 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\SysWOW64\RsCRIcon.dll
2016-06-30 11:19 - 2016-06-30 11:19 - 00001257 _____ C:\Users\Public\Desktop\Ashampoo Snap 9.lnk
2016-06-29 11:07 - 2016-06-29 11:07 - 00001205 _____ C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Emsisoft Anti-Malware Guard.lnk
2016-06-28 09:47 - 2016-06-28 09:47 - 00097344 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2016-06-28 09:47 - 2016-06-28 09:47 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2016-06-28 09:45 - 2016-06-28 09:45 - 00000000 ____D C:\Users\Admin\AppData\Temp
2016-06-27 08:54 - 2016-06-27 08:54 - 00000000 ____D C:\ProgramData\Malwarebytes
2016-06-25 14:40 - 2016-06-25 14:40 - 00000000 ____D C:\Users\Gerhard\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2016-06-24 16:28 - 2016-06-24 16:28 - 00000000 ____D C:\SpybotBootCD
2016-06-24 16:04 - 2016-06-27 14:06 - 00000000 ____D C:\WINDOWS\Minidump
2016-06-24 15:52 - 2016-06-24 16:40 - 00000000 ____D C:\Users\DefaultAppPool
2016-06-24 15:52 - 2016-06-24 15:52 - 00000020 ___SH C:\Users\DefaultAppPool\ntuser.ini
2016-06-24 15:52 - 2016-06-24 15:52 - 00000000 _SHDL C:\Users\DefaultAppPool\Vorlagen
2016-06-24 15:52 - 2016-06-24 15:52 - 00000000 _SHDL C:\Users\DefaultAppPool\Startmenü
2016-06-24 15:52 - 2016-06-24 15:52 - 00000000 _SHDL C:\Users\DefaultAppPool\Netzwerkumgebung
2016-06-24 15:52 - 2016-06-24 15:52 - 00000000 _SHDL C:\Users\DefaultAppPool\Lokale Einstellungen
2016-06-24 15:52 - 2016-06-24 15:52 - 00000000 _SHDL C:\Users\DefaultAppPool\Eigene Dateien
2016-06-24 15:52 - 2016-06-24 15:52 - 00000000 _SHDL C:\Users\DefaultAppPool\Druckumgebung
2016-06-24 15:52 - 2016-06-24 15:52 - 00000000 _SHDL C:\Users\DefaultAppPool\Documents\Eigene Videos
2016-06-24 15:52 - 2016-06-24 15:52 - 00000000 _SHDL C:\Users\DefaultAppPool\Documents\Eigene Musik
2016-06-24 15:52 - 2016-06-24 15:52 - 00000000 _SHDL C:\Users\DefaultAppPool\Documents\Eigene Bilder
2016-06-24 15:52 - 2016-06-24 15:52 - 00000000 _SHDL C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2016-06-24 15:52 - 2016-06-24 15:52 - 00000000 _SHDL C:\Users\DefaultAppPool\AppData\Local\Verlauf
2016-06-24 15:52 - 2016-06-24 15:52 - 00000000 _SHDL C:\Users\DefaultAppPool\AppData\Local\Anwendungsdaten
2016-06-24 15:52 - 2016-06-24 15:52 - 00000000 _SHDL C:\Users\DefaultAppPool\Anwendungsdaten
2016-06-24 15:52 - 2016-05-31 13:29 - 00000000 ____D C:\Users\DefaultAppPool\AppData\Roaming\Media Center Programs
2016-06-24 15:52 - 2016-05-31 13:29 - 00000000 ____D C:\Users\DefaultAppPool\AppData\Roaming\Macromedia
2016-06-24 15:52 - 2015-12-09 17:04 - 00002124 _____ C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk
2016-06-24 11:56 - 2016-06-24 11:56 - 00000000 ____D C:\Users\Gerhard\Documents\Samsung
2016-06-24 11:47 - 2016-06-24 12:04 - 00000000 ____D C:\Users\Gerhard\AppData\Roaming\Samsung
2016-06-24 11:47 - 2016-06-24 11:47 - 00002200 _____ C:\Users\Public\Desktop\Smart Switch.lnk
2016-06-24 11:47 - 2016-06-24 11:47 - 00000000 ____D C:\WINDOWS\LastGood.Tmp
2016-06-24 11:47 - 2016-06-24 11:47 - 00000000 ____D C:\Users\Public\Documents\NativeFus_Log
2016-06-24 11:47 - 2016-06-24 11:47 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung
2016-06-24 11:46 - 2016-06-24 11:48 - 00000000 ____D C:\ProgramData\Samsung
2016-06-24 11:46 - 2016-06-24 11:46 - 00000000 ____D C:\Users\Admin\AppData\Roaming\Samsung
2016-06-24 11:46 - 2016-06-24 11:46 - 00000000 ____D C:\Program Files (x86)\Samsung
2016-06-24 11:46 - 2016-04-25 00:36 - 01499408 _____ (Microsoft Corporation) C:\WINDOWS\system32\WdfCoInstaller01007.dll
2016-06-24 11:46 - 2016-04-25 00:36 - 00716928 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinUSBCoInstaller.dll
2016-06-24 11:46 - 2016-04-25 00:35 - 00129152 _____ (Samsung Electronics Co., Ltd.) C:\WINDOWS\system32\Drivers\ssudbus.sys
2016-06-24 11:46 - 2016-03-31 11:18 - 00144664 _____ (MAPILab Ltd. & Add-in Express Ltd.) C:\WINDOWS\SysWOW64\secman.dll
2016-06-24 11:46 - 2016-01-08 10:51 - 00213088 _____ (DEVGURU Co., LTD.(www.devguru.co.kr)) C:\WINDOWS\system32\Drivers\ssudmdm.sys
2016-06-23 16:54 - 2016-06-23 16:54 - 00000000 ____D C:\Users\Admin\AppData\Local\NetworkTiles
2016-06-23 16:42 - 2016-06-23 16:42 - 00000000 ____D C:\Users\Admin\AppData\LocalLow\Adobe
2016-06-23 16:42 - 2016-06-23 16:42 - 00000000 ____D C:\Users\Admin\AppData\Local\CEF
2016-06-23 16:36 - 2016-06-23 16:36 - 00000000 ____D C:\Users\Admin\AppData\Roaming\Sublime Text 3
2016-06-23 16:36 - 2016-06-23 16:36 - 00000000 ____D C:\Users\Admin\AppData\Local\Sublime Text 3
2016-06-19 13:19 - 2016-06-19 13:19 - 00001069 _____ C:\Users\Gerhard\Desktop\texteditor.exe - Verknüpfung.lnk
2016-06-19 12:51 - 2016-06-19 12:51 - 00000000 ____D C:\Program Files\ObjectNews2
2016-06-19 12:26 - 2016-06-19 12:51 - 00000000 ____D C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ObjectNews2
2016-06-19 11:47 - 2016-06-19 11:47 - 00000000 ____D C:\Program Files (x86)\VulkanRT
2016-06-19 11:47 - 2016-06-03 05:28 - 00111552 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvStreaming.exe
2016-06-19 11:47 - 2016-05-04 04:23 - 00129824 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2016-06-19 11:47 - 2016-05-04 04:22 - 00130848 _____ C:\WINDOWS\system32\vulkan-1.dll
2016-06-19 11:47 - 2016-05-04 04:22 - 00045344 _____ C:\WINDOWS\system32\vulkaninfo.exe
2016-06-19 11:47 - 2016-05-04 04:22 - 00040224 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2016-06-19 11:45 - 2016-06-03 09:22 - 39977920 _____ C:\WINDOWS\system32\nvcompiler.dll
2016-06-19 11:45 - 2016-06-03 09:22 - 35115968 _____ C:\WINDOWS\SysWOW64\nvcompiler.dll
2016-06-19 11:45 - 2016-06-03 09:22 - 31641656 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll
2016-06-19 11:45 - 2016-06-03 09:22 - 25404864 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll
2016-06-19 11:45 - 2016-06-03 09:22 - 21812056 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll
2016-06-19 11:45 - 2016-06-03 09:22 - 21355464 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2016-06-19 11:45 - 2016-06-03 09:22 - 18151128 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll
2016-06-19 11:45 - 2016-06-03 09:22 - 17746664 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2016-06-19 11:45 - 2016-06-03 09:22 - 10643240 _____ C:\WINDOWS\system32\nvptxJitCompiler.dll
2016-06-19 11:45 - 2016-06-03 09:22 - 08733792 _____ C:\WINDOWS\SysWOW64\nvptxJitCompiler.dll
2016-06-19 11:45 - 2016-06-03 09:22 - 02844608 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2016-06-19 11:45 - 2016-06-03 09:22 - 02470336 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2016-06-19 11:45 - 2016-06-03 09:22 - 01920960 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6436839.dll
2016-06-19 11:45 - 2016-06-03 09:22 - 01571776 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6436839.dll
2016-06-19 11:45 - 2016-06-03 09:22 - 00983488 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2016-06-19 11:45 - 2016-06-03 09:22 - 00910392 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2016-06-19 11:45 - 2016-06-03 09:22 - 00769984 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2016-06-19 11:45 - 2016-06-03 09:22 - 00707520 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2016-06-19 11:45 - 2016-06-03 09:22 - 00669952 _____ C:\WINDOWS\system32\nvfatbinaryLoader.dll
2016-06-19 11:45 - 2016-06-03 09:22 - 00565208 _____ C:\WINDOWS\SysWOW64\nvfatbinaryLoader.dll
2016-06-18 11:31 - 2016-06-18 11:31 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logitech
2016-06-18 11:31 - 2016-06-18 11:31 - 00000000 ____D C:\Program Files\Logitech
2016-06-15 09:05 - 2016-05-28 08:13 - 01401024 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2016-06-15 09:05 - 2016-05-28 08:13 - 00290496 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2016-06-15 09:05 - 2016-05-28 08:13 - 00046784 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2016-06-15 09:05 - 2016-05-28 07:25 - 04268880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\setupapi.dll
2016-06-15 09:05 - 2016-05-28 07:22 - 07474528 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2016-06-15 09:05 - 2016-05-28 07:22 - 04387680 _____ (Microsoft Corporation) C:\WINDOWS\system32\setupapi.dll
2016-06-15 09:05 - 2016-05-28 07:20 - 00430312 _____ (Microsoft Corporation) C:\WINDOWS\system32\ws2_32.dll
2016-06-15 09:05 - 2016-05-28 07:09 - 00501600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupEngine.dll
2016-06-15 09:05 - 2016-05-28 07:08 - 00693600 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupEngine.dll
2016-06-15 09:05 - 2016-05-28 07:07 - 03675512 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2016-06-15 09:05 - 2016-05-28 07:07 - 02921880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2016-06-15 09:05 - 2016-05-28 07:07 - 01322248 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2016-06-15 09:05 - 2016-05-28 07:07 - 00808288 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2016-06-15 09:05 - 2016-05-28 07:07 - 00703840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2016-06-15 09:05 - 2016-05-28 07:06 - 00730344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Shell.Broker.dll
2016-06-15 09:05 - 2016-05-28 07:05 - 04515264 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2016-06-15 09:05 - 2016-05-28 06:58 - 01996640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2016-06-15 09:05 - 2016-05-28 06:58 - 00379232 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2016-06-15 09:05 - 2016-05-28 06:57 - 02548944 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10warp.dll
2016-06-15 09:05 - 2016-05-28 06:57 - 02195632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10warp.dll
2016-06-15 09:05 - 2016-05-28 06:57 - 01594416 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2016-06-15 09:05 - 2016-05-28 06:57 - 01372312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
2016-06-15 09:05 - 2016-05-28 06:57 - 00649792 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2016-06-15 09:05 - 2016-05-28 06:57 - 00636304 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2016-06-15 09:05 - 2016-05-28 06:57 - 00546456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2016-06-15 09:05 - 2016-05-28 06:57 - 00521664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2016-06-15 09:05 - 2016-05-28 06:57 - 00316256 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2016-06-15 09:05 - 2016-05-28 06:35 - 00123392 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdlrecover.exe
2016-06-15 09:05 - 2016-05-28 06:35 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsCSP.dll
2016-06-15 09:05 - 2016-05-28 06:35 - 00031744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsdport.sys
2016-06-15 09:05 - 2016-05-28 06:31 - 00091648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdlrecover.exe
2016-06-15 09:05 - 2016-05-28 06:31 - 00066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosHostClient.dll
2016-06-15 09:05 - 2016-05-28 06:29 - 22379008 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2016-06-15 09:05 - 2016-05-28 06:29 - 00045568 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2016-06-15 09:05 - 2016-05-28 06:28 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
2016-06-15 09:05 - 2016-05-28 06:27 - 00050176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MosHostClient.dll
2016-06-15 09:05 - 2016-05-28 06:27 - 00028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\mapsupdatetask.dll
2016-06-15 09:05 - 2016-05-28 06:26 - 00120320 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsBtSvc.dll
2016-06-15 09:05 - 2016-05-28 06:26 - 00074752 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosStorage.dll
2016-06-15 09:05 - 2016-05-28 06:25 - 00037376 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2016-06-15 09:05 - 2016-05-28 06:24 - 00093696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll
2016-06-15 09:05 - 2016-05-28 06:24 - 00072704 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshost.dll
2016-06-15 09:05 - 2016-05-28 06:22 - 00269824 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshostcore.dll
2016-06-15 09:05 - 2016-05-28 06:22 - 00163328 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringservice.dll
2016-06-15 09:05 - 2016-05-28 06:22 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapsBtSvc.dll
2016-06-15 09:05 - 2016-05-28 06:22 - 00059904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MosStorage.dll
2016-06-15 09:05 - 2016-05-28 06:21 - 00190464 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscsvc.dll
2016-06-15 09:05 - 2016-05-28 06:19 - 24605696 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-06-15 09:05 - 2016-05-28 06:19 - 00567808 _____ (Microsoft Corporation) C:\WINDOWS\system32\MBMediaManager.dll
2016-06-15 09:05 - 2016-05-28 06:18 - 11545088 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2016-06-15 09:05 - 2016-05-28 06:18 - 07977472 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2016-06-15 09:05 - 2016-05-28 06:18 - 00460800 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapConfiguration.dll
2016-06-15 09:05 - 2016-05-28 06:18 - 00380416 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemEventsBrokerServer.dll
2016-06-15 09:05 - 2016-05-28 06:18 - 00285184 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEEventDispatcher.dll
2016-06-15 09:05 - 2016-05-28 06:17 - 09918976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2016-06-15 09:05 - 2016-05-28 06:17 - 00963072 _____ (Microsoft Corporation) C:\WINDOWS\system32\iphlpsvc.dll
2016-06-15 09:05 - 2016-05-28 06:17 - 00630784 _____ (Microsoft Corporation) C:\WINDOWS\system32\MessagingDataModel2.dll
2016-06-15 09:05 - 2016-05-28 06:16 - 19344384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2016-06-15 09:05 - 2016-05-28 06:16 - 00684544 _____ (Microsoft Corporation) C:\WINDOWS\system32\StructuredQuery.dll
2016-06-15 09:05 - 2016-05-28 06:16 - 00592896 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppContracts.dll
2016-06-15 09:05 - 2016-05-28 06:16 - 00503808 _____ (Microsoft Corporation) C:\WINDOWS\system32\tileobjserver.dll
2016-06-15 09:05 - 2016-05-28 06:15 - 01056256 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpMapControl.dll
2016-06-15 09:05 - 2016-05-28 06:15 - 00853504 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
2016-06-15 09:05 - 2016-05-28 06:15 - 00794624 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
2016-06-15 09:05 - 2016-05-28 06:15 - 00349696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapConfiguration.dll
2016-06-15 09:05 - 2016-05-28 06:14 - 18674176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2016-06-15 09:05 - 2016-05-28 06:14 - 01716736 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRHInproc.dll
2016-06-15 09:05 - 2016-05-28 06:14 - 00988160 _____ (Microsoft Corporation) C:\WINDOWS\system32\NMAA.dll
2016-06-15 09:05 - 2016-05-28 06:14 - 00784384 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2016-06-15 09:05 - 2016-05-28 06:14 - 00606208 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2016-06-15 09:05 - 2016-05-28 06:14 - 00499712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MessagingDataModel2.dll
2016-06-15 09:05 - 2016-05-28 06:13 - 00990208 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModel.dll
2016-06-15 09:05 - 2016-05-28 06:13 - 00982016 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxPackaging.dll
2016-06-15 09:05 - 2016-05-28 06:13 - 00939520 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlCore.dll
2016-06-15 09:05 - 2016-05-28 06:13 - 00467456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppContracts.dll
2016-06-15 09:05 - 2016-05-28 06:12 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JpMapControl.dll
2016-06-15 09:05 - 2016-05-28 06:12 - 00614400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll
2016-06-15 09:05 - 2016-05-28 06:12 - 00521728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StructuredQuery.dll
2016-06-15 09:05 - 2016-05-28 06:11 - 00890368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxPackaging.dll
2016-06-15 09:05 - 2016-05-28 06:11 - 00784896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NMAA.dll
2016-06-15 09:05 - 2016-05-28 06:11 - 00711680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapControlCore.dll
2016-06-15 09:05 - 2016-05-28 06:11 - 00687616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2016-06-15 09:05 - 2016-05-28 06:11 - 00504320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2016-06-15 09:05 - 2016-05-28 06:08 - 13385728 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2016-06-15 09:05 - 2016-05-28 06:08 - 06295552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll
2016-06-15 09:05 - 2016-05-28 06:06 - 12128256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2016-06-15 09:05 - 2016-05-28 06:06 - 07200256 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2016-06-15 09:05 - 2016-05-28 06:06 - 01339904 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpsvc.dll
2016-06-15 09:05 - 2016-05-28 06:05 - 03994624 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2016-06-15 09:05 - 2016-05-28 06:05 - 03664896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2016-06-15 09:05 - 2016-05-28 06:05 - 02582016 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2016-06-15 09:05 - 2016-05-28 06:05 - 01797120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2016-06-15 09:05 - 2016-05-28 06:04 - 06973952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2016-06-15 09:05 - 2016-05-28 06:03 - 05323776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2016-06-15 09:05 - 2016-05-28 06:03 - 05205504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2016-06-15 09:05 - 2016-05-28 06:03 - 02609664 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2016-06-15 09:05 - 2016-05-28 06:03 - 01185280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LocationFramework.dll
2016-06-15 09:05 - 2016-05-28 06:02 - 03590144 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2016-06-15 09:05 - 2016-05-28 06:02 - 02061824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2016-06-15 09:05 - 2016-05-28 06:02 - 01534464 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationFramework.dll
2016-06-15 09:05 - 2016-05-28 06:01 - 01799680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
2016-06-15 09:05 - 2016-05-28 06:01 - 01582080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2016-06-15 09:05 - 2016-05-28 06:01 - 01500160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2016-06-15 09:05 - 2016-05-28 06:00 - 05660160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2016-06-15 09:05 - 2016-05-28 06:00 - 03585536 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll
2016-06-15 09:05 - 2016-05-28 06:00 - 02635776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2016-06-15 09:05 - 2016-05-28 06:00 - 02168320 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2016-06-15 09:05 - 2016-05-28 06:00 - 01730560 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2016-06-15 09:05 - 2016-05-28 06:00 - 01707520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActiveSyncProvider.dll
2016-06-15 09:05 - 2016-05-28 05:58 - 07832576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2016-06-15 09:05 - 2016-05-28 05:58 - 04896256 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2016-06-15 09:05 - 2016-05-28 05:58 - 02066432 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2016-06-15 09:05 - 2016-05-28 05:58 - 01996288 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActiveSyncProvider.dll
2016-06-15 09:05 - 2016-05-28 05:57 - 02281472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2016-06-15 09:05 - 2016-05-28 05:55 - 01390080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll
2016-06-15 09:04 - 2016-05-28 08:13 - 01184960 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2016-06-15 09:04 - 2016-05-28 08:13 - 00514752 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2016-06-15 09:04 - 2016-05-28 08:13 - 00092352 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2016-06-15 09:04 - 2016-05-28 07:23 - 00388384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ws2_32.dll
2016-06-15 09:04 - 2016-05-28 07:23 - 00312160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mswsock.dll
2016-06-15 09:04 - 2016-05-28 07:22 - 00428896 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2016-06-15 09:04 - 2016-05-28 07:22 - 00211296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tpm.sys
2016-06-15 09:04 - 2016-05-28 07:22 - 00118624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\partmgr.sys
2016-06-15 09:04 - 2016-05-28 07:18 - 00357216 _____ (Microsoft Corporation) C:\WINDOWS\system32\mswsock.dll
2016-06-15 09:04 - 2016-05-28 07:16 - 00026408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2016-06-15 09:04 - 2016-05-28 07:09 - 00170848 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkUXBroker.exe
2016-06-15 09:04 - 2016-05-28 07:09 - 00084832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupApi.dll
2016-06-15 09:04 - 2016-05-28 07:08 - 00258912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ufx01000.sys
2016-06-15 09:04 - 2016-05-28 07:08 - 00115040 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupApi.dll
2016-06-15 09:04 - 2016-05-28 07:07 - 00957608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2016-06-15 09:04 - 2016-05-28 07:07 - 00331616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2016-06-15 09:04 - 2016-05-28 07:06 - 22561256 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2016-06-15 09:04 - 2016-05-28 07:06 - 04074160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2016-06-15 09:04 - 2016-05-28 07:06 - 00303216 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppHost.exe
2016-06-15 09:04 - 2016-05-28 07:06 - 00254656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppHost.exe
2016-06-15 09:04 - 2016-05-28 07:04 - 00604928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2016-06-15 09:04 - 2016-05-28 07:04 - 00431296 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcryptprimitives.dll
2016-06-15 09:04 - 2016-05-28 07:04 - 00360480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcryptprimitives.dll
2016-06-15 09:04 - 2016-05-28 07:04 - 00161632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2016-06-15 09:04 - 2016-05-28 07:04 - 00111064 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncryptsslp.dll
2016-06-15 09:04 - 2016-05-28 07:04 - 00097096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncryptsslp.dll
2016-06-15 09:04 - 2016-05-28 07:03 - 00131248 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpapi.dll
2016-06-15 09:04 - 2016-05-28 06:57 - 00577376 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2016-06-15 09:04 - 2016-05-28 06:31 - 00088576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll
2016-06-15 09:04 - 2016-05-28 06:29 - 00079360 _____ (Microsoft Corporation) C:\WINDOWS\system32\adhsvc.dll
2016-06-15 09:04 - 2016-05-28 06:29 - 00019456 _____ (Microsoft Corporation) C:\WINDOWS\system32\httpprxp.dll
2016-06-15 09:04 - 2016-05-28 06:28 - 00166400 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2016-06-15 09:04 - 2016-05-28 06:28 - 00090112 _____ (Microsoft Corporation) C:\WINDOWS\system32\FwRemoteSvr.dll
2016-06-15 09:04 - 2016-05-28 06:26 - 00199168 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2016-06-15 09:04 - 2016-05-28 06:26 - 00157184 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcertinst.exe
2016-06-15 09:04 - 2016-05-28 06:26 - 00145920 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmclient.exe
2016-06-15 09:04 - 2016-05-28 06:25 - 00112640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthenum.sys
2016-06-15 09:04 - 2016-05-28 06:24 - 00218624 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll
2016-06-15 09:04 - 2016-05-28 06:24 - 00124928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Ndu.sys
2016-06-15 09:04 - 2016-05-28 06:24 - 00091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2016-06-15 09:04 - 2016-05-28 06:24 - 00086528 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppCapture.dll
2016-06-15 09:04 - 2016-05-28 06:24 - 00067072 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcsvc6.dll
2016-06-15 09:04 - 2016-05-28 06:24 - 00053760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FwRemoteSvr.dll
2016-06-15 09:04 - 2016-05-28 06:23 - 00155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidclass.sys
2016-06-15 09:04 - 2016-05-28 06:23 - 00086016 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcsvc.dll
2016-06-15 09:04 - 2016-05-28 06:22 - 00406528 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2016-06-15 09:04 - 2016-05-28 06:22 - 00368640 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2016-06-15 09:04 - 2016-05-28 06:22 - 00278528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netbt.sys
2016-06-15 09:04 - 2016-05-28 06:22 - 00161280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
2016-06-15 09:04 - 2016-05-28 06:22 - 00079872 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptsvc.dll
2016-06-15 09:04 - 2016-05-28 06:21 - 00550912 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2016-06-15 09:04 - 2016-05-28 06:21 - 00239104 _____ (Microsoft Corporation) C:\WINDOWS\system32\BrokerLib.dll
2016-06-15 09:04 - 2016-05-28 06:21 - 00207360 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupSvc.dll
2016-06-15 09:04 - 2016-05-28 06:20 - 00641536 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2016-06-15 09:04 - 2016-05-28 06:20 - 00511488 _____ (Microsoft Corporation) C:\WINDOWS\system32\newdev.dll
2016-06-15 09:04 - 2016-05-28 06:20 - 00332288 _____ (Microsoft Corporation) C:\WINDOWS\system32\polstore.dll
2016-06-15 09:04 - 2016-05-28 06:20 - 00267264 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore6.dll
2016-06-15 09:04 - 2016-05-28 06:20 - 00199168 _____ (Microsoft Corporation) C:\WINDOWS\system32\GnssAdapter.dll
2016-06-15 09:04 - 2016-05-28 06:20 - 00174080 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Privacy.dll
2016-06-15 09:04 - 2016-05-28 06:20 - 00057344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcsvc6.dll
2016-06-15 09:04 - 2016-05-28 06:19 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2016-06-15 09:04 - 2016-05-28 06:19 - 00414720 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.exe
2016-06-15 09:04 - 2016-05-28 06:19 - 00355840 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore.dll
2016-06-15 09:04 - 2016-05-28 06:19 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcsvc.dll
2016-06-15 09:04 - 2016-05-28 06:18 - 00610816 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastls.dll
2016-06-15 09:04 - 2016-05-28 06:18 - 00591360 _____ (Microsoft Corporation) C:\WINDOWS\system32\vpnike.dll
2016-06-15 09:04 - 2016-05-28 06:18 - 00392192 _____ (Microsoft Corporation) C:\WINDOWS\system32\IPSECSVC.DLL
2016-06-15 09:04 - 2016-05-28 06:17 - 00485888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\newdev.dll
2016-06-15 09:04 - 2016-05-28 06:17 - 00415232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll
2016-06-15 09:04 - 2016-05-28 06:17 - 00315392 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXTaskFactory.dll
2016-06-15 09:04 - 2016-05-28 06:17 - 00278016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2016-06-15 09:04 - 2016-05-28 06:17 - 00173056 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmmigrator.dll
2016-06-15 09:04 - 2016-05-28 06:16 - 00690176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2016-06-15 09:04 - 2016-05-28 06:16 - 00406528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys
2016-06-15 09:04 - 2016-05-28 06:16 - 00291328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\polstore.dll
2016-06-15 09:04 - 2016-05-28 06:16 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore6.dll
2016-06-15 09:04 - 2016-05-28 06:15 - 00535040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastls.dll
2016-06-15 09:04 - 2016-05-28 06:15 - 00293888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore.dll
2016-06-15 09:04 - 2016-05-28 06:15 - 00237056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys
2016-06-15 09:04 - 2016-05-28 06:14 - 00965632 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2016-06-15 09:04 - 2016-05-28 06:14 - 00219136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VEEventDispatcher.dll
2016-06-15 09:04 - 2016-05-28 06:14 - 00200192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2016-06-15 09:04 - 2016-05-28 06:13 - 01387520 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2016-06-15 09:04 - 2016-05-28 06:13 - 00954368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2016-06-15 09:04 - 2016-05-28 06:13 - 00587776 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2016-06-15 09:04 - 2016-05-28 06:13 - 00084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BTHUSB.SYS
2016-06-15 09:04 - 2016-05-28 06:11 - 01445888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRHInproc.dll
2016-06-15 09:04 - 2016-05-28 06:11 - 00799744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRH.dll
2016-06-15 09:04 - 2016-05-28 06:11 - 00128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\httpprxm.dll
2016-06-15 09:04 - 2016-05-28 06:09 - 01073152 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2016-06-15 09:04 - 2016-05-28 06:04 - 00555520 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncController.dll
2016-06-15 09:04 - 2016-05-28 06:04 - 00450560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SyncController.dll
2016-06-15 09:04 - 2016-05-28 06:03 - 00693760 _____ (Microsoft Corporation) C:\WINDOWS\system32\internetmail.dll
2016-06-15 09:04 - 2016-05-28 06:03 - 00417792 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll
2016-06-15 09:04 - 2016-05-28 06:02 - 00103424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\updatepolicy.dll
2016-06-15 09:04 - 2016-05-28 06:01 - 00111104 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll
2016-06-15 09:04 - 2016-05-28 06:00 - 02230272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2016-06-15 09:04 - 2016-05-28 06:00 - 00162816 _____ (Microsoft Corporation) C:\WINDOWS\system32\enrollmentapi.dll
2016-06-15 09:04 - 2016-05-28 06:00 - 00151040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mdmregistration.dll
2016-06-15 09:04 - 2016-05-28 06:00 - 00090624 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceEnroller.exe
2016-06-15 09:04 - 2016-05-28 05:59 - 00176640 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll
2016-06-15 09:04 - 2016-05-28 05:58 - 02755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2016-06-15 09:04 - 2016-05-28 05:53 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcpopkeysrv.dll
2016-06-14 15:05 - 2016-06-14 15:05 - 00025906 _____ C:\ProgramData\1465909525.bdinstall.bin
2016-06-14 15:05 - 2016-06-14 15:05 - 00025902 _____ C:\ProgramData\1465909544.bdinstall.bin
2016-06-14 09:28 - 2016-06-14 09:28 - 00000000 ____D C:\Users\Gerhard\AppData\Roaming\Mailbird
2016-06-14 09:18 - 2016-06-14 09:18 - 00001262 _____ C:\Users\Gerhard\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Amazon Drive.lnk
2016-06-14 09:18 - 2016-06-14 09:18 - 00001250 _____ C:\Users\Gerhard\Desktop\Amazon Drive.lnk
2016-06-14 09:18 - 2016-06-14 09:18 - 00000000 ____D C:\Users\Gerhard\AppData\Roaming\Amazon Cloud Drive
2016-06-14 09:18 - 2016-06-14 09:18 - 00000000 ____D C:\Users\Gerhard\AppData\Local\Amazon Drive
2016-06-13 14:58 - 2016-06-13 14:58 - 00000000 ____D C:\ProgramData\Mailbird
2016-06-13 14:57 - 2016-07-01 19:43 - 00000000 ____D C:\Program Files (x86)\Mailbird
2016-06-13 14:57 - 2016-06-19 11:42 - 00000000 ____D C:\Users\Admin\AppData\Local\Mailbird
2016-06-13 14:57 - 2016-06-13 14:58 - 00000000 ____D C:\Users\Gerhard\AppData\Local\Mailbird
2016-06-13 14:57 - 2016-06-13 14:57 - 00000000 ____D C:\Users\Admin\AppData\Roaming\Mailbird
2016-06-13 09:55 - 2016-06-13 09:55 - 00000000 ____D C:\Users\Gerhard\Documents\MAGIX_MusicEditor
2016-06-13 09:53 - 2016-06-13 09:53 - 00000000 ____D C:\Users\Gerhard\Documents\Outlook-Dateien
2016-06-11 17:06 - 2016-06-11 17:06 - 00000000 ____D C:\Users\Admin\AppData\Roaming\sp6_log
2016-06-11 09:50 - 2016-06-11 09:50 - 00018960 _____ (Logitech, Inc.) C:\WINDOWS\system32\Drivers\LNonPnP.sys
2016-06-11 09:50 - 2016-06-11 09:50 - 00000000 ____D C:\Users\Public\Documents\Logishrd
2016-06-11 09:49 - 2016-06-19 10:55 - 00000000 ____D C:\ProgramData\Logishrd
2016-06-11 09:49 - 2016-06-11 09:49 - 00000000 ____D C:\Users\Admin\AppData\Roaming\Logitech
2016-06-11 09:48 - 2016-06-19 11:42 - 00000000 ____D C:\Users\Admin\AppData\Roaming\Logishrd
2016-06-11 09:48 - 2016-06-18 11:31 - 00000000 ____D C:\Users\Gerhard\AppData\Roaming\Logishrd
2016-06-11 09:48 - 2016-06-11 09:50 - 00000000 ____D C:\Users\Gerhard\AppData\Roaming\Logitech
2016-06-11 09:24 - 2016-06-11 09:24 - 00000000 ____D C:\ProgramData\Synaptics
2016-06-10 10:56 - 2016-06-11 17:45 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-06-07 11:09 - 2016-06-07 11:09 - 00001822 _____ C:\Users\Public\Desktop\iTunes.lnk
2016-06-07 11:09 - 2016-06-07 11:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2016-06-07 11:09 - 2016-06-07 11:09 - 00000000 ____D C:\Program Files\iTunes
2016-06-07 11:09 - 2016-06-07 11:09 - 00000000 ____D C:\Program Files\iPod
2016-06-07 11:09 - 2016-06-07 11:09 - 00000000 ____D C:\Program Files (x86)\iTunes
2016-06-06 11:11 - 2016-06-29 15:03 - 00004158 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{5B9B2337-9EE6-4DC0-ADCC-E0CED2F6F242}
2016-06-06 11:06 - 2016-06-06 11:06 - 00002929 _____ C:\Users\Public\Desktop\Ginger.lnk
2016-06-06 11:06 - 2016-06-06 11:06 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ginger
2016-06-03 08:05 - 2016-06-03 08:05 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
2016-06-03 08:05 - 2016-06-03 08:05 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_WinUSB_01007.Wdf
2016-06-01 17:27 - 2016-06-01 17:27 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2016-06-01 15:31 - 2016-07-01 16:12 - 00004162 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{9D9B4E17-348B-4D2C-A838-E2FA66311794}
2016-06-01 08:34 - 2016-04-23 07:09 - 21123320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2016-06-01 08:34 - 2016-04-23 07:09 - 05240960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2016-06-01 08:34 - 2016-04-23 07:08 - 06605504 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2016-06-01 08:34 - 2016-04-23 06:28 - 16984576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2016-06-01 08:34 - 2016-04-23 06:05 - 05502976 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll
2016-06-01 08:34 - 2016-03-29 12:20 - 02656952 _____ C:\WINDOWS\system32\CoreUIComponents.dll
2016-06-01 08:34 - 2016-03-29 12:18 - 02152280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2016-06-01 08:34 - 2016-03-29 11:56 - 01297752 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2016-06-01 08:34 - 2016-03-29 11:37 - 01862008 _____ C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2016-06-01 08:34 - 2016-03-29 11:13 - 00986976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2016-06-01 08:34 - 2016-03-29 10:26 - 02403680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2016-06-01 08:34 - 2016-03-29 09:02 - 02624512 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
2016-06-01 08:34 - 2016-03-29 08:36 - 03351040 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2016-06-01 08:34 - 2016-03-29 08:32 - 01588224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2016-06-01 08:34 - 2016-03-29 08:32 - 01098240 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2016-06-01 08:34 - 2016-03-29 08:28 - 01944576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll
2016-06-01 08:34 - 2016-03-29 08:10 - 03671040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2016-06-01 08:34 - 2016-03-29 07:45 - 03078144 _____ (Microsoft Corporation) C:\WINDOWS\system32\esent.dll
2016-06-01 08:34 - 2016-03-29 07:43 - 03428864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2016-06-01 08:34 - 2016-03-29 07:38 - 02798080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2016-06-01 08:34 - 2016-03-29 07:36 - 02722816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\esent.dll
2016-06-01 08:34 - 2016-02-24 11:28 - 03449168 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSService.dll
2016-06-01 08:34 - 2016-02-24 08:18 - 01490432 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataService.dll
2016-06-01 08:34 - 2016-02-24 07:05 - 12586496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2016-06-01 08:34 - 2016-02-24 07:03 - 14252544 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2016-06-01 08:34 - 2016-02-23 12:32 - 08705672 _____ (Microsoft Corp.) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2016-06-01 08:34 - 2016-02-23 12:32 - 02544264 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2016-06-01 08:34 - 2016-02-23 12:32 - 01062480 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2016-06-01 08:34 - 2016-02-23 11:45 - 02773096 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll
2016-06-01 08:34 - 2016-02-23 11:38 - 06952088 _____ (Microsoft Corp.) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2016-06-01 08:34 - 2016-02-23 11:38 - 02180136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2016-06-01 08:34 - 2016-02-23 11:20 - 01139712 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblGameSave.dll
2016-06-01 08:34 - 2016-02-23 10:56 - 02186864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll
2016-06-01 08:34 - 2016-02-23 10:10 - 00997376 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2016-06-01 08:34 - 2016-02-23 09:24 - 04827136 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
2016-06-01 08:34 - 2016-02-23 08:56 - 04412928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll
2016-06-01 08:34 - 2016-02-23 08:41 - 02912256 _____ (Microsoft Corporation) C:\WINDOWS\system32\CertEnroll.dll
2016-06-01 08:34 - 2016-02-23 08:35 - 07533568 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2016-06-01 08:34 - 2016-02-23 08:33 - 02604032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CertEnroll.dll
2016-06-01 08:34 - 2016-02-23 08:28 - 06740992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2016-06-01 08:34 - 2016-01-27 07:57 - 01824264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2016-06-01 08:34 - 2016-01-27 07:46 - 02606824 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2016-06-01 08:34 - 2016-01-16 08:21 - 01750440 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcMon.exe
2016-06-01 08:34 - 2016-01-16 07:24 - 02057216 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll
2016-06-01 08:34 - 2016-01-05 04:45 - 02587696 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2016-06-01 08:34 - 2016-01-05 04:42 - 02026736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2016-06-01 08:34 - 2016-01-05 04:37 - 01299504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetsrc.dll
2016-06-01 08:34 - 2015-11-22 11:54 - 00138240 _____ (Microsoft Corporation) C:\WINDOWS\system32\ETWCoreUIComponentsResources.dll
2016-06-01 08:34 - 2015-11-22 11:42 - 00138240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ETWCoreUIComponentsResources.dll
2016-06-01 08:34 - 2015-11-22 11:34 - 02843136 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
2016-06-01 08:34 - 2015-11-22 11:26 - 03355136 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll
2016-06-01 08:34 - 2015-11-22 11:20 - 01860096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll
2016-06-01 08:34 - 2015-11-22 11:17 - 02680320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll
2016-06-01 08:33 - 2016-05-06 06:53 - 00095072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdport.sys
2016-06-01 08:33 - 2016-05-06 06:05 - 00241664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cryptngc.dll
2016-06-01 08:33 - 2016-05-06 06:03 - 00649216 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcsvc.dll
2016-06-01 08:33 - 2016-05-06 05:53 - 00351232 _____ (Microsoft Corporation) C:\WINDOWS\system32\NgcCtnr.dll
2016-06-01 08:33 - 2016-05-06 05:49 - 00289792 _____ (Microsoft Corporation) C:\WINDOWS\system32\NgcCtnrSvc.dll
2016-06-01 08:33 - 2016-05-06 05:44 - 00582656 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngccredprov.dll
2016-06-01 08:33 - 2016-05-06 05:43 - 00320000 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptngc.dll
2016-06-01 08:33 - 2016-04-23 08:12 - 00713920 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2016-06-01 08:33 - 2016-04-23 08:12 - 00190144 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2016-06-01 08:33 - 2016-04-23 07:28 - 01557768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2016-06-01 08:33 - 2016-04-23 07:28 - 01542816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2016-06-01 08:33 - 2016-04-23 07:26 - 00707608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll
2016-06-01 08:33 - 2016-04-23 07:24 - 01997328 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2016-06-01 08:33 - 2016-04-23 07:24 - 01819208 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2016-06-01 08:33 - 2016-04-23 07:24 - 00754664 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2016-06-01 08:33 - 2016-04-23 07:24 - 00638816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fvevol.sys
2016-06-01 08:33 - 2016-04-23 07:24 - 00335712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fastfat.sys
2016-06-01 08:33 - 2016-04-23 07:24 - 00099680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys
2016-06-01 08:33 - 2016-04-23 07:22 - 01161120 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll
2016-06-01 08:33 - 2016-04-23 07:13 - 00306832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanapi.dll
2016-06-01 08:33 - 2016-04-23 07:12 - 00925064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2016-06-01 08:33 - 2016-04-23 07:12 - 00451928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFCaptureEngine.dll
2016-06-01 08:33 - 2016-04-23 07:12 - 00413536 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifitask.exe
2016-06-01 08:33 - 2016-04-23 07:11 - 01092464 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2016-06-01 08:33 - 2016-04-23 07:11 - 00498960 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFCaptureEngine.dll
2016-06-01 08:33 - 2016-04-23 07:11 - 00390496 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanapi.dll
2016-06-01 08:33 - 2016-04-23 07:11 - 00131424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ufxsynopsys.sys
2016-06-01 08:33 - 2016-04-23 07:09 - 00569744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SHCore.dll
2016-06-01 08:33 - 2016-04-23 07:09 - 00565600 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2016-06-01 08:33 - 2016-04-23 07:09 - 00465760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2016-06-01 08:33 - 2016-04-23 07:08 - 00725776 _____ (Microsoft Corporation) C:\WINDOWS\system32\SHCore.dll
2016-06-01 08:33 - 2016-04-23 07:07 - 01848072 _____ (Microsoft Corporation) C:\WINDOWS\system32\crypt32.dll
2016-06-01 08:33 - 2016-04-23 07:07 - 01536088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\crypt32.dll
2016-06-01 08:33 - 2016-04-23 07:07 - 00204048 _____ (Microsoft Corporation) C:\WINDOWS\system32\rsaenh.dll
2016-06-01 08:33 - 2016-04-23 07:07 - 00183904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rsaenh.dll
2016-06-01 08:33 - 2016-04-23 07:06 - 00291360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininit.exe
2016-06-01 08:33 - 2016-04-23 07:02 - 00188256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2016-06-01 08:33 - 2016-04-23 07:01 - 00619296 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10level9.dll
2016-06-01 08:33 - 2016-04-23 07:01 - 00513368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10level9.dll
2016-06-01 08:33 - 2016-04-23 07:01 - 00393568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2016-06-01 08:33 - 2016-04-23 07:01 - 00217440 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2016-06-01 08:33 - 2016-04-23 07:00 - 01776768 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2016-06-01 08:33 - 2016-04-23 07:00 - 01522152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2016-06-01 08:33 - 2016-04-23 07:00 - 01399224 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2016-06-01 08:33 - 2016-04-23 07:00 - 01337240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2016-06-01 08:33 - 2016-04-23 07:00 - 00550656 _____ (Microsoft Corporation) C:\WINDOWS\system32\directmanipulation.dll
2016-06-01 08:33 - 2016-04-23 07:00 - 00453472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\directmanipulation.dll
2016-06-01 08:33 - 2016-04-23 07:00 - 00058208 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwminit.dll
2016-06-01 08:33 - 2016-04-23 06:56 - 00534872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2016-06-01 08:33 - 2016-04-23 06:34 - 00067072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbser.sys
2016-06-01 08:33 - 2016-04-23 06:34 - 00059392 _____ (Microsoft Corporation) C:\WINDOWS\system32\hmkd.dll
2016-06-01 08:33 - 2016-04-23 06:34 - 00048128 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
2016-06-01 08:33 - 2016-04-23 06:33 - 00063488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\UcmCx.sys
2016-06-01 08:33 - 2016-04-23 06:33 - 00038400 _____ (Microsoft Corporation) C:\WINDOWS\system32\ByteCodeGenerator.exe
2016-06-01 08:33 - 2016-04-23 06:32 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseDesktopAppMgmtCSP.dll
2016-06-01 08:33 - 2016-04-23 06:31 - 13018112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2016-06-01 08:33 - 2016-04-23 06:29 - 00192000 _____ (Microsoft Corporation) C:\WINDOWS\system32\provisioningcsp.dll
2016-06-01 08:33 - 2016-04-23 06:29 - 00151040 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEStoreEventHandlers.dll
2016-06-01 08:33 - 2016-04-23 06:29 - 00087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\filecrypt.sys
2016-06-01 08:33 - 2016-04-23 06:29 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAppInstaller.exe
2016-06-01 08:33 - 2016-04-23 06:29 - 00047104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hmkd.dll
2016-06-01 08:33 - 2016-04-23 06:29 - 00031232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ByteCodeGenerator.exe
2016-06-01 08:33 - 2016-04-23 06:29 - 00023552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wups.dll
2016-06-01 08:33 - 2016-04-23 06:28 - 00130560 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudDomainJoinDataModelServer.dll
2016-06-01 08:33 - 2016-04-23 06:28 - 00127488 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEDataLayerHelpers.dll
2016-06-01 08:33 - 2016-04-23 06:28 - 00104448 _____ (Microsoft Corporation) C:\WINDOWS\system32\BluetoothApis.dll
2016-06-01 08:33 - 2016-04-23 06:27 - 00039424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wfdprov.dll
2016-06-01 08:33 - 2016-04-23 06:26 - 00086528 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpdbusenum.dll
2016-06-01 08:33 - 2016-04-23 06:25 - 00630784 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneProviders.dll
2016-06-01 08:33 - 2016-04-23 06:25 - 00617984 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2016-06-01 08:33 - 2016-04-23 06:25 - 00210432 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmcsp.dll
2016-06-01 08:33 - 2016-04-23 06:24 - 00689152 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2016-06-01 08:33 - 2016-04-23 06:24 - 00292864 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2016-06-01 08:33 - 2016-04-23 06:24 - 00287232 _____ (Microsoft Corporation) C:\WINDOWS\system32\provhandlers.dll
2016-06-01 08:33 - 2016-04-23 06:24 - 00181248 _____ (Microsoft Corporation) C:\WINDOWS\system32\shacct.dll
2016-06-01 08:33 - 2016-04-23 06:24 - 00166400 _____ (Microsoft Corporation) C:\WINDOWS\system32\SubscriptionMgr.dll
2016-06-01 08:33 - 2016-04-23 06:24 - 00084480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VEDataLayerHelpers.dll
2016-06-01 08:33 - 2016-04-23 06:23 - 00279040 _____ (Microsoft Corporation) C:\WINDOWS\system32\ListSvc.dll
2016-06-01 08:33 - 2016-04-23 06:23 - 00179712 _____ (Microsoft Corporation) C:\WINDOWS\system32\BrowserSettingSync.dll
2016-06-01 08:33 - 2016-04-23 06:23 - 00080896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BluetoothApis.dll
2016-06-01 08:33 - 2016-04-23 06:21 - 00479232 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2016-06-01 08:33 - 2016-04-23 06:20 - 00606720 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2016-06-01 08:33 - 2016-04-23 06:20 - 00484352 _____ (Microsoft Corporation) C:\WINDOWS\system32\DataSenseHandlers.dll
2016-06-01 08:33 - 2016-04-23 06:20 - 00356864 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActivationManager.dll
2016-06-01 08:33 - 2016-04-23 06:20 - 00307200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2016-06-01 08:33 - 2016-04-23 06:20 - 00137728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shacct.dll
2016-06-01 08:33 - 2016-04-23 06:19 - 00970752 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2016-06-01 08:33 - 2016-04-23 06:19 - 00440320 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredProvDataModel.dll
2016-06-01 08:33 - 2016-04-23 06:19 - 00140800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BrowserSettingSync.dll
2016-06-01 08:33 - 2016-04-23 06:18 - 00870400 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2016-06-01 08:33 - 2016-04-23 06:18 - 00804352 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2016-06-01 08:33 - 2016-04-23 06:18 - 00585728 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2016-06-01 08:33 - 2016-04-23 06:18 - 00515072 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneDriveSettingSyncProvider.dll
2016-06-01 08:33 - 2016-04-23 06:18 - 00471552 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupShim.dll
2016-06-01 08:33 - 2016-04-23 06:18 - 00436736 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2016-06-01 08:33 - 2016-04-23 06:17 - 01213440 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2016-06-01 08:33 - 2016-04-23 06:17 - 00529920 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2016-06-01 08:33 - 2016-04-23 06:17 - 00388608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2016-06-01 08:33 - 2016-04-23 06:17 - 00337920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanmsm.dll
2016-06-01 08:33 - 2016-04-23 06:16 - 01319424 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll
2016-06-01 08:33 - 2016-04-23 06:16 - 00848896 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2016-06-01 08:33 - 2016-04-23 06:15 - 00865792 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2016-06-01 08:33 - 2016-04-23 06:15 - 00792064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2016-06-01 08:33 - 2016-04-23 06:15 - 00673280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
2016-06-01 08:33 - 2016-04-23 06:15 - 00400896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneDriveSettingSyncProvider.dll
2016-06-01 08:33 - 2016-04-23 06:15 - 00348672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredProvDataModel.dll
2016-06-01 08:33 - 2016-04-23 06:14 - 00870912 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll
2016-06-01 08:33 - 2016-04-23 06:14 - 00821760 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2016-06-01 08:33 - 2016-04-23 06:14 - 00647680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2016-06-01 08:33 - 2016-04-23 06:14 - 00354304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupShim.dll
2016-06-01 08:33 - 2016-04-23 06:14 - 00342528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2016-06-01 08:33 - 2016-04-23 06:13 - 00705536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2016-06-01 08:33 - 2016-04-23 06:13 - 00489984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll
2016-06-01 08:33 - 2016-04-23 06:13 - 00434688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LogonController.dll
2016-06-01 08:33 - 2016-04-23 06:12 - 00667648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll
2016-06-01 08:33 - 2016-04-23 06:10 - 00639488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2016-06-01 08:33 - 2016-04-23 06:07 - 00848896 _____ (Microsoft Corporation) C:\WINDOWS\system32\samsrv.dll
2016-06-01 08:33 - 2016-04-23 06:05 - 01946112 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2016-06-01 08:33 - 2016-04-23 06:05 - 01626624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2016-06-01 08:33 - 2016-04-23 06:05 - 00613376 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSync.dll
2016-06-01 08:33 - 2016-04-23 06:04 - 04759040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2016-06-01 08:33 - 2016-04-23 06:03 - 02193408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2016-06-01 08:33 - 2016-04-23 06:03 - 02000896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll
2016-06-01 08:33 - 2016-04-23 06:03 - 00754176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2016-06-01 08:33 - 2016-04-23 06:03 - 00503296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSync.dll
2016-06-01 08:33 - 2016-04-23 06:02 - 02444288 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll
2016-06-01 08:33 - 2016-04-23 06:01 - 04775424 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2016-06-01 08:33 - 2016-04-23 06:00 - 00984576 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2016-06-01 08:33 - 2016-04-23 05:45 - 00461824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2016-06-01 08:33 - 2016-04-23 04:10 - 00215040 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2016-06-01 08:33 - 2016-04-02 06:13 - 00369912 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2016-06-01 08:33 - 2016-04-02 06:10 - 00770640 _____ (Microsoft Corporation) C:\WINDOWS\system32\iuilp.dll
2016-06-01 08:33 - 2016-04-02 06:10 - 00374008 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2016-06-01 08:33 - 2016-04-02 05:25 - 00278528 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationObjFactory.dll
2016-06-01 08:33 - 2016-04-02 05:25 - 00239104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NotificationObjFactory.dll
2016-06-01 08:33 - 2016-04-02 05:19 - 01054208 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2016-06-01 08:33 - 2016-03-29 12:23 - 00277856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2016-06-01 08:33 - 2016-03-29 12:22 - 01030416 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2016-06-01 08:33 - 2016-03-29 12:22 - 00874968 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2016-06-01 08:33 - 2016-03-29 12:20 - 01317640 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2016-06-01 08:33 - 2016-03-29 12:20 - 01141504 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2016-06-01 08:33 - 2016-03-29 12:15 - 00100232 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmapi.dll
2016-06-01 08:33 - 2016-03-29 12:11 - 00686976 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll
2016-06-01 08:33 - 2016-03-29 12:05 - 01152864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2016-06-01 08:33 - 2016-03-29 12:02 - 00989536 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2016-06-01 08:33 - 2016-03-29 12:02 - 00334736 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanager.dll
2016-06-01 08:33 - 2016-03-29 11:28 - 00535080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll
2016-06-01 08:33 - 2016-03-29 11:25 - 00058400 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsNativeApi.dll
2016-06-01 08:33 - 2016-03-29 11:19 - 00296488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\policymanager.dll
2016-06-01 08:33 - 2016-03-29 11:18 - 00185184 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2016-06-01 08:33 - 2016-03-29 11:11 - 00074424 _____ (Microsoft Corporation) C:\WINDOWS\system32\easinvoker.exe
2016-06-01 08:33 - 2016-03-29 11:10 - 00110584 _____ (Microsoft Corporation) C:\WINDOWS\system32\srvcli.dll
2016-06-01 08:33 - 2016-03-29 11:09 - 00078040 _____ (Microsoft Corporation) C:\WINDOWS\system32\wkscli.dll
2016-06-01 08:33 - 2016-03-29 11:08 - 00358752 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2016-06-01 08:33 - 2016-03-29 11:08 - 00261376 _____ (Microsoft Corporation) C:\WINDOWS\system32\LsaIso.exe
2016-06-01 08:33 - 2016-03-29 11:07 - 00081144 _____ (Microsoft Corporation) C:\WINDOWS\system32\netapi32.dll
2016-06-01 08:33 - 2016-03-29 10:41 - 00051128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsNativeApi.dll
2016-06-01 08:33 - 2016-03-29 10:26 - 01089888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys
2016-06-01 08:33 - 2016-03-29 10:26 - 00073872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srvcli.dll
2016-06-01 08:33 - 2016-03-29 10:25 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wkscli.dll
2016-06-01 08:33 - 2016-03-29 10:24 - 00294752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2016-06-01 08:33 - 2016-03-29 10:23 - 00069744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netapi32.dll
2016-06-01 08:33 - 2016-03-29 10:21 - 00378208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2016-06-01 08:33 - 2016-03-29 10:07 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsNativeApi.V2.dll
2016-06-01 08:33 - 2016-03-29 10:07 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanagerprecheck.dll
2016-06-01 08:33 - 2016-03-29 10:07 - 00031232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsdchngr.dll
2016-06-01 08:33 - 2016-03-29 10:00 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveskybackup.dll
2016-06-01 08:33 - 2016-03-29 09:59 - 00027648 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManagerShellext.exe
2016-06-01 08:33 - 2016-03-29 09:58 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininetlui.dll
2016-06-01 08:33 - 2016-03-29 09:58 - 00052224 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2016-06-01 08:33 - 2016-03-29 09:57 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\samlib.dll
2016-06-01 08:33 - 2016-03-29 09:57 - 00058368 _____ (Microsoft Corporation) C:\WINDOWS\system32\browcli.dll
2016-06-01 08:33 - 2016-03-29 09:55 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\serial.sys
2016-06-01 08:33 - 2016-03-29 09:55 - 00036352 _____ (Microsoft Corporation) C:\WINDOWS\system32\tbauth.dll
2016-06-01 08:33 - 2016-03-29 09:54 - 00147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\mtxoci.dll
2016-06-01 08:33 - 2016-03-29 09:53 - 00116224 _____ (Microsoft Corporation) C:\WINDOWS\system32\FontProvider.dll
2016-06-01 08:33 - 2016-03-29 09:52 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBrokerCookies.exe
2016-06-01 08:33 - 2016-03-29 09:51 - 00181248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rfcomm.sys
2016-06-01 08:33 - 2016-03-29 09:51 - 00167936 _____ (Microsoft Corporation) C:\WINDOWS\system32\dafBth.dll
2016-06-01 08:33 - 2016-03-29 09:51 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzautoupdate.dll
2016-06-01 08:33 - 2016-03-29 09:50 - 00088576 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxSysprep.dll
2016-06-01 08:33 - 2016-03-29 09:50 - 00066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\OnDemandConnRouteHelper.dll
2016-06-01 08:33 - 2016-03-29 09:50 - 00033280 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuautoappupdate.dll
2016-06-01 08:33 - 2016-03-29 09:48 - 00144896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Devices.dll
2016-06-01 08:33 - 2016-03-29 09:46 - 00134656 _____ (Microsoft Corporation) C:\WINDOWS\system32\browser.dll
2016-06-01 08:33 - 2016-03-29 09:44 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\system32\DAFWSD.dll
2016-06-01 08:33 - 2016-03-29 09:36 - 00530432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nwifi.sys
2016-06-01 08:33 - 2016-03-29 09:36 - 00209408 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll
2016-06-01 08:33 - 2016-03-29 09:35 - 00411648 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleacc.dll
2016-06-01 08:33 - 2016-03-29 09:35 - 00239616 _____ (Microsoft Corporation) C:\WINDOWS\system32\credprovhost.dll
2016-06-01 08:33 - 2016-03-29 09:34 - 00333824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\portcls.sys
2016-06-01 08:33 - 2016-03-29 09:34 - 00284672 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsrslvr.dll
2016-06-01 08:33 - 2016-03-29 09:33 - 00174592 _____ (Microsoft Corporation) C:\WINDOWS\system32\easwrt.dll
2016-06-01 08:33 - 2016-03-29 09:30 - 00328192 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2016-06-01 08:33 - 2016-03-29 09:30 - 00161792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msorcl32.dll
2016-06-01 08:33 - 2016-03-29 09:27 - 00339968 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorService.dll
2016-06-01 08:33 - 2016-03-29 09:23 - 00694784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdiWiFi.sys
2016-06-01 08:33 - 2016-03-29 09:22 - 00438784 _____ (Microsoft Corporation) C:\WINDOWS\system32\AccountsRt.dll
2016-06-01 08:33 - 2016-03-29 09:21 - 00330240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2016-06-01 08:33 - 2016-03-29 09:20 - 00948736 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblAuthManager.dll
2016-06-01 08:33 - 2016-03-29 09:20 - 00166400 _____ (Microsoft Corporation) C:\WINDOWS\system32\AboveLockAppHost.dll
2016-06-01 08:33 - 2016-03-29 09:20 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsdchngr.dll
2016-06-01 08:33 - 2016-03-29 09:19 - 00556032 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll
2016-06-01 08:33 - 2016-03-29 09:18 - 00676352 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSDApi.dll
2016-06-01 08:33 - 2016-03-29 09:17 - 00708608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2016-06-01 08:33 - 2016-03-29 09:14 - 00859136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2016-06-01 08:33 - 2016-03-29 09:12 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininetlui.dll
2016-06-01 08:33 - 2016-03-29 09:12 - 00045568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2016-06-01 08:33 - 2016-03-29 09:11 - 00881664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Input.Inking.dll
2016-06-01 08:33 - 2016-03-29 09:11 - 00043520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\browcli.dll
2016-06-01 08:33 - 2016-03-29 09:09 - 01239552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Bluetooth.dll
2016-06-01 08:33 - 2016-03-29 09:09 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tbauth.dll
2016-06-01 08:33 - 2016-03-29 09:08 - 00888320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.dll
2016-06-01 08:33 - 2016-03-29 09:08 - 00841216 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
2016-06-01 08:33 - 2016-03-29 09:08 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mtxoci.dll
2016-06-01 08:33 - 2016-03-29 09:07 - 01902592 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2016-06-01 08:33 - 2016-03-29 09:06 - 01575936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.dll
2016-06-01 08:33 - 2016-03-29 09:06 - 00022528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBrokerCookies.exe
2016-06-01 08:33 - 2016-03-29 09:05 - 01395712 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll
2016-06-01 08:33 - 2016-03-29 09:04 - 00103936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Devices.dll
2016-06-01 08:33 - 2016-03-29 09:03 - 00148480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dfsc.sys
2016-06-01 08:33 - 2016-03-29 09:02 - 01211904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Cred.dll
2016-06-01 08:33 - 2016-03-29 09:00 - 00345600 _____ (Microsoft Corporation) C:\WINDOWS\system32\TextInputFramework.dll
2016-06-01 08:33 - 2016-03-29 09:00 - 00235008 _____ C:\WINDOWS\system32\MTF.dll
2016-06-01 08:33 - 2016-03-29 09:00 - 00176128 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.DeviceEncryptionHandlers.dll
2016-06-01 08:33 - 2016-03-29 09:00 - 00175616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll
2016-06-01 08:33 - 2016-03-29 08:59 - 00223232 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapibase.dll
2016-06-01 08:33 - 2016-03-29 08:59 - 00119808 _____ (Microsoft Corporation) C:\WINDOWS\system32\BitLockerDeviceEncryption.exe
2016-06-01 08:33 - 2016-03-29 08:55 - 01052160 _____ (Microsoft Corporation) C:\WINDOWS\system32\MsSpellCheckingFacility.dll
2016-06-01 08:33 - 2016-03-29 08:53 - 00323072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleacc.dll
2016-06-01 08:33 - 2016-03-29 08:53 - 00193024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\credprovhost.dll
2016-06-01 08:33 - 2016-03-29 08:52 - 00141824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\easwrt.dll
2016-06-01 08:33 - 2016-03-29 08:49 - 00288256 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveui.dll
2016-06-01 08:33 - 2016-03-29 08:43 - 00358400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AccountsRt.dll
2016-06-01 08:33 - 2016-03-29 08:42 - 01410560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.Http.dll
2016-06-01 08:33 - 2016-03-29 08:42 - 00250880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2016-06-01 08:33 - 2016-03-29 08:41 - 00129024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AboveLockAppHost.dll
2016-06-01 08:33 - 2016-03-29 08:40 - 00787456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.dll
2016-06-01 08:33 - 2016-03-29 08:39 - 00564224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSDApi.dll
2016-06-01 08:33 - 2016-03-29 08:39 - 00496128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2016-06-01 08:33 - 2016-03-29 08:36 - 00649728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2016-06-01 08:33 - 2016-03-29 08:34 - 00682496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Input.Inking.dll
2016-06-01 08:33 - 2016-03-29 08:32 - 00854528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Bluetooth.dll
2016-06-01 08:33 - 2016-03-29 08:32 - 00638464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.dll
2016-06-01 08:33 - 2016-03-29 08:32 - 00128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcsps.dll
2016-06-01 08:33 - 2016-03-29 08:31 - 01117184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Speech.dll
2016-06-01 08:33 - 2016-03-29 08:30 - 01139712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll
2016-06-01 08:33 - 2016-03-29 08:29 - 00256000 _____ (Microsoft Corporation) C:\WINDOWS\system32\accountaccessor.dll
2016-06-01 08:33 - 2016-03-29 08:28 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Cred.dll
2016-06-01 08:33 - 2016-03-29 08:27 - 00245760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TextInputFramework.dll
2016-06-01 08:33 - 2016-03-29 08:27 - 00162816 _____ C:\WINDOWS\SysWOW64\MTF.dll
2016-06-01 08:33 - 2016-03-29 08:27 - 00133632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Core.TextInput.dll
2016-06-01 08:33 - 2016-03-29 08:23 - 00777728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MsSpellCheckingFacility.dll
2016-06-01 08:33 - 2016-03-29 08:17 - 00765952 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2016-06-01 08:33 - 2016-03-29 08:14 - 01072128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.Http.dll
2016-06-01 08:33 - 2016-03-29 08:13 - 00592384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.dll
2016-06-01 08:33 - 2016-03-29 08:05 - 01388032 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2016-06-01 08:33 - 2016-03-29 08:05 - 00361472 _____ (Microsoft Corporation) C:\WINDOWS\system32\bdesvc.dll
2016-06-01 08:33 - 2016-03-29 08:04 - 00688640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Connectivity.dll
2016-06-01 08:33 - 2016-03-29 08:01 - 00957952 _____ (Microsoft Corporation) C:\WINDOWS\system32\IKEEXT.DLL
2016-06-01 08:33 - 2016-03-29 07:45 - 00338432 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncbservice.dll
2016-06-01 08:33 - 2016-03-29 07:43 - 00521728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.Connectivity.dll
2016-06-01 08:33 - 2016-03-29 07:35 - 00821248 _____ (Microsoft Corporation) C:\WINDOWS\system32\fvewiz.dll
2016-06-01 08:33 - 2016-03-29 07:28 - 00324608 _____ (Microsoft Corporation) C:\WINDOWS\system32\fvecpl.dll
2016-06-01 08:33 - 2016-03-29 07:27 - 00794112 _____ (Microsoft Corporation) C:\WINDOWS\system32\BFE.DLL
2016-06-01 08:33 - 2016-03-29 07:26 - 00958976 _____ (Microsoft Corporation) C:\WINDOWS\system32\RemoteNaturalLanguage.dll
2016-06-01 08:33 - 2016-03-29 07:26 - 00402432 _____ (Microsoft Corporation) C:\WINDOWS\system32\FWPUCLNT.DLL
2016-06-01 08:33 - 2016-03-29 07:25 - 00712704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RemoteNaturalLanguage.dll
2016-06-01 08:33 - 2016-03-29 07:25 - 00269824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FWPUCLNT.DLL
2016-06-01 08:33 - 2016-03-29 07:21 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\system32\basesrv.dll
2016-06-01 08:33 - 2016-03-01 07:31 - 00848168 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2016-06-01 08:33 - 2016-03-01 07:22 - 00709688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2016-06-01 08:33 - 2016-02-24 11:34 - 01613664 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2016-06-01 08:33 - 2016-02-24 10:58 - 00794888 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfds.dll
2016-06-01 08:33 - 2016-02-24 10:54 - 00127840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBSTOR.SYS
2016-06-01 08:33 - 2016-02-24 10:43 - 00625000 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipSVC.dll
2016-06-01 08:33 - 2016-02-24 10:39 - 00141560 _____ (Microsoft Corporation) C:\WINDOWS\system32\AuthHost.exe
2016-06-01 08:33 - 2016-02-24 10:19 - 00670928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfds.dll
2016-06-01 08:33 - 2016-02-24 10:11 - 00258280 _____ (Microsoft Corporation) C:\WINDOWS\system32\sqmapi.dll
2016-06-01 08:33 - 2016-02-24 10:09 - 00640472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2016-06-01 08:33 - 2016-02-24 10:09 - 00147808 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe
2016-06-01 08:33 - 2016-02-24 09:39 - 00045568 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTypeHelperUtil.dll
2016-06-01 08:33 - 2016-02-24 09:39 - 00023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExtrasXmlParser.dll
2016-06-01 08:33 - 2016-02-24 09:38 - 00111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTimeUtil.dll
2016-06-01 08:33 - 2016-02-24 09:37 - 00045056 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataLanguageUtil.dll
2016-06-01 08:33 - 2016-02-24 09:36 - 00060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\PimIndexMaintenanceClient.dll
2016-06-01 08:33 - 2016-02-24 09:35 - 00220064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sqmapi.dll
2016-06-01 08:33 - 2016-02-24 09:33 - 00538736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2016-06-01 08:33 - 2016-02-24 09:33 - 00141664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wermgr.exe
2016-06-01 08:33 - 2016-02-24 09:30 - 00025600 _____ (Microsoft Corporation) C:\WINDOWS\system32\wfapigp.dll
2016-06-01 08:33 - 2016-02-24 09:28 - 00070656 _____ (Microsoft Corporation) C:\WINDOWS\system32\POSyncServices.dll
2016-06-01 08:33 - 2016-02-24 09:23 - 00091648 _____ (Microsoft Corporation) C:\WINDOWS\system32\asycfilt.dll
2016-06-01 08:33 - 2016-02-24 09:23 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataPlatformHelperUtil.dll
2016-06-01 08:33 - 2016-02-24 09:20 - 00195072 _____ (Microsoft Corporation) C:\WINDOWS\system32\VCardParser.dll
2016-06-01 08:33 - 2016-02-24 09:19 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\dssvc.dll
2016-06-01 08:33 - 2016-02-24 09:19 - 00031232 _____ (Microsoft Corporation) C:\WINDOWS\system32\seclogon.dll
2016-06-01 08:33 - 2016-02-24 09:14 - 00274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExSMime.dll
2016-06-01 08:33 - 2016-02-24 09:13 - 00121856 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppointmentActivation.dll
2016-06-01 08:33 - 2016-02-24 09:12 - 00243712 _____ (Microsoft Corporation) C:\WINDOWS\system32\cemapi.dll
2016-06-01 08:33 - 2016-02-24 09:12 - 00221184 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneCallHistoryApis.dll
2016-06-01 08:33 - 2016-02-24 09:10 - 00093184 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpninprc.dll
2016-06-01 08:33 - 2016-02-24 09:09 - 00258560 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataAccountApis.dll
2016-06-01 08:33 - 2016-02-24 09:09 - 00161792 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxSip.dll
2016-06-01 08:33 - 2016-02-24 09:07 - 00252928 _____ (Microsoft Corporation) C:\WINDOWS\system32\PimIndexMaintenance.dll
2016-06-01 08:33 - 2016-02-24 09:02 - 00161280 _____ (Microsoft Corporation) C:\WINDOWS\system32\CallHistoryClient.dll
2016-06-01 08:33 - 2016-02-24 09:01 - 00146432 _____ (Microsoft Corporation) C:\WINDOWS\system32\AuthBroker.dll
2016-06-01 08:33 - 2016-02-24 09:01 - 00067584 _____ (Microsoft Corporation) C:\WINDOWS\system32\profext.dll
2016-06-01 08:33 - 2016-02-24 09:00 - 00214528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Scanners.dll
2016-06-01 08:33 - 2016-02-24 08:59 - 00450560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Bluetooth.dll
2016-06-01 08:33 - 2016-02-24 08:59 - 00360448 _____ (Microsoft Corporation) C:\WINDOWS\system32\vaultsvc.dll
2016-06-01 08:33 - 2016-02-24 08:59 - 00318976 _____ (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll
2016-06-01 08:33 - 2016-02-24 08:58 - 00685568 _____ (Microsoft Corporation) C:\WINDOWS\system32\scapi.dll
2016-06-01 08:33 - 2016-02-24 08:55 - 00790528 _____ (Microsoft Corporation) C:\WINDOWS\system32\EmailApis.dll
2016-06-01 08:33 - 2016-02-24 08:55 - 00224256 _____ (Microsoft Corporation) C:\WINDOWS\system32\PackageStateRoaming.dll
2016-06-01 08:33 - 2016-02-24 08:55 - 00018944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExtrasXmlParser.dll
2016-06-01 08:33 - 2016-02-24 08:54 - 00526336 _____ (Microsoft Corporation) C:\WINDOWS\system32\FirewallAPI.dll
2016-06-01 08:33 - 2016-02-24 08:54 - 00288768 _____ (Microsoft Corporation) C:\WINDOWS\system32\vaultcli.dll
2016-06-01 08:33 - 2016-02-24 08:54 - 00228352 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsqmcons.exe
2016-06-01 08:33 - 2016-02-24 08:54 - 00037888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTypeHelperUtil.dll
2016-06-01 08:33 - 2016-02-24 08:53 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTimeUtil.dll
2016-06-01 08:33 - 2016-02-24 08:53 - 00037888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataLanguageUtil.dll
2016-06-01 08:33 - 2016-02-24 08:52 - 00451584 _____ (Microsoft Corporation) C:\WINDOWS\system32\werui.dll
2016-06-01 08:33 - 2016-02-24 08:52 - 00048128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PimIndexMaintenanceClient.dll
2016-06-01 08:33 - 2016-02-24 08:49 - 00726528 _____ (Microsoft Corporation) C:\WINDOWS\system32\ChatApis.dll
2016-06-01 08:33 - 2016-02-24 08:44 - 00915456 _____ (Microsoft Corporation) C:\WINDOWS\system32\configurationclient.dll
2016-06-01 08:33 - 2016-02-24 08:44 - 00700416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppointmentApis.dll
2016-06-01 08:33 - 2016-02-24 08:44 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\POSyncServices.dll
2016-06-01 08:33 - 2016-02-24 08:43 - 00286720 _____ (Microsoft Corporation) C:\WINDOWS\system32\deviceaccess.dll
2016-06-01 08:33 - 2016-02-24 08:40 - 01224704 _____ (Microsoft Corporation) C:\WINDOWS\system32\Unistore.dll
2016-06-01 08:33 - 2016-02-24 08:40 - 00078848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\asycfilt.dll
2016-06-01 08:33 - 2016-02-24 08:40 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataPlatformHelperUtil.dll
2016-06-01 08:33 - 2016-02-24 08:38 - 00150528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VCardParser.dll
2016-06-01 08:33 - 2016-02-24 08:36 - 01847808 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPDMC.exe
2016-06-01 08:33 - 2016-02-24 08:34 - 00938496 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContactApis.dll
2016-06-01 08:33 - 2016-02-24 08:32 - 00223744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExSMime.dll
2016-06-01 08:33 - 2016-02-24 08:32 - 00098304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppointmentActivation.dll
2016-06-01 08:33 - 2016-02-24 08:31 - 00200704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cemapi.dll
2016-06-01 08:33 - 2016-02-24 08:31 - 00169984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhoneCallHistoryApis.dll
2016-06-01 08:33 - 2016-02-24 08:28 - 00196608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataAccountApis.dll
2016-06-01 08:33 - 2016-02-24 08:28 - 00135168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxSip.dll
2016-06-01 08:33 - 2016-02-24 08:25 - 00401408 _____ (Microsoft Corporation) C:\WINDOWS\system32\sharemediacpl.dll
2016-06-01 08:33 - 2016-02-24 08:23 - 00129024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CallHistoryClient.dll
2016-06-01 08:33 - 2016-02-24 08:22 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\profext.dll
2016-06-01 08:33 - 2016-02-24 08:21 - 00315904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Bluetooth.dll
2016-06-01 08:33 - 2016-02-24 08:21 - 00168448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Scanners.dll
2016-06-01 08:33 - 2016-02-24 08:18 - 00575488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EmailApis.dll
2016-06-01 08:33 - 2016-02-24 08:18 - 00184832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PackageStateRoaming.dll
2016-06-01 08:33 - 2016-02-24 08:17 - 00369664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FirewallAPI.dll
2016-06-01 08:33 - 2016-02-24 08:16 - 00394752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werui.dll
2016-06-01 08:33 - 2016-02-24 08:13 - 00540160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ChatApis.dll
2016-06-01 08:33 - 2016-02-24 08:09 - 00552960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppointmentApis.dll
2016-06-01 08:33 - 2016-02-24 08:09 - 00228352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\deviceaccess.dll
2016-06-01 08:33 - 2016-02-24 08:07 - 00949248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Unistore.dll
2016-06-01 08:33 - 2016-02-24 08:04 - 01497088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMPDMC.exe
2016-06-01 08:33 - 2016-02-24 08:03 - 00769536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ContactApis.dll
2016-06-01 08:33 - 2016-02-24 07:43 - 00184320 _____ (Microsoft Corporation) C:\WINDOWS\system32\fwbase.dll
2016-06-01 08:33 - 2016-02-24 07:22 - 00163328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fwbase.dll
2016-06-01 08:33 - 2016-02-23 13:25 - 00563552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\acpi.sys
2016-06-01 08:33 - 2016-02-23 13:15 - 00779384 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskschd.dll
2016-06-01 08:33 - 2016-02-23 12:32 - 01152328 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
2016-06-01 08:33 - 2016-02-23 12:31 - 01017032 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsrcsnk.dll
2016-06-01 08:33 - 2016-02-23 12:31 - 00819648 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2016-06-01 08:33 - 2016-02-23 12:31 - 00536256 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2016-06-01 08:33 - 2016-02-23 12:31 - 00476728 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll
2016-06-01 08:33 - 2016-02-23 12:31 - 00408120 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2016-06-01 08:33 - 2016-02-23 12:22 - 00572272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\taskschd.dll
2016-06-01 08:33 - 2016-02-23 12:17 - 00146272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\appid.sys
2016-06-01 08:33 - 2016-02-23 11:40 - 00430944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2016-06-01 08:33 - 2016-02-23 11:38 - 00980352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll
2016-06-01 08:33 - 2016-02-23 11:38 - 00895080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsrcsnk.dll
2016-06-01 08:33 - 2016-02-23 11:38 - 00882720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2016-06-01 08:33 - 2016-02-23 11:38 - 00420928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvproc.dll
2016-06-01 08:33 - 2016-02-23 11:37 - 00713824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2016-06-01 08:33 - 2016-02-23 11:27 - 00376536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.MediaControl.dll
2016-06-01 08:33 - 2016-02-23 11:20 - 00238592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\xboxgip.sys
2016-06-01 08:33 - 2016-02-23 11:12 - 00077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\provpackageapidll.dll
2016-06-01 08:33 - 2016-02-23 11:10 - 00027648 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiConfigSP.dll
2016-06-01 08:33 - 2016-02-23 11:07 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvcpal.dll
2016-06-01 08:33 - 2016-02-23 11:06 - 00129536 _____ (Microsoft Corporation) C:\WINDOWS\system32\flvprophandler.dll
2016-06-01 08:33 - 2016-02-23 11:01 - 00104960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rasl2tp.sys
2016-06-01 08:33 - 2016-02-23 11:00 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\wfdprov.dll
2016-06-01 08:33 - 2016-02-23 10:58 - 00025088 _____ (Microsoft Corporation) C:\WINDOWS\system32\irmon.dll
2016-06-01 08:33 - 2016-02-23 10:55 - 00114688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bridge.sys
2016-06-01 08:33 - 2016-02-23 10:53 - 00099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngckeyenum.dll
2016-06-01 08:33 - 2016-02-23 10:40 - 00074240 _____ (Microsoft Corporation) C:\WINDOWS\system32\SMSRouter.dll
2016-06-01 08:33 - 2016-02-23 10:39 - 00178176 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll
2016-06-01 08:33 - 2016-02-23 10:38 - 00320000 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSFlacDecoder.dll
2016-06-01 08:33 - 2016-02-23 10:38 - 00287712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.MediaControl.dll
2016-06-01 08:33 - 2016-02-23 10:37 - 00274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\DisplayManager.dll
2016-06-01 08:33 - 2016-02-23 10:36 - 00216576 _____ (Microsoft Corporation) C:\WINDOWS\system32\QuickActionsDataModel.dll
2016-06-01 08:33 - 2016-02-23 10:34 - 00305664 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifiprofilessettinghandler.dll
2016-06-01 08:33 - 2016-02-23 10:34 - 00189952 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiDisplay.dll
2016-06-01 08:33 - 2016-02-23 10:31 - 00463360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansec.dll
2016-06-01 08:33 - 2016-02-23 10:29 - 00591872 _____ (Microsoft Corporation) C:\WINDOWS\system32\SmsRouterSvc.dll
2016-06-01 08:33 - 2016-02-23 10:28 - 00275456 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2016-06-01 08:33 - 2016-02-23 10:27 - 00307712 _____ (Microsoft Corporation) C:\WINDOWS\system32\usbmon.dll
2016-06-01 08:33 - 2016-02-23 10:26 - 00372224 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDEServer.exe
2016-06-01 08:33 - 2016-02-23 10:23 - 00412672 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanmsm.dll
2016-06-01 08:33 - 2016-02-23 10:22 - 00567808 _____ (Microsoft Corporation) C:\WINDOWS\system32\MCRecvSrc.dll
2016-06-01 08:33 - 2016-02-23 10:20 - 00847360 _____ (Microsoft Corporation) C:\WINDOWS\system32\netlogon.dll
2016-06-01 08:33 - 2016-02-23 10:20 - 00493568 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmkvsrcsnk.dll
2016-06-01 08:33 - 2016-02-23 10:19 - 00517632 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2016-06-01 08:33 - 2016-02-23 10:14 - 00828928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.AccountsControl.dll
2016-06-01 08:33 - 2016-02-23 10:04 - 01131520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Audio.dll
2016-06-01 08:33 - 2016-02-23 10:04 - 00382464 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2016-06-01 08:33 - 2016-02-23 10:02 - 00755712 _____ (Microsoft Corporation) C:\WINDOWS\system32\spoolsv.exe
2016-06-01 08:33 - 2016-02-23 10:02 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb10.sys
2016-06-01 08:33 - 2016-02-23 09:58 - 00163840 _____ (Microsoft Corporation) C:\WINDOWS\system32\TimeBrokerServer.dll
2016-06-01 08:33 - 2016-02-23 09:52 - 00456704 _____ (Microsoft Corporation) C:\WINDOWS\system32\ipnathlp.dll
2016-06-01 08:33 - 2016-02-23 09:50 - 00266752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSFlacDecoder.dll
2016-06-01 08:33 - 2016-02-23 09:49 - 00200704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DisplayManager.dll
2016-06-01 08:33 - 2016-02-23 09:48 - 00838144 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll
2016-06-01 08:33 - 2016-02-23 09:47 - 00157184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WiFiDisplay.dll
2016-06-01 08:33 - 2016-02-23 09:38 - 00480256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MCRecvSrc.dll
2016-06-01 08:33 - 2016-02-23 09:37 - 01118208 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2016-06-01 08:33 - 2016-02-23 09:36 - 00713728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netlogon.dll
2016-06-01 08:33 - 2016-02-23 09:36 - 00379392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmkvsrcsnk.dll
2016-06-01 08:33 - 2016-02-23 09:35 - 00400896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2016-06-01 08:33 - 2016-02-23 09:31 - 00585216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.AccountsControl.dll
2016-06-01 08:33 - 2016-02-23 09:24 - 01105920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Audio.dll
2016-06-01 08:33 - 2016-02-23 09:01 - 02295808 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2016-06-01 08:33 - 2016-02-09 05:18 - 00297472 _____ (Microsoft Corporation) C:\WINDOWS\system32\thumbcache.dll
2016-06-01 08:33 - 2016-02-09 05:18 - 00237056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\thumbcache.dll
2016-06-01 08:33 - 2016-01-27 07:57 - 00820704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll
2016-06-01 08:33 - 2016-01-27 07:55 - 00081112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OpenWith.exe
2016-06-01 08:33 - 2016-01-27 07:46 - 01270072 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2016-06-01 08:33 - 2016-01-27 07:44 - 00085320 _____ (Microsoft Corporation) C:\WINDOWS\system32\OpenWith.exe
2016-06-01 08:33 - 2016-01-27 07:15 - 00031232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ztrace_maps.dll
2016-06-01 08:33 - 2016-01-27 07:10 - 00099840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hlink.dll
2016-06-01 08:33 - 2016-01-27 07:08 - 00299008 _____ (Microsoft Corporation) C:\WINDOWS\system32\microsoft-windows-system-events.dll
2016-06-01 08:33 - 2016-01-27 07:08 - 00036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\ztrace_maps.dll
2016-06-01 08:33 - 2016-01-27 07:07 - 00203264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iassam.dll
2016-06-01 08:33 - 2016-01-27 07:02 - 00109056 _____ (Microsoft Corporation) C:\WINDOWS\system32\hlink.dll
2016-06-01 08:33 - 2016-01-27 06:59 - 00258048 _____ (Microsoft Corporation) C:\WINDOWS\system32\iassam.dll
2016-06-01 08:33 - 2016-01-27 06:50 - 00144384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxdav.sys
2016-06-01 08:33 - 2016-01-27 06:44 - 00063488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cfgbkend.dll
2016-06-01 08:33 - 2016-01-27 06:31 - 00079360 _____ (Microsoft Corporation) C:\WINDOWS\system32\cfgbkend.dll
2016-06-01 08:33 - 2016-01-16 08:37 - 00202472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscapi.dll
2016-06-01 08:33 - 2016-01-16 08:24 - 00538632 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWanAPI.dll
2016-06-01 08:33 - 2016-01-16 08:23 - 00785088 _____ (Microsoft Corporation) C:\WINDOWS\system32\evr.dll
2016-06-01 08:33 - 2016-01-16 08:20 - 00652312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\evr.dll
2016-06-01 08:33 - 2016-01-16 08:20 - 00431240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWanAPI.dll
2016-06-01 08:33 - 2016-01-16 08:20 - 00366224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AUDIOKSE.dll
2016-06-01 08:33 - 2016-01-16 08:19 - 00405568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2016-06-01 08:33 - 2016-01-16 08:12 - 01415200 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2016-06-01 08:33 - 2016-01-16 08:08 - 01174008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2016-06-01 08:33 - 2016-01-16 08:08 - 00440152 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe
2016-06-01 08:33 - 2016-01-16 07:44 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasadhlp.dll
2016-06-01 08:33 - 2016-01-16 07:42 - 00013824 _____ (Microsoft Corporation) C:\WINDOWS\system32\sscoreext.dll
2016-06-01 08:33 - 2016-01-16 07:41 - 00055296 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2016-06-01 08:33 - 2016-01-16 07:40 - 00049152 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcaui.exe
2016-06-01 08:33 - 2016-01-16 07:40 - 00019456 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasautou.exe
2016-06-01 08:33 - 2016-01-16 07:39 - 00149504 _____ (Microsoft Corporation) C:\WINDOWS\system32\FilterDS.dll
2016-06-01 08:33 - 2016-01-16 07:38 - 00193024 _____ (Microsoft Corporation) C:\WINDOWS\system32\SimCfg.dll
2016-06-01 08:33 - 2016-01-16 07:36 - 00475648 _____ (Microsoft Corporation) C:\WINDOWS\system32\DDDS.dll
2016-06-01 08:33 - 2016-01-16 07:36 - 00221696 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2016-06-01 08:33 - 2016-01-16 07:36 - 00160768 _____ (Microsoft Corporation) C:\WINDOWS\system32\SimAuth.dll
2016-06-01 08:33 - 2016-01-16 07:35 - 00383488 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2016-06-01 08:33 - 2016-01-16 07:34 - 00477696 _____ (Microsoft Corporation) C:\WINDOWS\system32\srcore.dll
2016-06-01 08:33 - 2016-01-16 07:33 - 00726528 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidcli.dll
2016-06-01 08:33 - 2016-01-16 07:33 - 00574976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.UX.EapRequestHandler.dll
2016-06-01 08:33 - 2016-01-16 07:32 - 00621568 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbiosrvc.dll
2016-06-01 08:33 - 2016-01-16 07:32 - 00041984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pcaui.exe
2016-06-01 08:33 - 2016-01-16 07:31 - 00343552 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsApi.dll
2016-06-01 08:33 - 2016-01-16 07:31 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasautou.exe
2016-06-01 08:33 - 2016-01-16 07:30 - 02127360 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2016-06-01 08:33 - 2016-01-16 07:30 - 00157696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SimCfg.dll
2016-06-01 08:33 - 2016-01-16 07:29 - 01500672 _____ (Microsoft Corporation) C:\WINDOWS\system32\RecoveryDrive.exe
2016-06-01 08:33 - 2016-01-16 07:28 - 00884736 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasdlg.dll
2016-06-01 08:33 - 2016-01-16 07:28 - 00129024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SimAuth.dll
2016-06-01 08:33 - 2016-01-16 07:27 - 00335872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2016-06-01 08:33 - 2016-01-16 07:26 - 00260608 _____ C:\WINDOWS\system32\MTFServer.dll
2016-06-01 08:33 - 2016-01-16 07:25 - 00510976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidcli.dll
2016-06-01 08:33 - 2016-01-16 07:24 - 00273408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsApi.dll
2016-06-01 08:33 - 2016-01-16 07:23 - 02050048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2016-06-01 08:33 - 2016-01-16 07:20 - 00799744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasdlg.dll
2016-06-01 08:33 - 2016-01-16 07:19 - 00733184 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasapi32.dll
2016-06-01 08:33 - 2016-01-16 07:18 - 01674240 _____ (Microsoft Corporation) C:\WINDOWS\system32\quartz.dll
2016-06-01 08:33 - 2016-01-16 07:16 - 01542656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\quartz.dll
2016-06-01 08:33 - 2016-01-16 07:11 - 00653312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasapi32.dll
2016-06-01 08:33 - 2016-01-05 04:50 - 00671472 _____ (Microsoft Corporation) C:\WINDOWS\system32\advapi32.dll
2016-06-01 08:33 - 2016-01-05 04:48 - 00499432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\advapi32.dll
2016-06-01 08:33 - 2016-01-05 04:37 - 00858952 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetcore.dll
2016-06-01 08:33 - 2016-01-05 04:37 - 00245840 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2016-06-01 08:33 - 2016-01-05 04:37 - 00234504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mftranscode.dll
2016-06-01 08:33 - 2016-01-05 04:33 - 01118208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetsrc.dll
2016-06-01 08:33 - 2016-01-05 04:33 - 00701384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetcore.dll
2016-06-01 08:33 - 2016-01-05 04:33 - 00208176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mftranscode.dll
2016-06-01 08:33 - 2016-01-05 04:33 - 00116728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfps.dll
2016-06-01 08:33 - 2016-01-05 04:23 - 01804664 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMALFXGFXDSP.dll
2016-06-01 08:33 - 2016-01-05 04:23 - 00786696 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMADMOD.DLL
2016-06-01 08:33 - 2016-01-05 04:23 - 00119320 _____ (Microsoft Corporation) C:\WINDOWS\system32\MP3DMOD.DLL
2016-06-01 08:33 - 2016-01-05 04:17 - 00695752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMADMOD.DLL
2016-06-01 08:33 - 2016-01-05 04:16 - 00100160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MP3DMOD.DLL
2016-06-01 08:33 - 2016-01-05 03:57 - 00076288 _____ (Microsoft Corporation) C:\WINDOWS\system32\RMSRoamingSecurity.dll
2016-06-01 08:33 - 2016-01-05 03:57 - 00043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\usermgrcli.dll
2016-06-01 08:33 - 2016-01-05 03:53 - 00148992 _____ (Microsoft Corporation) C:\WINDOWS\system32\wshom.ocx
2016-06-01 08:33 - 2016-01-05 03:51 - 00472576 _____ (Microsoft Corporation) C:\WINDOWS\system32\DscCore.dll
2016-06-01 08:33 - 2016-01-05 03:51 - 00248832 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserMgrProxy.dll
2016-06-01 08:33 - 2016-01-05 03:50 - 00644096 _____ (Microsoft Corporation) C:\WINDOWS\system32\uReFS.dll
2016-06-01 08:33 - 2016-01-05 03:49 - 01582080 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitstatic.exe
2016-06-01 08:33 - 2016-01-05 03:49 - 01255936 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMSPDMOE.DLL
2016-06-01 08:33 - 2016-01-05 03:49 - 00749056 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneService.dll
2016-06-01 08:33 - 2016-01-05 03:49 - 00167936 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProximityCommon.dll
2016-06-01 08:33 - 2016-01-05 03:48 - 01009152 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMSPDMOD.DLL
2016-06-01 08:33 - 2016-01-05 03:48 - 00387072 _____ (Microsoft Corporation) C:\WINDOWS\system32\qdvd.dll
2016-06-01 08:33 - 2016-01-05 03:48 - 00034816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usermgrcli.dll
2016-06-01 08:33 - 2016-01-05 03:47 - 00305664 _____ (Microsoft Corporation) C:\WINDOWS\system32\ksproxy.ax
2016-06-01 08:33 - 2016-01-05 03:45 - 00678912 _____ (Microsoft Corporation) C:\WINDOWS\system32\qedit.dll
2016-06-01 08:33 - 2016-01-05 03:45 - 00275968 _____ (Microsoft Corporation) C:\WINDOWS\system32\facecredentialprovider.dll
2016-06-01 08:33 - 2016-01-05 03:44 - 00125440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wshom.ocx
2016-06-01 08:33 - 2016-01-05 03:43 - 00912384 _____ (Microsoft Corporation) C:\WINDOWS\system32\usermgr.dll
2016-06-01 08:33 - 2016-01-05 03:41 - 01070080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMSPDMOE.DLL
2016-06-01 08:33 - 2016-01-05 03:41 - 00558592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\uReFS.dll
2016-06-01 08:33 - 2016-01-05 03:40 - 00890880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMSPDMOD.DLL
2016-06-01 08:33 - 2016-01-05 03:40 - 00123392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ProximityCommon.dll
2016-06-01 08:33 - 2016-01-05 03:39 - 00569856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\qdvd.dll
2016-06-01 08:33 - 2016-01-05 03:39 - 00235008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ksproxy.ax
2016-06-01 08:33 - 2016-01-05 03:36 - 00573440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\qedit.dll
2016-06-01 08:33 - 2015-12-07 06:48 - 00526856 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfreadwrite.dll
2016-06-01 08:33 - 2015-12-07 06:48 - 00462760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfreadwrite.dll
2016-06-01 08:33 - 2015-12-07 06:48 - 00337840 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFPlay.dll
2016-06-01 08:33 - 2015-12-07 06:48 - 00289248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFPlay.dll
2016-06-01 08:33 - 2015-12-07 06:45 - 00264544 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContentDeliveryManager.Utilities.dll
2016-06-01 08:33 - 2015-12-07 06:15 - 01035776 _____ (Microsoft Corporation) C:\WINDOWS\system32\XboxNetApiSvc.dll
2016-06-01 08:33 - 2015-12-07 06:10 - 00824320 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll
2016-06-01 08:33 - 2015-12-07 06:07 - 00077312 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProvPluginEng.dll
2016-06-01 08:33 - 2015-12-07 06:06 - 00572928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll
2016-06-01 08:33 - 2015-12-07 06:06 - 00231936 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCore.dll
2016-06-01 08:33 - 2015-12-07 06:04 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\system32\provtool.exe
2016-06-01 08:33 - 2015-12-07 05:59 - 00165376 _____ (Microsoft Corporation) C:\WINDOWS\system32\provdatastore.dll
2016-06-01 08:33 - 2015-12-07 05:45 - 00900608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.BackgroundTransfer.dll
2016-06-01 08:33 - 2015-12-07 05:45 - 00683008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.BackgroundTransfer.dll
2016-06-01 08:33 - 2015-12-07 05:43 - 00931328 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSMPEG2ENC.DLL
2016-06-01 08:33 - 2015-12-07 05:38 - 00871936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSMPEG2ENC.DLL
2016-06-01 08:33 - 2015-12-07 05:32 - 00126464 _____ (Microsoft Corporation) C:\WINDOWS\system32\dialserver.dll
2016-06-01 08:33 - 2015-11-24 11:37 - 00147968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rmcast.sys
2016-06-01 08:33 - 2015-11-24 11:19 - 00182784 _____ (Microsoft Corporation) C:\WINDOWS\system32\shutdownux.dll
2016-06-01 08:33 - 2015-11-24 11:12 - 00523776 _____ (Microsoft Corporation) C:\WINDOWS\system32\catsrvut.dll
2016-06-01 08:33 - 2015-11-24 10:52 - 01717248 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2016-06-01 08:33 - 2015-11-24 10:49 - 01648640 _____ (Microsoft Corporation) C:\WINDOWS\system32\comsvcs.dll
2016-06-01 08:33 - 2015-11-24 10:14 - 00415744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\catsrvut.dll
2016-06-01 08:33 - 2015-11-24 09:59 - 01467392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2016-06-01 08:33 - 2015-11-24 09:57 - 01328128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comsvcs.dll
2016-06-01 08:33 - 2015-11-24 09:29 - 02352128 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2016-06-01 08:33 - 2015-11-24 09:04 - 02155008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2016-06-01 08:33 - 2015-11-22 12:34 - 00080600 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwapi.dll
2016-06-01 08:33 - 2015-11-22 12:33 - 00095072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdstor.sys
2016-06-01 08:33 - 2015-11-22 12:33 - 00051680 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsUtilsV2.dll
2016-06-01 08:33 - 2015-11-22 12:25 - 00063528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wwapi.dll
2016-06-01 08:33 - 2015-11-22 11:55 - 00070656 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblAuthManagerProxy.dll
2016-06-01 08:33 - 2015-11-22 11:54 - 00117248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\capimg.sys
2016-06-01 08:33 - 2015-11-22 11:50 - 00074240 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssign32.dll
2016-06-01 08:33 - 2015-11-22 11:43 - 00704000 _____ (Microsoft Corporation) C:\WINDOWS\system32\CellularAPI.dll
2016-06-01 08:33 - 2015-11-22 11:43 - 00041984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XblAuthManagerProxy.dll
2016-06-01 08:33 - 2015-11-22 11:42 - 00589312 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApi.dll
2016-06-01 08:33 - 2015-11-22 11:38 - 00060928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssign32.dll
2016-06-01 08:33 - 2015-11-22 11:36 - 01042432 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingOnlineServices.dll
2016-06-01 08:33 - 2015-11-22 11:32 - 00340480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToDevice.dll
2016-06-01 08:33 - 2015-11-22 11:31 - 00470528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MbaeApi.dll
2016-06-01 08:33 - 2015-11-22 11:28 - 00870400 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2016-06-01 08:33 - 2015-11-22 11:26 - 00709120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingOnlineServices.dll
2016-06-01 08:33 - 2015-11-22 11:18 - 00697856 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToManager.dll
2016-06-01 08:33 - 2015-11-22 11:18 - 00458752 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToDevice.dll
2016-06-01 08:33 - 2015-11-22 11:11 - 00517632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToManager.dll
2016-06-01 08:33 - 2015-11-21 07:44 - 00204800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft-Windows-AppModelExecEvents.dll
2016-06-01 08:33 - 2015-11-13 08:55 - 00035680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wimmount.sys
2016-06-01 08:33 - 2015-11-13 08:51 - 00698208 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimgapi.dll
2016-06-01 08:33 - 2015-11-13 08:51 - 00523616 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimserv.exe
2016-06-01 08:33 - 2015-11-13 08:43 - 00586208 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2016-06-01 08:33 - 2015-11-13 08:43 - 00110032 _____ (Microsoft Corporation) C:\WINDOWS\system32\EncDump.dll
2016-06-01 08:33 - 2015-11-13 08:43 - 00035656 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfpmp.exe
2016-06-01 08:33 - 2015-11-13 08:42 - 00516544 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2016-06-01 08:33 - 2015-11-13 08:42 - 00088392 _____ (Microsoft Corporation) C:\WINDOWS\system32\remoteaudioendpoint.dll
2016-06-01 08:33 - 2015-11-13 08:33 - 00911648 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcomp.dll
2016-06-01 08:33 - 2015-11-13 08:33 - 00586080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wimgapi.dll
2016-06-01 08:33 - 2015-11-13 08:21 - 00511320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf.dll
2016-06-01 08:33 - 2015-11-13 08:21 - 00454056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
2016-06-01 08:33 - 2015-11-13 08:21 - 00073360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\remoteaudioendpoint.dll
2016-06-01 08:33 - 2015-11-13 08:21 - 00032040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfpmp.exe
2016-06-01 08:33 - 2015-11-13 08:09 - 00675064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dcomp.dll
2016-06-01 08:33 - 2015-11-05 14:05 - 00118624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tdx.sys
2016-06-01 08:33 - 2015-11-05 12:25 - 00578912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afd.sys
2016-06-01 08:32 - 2016-06-01 08:32 - 00000000 ____D C:\Users\Gerhard\AppData\Local\NetworkTiles
2016-06-01 08:32 - 2016-04-23 06:33 - 00089600 _____ (Microsoft Corporation) C:\WINDOWS\system32\NFCProvisioningPlugin.dll
2016-06-01 08:32 - 2016-04-23 06:33 - 00063488 _____ (Microsoft Corporation) C:\WINDOWS\system32\wshbth.dll
2016-06-01 08:32 - 2016-04-23 06:32 - 00134656 _____ (Microsoft Corporation) C:\WINDOWS\system32\wificonnapi.dll
2016-06-01 08:32 - 2016-04-23 06:28 - 00051712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wshbth.dll
2016-06-01 08:32 - 2016-04-23 06:19 - 00395264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlansec.dll
2016-06-01 08:32 - 2016-04-23 04:10 - 00002186 _____ C:\WINDOWS\system32\AppxProvisioning.xml
2016-06-01 08:32 - 2016-04-19 00:30 - 00002186 _____ C:\WINDOWS\SysWOW64\AppxProvisioning.xml
2016-06-01 08:32 - 2016-03-29 10:16 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\xinputhid.sys
2016-06-01 08:32 - 2016-03-29 10:07 - 00034816 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenterprisediagnostics.dll
2016-06-01 08:32 - 2016-03-29 10:06 - 00012800 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleacchooks.dll
2016-06-01 08:32 - 2016-03-29 10:00 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetCfgNotifyObjectHost.exe
2016-06-01 08:32 - 2016-03-29 09:50 - 00107520 _____ (Microsoft Corporation) C:\WINDOWS\system32\BdeHdCfgLib.dll
2016-06-01 08:32 - 2016-03-29 09:20 - 00080384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsNativeApi.V2.dll
2016-06-01 08:32 - 2016-03-29 09:19 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleacchooks.dll
2016-06-01 08:32 - 2016-03-29 09:11 - 00061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\samlib.dll
2016-06-01 08:32 - 2016-03-29 09:05 - 00052736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OnDemandConnRouteHelper.dll
2016-06-01 08:32 - 2016-03-29 08:59 - 00108544 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputLocaleManager.dll
2016-06-01 08:32 - 2016-03-29 08:27 - 00083456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputLocaleManager.dll
2016-06-01 08:32 - 2016-02-24 09:22 - 00196608 _____ (Microsoft Corporation) C:\WINDOWS\system32\fwpolicyiomgr.dll
2016-06-01 08:32 - 2016-02-24 08:46 - 00020480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wfapigp.dll
2016-06-01 08:32 - 2016-02-24 08:39 - 00164864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fwpolicyiomgr.dll
2016-06-01 08:32 - 2016-02-23 11:07 - 00037376 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchWinApp.exe
2016-06-01 08:32 - 2016-02-23 10:53 - 00115712 _____ (Microsoft Corporation) C:\WINDOWS\system32\srpapi.dll
2016-06-01 08:32 - 2016-02-23 10:48 - 00041984 _____ (Microsoft Corporation) C:\WINDOWS\system32\TimeBrokerClient.dll
2016-06-01 08:32 - 2016-02-23 10:14 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LaunchWinApp.exe
2016-06-01 08:32 - 2016-02-23 09:57 - 00031744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TimeBrokerClient.dll
2016-06-01 08:32 - 2016-01-16 07:44 - 00013824 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastlsext.dll
2016-06-01 08:32 - 2016-01-16 07:43 - 00097280 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttpcom.dll
2016-06-01 08:32 - 2016-01-16 07:40 - 00106496 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasauto.dll
2016-06-01 08:32 - 2016-01-16 07:38 - 00130560 _____ (Microsoft Corporation) C:\WINDOWS\system32\winbio.dll
2016-06-01 08:32 - 2016-01-16 07:36 - 00011776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastlsext.dll
2016-06-01 08:32 - 2016-01-16 07:35 - 00013312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasadhlp.dll
2016-06-01 08:32 - 2016-01-16 07:34 - 00079360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttpcom.dll
2016-06-01 08:32 - 2016-01-16 07:30 - 00093696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winbio.dll
2016-06-01 08:32 - 2016-01-05 03:42 - 00166912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserMgrProxy.dll
2016-06-01 08:32 - 2015-12-07 06:15 - 00075776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.XboxLive.ProxyStub.dll
2016-06-01 08:32 - 2015-12-07 06:09 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorageUsage.dll
2016-06-01 08:32 - 2015-12-07 06:05 - 00036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\BackgroundTransferHost.exe
2016-06-01 08:32 - 2015-12-07 06:01 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BackgroundTransferHost.exe
2016-06-01 08:32 - 2015-11-24 12:01 - 02756096 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2016-06-01 08:32 - 2015-11-24 11:54 - 00007680 _____ (Microsoft Corporation) C:\WINDOWS\system32\readingviewresources.dll
2016-06-01 08:32 - 2015-11-24 11:53 - 00115200 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2016-06-01 08:32 - 2015-11-24 11:45 - 00018944 _____ (Microsoft Corporation) C:\WINDOWS\system32\wshrm.dll
2016-06-01 08:32 - 2015-11-24 10:54 - 02756096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2016-06-01 08:32 - 2015-11-22 12:00 - 00058368 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosResource.dll
2016-06-01 08:32 - 2015-11-22 11:57 - 00110592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft-Windows-MapControls.dll
2016-06-01 08:32 - 2015-11-22 11:57 - 00036352 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCoreRes.dll
2016-06-01 08:32 - 2015-11-22 11:57 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft-Windows-MosTrace.dll
2016-06-01 08:32 - 2015-11-22 11:57 - 00009728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft-Windows-MosHost.dll
2016-06-01 08:32 - 2015-11-22 11:56 - 01268736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll
2016-06-01 08:32 - 2015-11-22 11:56 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\ihvrilproxy.dll
2016-06-01 08:32 - 2015-11-22 11:56 - 00055808 _____ (Microsoft Corporation) C:\WINDOWS\system32\rilproxy.dll
2016-06-01 08:32 - 2015-11-22 11:55 - 00013312 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsBtSvcProxy.dll
2016-06-01 08:32 - 2015-11-22 11:54 - 00075264 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanprotdim.dll
2016-06-01 08:32 - 2015-11-22 11:54 - 00044032 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsplib.dll
2016-06-01 08:32 - 2015-11-22 11:54 - 00032256 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
2016-06-01 08:32 - 2015-11-22 11:54 - 00028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\WordBreakers.dll
2016-06-01 08:32 - 2015-11-22 11:54 - 00028160 _____ (Microsoft Corporation) C:\WINDOWS\system32\nativemap.dll
2016-06-01 08:32 - 2015-11-22 11:54 - 00003072 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlStringsRes.dll
2016-06-01 08:32 - 2015-11-22 11:52 - 00060928 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblAuthTokenBrokerExt.dll
2016-06-01 08:32 - 2015-11-22 11:51 - 00042496 _____ (Microsoft Corporation) C:\WINDOWS\system32\mapstoasttask.dll
2016-06-01 08:32 - 2015-11-22 11:51 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\system32\iernonce.dll
2016-06-01 08:32 - 2015-11-22 11:49 - 00066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesetup.dll
2016-06-01 08:32 - 2015-11-22 11:49 - 00052224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wwanpref.dll
2016-06-01 08:32 - 2015-11-22 11:48 - 00058368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MosResource.dll
2016-06-01 08:32 - 2015-11-22 11:45 - 06572032 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanmm.dll
2016-06-01 08:32 - 2015-11-22 11:45 - 00264192 _____ (Nokia) C:\WINDOWS\system32\NmaDirect.dll
2016-06-01 08:32 - 2015-11-22 11:45 - 00110592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Microsoft-Windows-MapControls.dll
         

Geändert von pinocchio (01.07.2016 um 21:32 Uhr)

Alt 01.07.2016, 21:30   #7
pinocchio
 
Banking Trojaner auf Smartphone, Online Konto gehackt, Login mit Laptop nicht möglich - Standard

Banking Trojaner auf Smartphone, Online Konto gehackt, Login mit Laptop nicht möglich



FRST.txt Teil 3

Code:
ATTFilter
2016-06-01 08:32 - 2015-11-22 11:45 - 00073728 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwancfg.dll
2016-06-01 08:32 - 2015-11-22 11:45 - 00036352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCoreRes.dll
2016-06-01 08:32 - 2015-11-22 11:45 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Microsoft-Windows-MosTrace.dll
2016-06-01 08:32 - 2015-11-22 11:45 - 00009728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Microsoft-Windows-MosHost.dll
2016-06-01 08:32 - 2015-11-22 11:44 - 01268736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Resources.dll
2016-06-01 08:32 - 2015-11-22 11:42 - 00024064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WordBreakers.dll
2016-06-01 08:32 - 2015-11-22 11:42 - 00003072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapControlStringsRes.dll
2016-06-01 08:32 - 2015-11-22 11:41 - 01814528 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnidui.dll
2016-06-01 08:32 - 2015-11-22 11:40 - 00465920 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanconn.dll
2016-06-01 08:32 - 2015-11-22 11:40 - 00049152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XblAuthTokenBrokerExt.dll
2016-06-01 08:32 - 2015-11-22 11:39 - 00114688 _____ (Microsoft Corporation) C:\WINDOWS\system32\offlinelsa.dll
2016-06-01 08:32 - 2015-11-22 11:34 - 00075264 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditBufferTestHook.dll
2016-06-01 08:32 - 2015-11-22 11:33 - 00205824 _____ (Nokia) C:\WINDOWS\SysWOW64\NmaDirect.dll
2016-06-01 08:32 - 2015-11-22 11:28 - 00100864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offlinelsa.dll
2016-06-01 08:32 - 2015-11-22 11:24 - 00059904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EditBufferTestHook.dll
2016-06-01 08:32 - 2015-11-13 08:07 - 00028160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.Provisioning.ProxyStub.dll
2016-06-01 08:32 - 2015-11-13 08:06 - 00052736 _____ (Microsoft Corporation) C:\WINDOWS\system32\RemovableMediaProvisioningPlugin.dll
2016-06-01 08:32 - 2015-11-13 08:05 - 00122368 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCsp.dll
2016-06-01 08:32 - 2015-11-13 08:05 - 00078336 _____ (Microsoft Corporation) C:\WINDOWS\system32\BarcodeProvisioningPlugin.dll
2016-06-01 08:32 - 2015-11-13 08:05 - 00043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.proxy.dll
2016-06-01 08:32 - 2015-11-13 08:05 - 00030720 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringconfigsp.dll
2016-06-01 08:32 - 2015-11-13 08:04 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\IcsEntitlementHost.exe
2016-06-01 08:32 - 2015-11-13 08:03 - 00052736 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringclient.dll
2016-06-01 08:32 - 2015-11-13 07:56 - 00163328 _____ (Microsoft Corporation) C:\WINDOWS\system32\provops.dll
2016-06-01 08:32 - 2015-11-13 07:40 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcastdvr.proxy.dll
2016-06-01 08:32 - 2015-11-13 07:34 - 00070656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppCapture.dll
2016-06-01 08:32 - 2015-11-13 07:30 - 00334336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcastdvr.exe
2016-06-01 08:32 - 2015-11-05 12:08 - 00014336 _____ (Microsoft Corporation) C:\WINDOWS\system32\dciman32.dll
2016-06-01 08:32 - 2015-11-05 12:08 - 00003072 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpk.dll
2016-06-01 08:32 - 2015-11-05 11:03 - 00003072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\lpk.dll
2016-06-01 08:32 - 2015-11-05 11:02 - 00011776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dciman32.dll

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-07-01 20:49 - 2015-10-30 08:28 - 00065536 ___SH C:\WINDOWS\system32\config\ELAM
2016-07-01 20:44 - 2016-01-20 01:11 - 00000000 ____D C:\Program Files\Bitdefender Agent
2016-07-01 20:43 - 2014-09-17 01:06 - 00000884 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2016-07-01 20:37 - 2016-01-25 11:53 - 00000000 ____D C:\Users\Admin\AppData\Roaming\SynciOS Data Transfer
2016-07-01 20:37 - 2015-06-20 22:27 - 00001232 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-3206007939-3703904605-1476991908-1001UA.job
2016-07-01 20:37 - 2015-01-09 11:48 - 00001106 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2016-07-01 20:37 - 2014-09-23 16:45 - 00000592 _____ C:\WINDOWS\Tasks\G2MUpdateTask-S-1-5-21-3206007939-3703904605-1476991908-1001.job
2016-07-01 20:37 - 2014-09-17 14:10 - 00000000 ____D C:\Program Files (x86)\Emsisoft Anti-Malware
2016-07-01 20:28 - 2016-02-20 20:44 - 00000000 ____D C:\Users\Gerhard\AppData\LocalLow\Temp
2016-07-01 20:28 - 2014-12-04 19:53 - 00001128 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3206007939-3703904605-1476991908-1001UA.job
2016-07-01 20:13 - 2015-01-09 11:48 - 00001110 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2016-07-01 19:53 - 2015-05-30 22:42 - 00000688 _____ C:\WINDOWS\Tasks\G2MUploadTask-S-1-5-21-3206007939-3703904605-1476991908-1001.job
2016-07-01 19:50 - 2016-05-31 13:23 - 02113406 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-07-01 19:50 - 2015-10-30 20:35 - 00899366 _____ C:\WINDOWS\system32\perfh007.dat
2016-07-01 19:50 - 2015-10-30 20:35 - 00201816 _____ C:\WINDOWS\system32\perfc007.dat
2016-07-01 19:50 - 2015-10-30 09:21 - 00000000 ____D C:\WINDOWS\INF
2016-07-01 19:44 - 2016-01-25 12:44 - 00000000 ___RD C:\Users\Gerhard\iCloudDrive
2016-07-01 19:44 - 2016-01-25 10:11 - 00000000 ____D C:\Users\Gerhard\AppData\Roaming\SynciOS Data Transfer
2016-07-01 19:43 - 2016-05-31 13:34 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-07-01 19:43 - 2016-05-31 13:22 - 00000000 ____D C:\ProgramData\NVIDIA
2016-07-01 19:43 - 2015-10-30 08:28 - 00524288 ___SH C:\WINDOWS\system32\config\BBI
2016-07-01 19:42 - 2016-05-31 13:23 - 00000000 ____D C:\Users\Gerhard
2016-07-01 19:42 - 2014-09-17 00:31 - 00541532 _____ C:\bdlog.txt
2016-07-01 16:35 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-07-01 16:29 - 2014-09-17 01:05 - 00000000 ____D C:\Users\Admin\AppData\Local\Adobe
2016-07-01 15:37 - 2015-06-20 22:27 - 00001180 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-3206007939-3703904605-1476991908-1001Core.job
2016-07-01 14:10 - 2016-05-31 15:18 - 00000000 ____D C:\Users\Gerhard\AppData\Local\Packages
2016-07-01 13:09 - 2016-03-25 10:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AbiWord Word Processor
2016-07-01 13:09 - 2016-01-20 17:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Franzis HDR Projects Professional 3 (64-bit)
2016-07-01 13:09 - 2014-10-15 09:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TheBestSpinner3
2016-07-01 13:07 - 2016-05-31 14:21 - 00000000 ___DC C:\WINDOWS\Panther
2016-07-01 12:47 - 2016-05-31 14:18 - 00000000 ____D C:\Windows.old
2016-07-01 09:04 - 2015-10-30 09:24 - 00000000 ___HD C:\Program Files\WindowsApps
2016-07-01 09:03 - 2014-09-17 16:00 - 00000000 ____D C:\Users\Gerhard\AppData\Local\Adobe
2016-07-01 01:05 - 2014-09-16 18:43 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2016-07-01 01:05 - 2014-09-16 18:43 - 00000000 ____D C:\Program Files (x86)\Realtek
2016-07-01 00:28 - 2014-12-04 19:53 - 00001076 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3206007939-3703904605-1476991908-1001Core.job
2016-07-01 00:16 - 2014-12-14 22:36 - 00000000 ____D C:\Users\Admin\AppData\Local\CrashDumps
2016-07-01 00:16 - 2014-11-18 18:30 - 00000000 ____D C:\Users\Admin\AppData\Roaming\inkscape
2016-06-30 23:55 - 2015-10-30 12:31 - 00000000 ____D C:\Program Files\Common Files\Topaz Labs
2016-06-30 23:53 - 2015-03-18 20:33 - 00000000 ____D C:\ProgramData\TechSmith
2016-06-30 23:53 - 2015-03-18 19:01 - 00000000 ____D C:\Users\Admin\AppData\Local\TechSmith
2016-06-30 23:53 - 2014-09-17 14:24 - 00000000 ____D C:\ProgramData\Package Cache
2016-06-30 23:30 - 2014-09-20 11:53 - 00000000 ____D C:\Program Files\Xara
2016-06-30 23:26 - 2015-05-28 17:07 - 00000000 ____D C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PhotoZoom Pro 6
2016-06-30 11:19 - 2015-07-21 15:35 - 00000214 _____ C:\Users\Public\Desktop\My Software Deals.url
2016-06-30 11:19 - 2014-09-20 14:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ashampoo
2016-06-30 11:19 - 2014-09-20 14:21 - 00000000 ____D C:\ProgramData\Ashampoo
2016-06-30 11:19 - 2014-09-20 14:21 - 00000000 ____D C:\Program Files (x86)\Ashampoo
2016-06-29 17:05 - 2016-05-31 15:20 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2016-06-29 14:01 - 2014-10-15 09:09 - 00000000 ____D C:\Program Files (x86)\TheBestSpinner3
2016-06-29 14:00 - 2016-01-20 00:25 - 00000085 _____ C:\WINDOWS\wininit.ini
2016-06-29 14:00 - 2015-12-04 10:53 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2016-06-29 13:57 - 2016-04-19 17:18 - 00000000 ____D C:\ProgramData\Skype
2016-06-29 13:49 - 2016-04-27 21:53 - 00000000 ____D C:\Users\Gerhard\AppData\Roaming\MyPhoneExplorer
2016-06-29 13:47 - 2015-07-01 17:38 - 00000000 ____D C:\WINDOWS\lhsp
2016-06-29 13:44 - 2014-11-11 18:37 - 00000000 ____D C:\Program Files (x86)\Explaindio Video Creator
2016-06-29 13:43 - 2015-06-05 11:26 - 00000000 ____D C:\Program Files (x86)\Explaindio Video Creator 2
2016-06-29 13:40 - 2015-09-24 09:41 - 00000000 ____D C:\Program Files (x86)\EasySketchPro3
2016-06-29 13:38 - 2015-03-18 20:33 - 00000000 ____D C:\Program Files (x86)\QuickTime
2016-06-29 13:27 - 2016-03-25 21:02 - 00000000 ____D C:\Program Files (x86)\AbiWord
2016-06-28 19:19 - 2016-01-20 01:22 - 00299816 _____ (Bitdefender) C:\WINDOWS\system32\Drivers\ignis.sys
2016-06-28 19:19 - 2016-01-20 01:21 - 00520032 _____ (BitDefender S.R.L.) C:\WINDOWS\system32\Drivers\trufos.sys
2016-06-28 11:43 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2016-06-28 09:48 - 2014-10-17 19:12 - 00000000 ____D C:\ProgramData\Oracle
2016-06-28 09:47 - 2014-10-17 19:12 - 00000000 ____D C:\Program Files (x86)\Java
2016-06-28 09:44 - 2016-05-20 15:37 - 00000000 ____D C:\Users\Admin\AppData\Roaming\Skype
2016-06-27 10:56 - 2015-07-09 09:37 - 02748416 _____ C:\Users\Gerhard\Desktop\Kurz Kunden_Kopie.accdb
2016-06-27 10:00 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\addins
2016-06-25 14:40 - 2014-10-30 10:53 - 00000000 ____D C:\Users\Gerhard\AppData\Roaming\Dropbox
2016-06-24 16:17 - 2016-05-31 13:23 - 00000000 ____D C:\Users\Acronis Agent User.Admin-PC
2016-06-24 16:12 - 2016-05-31 13:23 - 00000000 ____D C:\Users\Admin
2016-06-23 17:22 - 2014-09-22 12:57 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2016-06-23 17:22 - 2014-09-22 12:57 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2016-06-23 13:58 - 2015-10-30 09:24 - 00000000 ___SD C:\WINDOWS\Downloaded Program Files
2016-06-23 13:58 - 2015-10-30 09:24 - 00000000 ___RD C:\WINDOWS\Offline Web Pages
2016-06-23 12:32 - 2014-09-22 12:57 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2016-06-22 10:53 - 2015-06-20 22:27 - 00000000 ____D C:\Users\Gerhard\AppData\Local\Dropbox
2016-06-22 08:51 - 2015-10-30 09:24 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2016-06-22 08:49 - 2014-09-17 12:09 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2016-06-19 20:12 - 2015-12-11 18:30 - 00000000 ____D C:\AddOns
2016-06-19 12:40 - 2016-03-07 17:46 - 00000000 ____D C:\Users\Admin\AppData\Roaming\ObjectNews2
2016-06-19 12:31 - 2014-11-14 10:56 - 00000000 ____D C:\Users\Gerhard\AppData\Roaming\SpiderOak
2016-06-19 11:48 - 2016-05-31 13:22 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2016-06-19 11:41 - 2016-05-31 13:55 - 00000000 __RHD C:\Users\Public\AccountPictures
2016-06-18 11:32 - 2015-01-09 11:48 - 00002264 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-06-18 11:32 - 2015-01-09 11:48 - 00002252 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-06-17 14:40 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\rescache
2016-06-17 14:38 - 2015-10-30 09:11 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-06-17 09:43 - 2014-09-17 01:06 - 00003858 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2016-06-16 14:56 - 2015-10-30 09:24 - 00000000 ___SD C:\WINDOWS\system32\DiagSvcs
2016-06-16 14:56 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2016-06-16 14:56 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\bcastdvr
2016-06-15 21:24 - 2015-05-30 22:42 - 00003848 _____ C:\WINDOWS\System32\Tasks\G2MUploadTask-S-1-5-21-3206007939-3703904605-1476991908-1001
2016-06-15 21:24 - 2014-09-23 16:45 - 00003752 _____ C:\WINDOWS\System32\Tasks\G2MUpdateTask-S-1-5-21-3206007939-3703904605-1476991908-1001
2016-06-15 10:29 - 2014-09-17 00:43 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-06-15 10:24 - 2014-09-17 00:43 - 142482544 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-06-14 20:33 - 2015-10-30 09:26 - 00828408 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2016-06-14 20:33 - 2015-10-30 09:26 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2016-06-13 09:56 - 2016-04-26 17:51 - 00000000 ____D C:\Program Files (x86)\deepinvent
2016-06-11 17:45 - 2014-09-16 20:57 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-06-09 13:40 - 2016-05-20 14:28 - 00000000 ____D C:\Users\Gerhard\HDR Projects 4 Pro
2016-06-09 08:24 - 2016-05-31 13:55 - 00000000 ____D C:\Users\Admin\AppData\Local\Packages
2016-06-09 08:09 - 2014-09-17 16:00 - 00000000 ____D C:\Users\Gerhard\AppData\Local\NVIDIA
2016-06-07 17:23 - 2014-09-18 13:21 - 00000000 ____D C:\Users\Gerhard\AppData\Roaming\eM Client
2016-06-07 11:09 - 2014-12-20 19:43 - 00000000 ____D C:\Program Files\Common Files\Apple
2016-06-06 11:06 - 2015-08-06 17:57 - 00000000 ____D C:\Program Files (x86)\Ginger
2016-06-06 09:06 - 2015-10-25 17:44 - 00002469 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat DC.lnk
2016-06-06 09:06 - 2015-10-25 17:44 - 00002114 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat Distiller DC.lnk
2016-06-04 02:51 - 2015-07-13 20:45 - 13553096 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvlddmkm.sys
2016-06-03 09:22 - 2016-05-31 14:38 - 17432544 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvd3dumx.dll
2016-06-03 09:22 - 2015-07-13 20:45 - 20375488 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvwgf2umx.dll
2016-06-03 09:22 - 2015-07-13 20:45 - 17729184 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvwgf2um.dll
2016-06-03 09:22 - 2015-07-13 20:45 - 14462536 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvd3dum.dll
2016-06-03 09:22 - 2015-07-13 20:45 - 03811256 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2016-06-03 09:22 - 2015-07-13 20:45 - 03371624 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2016-06-03 09:22 - 2015-07-13 20:45 - 00040084 _____ C:\WINDOWS\system32\nvinfo.pb
2016-06-03 05:59 - 2016-05-31 13:22 - 06452948 _____ C:\WINDOWS\system32\nvcoproc.bin
2016-06-03 05:59 - 2016-05-31 13:22 - 06364216 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2016-06-03 05:59 - 2016-05-31 13:22 - 02455608 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2016-06-03 05:59 - 2016-05-31 13:22 - 01762752 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2016-06-03 05:59 - 2016-05-31 13:22 - 01352760 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvvsvc.exe
2016-06-03 05:59 - 2016-05-31 13:22 - 00392128 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2016-06-03 05:59 - 2016-05-31 13:22 - 00069568 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2016-06-03 05:59 - 2016-02-02 11:09 - 00534072 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll
2016-06-03 05:59 - 2016-02-02 11:09 - 00081856 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll
2016-06-02 12:33 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\NDF
2016-06-01 15:39 - 2016-05-31 15:23 - 00000000 ____D C:\Users\Gerhard\AppData\Local\MicrosoftEdge
2016-06-01 15:07 - 2015-10-30 20:44 - 00000000 ____D C:\Program Files\Windows Journal
2016-06-01 15:07 - 2015-10-30 09:24 - 00015703 _____ C:\WINDOWS\system32\OEMDefaultAssociations.xml
2016-06-01 15:07 - 2015-10-30 09:24 - 00000000 __RSD C:\WINDOWS\Media
2016-06-01 15:07 - 2015-10-30 09:24 - 00000000 ___SD C:\WINDOWS\system32\F12
2016-06-01 15:07 - 2015-10-30 09:24 - 00000000 ___RD C:\WINDOWS\PurchaseDialog
2016-06-01 15:07 - 2015-10-30 09:24 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2016-06-01 15:07 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2016-06-01 15:07 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\oobe
2016-06-01 15:07 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\appraiser
2016-06-01 15:07 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\Provisioning
2016-06-01 15:07 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\PolicyDefinitions
2016-06-01 15:07 - 2015-10-30 09:24 - 00000000 ____D C:\Program Files\Windows Portable Devices
2016-06-01 15:07 - 2015-10-30 09:24 - 00000000 ____D C:\Program Files\Windows Multimedia Platform
2016-06-01 15:07 - 2015-10-30 09:24 - 00000000 ____D C:\Program Files (x86)\Windows Portable Devices
2016-06-01 15:07 - 2015-10-30 09:24 - 00000000 ____D C:\Program Files (x86)\Windows Multimedia Platform
2016-06-01 15:07 - 2015-10-30 08:28 - 00000000 ____D C:\WINDOWS\SysWOW64\Dism
2016-06-01 15:07 - 2015-10-30 08:28 - 00000000 ____D C:\WINDOWS\system32\Dism
2016-06-01 13:40 - 2014-09-16 18:58 - 00000000 ____D C:\Users\Admin\AppData\Local\ElevatedDiagnostics
2016-06-01 08:35 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\appcompat

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2014-11-21 12:12 - 2014-11-21 12:12 - 0000017 _____ () C:\Program Files (x86)\Setup.ini
2015-09-18 12:00 - 2016-06-13 09:57 - 16790552 _____ (LastPass) C:\Program Files (x86)\Common Files\lpuninstall.exe
2015-07-01 17:38 - 2015-07-01 17:38 - 0000093 _____ () C:\Users\Admin\AppData\Local\fusioncache.dat
2014-11-19 01:29 - 2014-11-19 01:29 - 0001238 _____ () C:\Users\Admin\AppData\Local\recently-used.xbel
2015-07-08 22:28 - 2015-07-08 22:28 - 0000017 _____ () C:\Users\Admin\AppData\Local\resmon.resmoncfg
2016-01-20 01:23 - 2016-01-20 01:23 - 0423469 _____ () C:\ProgramData\1453245669.bdinstall.bin
2016-02-16 09:28 - 2016-02-16 09:28 - 0025136 _____ () C:\ProgramData\1455607689.bdinstall.bin
2016-03-22 17:18 - 2016-03-22 17:18 - 0025834 _____ () C:\ProgramData\1458659890.bdinstall.bin
2016-03-31 18:01 - 2016-03-31 18:01 - 0025906 _____ () C:\ProgramData\1459440110.bdinstall.bin
2016-06-14 15:05 - 2016-06-14 15:05 - 0025906 _____ () C:\ProgramData\1465909525.bdinstall.bin
2016-06-14 15:05 - 2016-06-14 15:05 - 0025902 _____ () C:\ProgramData\1465909544.bdinstall.bin
2015-03-12 01:33 - 2015-03-12 01:33 - 0000119 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc

==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2016-06-24 08:44

==================== Ende von FRST.txt ============================
         
Addition.txt

Code:
ATTFilter
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 29-06-2016
durchgeführt von Admin (2016-07-01 20:54:02)
Gestartet von D:\DOWNLOADS 2
Windows 10 Home Version 1511 (X64) (2016-05-31 11:55:28)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Acronis Agent User (S-1-5-21-3206007939-3703904605-1476991908-1009 - Administrator - Enabled) => C:\Users\Acronis Agent User.Admin-PC
Admin (S-1-5-21-3206007939-3703904605-1476991908-1000 - Administrator - Enabled) => C:\Users\Admin
Administrator (S-1-5-21-3206007939-3703904605-1476991908-500 - Administrator - Disabled)
ASPNET (S-1-5-21-3206007939-3703904605-1476991908-1005 - Limited - Enabled)
DefaultAccount (S-1-5-21-3206007939-3703904605-1476991908-503 - Limited - Disabled)
Gast (S-1-5-21-3206007939-3703904605-1476991908-501 - Limited - Disabled)
Gerhard (S-1-5-21-3206007939-3703904605-1476991908-1001 - Limited - Enabled) => C:\Users\Gerhard
HomeGroupUser$ (S-1-5-21-3206007939-3703904605-1476991908-1003 - Limited - Enabled)

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Emsisoft Anti-Malware (Enabled - Up to date) {15510D9D-6530-DA29-224F-7BA1BDD1CB58}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Bitdefender Virenschutz (Enabled - Up to date) {3FB17364-4FCC-0FA7-6BBF-973897395371}
AS: Bitdefender Spyware-Schutz (Enabled - Up to date) {84D09280-69F6-0029-510F-AC4AECBE19CC}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Emsisoft Anti-Malware (Enabled - Up to date) {AE30EC79-430A-D5A7-18FF-40D3C65681E5}
FW: Bitdefender Firewall (Enabled) {078AF241-05A3-0EFF-40E0-3E0D69EA140A}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Acronis Backup Client (HKLM\...\9EBDE6F5-EAE6-4326-A3A1-DEAA29F32D1D_BackupAndRecovery) (Version: 12.0.1150 - Acronis)
Acronis Backup Client (Version: 12.0.1150 - Acronis) Hidden
Adalyzer (HKU\S-1-5-21-3206007939-3703904605-1476991908-1001\...\5b021bb11398c934) (Version: 1.0.4.0 - Richard Grear)
Adobe Acrobat DC (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-0C0F074E4100}) (Version: 15.016.20045 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 19.0.0.241 - Adobe Systems Incorporated)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 3.4.1.181 - Adobe Systems Incorporated)
Adobe Flash Player 22 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 22.0.0.192 - Adobe Systems Incorporated)
Adobe Illustrator CC 2015 (HKLM-x32\...\ILST_19_2_1) (Version: 19.2.1 - Adobe Systems Incorporated)
Adobe Photoshop CC 2015 (HKLM-x32\...\{793C2BF7-A4FE-4608-91C9-9282C5801C21}) (Version: 16.1.2 - Adobe Systems Incorporated)
Akeeba eXtract Wizard 3.3 (HKLM-x32\...\{C5A52C02-1618-47DB-8A92-559DE29048EC}_is1) (Version:  - Akeeba Developers)
Amazon Drive (HKU\S-1-5-21-3206007939-3703904605-1476991908-1001\...\Amazon Drive) (Version: 3.5.2.48 - Amazon.com, Inc.)
Amazon Kindle (HKLM-x32\...\Amazon Kindle) (Version:  - Amazon)
Amazon Kindle (HKU\S-1-5-21-3206007939-3703904605-1476991908-1001\...\Amazon Kindle) (Version:  - Amazon)
Apple Application Support (32-Bit) (HKLM-x32\...\{26356515-5821-40FA-9C3D-9785052A1062}) (Version: 4.3.1 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{C2651553-6CA3-4822-B2E6-BC4ACA6E0EA2}) (Version: 4.3.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{2E4AF2A6-50EA-4260-9BA4-5E582D11879A}) (Version: 9.3.0.15 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: 2.2.0.150 - Apple Inc.)
Ashampoo Burning Studio 14 v.14.0.5 (HKLM-x32\...\{91B33C97-7BCF-CDFE-4321-58EBF3E8641C}_is1) (Version: 14.0.5 - Ashampoo GmbH & Co. KG)
Ashampoo Snap 9 (HKLM-x32\...\{0A11EA01-D628-EEFD-B5E8-864238AE9105}_is1) (Version: 9.0.1 - Ashampoo GmbH & Co. KG)
Ashampoo UnInstaller 6 (HKLM-x32\...\{4209F371-7DE5-9DF2-5DEF-91667EBBBBC5}_is1) (Version: 6.00.14 - Ashampoo GmbH & Co. KG)
Atheros Bluetooth Suite (64) (HKLM\...\{230D1595-57DA-4933-8C4E-375797EBB7E1}) (Version: 7.04.000.98 - Atheros)
ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0031 - ASUS)
Audials (HKLM-x32\...\{1AF206E6-6828-44F8-8518-43FF76F43F0C}) (Version: 12.0.63100.0 - Audials AG)
Bitdefender Agent (HKLM\...\Bitdefender Agent) (Version: 20.0.23.1252 - Bitdefender)
Bitdefender Total Security 2016 (HKLM\...\Bitdefender) (Version: 20.0.24.1290 - Bitdefender)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Canon IJ Network Scanner Selector EX (HKLM-x32\...\Canon_IJ_Network_Scanner_Selector_EX) (Version:  - )
Canon IJ Network Tool (HKLM-x32\...\Canon_IJ_Network_UTILITY) (Version: 3.1.1 - Canon Inc.)
Canon MG6200 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG6200_series) (Version:  - Canon Inc.)
Canon MP Navigator EX 5.0 (HKLM-x32\...\MP Navigator EX 5.0) (Version:  - )
Citrix Online Launcher (HKLM-x32\...\{DB014C85-A264-4BCA-A66F-6DD1FCF8EC36}) (Version: 1.0.335 - Citrix)
Crowd Force Pro (HKLM-x32\...\CrowdForce) (Version: 0.46.0 - UNKNOWN)
Crowd Force Pro (x32 Version: 0.46.0 - UNKNOWN) Hidden
Cyberduck 19355 (4.8.4) (HKLM-x32\...\Cyberduck) (Version: 19355 (4.8.4) - )
Document Manager (HKU\S-1-5-21-3206007939-3703904605-1476991908-1000\...\DocumentManager) (Version:  - WonderFox Soft, Inc. All Rights Reserved.)
Dropbox (HKU\S-1-5-21-3206007939-3703904605-1476991908-1001\...\Dropbox) (Version: 5.4.24 - Dropbox, Inc.)
eM Client (HKLM-x32\...\{7B35918E-43E4-45AF-8F1B-C15D86CA919D}) (Version: 6.0.24928.0 - eM Client Inc.)
Emsisoft Anti-Malware (HKLM-x32\...\{5502032C-88C1-4303-99FE-B5CBD7684CEA}_is1) (Version: 9.0 - Emsisoft GmbH)
FileZilla Client 3.17.0 (HKLM-x32\...\FileZilla Client) (Version: 3.17.0 - Tim Kosse)
Firebird SQL Server - MAGIX Edition (HKLM-x32\...\{39AB2E37-1A55-4292-A5D3-971E9F70D0F8}) (Version: 2.1.32.0 - MAGIX AG)
Fresco Logic USB3.0 Host Controller (HKLM\...\{FFF6BB59-380A-4338-AEFB-226F511C0713}) (Version: 3.5.73.0 - Fresco Logic Inc.)
FreshTitle (HKLM-x32\...\FreshTitle1.0.0.4) (Version: 1.0.0.4 - AppBreed)
Ginger (HKLM-x32\...\InstallShield_{1EBF9A59-F4E3-4EA7-BA97-76703C1432F6}) (Version: 3.7.63 - Ginger Software)
Ginger (x32 Version: 3.7.63 - Ginger Software) Hidden
GMX ProfiFax (HKLM-x32\...\GMX ProfiFax) (Version: 2.00.236 - 1&1 Mail & Media GmbH)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 51.0.2704.103 - Google Inc.)
Google Talk Plugin (HKLM-x32\...\{F9B579C2-D854-300A-BE62-A09EB9D722E4}) (Version: 5.41.3.0 - Google)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.30.3 - Google Inc.) Hidden
GoToMeeting 7.19.0.5102 (HKU\S-1-5-21-3206007939-3703904605-1476991908-1001\...\GoToMeeting) (Version: 7.19.0.5102 - CitrixOnline)
Grammarly for Microsoft® Office Suite (HKU\S-1-5-21-3206007939-3703904605-1476991908-1000\...\{d80a94d2-12b9-4a80-ae43-302f51e5f6b3}) (Version: 6.5.43 - Grammarly)
Grammarly for Microsoft® Office Suite (Version: 6.5.43 - Grammarly) Hidden
HappyFingers Version 3.0.0 (HKLM-x32\...\{3C2AE644-A64E-4291-92F1-800380989EE2}_is1) (Version: 3.0.0 - Red Trolley Software Pty Ltd)
HMA! Pro VPN 2.8.24.0 (HKLM-x32\...\HMA! Pro VPN) (Version: 2.8.24.0 - Privax Ltd)
iCloud (HKLM\...\{ADFDB647-35C0-4254-9EE6-2D9C3B7104BD}) (Version: 5.2.1.69 - Apple Inc.)
Inkscape 0.48.5 (HKLM-x32\...\Inkscape) (Version: 0.48.5 - )
Inkscape 0.91 (HKLM\...\{81922150-317E-4BB0-A31D-FF1C14F707C5}) (Version: 0.91 - inkscape.org)
InstantArticleWizard (HKLM-x32\...\InstantArticleWizard) (Version:  - )
Interst Architect (HKLM-x32\...\Interst Architect1.0.0.6) (Version: 1.0.0.6 - InnAnTech Industries Inc.)
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.38 - Irfan Skiljan)
iTunes (HKLM\...\{9F4BF859-C3A4-4AB6-BDD1-9C5D58188598}) (Version: 12.4.1.6 - Apple Inc.)
Java 8 Update 91 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218091F0}) (Version: 8.0.910.15 - Oracle Corporation)
Keyword Blaze 2.0 (HKLM-x32\...\com.vaival.keywordtool) (Version: 0.0.8 - UNKNOWN)
Keyword Blaze 2.0 (x32 Version: 0.0.8 - UNKNOWN) Hidden
Keyword Master (HKLM-x32\...\{7C46AC08-8DE3-2088-E72D-001A34D8E536}) (Version: 1.0 - Cliff Carrigan)
L&H TTS3000 Deutsch (HKLM-x32\...\LHTTSGED) (Version:  - )
Lernout & Hauspie TruVoice American English TTS Engine (HKLM-x32\...\tv_enua) (Version:  - )
Logitech Options (HKLM\...\LogiOptions) (Version:  - Logitech)
Macrium Reflect Free Edition (HKLM\...\MacriumReflect) (Version: 6.1 - Paramount Software (UK) Ltd.)
Macrium Reflect Free Edition (Version: 6.1.1311 - Paramount Software (UK) Ltd.) Hidden
MAGIX Fonts Package 2 (x32 Version: 1.0.0.0 - MAGIX Software GmbH) Hidden
MAGIX Fotostory 2015 Deluxe (HKLM-x32\...\MX.{B051358D-748D-4969-9FE7-C116D730CAAD}) (Version: 14.0.1.42 - MAGIX Software GmbH)
MAGIX Fotostory 2015 Deluxe (Version: 14.0.1.42 - MAGIX Software GmbH) Hidden
MAGIX Speed burnR (MSI) (HKLM-x32\...\MX.{61124E02-0FFC-4390-8943-4B5C1E3713CE}) (Version: 7.0.2.6 - MAGIX Software GmbH)
MAGIX Speed burnR (MSI) (Version: 7.0.2.6 - MAGIX Software GmbH) Hidden
MAGIX Video deluxe 2015 Premium (HKLM\...\MX.{EAC79752-A0A4-45DB-9F99-9F6445920F77}) (Version: 14.0.0.159 - MAGIX Software GmbH)
MAGIX Video deluxe 2015 Premium (Version: 14.0.0.159 - MAGIX Software GmbH) Hidden
MAGIX Video Sound Cleaning Lab 2014 (HKLM-x32\...\MX.{6D904F95-F965-4475-A3DD-9F52C5AD0CB7}) (Version: 20.0.0.14 - MAGIX AG)
MAGIX Video Sound Cleaning Lab 2014 (Version: 20.0.0.14 - MAGIX AG) Hidden
Malwarebytes Anti-Malware Version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Mein 3DataManager (HKLM-x32\...\3DataManager) (Version: 1.1.1 - Mein 3DataManager)
Microsoft .NET Framework 1.1 (HKLM-x32\...\{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}) (Version: 1.1.4322 - Microsoft)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Office 365 - de-de (HKLM\...\O365HomePremRetail - de-de) (Version: 16.0.6965.2058 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50428.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
MOBackup - Datensicherung für Outlook (Vollversion) (HKLM-x32\...\MOBackup-DatensicherungfürOutlook) (Version: 7.95 - Heiko Schröder)
Mozilla Firefox 47.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 47.0 (x86 de)) (Version: 47.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 47.0.0.5999 - Mozilla)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2721691) (HKLM-x32\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
My Solodex (HKLM-x32\...\SolodexReloaded) (Version: 2.00 - UNKNOWN)
My Solodex (x32 Version: 2.00 - UNKNOWN) Hidden
MyPhoneExplorer (HKLM-x32\...\MPE) (Version: 1.8.7 - F.J. Wechselberger)
NaturalReaderFree (HKLM-x32\...\{262EFBD9-A907-490F-81F4-561FDD3A8C5C}) (Version: 1.00.0000 - Naturalsoft limited)
NVIDIA 3D Vision Treiber 368.39 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 368.39 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.11.3.5 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.11.3.5 - NVIDIA Corporation)
NVIDIA Grafiktreiber 368.39 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 368.39 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.34.14 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.14 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.16.0318 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.16.0318 - NVIDIA Corporation)
ObjectNews2 (HKU\S-1-5-21-3206007939-3703904605-1476991908-1000\...\ObjectNews2) (Version: 02.58 - ObjectNews2)
ObjectNews2 (HKU\S-1-5-21-3206007939-3703904605-1476991908-1001\...\ObjectNews2) (Version: 02.58 - ObjectNews2)
Office 16 Click-to-Run Extensibility Component (x32 Version: 16.0.6925.1018 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (Version: 16.0.6925.1018 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (x32 Version: 16.0.6925.1018 - Microsoft Corporation) Hidden
Oracle VM VirtualBox 4.3.20 (HKLM\...\{86401870-7AB7-4A8D-8AD6-12B27DF2E6E3}) (Version: 4.3.20 - Oracle Corporation)
PagePlusX7ContentDeclaration (x32 Version: 1.0.0.0 - Serif (Europe) Ltd) Hidden
Penguinator Connect (HKLM-x32\...\{395BBB78-0644-45D3-A0FB-E925E82BFAB8}) (Version: 1.0.0 - Antification)
Phase 5 HTML-Editor (HKLM-x32\...\{20B1B020-DEAE-48D1-9960-D4C3185D758B}) (Version: 5.6.2.3 - Systemberatung Schommer)
Photo to Sketch Converter 2.0 (HKLM-x32\...\Photo to Sketch Converter_is1) (Version: 2.0 - SoftOrbits)
Pop-up Excel Calendar 2.12 (HKLM-x32\...\Pop-up Excel Calendar_is1) (Version: 2.12 - OFFICE-KIT.COM, Uniform Software Ltd)
PowerLine Utility (HKLM-x32\...\{5D1E5ED5-E436-4A0D-8812-953FFBDFF3B3}) (Version: 1.2.709 - TP-LINK)
QuickTime 7 (HKLM-x32\...\{FF59BD75-466A-4D5A-AD23-AAD87C5FD44C}) (Version: 7.79.80.95 - Apple Inc.)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.10586.31222 - Realtek Semiconduct Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.44.421.2011 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6564 - Realtek Semiconductor Corp.)
RoboForm 7-9-9-1 (All Users) (HKLM-x32\...\AI RoboForm) (Version: 7-9-9-1 - Siber Systems)
Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.59.0 - Samsung Electronics Co., Ltd.)
SHIELD Streaming (Version: 7.1.0280 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.11.3.5 - NVIDIA Corporation) Hidden
Smart Switch (HKLM-x32\...\InstallShield_{74FA5314-85C8-4E2A-907D-D9ECCCB770A7}) (Version: 4.1.16052.2 - Samsung Electronics Co., Ltd.)
Smart Switch (x32 Version: 4.1.16052.2 - Samsung Electronics Co., Ltd.) Hidden
Social Post Browser (HKLM-x32\...\Social Post Browser1.0.0.0) (Version: 1.0.0.0 - AppBreed Software of InnAnTech Industries Inc.)
SocialFormula (HKLM-x32\...\SocialFormula) (Version: 0.0.0 - UNKNOWN)
SocialFormula (x32 Version: 0.0.0 - UNKNOWN) Hidden
Softwarenetz Rechnung5 (HKLM-x32\...\Rechnung5) (Version:  - Softwarenetz)
Springly (HKLM-x32\...\Springly) (Version: 1.7 - JHS Marketing LLC)
Springly (x32 Version: 1.7 - JHS Marketing LLC) Hidden
Sublime Text Build 3103 (HKLM\...\Sublime Text 3_is1) (Version:  - Sublime HQ Pty Ltd)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.3.43.0 - Synaptics Incorporated)
SynciOS Data Transfer version 1.2.6 (HKLM-x32\...\{6C4BB520-3416-4D67-B7EA-A9FF6662345F}_is1) (Version: 1.2.6 - Anvsoft, Inc.)
Syncios Version 5.0.2 (HKLM-x32\...\{068A5D84-8419-4BDE-9689-FE65F412EFBB}_is1) (Version: 5.0.2 - Anvsoft, Inc.)
Target Generator (HKLM-x32\...\Target Generator1.0.0.3) (Version: 1.0.0.3 - AppBreed Software of InnAnTech Industries Inc.)
Tee Inspector (HKLM-x32\...\Tee Inspector1.0.1.3) (Version: 1.0.1.3 - AppBreed Software of InnAnTech Industries Inc.)
Text-To-Speech-Runtime (HKLM-x32\...\{7B3F0113-E63C-4D6D-AF19-111A3165CCA2}) (Version: 1.0.0.0 - Magix Development GmbH)
Title Analyzer (HKLM-x32\...\Title Analyzer1.0.0.4) (Version: 1.0.0.4 - AppBreed)
UmmyVideoDownloader (HKLM-x32\...\{E028DBDA-EEE7-48A0-ADF7-D250589A02C5}_is1) (Version: 1.5.0.0 - )
Video Performer (HKU\S-1-5-21-3206007939-3703904605-1476991908-1000\...\Video Performer) (Version:  - PerformerSoft LLC) <==== ACHTUNG
VideosAlchemey (HKLM-x32\...\VideosAlchemey) (Version: 0.0.0 - InspiredSoft LTD)
VideosAlchemey (x32 Version: 0.0.0 - InspiredSoft LTD) Hidden
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN)
Vulkan Run Time Libraries 1.0.11.1 (HKLM\...\VulkanRT1.0.11.1) (Version: 1.0.11.1 - LunarG, Inc.)
WinPcap 4.1.2 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2001 - CACE Technologies)
WonderFox Video Watermark (HKU\S-1-5-21-3206007939-3703904605-1476991908-1000\...\WonderFoxVideoWatermark) (Version:  - WonderFox Soft, Inc. All Rights Reserved.)
Xara Designer Pro X11 (HKLM\...\MX.{6FDCA3A7-DF35-4E18-AF77-A30FDF193897}) (Version: 11.2.3.40674 - Xara Group Ltd)
Xara Designer Pro X11 (Version: 11.2.3.40674 - Xara Group Ltd) Hidden
Yahoo Search Set (HKLM-x32\...\Yahoo! SearchSet) (Version:  - Yahoo Inc.)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-3206007939-3703904605-1476991908-1000_Classes\CLSID\{004B49B7-11B9-5058-FF22-08DD093ADC4B}\InprocServer32 -> {1F512744-9468-D082-12B7-20EE85889A47} => Keine Datei
CustomCLSID: HKU\S-1-5-21-3206007939-3703904605-1476991908-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Gerhard\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3206007939-3703904605-1476991908-1000_Classes\CLSID\{2AD206F1-152C-4F9D-A24E-6F93FE7A4AFC}\InprocServer32 -> C:\Users\Admin\AppData\Local\Grammarly\Grammarly for Microsoft Office Suite\6.5.43\6114034ECAC245E880E823DD0314F4F6\GrammarlyShim64.dll (CompanyName)
CustomCLSID: HKU\S-1-5-21-3206007939-3703904605-1476991908-1000_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\Admin\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\FileCoAuth.exe (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3206007939-3703904605-1476991908-1000_Classes\CLSID\{DD0822FF-3A09-4BDC-B749-4B00B9115850}\InprocServer32 -> {597C43FD-9468-D082-ABD3-0DA885889A47} => Keine Datei
CustomCLSID: HKU\S-1-5-21-3206007939-3703904605-1476991908-1000_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)
CustomCLSID: HKU\S-1-5-21-3206007939-3703904605-1476991908-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Gerhard\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3206007939-3703904605-1476991908-1001_Classes\CLSID\{00A3944A-BCF0-4796-9C15-D69606B6F3AB}\InprocServer32 -> C:\Program Files\Xara\Xara Designer Pro X10\Filters\DEU\HDPImport.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-3206007939-3703904605-1476991908-1001_Classes\CLSID\{045281D6-AFD2-4cd6-A93D-C07AD6FB20A2}\InprocServer32 -> C:\Program Files\Xara\Xara Designer Pro X10\Filters\DEU\SVGFilter.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-3206007939-3703904605-1476991908-1001_Classes\CLSID\{05E88098-3750-457A-AC42-1B019F9E3FE8}\InprocServer32 -> C:\Program Files\Xara\Xara Designer Pro X11\Filters\DEU\HDPImport.dll ()
CustomCLSID: HKU\S-1-5-21-3206007939-3703904605-1476991908-1001_Classes\CLSID\{0A352EAA-8FF3-404c-AFED-1F9AA02818DD}\InprocServer32 -> C:\Program Files\Xara\Xara Designer Pro X10\Filters\DEU\ODPImport.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-3206007939-3703904605-1476991908-1001_Classes\CLSID\{133547BE-D10F-4399-B1BA-D8CC983DA841}\InprocServer32 -> C:\Program Files\Xara\Xara Designer Pro X10\Filters\DEU\WSMFilter.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-3206007939-3703904605-1476991908-1001_Classes\CLSID\{1423F872-3F7F-4E57-B621-8B1A9D49B448}\InprocServer32 -> C:\Users\Gerhard\AppData\Local\Google\Update\1.3.27.5\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-3206007939-3703904605-1476991908-1001_Classes\CLSID\{171740BB-DE5D-4A3B-A5DD-43D171192819}\InprocServer32 -> C:\Program Files\Xara\Xara Designer Pro X11\Filters\DEU\RTFfilter.dll (Xara Group Ltd.)
CustomCLSID: HKU\S-1-5-21-3206007939-3703904605-1476991908-1001_Classes\CLSID\{1B00816B-14D7-4442-82B3-15CCF43C0254}\InprocServer32 -> C:\Program Files\Xara\Xara Designer Pro X10\Filters\DEU\RTFfilter.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-3206007939-3703904605-1476991908-1001_Classes\CLSID\{23F5AD84-9742-4A1F-BA77-B39828938730}\InprocServer32 -> C:\Program Files\Xara\Xara Designer Pro X11\Filters\DEU\PDFXFilter\PDFXFilter.dll (Xara)
CustomCLSID: HKU\S-1-5-21-3206007939-3703904605-1476991908-1001_Classes\CLSID\{2DD6B8AC-9015-4347-A47B-CEDCA2E4C2EA}\InprocServer32 -> C:\Program Files\Xara\Xara Designer Pro X11\Filters\DEU\XPSFilter.dll ()
CustomCLSID: HKU\S-1-5-21-3206007939-3703904605-1476991908-1001_Classes\CLSID\{3E2079FE-4DB5-4914-B9A0-FBBDA87890C0}\InprocServer32 -> C:\Program Files\Xara\Xara Designer Pro X11\Filters\DEU\ODPImport.dll ()
CustomCLSID: HKU\S-1-5-21-3206007939-3703904605-1476991908-1001_Classes\CLSID\{44B8B2C4-AFC2-44B3-8F05-02EC6E235862}\InprocServer32 -> C:\Program Files\Xara\Xara Designer Pro X11\Filters\DEU\PSDFilter.dll ()
CustomCLSID: HKU\S-1-5-21-3206007939-3703904605-1476991908-1001_Classes\CLSID\{4954639E-4AD5-4232-9FC6-753ED3E19DE1}\InprocServer32 -> C:\Program Files\Xara\Xara Designer Pro X11\Filters\DEU\PPImport.dll ()
CustomCLSID: HKU\S-1-5-21-3206007939-3703904605-1476991908-1001_Classes\CLSID\{55E4C8A1-601C-407f-9DF5-A2652A241AAE}\InprocServer32 -> C:\Program Files\Xara\Xara Designer Pro X10\Filters\DEU\EMFFilter.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-3206007939-3703904605-1476991908-1001_Classes\CLSID\{590C4387-5EBD-4D46-8A84-CD0BA2EF2856}\InprocServer32 -> C:\Users\Gerhard\AppData\Local\Google\Update\1.3.30.3\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3206007939-3703904605-1476991908-1001_Classes\CLSID\{5C8C2A98-6133-4EBA-BBCC-34D9EA01FC2E}\InprocServer32 -> C:\Users\Gerhard\AppData\Local\Google\Update\1.3.28.1\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-3206007939-3703904605-1476991908-1001_Classes\CLSID\{5C8E7C70-D9DC-4AB9-B748-4ED125D0CD74}\InprocServer32 -> C:\Program Files\Xara\Xara Designer Pro X11\Filters\DEU\WSMFilter.dll ()
CustomCLSID: HKU\S-1-5-21-3206007939-3703904605-1476991908-1001_Classes\CLSID\{6363B1AE-9DCC-24C0-1CB3-37B93064DF47}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-3206007939-3703904605-1476991908-1001_Classes\CLSID\{65545209-E245-4026-94AE-DEABE04DA1BF}\localserver32 -> C:\Program Files\Xara\Xara Designer Pro X11\DesignerPro.exe (Xara Group Ltd.)
CustomCLSID: HKU\S-1-5-21-3206007939-3703904605-1476991908-1001_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\Gerhard\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\FileCoAuth.exe (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3206007939-3703904605-1476991908-1001_Classes\CLSID\{78550997-5DEF-4A8A-BAF9-D5774E87AC98}\InprocServer32 -> C:\Users\Gerhard\AppData\Local\Google\Update\1.3.28.13\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-3206007939-3703904605-1476991908-1001_Classes\CLSID\{793EE463-1304-471C-ADF1-68C2FFB01247}\InprocServer32 -> C:\Users\Gerhard\AppData\Local\Google\Update\1.3.29.5\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-3206007939-3703904605-1476991908-1001_Classes\CLSID\{7DCC32F2-DAEF-4CDE-A81A-F45DAA3EB0B0}\InprocServer32 -> C:\Program Files\Xara\Xara Designer Pro X10\Filters\DEU\HTMLfilter.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-3206007939-3703904605-1476991908-1001_Classes\CLSID\{7F75D6E7-EE09-46d8-A83E-040926610774}\InprocServer32 -> C:\Program Files\Xara\Xara Designer Pro X10\Filters\DEU\DocImport\DocImport.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-3206007939-3703904605-1476991908-1001_Classes\CLSID\{84B5A313-CD5D-4904-8BA2-AFDC81C1B309}\InprocServer32 -> C:\Users\Gerhard\AppData\Local\Citrix\GoToMeeting\5102\G2MOutlookAddin64.dll (Citrix Online, a division of Citrix Systems, Inc.)
CustomCLSID: HKU\S-1-5-21-3206007939-3703904605-1476991908-1001_Classes\CLSID\{91C4D714-252D-4660-90AF-F999F8D3EA76}\InprocServer32 -> C:\Program Files\Xara\Xara Designer Pro X10\Filters\DEU\PSDFilter.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-3206007939-3703904605-1476991908-1001_Classes\CLSID\{96379E3B-23DA-4F75-A23A-DBCF805CC406}\InprocServer32 -> C:\Program Files\Xara\Xara Designer Pro X11\Filters\DEU\DocImport\DocImport.dll ()
CustomCLSID: HKU\S-1-5-21-3206007939-3703904605-1476991908-1001_Classes\CLSID\{ACFF41B0-7315-4c16-A459-E7A5880EA0E5}\InprocServer32 -> C:\Program Files\Xara\Xara Designer Pro X10\Filters\DEU\XPSFilter.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-3206007939-3703904605-1476991908-1001_Classes\CLSID\{B189AF08-C20E-44e6-A12E-3790640BBCD0}\InprocServer32 -> C:\Program Files\Xara\Xara Designer Pro X10\Filters\DEU\RAWImport\RAWImport.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-3206007939-3703904605-1476991908-1001_Classes\CLSID\{B27868B8-49B9-450c-BC04-907704465D79}\InprocServer32 -> C:\Program Files\Xara\Xara Designer Pro X10\Filters\DEU\PDFXFilter\PDFXFilter.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-3206007939-3703904605-1476991908-1001_Classes\CLSID\{B3D4021A-E5F5-4ba6-ABAB-B6B6445A5549}\InprocServer32 -> C:\Program Files\Xara\Xara Designer Pro X10\Filters\DEU\TIFFImport.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-3206007939-3703904605-1476991908-1001_Classes\CLSID\{BD1631EA-6D82-4407-9B96-5B40DA7BCCC1}\InprocServer32 -> C:\Program Files\Xara\Xara Designer Pro X10\Filters\DEU\PDFImport\PDFImport.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-3206007939-3703904605-1476991908-1001_Classes\CLSID\{C0908775-F5BD-4caf-B8BE-7138F7EBAAEE}\InprocServer32 -> C:\Program Files\Xara\Xara Designer Pro X10\Filters\DEU\PPImport.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-3206007939-3703904605-1476991908-1001_Classes\CLSID\{C2A30267-3451-441F-93AD-8C8399CB426B}\InprocServer32 -> C:\Program Files\Xara\Xara Designer Pro X11\Filters\DEU\HTMLfilter.dll (Xara Group Ltd.)
CustomCLSID: HKU\S-1-5-21-3206007939-3703904605-1476991908-1001_Classes\CLSID\{C3BC25C0-FCD3-4F01-AFDD-41373F017C9A}\InprocServer32 -> C:\Users\Gerhard\AppData\Local\Google\Update\1.3.26.9\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-3206007939-3703904605-1476991908-1001_Classes\CLSID\{CB58FF31-2539-11D0-BDEE-0020AFE14B84}\localserver32 -> C:\Program Files\Xara\Xara Designer Pro X11\DesignerPro.exe (Xara Group Ltd.)
CustomCLSID: HKU\S-1-5-21-3206007939-3703904605-1476991908-1001_Classes\CLSID\{CB58FF32-2539-11D0-BDEE-0020AFE14B84}\localserver32 -> C:\Program Files\Xara\Xara Designer Pro X11\DesignerPro.exe (Xara Group Ltd.)
CustomCLSID: HKU\S-1-5-21-3206007939-3703904605-1476991908-1001_Classes\CLSID\{CC182BE1-84CE-4A57-B85C-FD4BBDF78CB2}\InprocServer32 -> C:\Users\Gerhard\AppData\Local\Google\Update\1.3.29.1\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-3206007939-3703904605-1476991908-1001_Classes\CLSID\{CCC4FDE7-EE88-454F-9B6E-60FD6B562289}\InprocServer32 -> C:\Program Files\Xara\Xara Designer Pro X11\Filters\DEU\RAWImport\RAWImport.dll ()
CustomCLSID: HKU\S-1-5-21-3206007939-3703904605-1476991908-1001_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}\InprocServer32 -> C:\Users\Gerhard\AppData\Local\Google\Update\1.3.25.11\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-3206007939-3703904605-1476991908-1001_Classes\CLSID\{D1EDC4F5-7F4D-4B12-906A-614ECF66DDAF}\InprocServer32 -> C:\Users\Gerhard\AppData\Local\Google\Update\1.3.28.15\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-3206007939-3703904605-1476991908-1001_Classes\CLSID\{E44A4F31-0C8B-42C2-A2A4-E743A0395B5F}\InprocServer32 -> C:\Program Files\Xara\Xara Designer Pro X11\Filters\DEU\PDFImport\PDFImport.dll ()
CustomCLSID: HKU\S-1-5-21-3206007939-3703904605-1476991908-1001_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Gerhard\AppData\Local\Google\Update\1.3.30.3\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3206007939-3703904605-1476991908-1001_Classes\CLSID\{E99245A1-DE06-4770-8208-B0494C933C65}\InprocServer32 -> C:\Program Files\Xara\Xara Designer Pro X11\Filters\DEU\SVGFilter.dll ()
CustomCLSID: HKU\S-1-5-21-3206007939-3703904605-1476991908-1001_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Gerhard\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3206007939-3703904605-1476991908-1001_Classes\CLSID\{EDC4A498-53B4-496C-A750-3AABCD48A6A3}\InprocServer32 -> C:\Program Files\Xara\Xara Designer Pro X11\Filters\DEU\EMFFilter.dll ()
CustomCLSID: HKU\S-1-5-21-3206007939-3703904605-1476991908-1001_Classes\CLSID\{FABA52C3-2D0F-4070-8086-57522F3A9D82}\InprocServer32 -> C:\Program Files\Xara\Xara Designer Pro X11\Filters\DEU\TIFFImport.dll ()
CustomCLSID: HKU\S-1-5-21-3206007939-3703904605-1476991908-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Gerhard\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3206007939-3703904605-1476991908-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Gerhard\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3206007939-3703904605-1476991908-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Gerhard\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3206007939-3703904605-1476991908-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Gerhard\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3206007939-3703904605-1476991908-1001_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Gerhard\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3206007939-3703904605-1476991908-1001_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Gerhard\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3206007939-3703904605-1476991908-1001_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Gerhard\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3206007939-3703904605-1476991908-1001_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Gerhard\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3206007939-3703904605-1476991908-1001_Classes\CLSID\{FBC9D74C-AF55-4309-9FB2-C426E071637F}\InprocServer32 -> C:\Users\Gerhard\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.)

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {003E6E88-F385-4A27-9583-10251741847C} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\Windows\ehome\mcupdate.exe
Task: {11E8F971-1E4D-4BD1-98D2-463EE75A28D0} - System32\Tasks\{71D0C8C7-3F3A-495F-857B-04309D1EB675} => pcalua.exe -a D:\ÖVP\Zeitung\setup(1).exe -d D:\ÖVP\Zeitung
Task: {138C4968-A7B9-4DF2-B614-97AB643CD216} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\Windows\ehome\ehPrivJob.exe
Task: {154DCAC6-4668-4AC5-B42A-95D74C718505} - System32\Tasks\AdobeAAMUpdater-1.0-Admin-PC-Gerhard => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2016-01-07] (Adobe Systems Incorporated)
Task: {24AC897E-B719-4F4E-82A4-CEB20A17DE9B} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\Windows\ehome\ehPrivJob.exe
Task: {26BD3BEB-F1F5-43FF-A6DA-538EEFB14B3D} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\Windows\ehome\ehPrivJob.exe
Task: {2D0C1610-0227-47C2-A32E-6494C29C9001} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Keine Datei <==== ACHTUNG
Task: {2DB45EF5-15CA-4B94-B6C2-1115B2B95261} - System32\Tasks\Java Platform SE Auto Updater => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2016-05-20] (Oracle Corporation)
Task: {322F7AE2-BCB3-408A-A11E-44C65FB0427E} - System32\Tasks\Run RoboForm TaskBar Icon => C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe [2016-04-09] (Siber Systems)
Task: {337EB52D-3586-44D2-98BC-1F6717D7BF6B} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {3463BA2E-051F-477F-A26B-56212DF595FA} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3206007939-3703904605-1476991908-1001UA => C:\Users\Gerhard\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {38CFB09F-71F9-4EE4-9395-908E1B693AE5} - System32\Tasks\eM Client Database Backup => C:\Program Files (x86)\eM Client\DbBackup.exe [2016-02-29] ()
Task: {3CF2BFE0-364C-4B34-8ACA-8F18069D9D9F} - System32\Tasks\AdobeAAMUpdater-1.0-Admin-PC-Admin => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2016-01-07] (Adobe Systems Incorporated)
Task: {42355926-806F-4614-9CFF-0931C4B4AB73} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-27] (Google Inc.)
Task: {43427614-8FAB-4A70-83B0-2CF34D1F80B1} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\Windows\ehome\ehPrivJob.exe
Task: {4518D769-249F-43E1-B1B2-E953ED2DF0FD} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG
Task: {45A2B397-0FCA-4879-ACFE-4B4413158B1D} - System32\Tasks\Open URL by RoboForm => Rundll32.exe url.dll,FileProtocolHandler "hxxp://www.roboform.com/test-pass.html?aaa=KICMNMHMGMHMLJHMPMPMCNOJMMLMMMCNLMLJNJNMCNOJJJIMNJCNOJJJOJGMLJLMOMLJIMGMOMMJJNJICMIMCNGMCNGMFMHMCNPMCNIMJMPMPMFMJMCNOMCNIMJMPMPMCNNMJNPICMOMFMMJBJKJLIMJFMPMJNHICMMJBJKJLIMJJNBJCMILKJNIHJOJNILJJNKJCMJNNICMJNDJCMLJKJJNMJCMOMFMLMJM (Der Dateneintrag hat 41 mehr Zeichen).
Task: {4E40CF6E-3377-4AFB-A4DF-F21930F946C4} - System32\Tasks\ATKOSD2 => C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [2013-09-09] (ASUSTek Computer Inc.)
Task: {599866F9-321C-4136-BEC7-1A69678568D6} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Keine Datei <==== ACHTUNG
Task: {5A0DA88B-11A9-4953-A383-80E425560004} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Keine Datei <==== ACHTUNG
Task: {5B7C48BF-FA61-4027-8DD0-AAB2CF26692A} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\Windows\ehome\ehPrivJob.exe
Task: {5B8BC7CE-BD50-40F4-9B14-D280A832EFA0} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-3206007939-3703904605-1476991908-1001UA => C:\Users\Gerhard\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-20] (Dropbox, Inc.)
Task: {61332164-FA69-441C-AA30-1BBD71532111} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Keine Datei <==== ACHTUNG
Task: {621CF455-E6D7-4DE2-9CA1-66A08C6DB584} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {67AB2966-866D-432D-A391-3072835C6C00} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2016-06-10] (Microsoft Corporation)
Task: {68CB1F80-7303-4609-8AC7-A475D3614EA3} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3206007939-3703904605-1476991908-1001Core => C:\Users\Gerhard\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {6BDBB9E7-F404-4239-A51F-1F9C254DF582} - System32\Tasks\{3F6D5430-DB72-4F02-9658-ADAB2B3A2707} => pcalua.exe -a D:\ÖVP\Zeitung\setup.exe -d D:\ÖVP\Zeitung
Task: {7492C1C6-8029-44A2-AA24-0F45E53B6824} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei <==== ACHTUNG
Task: {759F286D-71CF-42DD-8666-400E823DC24A} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {77920D30-8AF8-4E95-95E6-61C2F76FE51A} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\Windows\ehome\ehPrivJob.exe
Task: {77FB0A62-F8FD-49CD-A513-B90856703772} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\Windows\ehome\ehPrivJob.exe
Task: {7E7AAA1A-C92A-446D-BE2B-603030E23837} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\Windows\ehome\ehPrivJob.exe
Task: {87C2F394-88B4-42B1-9232-9A036DA582C6} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {8AACB638-0B54-4F62-A66D-8C159AFB8CE8} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\Windows\ehome\MCUpdate.exe
Task: {8E36D3AE-2164-49B8-9AF0-4DE1A6F92DCA} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\Windows\ehome\ehrec.exe
Task: {93198939-0B23-4AA2-96B1-363F7BF3AEBA} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-27] (Google Inc.)
Task: {9B853FBB-9FB9-4A1F-885E-587EE57DA356} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> Keine Datei <==== ACHTUNG
Task: {9B90FC10-1883-4EF8-8610-E9E0DE02F170} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\Windows\ehome\ehrec.exe
Task: {9F1833F8-82D2-4BEB-B2D0-54508F087F00} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-06-17] (Adobe Systems Incorporated)
Task: {A1D27128-2DA7-4EE2-9454-8C6D676587E0} - \Microsoft\Windows\Setup\GWXTriggers\OnIdle-5d -> Keine Datei <==== ACHTUNG
Task: {A5E4D9E2-8B1A-4830-B180-E10148A37D1C} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\Windows\ehome\ehPrivJob.exe
Task: {A9ACDE2F-5349-4EFC-838F-8B2A33F29D23} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\Windows\ehome\mcupdate.exe
Task: {A9EB9EFA-3C18-444E-A0D9-9812503FBE0E} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2016-02-23] (Apple Inc.)
Task: {BE13F8C5-56CA-4BD9-A537-AB078C2E03CB} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\Windows\ehome\ehPrivJob.exe
Task: {BF098D32-0C7A-4060-9F28-7FD456B6A154} - System32\Tasks\Bitdefender Agent WatchDog_65D6944A0EF74FDAB96E31112AD39864 => C:\Program Files\Bitdefender Agent\WatchDog.exe [2016-03-30] (Bitdefender)
Task: {C2D0553C-529B-40F5-BE90-25A49CECEBC3} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\Windows\ehome\ehPrivJob.exe
Task: {C309A885-AE94-47DC-A9F1-288A51444AA5} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\Windows\ehome\mcupdate.exe
Task: {C7684B91-2705-4677-8EA8-DE6F00652DA2} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-3206007939-3703904605-1476991908-1001Core => C:\Users\Gerhard\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-20] (Dropbox, Inc.)
Task: {CB2AA5BE-AF35-4F5D-8FBC-48DDD0D46623} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine Datei <==== ACHTUNG
Task: {CB743F78-90CA-4437-A4BA-3E532D68BE6F} - System32\Tasks\WinThruster => C:\Program Files (x86)\WinThruster\WinThruster.exe <==== ACHTUNG
Task: {D1EFBBF2-ABFB-400B-8018-A6B72177A372} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\Windows\ehome\ehPrivJob.exe
Task: {D54DC8C4-83BC-40CF-A85E-B2FE0DF3AD42} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\Windows\ehome\ehPrivJob.exe
Task: {D72944BB-9748-45BE-BF05-0E7D0191B72E} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2016-06-10] (Microsoft Corporation)
Task: {D7E69832-FF36-41E6-A9F1-69D27FCC7EBA} - System32\Tasks\Bitdefender Update Product Data_A17FD818A96743FAB28AC221BEB4B2C8 => C:\Program Files\Bitdefender\Bitdefender 2015\bdproductdata.exe
Task: {DAD147A4-69D5-4D25-BC55-F87543D04529} - System32\Tasks\G2MUpdateTask-S-1-5-21-3206007939-3703904605-1476991908-1001 => C:\Users\Gerhard\AppData\Local\Citrix\GoToMeeting\5102\g2mupdate.exe [2016-06-15] (Citrix Online, a division of Citrix Systems, Inc.)
Task: {DF60C9ED-A3EB-4BCE-827E-334C09E9F667} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> Keine Datei <==== ACHTUNG
Task: {F41A105A-D6DE-4979-87B4-6D04F3F9584B} - System32\Tasks\G2MUploadTask-S-1-5-21-3206007939-3703904605-1476991908-1001 => C:\Users\Gerhard\AppData\Local\Citrix\GoToMeeting\5102\g2mupload.exe [2016-06-15] (Citrix Online, a division of Citrix Systems, Inc.)
Task: {F7672DC8-C27C-45D0-8CA6-4ABFE4226EC0} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Keine Datei <==== ACHTUNG
Task: {F7DB07FB-E238-41E6-ACF2-061F5B9AA304} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2016-06-10] (Microsoft Corporation)
Task: {F7DCFD71-4D81-4829-A80C-F363BE171389} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-04-22] (Adobe Systems Incorporated)
Task: {F8A4E564-3A3A-401E-9E6D-7E873C5E1F24} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG
Task: {F9D85607-EA3E-4213-864B-605F55DFCCFB} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Keine Datei <==== ACHTUNG

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-3206007939-3703904605-1476991908-1001Core.job => C:\Users\Gerhard\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-3206007939-3703904605-1476991908-1001UA.job => C:\Users\Gerhard\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\G2MUpdateTask-S-1-5-21-3206007939-3703904605-1476991908-1001.job => C:\Users\Gerhard\AppData\Local\Citrix\GoToMeeting\5102\g2mupdate.exe
Task: C:\WINDOWS\Tasks\G2MUploadTask-S-1-5-21-3206007939-3703904605-1476991908-1001.job => C:\Users\Gerhard\AppData\Local\Citrix\GoToMeeting\5102\g2mupload.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3206007939-3703904605-1476991908-1001Core.job => C:\Users\Gerhard\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3206007939-3703904605-1476991908-1001UA.job => C:\Users\Gerhard\AppData\Local\Google\Update\GoogleUpdate.exe

==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

Shortcut: C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WonderFox Soft\WonderFox Video Watermark\Buy WonderFox Video Watermark on online.lnk -> hxxp:( (Keine Datei)
Shortcut: C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WonderFox Soft\WonderFox Video Watermark\WonderFox Video Watermark on the web.lnk -> hxxp:( (Keine Datei)
Shortcut: C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Document Manager\Buy Document Manager on online.lnk -> hxxp:( (Keine Datei)
Shortcut: C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Document Manager\Document Manager on the web.lnk -> hxxp:( (Keine Datei)

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2015-10-30 09:18 - 2015-10-30 09:18 - 00185856 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2016-01-20 01:22 - 2013-09-03 14:29 - 00101328 _____ () C:\Program Files\Bitdefender\Bitdefender 2016\bdmetrics.dll
2016-05-09 11:18 - 2016-05-09 11:18 - 01006336 _____ () C:\Program Files\Bitdefender\Bitdefender 2016\otengines_02251_008\ashttpbr.mdl
2016-05-09 11:18 - 2016-05-09 11:18 - 00541952 _____ () C:\Program Files\Bitdefender\Bitdefender 2016\otengines_02251_008\ashttpdsp.mdl
2016-05-09 11:18 - 2016-05-09 11:18 - 03035488 _____ () C:\Program Files\Bitdefender\Bitdefender 2016\otengines_02251_008\ashttpph.mdl
2016-05-09 11:18 - 2016-05-09 11:18 - 01541440 _____ () C:\Program Files\Bitdefender\Bitdefender 2016\otengines_02251_008\ashttprbl.mdl
2016-05-31 13:22 - 2016-06-03 05:59 - 00133056 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2016-06-01 08:34 - 2016-03-29 12:20 - 02656952 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2016-06-01 08:34 - 2016-03-29 12:20 - 02656952 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2015-11-28 19:13 - 2015-11-14 05:23 - 00553120 ____N () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll
2016-05-31 15:21 - 2016-05-31 15:21 - 00959168 _____ () C:\Users\Gerhard\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64\ClientTelemetry.dll
2016-04-22 01:07 - 2016-04-22 01:07 - 00092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2016-04-22 01:07 - 2016-04-22 01:07 - 01337144 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2016-05-20 15:41 - 2016-05-02 07:54 - 00369208 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\MessageBus.dll
2016-02-02 10:46 - 2016-05-02 07:55 - 00289848 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamBase.dll
2016-05-20 15:41 - 2016-05-02 07:54 - 01148984 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\libprotobuf.dll
2016-05-20 15:41 - 2016-05-02 07:55 - 03613240 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Poco.dll
2016-06-01 08:32 - 2015-12-07 06:14 - 00093696 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\Windows.UI.Shell.SharedUtilities.dll
2016-06-01 08:33 - 2016-04-23 06:25 - 00472064 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2016-06-01 08:32 - 2016-04-23 06:25 - 00674816 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\MtcUvc.dll
2015-07-16 03:18 - 2015-07-16 03:18 - 00347968 _____ () C:\Program Files\Common Files\Acronis\BackupAndRecovery\Common\fnls.dll
2015-07-15 22:21 - 2015-07-15 22:21 - 00023872 _____ () C:\Program Files\Common Files\Acronis\BackupAndRecovery\Common\core_workers_shared_context.dll
2015-07-15 22:21 - 2015-07-15 22:21 - 01066304 _____ () C:\Program Files\Common Files\Acronis\BackupAndRecovery\Common\sqlite3.dll
2016-06-15 09:05 - 2016-05-28 05:59 - 07992832 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2016-06-15 09:05 - 2016-05-28 05:53 - 00591360 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-06-15 09:05 - 2016-05-28 05:54 - 02483200 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2016-06-15 09:05 - 2016-05-28 05:56 - 04089856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2016-05-20 15:41 - 2016-05-02 07:55 - 02667576 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\NvMdnsPlugin.dll
2016-05-20 15:41 - 2016-05-02 07:55 - 01990200 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\NvPortForwardPlugin.dll
2016-05-20 15:41 - 2016-05-02 07:55 - 01842232 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\RtspPlugin.dll
2016-02-02 10:46 - 2016-05-02 07:55 - 00208952 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\RtspServer.dll
2016-01-25 10:09 - 2015-12-21 12:16 - 00269824 _____ () C:\Program Files (x86)\Syncios\SynciosDeviceService.exe
2015-11-28 19:12 - 2015-11-14 05:22 - 31401120 ____N () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
2016-05-31 13:58 - 2016-05-31 13:58 - 00959168 _____ () C:\Users\Admin\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64\ClientTelemetry.dll
2016-05-31 15:52 - 2016-05-31 15:52 - 00144384 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe
2016-05-20 15:41 - 2016-05-02 07:54 - 00035896 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\boost_system-vc120-mt-1_58.dll
2016-05-20 15:41 - 2016-05-02 07:54 - 00921656 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\boost_regex-vc120-mt-1_58.dll
2015-03-31 14:13 - 2016-05-02 08:02 - 00020536 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2016-06-02 17:04 - 2016-06-02 17:04 - 00134656 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\MailClient.1d52ed9e#\8b954fa3841099149fb902aef57b00ab\MailClient.Collections.ni.dll
2016-06-02 17:04 - 2016-06-02 17:04 - 00491520 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\MailClient.Mail\0287751dbfb4a91eb5d96e37b50cd420\MailClient.Mail.ni.dll
2016-06-02 17:04 - 2016-06-02 17:04 - 00934400 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\HTMLEditorControl\118e2a2afdc8e286fc61027af3d0db0a\HTMLEditorControl.ni.dll
2016-06-02 17:04 - 2016-06-02 17:04 - 00552960 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\LinqBridge\7bb0900f8f5cedd46a506431e78db50e\LinqBridge.ni.dll
2016-06-02 17:04 - 2016-06-02 17:04 - 00020992 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\MailClient.Interop\4600e088566adcb15be2425cd8eb257c\MailClient.Interop.ni.dll
2016-06-02 17:04 - 2016-06-02 17:04 - 00580096 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\MailClient.Common.UI\aa025cda2f377b8f7506078d3d0a08dc\MailClient.Common.UI.ni.dll
2014-05-28 17:48 - 2014-05-28 17:48 - 00642016 _____ () C:\Program Files (x86)\eM Client\SQLite\x86\sqlite3.dll
2016-06-02 17:04 - 2016-06-02 17:04 - 00082944 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\SystemCoreTimeZone\a7dc8ba7ce1c082eec3c2f1607dcafb9\SystemCoreTimeZone.ni.dll
2016-06-02 17:04 - 2016-06-02 17:04 - 00097280 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\MailClient.Sasl\71735f4b8ec19e93562b9a06c1ebca9f\MailClient.Sasl.ni.dll
2016-06-02 17:04 - 2016-06-02 17:04 - 00639488 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\HtmlInterop\6d0678987a0d179b076b78679df835dd\HtmlInterop.ni.dll
2016-06-02 17:04 - 2016-06-02 17:04 - 01570816 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\WindowsAPICodePack\9099fe289d4dce50355c9dec8e3744d4\WindowsAPICodePack.ni.dll
2016-06-02 17:04 - 2016-06-02 17:04 - 00249344 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\MailClient.Imap.Base\0edab2a256e078aa7c1cc73ea91fd5f4\MailClient.Imap.Base.ni.dll
2016-04-22 01:08 - 2016-04-22 01:08 - 00080184 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2016-04-22 01:07 - 2016-04-22 01:07 - 00244024 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxslt.dll
2016-04-22 01:08 - 2016-04-22 01:08 - 01047864 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2015-03-17 02:34 - 2015-03-17 02:34 - 00010240 _____ () C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\locale\de_de\acrotray.deu
2015-11-28 19:12 - 2015-11-16 18:43 - 40523440 ____N () C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\CEF\libcef.dll
2015-11-28 19:12 - 2015-11-16 18:43 - 01365680 ____N () C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\CEF\libglesv2.dll
2015-11-28 19:12 - 2015-11-16 18:43 - 00219312 ____N () C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\CEF\libegl.dll
2016-01-25 10:09 - 2015-12-21 12:16 - 00398848 _____ () C:\Program Files (x86)\Syncios\DuiLib.dll
2016-01-25 10:10 - 2015-12-18 17:51 - 00073728 _____ () C:\Program Files (x86)\Syncios\generalFunc_pdt.dll
2016-01-25 10:10 - 2015-12-21 12:16 - 00176128 _____ () C:\Program Files (x86)\Syncios\driverMgr4Transfer_pdt.dll
2016-01-25 10:10 - 2015-12-21 12:16 - 00966144 _____ () C:\Program Files (x86)\Syncios\androidSyncCore_pdm.dll
2015-11-25 20:35 - 2015-11-25 20:35 - 00124416 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\fs-ext\build\Release\fs-ext.node
2015-11-25 20:35 - 2015-11-25 20:35 - 00188416 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\node-vulcanjs\build\Release\VulcanJS.node
2015-11-25 20:35 - 2015-11-25 20:35 - 00121344 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\ref\build\Release\binding.node
2015-11-25 20:35 - 2015-11-25 20:35 - 00129536 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\ffi\build\Release\ffi_bindings.node
2015-11-25 14:22 - 2015-11-25 14:22 - 00158384 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\node-ProxyResolver\native\ProxyResolverWin.dll
2015-11-25 20:35 - 2015-11-25 20:35 - 00081408 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\idle-gc\build\Release\idle-gc.node
2016-05-31 15:20 - 2016-05-31 15:20 - 00679624 _____ () C:\Users\Gerhard\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\ClientTelemetry.dll
2016-06-02 17:03 - 2016-06-02 17:03 - 00994816 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\StructureMap\7278066c28ef79b42aceae2bcef0abc1\StructureMap.ni.dll
2016-06-02 17:03 - 2016-06-02 17:03 - 00080384 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\CustomOpenF03f8d4da#\550953e7afd2d4424d479088872d55c8\CustomOpenFileFolderDialog.ni.dll
2016-06-02 17:04 - 2016-06-02 17:04 - 00016384 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Cyberduck.B44fc8213#\b137084e6cb585359edaf6a838861b36\Cyberduck.Bonjour.Native.ni.dll
2016-05-31 15:52 - 2016-05-31 15:52 - 00141312 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeBackgroundTasks.dll
2016-05-31 15:52 - 2016-05-31 15:52 - 22284800 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkyWrap.dll
2016-05-31 13:58 - 2016-05-31 13:58 - 00679624 _____ () C:\Users\Admin\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\ClientTelemetry.dll
2016-06-30 11:19 - 2016-06-02 10:33 - 00268080 _____ () C:\Program Files (x86)\Ashampoo\Ashampoo Snap 9\CrashRpt1403.dll
2016-06-30 11:19 - 2016-06-02 10:32 - 00085296 _____ () C:\Program Files (x86)\Ashampoo\Ashampoo Snap 9\MouseHook.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)

AlternateDataStreams: C:\Users\Admin\Downloads\setup_syncios.exe:BDU [0]
AlternateDataStreams: C:\Users\Gerhard\Downloads\HMA-Pro-VPN-2.8.24.0-installer.exe:BDU [0]

==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)


==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)

IE restricted site: HKU\S-1-5-21-3206007939-3703904605-1476991908-1000\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-21-3206007939-3703904605-1476991908-1000\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-3206007939-3703904605-1476991908-1000\...\008k.com -> www.008k.com
IE restricted site: HKU\S-1-5-21-3206007939-3703904605-1476991908-1000\...\00hq.com -> www.00hq.com
IE restricted site: HKU\S-1-5-21-3206007939-3703904605-1476991908-1000\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-21-3206007939-3703904605-1476991908-1000\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-3206007939-3703904605-1476991908-1000\...\0scan.com -> www.0scan.com
IE restricted site: HKU\S-1-5-21-3206007939-3703904605-1476991908-1000\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\S-1-5-21-3206007939-3703904605-1476991908-1000\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-3206007939-3703904605-1476991908-1000\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\S-1-5-21-3206007939-3703904605-1476991908-1000\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\S-1-5-21-3206007939-3703904605-1476991908-1000\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\S-1-5-21-3206007939-3703904605-1476991908-1000\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\S-1-5-21-3206007939-3703904605-1476991908-1000\...\10sek.com -> www.10sek.com
IE restricted site: HKU\S-1-5-21-3206007939-3703904605-1476991908-1000\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\S-1-5-21-3206007939-3703904605-1476991908-1000\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\S-1-5-21-3206007939-3703904605-1476991908-1000\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\S-1-5-21-3206007939-3703904605-1476991908-1000\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\S-1-5-21-3206007939-3703904605-1476991908-1000\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\S-1-5-21-3206007939-3703904605-1476991908-1000\...\123simsen.com -> www.123simsen.com

Da befinden sich 7849 mehr Seiten.

IE restricted site: HKU\S-1-5-21-3206007939-3703904605-1476991908-1001\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-21-3206007939-3703904605-1476991908-1001\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-3206007939-3703904605-1476991908-1001\...\008k.com -> www.008k.com
IE restricted site: HKU\S-1-5-21-3206007939-3703904605-1476991908-1001\...\00hq.com -> www.00hq.com
IE restricted site: HKU\S-1-5-21-3206007939-3703904605-1476991908-1001\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-21-3206007939-3703904605-1476991908-1001\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-3206007939-3703904605-1476991908-1001\...\0scan.com -> www.0scan.com
IE restricted site: HKU\S-1-5-21-3206007939-3703904605-1476991908-1001\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\S-1-5-21-3206007939-3703904605-1476991908-1001\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-3206007939-3703904605-1476991908-1001\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\S-1-5-21-3206007939-3703904605-1476991908-1001\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\S-1-5-21-3206007939-3703904605-1476991908-1001\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\S-1-5-21-3206007939-3703904605-1476991908-1001\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\S-1-5-21-3206007939-3703904605-1476991908-1001\...\10sek.com -> www.10sek.com
IE restricted site: HKU\S-1-5-21-3206007939-3703904605-1476991908-1001\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\S-1-5-21-3206007939-3703904605-1476991908-1001\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\S-1-5-21-3206007939-3703904605-1476991908-1001\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\S-1-5-21-3206007939-3703904605-1476991908-1001\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\S-1-5-21-3206007939-3703904605-1476991908-1001\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\S-1-5-21-3206007939-3703904605-1476991908-1001\...\123simsen.com -> www.123simsen.com

Da befinden sich 7849 mehr Seiten.


==================== Hosts Inhalt: ==========================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2009-07-14 04:34 - 2016-07-01 20:44 - 00000989 ____A C:\WINDOWS\system32\Drivers\etc\hosts

127.0.0.1       www.softwarenetz.de
127.0.0.1 activation.cloud.techsmith.com
127.0.0.1 support.apowersoft.com
127.0.0.1 apowersoft.com
127.0.0.1 apowersoft.com

==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-3206007939-3703904605-1476991908-1000\Control Panel\Desktop\\Wallpaper -> E:\BILDER\04 10 2014\DSC07553.JPG
HKU\S-1-5-21-3206007939-3703904605-1476991908-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Windows\img0.jpg
HKU\S-1-5-21-3206007939-3703904605-1476991908-1009\Control Panel\Desktop\\Wallpaper -> 
DNS Servers: 217.16.112.21 - 112.15.112.22
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

MSCONFIG\Services: MpsSvc => 2
MSCONFIG\startupreg: Acrobat Assistant 8.0 => 
MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
MSCONFIG\startupreg: iTunesHelper => 
MSCONFIG\startupreg: Wondershare Helper Compact.exe => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
HKU\S-1-5-21-3206007939-3703904605-1476991908-1001\...\StartupApproved\Run: => "AudialsNotifier"
HKU\S-1-5-21-3206007939-3703904605-1476991908-1001\...\StartupApproved\Run: => "SpybotPostWindows10UpgradeReInstall"
HKU\S-1-5-21-3206007939-3703904605-1476991908-1001\...\StartupApproved\Run: => "Mailbird"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [MSMQ-In-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-In-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [WCF-NetTcpActivator-In-TCP-64bit] => (Allow) LPort=808
FirewallRules: [{DF0961B8-5FFB-4D8C-835E-F20DB52AB2C1}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe
FirewallRules: [{344FE62C-F5C3-4B1D-A080-646EF62D4961}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{EC2346D7-7D91-48BB-B8D9-2BE23D5C5C27}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{4373B100-02EB-40FB-A42B-582C9828E782}] => (Allow) C:\Program Files\BackupClient\BackupAndRecovery\mms.exe
FirewallRules: [{FD87C8A6-E919-44E4-BDED-2B0BCF7BE7C9}] => (Allow) C:\Program Files\BackupClient\BackupAndRecovery\mms.exe
FirewallRules: [{6DE1297D-7458-40AB-B5D1-94BD6D5C21EC}] => (Allow) C:\Program Files\BackupClient\BackupAndRecovery\mms.exe
FirewallRules: [{F157F8F4-7763-4649-9D77-802D14B03553}] => (Allow) C:\Program Files\BackupClient\BackupAndRecovery\mms.exe
FirewallRules: [{98CBFA30-3BE5-482D-9D40-395AA38557A2}] => (Allow) C:\Program Files\BackupClient\BackupAndRecovery\mms.exe
FirewallRules: [{C54713A1-7F5A-47BE-B88F-56DBEB0BB8FD}] => (Allow) C:\Program Files\BackupClient\BackupAndRecovery\mms.exe
FirewallRules: [{C219B68D-107D-4ED6-A8F4-62078C9FA3E7}] => (Allow) C:\Program Files (x86)\Common Files\Acronis\Agent\agent.exe
FirewallRules: [{89EF4EAF-AD22-472B-B596-8FB3A09DA617}] => (Allow) C:\Program Files (x86)\Common Files\Acronis\Agent\agent.exe
FirewallRules: [{2906CA5B-2EB8-45C6-8FB5-78E73F1E78F2}] => (Allow) C:\Program Files (x86)\Common Files\Acronis\Agent\agent.exe
FirewallRules: [{AAFFDD27-18DD-4C62-BF40-B6375A5A0E87}] => (Allow) C:\Program Files (x86)\Common Files\Acronis\Agent\agent.exe
FirewallRules: [{6B920B10-4172-4CD7-8C5B-1B19B5728707}] => (Allow) C:\Program Files (x86)\Common Files\Acronis\Agent\agent.exe
FirewallRules: [{3917D885-7A3D-4250-9F22-6F79AE07311F}] => (Allow) C:\Program Files (x86)\Common Files\Acronis\Agent\agent.exe
FirewallRules: [{7C33CAB8-81EA-4FF7-93D5-FFCF6A7DECF1}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{F5799F4D-8C3A-4886-8037-4B7C4A96047E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{993254D7-D46E-4F0C-90DC-5553B1C4D7CB}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{F5327A53-6AE4-4444-B641-E28871D00E35}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{75616997-624E-453D-88C1-9DB4C2DEF35E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{AB873D58-FC63-4C82-BB8A-71E1A351D3FF}] => (Allow) C:\Users\Gerhard\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{CD7B6402-9108-41E1-B1F7-CD3E4B6D37F3}] => (Allow) C:\Users\Gerhard\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{F34D2806-7817-4FA7-942E-CD97F97D78D3}] => (Allow) C:\Users\Gerhard\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{30E17762-A5DD-4D7C-A9DF-A7ED68A37F56}] => (Allow) C:\Users\Gerhard\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{9FC98E83-922A-4CED-88DD-534B9669CC07}] => (Allow) LPort=31931
FirewallRules: [{270E5188-42D0-4796-9DDE-DC99A8FAB9D8}] => (Allow) LPort=14714
FirewallRules: [{0DFDE7C3-EF83-4750-BC6B-C8236871A478}] => (Allow) LPort=12972
FirewallRules: [{8B8570CF-B9A2-4912-91C7-96EA544AB508}] => (Allow) C:\Program Files (x86)\Audials\Audials 12\Audials.exe
FirewallRules: [{10D1FFDD-5D80-4C9B-88A8-755F66733D56}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{891E2C80-7443-45FF-A22E-C5A9EED44116}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{F44FA888-5BE1-40BF-BDEE-D5CD48065F62}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{E86A1B46-7192-466E-8E8B-26D48EB5B786}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{6F04EB14-97A7-48A4-B759-902C493B4001}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{501D221F-1194-4D82-844C-C5C9C732E926}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Wiederherstellungspunkte =========================

14-06-2016 09:28:38 Installed Mailbird
17-06-2016 14:37:59 Windows Update
19-06-2016 12:32:12 Removed SpiderOak x64
23-06-2016 12:31:15 Windows Update
29-06-2016 13:35:40 Removed AliG SIF
30-06-2016 23:52:55 Snagit 12

==================== Fehlerhafte Geräte im Gerätemanager =============


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (07/01/2016 07:42:55 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: vsserv.exe, Version: 20.0.28.1515, Zeitstempel: 0x576d2d52
Name des fehlerhaften Moduls: scan.dll_unloaded, Version: 3.0.3.867, Zeitstempel: 0x5759875a
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000000014234
ID des fehlerhaften Prozesses: 0x4a8
Startzeit der fehlerhaften Anwendung: 0xvsserv.exe0
Pfad der fehlerhaften Anwendung: vsserv.exe1
Pfad des fehlerhaften Moduls: vsserv.exe2
Berichtskennung: vsserv.exe3
Vollständiger Name des fehlerhaften Pakets: vsserv.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: vsserv.exe5

Error: (07/01/2016 07:42:54 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: a2service.exe, Version: 11.9.0.6513, Zeitstempel: 0x5772c632
Name des fehlerhaften Moduls: ntdll.dll, Version: 10.0.10586.306, Zeitstempel: 0x571af2eb
Ausnahmecode: 0xc0000374
Fehleroffset: 0x00000000000ee6fc
ID des fehlerhaften Prozesses: 0x7e0
Startzeit der fehlerhaften Anwendung: 0xa2service.exe0
Pfad der fehlerhaften Anwendung: a2service.exe1
Pfad des fehlerhaften Moduls: a2service.exe2
Berichtskennung: a2service.exe3
Vollständiger Name des fehlerhaften Pakets: a2service.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: a2service.exe5

Error: (07/01/2016 02:19:19 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: a2service.exe, Version: 11.9.0.6513, Zeitstempel: 0x5772c632
Name des fehlerhaften Moduls: ntdll.dll, Version: 10.0.10586.306, Zeitstempel: 0x571af2eb
Ausnahmecode: 0xc0000374
Fehleroffset: 0x00000000000ee6fc
ID des fehlerhaften Prozesses: 0x21b8
Startzeit der fehlerhaften Anwendung: 0xa2service.exe0
Pfad der fehlerhaften Anwendung: a2service.exe1
Pfad des fehlerhaften Moduls: a2service.exe2
Berichtskennung: a2service.exe3
Vollständiger Name des fehlerhaften Pakets: a2service.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: a2service.exe5

Error: (07/01/2016 02:17:17 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: a2service.exe, Version: 11.9.0.6513, Zeitstempel: 0x5772c632
Name des fehlerhaften Moduls: ntdll.dll, Version: 10.0.10586.306, Zeitstempel: 0x571af2eb
Ausnahmecode: 0xc0000374
Fehleroffset: 0x00000000000ee6fc
ID des fehlerhaften Prozesses: 0x39c0
Startzeit der fehlerhaften Anwendung: 0xa2service.exe0
Pfad der fehlerhaften Anwendung: a2service.exe1
Pfad des fehlerhaften Moduls: a2service.exe2
Berichtskennung: a2service.exe3
Vollständiger Name des fehlerhaften Pakets: a2service.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: a2service.exe5

Error: (07/01/2016 02:16:05 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: a2service.exe, Version: 11.9.0.6513, Zeitstempel: 0x5772c632
Name des fehlerhaften Moduls: ntdll.dll, Version: 10.0.10586.306, Zeitstempel: 0x571af2eb
Ausnahmecode: 0xc0000374
Fehleroffset: 0x00000000000ee6fc
ID des fehlerhaften Prozesses: 0x880
Startzeit der fehlerhaften Anwendung: 0xa2service.exe0
Pfad der fehlerhaften Anwendung: a2service.exe1
Pfad des fehlerhaften Moduls: a2service.exe2
Berichtskennung: a2service.exe3
Vollständiger Name des fehlerhaften Pakets: a2service.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: a2service.exe5

Error: (07/01/2016 02:15:17 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: a2service.exe, Version: 11.9.0.6513, Zeitstempel: 0x5772c632
Name des fehlerhaften Moduls: ntdll.dll, Version: 10.0.10586.306, Zeitstempel: 0x571af2eb
Ausnahmecode: 0xc0000374
Fehleroffset: 0x00000000000ee6fc
ID des fehlerhaften Prozesses: 0x3f48
Startzeit der fehlerhaften Anwendung: 0xa2service.exe0
Pfad der fehlerhaften Anwendung: a2service.exe1
Pfad des fehlerhaften Moduls: a2service.exe2
Berichtskennung: a2service.exe3
Vollständiger Name des fehlerhaften Pakets: a2service.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: a2service.exe5

Error: (07/01/2016 02:13:16 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: a2service.exe, Version: 11.9.0.6513, Zeitstempel: 0x5772c632
Name des fehlerhaften Moduls: ntdll.dll, Version: 10.0.10586.306, Zeitstempel: 0x571af2eb
Ausnahmecode: 0xc0000374
Fehleroffset: 0x00000000000ee6fc
ID des fehlerhaften Prozesses: 0x36a8
Startzeit der fehlerhaften Anwendung: 0xa2service.exe0
Pfad der fehlerhaften Anwendung: a2service.exe1
Pfad des fehlerhaften Moduls: a2service.exe2
Berichtskennung: a2service.exe3
Vollständiger Name des fehlerhaften Pakets: a2service.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: a2service.exe5

Error: (07/01/2016 02:11:16 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: a2service.exe, Version: 11.9.0.6513, Zeitstempel: 0x5772c632
Name des fehlerhaften Moduls: ntdll.dll, Version: 10.0.10586.306, Zeitstempel: 0x571af2eb
Ausnahmecode: 0xc0000374
Fehleroffset: 0x00000000000ee6fc
ID des fehlerhaften Prozesses: 0x534
Startzeit der fehlerhaften Anwendung: 0xa2service.exe0
Pfad der fehlerhaften Anwendung: a2service.exe1
Pfad des fehlerhaften Moduls: a2service.exe2
Berichtskennung: a2service.exe3
Vollständiger Name des fehlerhaften Pakets: a2service.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: a2service.exe5

Error: (07/01/2016 02:09:17 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: a2service.exe, Version: 11.9.0.6513, Zeitstempel: 0x5772c632
Name des fehlerhaften Moduls: ntdll.dll, Version: 10.0.10586.306, Zeitstempel: 0x571af2eb
Ausnahmecode: 0xc0000374
Fehleroffset: 0x00000000000ee6fc
ID des fehlerhaften Prozesses: 0x3ad4
Startzeit der fehlerhaften Anwendung: 0xa2service.exe0
Pfad der fehlerhaften Anwendung: a2service.exe1
Pfad des fehlerhaften Moduls: a2service.exe2
Berichtskennung: a2service.exe3
Vollständiger Name des fehlerhaften Pakets: a2service.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: a2service.exe5

Error: (07/01/2016 02:07:11 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: a2service.exe, Version: 11.9.0.6513, Zeitstempel: 0x5772c632
Name des fehlerhaften Moduls: ntdll.dll, Version: 10.0.10586.306, Zeitstempel: 0x571af2eb
Ausnahmecode: 0xc0000374
Fehleroffset: 0x00000000000ee6fc
ID des fehlerhaften Prozesses: 0x3068
Startzeit der fehlerhaften Anwendung: 0xa2service.exe0
Pfad der fehlerhaften Anwendung: a2service.exe1
Pfad des fehlerhaften Moduls: a2service.exe2
Berichtskennung: a2service.exe3
Vollständiger Name des fehlerhaften Pakets: a2service.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: a2service.exe5


Systemfehler:
=============
Error: (07/01/2016 08:22:45 PM) (Source: DCOM) (EventID: 10016) (User: Admin-PC)
Description: ComputerstandardLokalAktivierung{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}Admin-PCGerhardS-1-5-21-3206007939-3703904605-1476991908-1001LocalHost (unter Verwendung von LRPC)Microsoft.Windows.Cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewyS-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742

Error: (07/01/2016 08:22:45 PM) (Source: DCOM) (EventID: 10016) (User: Admin-PC)
Description: ComputerstandardLokalAktivierung{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}Admin-PCGerhardS-1-5-21-3206007939-3703904605-1476991908-1001LocalHost (unter Verwendung von LRPC)Microsoft.Windows.Cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewyS-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742

Error: (07/01/2016 08:22:45 PM) (Source: DCOM) (EventID: 10016) (User: Admin-PC)
Description: ComputerstandardLokalAktivierung{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}Admin-PCGerhardS-1-5-21-3206007939-3703904605-1476991908-1001LocalHost (unter Verwendung von LRPC)Microsoft.Windows.Cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewyS-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742

Error: (07/01/2016 08:22:45 PM) (Source: DCOM) (EventID: 10016) (User: Admin-PC)
Description: ComputerstandardLokalAktivierung{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}Admin-PCGerhardS-1-5-21-3206007939-3703904605-1476991908-1001LocalHost (unter Verwendung von LRPC)Microsoft.Windows.Cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewyS-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742

Error: (07/01/2016 08:22:45 PM) (Source: DCOM) (EventID: 10016) (User: Admin-PC)
Description: ComputerstandardLokalAktivierung{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}Admin-PCGerhardS-1-5-21-3206007939-3703904605-1476991908-1001LocalHost (unter Verwendung von LRPC)Microsoft.Windows.Cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewyS-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742

Error: (07/01/2016 08:22:45 PM) (Source: DCOM) (EventID: 10016) (User: Admin-PC)
Description: ComputerstandardLokalAktivierung{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}Admin-PCGerhardS-1-5-21-3206007939-3703904605-1476991908-1001LocalHost (unter Verwendung von LRPC)Microsoft.Windows.Cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewyS-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742

Error: (07/01/2016 07:48:32 PM) (Source: DCOM) (EventID: 10016) (User: Admin-PC)
Description: ComputerstandardLokalAktivierung{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}Admin-PCGerhardS-1-5-21-3206007939-3703904605-1476991908-1001LocalHost (unter Verwendung von LRPC)Microsoft.Windows.Cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewyS-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742

Error: (07/01/2016 07:48:32 PM) (Source: DCOM) (EventID: 10016) (User: Admin-PC)
Description: ComputerstandardLokalAktivierung{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}Admin-PCGerhardS-1-5-21-3206007939-3703904605-1476991908-1001LocalHost (unter Verwendung von LRPC)Microsoft.Windows.Cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewyS-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742

Error: (07/01/2016 07:48:21 PM) (Source: DCOM) (EventID: 10016) (User: Admin-PC)
Description: ComputerstandardLokalAktivierung{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}Admin-PCGerhardS-1-5-21-3206007939-3703904605-1476991908-1001LocalHost (unter Verwendung von LRPC)Microsoft.Windows.Cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewyS-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742

Error: (07/01/2016 07:48:21 PM) (Source: DCOM) (EventID: 10016) (User: Admin-PC)
Description: ComputerstandardLokalAktivierung{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}Admin-PCGerhardS-1-5-21-3206007939-3703904605-1476991908-1001LocalHost (unter Verwendung von LRPC)Microsoft.Windows.Cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewyS-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742


CodeIntegrity:
===================================
  Date: 2016-07-01 20:46:05.543
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Emsisoft Anti-Malware\a2hooks64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-07-01 20:37:44.573
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Emsisoft Anti-Malware\a2hooks64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-07-01 20:37:09.852
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files (x86)\Emsisoft Anti-Malware\a2hooks64.dll that did not meet the Windows signing level requirements.

  Date: 2016-07-01 20:31:12.408
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Emsisoft Anti-Malware\a2hooks64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-07-01 20:15:21.997
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Emsisoft Anti-Malware\a2hooks64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-07-01 20:00:18.156
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Emsisoft Anti-Malware\a2hooks64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-07-01 19:50:53.840
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Emsisoft Anti-Malware\a2hooks64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-07-01 19:46:58.274
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Emsisoft Anti-Malware\a2hooks64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-07-01 19:46:05.744
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Emsisoft Anti-Malware\a2hooks64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-07-01 19:37:24.052
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Emsisoft Anti-Malware\a2hooks64.dll because the set of per-page image hashes could not be found on the system.


==================== Speicherinformationen =========================== 

Prozessor: Intel(R) Core(TM) i5-2430M CPU @ 2.40GHz
Prozentuale Nutzung des RAM: 56%
Installierter physikalischer RAM: 8169.16 MB
Verfügbarer physikalischer RAM: 3544.52 MB
Summe virtueller Speicher: 9137.16 MB
Verfügbarer virtueller Speicher: 2883.92 MB

==================== Laufwerke ================================

Drive c: () (Fixed) (Total:129.28 GB) (Free:32.66 GB) NTFS ==>[Laufwerk mit Startkomponenten (eingeholt von BCD)]
Drive d: () (Fixed) (Total:349.3 GB) (Free:92.68 GB) NTFS
Drive e: () (Fixed) (Total:349.33 GB) (Free:34.26 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 149.1 GB) (Disk ID: AA9693FE)
Partition 1: (Not Active) - (Size=19.3 GB) - (Type=1C)
Partition 2: (Active) - (Size=129.3 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=503 MB) - (Type=27)

========================================================
Disk: 1 (Size: 698.6 GB) (Disk ID: BBC58B91)
Partition 1: (Not Active) - (Size=349.3 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=349.3 GB) - (Type=07 NTFS)

==================== Ende von Addition.txt ============================
         

Alt 01.07.2016, 21:35   #8
deeprybka
/// TB-Ausbilder
/// Anleitungs-Guru
 
Banking Trojaner auf Smartphone, Online Konto gehackt, Login mit Laptop nicht möglich - Standard

Banking Trojaner auf Smartphone, Online Konto gehackt, Login mit Laptop nicht möglich



Hi,
hast Du für Bitdefender oder Emsisoft eine Lizenz gekauft? Ich würde anraten nur eines der beiden Programme zu behalten, vorzugsweise Emsisoft.

Schritt 1
Downloade dir bitte TDSSKiller TDSSKiller.exe und speichere diese Datei auf dem Desktop
  • Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
  • Drücke Start Scan
  • Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
    TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
    Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt
Poste den Inhalt bitte in jedem Fall hier in deinen Thread.
__________________
Gruß
deeprybka

Lob, Kritik, Wünsche?

Spende fürs trojaner-board?
_______________________________________________
„Neminem laede, immo omnes, quantum potes, iuva.“ Arthur Schopenhauer

Alt 01.07.2016, 22:24   #9
pinocchio
 
Banking Trojaner auf Smartphone, Online Konto gehackt, Login mit Laptop nicht möglich - Standard

Banking Trojaner auf Smartphone, Online Konto gehackt, Login mit Laptop nicht möglich



Hallo Jürgen,

ja ich habe sowohl für Bitdefender als auch für Emsisoft eine Lizenz. Beide noch für über ein Jahr. Aber egal, wichtig ist, dass das System einwandfrei funktioniert. Du meinst, dass es besser wäre, Bitdefender wegzugeben?

Hier das Logfile für TDSSKiller:

Code:
ATTFilter
22:15:33.0780 0x3a90  TDSS rootkit removing tool 3.1.0.9 Dec 11 2015 22:49:12
22:15:41.0491 0x3a90  ============================================================
22:15:41.0491 0x3a90  Current date / time: 2016/07/01 22:15:41.0491
22:15:41.0491 0x3a90  SystemInfo:
22:15:41.0491 0x3a90  
22:15:41.0492 0x3a90  OS Version: 10.0.10586 ServicePack: 0.0
22:15:41.0492 0x3a90  Product type: Workstation
22:15:41.0492 0x3a90  ComputerName: ADMIN-PC
22:15:41.0492 0x3a90  UserName: Admin
22:15:41.0492 0x3a90  Windows directory: C:\WINDOWS
22:15:41.0492 0x3a90  System windows directory: C:\WINDOWS
22:15:41.0492 0x3a90  Running under WOW64
22:15:41.0492 0x3a90  Processor architecture: Intel x64
22:15:41.0492 0x3a90  Number of processors: 4
22:15:41.0492 0x3a90  Page size: 0x1000
22:15:41.0492 0x3a90  Boot type: Normal boot
22:15:41.0492 0x3a90  ============================================================
22:15:41.0939 0x3a90  KLMD registered as C:\WINDOWS\system32\drivers\26292354.sys
22:15:42.0282 0x3a90  System UUID: {61616AAC-5ADB-B32B-30CE-E69EE017D340}
22:15:42.0916 0x3a90  Drive \Device\Harddisk0\DR0 - Size: 0x25433D6000 ( 149.05 Gb ), SectorSize: 0x200, Cylinders: 0x4C01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
22:15:42.0918 0x3a90  Drive \Device\Harddisk1\DR1 - Size: 0xAEA8CDE000 ( 698.64 Gb ), SectorSize: 0x200, Cylinders: 0x16441, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
22:15:42.0921 0x3a90  ============================================================
22:15:42.0921 0x3a90  \Device\Harddisk0\DR0:
22:15:42.0921 0x3a90  MBR partitions:
22:15:42.0921 0x3a90  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x268E000, BlocksNum 0x1028F367
22:15:42.0921 0x3a90  \Device\Harddisk1\DR1:
22:15:42.0921 0x3a90  MBR partitions:
22:15:42.0921 0x3a90  \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x2BA9C000
22:15:42.0922 0x3a90  \Device\Harddisk1\DR1\Partition2: MBR, Type 0x7, StartLBA 0x2BA9C800, BlocksNum 0x2BAA9EF0
22:15:42.0922 0x3a90  ============================================================
22:15:42.0925 0x3a90  C: <-> \Device\Harddisk0\DR0\Partition1
22:15:42.0997 0x3a90  D: <-> \Device\Harddisk1\DR1\Partition1
22:15:43.0038 0x3a90  E: <-> \Device\Harddisk1\DR1\Partition2
22:15:43.0038 0x3a90  ============================================================
22:15:43.0038 0x3a90  Initialize success
22:15:43.0038 0x3a90  ============================================================
22:17:02.0163 0x0930  ============================================================
22:17:02.0163 0x0930  Scan started
22:17:02.0163 0x0930  Mode: Manual; SigCheck; TDLFS; 
22:17:02.0163 0x0930  ============================================================
22:17:02.0164 0x0930  KSN ping started
22:17:02.0256 0x0930  KSN ping finished: true
22:17:03.0186 0x0930  ================ Scan system memory ========================
22:17:03.0186 0x0930  System memory - ok
22:17:03.0188 0x0930  ================ Scan services =============================
22:17:03.0260 0x0930  1394ohci - ok
22:17:03.0268 0x0930  3ware - ok
22:17:03.0539 0x0930  [ 7E140E64ABACF3B2607EB53EA1081A68, 13CFCC08C3ADD412E228EA69EF7DE351CE5DF098B7094E32946E7E26B0DED70C ] a2AntiMalware   C:\Program Files (x86)\Emsisoft Anti-Malware\a2service.exe
22:17:03.0890 0x0930  a2AntiMalware - ok
22:17:03.0915 0x0930  ACPI - ok
22:17:03.0919 0x0930  acpiex - ok
22:17:03.0922 0x0930  acpipagr - ok
22:17:03.0926 0x0930  AcpiPmi - ok
22:17:03.0929 0x0930  acpitime - ok
22:17:03.0997 0x0930  [ 0EF4F4B7FE278B03B7AD499F1A12F32C, 110211AF987FA718468538BC217F560BD9FD75B0C4D6EBB5E9B988630C31037E ] AcronisAgent    C:\Program Files (x86)\Common Files\Acronis\Agent\agent.exe
22:17:04.0071 0x0930  AcronisAgent - ok
22:17:04.0097 0x0930  [ 274F3277F7F28C4487D3A554F90519B4, 280EE3CFB5B23F61B7917F1B183B292927C632504FA369B7973D0E79EBA822FB ] AcrSch2Svc      C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
22:17:04.0137 0x0930  AcrSch2Svc - ok
22:17:04.0145 0x0930  [ 36114214BF8D7C464D1E92E4EB6B2DD3, 8E7CB266D4ABCDF332A3D4D341753811D51B72985E36F24A7E757DCA11A65A2A ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
22:17:04.0155 0x0930  AdobeARMservice - ok
22:17:04.0188 0x0930  [ E324D38B6CCF843ED4F6D521908AEE5B, D34DAF5AB7A3C2751C0C3BD3C21E52909E6D182DD202BD3C0B4981535320E64A ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
22:17:04.0202 0x0930  AdobeFlashPlayerUpdateSvc - ok
22:17:04.0208 0x0930  ADP80XX - ok
22:17:04.0213 0x0930  AFD - ok
22:17:04.0216 0x0930  agp440 - ok
22:17:04.0266 0x0930  [ C17171E63E84F5711DF23B8F1E7A100E, C2AFDDA0A1A502FAE6B51BD00FF5884F46A74D9AEC76856B32E82D244D14FA97 ] AGSService      C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
22:17:04.0319 0x0930  AGSService - ok
22:17:04.0324 0x0930  ahcache - ok
22:17:04.0328 0x0930  AJRouter - ok
22:17:04.0331 0x0930  ALG - ok
22:17:04.0334 0x0930  AmdK8 - ok
22:17:04.0339 0x0930  AmdPPM - ok
22:17:04.0342 0x0930  amdsata - ok
22:17:04.0346 0x0930  amdsbs - ok
22:17:04.0349 0x0930  amdxata - ok
22:17:04.0354 0x0930  [ 4542CC17440E85D2D2D73A7D40FAED0A, F157F9A137DEACFC5A1A982265F5CE05A79C0CF8F13291773E2351BEFCB94E08 ] Apowersoft_AudioDevice C:\WINDOWS\system32\drivers\Apowersoft_AudioDevice.sys
22:17:04.0365 0x0930  Apowersoft_AudioDevice - ok
22:17:04.0369 0x0930  AppHostSvc - ok
22:17:04.0374 0x0930  AppID - ok
22:17:04.0377 0x0930  AppIDSvc - ok
22:17:04.0382 0x0930  Appinfo - ok
22:17:04.0391 0x0930  [ 3B3774C868868257533EC7E715BB6D53, 4AF1DADCEDBD80BE6EDEC696DF59E65B51D31E33F4C84413CA03C7BD959FF4E5 ] Apple Mobile Device Service C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
22:17:04.0403 0x0930  Apple Mobile Device Service - ok
22:17:04.0407 0x0930  AppReadiness - ok
22:17:04.0411 0x0930  AppXSvc - ok
22:17:04.0414 0x0930  arcsas - ok
22:17:04.0422 0x0930  [ 28C27484043BDE86B91D1428673B7D2A, 137CDC07F269BEDD5767921CC9D98F13294BEAA2B18C7C3696F106D31835DAB3 ] ASLDRService    C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
22:17:04.0446 0x0930  ASLDRService - ok
22:17:04.0450 0x0930  [ 4C016FD76ED5C05E84CA8CAB77993961, 025E7BE9FCEFD6A83F4471BBA0C11F1C11BD5047047D26626DA24EE9A419CDC4 ] ASMMAP64        C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys
22:17:04.0459 0x0930  ASMMAP64 - ok
22:17:04.0476 0x0930  aspnet_state - ok
22:17:04.0480 0x0930  AsyncMac - ok
22:17:04.0483 0x0930  atapi - ok
22:17:04.0487 0x0930  athr - ok
22:17:04.0492 0x0930  [ DBC598E47E7A382E60E2A4745D41FEF9, A810AC197CA456B0285E2CAE6986D38B31F4ADA32BEB47EC7A48A2B2196BA639 ] ATKGFNEXSrv     C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
22:17:04.0517 0x0930  ATKGFNEXSrv - ok
22:17:04.0521 0x0930  [ C435191FAD19B43E5C3082E4275DCE75, 12D8AF471CA89FE59790092EF3274D638B4B978F1F061423F8D70F270121CF7A ] ATKWMIACPIIO    C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys
22:17:04.0531 0x0930  ATKWMIACPIIO - ok
22:17:04.0534 0x0930  AudioEndpointBuilder - ok
22:17:04.0538 0x0930  Audiosrv - ok
22:17:04.0580 0x0930  [ 2E81F74AB70EDC4B14EB6F1EED7D4E9E, 829ACFA43743E757DE8907D1B111AE3B6030AF8C981AC7B3F3646B2180AF127E ] avc3            C:\WINDOWS\system32\DRIVERS\avc3.sys
22:17:04.0628 0x0930  avc3 - ok
22:17:04.0653 0x0930  [ 32612167C1BF3F6B41BFF12FEF3E5E4C, 87E6BC09894CA005556F8759495AB5C62E33C8B104526A052681553A36AAE370 ] avckf           C:\WINDOWS\system32\DRIVERS\avckf.sys
22:17:04.0685 0x0930  avckf - ok
22:17:04.0689 0x0930  AxInstSV - ok
22:17:04.0692 0x0930  b06bdrv - ok
22:17:04.0695 0x0930  BasicDisplay - ok
22:17:04.0700 0x0930  BasicRender - ok
22:17:04.0705 0x0930  bcmfn - ok
22:17:04.0708 0x0930  bcmfn2 - ok
22:17:04.0712 0x0930  [ 3701D3BF4AC12EAACB1F58847C1D32FC, 29F3DA7E4C1706934BE92D03CB6F633C47D0251E5580958E823B6148DA5E5E73 ] bdelam          C:\WINDOWS\system32\drivers\bdelam.sys
22:17:04.0729 0x0930  bdelam - ok
22:17:04.0733 0x0930  BDESVC - ok
22:17:04.0740 0x0930  [ 14F686FA27C2914128031504B70D2B5E, BED77F4A6DC8B30ADB698FBCC00153D924310188EFBE22ADD2BAA3321C746556 ] bdfwfpf         C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys
22:17:04.0754 0x0930  bdfwfpf - ok
22:17:04.0761 0x0930  [ D8FAF7CFBC81E5E15CA7A7EC8EE1B409, 75E60DF2147DFB109E628FDF80EB1BFA5360E5935BB9237B67053588F906E1B1 ] BDVEDISK        C:\WINDOWS\system32\DRIVERS\bdvedisk.sys
22:17:04.0772 0x0930  BDVEDISK - ok
22:17:04.0775 0x0930  Beep - ok
22:17:04.0780 0x0930  BFE - ok
22:17:04.0784 0x0930  BITS - ok
22:17:04.0799 0x0930  [ B5C2F92EE1106DFE7BB1CCE4D35B6037, E399C390687589194D8AAD385055F0CFA7D52AD9E837D8FF95008B8EB2B34E50 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
22:17:04.0817 0x0930  Bonjour Service - ok
22:17:04.0821 0x0930  bowser - ok
22:17:04.0825 0x0930  BrokerInfrastructure - ok
22:17:04.0828 0x0930  Browser - ok
22:17:04.0849 0x0930  [ 239A81CC18170F3369D389DA65E74342, 5E26976176A6651B149784B1ED86ECCA133B7755EBB8B04361A8DDB705767AA3 ] BtFilter        C:\WINDOWS\system32\DRIVERS\btfilter.sys
22:17:04.0873 0x0930  BtFilter - ok
22:17:04.0877 0x0930  BthAvrcpTg - ok
22:17:04.0882 0x0930  BthEnum - ok
22:17:04.0885 0x0930  BthHFEnum - ok
22:17:04.0889 0x0930  bthhfhid - ok
22:17:04.0892 0x0930  BthHFSrv - ok
22:17:04.0896 0x0930  BTHMODEM - ok
22:17:04.0899 0x0930  BthPan - ok
22:17:04.0903 0x0930  BTHPORT - ok
22:17:04.0907 0x0930  bthserv - ok
22:17:04.0910 0x0930  BTHUSB - ok
22:17:04.0914 0x0930  buttonconverter - ok
22:17:04.0917 0x0930  CapImg - ok
22:17:04.0930 0x0930  [ 3D50891CAA71E3479A8A10F25CA9207F, AEF11602299188DC07F758D13ACC5F91BCD8BE94E87D050C01B1CD155CE10791 ] cbfs3           C:\Windows\system32\drivers\cbfs3.sys
22:17:04.0948 0x0930  cbfs3 - ok
22:17:04.0952 0x0930  cdfs - ok
22:17:04.0957 0x0930  CDPSvc - ok
22:17:04.0961 0x0930  cdrom - ok
22:17:04.0965 0x0930  CertPropSvc - ok
22:17:04.0969 0x0930  circlass - ok
22:17:04.0972 0x0930  CLFS - ok
22:17:05.0048 0x0930  [ 1475C7821E9E919D14817D46C830D28B, 4ACC419736027184278915345BF10CBAAFB93B6F50A789CBC675FA126DAFC1A6 ] ClickToRunSvc   C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe
22:17:05.0126 0x0930  ClickToRunSvc - ok
22:17:05.0132 0x0930  ClipSVC - ok
22:17:05.0142 0x0930  CmBatt - ok
22:17:05.0145 0x0930  CNG - ok
22:17:05.0150 0x0930  cnghwassist - ok
22:17:05.0167 0x0930  CompositeBus - ok
22:17:05.0171 0x0930  COMSysApp - ok
22:17:05.0175 0x0930  condrv - ok
22:17:05.0178 0x0930  CoreMessagingRegistrar - ok
22:17:05.0185 0x0930  CryptSvc - ok
22:17:05.0188 0x0930  dam - ok
22:17:05.0193 0x0930  [ 7AF9DAC504FBD047CBC3E64AE52C92BF, CA8F9564733DED4C3895CF7150BB254995D66889E6BE08D6654E4F897E4FF7A4 ] dc3d            C:\WINDOWS\System32\drivers\dc3d.sys
22:17:05.0213 0x0930  dc3d - ok
22:17:05.0219 0x0930  DcomLaunch - ok
22:17:05.0222 0x0930  DcpSvc - ok
22:17:05.0226 0x0930  defragsvc - ok
22:17:05.0229 0x0930  DeviceAssociationService - ok
22:17:05.0233 0x0930  DeviceInstall - ok
22:17:05.0237 0x0930  DevQueryBroker - ok
22:17:05.0240 0x0930  Dfsc - ok
22:17:05.0257 0x0930  [ D51B32BA3897F630D99713B74B40D6A2, 5EB136A8248E6FA1316CFA273D9DC8F9C8E8CCB9AC00AE23C1337FBF5F6FDBEC ] DfSdkS          C:\Program Files (x86)\Ashampoo\Ashampoo UnInstaller 6\DfSdkS64.exe
22:17:05.0286 0x0930  DfSdkS - detected UnsignedFile.Multi.Generic ( 1 )
22:17:05.0388 0x0930  Detect skipped due to KSN trusted
22:17:05.0388 0x0930  DfSdkS - ok
22:17:05.0396 0x0930  [ D722BC26F7431A4DA9A183E56CA9FEE3, 86AB717431CB3DDAF6213A1CFE8DF3684080BAAD569731A90AA1AA198E97506D ] dg_ssudbus      C:\WINDOWS\system32\DRIVERS\ssudbus.sys
22:17:05.0409 0x0930  dg_ssudbus - ok
22:17:05.0412 0x0930  Dhcp - ok
22:17:05.0418 0x0930  diagnosticshub.standardcollector.service - ok
22:17:05.0423 0x0930  DiagTrack - ok
22:17:05.0426 0x0930  disk - ok
22:17:05.0430 0x0930  DmEnrollmentSvc - ok
22:17:05.0433 0x0930  dmvsc - ok
22:17:05.0437 0x0930  dmwappushservice - ok
22:17:05.0440 0x0930  Dnscache - ok
22:17:05.0445 0x0930  dot3svc - ok
22:17:05.0449 0x0930  DPS - ok
22:17:05.0453 0x0930  drmkaud - ok
22:17:05.0456 0x0930  DsmSvc - ok
22:17:05.0459 0x0930  DsSvc - ok
22:17:05.0463 0x0930  DXGKrnl - ok
22:17:05.0468 0x0930  Eaphost - ok
22:17:05.0471 0x0930  ebdrv - ok
22:17:05.0475 0x0930  EFS - ok
22:17:05.0478 0x0930  EhStorClass - ok
22:17:05.0482 0x0930  EhStorTcgDrv - ok
22:17:05.0485 0x0930  embeddedmode - ok
22:17:05.0489 0x0930  EntAppSvc - ok
22:17:05.0497 0x0930  [ 8783EDE26F315555EFE697239D337910, 344232F0018A942B57AF40FBE00AEB89F55A8F412CD20A2174024117F95B2BE9 ] epp             C:\PROGRAM FILES (X86)\EMSISOFT ANTI-MALWARE\epp.sys
22:17:05.0510 0x0930  epp - ok
22:17:05.0514 0x0930  ErrDev - ok
22:17:05.0522 0x0930  EventSystem - ok
22:17:05.0525 0x0930  exfat - ok
22:17:05.0530 0x0930  Fabs - ok
22:17:05.0534 0x0930  fastfat - ok
22:17:05.0537 0x0930  Fax - ok
22:17:05.0541 0x0930  fdc - ok
22:17:05.0544 0x0930  fdPHost - ok
22:17:05.0548 0x0930  FDResPub - ok
22:17:05.0551 0x0930  fhsvc - ok
22:17:05.0555 0x0930  FileCrypt - ok
22:17:05.0558 0x0930  FileInfo - ok
22:17:05.0562 0x0930  Filetrace - ok
22:17:05.0626 0x0930  [ 5BD96D8C5411ACE71A7EAACAF0EF2903, 2AF58E6060C7DEC44B4CA30E14E164473CD4089AE475DAFFC61DFE56990C1147 ] FirebirdServerMAGIXInstance C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe
22:17:05.0736 0x0930  FirebirdServerMAGIXInstance - detected UnsignedFile.Multi.Generic ( 1 )
22:17:05.0837 0x0930  Detect skipped due to KSN trusted
22:17:05.0838 0x0930  FirebirdServerMAGIXInstance - ok
22:17:05.0841 0x0930  flpydisk - ok
22:17:05.0845 0x0930  FltMgr - ok
22:17:05.0853 0x0930  [ E69A7692A7A6123AB4F324E8CD2CE628, 8DA81E295302A33EC378E91759B999F29B30B563703D3BC47FDF40C748C7A65A ] fltsrv          C:\WINDOWS\system32\DRIVERS\fltsrv.sys
22:17:05.0865 0x0930  fltsrv - ok
22:17:05.0875 0x0930  [ 8768D7AF8CA1AEB2380BD62170C03F70, 12FB68B19B7557628B13A61735366D1173890607899A86E5943FFD706ED329F3 ] FLxHCIc         C:\WINDOWS\System32\drivers\FLxHCIc.sys
22:17:05.0890 0x0930  FLxHCIc - ok
22:17:05.0896 0x0930  [ DCEE5572BCC930D5B8A9E23391236233, F244A81AB96AD085BA0274CAE5D2FD7FB40949D26C2955BF3E08457328F5740B ] FLxHCIh         C:\WINDOWS\System32\drivers\FLxHCIh.sys
22:17:05.0908 0x0930  FLxHCIh - ok
22:17:05.0911 0x0930  FontCache - ok
22:17:05.0916 0x0930  FontCache3.0.0.0 - ok
22:17:05.0919 0x0930  FsDepends - ok
22:17:05.0923 0x0930  Fs_Rec - ok
22:17:05.0927 0x0930  fvevol - ok
22:17:05.0931 0x0930  gagp30kx - ok
22:17:05.0938 0x0930  [ 8E98D21EE06192492A5671A6144D092F, B8F656B34D361EA5AFB47F3A67AB2221580DADA59C8CD0CB83181E4AD8B562B4 ] GEARAspiWDM     C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
22:17:05.0948 0x0930  GEARAspiWDM - ok
22:17:05.0951 0x0930  gencounter - ok
22:17:05.0955 0x0930  genericusbfn - ok
22:17:05.0985 0x0930  [ 4CEDC66C726F7BE116BE7694B3CD22CD, C55DDC432F640C215E57C5AC9B7D801F7B2DA21E50BFA9ABC209AADC3070C744 ] GfExperienceService C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
22:17:06.0020 0x0930  GfExperienceService - ok
22:17:06.0039 0x0930  [ 7325AFBDCDE989ECE558C5882C538562, 1E511674B449D8E8E74B7AEA8866A173886B55D9CF2A7B69DA5FC969B9F5BE08 ] GingerUpdateService C:\Program Files (x86)\Ginger\GingerUpdateService\GingerUpdateService.exe
22:17:06.0078 0x0930  GingerUpdateService - detected UnsignedFile.Multi.Generic ( 1 )
22:17:06.0244 0x0930  GingerUpdateService ( UnsignedFile.Multi.Generic ) - warning
22:17:06.0244 0x0930  Force sending object to P2P due to detect: GingerUpdateService
22:17:06.0462 0x0930  Object send P2P result: true
22:17:06.0630 0x0930  GPIOClx0101 - ok
22:17:06.0642 0x0930  gpsvc - ok
22:17:06.0649 0x0930  GpuEnergyDrv - ok
22:17:06.0660 0x0930  [ DD7423ABBE2913E70D50E9318AD57EE4, 74BC123808F3FA60ADDC51C1383F8250608D3DBA3A8DC175B3418A1CF0BC53E9 ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
22:17:06.0671 0x0930  gupdate - ok
22:17:06.0677 0x0930  [ DD7423ABBE2913E70D50E9318AD57EE4, 74BC123808F3FA60ADDC51C1383F8250608D3DBA3A8DC175B3418A1CF0BC53E9 ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
22:17:06.0687 0x0930  gupdatem - ok
22:17:06.0695 0x0930  [ E4B7F2553A127E86E11343ED15320A99, A4EA52DF5D24EF8210192669934D3D0DD1A0E4CCAAD014D52F58D58A9D3C886A ] gzflt           C:\WINDOWS\system32\DRIVERS\gzflt.sys
22:17:06.0710 0x0930  gzflt - ok
22:17:06.0714 0x0930  HDAudBus - ok
22:17:06.0718 0x0930  HidBatt - ok
22:17:06.0721 0x0930  HidBth - ok
22:17:06.0724 0x0930  hidi2c - ok
22:17:06.0728 0x0930  hidinterrupt - ok
22:17:06.0732 0x0930  HidIr - ok
22:17:06.0736 0x0930  hidserv - ok
22:17:06.0740 0x0930  HidUsb - ok
22:17:06.0743 0x0930  HomeGroupListener - ok
22:17:06.0747 0x0930  HomeGroupProvider - ok
22:17:06.0752 0x0930  HpSAMD - ok
22:17:06.0757 0x0930  HTTP - ok
22:17:06.0761 0x0930  hwpolicy - ok
22:17:06.0765 0x0930  hyperkbd - ok
22:17:06.0769 0x0930  i8042prt - ok
22:17:06.0773 0x0930  iai2c - ok
22:17:06.0776 0x0930  iaLPSS2i_I2C - ok
22:17:06.0780 0x0930  iaLPSSi_GPIO - ok
22:17:06.0784 0x0930  iaLPSSi_I2C - ok
22:17:06.0788 0x0930  iaStorAV - ok
22:17:06.0791 0x0930  iaStorV - ok
22:17:06.0794 0x0930  ibbus - ok
22:17:06.0798 0x0930  icssvc - ok
22:17:06.0806 0x0930  [ 1CF03C69B49ACB70C722DF92755C0C8C, C227850C133F29BB9DED91A26A22AE077FD69629CEF35B67D305F016C4BDAA81 ] IDriverT        C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
22:17:06.0898 0x0930  IDriverT - detected UnsignedFile.Multi.Generic ( 1 )
22:17:06.0998 0x0930  Detect skipped due to KSN trusted
22:17:06.0998 0x0930  IDriverT - ok
22:17:07.0003 0x0930  IEEtwCollectorService - ok
22:17:07.0016 0x0930  [ B69FBA64C0FF6C12A8D7E67A916469A8, 99ACE56DF40C541DD4FBF2D394C35B47F4F9FE5018E5C31C59513CB2E828E05C ] ignis           C:\WINDOWS\system32\DRIVERS\ignis.sys
22:17:07.0034 0x0930  ignis - ok
22:17:07.0038 0x0930  IKEEXT - ok
22:17:07.0150 0x0930  [ 602788BF364D43E5878AA1B4F85C232B, 589B983C708B6B8A32760D00F21CB2C3331C3E439ECF8D2464FF77C1D9760D72 ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RTKVHD64.sys
22:17:07.0265 0x0930  IntcAzAudAddService - ok
22:17:07.0273 0x0930  intelide - ok
22:17:07.0276 0x0930  intelpep - ok
22:17:07.0279 0x0930  intelppm - ok
22:17:07.0283 0x0930  IoQos - ok
22:17:07.0287 0x0930  IpFilterDriver - ok
22:17:07.0291 0x0930  iphlpsvc - ok
22:17:07.0294 0x0930  IPMIDRV - ok
22:17:07.0298 0x0930  IPNAT - ok
22:17:07.0318 0x0930  [ 2BFF13AC46A5850161317D0F924B5B42, B8A09F66435EC6582F8772515988503CC13DC200A370EBB8C3FE661F2EA688DA ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
22:17:07.0342 0x0930  iPod Service - ok
22:17:07.0346 0x0930  IRENUM - ok
22:17:07.0350 0x0930  isapnp - ok
22:17:07.0354 0x0930  iScsiPrt - ok
22:17:07.0357 0x0930  kbdclass - ok
22:17:07.0360 0x0930  kbdhid - ok
22:17:07.0364 0x0930  kdnic - ok
22:17:07.0368 0x0930  KeyIso - ok
22:17:07.0372 0x0930  KSecDD - ok
22:17:07.0375 0x0930  KSecPkg - ok
22:17:07.0380 0x0930  ksthunk - ok
22:17:07.0383 0x0930  KtmRm - ok
22:17:07.0389 0x0930  LanmanServer - ok
22:17:07.0392 0x0930  LanmanWorkstation - ok
22:17:07.0397 0x0930  lfsvc - ok
22:17:07.0404 0x0930  [ AFDFA4A6B0F7B15AA38E494FD4595741, 0D89CCEBC816F4A3F6DDB093B3F8BB8B85293E94559085961DA31F9330D43C21 ] LHidFilt        C:\WINDOWS\system32\DRIVERS\LHidFilt.Sys
22:17:07.0417 0x0930  LHidFilt - ok
22:17:07.0421 0x0930  LicenseManager - ok
22:17:07.0425 0x0930  lltdio - ok
22:17:07.0429 0x0930  lltdsvc - ok
22:17:07.0432 0x0930  lmhosts - ok
22:17:07.0437 0x0930  [ C3E82B320F34C97F32B8026F4C249BEF, CAF53CD4738D2C92E4764372F75B5D0D74EBA896E59E685ED15B915F4E7223A0 ] LMouFilt        C:\WINDOWS\system32\DRIVERS\LMouFilt.Sys
22:17:07.0449 0x0930  LMouFilt - ok
22:17:07.0455 0x0930  LSI_SAS - ok
22:17:07.0458 0x0930  LSI_SAS2i - ok
22:17:07.0461 0x0930  LSI_SAS3i - ok
22:17:07.0465 0x0930  LSI_SSS - ok
22:17:07.0468 0x0930  LSM - ok
22:17:07.0473 0x0930  luafv - ok
22:17:07.0476 0x0930  MapsBroker - ok
22:17:07.0484 0x0930  [ 78BFF5425E044086E74E78650A359FBB, 294738C10F3ED933D4EC40EA0659372FCF19A3C6D45D356917438CA495F2CB45 ] MBAMProtector   C:\WINDOWS\system32\drivers\mbam.sys
22:17:07.0495 0x0930  MBAMProtector - ok
22:17:07.0535 0x0930  [ 9611577752E293259C7DCE19E9026362, 8CB5DFD63FA15603BB6FA6B501E09ED7F4DE0E8F68CB28B78CECAC3711BEFD24 ] MBAMScheduler   C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe
22:17:07.0587 0x0930  MBAMScheduler - ok
22:17:07.0619 0x0930  [ F1A89A34388B5626F1548D393B23ECB1, EA00AC76C4C8C9340753B58A3313C9177A9B98F9F1BDE08F184CD0F53D0C186F ] MBAMService     C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
22:17:07.0664 0x0930  MBAMService - ok
22:17:07.0675 0x0930  [ 78488AF2AB2111D67B3C4044707A519B, 7AA71B9C4C7949A1A21F60EF7CCEDE0079794990696B60557B5DC86F4D47223A ] MBAMSwissArmy   C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys
22:17:07.0689 0x0930  MBAMSwissArmy - ok
22:17:07.0695 0x0930  [ 898415AC0B5F1D2A9A48ABCB68A6DC4B, E1FD9AE5E22E3E5A18288E66A6184E92A4B63A1274DCE147A7728BB09C6A225E ] MBAMWebAccessControl C:\WINDOWS\system32\drivers\mwac.sys
22:17:07.0706 0x0930  MBAMWebAccessControl - ok
22:17:07.0711 0x0930  [ 8FF2D95CBA49B405C5DE27039FF0BF35, 03BF7FC7F1C2C76EDB583BA342EA1C325DB8058517744EF2A78529D3938F4DC1 ] MBfilt          C:\WINDOWS\system32\drivers\MBfilt64.sys
22:17:07.0721 0x0930  MBfilt - ok
22:17:07.0725 0x0930  megasas - ok
22:17:07.0728 0x0930  megasr - ok
22:17:07.0734 0x0930  [ A6518DCC42F7A6E999BB3BEA8FD87567, 8A9AE992F93F37E0723761EA271A7E1AA8172702C471041A17324474FC96B9BC ] MEIx64          C:\WINDOWS\System32\drivers\HECIx64.sys
22:17:07.0745 0x0930  MEIx64 - ok
22:17:07.0750 0x0930  MessagingService - ok
22:17:07.0762 0x0930  mlx4_bus - ok
22:17:07.0766 0x0930  MMCSS - ok
22:17:08.0157 0x0930  [ 9DE48E261997D01D3FD9EFC53391D5E3, 03B67E7C5B90753A4A3D217EB431E47ADA025AFE995347FCC54A09C9AB77909E ] MMS             C:\Program Files\BackupClient\BackupAndRecovery\mms.exe
22:17:08.0548 0x0930  MMS - ok
22:17:08.0568 0x0930  Modem - ok
22:17:08.0571 0x0930  monitor - ok
22:17:08.0574 0x0930  mouclass - ok
22:17:08.0578 0x0930  mouhid - ok
22:17:08.0582 0x0930  mountmgr - ok
22:17:08.0589 0x0930  [ D6F67A73E6557578B755F7B534E00F47, 769F3D6CB86B2DC4065BDE4CE39139879B7D96F455A3BE80C7ECEAD5494E8B79 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
22:17:08.0602 0x0930  MozillaMaintenance - ok
22:17:08.0606 0x0930  mpsdrv - ok
22:17:08.0610 0x0930  MpsSvc - ok
22:17:08.0613 0x0930  MQAC - ok
22:17:08.0617 0x0930  MRxDAV - ok
22:17:08.0620 0x0930  mrxsmb - ok
22:17:08.0625 0x0930  mrxsmb10 - ok
22:17:08.0629 0x0930  mrxsmb20 - ok
22:17:08.0633 0x0930  MsBridge - ok
22:17:08.0637 0x0930  MSDTC - ok
22:17:08.0647 0x0930  Msfs - ok
22:17:08.0651 0x0930  msgpiowin32 - ok
22:17:08.0654 0x0930  mshidkmdf - ok
22:17:08.0660 0x0930  mshidumdf - ok
22:17:08.0663 0x0930  msisadrv - ok
22:17:08.0667 0x0930  MSiSCSI - ok
22:17:08.0670 0x0930  msiserver - ok
22:17:08.0676 0x0930  MSKSSRV - ok
22:17:08.0680 0x0930  MsLldp - ok
22:17:08.0683 0x0930  MSMQ - ok
22:17:08.0686 0x0930  MSPCLOCK - ok
22:17:08.0693 0x0930  MSPQM - ok
22:17:08.0696 0x0930  MsRPC - ok
22:17:08.0702 0x0930  mssmbios - ok
22:17:08.0706 0x0930  MSTEE - ok
22:17:08.0711 0x0930  MTConfig - ok
22:17:08.0714 0x0930  Mup - ok
22:17:08.0718 0x0930  mvumis - ok
22:17:08.0725 0x0930  NativeWifiP - ok
22:17:08.0729 0x0930  NcaSvc - ok
22:17:08.0734 0x0930  NcbService - ok
22:17:08.0738 0x0930  NcdAutoSetup - ok
22:17:08.0741 0x0930  ndfltr - ok
22:17:08.0745 0x0930  NDIS - ok
22:17:08.0748 0x0930  NdisCap - ok
22:17:08.0753 0x0930  NdisImPlatform - ok
22:17:08.0760 0x0930  NdisTapi - ok
22:17:08.0763 0x0930  Ndisuio - ok
22:17:08.0768 0x0930  NdisVirtualBus - ok
22:17:08.0772 0x0930  NdisWan - ok
22:17:08.0778 0x0930  ndiswanlegacy - ok
22:17:08.0782 0x0930  ndproxy - ok
22:17:08.0787 0x0930  Ndu - ok
22:17:08.0793 0x0930  NetBIOS - ok
22:17:08.0798 0x0930  NetBT - ok
22:17:08.0802 0x0930  Netlogon - ok
22:17:08.0806 0x0930  Netman - ok
22:17:08.0812 0x0930  NetMsmqActivator - ok
22:17:08.0814 0x0930  NetPipeActivator - ok
22:17:08.0819 0x0930  netprofm - ok
22:17:08.0823 0x0930  NetSetupSvc - ok
22:17:08.0826 0x0930  NetTcpActivator - ok
22:17:08.0830 0x0930  NetTcpPortSharing - ok
22:17:08.0836 0x0930  NgcCtnrSvc - ok
22:17:08.0840 0x0930  NgcSvc - ok
22:17:08.0843 0x0930  NlaSvc - ok
22:17:08.0869 0x0930  [ D6691A65D2414AE04200D5FCE7542E90, 91394B20B59D3DB0E54315B9B4B288D80D60E48B34111AF683A0BCD99045C6DE ] nlsX86cc        C:\Windows\SysWOW64\nlssrv32.exe
22:17:08.0895 0x0930  nlsX86cc - ok
22:17:08.0900 0x0930  [ 351533ACC2A069B94E80BBFC177E8FDF, 54B2749E0496ECC94CE65657627762B485CBC825767BAEDDAD0D2598820FFB9E ] npf             C:\WINDOWS\system32\drivers\npf.sys
22:17:08.0910 0x0930  npf - ok
22:17:08.0914 0x0930  Npfs - ok
22:17:08.0917 0x0930  npsvctrig - ok
22:17:08.0921 0x0930  nsi - ok
22:17:08.0928 0x0930  nsiproxy - ok
22:17:08.0933 0x0930  NTFS - ok
22:17:08.0939 0x0930  Null - ok
22:17:08.0947 0x0930  [ 1F99AD85DC4F9E322CDE2363378CD374, 5E80D10FF0BC46ECF6F1F2294F35A0A7FD76E6F0B4534FD45C9AA8C57AE97F68 ] NVHDA           C:\WINDOWS\system32\drivers\nvhda64v.sys
22:17:08.0960 0x0930  NVHDA - ok
22:17:09.0265 0x0930  [ 113505A56DAE1354960B7FF9E30E9AEA, 8A172BA5A06BA4949847A8F349128609AB324B3582707BECB9E786222BFE58D3 ] nvlddmkm        C:\WINDOWS\system32\DRIVERS\nvlddmkm.sys
22:17:09.0569 0x0930  nvlddmkm - ok
22:17:09.0629 0x0930  [ FA9BC0048ED46C5FB5C93EAFFC97F63D, 2014C08B55940E055F6243E81F0227861272F2B6353D05BFEF364ED4F11EA9B0 ] NvNetworkService C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
22:17:09.0751 0x0930  NvNetworkService - ok
22:17:09.0757 0x0930  nvraid - ok
22:17:09.0761 0x0930  nvstor - ok
22:17:09.0768 0x0930  [ DEF76B479C3525952D0BD71E881E07B0, DC4B13AA97F61542F55F92769F9C8C5EB253BD6EB165EF064107D11158CD412F ] NvStreamKms     C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys
22:17:09.0779 0x0930  NvStreamKms - ok
22:17:09.0865 0x0930  [ AF5BE3694A76365874B8967331049F2C, F704A0403B63E856EE9ECCE7C913650F5FF928F0872035EE73E1AE1CD54BC046 ] NvStreamNetworkSvc C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
22:17:09.0954 0x0930  NvStreamNetworkSvc - ok
22:17:10.0018 0x0930  [ 77BE9E1AFCE995652A1C4FF4C8A0F839, 4AD981BCC349D413B3CCDC06DC8D6D2C2648D049726D6825E35A9A91D4C072FF ] NvStreamSvc     C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
22:17:10.0081 0x0930  NvStreamSvc - ok
22:17:10.0118 0x0930  [ 334AD0B00C21E84B4CE3E20682D308BF, D17BC6D1B26AA10A1A4622AB36E3CDCBF35A9B9CA07CEC6FF865951FB45C9D03 ] nvsvc           C:\WINDOWS\system32\nvvsvc.exe
22:17:10.0166 0x0930  nvsvc - ok
22:17:10.0172 0x0930  [ F37FE6B15A987AEEC08EEF531F2FAED7, CC768E7DE80C7A8CB2392F9BC528212B8A3A35A30A222ED0B0B959051E6F8065 ] nvvad_WaveExtensible C:\WINDOWS\system32\drivers\nvvad64v.sys
22:17:10.0184 0x0930  nvvad_WaveExtensible - ok
22:17:10.0188 0x0930  nv_agp - ok
22:17:10.0194 0x0930  OneSyncSvc - ok
22:17:10.0204 0x0930  [ 2EB5B86440EB012C483D68E728F4AEAD, 29B0569107D492F6CA627D96E0F4A173F6CE13AC659C0A3EE93D29EB8A7CC8B6 ] OpenVPNService  C:\Program Files (x86)\HMA! Pro VPN\bin\openvpnserv.exe
22:17:10.0216 0x0930  OpenVPNService - ok
22:17:10.0225 0x0930  [ 33840F7285A70D308882A23AF6D65D7E, 08506691E5F4AAB76811B1B2BCB9A68731B771F27A0571489E363D26A6EF0D0C ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
22:17:10.0239 0x0930  ose - ok
22:17:10.0357 0x0930  [ FE9C0029E1AF26350D9985D00520E5C8, 967079CCF7B2CBD4B48C9F076675C26AF93A1CEC26C96811F279414E34004EE6 ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
22:17:10.0477 0x0930  osppsvc - ok
22:17:10.0485 0x0930  p2pimsvc - ok
22:17:10.0488 0x0930  p2psvc - ok
22:17:10.0497 0x0930  Parport - ok
22:17:10.0500 0x0930  partmgr - ok
22:17:10.0504 0x0930  PcaSvc - ok
22:17:10.0507 0x0930  pci - ok
22:17:10.0515 0x0930  pciide - ok
22:17:10.0519 0x0930  pcmcia - ok
22:17:10.0523 0x0930  pcw - ok
22:17:10.0528 0x0930  pdc - ok
22:17:10.0531 0x0930  PEAUTH - ok
22:17:10.0535 0x0930  percsas2i - ok
22:17:10.0538 0x0930  percsas3i - ok
22:17:10.0544 0x0930  PerfHost - ok
22:17:10.0553 0x0930  PhoneSvc - ok
22:17:10.0557 0x0930  PimIndexMaintenanceSvc - ok
22:17:10.0568 0x0930  pla - ok
22:17:10.0572 0x0930  PlugPlay - ok
22:17:10.0576 0x0930  PNRPAutoReg - ok
22:17:10.0581 0x0930  PNRPsvc - ok
22:17:10.0585 0x0930  PolicyAgent - ok
22:17:10.0590 0x0930  Power - ok
22:17:10.0596 0x0930  PptpMiniport - ok
22:17:10.0680 0x0930  [ 15709A9AB1411565754CEE33AAB36387, 77CBC04346F8F247B4614CE65FBD225F0A24827EDD1FDB34900D05673B682D84 ] PrintNotify     C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfig.dll
22:17:10.0811 0x0930  PrintNotify - ok
22:17:10.0817 0x0930  Processor - ok
22:17:10.0845 0x0930  [ 2DC4BE7BA723BC70D22597A3CF061125, 31013F2F51E1FD1B66403EF1BED6FC2E6722C3737F274E88A4660CF35A40192D ] ProductAgentService C:\Program Files\Bitdefender Agent\ProductAgentService.exe
22:17:10.0875 0x0930  ProductAgentService - ok
22:17:10.0880 0x0930  ProfSvc - ok
22:17:10.0884 0x0930  Psched - ok
22:17:10.0888 0x0930  QWAVE - ok
22:17:10.0891 0x0930  QWAVEdrv - ok
22:17:10.0899 0x0930  RasAcd - ok
22:17:10.0902 0x0930  RasAgileVpn - ok
22:17:10.0906 0x0930  RasAuto - ok
22:17:10.0910 0x0930  Rasl2tp - ok
22:17:10.0915 0x0930  RasMan - ok
22:17:10.0918 0x0930  RasPppoe - ok
22:17:10.0922 0x0930  RasSstp - ok
22:17:10.0926 0x0930  rdbss - ok
22:17:10.0933 0x0930  rdpbus - ok
22:17:10.0937 0x0930  RDPDR - ok
22:17:10.0946 0x0930  RdpVideoMiniport - ok
22:17:10.0950 0x0930  rdyboost - ok
22:17:11.0035 0x0930  [ 302266897C0E1C64340F2EA0C4029DCB, E18FA3739223191A941F3518A86DAE43FEB7417C3462892C482F3F9467D2AB92 ] ReflectService.exe C:\Program Files\Macrium\Reflect\ReflectService.exe
22:17:11.0122 0x0930  ReflectService.exe - ok
22:17:11.0129 0x0930  ReFSv1 - ok
22:17:11.0134 0x0930  RemoteAccess - ok
22:17:11.0139 0x0930  RemoteRegistry - ok
22:17:11.0144 0x0930  RetailDemo - ok
22:17:11.0149 0x0930  RFCOMM - ok
22:17:11.0153 0x0930  RpcEptMapper - ok
22:17:11.0158 0x0930  RpcLocator - ok
22:17:11.0164 0x0930  RpcSs - ok
22:17:11.0170 0x0930  [ 6195EC84C82E7844B5B17803ADDB1CA3, 175DF60973C50B1F1FA84B7DBB694D2B18CD41DA8A29479E388ED76D2C9AAE19 ] RrNetCapFilterDriver C:\WINDOWS\system32\DRIVERS\RrNetCapFilterDriver.sys
22:17:11.0180 0x0930  RrNetCapFilterDriver - ok
22:17:11.0190 0x0930  rspndr - ok
22:17:11.0195 0x0930  RSUSBVSTOR - ok
22:17:11.0201 0x0930  rt640x64 - ok
22:17:11.0219 0x0930  [ AE4607D7C7AA83A863BFA214483E8EE4, 828CC9F40BAB2F65AF75608D37ED17EF608E73E911132DD085F0685F163EFEC6 ] RTSUER          C:\WINDOWS\system32\Drivers\RtsUer.sys
22:17:11.0237 0x0930  RTSUER - ok
22:17:11.0242 0x0930  s3cap - ok
22:17:11.0248 0x0930  SamSs - ok
22:17:11.0253 0x0930  sbp2port - ok
22:17:11.0258 0x0930  SCardSvr - ok
22:17:11.0264 0x0930  ScDeviceEnum - ok
22:17:11.0270 0x0930  scfilter - ok
22:17:11.0275 0x0930  Schedule - ok
22:17:11.0280 0x0930  SCPolicySvc - ok
22:17:11.0285 0x0930  sdbus - ok
22:17:11.0294 0x0930  [ D9CEBA132B17622C4349AF510348EE3E, 52C02367374467F10EE620924B1E47DD50159DA8EA61683F9742EA6704A501CB ] SDHookDriver    C:\Program Files (x86)\Spybot - Search & Destroy 2\SDHookDrv64.sys
22:17:11.0305 0x0930  SDHookDriver - ok
22:17:11.0308 0x0930  SDRSVC - ok
22:17:11.0312 0x0930  sdstor - ok
22:17:11.0316 0x0930  seclogon - ok
22:17:11.0320 0x0930  SENS - ok
22:17:11.0324 0x0930  SensorDataService - ok
22:17:11.0328 0x0930  SensorService - ok
22:17:11.0332 0x0930  SensrSvc - ok
22:17:11.0336 0x0930  SerCx - ok
22:17:11.0340 0x0930  SerCx2 - ok
22:17:11.0345 0x0930  Serenum - ok
22:17:11.0348 0x0930  Serial - ok
22:17:11.0351 0x0930  sermouse - ok
22:17:11.0362 0x0930  SessionEnv - ok
22:17:11.0372 0x0930  sfloppy - ok
22:17:11.0376 0x0930  SharedAccess - ok
22:17:11.0380 0x0930  ShellHWDetection - ok
22:17:11.0384 0x0930  SiSRaid2 - ok
22:17:11.0388 0x0930  SiSRaid4 - ok
22:17:11.0393 0x0930  [ E81E48E132216DE7BD5A4E7C89054187, 6163ECBF1F34735F714BADF94CFDD62936FFF37E143382ADAB91ED685043CD46 ] SmbDrv          C:\WINDOWS\system32\DRIVERS\Smb_driver.sys
22:17:11.0401 0x0930  SmbDrv - ok
22:17:11.0405 0x0930  smphost - ok
22:17:11.0409 0x0930  SmsRouter - ok
22:17:11.0425 0x0930  [ A4940E8884048202F98939123FA5FD63, 58CC20258BAB4E34841ED58D9361B195B8F14491C3DD839F4F6FBE1DE23B465C ] snapman         C:\WINDOWS\system32\DRIVERS\snapman.sys
22:17:11.0441 0x0930  snapman - ok
22:17:11.0447 0x0930  SNMPTRAP - ok
22:17:11.0451 0x0930  spaceport - ok
22:17:11.0455 0x0930  SpbCx - ok
22:17:11.0459 0x0930  Spooler - ok
22:17:11.0464 0x0930  sppsvc - ok
22:17:11.0467 0x0930  srv - ok
22:17:11.0471 0x0930  srv2 - ok
22:17:11.0475 0x0930  srvnet - ok
22:17:11.0479 0x0930  SSDPSRV - ok
22:17:11.0483 0x0930  SstpSvc - ok
22:17:11.0493 0x0930  [ 37680AECA1BF2D430719A297F68ECD49, 64E6A2C077316CE4807F2F480324F4011003686F698CCB0AA93C659DAAE1FAB5 ] ssudmdm         C:\WINDOWS\system32\DRIVERS\ssudmdm.sys
22:17:11.0506 0x0930  ssudmdm - ok
22:17:11.0530 0x0930  [ 7DB9E612A2742ACEAB080B882E83141C, FFD1FA36E732F55223F3F4B5F845331DBB3073B023C2C5BF51A0E7680DEE7FA7 ] ss_conn_service C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
22:17:11.0554 0x0930  ss_conn_service - ok
22:17:11.0560 0x0930  StateRepository - ok
22:17:11.0577 0x0930  [ 3252926E49BFD4F602535B4C0387ECC7, 7A3F3606D2C48834D461BC5146AA079CA483A76D74C0FC01DAA87D6CE98A4606 ] Stereo Service  C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvscpapisvr.exe
22:17:11.0593 0x0930  Stereo Service - ok
22:17:11.0598 0x0930  stexstor - ok
22:17:11.0602 0x0930  stisvc - ok
22:17:11.0606 0x0930  storahci - ok
22:17:11.0610 0x0930  storflt - ok
22:17:11.0614 0x0930  stornvme - ok
22:17:11.0618 0x0930  storqosflt - ok
22:17:11.0622 0x0930  StorSvc - ok
22:17:11.0626 0x0930  storufs - ok
22:17:11.0630 0x0930  storvsc - ok
22:17:11.0635 0x0930  svsvc - ok
22:17:11.0638 0x0930  swenum - ok
22:17:11.0643 0x0930  swprv - ok
22:17:11.0649 0x0930  Synth3dVsc - ok
22:17:11.0664 0x0930  [ 5338ADD749AD5A3CEA35787F8654C015, 6544115694FF5A141DAF5F5FE0ED850021F6AF480746CE9A9E5531419CAB2BC8 ] SynTP           C:\WINDOWS\system32\DRIVERS\SynTP.sys
22:17:11.0680 0x0930  SynTP - ok
22:17:11.0685 0x0930  SysMain - ok
22:17:11.0689 0x0930  SystemEventsBroker - ok
22:17:11.0692 0x0930  TabletInputService - ok
22:17:11.0698 0x0930  [ 3C32FF010F869BC184DF71290477384E, 55CFCEC7F026C6E2E96A2FBE846AB513BB12BB0348735274FE1B71AF019C837B ] tap0901         C:\WINDOWS\System32\drivers\tap0901.sys
22:17:11.0707 0x0930  tap0901 - ok
22:17:11.0711 0x0930  TapiSrv - ok
22:17:11.0717 0x0930  [ E91BCBD521606E60C2807813D8EAC579, 9B9329535AF753E5922BD53DEF08E5E99C51927923C7DF87112A0E293DE47FAC ] tbhsd           C:\WINDOWS\system32\drivers\tbhsd.sys
22:17:11.0726 0x0930  tbhsd - ok
22:17:11.0730 0x0930  Tcpip - ok
22:17:11.0734 0x0930  Tcpip6 - ok
22:17:11.0739 0x0930  tcpipreg - ok
22:17:11.0745 0x0930  tdx - ok
22:17:11.0749 0x0930  terminpt - ok
22:17:11.0754 0x0930  TermService - ok
22:17:11.0759 0x0930  Themes - ok
22:17:11.0765 0x0930  TieringEngineService - ok
22:17:11.0769 0x0930  tiledatamodelsvc - ok
22:17:11.0774 0x0930  TimeBroker - ok
22:17:11.0777 0x0930  TPM - ok
22:17:11.0785 0x0930  TrkWks - ok
22:17:11.0803 0x0930  [ ADD8AFDAB539AF2B1FB75F6DB2CD7B71, 46BA69DA6114A167D6C467AB9BA583514475509184C6FF056460ADE76D0A76B1 ] trufos          C:\WINDOWS\system32\DRIVERS\trufos.sys
22:17:11.0824 0x0930  trufos - ok
22:17:11.0829 0x0930  TrustedInstaller - ok
22:17:11.0835 0x0930  tsusbflt - ok
22:17:11.0839 0x0930  TsUsbGD - ok
22:17:11.0843 0x0930  tunnel - ok
22:17:11.0848 0x0930  tzautoupdate - ok
22:17:11.0852 0x0930  uagp35 - ok
22:17:11.0856 0x0930  UASPStor - ok
22:17:11.0860 0x0930  UcmCx0101 - ok
22:17:11.0864 0x0930  UcmUcsi - ok
22:17:11.0868 0x0930  Ucx01000 - ok
22:17:11.0872 0x0930  UdeCx - ok
22:17:11.0876 0x0930  udfs - ok
22:17:11.0880 0x0930  UEFI - ok
22:17:11.0884 0x0930  Ufx01000 - ok
22:17:11.0888 0x0930  UfxChipidea - ok
22:17:11.0892 0x0930  ufxsynopsys - ok
22:17:11.0900 0x0930  UI0Detect - ok
22:17:11.0905 0x0930  [ 7B85EFDE02D74D73AD278B36F4DB7C0F, 220D75E67191BB33CD6CD113626C63ADFAA4597350D1D7640E6BF02B4FDC9DC7 ] UI5IFS          C:\Program Files (x86)\Ashampoo\Ashampoo UnInstaller 6\IFS64.sys
22:17:11.0914 0x0930  UI5IFS - ok
22:17:11.0918 0x0930  uliagpkx - ok
22:17:11.0921 0x0930  umbus - ok
22:17:11.0925 0x0930  UmPass - ok
22:17:11.0930 0x0930  UmRdpService - ok
22:17:11.0934 0x0930  UnistoreSvc - ok
22:17:11.0956 0x0930  [ 9CEB89BA3098E46C718FA61E3E5D0BE0, E5C6DE0F17539113FBCDC2F09AE0981F2C601D57B39D072F8D4387DB5DE8B345 ] UPDATESRV       C:\Program Files\Bitdefender\Bitdefender 2016\updatesrv.exe
22:17:11.0968 0x0930  UPDATESRV - ok
22:17:11.0972 0x0930  upnphost - ok
22:17:11.0976 0x0930  UrsChipidea - ok
22:17:11.0980 0x0930  UrsCx01000 - ok
22:17:11.0985 0x0930  UrsSynopsys - ok
22:17:11.0988 0x0930  usbccgp - ok
22:17:11.0992 0x0930  usbcir - ok
22:17:11.0997 0x0930  usbehci - ok
22:17:12.0002 0x0930  usbhub - ok
22:17:12.0006 0x0930  USBHUB3 - ok
22:17:12.0010 0x0930  usbohci - ok
22:17:12.0015 0x0930  usbprint - ok
22:17:12.0020 0x0930  [ D67B6A4A6FB99D29444C2DBA2B636799, 62BC778D60593B2AB0DA13C4DB3EA5971895AE09DA06E8AB2D03973C940C890C ] usbscan         C:\WINDOWS\system32\DRIVERS\usbscan.sys
22:17:12.0038 0x0930  usbscan - ok
22:17:12.0042 0x0930  usbser - ok
22:17:12.0045 0x0930  USBSTOR - ok
22:17:12.0050 0x0930  usbuhci - ok
22:17:12.0055 0x0930  usbvideo - ok
22:17:12.0059 0x0930  USBXHCI - ok
22:17:12.0063 0x0930  UserDataSvc - ok
22:17:12.0074 0x0930  UserManager - ok
22:17:12.0078 0x0930  UsoSvc - ok
22:17:12.0082 0x0930  VaultSvc - ok
22:17:12.0110 0x0930  [ 301F11B8BC2208D4F4867D2103DA7CE2, FD844240D349AF3CD34AE2F30DCABB1327DBDCB6DB3336A379CFFF65F72EB642 ] VBoxDrv         C:\WINDOWS\system32\DRIVERS\VBoxDrv.sys
22:17:12.0138 0x0930  VBoxDrv - ok
22:17:12.0147 0x0930  [ C64AD70CCCB0CED8925BE4E2C889DE3A, 0E25202639B10F66BDFEA867594508977112ADCCF51054E82C0C14475A1F18F5 ] VBoxNetAdp      C:\WINDOWS\system32\DRIVERS\VBoxNetAdp.sys
22:17:12.0157 0x0930  VBoxNetAdp - ok
22:17:12.0161 0x0930  VBoxNetFlt - ok
22:17:12.0169 0x0930  [ 3FB968D261CE6A51454CE0C65E43B205, 2860554CC35495CC1A1D14DF002AAAE985E9C37650384B1D1524263D27DD68C5 ] VBoxUSBMon      C:\WINDOWS\system32\DRIVERS\VBoxUSBMon.sys
22:17:12.0179 0x0930  VBoxUSBMon - ok
22:17:12.0184 0x0930  vdrvroot - ok
22:17:12.0188 0x0930  vds - ok
22:17:12.0192 0x0930  VerifierExt - ok
22:17:12.0196 0x0930  vhdmp - ok
22:17:12.0202 0x0930  vhf - ok
22:17:12.0206 0x0930  vmbus - ok
22:17:12.0210 0x0930  VMBusHID - ok
22:17:12.0214 0x0930  vmicguestinterface - ok
22:17:12.0218 0x0930  vmicheartbeat - ok
22:17:12.0222 0x0930  vmickvpexchange - ok
22:17:12.0226 0x0930  vmicrdv - ok
22:17:12.0230 0x0930  vmicshutdown - ok
22:17:12.0235 0x0930  vmictimesync - ok
22:17:12.0239 0x0930  vmicvmsession - ok
22:17:12.0243 0x0930  vmicvss - ok
22:17:12.0248 0x0930  volmgr - ok
22:17:12.0252 0x0930  volmgrx - ok
22:17:12.0256 0x0930  volsnap - ok
22:17:12.0265 0x0930  [ 910BE4CB065D3B933A105FF2FDC72F56, 88E1FA2D8C7FC678743AA28533B051727D685F62983B217EEBCD6BEA8D05BBE1 ] volume_tracker  C:\WINDOWS\system32\DRIVERS\volume_tracker.sys
22:17:12.0277 0x0930  volume_tracker - ok
22:17:12.0282 0x0930  vpci - ok
22:17:12.0287 0x0930  vsmraid - ok
22:17:12.0291 0x0930  VSS - ok
22:17:12.0334 0x0930  [ 50F70484DA5F9E91185750EDF7C420A7, 5C63B1AE9C5529A751F5B86B395114A1ECD162F367F7DDFFA291E72A284E54EE ] VSSERV          C:\Program Files\Bitdefender\Bitdefender 2016\vsserv.exe
22:17:12.0380 0x0930  VSSERV - ok
22:17:12.0385 0x0930  VSTXRAID - ok
22:17:12.0389 0x0930  vwifibus - ok
22:17:12.0393 0x0930  vwififlt - ok
22:17:12.0398 0x0930  vwifimp - ok
22:17:12.0403 0x0930  W32Time - ok
22:17:12.0409 0x0930  w3logsvc - ok
22:17:12.0414 0x0930  W3SVC - ok
22:17:12.0419 0x0930  WacomPen - ok
22:17:12.0423 0x0930  WalletService - ok
22:17:12.0427 0x0930  wanarp - ok
22:17:12.0431 0x0930  wanarpv6 - ok
22:17:12.0436 0x0930  WAS - ok
22:17:12.0440 0x0930  wbengine - ok
22:17:12.0444 0x0930  WbioSrvc - ok
22:17:12.0448 0x0930  Wcmsvc - ok
22:17:12.0453 0x0930  wcncsvc - ok
22:17:12.0457 0x0930  WcsPlugInService - ok
22:17:12.0461 0x0930  WdBoot - ok
22:17:12.0465 0x0930  Wdf01000 - ok
22:17:12.0470 0x0930  WdFilter - ok
22:17:12.0474 0x0930  WdiServiceHost - ok
22:17:12.0478 0x0930  WdiSystemHost - ok
22:17:12.0483 0x0930  wdiwifi - ok
22:17:12.0488 0x0930  WdNisDrv - ok
22:17:12.0491 0x0930  WdNisSvc - ok
22:17:12.0496 0x0930  WebClient - ok
22:17:12.0500 0x0930  Wecsvc - ok
22:17:12.0505 0x0930  WEPHOSTSVC - ok
22:17:12.0509 0x0930  wercplsupport - ok
22:17:12.0515 0x0930  WerSvc - ok
22:17:12.0520 0x0930  WFPLWFS - ok
22:17:12.0524 0x0930  WiaRpc - ok
22:17:12.0529 0x0930  WIMMount - ok
22:17:12.0535 0x0930  WinDefend - ok
22:17:12.0544 0x0930  WindowsTrustedRT - ok
22:17:12.0549 0x0930  WindowsTrustedRTProxy - ok
22:17:12.0553 0x0930  WinHttpAutoProxySvc - ok
22:17:12.0557 0x0930  WinMad - ok
22:17:12.0564 0x0930  Winmgmt - ok
22:17:12.0568 0x0930  WinRM - ok
22:17:12.0577 0x0930  WINUSB - ok
22:17:12.0582 0x0930  WinVerbs - ok
22:17:12.0588 0x0930  [ 0CE1584F302C28FC38565B3822A94513, 51DFD80B749A1786AF7712A4FE7BB2368C72767C26A8EC2B56BF2A96E8D11A05 ] WirelessKeyboardFilter C:\WINDOWS\System32\drivers\WirelessKeyboardFilter.sys
22:17:12.0600 0x0930  WirelessKeyboardFilter - ok
22:17:12.0604 0x0930  WlanSvc - ok
22:17:12.0608 0x0930  wlidsvc - ok
22:17:12.0613 0x0930  WmiAcpi - ok
22:17:12.0619 0x0930  wmiApSrv - ok
22:17:12.0623 0x0930  WMPNetworkSvc - ok
22:17:12.0633 0x0930  [ 2A9650FCC696DB28E45EA8B33B99B8E6, FBEBC6C05D50F578C6EEE0A7285EBE1DEADB08DD21FA3232630FD8D5A68FC3FB ] Wof             C:\WINDOWS\system32\drivers\Wof.sys
22:17:12.0653 0x0930  Wof - ok
22:17:12.0659 0x0930  workfolderssvc - ok
22:17:12.0664 0x0930  wpcfltr - ok
22:17:12.0670 0x0930  WPDBusEnum - ok
22:17:12.0674 0x0930  WpdUpFltr - ok
22:17:12.0679 0x0930  WpnService - ok
22:17:12.0683 0x0930  ws2ifsl - ok
22:17:12.0688 0x0930  wscsvc - ok
22:17:12.0691 0x0930  WSDPrintDevice - ok
22:17:12.0697 0x0930  WSDScan - ok
22:17:12.0702 0x0930  WSearch - ok
22:17:12.0709 0x0930  WSService - ok
22:17:12.0713 0x0930  wuauserv - ok
22:17:12.0719 0x0930  WudfPf - ok
22:17:12.0723 0x0930  WUDFRd - ok
22:17:12.0728 0x0930  wudfsvc - ok
22:17:12.0733 0x0930  WUDFWpdFs - ok
22:17:12.0737 0x0930  WUDFWpdMtp - ok
22:17:12.0742 0x0930  WwanSvc - ok
22:17:12.0746 0x0930  XblAuthManager - ok
22:17:12.0751 0x0930  XblGameSave - ok
22:17:12.0756 0x0930  xboxgip - ok
22:17:12.0762 0x0930  XboxNetApiSvc - ok
22:17:12.0767 0x0930  xinputhid - ok
22:17:12.0771 0x0930  ================ Scan global ===============================
22:17:12.0783 0x0930  [ Global ] - ok
22:17:12.0783 0x0930  ================ Scan MBR ==================================
22:17:12.0786 0x0930  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
22:17:12.0922 0x0930  \Device\Harddisk0\DR0 - ok
22:17:12.0926 0x0930  [ 64B1E91C5C6C2157642651010728F90F ] \Device\Harddisk1\DR1
22:17:13.0019 0x0930  \Device\Harddisk1\DR1 - ok
22:17:13.0020 0x0930  ================ Scan VBR ==================================
22:17:13.0022 0x0930  [ 682877FC80C234021712567CFBFF33FA ] \Device\Harddisk0\DR0\Partition1
22:17:13.0024 0x0930  \Device\Harddisk0\DR0\Partition1 - ok
22:17:13.0026 0x0930  [ D13333276702771DDADA7938E628BDC4 ] \Device\Harddisk1\DR1\Partition1
22:17:13.0049 0x0930  \Device\Harddisk1\DR1\Partition1 - ok
22:17:13.0051 0x0930  [ A8D7A3A73A26BB8A3AD328C5356ECBF6 ] \Device\Harddisk1\DR1\Partition2
22:17:13.0054 0x0930  \Device\Harddisk1\DR1\Partition2 - ok
22:17:13.0054 0x0930  ================ Scan generic autorun ======================
22:17:13.0055 0x0930  SynTPEnh - ok
22:17:13.0345 0x0930  [ 160B5E0566713EB5CAB2EC12C36ACF52, 3B9FC94989CED565C339A0A5E79CE61B180BA14D46759A1F27DC3561E3384E31 ] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
22:17:13.0608 0x0930  RTHDVCPL - ok
22:17:13.0617 0x0930  SynAsusAcpi - ok
22:17:13.0676 0x0930  [ C8AC55CCB8AB33713522B4CAAFAC0F59, CCEA638F90395F5C1C9DA892227FF4F3A7BC7567DEF8A7B63AFE2A487DADA88A ] C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
22:17:13.0736 0x0930  NvBackend - ok
22:17:13.0739 0x0930  ShadowPlay - ok
22:17:13.0776 0x0930  [ 896C8BAC87F415B3C6309259E038D7E8, 08FDCC73E30EFB2CAF8B69531E4E7C8B93CA022C8F51D15EDF97660AFB930BB7 ] C:\Program Files\BackupClient\TrayMonitor\MmsMonitor.exe
22:17:13.0812 0x0930  MmsMonitor.exe - ok
22:17:13.0825 0x0930  [ 58D575E96C6FAF044CE5FA0F5A468B81, C8FA59627A1B56036510BE867C8F0FB8E7AF4673FAB5D87CA9DDD1FBF7EB6152 ] C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe
22:17:13.0839 0x0930  Acronis Scheduler2 Service - ok
22:17:13.0855 0x0930  [ 20C08CA080F650B730B1E3FDEA9AD532, 1D2B0914412378E0B5834A95BDD86F8927B6A8D37F4E044C904CE381F1C19A75 ] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe
22:17:13.0873 0x0930  AdobeAAMUpdater-1.0 - ok
22:17:13.0896 0x0930  [ 89E2B626004D285D70968A489BC64312, C66EE63CE8B91B884E30CFA23AAD43705D9EA43794FB260798E13FBF74E52309 ] C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe
22:17:13.0936 0x0930  AthBtTray - detected UnsignedFile.Multi.Generic ( 1 )
22:17:14.0032 0x0930  Detect skipped due to KSN trusted
22:17:14.0032 0x0930  AthBtTray - ok
22:17:14.0248 0x0930  [ 9F670B971BFA35C34D5E1340529C672D, CB3A09894E6CB010FAA2052D9FE24B854C2124E5025B9B54A2BB7220D1672698 ] c:\program files (x86)\emsisoft anti-malware\a2guard.exe
22:17:14.0499 0x0930  emsisoft anti-malware - ok
22:17:14.0548 0x0930  [ 3CDBA26C1D56BCA2F112FCC149F15C3D, 00BF002B4C44599A9E51B0A4CAC95BECEECBB0C7CE9FBEBF1ACB15CFA8E5B933 ] C:\Program Files\Bitdefender\Bitdefender 2016\bdagent.exe
22:17:14.0593 0x0930  Bdagent - ok
22:17:14.0600 0x0930  [ 747CEF68DA0B3BABD64B74C0E06C050E, C640AF94F66025E8B9937A37A361547580DB3F0B5F62F21E8B30A087BE018015 ] C:\Program Files\iTunes\iTunesHelper.exe
22:17:14.0611 0x0930  iTunesHelper - ok
22:17:14.0613 0x0930  Logitech Download Assistant - ok
22:17:14.0654 0x0930  [ CA8858F7C2B9D2EBC691D51B3F67D5A3, AB8865D2A3737F77A259CB8D861E040D0209D1E2640F006A595218E13B3A01FB ] C:\Program Files\Logitech\LogiOptions\LogiOptions.exe
22:17:14.0694 0x0930  LogiOptions - ok
22:17:14.0756 0x0930  [ 659321B80A74212863790AC7FE08DE81, 8EAE9177B13B620AA8A3295B8030A09688CB6AC30E69384B7B15B7DCFE5076BE ] C:\Program Files (x86)\Ashampoo\Ashampoo UnInstaller 6\UI6Guard.exe
22:17:14.0816 0x0930  Ashampoo Uninstaller 6 Guard - ok
22:17:14.0843 0x0930  OneDriveSetup - ok
22:17:14.0844 0x0930  OneDriveSetup - ok
22:17:14.0852 0x0930  [ 3A389D6646EB99011023527BA69BD00C, 6AAE78A8FDA92379BBC746AFD8A469C615395C0517C3959143EC10128A8F32D1 ] C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe
22:17:14.0865 0x0930  RoboForm - ok
22:17:14.0901 0x0930  [ F0DE9ACFEF67960C5C3C893952C68395, 04D45D4EE75CCE8D086BA036A7250AB52510A147722D40C821352116E22AFD3B ] C:\Program Files\Bitdefender\Bitdefender 2016\bdwtxag.exe
22:17:14.0941 0x0930  Bitdefender-Geldbörse-Agent - ok
22:17:14.0949 0x0930  [ F7BF95877017F53DDAEBC4E87A309168, F7849DBC61E5E7C42B97D011364ADC7C20257994FECBFA988C8CB2E779392F80 ] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
22:17:14.0958 0x0930  iCloudServices - ok
22:17:14.0981 0x0930  [ 8F2EA5EE0695CCE2285D92C44108375C, 2C96A8E7E41E87C27B6A3325526F99A03333357EF2682C17A4892BE4A58D157E ] C:\Users\Admin\AppData\Local\Microsoft\OneDrive\OneDrive.exe
22:17:15.0003 0x0930  OneDrive - ok
22:17:15.0166 0x0930  [ 11E408957C9B8C12EC786F2E990EBA1B, 707BB4CDCE07EDFF279C8453B442C0E80CA1EAE7A5BF0C5203B922EAD2EAC676 ] C:\Program Files (x86)\Ashampoo\Ashampoo Snap 9\ashsnap.exe
22:17:15.0324 0x0930  AshSnap - ok
22:17:15.0678 0x0930  [ 3207A86C13347CE6DE26D06BCBFE0E02, A5F9B0B03844FA51B345BAAB16F7AD80272C061CE00447ACD1B8292B8C7D0C6E ] C:\Program Files (x86)\eM Client\MailClient.exe
22:17:16.0070 0x0930  eM Client - ok
22:17:16.0118 0x0930  [ F0DE9ACFEF67960C5C3C893952C68395, 04D45D4EE75CCE8D086BA036A7250AB52510A147722D40C821352116E22AFD3B ] C:\Program Files\Bitdefender\Bitdefender 2016\bdwtxag.exe
22:17:16.0156 0x0930  Bitdefender-Geldbörse-Agent - ok
22:17:16.0168 0x0930  [ DD7423ABBE2913E70D50E9318AD57EE4, 74BC123808F3FA60ADDC51C1383F8250608D3DBA3A8DC175B3418A1CF0BC53E9 ] C:\Users\Gerhard\AppData\Local\Google\Update\GoogleUpdate.exe
22:17:16.0178 0x0930  Google Update - ok
22:17:16.0206 0x0930  [ C9F4D8C7AE9CEB3B28DE1F4014309E84, FB8B01B7AAC8E7C4C3C4415C6BDECDB0B1E68E3310EFED1E6DFD43A8950F900A ] C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe
22:17:16.0232 0x0930  Adobe Acrobat Synchronizer - ok
22:17:16.0260 0x0930  [ F51BB12D8977D26C1A4CDA348770D9F1, DDA35CD8F8A6591B83821B5180D457740E0B820CCE000BC7FB1B78FB4AEAD3BA ] C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe
22:17:16.0303 0x0930  SpybotPostWindows10UpgradeReInstall - detected UnsignedFile.Multi.Generic ( 1 )
22:17:16.0403 0x0930  Detect skipped due to KSN trusted
22:17:16.0403 0x0930  SpybotPostWindows10UpgradeReInstall - ok
22:17:16.0407 0x0930  [ F7BF95877017F53DDAEBC4E87A309168, F7849DBC61E5E7C42B97D011364ADC7C20257994FECBFA988C8CB2E779392F80 ] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
22:17:16.0439 0x0930  iCloudServices - ok
22:17:16.0448 0x0930  [ 3558EC1B95ACC52F77BC401D08B47D84, 6BAD7D79003414DCADE127FD2CFE4E3019D4D3CD26083BA45562B39C97AEB9C5 ] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe
22:17:16.0462 0x0930  iCloudDrive - ok
22:17:16.0475 0x0930  [ 054EBE0E187606965B43AA7C7DCF77F2, B65F1EB130E677E05EEE1BAFDE0D0F85B288A6A826878BF3C8787EA79C0BD609 ] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe
22:17:16.0490 0x0930  iCloudPhotos - ok
22:17:16.0496 0x0930  [ 3A389D6646EB99011023527BA69BD00C, 6AAE78A8FDA92379BBC746AFD8A469C615395C0517C3959143EC10128A8F32D1 ] C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe
22:17:16.0506 0x0930  RoboForm - ok
22:17:16.0567 0x0930  [ F71609352FC2E7E0A1FCAB799EF33887, 6CC453221F8F9DAA1BC8FDF2A6E9B0A5D2AE6CD12791DB55B895643A398A03E5 ] C:\Program Files (x86)\Audials\Audials 12\AudialsNotifier.exe
22:17:16.0623 0x0930  AudialsNotifier - ok
22:17:16.0628 0x0930  Mailbird - ok
22:17:16.0630 0x0930  OneDriveSetup - ok
22:17:16.0632 0x0930  WAB Migrate - ok
22:17:16.0634 0x0930  OneDriveSetup - ok
22:17:16.0635 0x0930  Waiting for KSN requests completion. In queue: 108
22:17:16.0787 0x3004  Object required for P2P: [ F0DE9ACFEF67960C5C3C893952C68395 ] C:\Program Files\Bitdefender\Bitdefender 2016\bdwtxag.exe
22:17:16.0980 0x3004  Object send P2P result: true
22:17:16.0980 0x3004  Object required for P2P: [ F0DE9ACFEF67960C5C3C893952C68395 ] C:\Program Files\Bitdefender\Bitdefender 2016\bdwtxag.exe
22:17:17.0210 0x3004  Object send P2P result: true
22:17:17.0704 0x0930  AV detected via SS2: Emsisoft Anti-Malware, C:\PROGRAM FILES (X86)\EMSISOFT ANTI-MALWARE\a2start.exe ( 11.9.0.6513 ), 0x41000 ( enabled : updated )
22:17:17.0709 0x0930  AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.9.10586.0 ), 0x60100 ( disabled : updated )
22:17:17.0710 0x0930  AV detected via SS2: Bitdefender Virenschutz, C:\Program Files\Bitdefender\Bitdefender 2016\wscfix.exe ( 20.0.26.1443 ), 0x41000 ( enabled : updated )
22:17:17.0712 0x0930  FW detected via SS2: Bitdefender Firewall, C:\Program Files\Bitdefender\Bitdefender 2016\wscfix.exe ( 20.0.26.1443 ), 0x41010 ( enabled )
22:17:17.0829 0x0930  ============================================================
22:17:17.0829 0x0930  Scan finished
22:17:17.0829 0x0930  ============================================================
22:17:17.0856 0x03ec  Detected object count: 1
22:17:17.0856 0x03ec  Actual detected object count: 1
22:19:21.0655 0x03ec  GingerUpdateService ( UnsignedFile.Multi.Generic ) - skipped by user
22:19:21.0655 0x03ec  GingerUpdateService ( UnsignedFile.Multi.Generic ) - User select action: Skip
         

Alt 02.07.2016, 16:38   #10
deeprybka
/// TB-Ausbilder
/// Anleitungs-Guru
 
Banking Trojaner auf Smartphone, Online Konto gehackt, Login mit Laptop nicht möglich - Standard

Banking Trojaner auf Smartphone, Online Konto gehackt, Login mit Laptop nicht möglich



Hi,
ja ein vollwertiges Antivirusprogramm reicht.

Schritt 1 sollte das Banking-Problem bereits lösen, trotzdem bitte bis zum Ende mitarbeiten.

Schritt 1



Drücke bitte die + R Taste und schreibe notepad in das Ausführen Fenster.
Klicke auf OK und kopiere nun den Text aus der Codebox in das leere Textdokument:
Code:
ATTFilter
CloseProcesses:
HKLM-x32\...\Run: [] => [X]
AutoConfigURL: [S-1-5-21-3206007939-3703904605-1476991908-1001] => hxxps://7msnnd4jf32qsz5a.onion.to/YFDfl9k5.js?ip=217.199.89.225
Handler: WSAllMyTubechrome - {0A0C95CF-A116-4C74 -  Keine Datei
         
Speichere dieses bitte als Fixlist.txt in das Verzeichnis ab, in dem sich auch die FRST-Anwendung befindet. (Bei Dir von D:\DOWNLOADS 2)
  • Starte FRST und drücke auf den Entfernen-Button.
  • Das Tool erstellt eine "Fixlog.txt" -Datei.
  • Poste mir bitte deren Inhalt.

Nach dem Reboot:

Schritt 2

Bitte deinstalliere folgende Programme:

Video Performer


Versuche es bei Windows 10 mit der Windowstaste + X über .

Sollte das nicht gehen, lade Dir bitte Revo Uninstallerhier herunter. Entpacke die zip-Datei auf den Desktop. Anleitung
  • Starte die Revouninstaller.exe
  • Klicke auf Optionen und wähle als Sprache Deutsch.
  • Suche im Uninstallerfeld nach den oben angegebenen Programmen und wähle sie einzeln aus.
    Klicke jedes Mal auf Uninstall.
  • Wähle anschließend den Modus "Moderat" aus.
  • Reste löschen:
    Klicke auf dann auf und dann auf .

Wenn Du ein Programm nicht deinstallieren kannst, mach mit dem nächsten weiter.
Auch wenn am Ende noch Programme übrig geblieben sind, führe den nächsten Schritt aus:

Schritt 3
Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).


Schritt 4

  • Download und Anleitung
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Unter Einstellungen/ Erkennung und Schutz setze bitte einen Haken bei "Suche nach Rootkits".
  • Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
  • Am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
  • Lass Deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
  • Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.

Schritt 5

ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset

__________________
Gruß
deeprybka

Lob, Kritik, Wünsche?

Spende fürs trojaner-board?
_______________________________________________
„Neminem laede, immo omnes, quantum potes, iuva.“ Arthur Schopenhauer

Alt 02.07.2016, 22:51   #11
pinocchio
 
Banking Trojaner auf Smartphone, Online Konto gehackt, Login mit Laptop nicht möglich - Standard

Banking Trojaner auf Smartphone, Online Konto gehackt, Login mit Laptop nicht möglich



Hi Jürgen,
gerne, hier der Inhalt der Fixlog:

Code:
ATTFilter
Entferungsergebnis von Farbar Recovery Scan Tool (x64) Version: 02-07-2016
durchgeführt von Gerhard (2016-07-02 17:18:03) Run:1
Gestartet von D:\DOWNLOADS 2
Geladene Profile: Admin & Gerhard & Acronis Agent User (Verfügbare Profile: Admin & Gerhard & Acronis Agent User & DefaultAppPool)
Start-Modus: Normal
==============================================

fixlist Inhalt:
*****************
CloseProcesses:
HKLM-x32\...\Run: [] => [X]
AutoConfigURL: [S-1-5-21-3206007939-3703904605-1476991908-1001] => hxxps://7msnnd4jf32qsz5a.onion.to/YFDfl9k5.js?ip=217.199.89.225
Handler: WSAllMyTubechrome - {0A0C95CF-A116-4C74 -  Keine Datei
*****************

Prozess erfolgreich geschlossen.
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ => Wert konnte nicht entfernt werden.
HKU\S-1-5-21-3206007939-3703904605-1476991908-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\AutoConfigURL => Wert erfolgreich entfernt
HKCR\PROTOCOLS\Handler\WSAllMyTubechrome => Schlüssel konnte nicht entfernt werden. Zugriff verweigert.


Das System musste neu gestartet werden.

==== Ende von Fixlog 17:18:05 ====
         
Und hier die ADWCleaner.txt

Code:
ATTFilter
# AdwCleaner v5.201 - Bericht erstellt am 02/07/2016 um 18:19:06
# Aktualisiert am 30/06/2016 von ToolsLib
# Datenbank : 2016-07-01.1 [Server]
# Betriebssystem : Windows 10 Home  (X64)
# Benutzername : Admin - ADMIN-PC
# Gestartet von : C:\Users\Gerhard\Desktop\adwcleaner_5.201.exe
# Option : Löschen
# Unterstützung : https://toolslib.net/forum

***** [ Dienste ] *****


***** [ Ordner ] *****

[-] Ordner gelöscht : C:\Program Files (x86)\Yahoo!\yset
[-] Ordner gelöscht : C:\Users\Admin\AppData\Local\PackageAware
[-] Ordner gelöscht : C:\Users\Admin\AppData\Local\YSearchUtil
[-] Ordner gelöscht : C:\Users\Admin\AppData\Roaming\K9-PCFixer
[-] Ordner gelöscht : C:\Users\Admin\AppData\Roaming\Solvusoft
[-] Ordner gelöscht : C:\Users\Gerhard\AppData\Roaming\ProgSense
[-] Ordner gelöscht : C:\Users\Gerhard\AppData\Local\Google\Chrome\User Data\Default\Extensions\npdicihegicnhaangkdmcgbjceoemeoo

***** [ Dateien ] *****

[-] Datei gelöscht : C:\Users\Admin\Favorites\Booking.URL
[-] Datei gelöscht : C:\Users\Gerhard\Favorites\Booking.URL
[-] Datei gelöscht : C:\Users\Gerhard\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_npdicihegicnhaangkdmcgbjceoemeoo_0.localstorage

***** [ DLLs ] *****


***** [ WMI ] *****


***** [ Verknüpfungen ] *****


***** [ Aufgabenplanung ] *****

[-] Geplante Aufgabe gelöscht : WinThruster

***** [ Registrierungsdatenbank ] *****

[-] Schlüssel gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\npdicihegicnhaangkdmcgbjceoemeoo
[-] Schlüssel gelöscht : HKCU\Software\OCS
[-] Schlüssel gelöscht : HKLM\SOFTWARE\K9-PCFixer
[-] Schlüssel gelöscht : HKLM\SOFTWARE\K9Tools
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Yahoo! SearchSet
[-] Schlüssel gelöscht : HKU\S-1-5-21-3206007939-3703904605-1476991908-1001\Software\ProgSense
[-] Schlüssel gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2E00D31D-D171-423D-836D-1A4D7EA7F1A9}

***** [ Internetbrowser ] *****

[-] [C:\Users\Gerhard\AppData\Roaming\Mozilla\Firefox\Profiles\3y3wk84z.default\prefs.js] gelöscht : user_pref("extensions.astrmndasr.hmpgUrl", "hxxp://astromenda.com/?f=1&a=ast_ir_14_42_ff&cd=2XzuyEtN2Y1L1QzuyByEtB0FyCzz0CyB0AyDtDzyyB0DtB0BtN0D0Tzu0StCtDtBtCtN1L2XzutAtFtBtFtCtFyDtN1L1CzutCyEtBzytDyD[...]
[-] [C:\Users\Gerhard\AppData\Roaming\Mozilla\Firefox\Profiles\3y3wk84z.default\prefs.js] gelöscht : user_pref("extensions.astrmndasr.newTabUrl", "hxxp://astromenda.com/?f=2&a=ast_ir_14_42_ff&cd=2XzuyEtN2Y1L1QzuyByEtB0FyCzz0CyB0AyDtDzyyB0DtB0BtN0D0Tzu0StCtDtBtCtN1L2XzutAtFtBtFtCtFyDtN1L1CzutCyEtBzytD[...]
[-] [C:\Users\Gerhard\AppData\Roaming\Mozilla\Firefox\Profiles\3y3wk84z.default\prefs.js] gelöscht : user_pref("extensions.astrmndasr.prtnrId", "WSE_Astromenda");
[-] [C:\Users\Gerhard\AppData\Roaming\Mozilla\Firefox\Profiles\3y3wk84z.default\prefs.js] gelöscht : user_pref("extensions.astrmndasr.srchPrvdr", "Astromenda");
[-] [C:\Users\Gerhard\AppData\Roaming\Mozilla\Firefox\Profiles\3y3wk84z.default\prefs.js] gelöscht : user_pref("extensions.astrmndasr.tlbrSrchUrl", "hxxp://astromenda.com/?f=3&a=ast_ir_14_42_ff&cd=2XzuyEtN2Y1L1QzuyByEtB0FyCzz0CyB0AyDtDzyyB0DtB0BtN0D0Tzu0StCtDtBtCtN1L2XzutAtFtBtFtCtFyDtN1L1CzutCyEtBzy[...]
[-] [C:\Users\Gerhard\AppData\Roaming\Mozilla\Firefox\Profiles\3y3wk84z.default\user.js] gelöscht : user_pref("extensions.astrmndasr.hmpgUrl", "hxxp://astromenda.com/?f=1&a=ast_ir_14_42_ff&cd=2XzuyEtN2Y1L1QzuyByEtB0FyCzz0CyB0AyDtDzyyB0DtB0BtN0D0Tzu0StCtDtBtCtN1L2XzutAtFtBtFtCtFyDtN1L1CzutCyEtBzytDyD[...]
[-] [C:\Users\Gerhard\AppData\Roaming\Mozilla\Firefox\Profiles\3y3wk84z.default\user.js] gelöscht : user_pref("extensions.astrmndasr.srchPrvdr", "Astromenda");
[-] [C:\Users\Gerhard\AppData\Roaming\Mozilla\Firefox\Profiles\3y3wk84z.default\user.js] gelöscht : user_pref("extensions.astrmndasr.newTabUrl", "hxxp://astromenda.com/?f=2&a=ast_ir_14_42_ff&cd=2XzuyEtN2Y1L1QzuyByEtB0FyCzz0CyB0AyDtDzyyB0DtB0BtN0D0Tzu0StCtDtBtCtN1L2XzutAtFtBtFtCtFyDtN1L1CzutCyEtBzytD[...]
[-] [C:\Users\Gerhard\AppData\Roaming\Mozilla\Firefox\Profiles\3y3wk84z.default\user.js] gelöscht : user_pref("extensions.astrmndasr.tlbrSrchUrl", "hxxp://astromenda.com/?f=3&a=ast_ir_14_42_ff&cd=2XzuyEtN2Y1L1QzuyByEtB0FyCzz0CyB0AyDtDzyyB0DtB0BtN0D0Tzu0StCtDtBtCtN1L2XzutAtFtBtFtCtFyDtN1L1CzutCyEtBzy[...]
[-] [C:\Users\Gerhard\AppData\Roaming\Mozilla\Firefox\Profiles\3y3wk84z.default\user.js] gelöscht : user_pref("extensions.astrmndasr.prtnrId", "WSE_Astromenda");
[-] [C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] gelöscht : astromenda.com
[-] [C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] gelöscht : npdicihegicnhaangkdmcgbjceoemeoo
[-] [C:\Users\Gerhard\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] gelöscht : astromenda.com
[-] [C:\Users\Gerhard\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] gelöscht : inpaint.de.softonic.com
[-] [C:\Users\Gerhard\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] gelöscht : npdicihegicnhaangkdmcgbjceoemeoo

*************************

:: "Tracing" Schlüssel gelöscht
:: Proxy Einstellungen zurückgesetzt
:: Winsock Einstellungen zurückgesetzt
:: Internet Explorer Richtlinien gelöscht
:: Chrome Richtlinien gelöscht

*************************

\AdwCleaner\AdwCleaner[C1].txt - [5500 Bytes] - [02/07/2016 18:19:06]
\AdwCleaner\AdwCleaner[S1].txt - [5509 Bytes] - [02/07/2016 18:13:40]

########## EOF - \AdwCleaner\AdwCleaner[C1].txt - [5642 Bytes] ##########
         
Log der MBAM.txt

Code:
ATTFilter
 Malwarebytes Anti-Malware 
www.malwarebytes.org

Suchlaufdatum: 02.07.2016
Suchlaufzeit: 18:26
Protokolldatei: mbam.txt
Administrator: Nein

Version: 2.2.1.1043
Malware-Datenbank: v2016.07.02.03
Rootkit-Datenbank: v2016.05.27.01
Lizenz: Premium-Version
Malware-Schutz: Aktiviert
Schutz vor bösartigen Websites: Aktiviert
Selbstschutz: Deaktiviert

Betriebssystem: Windows 10
CPU: x64
Dateisystem: NTFS
Benutzer: Gerhard

Suchlauftyp: Bedrohungssuchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 363427
Abgelaufene Zeit: 6 Min., 50 Sek.

Speicher: Aktiviert
Start: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Aktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(keine bösartigen Elemente erkannt)

Module: 0
(keine bösartigen Elemente erkannt)

Registrierungsschlüssel: 0
(keine bösartigen Elemente erkannt)

Registrierungswerte: 0
(keine bösartigen Elemente erkannt)

Registrierungsdaten: 0
(keine bösartigen Elemente erkannt)

Ordner: 0
(keine bösartigen Elemente erkannt)

Dateien: 0
(keine bösartigen Elemente erkannt)

Physische Sektoren: 0
(keine bösartigen Elemente erkannt)


(end)
         
ESET log.txt

Code:
ATTFilter
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=1a6ce01454c93b42989b7a59656c27e5
# end=init
# utc_time=2016-07-02 04:46:54
# local_time=2016-07-02 06:46:54 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# osver=6.2.9200 NT 
Update Init
Update Download
Update Finalize
Updated modules version: 29987
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=1a6ce01454c93b42989b7a59656c27e5
# end=updated
# utc_time=2016-07-02 04:50:17
# local_time=2016-07-02 06:50:17 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# osver=6.2.9200 NT 
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7777
# api_version=3.1.1
# EOSSerial=1a6ce01454c93b42989b7a59656c27e5
# engine=29987
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2016-07-02 08:43:16
# local_time=2016-07-02 10:43:16 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1031
# osver=6.2.9200 NT 
# compatibility_mode_1='Bitdefender Antivirus'
# compatibility_mode=2071 16777213 100 100 15286 164804861 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776574 100 94 21265684 21306339 0 0
# scanned=591747
# found=25
# cleaned=0
# scan_time=13978
sh=1EDBC4EB34B17889E4A2E12125FC597F5D19B472 ft=1 fh=95fd66850c7dcceb vn="Variante von Win32/Magicbit.A evtl. unerwünschte Anwendung" ac=I fn="D:\DOWNLOADS 1\UmmyVD-Web-Loader.exe"
sh=19C16B8F253CFB6AA5843B33EAAB29AC2BCA1FDF ft=1 fh=6aa8293ee47cc4cf vn="Variante von Win32/Magicbit.D evtl. unerwünschte Anwendung" ac=I fn="D:\DOWNLOADS 1\UmmyVideoDownloader_setup.exe"
sh=644717DD80A6D7E71BF277339FC89159919981E1 ft=1 fh=47d9b4e50c07d32e vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="D:\DOWNLOADS 2\Malwarebytes Anti Malware Malware Scanner - CHIP-Installer.exe"
sh=475E62947FD674E17B4EF8D5C481993A1830A1D9 ft=1 fh=7b65b0e6c3aad977 vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="D:\DOWNLOADS 2\MyPhoneExplorer - CHIP-Installer.exe"
sh=96D9E9F6E45963CB1A74A37A9963898565365702 ft=0 fh=0000000000000000 vn="PHP/WebShell.NCL Trojaner" ac=I fn="D:\Websiten\Webseiten\Eiler\schaedliche Dateien\mod_articless.php"
sh=8C3D5D9F126184C95199C1D67336907A72DAC738 ft=0 fh=0000000000000000 vn="PHP/PhpShell.NBD Trojaner" ac=I fn="D:\Websiten\Webseiten\Laufkompetenzzentrum OÖ\infizierte Dateien\thumb.php"
sh=1FB03F56F5474F386D85170A30576DFC22BDEEE7 ft=0 fh=0000000000000000 vn="PHP/TrojanDownloader.Agent.AR Trojaner" ac=I fn="D:\Websiten\Webseiten\OKWZR\backup\administrator\components\com_smartslider\extensions\15\mod_smartslider\classes\helper.class.php"
sh=1FB03F56F5474F386D85170A30576DFC22BDEEE7 ft=0 fh=0000000000000000 vn="PHP/TrojanDownloader.Agent.AR Trojaner" ac=I fn="D:\Websiten\Webseiten\OKWZR\backup\administrator\components\com_smartslider\extensions\16\mod_smartslider\classes\helper.class.php"
sh=3F3432D3681C8B0B4519BEF43F2AF3B34E8F0605 ft=0 fh=0000000000000000 vn="PHP/TrojanDownloader.Agent.AR Trojaner" ac=I fn="D:\Websiten\Webseiten\OKWZR\backup\administrator\components\com_universal_ajax_live_search\extensions\15\mod_universal_ajaxlivesearch\helper\Helper.class.php"
sh=3F3432D3681C8B0B4519BEF43F2AF3B34E8F0605 ft=0 fh=0000000000000000 vn="PHP/TrojanDownloader.Agent.AR Trojaner" ac=I fn="D:\Websiten\Webseiten\OKWZR\backup\administrator\components\com_universal_ajax_live_search\extensions\16\mod_universal_ajaxlivesearch\helper\Helper.class.php"
sh=1FB03F56F5474F386D85170A30576DFC22BDEEE7 ft=0 fh=0000000000000000 vn="PHP/TrojanDownloader.Agent.AR Trojaner" ac=I fn="D:\Websiten\Webseiten\OKWZR\backup\modules\mod_smartslider\classes\helper.class.php"
sh=3F3432D3681C8B0B4519BEF43F2AF3B34E8F0605 ft=0 fh=0000000000000000 vn="PHP/TrojanDownloader.Agent.AR Trojaner" ac=I fn="D:\Websiten\Webseiten\OKWZR\backup\modules\mod_universal_ajaxlivesearch\helper\Helper.class.php"
sh=A7666D042B15AF9153CD20CEC9BA280326D548FD ft=0 fh=0000000000000000 vn="PHP/Agent.DD Trojaner" ac=I fn="D:\Websiten\Webseiten\physio-werner.at\clicker.php"
sh=BC91ECF0088034E1F8EA899DB7F6DBC801813BE8 ft=0 fh=0000000000000000 vn="PHP/Agent.DD Trojaner" ac=I fn="D:\Websiten\Webseiten\physio-werner.at\schadhafte codes\traf.php"
sh=823531BE8210023CBA89D2F791DD80A36043A834 ft=0 fh=0000000000000000 vn="PHP/Obfuscated.F evtl. unerwünschte Anwendung" ac=I fn="D:\Websiten\Webseiten\Volksschule Bach\infizierte Dateien\sitemap.xml.php"
sh=5559CD96A1181551E662A2708F420DE3C95748FD ft=0 fh=0000000000000000 vn="PHP/Small.NBH Trojaner" ac=I fn="D:\Websiten\Webseiten\WRKA\infizierte Dateien HP\ambit.php"
sh=A9ED98193288C79028EE29258B229538D5702D5A ft=0 fh=0000000000000000 vn="PHP/Small.NBH Trojaner" ac=I fn="D:\Websiten\Webseiten\WRKA\infizierte Dateien HP\CreateFolder.php"
sh=18216576034E6EAC7E1C91C9C7A5198D17767878 ft=0 fh=0000000000000000 vn="PHP/Small.NBH Trojaner" ac=I fn="D:\Websiten\Webseiten\WRKA\infizierte Dateien HP\help.php"
sh=F5BB5F55C690C448D7E34F97E5F05C3E9DAA8173 ft=0 fh=0000000000000000 vn="PHP/TrojanDownloader.Agent.AR Trojaner" ac=I fn="D:\Websiten\Webseiten\WRKA\infizierte Dateien HP\helper.class.php"
sh=F5BB5F55C690C448D7E34F97E5F05C3E9DAA8173 ft=0 fh=0000000000000000 vn="PHP/TrojanDownloader.Agent.AR Trojaner" ac=I fn="D:\Websiten\Webseiten\WRKA\infizierte Dateien HP\I1_helper.class.php"
sh=F5BB5F55C690C448D7E34F97E5F05C3E9DAA8173 ft=0 fh=0000000000000000 vn="PHP/TrojanDownloader.Agent.AR Trojaner" ac=I fn="D:\Websiten\Webseiten\WRKA\infizierte Dateien HP\I_helper.class.php"
sh=DBD904396069BC3139179BBCBA346068A24987D9 ft=0 fh=0000000000000000 vn="PHP/Small.NBH Trojaner" ac=I fn="D:\Websiten\Webseiten\WRKA\infizierte Dateien HP\Latest_articles.php"
sh=158D1116D4EFC91DE72B0ED1845EB48C3337C83A ft=0 fh=0000000000000000 vn="PHP/Small.NBH Trojaner" ac=I fn="D:\Websiten\Webseiten\WRKA\infizierte Dateien HP\media.php"
sh=2C48E42C882B45861557EA1F139F3E8B31629C7C ft=0 fh=0000000000000000 vn="PHP/Kryptik.AJ Trojaner" ac=I fn="D:\Websiten\Webseiten\WRKA\infizierte Dateien HP\simplepie\mod_ariimagespas.php"
sh=90CFF41434ECCE38161280C6D5E0F10ED512B1C2 ft=0 fh=0000000000000000 vn="PHP/Agent.CN.Gen Trojaner" ac=I fn="E:\Privat\Dropbox\Downloads\Joomla Downloads3\JUX\Diverse Erweiterungen\CSS Mega Menü\qs_jux_mega_menu.zip"
         

Alt 03.07.2016, 14:45   #12
deeprybka
/// TB-Ausbilder
/// Anleitungs-Guru
 
Banking Trojaner auf Smartphone, Online Konto gehackt, Login mit Laptop nicht möglich - Standard

Banking Trojaner auf Smartphone, Online Konto gehackt, Login mit Laptop nicht möglich



Was ist den das für ein Webseitenzeug?

Gibt es jetzt noch Probleme mit dem PC? Wenn ja, welche?

Schritt 1



Bitte starte FRST erneut, markiere auch die checkbox und drücke auf Untersuchen.
Bitte poste mir den Inhalt der beiden Logs die erstellt werden.
__________________
Gruß
deeprybka

Lob, Kritik, Wünsche?

Spende fürs trojaner-board?
_______________________________________________
„Neminem laede, immo omnes, quantum potes, iuva.“ Arthur Schopenhauer

Alt 03.07.2016, 16:14   #13
pinocchio
 
Banking Trojaner auf Smartphone, Online Konto gehackt, Login mit Laptop nicht möglich - Standard

Banking Trojaner auf Smartphone, Online Konto gehackt, Login mit Laptop nicht möglich



Hallo Jürgen,

hier bitte die FRST.txt Teil 1

Code:
ATTFilter
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 02-07-2016
durchgeführt von Admin (Administrator) auf ADMIN-PC (03-07-2016 16:06:28)
Gestartet von D:\DOWNLOADS 2
Geladene Profile: Admin & Gerhard & Acronis Agent User (Verfügbare Profile: Admin & Gerhard & Acronis Agent User & DefaultAppPool)
Platform: Windows 10 Home Version 1511 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvscpapisvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(Emsisoft Ltd) C:\Program Files\Emsisoft Internet Security\a2service.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\SynptSync64.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\Agent\agent.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Ginger Software) C:\Program Files (x86)\Ginger\GingerUpdateService\GingerUpdateService.exe
(Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe
(Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
(Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
(Nalpeiron Ltd.) C:\Windows\SysWOW64\nlssrv32.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(Paramount Software UK Ltd) C:\Program Files\Macrium\Reflect\ReflectService.exe
(DEVGURU Co., LTD.) C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe
(Acronis) C:\Program Files\BackupClient\BackupAndRecovery\mms.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Acronis) C:\Program Files\BackupClient\TrayMonitor\MmsMonitor.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe
(Emsisoft Ltd) C:\Program Files\Emsisoft Internet Security\a2guard.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Logitech, Inc.) C:\Program Files\Logitech\LogiOptions\LogiOptions.exe
(Logitech, Inc.) C:\ProgramData\Logishrd\LogiOptions\Software\3.40.25\LogiOptionsMgr.exe
(Ashampoo Development GmbH & Co. KG) C:\Program Files (x86)\Ashampoo\Ashampoo UnInstaller 6\UI6Guard.exe
(eM Client s.r.o.) C:\Program Files (x86)\eM Client\MailClient.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe
(Siber Systems) C:\Program Files (x86)\Siber Systems\AI RoboForm\robotaskbaricon.exe
() C:\Program Files (x86)\Audials\Audials 12\AudialsNotifier.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
(Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\acrotray.exe
(Ginger Software) C:\Program Files (x86)\Ginger\GingerClient.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe
(Apple, Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\secd.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
(Ginger Software) C:\Program Files (x86)\Ginger\GingerServices\GingerServices.exe
() C:\Program Files (x86)\Syncios\SynciosDeviceService.exe
(CANON INC.) C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
() C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\CCXProcess.exe
(Joyent, Inc) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\libs\node.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(MAGIX AG) C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe
(Emsisoft Ltd) C:\Program Files\Emsisoft Internet Security\a2start.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
() C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.526.11220.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(Malwarebytes) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\SynptSync64.exe
() C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Acronis) C:\Program Files\BackupClient\TrayMonitor\MmsMonitor.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe
(Emsisoft Ltd) C:\Program Files\Emsisoft Internet Security\a2guard.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Logitech, Inc.) C:\Program Files\Logitech\LogiOptions\LogiOptions.exe
(Logitech, Inc.) C:\ProgramData\Logishrd\LogiOptions\Software\3.40.25\LogiOptionsMgr.exe
(Ashampoo Development GmbH & Co. KG) C:\Program Files (x86)\Ashampoo\Ashampoo UnInstaller 6\UI6Guard.exe
(Siber Systems) C:\Program Files (x86)\Siber Systems\AI RoboForm\robotaskbaricon.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Ashampoo GmbH & Co. KG) C:\Program Files (x86)\Ashampoo\Ashampoo Snap 9\ashsnap.exe
(Ginger Software) C:\Program Files (x86)\Ginger\GingerClient.exe
(Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\acrotray.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
(Ginger Software) C:\Program Files (x86)\Ginger\GingerServices\GingerServices.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
() C:\Program Files (x86)\Syncios\SynciosDeviceService.exe
(CANON INC.) C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe
() C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\CCXProcess.exe
(Joyent, Inc) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\libs\node.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe
(Emsisoft Ltd) C:\Program Files\Emsisoft Internet Security\a2start.exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2869008 2012-01-26] (Synaptics Incorporated)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12446824 2012-01-31] (Realtek Semiconductor)
HKLM\...\Run: [SynAsusAcpi] => C:\Program Files\Synaptics\SynTP\SynAsusAcpi.exe [100112 2012-01-26] (Synaptics Incorporated)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2398776 2016-05-02] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => "C:\Windows\system32\rundll32.exe" C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [MmsMonitor.exe] => C:\Program Files\BackupClient\TrayMonitor\MmsMonitor.exe [1435816 2015-07-16] (Acronis)
HKLM\...\Run: [Acronis Scheduler2 Service] => C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe [373984 2015-04-30] (Acronis)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508128 2016-01-07] (Adobe Systems Incorporated)
HKLM\...\Run: [AthBtTray] => C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe [799904 2011-09-30] (Atheros Commnucations)
HKLM\...\Run: [emsisoft anti-malware] => c:\program files\emsisoft internet security\a2guard.exe [9511912 2016-06-28] (Emsisoft Ltd)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [176952 2016-06-01] (Apple Inc.)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM\...\Run: [LogiOptions] => C:\Program Files\Logitech\LogiOptions\LogiOptions.exe [1553528 2015-11-14] (Logitech, Inc.)
HKLM\...\Run: [Ashampoo Uninstaller 6 Guard] => C:\Program Files (x86)\Ashampoo\Ashampoo UnInstaller 6\UI6Guard.exe [2377032 2016-01-20] (Ashampoo Development GmbH & Co. KG)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Acrotray.exe [1867448 2016-05-27] (Adobe Systems Inc.)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2304688 2015-11-25] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [ATKOSD2] => C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [406328 2013-09-09] (ASUSTek Computer Inc.)
HKLM-x32\...\Run: [ATKMEDIA] => C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe [205624 2013-05-30] (ASUSTek Computer Inc.)
HKLM-x32\...\Run: [HControlUser] => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe [105016 2009-06-19] (ASUS)
HKLM-x32\...\Run: [Syncios device service] => C:\Program Files (x86)\Syncios\SynciosDeviceService.exe [269824 2015-12-21] ()
HKLM-x32\...\Run: [IJNetworkScannerSelectorEX] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [452016 2011-01-15] (CANON INC.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [595992 2016-05-20] (Oracle Corporation)
HKU\S-1-5-21-3206007939-3703904605-1476991908-1000\...\Run: [RoboForm] => C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe [110376 2016-04-09] (Siber Systems)
HKU\S-1-5-21-3206007939-3703904605-1476991908-1000\...\Run: [Bitdefender-Geldb�rse-Agent] => "C:\Program Files\Bitdefender\Bitdefender 2016\bdwtxag.exe"
HKU\S-1-5-21-3206007939-3703904605-1476991908-1000\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [67384 2016-04-22] (Apple Inc.)
HKU\S-1-5-21-3206007939-3703904605-1476991908-1000\...\Run: [AshSnap] => C:\Program Files (x86)\Ashampoo\Ashampoo Snap 9\ashsnap.exe [7227696 2016-06-02] (Ashampoo GmbH & Co. KG)
HKU\S-1-5-21-3206007939-3703904605-1476991908-1000\...\Policies\Explorer: [NoDrives] 62914560
HKU\S-1-5-21-3206007939-3703904605-1476991908-1001\...\Run: [eM Client] => C:\Program Files (x86)\eM Client\MailClient.exe [15698792 2016-02-29] (eM Client s.r.o.)
HKU\S-1-5-21-3206007939-3703904605-1476991908-1001\...\Run: [Bitdefender-Geldb�rse-Agent] => "C:\Program Files\Bitdefender\Bitdefender 2016\bdwtxag.exe"
HKU\S-1-5-21-3206007939-3703904605-1476991908-1001\...\Run: [Google Update] => C:\Users\Gerhard\AppData\Local\Google\Update\GoogleUpdate.exe [144200 2015-08-28] (Google Inc.)
HKU\S-1-5-21-3206007939-3703904605-1476991908-1001\...\Run: [Adobe Acrobat Synchronizer] => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe [882872 2016-05-27] (Adobe Systems Incorporated)
HKU\S-1-5-21-3206007939-3703904605-1476991908-1001\...\Run: [SpybotPostWindows10UpgradeReInstall] => C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [1011200 2015-07-28] (Safer-Networking Ltd.)
HKU\S-1-5-21-3206007939-3703904605-1476991908-1001\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [67384 2016-04-22] (Apple Inc.)
HKU\S-1-5-21-3206007939-3703904605-1476991908-1001\...\Run: [iCloudDrive] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe [110392 2016-04-22] (Apple Inc.)
HKU\S-1-5-21-3206007939-3703904605-1476991908-1001\...\Run: [iCloudPhotos] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe [356664 2016-04-22] (Apple Inc.)
HKU\S-1-5-21-3206007939-3703904605-1476991908-1001\...\Run: [RoboForm] => C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe [110376 2016-04-09] (Siber Systems)
HKU\S-1-5-21-3206007939-3703904605-1476991908-1001\...\Run: [AudialsNotifier] => C:\Program Files (x86)\Audials\Audials 12\AudialsNotifier.exe [2411784 2015-03-17] ()
HKU\S-1-5-21-3206007939-3703904605-1476991908-1001\...\Run: [Mailbird] => "C:\Program Files (x86)\Mailbird\Mailbird.exe" startup
HKU\S-1-5-21-3206007939-3703904605-1476991908-1009\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [517632 2015-10-30] (Microsoft Corporation)
SSODL: EldosMountNotificator - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\Windows\system32\CbFsMntNtf3.dll (EldoS Corporation)
SSODL-x32: EldosMountNotificator - {5FF49FE8-B332-4CB9-B102-FB6951629E55} - C:\Windows\SysWOW64\CbFsMntNtf3.dll (EldoS Corporation)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2015-11-14] ()
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2015-11-14] ()
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2015-11-14] ()
ShellIconOverlayIdentifiers: ["DropboxExt1"] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} =>  Keine Datei
ShellIconOverlayIdentifiers: ["DropboxExt2"] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} =>  Keine Datei
ShellIconOverlayIdentifiers: ["DropboxExt3"] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} =>  Keine Datei
ShellIconOverlayIdentifiers: ["DropboxExt4"] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} =>  Keine Datei
ShellIconOverlayIdentifiers: ["DropboxExt5"] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} =>  Keine Datei
ShellIconOverlayIdentifiers: ["DropboxExt6"] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} =>  Keine Datei
ShellIconOverlayIdentifiers: ["DropboxExt7"] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} =>  Keine Datei
ShellIconOverlayIdentifiers: ["DropboxExt8"] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} =>  Keine Datei
ShellIconOverlayIdentifiers: [EldosIconOverlay] -> {5BB532A2-BF14-4CCC-86B7-71B81EF6F8BC} => C:\Windows\system32\CbFsMntNtf3.dll [2012-11-10] (EldoS Corporation)
ShellIconOverlayIdentifiers-x32: [EldosIconOverlay] -> {5BB532A2-BF14-4CCC-86B7-71B81EF6F8BC} => C:\Windows\SysWOW64\CbFsMntNtf3.dll [2012-11-10] (EldoS Corporation)
Startup: C:\Users\Acronis Agent User.Admin-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Uninstall LastPass RunOnce.lnk [2016-06-13]
ShortcutTarget: Uninstall LastPass RunOnce.lnk -> C:\Program Files (x86)\Common Files\lpuninstall.exe (LastPass)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\BdBkpFolder [2016-05-31] ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Ginger.lnk [2016-06-06]
ShortcutTarget: Ginger.lnk -> C:\Windows\Installer\{1EBF9A59-F4E3-4EA7-BA97-76703C1432F6}\GingerClientStartu_E7648186C0BE4AE6AF2E431C614DBB20.exe (Flexera Software LLC)

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Hosts: Es ist mehr als ein Eintrag in der Hosts Datei zu finden. Siehe Hosts-Bereich in Addition.txt
Tcpip\Parameters: [DhcpNameServer] 217.16.112.21 112.15.112.22
Tcpip\..\Interfaces\{10e2e093-18ac-4782-864f-6b9511f18ac0}: [DhcpNameServer] 217.16.112.21 112.15.112.22
Tcpip\..\Interfaces\{30fbff49-9694-48d5-a1c3-9467b21817f9}: [DhcpNameServer] 172.20.10.1
Tcpip\..\Interfaces\{8a5b15c7-5e7a-4124-a0ac-58a687eb7161}: [NameServer] 217.16.112.21,217.16.112.22
Tcpip\..\Interfaces\{8f4d24e6-82ff-492b-affb-a3cc5b723df4}: [DhcpNameServer] 192.168.42.129
Tcpip\..\Interfaces\{afd2c3be-c16f-48e4-b66c-02199ce55eb3}: [DhcpNameServer] 192.168.42.129

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKU\S-1-5-21-3206007939-3703904605-1476991908-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/p/?LinkId=619797&pc=UE01&ocid=UE01DHP
HKU\S-1-5-21-3206007939-3703904605-1476991908-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
SearchScopes: HKLM -> {2E00D31D-D171-423D-836D-1A4D7EA7F1A9} URL = 
SearchScopes: HKU\S-1-5-21-3206007939-3703904605-1476991908-1000 -> {E6DE1D50-B165-4AF9-817F-42708144CA6B} URL = hxxps://at.search.yahoo.com/search?p={searchTerms}&fr=yset_ie_syc_oracle&type=orcl_default
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2016-06-10] (Microsoft Corporation)
BHO: RoboForm Toolbar Helper -> {724d43a9-0d85-11d4-9908-00400523e39a} -> C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboForm-x64.dll [2016-04-09] (Siber Systems Inc.)
BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2015-09-30] (Adobe Systems Incorporated)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\URLREDIR.DLL [2016-06-10] (Microsoft Corporation)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2016-06-10] (Microsoft Corporation)
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2015-09-30] (Adobe Systems Incorporated)
BHO-x32: RoboForm Toolbar Helper -> {724d43a9-0d85-11d4-9908-00400523e39a} -> C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll [2016-04-09] (Siber Systems Inc.)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\ssv.dll [2016-06-28] (Oracle Corporation)
BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2015-09-30] (Adobe Systems Incorporated)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\jp2ssv.dll [2016-06-28] (Oracle Corporation)
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2015-09-30] (Adobe Systems Incorporated)
Toolbar: HKLM - &RoboForm Toolbar - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboForm-x64.dll [2016-04-09] (Siber Systems Inc.)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2015-09-30] (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - &RoboForm Toolbar - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files (x86)\Siber Systems\AI RoboForm\roboform.dll [2016-04-09] (Siber Systems Inc.)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2015-09-30] (Adobe Systems Incorporated)
Toolbar: HKU\S-1-5-21-3206007939-3703904605-1476991908-1000 -> &RoboForm Toolbar - {724D43A0-0D85-11D4-9908-00400523E39A} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboForm-x64.dll [2016-04-09] (Siber Systems Inc.)
Toolbar: HKU\S-1-5-21-3206007939-3703904605-1476991908-1001 -> &RoboForm Toolbar - {724D43A0-0D85-11D4-9908-00400523E39A} - C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboForm-x64.dll [2016-04-09] (Siber Systems Inc.)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-06-10] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-06-10] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-06-10] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-06-10] (Microsoft Corporation)
Handler: WSAllMyTubechrome - {0A0C95CF-A116-4C74 -  Keine Datei

FireFox:
========
FF ProfilePath: C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\hnslaumw.default-1464681390370
FF Homepage: hxxp://derstandard.at/
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_22_0_0_192.dll [2016-06-17] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50428.0\npctrl.dll [2016-04-27] ( Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2015-11-25] (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_22_0_0_192.dll [2016-06-17] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-12-18] ()
FF Plugin-x32: @java.com/DTPlugin,version=11.91.2 -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\dtplugin\npDeployJava1.dll [2016-06-28] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.91.2 -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\plugin2\npjp2.dll [2016-06-28] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50428.0\npctrl.dll [2016-04-27] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2016-06-10] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2016-06-03] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2016-06-03] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-11] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-11] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2016-05-27] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2015-11-25] (Adobe Systems)
FF Plugin HKU\S-1-5-21-3206007939-3703904605-1476991908-1000: gingersoftware.com/gingerPlugin -> C:\Program Files (x86)\Ginger\GingerServices\GingerServicesProxy.dll [2015-11-23] (Ginger Software)
FF Plugin HKU\S-1-5-21-3206007939-3703904605-1476991908-1001: @citrixonline.com/appdetectorplugin -> C:\Users\Gerhard\AppData\Local\Citrix\Plugins\104\npappdetector.dll [2014-09-23] (Citrix Online)
FF Plugin HKU\S-1-5-21-3206007939-3703904605-1476991908-1001: @talk.google.com/GoogleTalkPlugin -> C:\Users\Gerhard\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll [2015-12-08] (Google)
FF Plugin HKU\S-1-5-21-3206007939-3703904605-1476991908-1001: @talk.google.com/O1DPlugin -> C:\Users\Gerhard\AppData\Roaming\Mozilla\plugins\npo1d.dll [2015-12-08] (Google)
FF Plugin HKU\S-1-5-21-3206007939-3703904605-1476991908-1001: @tools.google.com/Google Update;version=3 -> C:\Users\Gerhard\AppData\Local\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-11] (Google Inc.)
FF Plugin HKU\S-1-5-21-3206007939-3703904605-1476991908-1001: @tools.google.com/Google Update;version=9 -> C:\Users\Gerhard\AppData\Local\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-05-11] (Google Inc.)
FF Extension: Ginger - C:\Program Files (x86)\Mozilla Firefox\extensions\adapter@gingersoftware.com [2016-06-10] [ist nicht signiert]
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension.15@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn
FF Extension: Adobe Acrobat DC - Create PDF - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn [2016-02-18]
FF HKLM-x32\...\Firefox\Extensions: [{22119944-ED35-4ab1-910B-E619EA06A115}] - C:\Program Files (x86)\Siber Systems\AI RoboForm\Firefox\roboform.xpi
FF Extension: RoboForm Toolbar - C:\Program Files (x86)\Siber Systems\AI RoboForm\Firefox\roboform.xpi [2016-04-09]
FF HKLM-x32\...\Firefox\Extensions: [adapter@gingersoftware.com] - C:\Program Files (x86)\Ginger\Mozilla\adapter@gingersoftware.com
FF Extension: Ginger - C:\Program Files (x86)\Ginger\Mozilla\adapter@gingersoftware.com [2016-06-06] [ist nicht signiert]
FF HKLM-x32\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt => nicht gefunden
FF HKU\S-1-5-21-3206007939-3703904605-1476991908-1000\...\Firefox\Extensions: [{22119944-ED35-4ab1-910B-E619EA06A115}] - C:\Program Files (x86)\Siber Systems\AI RoboForm\Firefox\roboform.xpi

Chrome: 
=======
CHR Profile: C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Präsentationen) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-02-11]
CHR Extension: (Google Docs) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-11]
CHR Extension: (Google Drive) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-09-03]
CHR Extension: (YouTube) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-02-11]
CHR Extension: (Google-Suche) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-09-03]
CHR Extension: (Adobe Acrobat – PDF-Datei erstellen) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2015-01-09]
CHR Extension: (Google Tabellen) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-02-11]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-09-03]
CHR Extension: (Google Mail) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-09-03]
CHR Extension: (RoboForm Password Manager) - C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pnlccmojcmeohlpggmfnbbiapkmbliob [2015-09-03]
CHR HKLM\...\Chrome\Extension: [pnlccmojcmeohlpggmfnbbiapkmbliob] - C:\Program Files (x86)\Siber Systems\AI RoboForm\Chrome\rf-chrome.crx [2014-09-16]
CHR HKU\S-1-5-21-3206007939-3703904605-1476991908-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [dhdgffkkebhmkfjojejmpbldmpobfkfo] - hxxp://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [pnlccmojcmeohlpggmfnbbiapkmbliob] - C:\Program Files (x86)\Siber Systems\AI RoboForm\Chrome\rf-chrome.crx [2014-09-16]

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 a2AntiMalware; C:\Program Files\Emsisoft Internet Security\a2service.exe [11446000 2016-06-28] (Emsisoft Ltd)
R2 AcronisAgent; C:\Program Files (x86)\Common Files\Acronis\Agent\agent.exe [2875232 2014-06-10] (Acronis)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2021592 2016-04-05] (Adobe Systems, Incorporated)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2016-03-02] (Apple Inc.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [2944768 2016-06-10] (Microsoft Corporation)
S3 DfSdkS; C:\Program Files (x86)\Ashampoo\Ashampoo UnInstaller 6\DfSdkS64.exe [544768 2009-08-24] (mst software GmbH, Germany) [Datei ist nicht signiert]
R2 Fabs; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe [1858048 2012-01-23] (MAGIX AG) [Datei ist nicht signiert]
S3 FirebirdServerMAGIXInstance; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe [2702848 2011-04-26] (MAGIX®) [Datei ist nicht signiert]
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1165368 2016-05-02] (NVIDIA Corporation)
R2 GingerUpdateService; C:\Program Files (x86)\Ginger\GingerUpdateService\GingerUpdateService.exe [527360 2015-11-23] (Ginger Software) [Datei ist nicht signiert]
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [Datei ist nicht signiert]
R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1514464 2016-03-10] (Malwarebytes)
R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1136608 2016-03-10] (Malwarebytes)
R2 MMS; C:\Program Files\BackupClient\BackupAndRecovery\mms.exe [17480648 2015-07-16] (Acronis)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1881144 2016-05-02] (NVIDIA Corporation)
R3 NvStreamNetworkSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [3634232 2016-05-02] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [2522680 2016-05-02] (NVIDIA Corporation)
S3 OpenVPNService; C:\Program Files (x86)\HMA! Pro VPN\bin\openvpnserv.exe [37176 2015-03-17] (The OpenVPN Project)
R2 ReflectService.exe; C:\Program Files\Macrium\Reflect\ReflectService.exe [3476432 2015-10-12] (Paramount Software UK Ltd)
R2 ss_conn_service; C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [754784 2016-01-08] (DEVGURU Co., LTD.)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2015-10-30] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-10-30] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S3 Apowersoft_AudioDevice; C:\Windows\System32\drivers\Apowersoft_AudioDevice.sys [31920 2014-04-09] (Wondershare)
R3 athr; C:\Windows\System32\drivers\athwnx.sys [4207104 2015-10-30] (Qualcomm Atheros Communications, Inc.)
R1 cbfs3; C:\Windows\system32\drivers\cbfs3.sys [352008 2012-11-10] (EldoS Corporation)
S3 dg_ssudbus; C:\Windows\system32\DRIVERS\ssudbus.sys [129152 2016-04-25] (Samsung Electronics Co., Ltd.)
R1 epp; C:\Program Files\Emsisoft Internet Security\epp.sys [116944 2016-06-30] (Emsisoft Ltd)
R3 FLxHCIh; C:\Windows\System32\drivers\FLxHCIh.sys [76584 2012-07-19] (Fresco Logic)
R1 FWNDIS_LWF; C:\Windows\system32\DRIVERS\fwndislwf64.sys [204688 2016-06-30] ()
R1 fwwfp; C:\Program Files\Emsisoft Internet Security\fwwfp764.sys [144392 2016-06-30] ()
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [27008 2016-03-10] (Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [192216 2016-07-03] (Malwarebytes)
R3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [65408 2016-03-10] (Malwarebytes Corporation)
R2 npf; C:\Windows\System32\drivers\npf.sys [35344 2011-02-11] (CACE Technologies, Inc.)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [28216 2016-05-02] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [56384 2016-04-14] (NVIDIA Corporation)
R1 RrNetCapFilterDriver; C:\Windows\system32\DRIVERS\RrNetCapFilterDriver.sys [24744 2015-03-17] (Audials AG)
R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [589824 2015-10-30] (Realtek                                            )
U5 RTSPER; C:\Windows\System32\Drivers\RTSPER.sys [777944 2016-01-13] (Realsil Semiconductor Corporation)
R3 RTSUER; C:\Windows\system32\Drivers\RtsUer.sys [413912 2015-12-22] (Realsil Semiconductor Corporation)
R1 SDHookDriver; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDHookDrv64.sys [64160 2014-04-25] ()
R3 SmbDrv; C:\Windows\system32\DRIVERS\Smb_driver.sys [22800 2012-01-26] (Synaptics Incorporated)
R2 UI5IFS; C:\Program Files (x86)\Ashampoo\Ashampoo UnInstaller 6\IFS64.sys [31320 2015-12-07] ()
R0 volume_tracker; C:\Windows\System32\DRIVERS\volume_tracker.sys [192288 2015-08-25] (Acronis International GmbH)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation)
S3 WirelessKeyboardFilter; C:\Windows\System32\drivers\WirelessKeyboardFilter.sys [49384 2016-03-29] (Microsoft Corporation)
U3 idsvc; kein ImagePath
S3 RSUSBVSTOR; \SystemRoot\System32\Drivers\RtsUVStor.sys [X]
S3 VBoxNetFlt; \SystemRoot\system32\DRIVERS\VBoxNetFlt.sys [X]
U3 wpcsvc; kein ImagePath
         
FRST.txt Teil 2

Code:
ATTFilter
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-07-02 23:08 - 2016-07-03 16:06 - 00000000 ____D C:\Program Files\Emsisoft Internet Security
2016-07-02 23:08 - 2016-07-02 23:08 - 00000972 _____ C:\Users\Public\Desktop\Emsisoft Internet Security.lnk
2016-07-02 23:08 - 2016-07-02 23:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Emsisoft Internet Security
2016-07-02 23:08 - 2016-06-30 16:49 - 00204688 _____ C:\WINDOWS\system32\Drivers\fwndislwf64.sys
2016-07-02 23:04 - 2016-07-02 23:04 - 00027621 _____ C:\ProgramData\1467493461.bdinstall.bin
2016-07-02 23:00 - 2016-07-02 23:00 - 00243000 _____ C:\ProgramData\1467493112.bdinstall.bin
2016-07-02 18:45 - 2016-07-02 18:46 - 02870984 _____ (ESET) C:\Users\Gerhard\Desktop\esetsmartinstaller_deu.exe
2016-07-02 18:39 - 2016-07-02 18:42 - 00001190 _____ C:\Users\Gerhard\Desktop\mbam.txt
2016-07-02 18:09 - 2016-07-02 18:12 - 03712064 _____ C:\Users\Gerhard\Desktop\adwcleaner_5.201.exe
2016-07-02 17:58 - 2016-07-02 18:19 - 00000000 ____D C:\AdwCleaner
2016-07-02 17:46 - 2016-07-02 17:46 - 00000000 ____D C:\Users\Gerhard\Desktop\RevoUninstallerPortable
2016-07-02 17:45 - 2016-07-02 17:46 - 02785665 _____ (PortableApps.com) C:\Users\Gerhard\Desktop\RevoUninstallerPortable_1.95_Rev_2.paf.exe
2016-07-01 22:15 - 2016-07-01 23:03 - 00106266 _____ C:\TDSSKiller.3.1.0.9_01.07.2016_22.15.33_log.txt
2016-07-01 22:13 - 2016-07-01 22:13 - 04727984 _____ (Kaspersky Lab ZAO) C:\Users\Gerhard\Desktop\tdsskiller.exe
2016-07-01 19:48 - 2016-07-03 16:03 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2016-07-01 19:48 - 2016-07-01 19:48 - 00001175 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2016-07-01 19:48 - 2016-07-01 19:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2016-07-01 19:48 - 2016-07-01 19:48 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2016-07-01 19:48 - 2016-03-10 14:09 - 00065408 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2016-07-01 19:48 - 2016-03-10 14:08 - 00140672 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2016-07-01 19:48 - 2016-03-10 14:08 - 00027008 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2016-07-01 16:15 - 2016-07-01 15:58 - 02728337 _____ C:\Users\Gerhard\Desktop\1467377582_1_01.xml
2016-07-01 14:20 - 2016-07-01 14:21 - 00816568 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-07-01 14:19 - 2016-07-01 14:19 - 00001805 _____ C:\Users\Gerhard\Desktop\TrojanerBoard Text.txt
2016-07-01 14:14 - 2016-07-01 14:13 - 00003570 _____ C:\Users\Gerhard\Desktop\1467375210_1_01.xml
2016-07-01 12:19 - 2016-07-01 12:18 - 02728338 _____ C:\Users\Gerhard\Desktop\1467358142_1_01.xml
2016-07-01 09:10 - 2016-07-03 16:06 - 00000000 ____D C:\FRST
2016-07-01 01:05 - 2016-07-01 01:05 - 00000000 ____D C:\WINDOWS\SysWOW64\sda
2016-07-01 01:05 - 2016-01-13 09:32 - 00777944 _____ (Realsil Semiconductor Corporation) C:\WINDOWS\system32\Drivers\RtsPer.sys
2016-07-01 01:05 - 2016-01-05 11:50 - 00328920 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\Drivers\RtsP2Stor.sys
2016-07-01 01:05 - 2015-12-24 09:06 - 00313048 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\Drivers\RtsBaStor.sys
2016-07-01 01:05 - 2015-12-22 03:39 - 00413912 _____ (Realsil Semiconductor Corporation) C:\WINDOWS\system32\Drivers\RtsUer.sys
2016-07-01 01:05 - 2015-12-18 04:06 - 04330200 _____ (TODO: <Company name>) C:\WINDOWS\RtCRU64.exe
2016-07-01 01:05 - 2015-10-16 05:26 - 00367320 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\Drivers\RtsPStor.sys
2016-07-01 01:05 - 2014-10-20 11:50 - 00083160 _____ (Realtek Semiconductor.) C:\WINDOWS\system32\RtCRX64.dll
2016-07-01 01:05 - 2014-01-27 07:39 - 09890008 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\SysWOW64\RsCRIcon.dll
2016-06-30 11:19 - 2016-06-30 11:19 - 00001257 _____ C:\Users\Public\Desktop\Ashampoo Snap 9.lnk
2016-06-29 11:07 - 2016-06-29 11:07 - 00001205 _____ C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Emsisoft Anti-Malware Guard.lnk
2016-06-28 09:47 - 2016-06-28 09:47 - 00097344 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2016-06-28 09:47 - 2016-06-28 09:47 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2016-06-28 09:45 - 2016-06-28 09:45 - 00000000 ____D C:\Users\Admin\AppData\Temp
2016-06-27 08:54 - 2016-06-27 08:54 - 00000000 ____D C:\ProgramData\Malwarebytes
2016-06-25 14:40 - 2016-06-25 14:40 - 00000000 ____D C:\Users\Gerhard\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2016-06-24 16:28 - 2016-06-24 16:28 - 00000000 ____D C:\SpybotBootCD
2016-06-24 16:04 - 2016-06-27 14:06 - 00000000 ____D C:\WINDOWS\Minidump
2016-06-24 15:52 - 2016-06-24 16:40 - 00000000 ____D C:\Users\DefaultAppPool
2016-06-24 15:52 - 2016-06-24 15:52 - 00000020 ___SH C:\Users\DefaultAppPool\ntuser.ini
2016-06-24 15:52 - 2016-06-24 15:52 - 00000000 _SHDL C:\Users\DefaultAppPool\Vorlagen
2016-06-24 15:52 - 2016-06-24 15:52 - 00000000 _SHDL C:\Users\DefaultAppPool\Startmenü
2016-06-24 15:52 - 2016-06-24 15:52 - 00000000 _SHDL C:\Users\DefaultAppPool\Netzwerkumgebung
2016-06-24 15:52 - 2016-06-24 15:52 - 00000000 _SHDL C:\Users\DefaultAppPool\Lokale Einstellungen
2016-06-24 15:52 - 2016-06-24 15:52 - 00000000 _SHDL C:\Users\DefaultAppPool\Eigene Dateien
2016-06-24 15:52 - 2016-06-24 15:52 - 00000000 _SHDL C:\Users\DefaultAppPool\Druckumgebung
2016-06-24 15:52 - 2016-06-24 15:52 - 00000000 _SHDL C:\Users\DefaultAppPool\Documents\Eigene Videos
2016-06-24 15:52 - 2016-06-24 15:52 - 00000000 _SHDL C:\Users\DefaultAppPool\Documents\Eigene Musik
2016-06-24 15:52 - 2016-06-24 15:52 - 00000000 _SHDL C:\Users\DefaultAppPool\Documents\Eigene Bilder
2016-06-24 15:52 - 2016-06-24 15:52 - 00000000 _SHDL C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2016-06-24 15:52 - 2016-06-24 15:52 - 00000000 _SHDL C:\Users\DefaultAppPool\AppData\Local\Verlauf
2016-06-24 15:52 - 2016-06-24 15:52 - 00000000 _SHDL C:\Users\DefaultAppPool\AppData\Local\Anwendungsdaten
2016-06-24 15:52 - 2016-06-24 15:52 - 00000000 _SHDL C:\Users\DefaultAppPool\Anwendungsdaten
2016-06-24 15:52 - 2016-05-31 13:29 - 00000000 ____D C:\Users\DefaultAppPool\AppData\Roaming\Media Center Programs
2016-06-24 15:52 - 2016-05-31 13:29 - 00000000 ____D C:\Users\DefaultAppPool\AppData\Roaming\Macromedia
2016-06-24 15:52 - 2015-12-09 17:04 - 00002124 _____ C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk
2016-06-24 11:56 - 2016-06-24 11:56 - 00000000 ____D C:\Users\Gerhard\Documents\Samsung
2016-06-24 11:47 - 2016-06-24 12:04 - 00000000 ____D C:\Users\Gerhard\AppData\Roaming\Samsung
2016-06-24 11:47 - 2016-06-24 11:47 - 00002200 _____ C:\Users\Public\Desktop\Smart Switch.lnk
2016-06-24 11:47 - 2016-06-24 11:47 - 00000000 ____D C:\WINDOWS\LastGood.Tmp
2016-06-24 11:47 - 2016-06-24 11:47 - 00000000 ____D C:\Users\Public\Documents\NativeFus_Log
2016-06-24 11:47 - 2016-06-24 11:47 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung
2016-06-24 11:46 - 2016-06-24 11:48 - 00000000 ____D C:\ProgramData\Samsung
2016-06-24 11:46 - 2016-06-24 11:46 - 00000000 ____D C:\Users\Admin\AppData\Roaming\Samsung
2016-06-24 11:46 - 2016-06-24 11:46 - 00000000 ____D C:\Program Files (x86)\Samsung
2016-06-24 11:46 - 2016-04-25 00:36 - 01499408 _____ (Microsoft Corporation) C:\WINDOWS\system32\WdfCoInstaller01007.dll
2016-06-24 11:46 - 2016-04-25 00:36 - 00716928 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinUSBCoInstaller.dll
2016-06-24 11:46 - 2016-04-25 00:35 - 00129152 _____ (Samsung Electronics Co., Ltd.) C:\WINDOWS\system32\Drivers\ssudbus.sys
2016-06-24 11:46 - 2016-03-31 11:18 - 00144664 _____ (MAPILab Ltd. & Add-in Express Ltd.) C:\WINDOWS\SysWOW64\secman.dll
2016-06-24 11:46 - 2016-01-08 10:51 - 00213088 _____ (DEVGURU Co., LTD.(www.devguru.co.kr)) C:\WINDOWS\system32\Drivers\ssudmdm.sys
2016-06-23 16:54 - 2016-06-23 16:54 - 00000000 ____D C:\Users\Admin\AppData\Local\NetworkTiles
2016-06-23 16:42 - 2016-06-23 16:42 - 00000000 ____D C:\Users\Admin\AppData\LocalLow\Adobe
2016-06-23 16:42 - 2016-06-23 16:42 - 00000000 ____D C:\Users\Admin\AppData\Local\CEF
2016-06-23 16:36 - 2016-06-23 16:36 - 00000000 ____D C:\Users\Admin\AppData\Roaming\Sublime Text 3
2016-06-23 16:36 - 2016-06-23 16:36 - 00000000 ____D C:\Users\Admin\AppData\Local\Sublime Text 3
2016-06-19 13:19 - 2016-06-19 13:19 - 00001069 _____ C:\Users\Gerhard\Desktop\texteditor.exe - Verknüpfung.lnk
2016-06-19 12:51 - 2016-06-19 12:51 - 00000000 ____D C:\Program Files\ObjectNews2
2016-06-19 12:26 - 2016-06-19 12:51 - 00000000 ____D C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ObjectNews2
2016-06-19 11:47 - 2016-06-19 11:47 - 00000000 ____D C:\Program Files (x86)\VulkanRT
2016-06-19 11:47 - 2016-06-03 05:28 - 00111552 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvStreaming.exe
2016-06-19 11:47 - 2016-05-04 04:23 - 00129824 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2016-06-19 11:47 - 2016-05-04 04:22 - 00130848 _____ C:\WINDOWS\system32\vulkan-1.dll
2016-06-19 11:47 - 2016-05-04 04:22 - 00045344 _____ C:\WINDOWS\system32\vulkaninfo.exe
2016-06-19 11:47 - 2016-05-04 04:22 - 00040224 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2016-06-19 11:45 - 2016-06-03 09:22 - 39977920 _____ C:\WINDOWS\system32\nvcompiler.dll
2016-06-19 11:45 - 2016-06-03 09:22 - 35115968 _____ C:\WINDOWS\SysWOW64\nvcompiler.dll
2016-06-19 11:45 - 2016-06-03 09:22 - 31641656 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll
2016-06-19 11:45 - 2016-06-03 09:22 - 25404864 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll
2016-06-19 11:45 - 2016-06-03 09:22 - 21812056 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll
2016-06-19 11:45 - 2016-06-03 09:22 - 21355464 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2016-06-19 11:45 - 2016-06-03 09:22 - 18151128 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll
2016-06-19 11:45 - 2016-06-03 09:22 - 17746664 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2016-06-19 11:45 - 2016-06-03 09:22 - 10643240 _____ C:\WINDOWS\system32\nvptxJitCompiler.dll
2016-06-19 11:45 - 2016-06-03 09:22 - 08733792 _____ C:\WINDOWS\SysWOW64\nvptxJitCompiler.dll
2016-06-19 11:45 - 2016-06-03 09:22 - 02844608 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2016-06-19 11:45 - 2016-06-03 09:22 - 02470336 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2016-06-19 11:45 - 2016-06-03 09:22 - 01920960 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6436839.dll
2016-06-19 11:45 - 2016-06-03 09:22 - 01571776 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6436839.dll
2016-06-19 11:45 - 2016-06-03 09:22 - 00983488 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2016-06-19 11:45 - 2016-06-03 09:22 - 00910392 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2016-06-19 11:45 - 2016-06-03 09:22 - 00769984 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2016-06-19 11:45 - 2016-06-03 09:22 - 00707520 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2016-06-19 11:45 - 2016-06-03 09:22 - 00669952 _____ C:\WINDOWS\system32\nvfatbinaryLoader.dll
2016-06-19 11:45 - 2016-06-03 09:22 - 00565208 _____ C:\WINDOWS\SysWOW64\nvfatbinaryLoader.dll
2016-06-18 11:31 - 2016-06-18 11:31 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logitech
2016-06-18 11:31 - 2016-06-18 11:31 - 00000000 ____D C:\Program Files\Logitech
2016-06-15 09:05 - 2016-05-28 08:13 - 01401024 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2016-06-15 09:05 - 2016-05-28 08:13 - 00290496 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2016-06-15 09:05 - 2016-05-28 08:13 - 00046784 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2016-06-15 09:05 - 2016-05-28 07:25 - 04268880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\setupapi.dll
2016-06-15 09:05 - 2016-05-28 07:22 - 07474528 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2016-06-15 09:05 - 2016-05-28 07:22 - 04387680 _____ (Microsoft Corporation) C:\WINDOWS\system32\setupapi.dll
2016-06-15 09:05 - 2016-05-28 07:20 - 00430312 _____ (Microsoft Corporation) C:\WINDOWS\system32\ws2_32.dll
2016-06-15 09:05 - 2016-05-28 07:09 - 00501600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupEngine.dll
2016-06-15 09:05 - 2016-05-28 07:08 - 00693600 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupEngine.dll
2016-06-15 09:05 - 2016-05-28 07:07 - 03675512 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2016-06-15 09:05 - 2016-05-28 07:07 - 02921880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2016-06-15 09:05 - 2016-05-28 07:07 - 01322248 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2016-06-15 09:05 - 2016-05-28 07:07 - 00808288 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2016-06-15 09:05 - 2016-05-28 07:07 - 00703840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2016-06-15 09:05 - 2016-05-28 07:06 - 00730344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Shell.Broker.dll
2016-06-15 09:05 - 2016-05-28 07:05 - 04515264 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2016-06-15 09:05 - 2016-05-28 06:58 - 01996640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2016-06-15 09:05 - 2016-05-28 06:58 - 00379232 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2016-06-15 09:05 - 2016-05-28 06:57 - 02548944 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10warp.dll
2016-06-15 09:05 - 2016-05-28 06:57 - 02195632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10warp.dll
2016-06-15 09:05 - 2016-05-28 06:57 - 01594416 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2016-06-15 09:05 - 2016-05-28 06:57 - 01372312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
2016-06-15 09:05 - 2016-05-28 06:57 - 00649792 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2016-06-15 09:05 - 2016-05-28 06:57 - 00636304 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2016-06-15 09:05 - 2016-05-28 06:57 - 00546456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2016-06-15 09:05 - 2016-05-28 06:57 - 00521664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2016-06-15 09:05 - 2016-05-28 06:57 - 00316256 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2016-06-15 09:05 - 2016-05-28 06:35 - 00123392 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdlrecover.exe
2016-06-15 09:05 - 2016-05-28 06:35 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsCSP.dll
2016-06-15 09:05 - 2016-05-28 06:35 - 00031744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsdport.sys
2016-06-15 09:05 - 2016-05-28 06:31 - 00091648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdlrecover.exe
2016-06-15 09:05 - 2016-05-28 06:31 - 00066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosHostClient.dll
2016-06-15 09:05 - 2016-05-28 06:29 - 22379008 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2016-06-15 09:05 - 2016-05-28 06:29 - 00045568 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2016-06-15 09:05 - 2016-05-28 06:28 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
2016-06-15 09:05 - 2016-05-28 06:27 - 00050176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MosHostClient.dll
2016-06-15 09:05 - 2016-05-28 06:27 - 00028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\mapsupdatetask.dll
2016-06-15 09:05 - 2016-05-28 06:26 - 00120320 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsBtSvc.dll
2016-06-15 09:05 - 2016-05-28 06:26 - 00074752 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosStorage.dll
2016-06-15 09:05 - 2016-05-28 06:25 - 00037376 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2016-06-15 09:05 - 2016-05-28 06:24 - 00093696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll
2016-06-15 09:05 - 2016-05-28 06:24 - 00072704 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshost.dll
2016-06-15 09:05 - 2016-05-28 06:22 - 00269824 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshostcore.dll
2016-06-15 09:05 - 2016-05-28 06:22 - 00163328 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringservice.dll
2016-06-15 09:05 - 2016-05-28 06:22 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapsBtSvc.dll
2016-06-15 09:05 - 2016-05-28 06:22 - 00059904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MosStorage.dll
2016-06-15 09:05 - 2016-05-28 06:21 - 00190464 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscsvc.dll
2016-06-15 09:05 - 2016-05-28 06:19 - 24605696 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-06-15 09:05 - 2016-05-28 06:19 - 00567808 _____ (Microsoft Corporation) C:\WINDOWS\system32\MBMediaManager.dll
2016-06-15 09:05 - 2016-05-28 06:18 - 11545088 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2016-06-15 09:05 - 2016-05-28 06:18 - 07977472 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2016-06-15 09:05 - 2016-05-28 06:18 - 00460800 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapConfiguration.dll
2016-06-15 09:05 - 2016-05-28 06:18 - 00380416 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemEventsBrokerServer.dll
2016-06-15 09:05 - 2016-05-28 06:18 - 00285184 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEEventDispatcher.dll
2016-06-15 09:05 - 2016-05-28 06:17 - 09918976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2016-06-15 09:05 - 2016-05-28 06:17 - 00963072 _____ (Microsoft Corporation) C:\WINDOWS\system32\iphlpsvc.dll
2016-06-15 09:05 - 2016-05-28 06:17 - 00630784 _____ (Microsoft Corporation) C:\WINDOWS\system32\MessagingDataModel2.dll
2016-06-15 09:05 - 2016-05-28 06:16 - 19344384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2016-06-15 09:05 - 2016-05-28 06:16 - 00684544 _____ (Microsoft Corporation) C:\WINDOWS\system32\StructuredQuery.dll
2016-06-15 09:05 - 2016-05-28 06:16 - 00592896 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppContracts.dll
2016-06-15 09:05 - 2016-05-28 06:16 - 00503808 _____ (Microsoft Corporation) C:\WINDOWS\system32\tileobjserver.dll
2016-06-15 09:05 - 2016-05-28 06:15 - 01056256 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpMapControl.dll
2016-06-15 09:05 - 2016-05-28 06:15 - 00853504 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
2016-06-15 09:05 - 2016-05-28 06:15 - 00794624 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
2016-06-15 09:05 - 2016-05-28 06:15 - 00349696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapConfiguration.dll
2016-06-15 09:05 - 2016-05-28 06:14 - 18674176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2016-06-15 09:05 - 2016-05-28 06:14 - 01716736 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRHInproc.dll
2016-06-15 09:05 - 2016-05-28 06:14 - 00988160 _____ (Microsoft Corporation) C:\WINDOWS\system32\NMAA.dll
2016-06-15 09:05 - 2016-05-28 06:14 - 00784384 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2016-06-15 09:05 - 2016-05-28 06:14 - 00606208 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2016-06-15 09:05 - 2016-05-28 06:14 - 00499712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MessagingDataModel2.dll
2016-06-15 09:05 - 2016-05-28 06:13 - 00990208 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModel.dll
2016-06-15 09:05 - 2016-05-28 06:13 - 00982016 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxPackaging.dll
2016-06-15 09:05 - 2016-05-28 06:13 - 00939520 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlCore.dll
2016-06-15 09:05 - 2016-05-28 06:13 - 00467456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppContracts.dll
2016-06-15 09:05 - 2016-05-28 06:12 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JpMapControl.dll
2016-06-15 09:05 - 2016-05-28 06:12 - 00614400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll
2016-06-15 09:05 - 2016-05-28 06:12 - 00521728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StructuredQuery.dll
2016-06-15 09:05 - 2016-05-28 06:11 - 00890368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxPackaging.dll
2016-06-15 09:05 - 2016-05-28 06:11 - 00784896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NMAA.dll
2016-06-15 09:05 - 2016-05-28 06:11 - 00711680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapControlCore.dll
2016-06-15 09:05 - 2016-05-28 06:11 - 00687616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2016-06-15 09:05 - 2016-05-28 06:11 - 00504320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2016-06-15 09:05 - 2016-05-28 06:08 - 13385728 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2016-06-15 09:05 - 2016-05-28 06:08 - 06295552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll
2016-06-15 09:05 - 2016-05-28 06:06 - 12128256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2016-06-15 09:05 - 2016-05-28 06:06 - 07200256 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2016-06-15 09:05 - 2016-05-28 06:06 - 01339904 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpsvc.dll
2016-06-15 09:05 - 2016-05-28 06:05 - 03994624 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2016-06-15 09:05 - 2016-05-28 06:05 - 03664896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2016-06-15 09:05 - 2016-05-28 06:05 - 02582016 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2016-06-15 09:05 - 2016-05-28 06:05 - 01797120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2016-06-15 09:05 - 2016-05-28 06:04 - 06973952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2016-06-15 09:05 - 2016-05-28 06:03 - 05323776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2016-06-15 09:05 - 2016-05-28 06:03 - 05205504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2016-06-15 09:05 - 2016-05-28 06:03 - 02609664 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2016-06-15 09:05 - 2016-05-28 06:03 - 01185280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LocationFramework.dll
2016-06-15 09:05 - 2016-05-28 06:02 - 03590144 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2016-06-15 09:05 - 2016-05-28 06:02 - 02061824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2016-06-15 09:05 - 2016-05-28 06:02 - 01534464 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationFramework.dll
2016-06-15 09:05 - 2016-05-28 06:01 - 01799680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
2016-06-15 09:05 - 2016-05-28 06:01 - 01582080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2016-06-15 09:05 - 2016-05-28 06:01 - 01500160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2016-06-15 09:05 - 2016-05-28 06:00 - 05660160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2016-06-15 09:05 - 2016-05-28 06:00 - 03585536 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll
2016-06-15 09:05 - 2016-05-28 06:00 - 02635776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2016-06-15 09:05 - 2016-05-28 06:00 - 02168320 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2016-06-15 09:05 - 2016-05-28 06:00 - 01730560 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2016-06-15 09:05 - 2016-05-28 06:00 - 01707520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActiveSyncProvider.dll
2016-06-15 09:05 - 2016-05-28 05:58 - 07832576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2016-06-15 09:05 - 2016-05-28 05:58 - 04896256 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2016-06-15 09:05 - 2016-05-28 05:58 - 02066432 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2016-06-15 09:05 - 2016-05-28 05:58 - 01996288 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActiveSyncProvider.dll
2016-06-15 09:05 - 2016-05-28 05:57 - 02281472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2016-06-15 09:05 - 2016-05-28 05:55 - 01390080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll
2016-06-15 09:04 - 2016-05-28 08:13 - 01184960 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2016-06-15 09:04 - 2016-05-28 08:13 - 00514752 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2016-06-15 09:04 - 2016-05-28 08:13 - 00092352 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2016-06-15 09:04 - 2016-05-28 07:23 - 00388384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ws2_32.dll
2016-06-15 09:04 - 2016-05-28 07:23 - 00312160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mswsock.dll
2016-06-15 09:04 - 2016-05-28 07:22 - 00428896 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2016-06-15 09:04 - 2016-05-28 07:22 - 00211296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tpm.sys
2016-06-15 09:04 - 2016-05-28 07:22 - 00118624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\partmgr.sys
2016-06-15 09:04 - 2016-05-28 07:18 - 00357216 _____ (Microsoft Corporation) C:\WINDOWS\system32\mswsock.dll
2016-06-15 09:04 - 2016-05-28 07:16 - 00026408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2016-06-15 09:04 - 2016-05-28 07:09 - 00170848 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkUXBroker.exe
2016-06-15 09:04 - 2016-05-28 07:09 - 00084832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupApi.dll
2016-06-15 09:04 - 2016-05-28 07:08 - 00258912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ufx01000.sys
2016-06-15 09:04 - 2016-05-28 07:08 - 00115040 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupApi.dll
2016-06-15 09:04 - 2016-05-28 07:07 - 00957608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2016-06-15 09:04 - 2016-05-28 07:07 - 00331616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2016-06-15 09:04 - 2016-05-28 07:06 - 22561256 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2016-06-15 09:04 - 2016-05-28 07:06 - 04074160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2016-06-15 09:04 - 2016-05-28 07:06 - 00303216 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppHost.exe
2016-06-15 09:04 - 2016-05-28 07:06 - 00254656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppHost.exe
2016-06-15 09:04 - 2016-05-28 07:04 - 00604928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2016-06-15 09:04 - 2016-05-28 07:04 - 00431296 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcryptprimitives.dll
2016-06-15 09:04 - 2016-05-28 07:04 - 00360480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcryptprimitives.dll
2016-06-15 09:04 - 2016-05-28 07:04 - 00161632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2016-06-15 09:04 - 2016-05-28 07:04 - 00111064 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncryptsslp.dll
2016-06-15 09:04 - 2016-05-28 07:04 - 00097096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncryptsslp.dll
2016-06-15 09:04 - 2016-05-28 07:03 - 00131248 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpapi.dll
2016-06-15 09:04 - 2016-05-28 06:57 - 00577376 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2016-06-15 09:04 - 2016-05-28 06:31 - 00088576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll
2016-06-15 09:04 - 2016-05-28 06:29 - 00079360 _____ (Microsoft Corporation) C:\WINDOWS\system32\adhsvc.dll
2016-06-15 09:04 - 2016-05-28 06:29 - 00019456 _____ (Microsoft Corporation) C:\WINDOWS\system32\httpprxp.dll
2016-06-15 09:04 - 2016-05-28 06:28 - 00166400 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2016-06-15 09:04 - 2016-05-28 06:28 - 00090112 _____ (Microsoft Corporation) C:\WINDOWS\system32\FwRemoteSvr.dll
2016-06-15 09:04 - 2016-05-28 06:26 - 00199168 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2016-06-15 09:04 - 2016-05-28 06:26 - 00157184 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcertinst.exe
2016-06-15 09:04 - 2016-05-28 06:26 - 00145920 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmclient.exe
2016-06-15 09:04 - 2016-05-28 06:25 - 00112640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthenum.sys
2016-06-15 09:04 - 2016-05-28 06:24 - 00218624 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll
2016-06-15 09:04 - 2016-05-28 06:24 - 00124928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Ndu.sys
2016-06-15 09:04 - 2016-05-28 06:24 - 00091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2016-06-15 09:04 - 2016-05-28 06:24 - 00086528 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppCapture.dll
2016-06-15 09:04 - 2016-05-28 06:24 - 00067072 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcsvc6.dll
2016-06-15 09:04 - 2016-05-28 06:24 - 00053760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FwRemoteSvr.dll
2016-06-15 09:04 - 2016-05-28 06:23 - 00155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidclass.sys
2016-06-15 09:04 - 2016-05-28 06:23 - 00086016 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcsvc.dll
2016-06-15 09:04 - 2016-05-28 06:22 - 00406528 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2016-06-15 09:04 - 2016-05-28 06:22 - 00368640 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2016-06-15 09:04 - 2016-05-28 06:22 - 00278528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netbt.sys
2016-06-15 09:04 - 2016-05-28 06:22 - 00161280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
2016-06-15 09:04 - 2016-05-28 06:22 - 00079872 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptsvc.dll
2016-06-15 09:04 - 2016-05-28 06:21 - 00550912 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2016-06-15 09:04 - 2016-05-28 06:21 - 00239104 _____ (Microsoft Corporation) C:\WINDOWS\system32\BrokerLib.dll
2016-06-15 09:04 - 2016-05-28 06:21 - 00207360 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupSvc.dll
2016-06-15 09:04 - 2016-05-28 06:20 - 00641536 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2016-06-15 09:04 - 2016-05-28 06:20 - 00511488 _____ (Microsoft Corporation) C:\WINDOWS\system32\newdev.dll
2016-06-15 09:04 - 2016-05-28 06:20 - 00332288 _____ (Microsoft Corporation) C:\WINDOWS\system32\polstore.dll
2016-06-15 09:04 - 2016-05-28 06:20 - 00267264 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore6.dll
2016-06-15 09:04 - 2016-05-28 06:20 - 00199168 _____ (Microsoft Corporation) C:\WINDOWS\system32\GnssAdapter.dll
2016-06-15 09:04 - 2016-05-28 06:20 - 00174080 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Privacy.dll
2016-06-15 09:04 - 2016-05-28 06:20 - 00057344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcsvc6.dll
2016-06-15 09:04 - 2016-05-28 06:19 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2016-06-15 09:04 - 2016-05-28 06:19 - 00414720 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.exe
2016-06-15 09:04 - 2016-05-28 06:19 - 00355840 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore.dll
2016-06-15 09:04 - 2016-05-28 06:19 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcsvc.dll
2016-06-15 09:04 - 2016-05-28 06:18 - 00610816 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastls.dll
2016-06-15 09:04 - 2016-05-28 06:18 - 00591360 _____ (Microsoft Corporation) C:\WINDOWS\system32\vpnike.dll
2016-06-15 09:04 - 2016-05-28 06:18 - 00392192 _____ (Microsoft Corporation) C:\WINDOWS\system32\IPSECSVC.DLL
2016-06-15 09:04 - 2016-05-28 06:17 - 00485888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\newdev.dll
2016-06-15 09:04 - 2016-05-28 06:17 - 00415232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll
2016-06-15 09:04 - 2016-05-28 06:17 - 00315392 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXTaskFactory.dll
2016-06-15 09:04 - 2016-05-28 06:17 - 00278016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2016-06-15 09:04 - 2016-05-28 06:17 - 00173056 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmmigrator.dll
2016-06-15 09:04 - 2016-05-28 06:16 - 00690176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2016-06-15 09:04 - 2016-05-28 06:16 - 00406528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys
2016-06-15 09:04 - 2016-05-28 06:16 - 00291328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\polstore.dll
2016-06-15 09:04 - 2016-05-28 06:16 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore6.dll
2016-06-15 09:04 - 2016-05-28 06:15 - 00535040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastls.dll
2016-06-15 09:04 - 2016-05-28 06:15 - 00293888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore.dll
2016-06-15 09:04 - 2016-05-28 06:15 - 00237056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys
2016-06-15 09:04 - 2016-05-28 06:14 - 00965632 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2016-06-15 09:04 - 2016-05-28 06:14 - 00219136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VEEventDispatcher.dll
2016-06-15 09:04 - 2016-05-28 06:14 - 00200192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2016-06-15 09:04 - 2016-05-28 06:13 - 01387520 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2016-06-15 09:04 - 2016-05-28 06:13 - 00954368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2016-06-15 09:04 - 2016-05-28 06:13 - 00587776 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2016-06-15 09:04 - 2016-05-28 06:13 - 00084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BTHUSB.SYS
2016-06-15 09:04 - 2016-05-28 06:11 - 01445888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRHInproc.dll
2016-06-15 09:04 - 2016-05-28 06:11 - 00799744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRH.dll
2016-06-15 09:04 - 2016-05-28 06:11 - 00128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\httpprxm.dll
2016-06-15 09:04 - 2016-05-28 06:09 - 01073152 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2016-06-15 09:04 - 2016-05-28 06:04 - 00555520 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncController.dll
2016-06-15 09:04 - 2016-05-28 06:04 - 00450560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SyncController.dll
2016-06-15 09:04 - 2016-05-28 06:03 - 00693760 _____ (Microsoft Corporation) C:\WINDOWS\system32\internetmail.dll
2016-06-15 09:04 - 2016-05-28 06:03 - 00417792 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll
2016-06-15 09:04 - 2016-05-28 06:02 - 00103424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\updatepolicy.dll
2016-06-15 09:04 - 2016-05-28 06:01 - 00111104 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll
2016-06-15 09:04 - 2016-05-28 06:00 - 02230272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2016-06-15 09:04 - 2016-05-28 06:00 - 00162816 _____ (Microsoft Corporation) C:\WINDOWS\system32\enrollmentapi.dll
2016-06-15 09:04 - 2016-05-28 06:00 - 00151040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mdmregistration.dll
2016-06-15 09:04 - 2016-05-28 06:00 - 00090624 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceEnroller.exe
2016-06-15 09:04 - 2016-05-28 05:59 - 00176640 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll
2016-06-15 09:04 - 2016-05-28 05:58 - 02755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2016-06-15 09:04 - 2016-05-28 05:53 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcpopkeysrv.dll
2016-06-14 09:28 - 2016-06-14 09:28 - 00000000 ____D C:\Users\Gerhard\AppData\Roaming\Mailbird
2016-06-14 09:18 - 2016-06-14 09:18 - 00001262 _____ C:\Users\Gerhard\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Amazon Drive.lnk
2016-06-14 09:18 - 2016-06-14 09:18 - 00001250 _____ C:\Users\Gerhard\Desktop\Amazon Drive.lnk
2016-06-14 09:18 - 2016-06-14 09:18 - 00000000 ____D C:\Users\Gerhard\AppData\Roaming\Amazon Cloud Drive
2016-06-14 09:18 - 2016-06-14 09:18 - 00000000 ____D C:\Users\Gerhard\AppData\Local\Amazon Drive
2016-06-13 14:58 - 2016-06-13 14:58 - 00000000 ____D C:\ProgramData\Mailbird
2016-06-13 14:57 - 2016-07-01 19:43 - 00000000 ____D C:\Program Files (x86)\Mailbird
2016-06-13 14:57 - 2016-06-19 11:42 - 00000000 ____D C:\Users\Admin\AppData\Local\Mailbird
2016-06-13 14:57 - 2016-06-13 14:58 - 00000000 ____D C:\Users\Gerhard\AppData\Local\Mailbird
2016-06-13 14:57 - 2016-06-13 14:57 - 00000000 ____D C:\Users\Admin\AppData\Roaming\Mailbird
2016-06-13 09:55 - 2016-06-13 09:55 - 00000000 ____D C:\Users\Gerhard\Documents\MAGIX_MusicEditor
2016-06-13 09:53 - 2016-06-13 09:53 - 00000000 ____D C:\Users\Gerhard\Documents\Outlook-Dateien
2016-06-11 17:06 - 2016-06-11 17:06 - 00000000 ____D C:\Users\Admin\AppData\Roaming\sp6_log
2016-06-11 09:50 - 2016-06-11 09:50 - 00018960 _____ (Logitech, Inc.) C:\WINDOWS\system32\Drivers\LNonPnP.sys
2016-06-11 09:50 - 2016-06-11 09:50 - 00000000 ____D C:\Users\Public\Documents\Logishrd
2016-06-11 09:49 - 2016-06-19 10:55 - 00000000 ____D C:\ProgramData\Logishrd
2016-06-11 09:49 - 2016-06-11 09:49 - 00000000 ____D C:\Users\Admin\AppData\Roaming\Logitech
2016-06-11 09:48 - 2016-06-19 11:42 - 00000000 ____D C:\Users\Admin\AppData\Roaming\Logishrd
2016-06-11 09:48 - 2016-06-18 11:31 - 00000000 ____D C:\Users\Gerhard\AppData\Roaming\Logishrd
2016-06-11 09:48 - 2016-06-11 09:50 - 00000000 ____D C:\Users\Gerhard\AppData\Roaming\Logitech
2016-06-11 09:24 - 2016-06-11 09:24 - 00000000 ____D C:\ProgramData\Synaptics
2016-06-10 10:56 - 2016-06-11 17:45 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-06-07 11:09 - 2016-06-07 11:09 - 00001822 _____ C:\Users\Public\Desktop\iTunes.lnk
2016-06-07 11:09 - 2016-06-07 11:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2016-06-07 11:09 - 2016-06-07 11:09 - 00000000 ____D C:\Program Files\iTunes
2016-06-07 11:09 - 2016-06-07 11:09 - 00000000 ____D C:\Program Files\iPod
2016-06-07 11:09 - 2016-06-07 11:09 - 00000000 ____D C:\Program Files (x86)\iTunes
2016-06-06 11:11 - 2016-07-01 21:24 - 00004158 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{5B9B2337-9EE6-4DC0-ADCC-E0CED2F6F242}
2016-06-06 11:06 - 2016-06-06 11:06 - 00002929 _____ C:\Users\Public\Desktop\Ginger.lnk
2016-06-06 11:06 - 2016-06-06 11:06 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ginger
2016-06-03 08:05 - 2016-06-03 08:05 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
2016-06-03 08:05 - 2016-06-03 08:05 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_WinUSB_01007.Wdf
         
FRST.txt Teil 3

Code:
ATTFilter
==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-07-03 16:04 - 2016-01-25 11:53 - 00000000 ____D C:\Users\Admin\AppData\Roaming\SynciOS Data Transfer
2016-07-03 16:04 - 2015-01-09 11:48 - 00001106 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2016-07-03 16:04 - 2014-09-17 01:05 - 00000000 ____D C:\Users\Admin\AppData\Local\Adobe
2016-07-03 15:57 - 2016-05-31 14:18 - 00000000 ____D C:\Windows.old
2016-07-03 14:22 - 2016-02-20 20:44 - 00000000 ____D C:\Users\Gerhard\AppData\LocalLow\Temp
2016-07-03 09:49 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-07-03 09:48 - 2014-09-23 16:45 - 00000592 _____ C:\WINDOWS\Tasks\G2MUpdateTask-S-1-5-21-3206007939-3703904605-1476991908-1001.job
2016-07-03 09:44 - 2016-06-01 15:31 - 00004162 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{9D9B4E17-348B-4D2C-A838-E2FA66311794}
2016-07-03 09:44 - 2016-05-31 13:23 - 02113406 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-07-03 09:44 - 2015-10-30 20:35 - 00899366 _____ C:\WINDOWS\system32\perfh007.dat
2016-07-03 09:44 - 2015-10-30 20:35 - 00201816 _____ C:\WINDOWS\system32\perfc007.dat
2016-07-03 09:44 - 2015-10-30 09:24 - 00000000 ___HD C:\Program Files\WindowsApps
2016-07-03 09:44 - 2015-10-30 09:21 - 00000000 ____D C:\WINDOWS\INF
2016-07-03 09:44 - 2014-09-17 16:00 - 00000000 ____D C:\Users\Gerhard\AppData\Local\Adobe
2016-07-03 09:43 - 2014-09-17 01:06 - 00000884 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2016-07-03 09:39 - 2016-01-25 10:11 - 00000000 ____D C:\Users\Gerhard\AppData\Roaming\SynciOS Data Transfer
2016-07-03 09:38 - 2016-05-31 13:34 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-07-03 09:38 - 2016-05-31 13:22 - 00000000 ____D C:\ProgramData\NVIDIA
2016-07-03 09:38 - 2016-01-25 12:44 - 00000000 ___RD C:\Users\Gerhard\iCloudDrive
2016-07-03 08:46 - 2015-10-30 08:28 - 00524288 ___SH C:\WINDOWS\system32\config\BBI
2016-07-02 23:37 - 2015-06-20 22:27 - 00001232 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-3206007939-3703904605-1476991908-1001UA.job
2016-07-02 23:28 - 2014-12-04 19:53 - 00001128 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3206007939-3703904605-1476991908-1001UA.job
2016-07-02 23:13 - 2015-01-09 11:48 - 00001110 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2016-07-02 23:07 - 2015-05-30 22:42 - 00000688 _____ C:\WINDOWS\Tasks\G2MUploadTask-S-1-5-21-3206007939-3703904605-1476991908-1001.job
2016-07-02 23:06 - 2014-09-17 14:10 - 00000000 ____D C:\Program Files (x86)\Emsisoft Anti-Malware
2016-07-02 23:00 - 2015-07-27 10:36 - 00000000 ____D C:\Program Files\Common Files\Bitdefender
2016-07-02 22:59 - 2014-09-17 00:31 - 00544602 _____ C:\bdlog.txt
2016-07-02 22:25 - 2015-10-30 08:28 - 00065536 ___SH C:\WINDOWS\system32\config\ELAM
2016-07-02 18:19 - 2015-08-29 14:43 - 00000000 ____D C:\Program Files (x86)\Yahoo!
2016-07-02 15:37 - 2015-06-20 22:27 - 00001180 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-3206007939-3703904605-1476991908-1001Core.job
2016-07-02 12:59 - 2015-12-11 18:30 - 00000000 ____D C:\AddOns
2016-07-02 00:28 - 2014-12-04 19:53 - 00001076 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3206007939-3703904605-1476991908-1001Core.job
2016-07-01 23:00 - 2014-09-23 10:04 - 00000000 ____D C:\Program Files (x86)\phase5
2016-07-01 21:37 - 2015-05-30 22:42 - 00003848 _____ C:\WINDOWS\System32\Tasks\G2MUploadTask-S-1-5-21-3206007939-3703904605-1476991908-1001
2016-07-01 21:37 - 2014-09-23 16:45 - 00003752 _____ C:\WINDOWS\System32\Tasks\G2MUpdateTask-S-1-5-21-3206007939-3703904605-1476991908-1001
2016-07-01 19:42 - 2016-05-31 13:23 - 00000000 ____D C:\Users\Gerhard
2016-07-01 14:10 - 2016-05-31 15:18 - 00000000 ____D C:\Users\Gerhard\AppData\Local\Packages
2016-07-01 13:09 - 2016-03-25 10:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AbiWord Word Processor
2016-07-01 13:09 - 2016-01-20 17:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Franzis HDR Projects Professional 3 (64-bit)
2016-07-01 13:09 - 2014-10-15 09:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TheBestSpinner3
2016-07-01 13:07 - 2016-05-31 14:21 - 00000000 ___DC C:\WINDOWS\Panther
2016-07-01 01:05 - 2014-09-16 18:43 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2016-07-01 01:05 - 2014-09-16 18:43 - 00000000 ____D C:\Program Files (x86)\Realtek
2016-07-01 00:16 - 2014-12-14 22:36 - 00000000 ____D C:\Users\Admin\AppData\Local\CrashDumps
2016-07-01 00:16 - 2014-11-18 18:30 - 00000000 ____D C:\Users\Admin\AppData\Roaming\inkscape
2016-06-30 23:55 - 2015-10-30 12:31 - 00000000 ____D C:\Program Files\Common Files\Topaz Labs
2016-06-30 23:53 - 2015-03-18 20:33 - 00000000 ____D C:\ProgramData\TechSmith
2016-06-30 23:53 - 2015-03-18 19:01 - 00000000 ____D C:\Users\Admin\AppData\Local\TechSmith
2016-06-30 23:53 - 2014-09-17 14:24 - 00000000 ____D C:\ProgramData\Package Cache
2016-06-30 23:30 - 2014-09-20 11:53 - 00000000 ____D C:\Program Files\Xara
2016-06-30 23:26 - 2015-05-28 17:07 - 00000000 ____D C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PhotoZoom Pro 6
2016-06-30 11:19 - 2015-07-21 15:35 - 00000214 _____ C:\Users\Public\Desktop\My Software Deals.url
2016-06-30 11:19 - 2014-09-20 14:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ashampoo
2016-06-30 11:19 - 2014-09-20 14:21 - 00000000 ____D C:\ProgramData\Ashampoo
2016-06-30 11:19 - 2014-09-20 14:21 - 00000000 ____D C:\Program Files (x86)\Ashampoo
2016-06-29 17:05 - 2016-05-31 15:20 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2016-06-29 14:01 - 2014-10-15 09:09 - 00000000 ____D C:\Program Files (x86)\TheBestSpinner3
2016-06-29 14:00 - 2016-01-20 00:25 - 00000085 _____ C:\WINDOWS\wininit.ini
2016-06-29 14:00 - 2015-12-04 10:53 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2016-06-29 13:57 - 2016-04-19 17:18 - 00000000 ____D C:\ProgramData\Skype
2016-06-29 13:49 - 2016-04-27 21:53 - 00000000 ____D C:\Users\Gerhard\AppData\Roaming\MyPhoneExplorer
2016-06-29 13:47 - 2015-07-01 17:38 - 00000000 ____D C:\WINDOWS\lhsp
2016-06-29 13:44 - 2014-11-11 18:37 - 00000000 ____D C:\Program Files (x86)\Explaindio Video Creator
2016-06-29 13:43 - 2015-06-05 11:26 - 00000000 ____D C:\Program Files (x86)\Explaindio Video Creator 2
2016-06-29 13:40 - 2015-09-24 09:41 - 00000000 ____D C:\Program Files (x86)\EasySketchPro3
2016-06-29 13:38 - 2015-03-18 20:33 - 00000000 ____D C:\Program Files (x86)\QuickTime
2016-06-29 13:27 - 2016-03-25 21:02 - 00000000 ____D C:\Program Files (x86)\AbiWord
2016-06-28 11:43 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2016-06-28 09:48 - 2014-10-17 19:12 - 00000000 ____D C:\ProgramData\Oracle
2016-06-28 09:47 - 2014-10-17 19:12 - 00000000 ____D C:\Program Files (x86)\Java
2016-06-28 09:44 - 2016-05-20 15:37 - 00000000 ____D C:\Users\Admin\AppData\Roaming\Skype
2016-06-27 10:56 - 2015-07-09 09:37 - 02748416 _____ C:\Users\Gerhard\Desktop\Kurz Kunden_Kopie.accdb
2016-06-27 10:00 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\addins
2016-06-25 14:40 - 2014-10-30 10:53 - 00000000 ____D C:\Users\Gerhard\AppData\Roaming\Dropbox
2016-06-24 16:17 - 2016-05-31 13:23 - 00000000 ____D C:\Users\Acronis Agent User.Admin-PC
2016-06-24 16:12 - 2016-05-31 13:23 - 00000000 ____D C:\Users\Admin
2016-06-23 17:22 - 2014-09-22 12:57 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2016-06-23 17:22 - 2014-09-22 12:57 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2016-06-23 13:58 - 2015-10-30 09:24 - 00000000 ___SD C:\WINDOWS\Downloaded Program Files
2016-06-23 13:58 - 2015-10-30 09:24 - 00000000 ___RD C:\WINDOWS\Offline Web Pages
2016-06-23 12:32 - 2014-09-22 12:57 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2016-06-22 10:53 - 2015-06-20 22:27 - 00000000 ____D C:\Users\Gerhard\AppData\Local\Dropbox
2016-06-22 08:51 - 2015-10-30 09:24 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2016-06-22 08:49 - 2014-09-17 12:09 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2016-06-19 12:40 - 2016-03-07 17:46 - 00000000 ____D C:\Users\Admin\AppData\Roaming\ObjectNews2
2016-06-19 12:31 - 2014-11-14 10:56 - 00000000 ____D C:\Users\Gerhard\AppData\Roaming\SpiderOak
2016-06-19 11:48 - 2016-05-31 13:22 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2016-06-19 11:41 - 2016-05-31 13:55 - 00000000 __RHD C:\Users\Public\AccountPictures
2016-06-18 11:32 - 2015-01-09 11:48 - 00002264 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-06-18 11:32 - 2015-01-09 11:48 - 00002252 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-06-17 14:40 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\rescache
2016-06-17 14:38 - 2015-10-30 09:11 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-06-17 09:43 - 2014-09-17 01:06 - 00003858 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2016-06-16 14:56 - 2015-10-30 09:24 - 00000000 ___SD C:\WINDOWS\system32\DiagSvcs
2016-06-16 14:56 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2016-06-16 14:56 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\bcastdvr
2016-06-15 22:40 - 2014-09-16 19:13 - 00484008 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2016-06-15 10:29 - 2014-09-17 00:43 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-06-15 10:24 - 2014-09-17 00:43 - 142482544 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-06-14 20:33 - 2015-10-30 09:26 - 00828408 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2016-06-14 20:33 - 2015-10-30 09:26 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2016-06-13 09:56 - 2016-04-26 17:51 - 00000000 ____D C:\Program Files (x86)\deepinvent
2016-06-11 17:45 - 2014-09-16 20:57 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-06-09 13:40 - 2016-05-20 14:28 - 00000000 ____D C:\Users\Gerhard\HDR Projects 4 Pro
2016-06-09 08:24 - 2016-05-31 13:55 - 00000000 ____D C:\Users\Admin\AppData\Local\Packages
2016-06-09 08:09 - 2014-09-17 16:00 - 00000000 ____D C:\Users\Gerhard\AppData\Local\NVIDIA
2016-06-07 17:23 - 2014-09-18 13:21 - 00000000 ____D C:\Users\Gerhard\AppData\Roaming\eM Client
2016-06-07 11:09 - 2014-12-20 19:43 - 00000000 ____D C:\Program Files\Common Files\Apple
2016-06-06 11:06 - 2015-08-06 17:57 - 00000000 ____D C:\Program Files (x86)\Ginger
2016-06-06 09:06 - 2015-10-25 17:44 - 00002469 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat DC.lnk
2016-06-06 09:06 - 2015-10-25 17:44 - 00002114 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat Distiller DC.lnk
2016-06-04 02:51 - 2015-07-13 20:45 - 13553096 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvlddmkm.sys
2016-06-03 09:22 - 2016-05-31 14:38 - 17432544 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvd3dumx.dll
2016-06-03 09:22 - 2015-07-13 20:45 - 20375488 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvwgf2umx.dll
2016-06-03 09:22 - 2015-07-13 20:45 - 17729184 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvwgf2um.dll
2016-06-03 09:22 - 2015-07-13 20:45 - 14462536 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvd3dum.dll
2016-06-03 09:22 - 2015-07-13 20:45 - 03811256 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2016-06-03 09:22 - 2015-07-13 20:45 - 03371624 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2016-06-03 09:22 - 2015-07-13 20:45 - 00040084 _____ C:\WINDOWS\system32\nvinfo.pb
2016-06-03 05:59 - 2016-05-31 13:22 - 06452948 _____ C:\WINDOWS\system32\nvcoproc.bin
2016-06-03 05:59 - 2016-05-31 13:22 - 06364216 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2016-06-03 05:59 - 2016-05-31 13:22 - 02455608 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2016-06-03 05:59 - 2016-05-31 13:22 - 01762752 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2016-06-03 05:59 - 2016-05-31 13:22 - 01352760 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvvsvc.exe
2016-06-03 05:59 - 2016-05-31 13:22 - 00392128 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2016-06-03 05:59 - 2016-05-31 13:22 - 00069568 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2016-06-03 05:59 - 2016-02-02 11:09 - 00534072 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll
2016-06-03 05:59 - 2016-02-02 11:09 - 00081856 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2014-11-21 12:12 - 2014-11-21 12:12 - 0000017 _____ () C:\Program Files (x86)\Setup.ini
2015-09-18 12:00 - 2016-06-13 09:57 - 16790552 _____ (LastPass) C:\Program Files (x86)\Common Files\lpuninstall.exe
2015-07-01 17:38 - 2015-07-01 17:38 - 0000093 _____ () C:\Users\Admin\AppData\Local\fusioncache.dat
2014-11-19 01:29 - 2014-11-19 01:29 - 0001238 _____ () C:\Users\Admin\AppData\Local\recently-used.xbel
2015-07-08 22:28 - 2015-07-08 22:28 - 0000017 _____ () C:\Users\Admin\AppData\Local\resmon.resmoncfg
2016-07-02 23:00 - 2016-07-02 23:00 - 0243000 _____ () C:\ProgramData\1467493112.bdinstall.bin
2016-07-02 23:04 - 2016-07-02 23:04 - 0027621 _____ () C:\ProgramData\1467493461.bdinstall.bin
2015-03-12 01:33 - 2015-03-12 01:33 - 0000119 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc

Einige Dateien in TEMP:
====================
C:\Users\Admin\AppData\Local\Temp\libeay32.dll
C:\Users\Admin\AppData\Local\Temp\msvcr120.dll
C:\Users\Admin\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2016-06-24 08:44

==================== Ende von FRST.txt ============================
         

Alt 03.07.2016, 16:18   #14
pinocchio
 
Banking Trojaner auf Smartphone, Online Konto gehackt, Login mit Laptop nicht möglich - Standard

Banking Trojaner auf Smartphone, Online Konto gehackt, Login mit Laptop nicht möglich



Addition.txt

Code:
ATTFilter
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 02-07-2016
durchgeführt von Admin (2016-07-03 16:07:08)
Gestartet von D:\DOWNLOADS 2
Windows 10 Home Version 1511 (X64) (2016-05-31 11:55:28)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Acronis Agent User (S-1-5-21-3206007939-3703904605-1476991908-1009 - Administrator - Enabled) => C:\Users\Acronis Agent User.Admin-PC
Admin (S-1-5-21-3206007939-3703904605-1476991908-1000 - Administrator - Enabled) => C:\Users\Admin
Administrator (S-1-5-21-3206007939-3703904605-1476991908-500 - Administrator - Disabled)
ASPNET (S-1-5-21-3206007939-3703904605-1476991908-1005 - Limited - Enabled)
DefaultAccount (S-1-5-21-3206007939-3703904605-1476991908-503 - Limited - Disabled)
Gast (S-1-5-21-3206007939-3703904605-1476991908-501 - Limited - Disabled)
Gerhard (S-1-5-21-3206007939-3703904605-1476991908-1001 - Limited - Enabled) => C:\Users\Gerhard
HomeGroupUser$ (S-1-5-21-3206007939-3703904605-1476991908-1003 - Limited - Enabled)

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Emsisoft Internet Security (Enabled - Up to date) {15510D9D-6530-DA29-224F-7BA1BDD1CB58}
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Emsisoft Internet Security (Enabled - Up to date) {AE30EC79-430A-D5A7-18FF-40D3C65681E5}
FW: Emsisoft Internet Security (Enabled) {2D6A8CB8-2F5F-DB71-0910-D29443028C23}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Acronis Backup Client (HKLM\...\9EBDE6F5-EAE6-4326-A3A1-DEAA29F32D1D_BackupAndRecovery) (Version: 12.0.1150 - Acronis)
Acronis Backup Client (Version: 12.0.1150 - Acronis) Hidden
Adalyzer (HKU\S-1-5-21-3206007939-3703904605-1476991908-1001\...\5b021bb11398c934) (Version: 1.0.4.0 - Richard Grear)
Adobe Acrobat DC (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-0C0F074E4100}) (Version: 15.016.20045 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 19.0.0.241 - Adobe Systems Incorporated)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 3.4.1.181 - Adobe Systems Incorporated)
Adobe Flash Player 22 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 22.0.0.192 - Adobe Systems Incorporated)
Adobe Illustrator CC 2015 (HKLM-x32\...\ILST_19_2_1) (Version: 19.2.1 - Adobe Systems Incorporated)
Adobe Photoshop CC 2015 (HKLM-x32\...\{793C2BF7-A4FE-4608-91C9-9282C5801C21}) (Version: 16.1.2 - Adobe Systems Incorporated)
Akeeba eXtract Wizard 3.3 (HKLM-x32\...\{C5A52C02-1618-47DB-8A92-559DE29048EC}_is1) (Version:  - Akeeba Developers)
Amazon Drive (HKU\S-1-5-21-3206007939-3703904605-1476991908-1001\...\Amazon Drive) (Version: 3.5.2.48 - Amazon.com, Inc.)
Amazon Kindle (HKLM-x32\...\Amazon Kindle) (Version:  - Amazon)
Amazon Kindle (HKU\S-1-5-21-3206007939-3703904605-1476991908-1001\...\Amazon Kindle) (Version:  - Amazon)
Apple Application Support (32-Bit) (HKLM-x32\...\{26356515-5821-40FA-9C3D-9785052A1062}) (Version: 4.3.1 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{C2651553-6CA3-4822-B2E6-BC4ACA6E0EA2}) (Version: 4.3.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{2E4AF2A6-50EA-4260-9BA4-5E582D11879A}) (Version: 9.3.0.15 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: 2.2.0.150 - Apple Inc.)
Ashampoo Burning Studio 14 v.14.0.5 (HKLM-x32\...\{91B33C97-7BCF-CDFE-4321-58EBF3E8641C}_is1) (Version: 14.0.5 - Ashampoo GmbH & Co. KG)
Ashampoo Snap 9 (HKLM-x32\...\{0A11EA01-D628-EEFD-B5E8-864238AE9105}_is1) (Version: 9.0.1 - Ashampoo GmbH & Co. KG)
Ashampoo UnInstaller 6 (HKLM-x32\...\{4209F371-7DE5-9DF2-5DEF-91667EBBBBC5}_is1) (Version: 6.00.14 - Ashampoo GmbH & Co. KG)
Atheros Bluetooth Suite (64) (HKLM\...\{230D1595-57DA-4933-8C4E-375797EBB7E1}) (Version: 7.04.000.98 - Atheros)
ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0031 - ASUS)
Audials (HKLM-x32\...\{1AF206E6-6828-44F8-8518-43FF76F43F0C}) (Version: 12.0.63100.0 - Audials AG)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Canon IJ Network Scanner Selector EX (HKLM-x32\...\Canon_IJ_Network_Scanner_Selector_EX) (Version:  - )
Canon IJ Network Tool (HKLM-x32\...\Canon_IJ_Network_UTILITY) (Version: 3.1.1 - Canon Inc.)
Canon MG6200 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG6200_series) (Version:  - Canon Inc.)
Canon MP Navigator EX 5.0 (HKLM-x32\...\MP Navigator EX 5.0) (Version:  - )
Citrix Online Launcher (HKLM-x32\...\{DB014C85-A264-4BCA-A66F-6DD1FCF8EC36}) (Version: 1.0.335 - Citrix)
Crowd Force Pro (HKLM-x32\...\CrowdForce) (Version: 0.46.0 - UNKNOWN)
Crowd Force Pro (x32 Version: 0.46.0 - UNKNOWN) Hidden
Cyberduck 19355 (4.8.4) (HKLM-x32\...\Cyberduck) (Version: 19355 (4.8.4) - )
Document Manager (HKU\S-1-5-21-3206007939-3703904605-1476991908-1000\...\DocumentManager) (Version:  - WonderFox Soft, Inc. All Rights Reserved.)
Dropbox (HKU\S-1-5-21-3206007939-3703904605-1476991908-1001\...\Dropbox) (Version: 5.4.24 - Dropbox, Inc.)
eM Client (HKLM-x32\...\{7B35918E-43E4-45AF-8F1B-C15D86CA919D}) (Version: 6.0.24928.0 - eM Client Inc.)
Emsisoft Internet Security (HKLM\...\{5502032C-88C1-4303-99FE-B5CBD7684CEA}_is1) (Version: 11.9 - Emsisoft Ltd.)
FileZilla Client 3.17.0 (HKLM-x32\...\FileZilla Client) (Version: 3.17.0 - Tim Kosse)
Firebird SQL Server - MAGIX Edition (HKLM-x32\...\{39AB2E37-1A55-4292-A5D3-971E9F70D0F8}) (Version: 2.1.32.0 - MAGIX AG)
Fresco Logic USB3.0 Host Controller (HKLM\...\{FFF6BB59-380A-4338-AEFB-226F511C0713}) (Version: 3.5.73.0 - Fresco Logic Inc.)
FreshTitle (HKLM-x32\...\FreshTitle1.0.0.4) (Version: 1.0.0.4 - AppBreed)
Ginger (HKLM-x32\...\InstallShield_{1EBF9A59-F4E3-4EA7-BA97-76703C1432F6}) (Version: 3.7.63 - Ginger Software)
Ginger (x32 Version: 3.7.63 - Ginger Software) Hidden
GMX ProfiFax (HKLM-x32\...\GMX ProfiFax) (Version: 2.00.236 - 1&1 Mail & Media GmbH)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 51.0.2704.103 - Google Inc.)
Google Talk Plugin (HKLM-x32\...\{F9B579C2-D854-300A-BE62-A09EB9D722E4}) (Version: 5.41.3.0 - Google)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.30.3 - Google Inc.) Hidden
GoToMeeting 7.20.0.5174 (HKU\S-1-5-21-3206007939-3703904605-1476991908-1001\...\GoToMeeting) (Version: 7.20.0.5174 - CitrixOnline)
Grammarly for Microsoft® Office Suite (HKU\S-1-5-21-3206007939-3703904605-1476991908-1000\...\{d80a94d2-12b9-4a80-ae43-302f51e5f6b3}) (Version: 6.5.43 - Grammarly)
Grammarly for Microsoft® Office Suite (Version: 6.5.43 - Grammarly) Hidden
HappyFingers Version 3.0.0 (HKLM-x32\...\{3C2AE644-A64E-4291-92F1-800380989EE2}_is1) (Version: 3.0.0 - Red Trolley Software Pty Ltd)
HMA! Pro VPN 2.8.24.0 (HKLM-x32\...\HMA! Pro VPN) (Version: 2.8.24.0 - Privax Ltd)
iCloud (HKLM\...\{ADFDB647-35C0-4254-9EE6-2D9C3B7104BD}) (Version: 5.2.1.69 - Apple Inc.)
Inkscape 0.48.5 (HKLM-x32\...\Inkscape) (Version: 0.48.5 - )
Inkscape 0.91 (HKLM\...\{81922150-317E-4BB0-A31D-FF1C14F707C5}) (Version: 0.91 - inkscape.org)
InstantArticleWizard (HKLM-x32\...\InstantArticleWizard) (Version:  - )
Interst Architect (HKLM-x32\...\Interst Architect1.0.0.6) (Version: 1.0.0.6 - InnAnTech Industries Inc.)
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.38 - Irfan Skiljan)
iTunes (HKLM\...\{9F4BF859-C3A4-4AB6-BDD1-9C5D58188598}) (Version: 12.4.1.6 - Apple Inc.)
Java 8 Update 91 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218091F0}) (Version: 8.0.910.15 - Oracle Corporation)
Keyword Blaze 2.0 (HKLM-x32\...\com.vaival.keywordtool) (Version: 0.0.8 - UNKNOWN)
Keyword Blaze 2.0 (x32 Version: 0.0.8 - UNKNOWN) Hidden
Keyword Master (HKLM-x32\...\{7C46AC08-8DE3-2088-E72D-001A34D8E536}) (Version: 1.0 - Cliff Carrigan)
L&H TTS3000 Deutsch (HKLM-x32\...\LHTTSGED) (Version:  - )
Lernout & Hauspie TruVoice American English TTS Engine (HKLM-x32\...\tv_enua) (Version:  - )
Logitech Options (HKLM\...\LogiOptions) (Version:  - Logitech)
Macrium Reflect Free Edition (HKLM\...\MacriumReflect) (Version: 6.1 - Paramount Software (UK) Ltd.)
Macrium Reflect Free Edition (Version: 6.1.1311 - Paramount Software (UK) Ltd.) Hidden
MAGIX Fonts Package 2 (x32 Version: 1.0.0.0 - MAGIX Software GmbH) Hidden
MAGIX Fotostory 2015 Deluxe (HKLM-x32\...\MX.{B051358D-748D-4969-9FE7-C116D730CAAD}) (Version: 14.0.1.42 - MAGIX Software GmbH)
MAGIX Fotostory 2015 Deluxe (Version: 14.0.1.42 - MAGIX Software GmbH) Hidden
MAGIX Speed burnR (MSI) (HKLM-x32\...\MX.{61124E02-0FFC-4390-8943-4B5C1E3713CE}) (Version: 7.0.2.6 - MAGIX Software GmbH)
MAGIX Speed burnR (MSI) (Version: 7.0.2.6 - MAGIX Software GmbH) Hidden
MAGIX Video deluxe 2015 Premium (HKLM\...\MX.{EAC79752-A0A4-45DB-9F99-9F6445920F77}) (Version: 14.0.0.159 - MAGIX Software GmbH)
MAGIX Video deluxe 2015 Premium (Version: 14.0.0.159 - MAGIX Software GmbH) Hidden
MAGIX Video Sound Cleaning Lab 2014 (HKLM-x32\...\MX.{6D904F95-F965-4475-A3DD-9F52C5AD0CB7}) (Version: 20.0.0.14 - MAGIX AG)
MAGIX Video Sound Cleaning Lab 2014 (Version: 20.0.0.14 - MAGIX AG) Hidden
Malwarebytes Anti-Malware Version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Mein 3DataManager (HKLM-x32\...\3DataManager) (Version: 1.1.1 - Mein 3DataManager)
Microsoft .NET Framework 1.1 (HKLM-x32\...\{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}) (Version: 1.1.4322 - Microsoft)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Office 365 - de-de (HKLM\...\O365HomePremRetail - de-de) (Version: 16.0.6965.2058 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50428.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
MOBackup - Datensicherung für Outlook (Vollversion) (HKLM-x32\...\MOBackup-DatensicherungfürOutlook) (Version: 7.95 - Heiko Schröder)
Mozilla Firefox 47.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 47.0 (x86 de)) (Version: 47.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 47.0.0.5999 - Mozilla)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2721691) (HKLM-x32\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
My Solodex (HKLM-x32\...\SolodexReloaded) (Version: 2.00 - UNKNOWN)
My Solodex (x32 Version: 2.00 - UNKNOWN) Hidden
MyPhoneExplorer (HKLM-x32\...\MPE) (Version: 1.8.7 - F.J. Wechselberger)
NaturalReaderFree (HKLM-x32\...\{262EFBD9-A907-490F-81F4-561FDD3A8C5C}) (Version: 1.00.0000 - Naturalsoft limited)
NVIDIA 3D Vision Treiber 368.39 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 368.39 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.11.3.5 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.11.3.5 - NVIDIA Corporation)
NVIDIA Grafiktreiber 368.39 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 368.39 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.34.14 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.14 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.16.0318 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.16.0318 - NVIDIA Corporation)
ObjectNews2 (HKU\S-1-5-21-3206007939-3703904605-1476991908-1000\...\ObjectNews2) (Version: 02.58 - ObjectNews2)
ObjectNews2 (HKU\S-1-5-21-3206007939-3703904605-1476991908-1001\...\ObjectNews2) (Version: 02.58 - ObjectNews2)
Office 16 Click-to-Run Extensibility Component (x32 Version: 16.0.6925.1018 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (Version: 16.0.6925.1018 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (x32 Version: 16.0.6925.1018 - Microsoft Corporation) Hidden
Oracle VM VirtualBox 4.3.20 (HKLM\...\{86401870-7AB7-4A8D-8AD6-12B27DF2E6E3}) (Version: 4.3.20 - Oracle Corporation)
PagePlusX7ContentDeclaration (x32 Version: 1.0.0.0 - Serif (Europe) Ltd) Hidden
Penguinator Connect (HKLM-x32\...\{395BBB78-0644-45D3-A0FB-E925E82BFAB8}) (Version: 1.0.0 - Antification)
Phase 5 HTML-Editor (HKLM-x32\...\{20B1B020-DEAE-48D1-9960-D4C3185D758B}) (Version: 5.6.2.3 - Systemberatung Schommer)
Photo to Sketch Converter 2.0 (HKLM-x32\...\Photo to Sketch Converter_is1) (Version: 2.0 - SoftOrbits)
Pop-up Excel Calendar 2.12 (HKLM-x32\...\Pop-up Excel Calendar_is1) (Version: 2.12 - OFFICE-KIT.COM, Uniform Software Ltd)
PowerLine Utility (HKLM-x32\...\{5D1E5ED5-E436-4A0D-8812-953FFBDFF3B3}) (Version: 1.2.709 - TP-LINK)
QuickTime 7 (HKLM-x32\...\{FF59BD75-466A-4D5A-AD23-AAD87C5FD44C}) (Version: 7.79.80.95 - Apple Inc.)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.10586.31222 - Realtek Semiconduct Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.44.421.2011 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6564 - Realtek Semiconductor Corp.)
RoboForm 7-9-9-1 (All Users) (HKLM-x32\...\AI RoboForm) (Version: 7-9-9-1 - Siber Systems)
Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.59.0 - Samsung Electronics Co., Ltd.)
SHIELD Streaming (Version: 7.1.0280 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.11.3.5 - NVIDIA Corporation) Hidden
Smart Switch (HKLM-x32\...\InstallShield_{74FA5314-85C8-4E2A-907D-D9ECCCB770A7}) (Version: 4.1.16052.2 - Samsung Electronics Co., Ltd.)
Smart Switch (x32 Version: 4.1.16052.2 - Samsung Electronics Co., Ltd.) Hidden
Social Post Browser (HKLM-x32\...\Social Post Browser1.0.0.0) (Version: 1.0.0.0 - AppBreed Software of InnAnTech Industries Inc.)
SocialFormula (HKLM-x32\...\SocialFormula) (Version: 0.0.0 - UNKNOWN)
SocialFormula (x32 Version: 0.0.0 - UNKNOWN) Hidden
Softwarenetz Rechnung5 (HKLM-x32\...\Rechnung5) (Version:  - Softwarenetz)
Springly (HKLM-x32\...\Springly) (Version: 1.7 - JHS Marketing LLC)
Springly (x32 Version: 1.7 - JHS Marketing LLC) Hidden
Sublime Text Build 3103 (HKLM\...\Sublime Text 3_is1) (Version:  - Sublime HQ Pty Ltd)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.3.43.0 - Synaptics Incorporated)
SynciOS Data Transfer version 1.2.6 (HKLM-x32\...\{6C4BB520-3416-4D67-B7EA-A9FF6662345F}_is1) (Version: 1.2.6 - Anvsoft, Inc.)
Syncios Version 5.0.2 (HKLM-x32\...\{068A5D84-8419-4BDE-9689-FE65F412EFBB}_is1) (Version: 5.0.2 - Anvsoft, Inc.)
Target Generator (HKLM-x32\...\Target Generator1.0.0.3) (Version: 1.0.0.3 - AppBreed Software of InnAnTech Industries Inc.)
Tee Inspector (HKLM-x32\...\Tee Inspector1.0.1.3) (Version: 1.0.1.3 - AppBreed Software of InnAnTech Industries Inc.)
Text-To-Speech-Runtime (HKLM-x32\...\{7B3F0113-E63C-4D6D-AF19-111A3165CCA2}) (Version: 1.0.0.0 - Magix Development GmbH)
Title Analyzer (HKLM-x32\...\Title Analyzer1.0.0.4) (Version: 1.0.0.4 - AppBreed)
UmmyVideoDownloader (HKLM-x32\...\{E028DBDA-EEE7-48A0-ADF7-D250589A02C5}_is1) (Version: 1.5.0.0 - )
VideosAlchemey (HKLM-x32\...\VideosAlchemey) (Version: 0.0.0 - InspiredSoft LTD)
VideosAlchemey (x32 Version: 0.0.0 - InspiredSoft LTD) Hidden
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN)
Vulkan Run Time Libraries 1.0.11.1 (HKLM\...\VulkanRT1.0.11.1) (Version: 1.0.11.1 - LunarG, Inc.)
WinPcap 4.1.2 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2001 - CACE Technologies)
WonderFox Video Watermark (HKU\S-1-5-21-3206007939-3703904605-1476991908-1000\...\WonderFoxVideoWatermark) (Version:  - WonderFox Soft, Inc. All Rights Reserved.)
Xara Designer Pro X11 (HKLM\...\MX.{6FDCA3A7-DF35-4E18-AF77-A30FDF193897}) (Version: 11.2.3.40674 - Xara Group Ltd)
Xara Designer Pro X11 (Version: 11.2.3.40674 - Xara Group Ltd) Hidden

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-3206007939-3703904605-1476991908-1000_Classes\CLSID\{004B49B7-11B9-5058-FF22-08DD093ADC4B}\InprocServer32 -> {1F512744-9468-D082-12B7-20EE85889A47} => Keine Datei
CustomCLSID: HKU\S-1-5-21-3206007939-3703904605-1476991908-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Gerhard\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3206007939-3703904605-1476991908-1000_Classes\CLSID\{2AD206F1-152C-4F9D-A24E-6F93FE7A4AFC}\InprocServer32 -> C:\Users\Admin\AppData\Local\Grammarly\Grammarly for Microsoft Office Suite\6.5.43\6114034ECAC245E880E823DD0314F4F6\GrammarlyShim64.dll (CompanyName)
CustomCLSID: HKU\S-1-5-21-3206007939-3703904605-1476991908-1000_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\Admin\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\FileCoAuth.exe (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3206007939-3703904605-1476991908-1000_Classes\CLSID\{DD0822FF-3A09-4BDC-B749-4B00B9115850}\InprocServer32 -> {597C43FD-9468-D082-ABD3-0DA885889A47} => Keine Datei
CustomCLSID: HKU\S-1-5-21-3206007939-3703904605-1476991908-1000_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)
CustomCLSID: HKU\S-1-5-21-3206007939-3703904605-1476991908-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Gerhard\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3206007939-3703904605-1476991908-1001_Classes\CLSID\{00A3944A-BCF0-4796-9C15-D69606B6F3AB}\InprocServer32 -> C:\Program Files\Xara\Xara Designer Pro X10\Filters\DEU\HDPImport.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-3206007939-3703904605-1476991908-1001_Classes\CLSID\{045281D6-AFD2-4cd6-A93D-C07AD6FB20A2}\InprocServer32 -> C:\Program Files\Xara\Xara Designer Pro X10\Filters\DEU\SVGFilter.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-3206007939-3703904605-1476991908-1001_Classes\CLSID\{05E88098-3750-457A-AC42-1B019F9E3FE8}\InprocServer32 -> C:\Program Files\Xara\Xara Designer Pro X11\Filters\DEU\HDPImport.dll ()
CustomCLSID: HKU\S-1-5-21-3206007939-3703904605-1476991908-1001_Classes\CLSID\{0A352EAA-8FF3-404c-AFED-1F9AA02818DD}\InprocServer32 -> C:\Program Files\Xara\Xara Designer Pro X10\Filters\DEU\ODPImport.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-3206007939-3703904605-1476991908-1001_Classes\CLSID\{133547BE-D10F-4399-B1BA-D8CC983DA841}\InprocServer32 -> C:\Program Files\Xara\Xara Designer Pro X10\Filters\DEU\WSMFilter.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-3206007939-3703904605-1476991908-1001_Classes\CLSID\{1423F872-3F7F-4E57-B621-8B1A9D49B448}\InprocServer32 -> C:\Users\Gerhard\AppData\Local\Google\Update\1.3.27.5\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-3206007939-3703904605-1476991908-1001_Classes\CLSID\{171740BB-DE5D-4A3B-A5DD-43D171192819}\InprocServer32 -> C:\Program Files\Xara\Xara Designer Pro X11\Filters\DEU\RTFfilter.dll (Xara Group Ltd.)
CustomCLSID: HKU\S-1-5-21-3206007939-3703904605-1476991908-1001_Classes\CLSID\{1B00816B-14D7-4442-82B3-15CCF43C0254}\InprocServer32 -> C:\Program Files\Xara\Xara Designer Pro X10\Filters\DEU\RTFfilter.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-3206007939-3703904605-1476991908-1001_Classes\CLSID\{23F5AD84-9742-4A1F-BA77-B39828938730}\InprocServer32 -> C:\Program Files\Xara\Xara Designer Pro X11\Filters\DEU\PDFXFilter\PDFXFilter.dll (Xara)
CustomCLSID: HKU\S-1-5-21-3206007939-3703904605-1476991908-1001_Classes\CLSID\{2DD6B8AC-9015-4347-A47B-CEDCA2E4C2EA}\InprocServer32 -> C:\Program Files\Xara\Xara Designer Pro X11\Filters\DEU\XPSFilter.dll ()
CustomCLSID: HKU\S-1-5-21-3206007939-3703904605-1476991908-1001_Classes\CLSID\{3E2079FE-4DB5-4914-B9A0-FBBDA87890C0}\InprocServer32 -> C:\Program Files\Xara\Xara Designer Pro X11\Filters\DEU\ODPImport.dll ()
CustomCLSID: HKU\S-1-5-21-3206007939-3703904605-1476991908-1001_Classes\CLSID\{44B8B2C4-AFC2-44B3-8F05-02EC6E235862}\InprocServer32 -> C:\Program Files\Xara\Xara Designer Pro X11\Filters\DEU\PSDFilter.dll ()
CustomCLSID: HKU\S-1-5-21-3206007939-3703904605-1476991908-1001_Classes\CLSID\{4954639E-4AD5-4232-9FC6-753ED3E19DE1}\InprocServer32 -> C:\Program Files\Xara\Xara Designer Pro X11\Filters\DEU\PPImport.dll ()
CustomCLSID: HKU\S-1-5-21-3206007939-3703904605-1476991908-1001_Classes\CLSID\{55E4C8A1-601C-407f-9DF5-A2652A241AAE}\InprocServer32 -> C:\Program Files\Xara\Xara Designer Pro X10\Filters\DEU\EMFFilter.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-3206007939-3703904605-1476991908-1001_Classes\CLSID\{590C4387-5EBD-4D46-8A84-CD0BA2EF2856}\InprocServer32 -> C:\Users\Gerhard\AppData\Local\Google\Update\1.3.30.3\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3206007939-3703904605-1476991908-1001_Classes\CLSID\{5C8C2A98-6133-4EBA-BBCC-34D9EA01FC2E}\InprocServer32 -> C:\Users\Gerhard\AppData\Local\Google\Update\1.3.28.1\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-3206007939-3703904605-1476991908-1001_Classes\CLSID\{5C8E7C70-D9DC-4AB9-B748-4ED125D0CD74}\InprocServer32 -> C:\Program Files\Xara\Xara Designer Pro X11\Filters\DEU\WSMFilter.dll ()
CustomCLSID: HKU\S-1-5-21-3206007939-3703904605-1476991908-1001_Classes\CLSID\{6363B1AE-9DCC-24C0-1CB3-37B93064DF47}\InprocServer32 -> kein Dateipfad
CustomCLSID: HKU\S-1-5-21-3206007939-3703904605-1476991908-1001_Classes\CLSID\{65545209-E245-4026-94AE-DEABE04DA1BF}\localserver32 -> C:\Program Files\Xara\Xara Designer Pro X11\DesignerPro.exe (Xara Group Ltd.)
CustomCLSID: HKU\S-1-5-21-3206007939-3703904605-1476991908-1001_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\Gerhard\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\FileCoAuth.exe (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3206007939-3703904605-1476991908-1001_Classes\CLSID\{78550997-5DEF-4A8A-BAF9-D5774E87AC98}\InprocServer32 -> C:\Users\Gerhard\AppData\Local\Google\Update\1.3.28.13\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-3206007939-3703904605-1476991908-1001_Classes\CLSID\{793EE463-1304-471C-ADF1-68C2FFB01247}\InprocServer32 -> C:\Users\Gerhard\AppData\Local\Google\Update\1.3.29.5\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-3206007939-3703904605-1476991908-1001_Classes\CLSID\{7DCC32F2-DAEF-4CDE-A81A-F45DAA3EB0B0}\InprocServer32 -> C:\Program Files\Xara\Xara Designer Pro X10\Filters\DEU\HTMLfilter.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-3206007939-3703904605-1476991908-1001_Classes\CLSID\{7F75D6E7-EE09-46d8-A83E-040926610774}\InprocServer32 -> C:\Program Files\Xara\Xara Designer Pro X10\Filters\DEU\DocImport\DocImport.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-3206007939-3703904605-1476991908-1001_Classes\CLSID\{84B5A313-CD5D-4904-8BA2-AFDC81C1B309}\InprocServer32 -> C:\Users\Gerhard\AppData\Local\Citrix\GoToMeeting\5102\G2MOutlookAddin64.dll (Citrix Online, a division of Citrix Systems, Inc.)
CustomCLSID: HKU\S-1-5-21-3206007939-3703904605-1476991908-1001_Classes\CLSID\{91C4D714-252D-4660-90AF-F999F8D3EA76}\InprocServer32 -> C:\Program Files\Xara\Xara Designer Pro X10\Filters\DEU\PSDFilter.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-3206007939-3703904605-1476991908-1001_Classes\CLSID\{96379E3B-23DA-4F75-A23A-DBCF805CC406}\InprocServer32 -> C:\Program Files\Xara\Xara Designer Pro X11\Filters\DEU\DocImport\DocImport.dll ()
CustomCLSID: HKU\S-1-5-21-3206007939-3703904605-1476991908-1001_Classes\CLSID\{ACFF41B0-7315-4c16-A459-E7A5880EA0E5}\InprocServer32 -> C:\Program Files\Xara\Xara Designer Pro X10\Filters\DEU\XPSFilter.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-3206007939-3703904605-1476991908-1001_Classes\CLSID\{B189AF08-C20E-44e6-A12E-3790640BBCD0}\InprocServer32 -> C:\Program Files\Xara\Xara Designer Pro X10\Filters\DEU\RAWImport\RAWImport.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-3206007939-3703904605-1476991908-1001_Classes\CLSID\{B27868B8-49B9-450c-BC04-907704465D79}\InprocServer32 -> C:\Program Files\Xara\Xara Designer Pro X10\Filters\DEU\PDFXFilter\PDFXFilter.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-3206007939-3703904605-1476991908-1001_Classes\CLSID\{B3D4021A-E5F5-4ba6-ABAB-B6B6445A5549}\InprocServer32 -> C:\Program Files\Xara\Xara Designer Pro X10\Filters\DEU\TIFFImport.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-3206007939-3703904605-1476991908-1001_Classes\CLSID\{BD1631EA-6D82-4407-9B96-5B40DA7BCCC1}\InprocServer32 -> C:\Program Files\Xara\Xara Designer Pro X10\Filters\DEU\PDFImport\PDFImport.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-3206007939-3703904605-1476991908-1001_Classes\CLSID\{C0908775-F5BD-4caf-B8BE-7138F7EBAAEE}\InprocServer32 -> C:\Program Files\Xara\Xara Designer Pro X10\Filters\DEU\PPImport.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-3206007939-3703904605-1476991908-1001_Classes\CLSID\{C2A30267-3451-441F-93AD-8C8399CB426B}\InprocServer32 -> C:\Program Files\Xara\Xara Designer Pro X11\Filters\DEU\HTMLfilter.dll (Xara Group Ltd.)
CustomCLSID: HKU\S-1-5-21-3206007939-3703904605-1476991908-1001_Classes\CLSID\{C3BC25C0-FCD3-4F01-AFDD-41373F017C9A}\InprocServer32 -> C:\Users\Gerhard\AppData\Local\Google\Update\1.3.26.9\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-3206007939-3703904605-1476991908-1001_Classes\CLSID\{CB58FF31-2539-11D0-BDEE-0020AFE14B84}\localserver32 -> C:\Program Files\Xara\Xara Designer Pro X11\DesignerPro.exe (Xara Group Ltd.)
CustomCLSID: HKU\S-1-5-21-3206007939-3703904605-1476991908-1001_Classes\CLSID\{CB58FF32-2539-11D0-BDEE-0020AFE14B84}\localserver32 -> C:\Program Files\Xara\Xara Designer Pro X11\DesignerPro.exe (Xara Group Ltd.)
CustomCLSID: HKU\S-1-5-21-3206007939-3703904605-1476991908-1001_Classes\CLSID\{CC182BE1-84CE-4A57-B85C-FD4BBDF78CB2}\InprocServer32 -> C:\Users\Gerhard\AppData\Local\Google\Update\1.3.29.1\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-3206007939-3703904605-1476991908-1001_Classes\CLSID\{CCC4FDE7-EE88-454F-9B6E-60FD6B562289}\InprocServer32 -> C:\Program Files\Xara\Xara Designer Pro X11\Filters\DEU\RAWImport\RAWImport.dll ()
CustomCLSID: HKU\S-1-5-21-3206007939-3703904605-1476991908-1001_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}\InprocServer32 -> C:\Users\Gerhard\AppData\Local\Google\Update\1.3.25.11\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-3206007939-3703904605-1476991908-1001_Classes\CLSID\{D1EDC4F5-7F4D-4B12-906A-614ECF66DDAF}\InprocServer32 -> C:\Users\Gerhard\AppData\Local\Google\Update\1.3.28.15\psuser_64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-3206007939-3703904605-1476991908-1001_Classes\CLSID\{E44A4F31-0C8B-42C2-A2A4-E743A0395B5F}\InprocServer32 -> C:\Program Files\Xara\Xara Designer Pro X11\Filters\DEU\PDFImport\PDFImport.dll ()
CustomCLSID: HKU\S-1-5-21-3206007939-3703904605-1476991908-1001_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Gerhard\AppData\Local\Google\Update\1.3.30.3\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3206007939-3703904605-1476991908-1001_Classes\CLSID\{E99245A1-DE06-4770-8208-B0494C933C65}\InprocServer32 -> C:\Program Files\Xara\Xara Designer Pro X11\Filters\DEU\SVGFilter.dll ()
CustomCLSID: HKU\S-1-5-21-3206007939-3703904605-1476991908-1001_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Gerhard\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3206007939-3703904605-1476991908-1001_Classes\CLSID\{EDC4A498-53B4-496C-A750-3AABCD48A6A3}\InprocServer32 -> C:\Program Files\Xara\Xara Designer Pro X11\Filters\DEU\EMFFilter.dll ()
CustomCLSID: HKU\S-1-5-21-3206007939-3703904605-1476991908-1001_Classes\CLSID\{FABA52C3-2D0F-4070-8086-57522F3A9D82}\InprocServer32 -> C:\Program Files\Xara\Xara Designer Pro X11\Filters\DEU\TIFFImport.dll ()
CustomCLSID: HKU\S-1-5-21-3206007939-3703904605-1476991908-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Gerhard\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3206007939-3703904605-1476991908-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Gerhard\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3206007939-3703904605-1476991908-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Gerhard\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3206007939-3703904605-1476991908-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Gerhard\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3206007939-3703904605-1476991908-1001_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Gerhard\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3206007939-3703904605-1476991908-1001_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Gerhard\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3206007939-3703904605-1476991908-1001_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Gerhard\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3206007939-3703904605-1476991908-1001_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Gerhard\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3206007939-3703904605-1476991908-1001_Classes\CLSID\{FBC9D74C-AF55-4309-9FB2-C426E071637F}\InprocServer32 -> C:\Users\Gerhard\AppData\Roaming\Dropbox\bin\DropboxExt64.34.dll (Dropbox, Inc.)

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {003E6E88-F385-4A27-9583-10251741847C} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\Windows\ehome\mcupdate.exe
Task: {11E8F971-1E4D-4BD1-98D2-463EE75A28D0} - System32\Tasks\{71D0C8C7-3F3A-495F-857B-04309D1EB675} => pcalua.exe -a D:\ÖVP\Zeitung\setup(1).exe -d D:\ÖVP\Zeitung
Task: {138C4968-A7B9-4DF2-B614-97AB643CD216} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\Windows\ehome\ehPrivJob.exe
Task: {154DCAC6-4668-4AC5-B42A-95D74C718505} - System32\Tasks\AdobeAAMUpdater-1.0-Admin-PC-Gerhard => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2016-01-07] (Adobe Systems Incorporated)
Task: {24AC897E-B719-4F4E-82A4-CEB20A17DE9B} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\Windows\ehome\ehPrivJob.exe
Task: {26BD3BEB-F1F5-43FF-A6DA-538EEFB14B3D} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\Windows\ehome\ehPrivJob.exe
Task: {2D0C1610-0227-47C2-A32E-6494C29C9001} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Keine Datei <==== ACHTUNG
Task: {2DB45EF5-15CA-4B94-B6C2-1115B2B95261} - System32\Tasks\Java Platform SE Auto Updater => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2016-05-20] (Oracle Corporation)
Task: {322F7AE2-BCB3-408A-A11E-44C65FB0427E} - System32\Tasks\Run RoboForm TaskBar Icon => C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe [2016-04-09] (Siber Systems)
Task: {337EB52D-3586-44D2-98BC-1F6717D7BF6B} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {3463BA2E-051F-477F-A26B-56212DF595FA} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3206007939-3703904605-1476991908-1001UA => C:\Users\Gerhard\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {38CFB09F-71F9-4EE4-9395-908E1B693AE5} - System32\Tasks\eM Client Database Backup => C:\Program Files (x86)\eM Client\DbBackup.exe [2016-02-29] ()
Task: {3CF2BFE0-364C-4B34-8ACA-8F18069D9D9F} - System32\Tasks\AdobeAAMUpdater-1.0-Admin-PC-Admin => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2016-01-07] (Adobe Systems Incorporated)
Task: {42355926-806F-4614-9CFF-0931C4B4AB73} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-27] (Google Inc.)
Task: {43427614-8FAB-4A70-83B0-2CF34D1F80B1} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\Windows\ehome\ehPrivJob.exe
Task: {4518D769-249F-43E1-B1B2-E953ED2DF0FD} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG
Task: {45A2B397-0FCA-4879-ACFE-4B4413158B1D} - System32\Tasks\Open URL by RoboForm => Rundll32.exe url.dll,FileProtocolHandler "hxxp://www.roboform.com/test-pass.html?aaa=KICMNMHMGMHMLJHMPMPMCNOJMMLMMMCNLMLJNJNMCNOJJJIMNJCNOJJJOJGMLJLMOMLJIMGMOMMJJNJICMIMCNGMCNGMFMHMCNPMCNIMJMPMPMFMJMCNOMCNIMJMPMPMCNNMJNPICMOMFMMJBJKJLIMJFMPMJNHICMMJBJKJLIMJJNBJCMILKJNIHJOJNILJJNKJCMJNNICMJNDJCMLJKJJNMJCMOMFMLMJM (Der Dateneintrag hat 41 mehr Zeichen).
Task: {4E40CF6E-3377-4AFB-A4DF-F21930F946C4} - System32\Tasks\ATKOSD2 => C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [2013-09-09] (ASUSTek Computer Inc.)
Task: {599866F9-321C-4136-BEC7-1A69678568D6} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Keine Datei <==== ACHTUNG
Task: {5A0DA88B-11A9-4953-A383-80E425560004} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Keine Datei <==== ACHTUNG
Task: {5B7C48BF-FA61-4027-8DD0-AAB2CF26692A} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\Windows\ehome\ehPrivJob.exe
Task: {5B8BC7CE-BD50-40F4-9B14-D280A832EFA0} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-3206007939-3703904605-1476991908-1001UA => C:\Users\Gerhard\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-20] (Dropbox, Inc.)
Task: {61332164-FA69-441C-AA30-1BBD71532111} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Keine Datei <==== ACHTUNG
Task: {621CF455-E6D7-4DE2-9CA1-66A08C6DB584} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {67AB2966-866D-432D-A391-3072835C6C00} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2016-06-10] (Microsoft Corporation)
Task: {68CB1F80-7303-4609-8AC7-A475D3614EA3} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3206007939-3703904605-1476991908-1001Core => C:\Users\Gerhard\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {6BDBB9E7-F404-4239-A51F-1F9C254DF582} - System32\Tasks\{3F6D5430-DB72-4F02-9658-ADAB2B3A2707} => pcalua.exe -a D:\ÖVP\Zeitung\setup.exe -d D:\ÖVP\Zeitung
Task: {7492C1C6-8029-44A2-AA24-0F45E53B6824} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei <==== ACHTUNG
Task: {759F286D-71CF-42DD-8666-400E823DC24A} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {77920D30-8AF8-4E95-95E6-61C2F76FE51A} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\Windows\ehome\ehPrivJob.exe
Task: {77FB0A62-F8FD-49CD-A513-B90856703772} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\Windows\ehome\ehPrivJob.exe
Task: {7E7AAA1A-C92A-446D-BE2B-603030E23837} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\Windows\ehome\ehPrivJob.exe
Task: {87C2F394-88B4-42B1-9232-9A036DA582C6} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\Windows\ehome\mcupdate.exe
Task: {8AACB638-0B54-4F62-A66D-8C159AFB8CE8} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\Windows\ehome\MCUpdate.exe
Task: {8E36D3AE-2164-49B8-9AF0-4DE1A6F92DCA} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\Windows\ehome\ehrec.exe
Task: {93198939-0B23-4AA2-96B1-363F7BF3AEBA} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-27] (Google Inc.)
Task: {9B853FBB-9FB9-4A1F-885E-587EE57DA356} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> Keine Datei <==== ACHTUNG
Task: {9B90FC10-1883-4EF8-8610-E9E0DE02F170} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\Windows\ehome\ehrec.exe
Task: {9F1833F8-82D2-4BEB-B2D0-54508F087F00} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-06-17] (Adobe Systems Incorporated)
Task: {A1D27128-2DA7-4EE2-9454-8C6D676587E0} - \Microsoft\Windows\Setup\GWXTriggers\OnIdle-5d -> Keine Datei <==== ACHTUNG
Task: {A5E4D9E2-8B1A-4830-B180-E10148A37D1C} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\Windows\ehome\ehPrivJob.exe
Task: {A9ACDE2F-5349-4EFC-838F-8B2A33F29D23} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\Windows\ehome\mcupdate.exe
Task: {A9EB9EFA-3C18-444E-A0D9-9812503FBE0E} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2016-02-23] (Apple Inc.)
Task: {BE13F8C5-56CA-4BD9-A537-AB078C2E03CB} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\Windows\ehome\ehPrivJob.exe
Task: {C2D0553C-529B-40F5-BE90-25A49CECEBC3} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\Windows\ehome\ehPrivJob.exe
Task: {C309A885-AE94-47DC-A9F1-288A51444AA5} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\Windows\ehome\mcupdate.exe
Task: {C7684B91-2705-4677-8EA8-DE6F00652DA2} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-3206007939-3703904605-1476991908-1001Core => C:\Users\Gerhard\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2015-06-20] (Dropbox, Inc.)
Task: {CB2AA5BE-AF35-4F5D-8FBC-48DDD0D46623} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine Datei <==== ACHTUNG
Task: {D1EFBBF2-ABFB-400B-8018-A6B72177A372} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\Windows\ehome\ehPrivJob.exe
Task: {D54DC8C4-83BC-40CF-A85E-B2FE0DF3AD42} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\Windows\ehome\ehPrivJob.exe
Task: {D72944BB-9748-45BE-BF05-0E7D0191B72E} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2016-06-10] (Microsoft Corporation)
Task: {D7E69832-FF36-41E6-A9F1-69D27FCC7EBA} - System32\Tasks\Bitdefender Update Product Data_A17FD818A96743FAB28AC221BEB4B2C8 => C:\Program Files\Bitdefender\Bitdefender 2015\bdproductdata.exe
Task: {DAD147A4-69D5-4D25-BC55-F87543D04529} - System32\Tasks\G2MUpdateTask-S-1-5-21-3206007939-3703904605-1476991908-1001 => C:\Users\Gerhard\AppData\Local\Citrix\GoToMeeting\5174\g2mupdate.exe [2016-07-01] (Citrix Online, a division of Citrix Systems, Inc.)
Task: {DF60C9ED-A3EB-4BCE-827E-334C09E9F667} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> Keine Datei <==== ACHTUNG
Task: {F41A105A-D6DE-4979-87B4-6D04F3F9584B} - System32\Tasks\G2MUploadTask-S-1-5-21-3206007939-3703904605-1476991908-1001 => C:\Users\Gerhard\AppData\Local\Citrix\GoToMeeting\5174\g2mupload.exe [2016-07-01] (Citrix Online, a division of Citrix Systems, Inc.)
Task: {F7672DC8-C27C-45D0-8CA6-4ABFE4226EC0} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Keine Datei <==== ACHTUNG
Task: {F7DB07FB-E238-41E6-ACF2-061F5B9AA304} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2016-06-10] (Microsoft Corporation)
Task: {F7DCFD71-4D81-4829-A80C-F363BE171389} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-04-22] (Adobe Systems Incorporated)
Task: {F8A4E564-3A3A-401E-9E6D-7E873C5E1F24} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG
Task: {F9D85607-EA3E-4213-864B-605F55DFCCFB} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Keine Datei <==== ACHTUNG

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-3206007939-3703904605-1476991908-1001Core.job => C:\Users\Gerhard\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-3206007939-3703904605-1476991908-1001UA.job => C:\Users\Gerhard\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\G2MUpdateTask-S-1-5-21-3206007939-3703904605-1476991908-1001.job => C:\Users\Gerhard\AppData\Local\Citrix\GoToMeeting\5174\g2mupdate.exe
Task: C:\WINDOWS\Tasks\G2MUploadTask-S-1-5-21-3206007939-3703904605-1476991908-1001.job => C:\Users\Gerhard\AppData\Local\Citrix\GoToMeeting\5174\g2mupload.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3206007939-3703904605-1476991908-1001Core.job => C:\Users\Gerhard\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3206007939-3703904605-1476991908-1001UA.job => C:\Users\Gerhard\AppData\Local\Google\Update\GoogleUpdate.exe

==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

Shortcut: C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WonderFox Soft\WonderFox Video Watermark\Buy WonderFox Video Watermark on online.lnk -> hxxp:( (Keine Datei)
Shortcut: C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WonderFox Soft\WonderFox Video Watermark\WonderFox Video Watermark on the web.lnk -> hxxp:( (Keine Datei)
Shortcut: C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Document Manager\Buy Document Manager on online.lnk -> hxxp:( (Keine Datei)
Shortcut: C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Document Manager\Document Manager on the web.lnk -> hxxp:( (Keine Datei)

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2015-10-30 09:18 - 2015-10-30 09:18 - 00185856 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2016-05-31 13:22 - 2016-06-03 05:59 - 00133056 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2016-07-02 23:08 - 2016-06-30 16:49 - 01043568 _____ () C:\Program Files\Emsisoft Internet Security\fw64.dll
2016-06-01 08:34 - 2016-03-29 12:20 - 02656952 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2016-06-01 08:34 - 2016-03-29 12:20 - 02656952 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2015-11-28 19:13 - 2015-11-14 05:23 - 00553120 ____N () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll
2016-05-31 15:21 - 2016-05-31 15:21 - 00959168 _____ () C:\Users\Gerhard\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64\ClientTelemetry.dll
2016-04-22 15:15 - 2016-04-22 15:15 - 00052912 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext_64.dll
2016-04-22 01:07 - 2016-04-22 01:07 - 00092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2016-04-22 01:07 - 2016-04-22 01:07 - 01337144 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2016-05-20 15:41 - 2016-05-02 07:54 - 00369208 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\MessageBus.dll
2016-02-02 10:46 - 2016-05-02 07:55 - 00289848 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamBase.dll
2016-05-20 15:41 - 2016-05-02 07:54 - 01148984 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\libprotobuf.dll
2016-05-20 15:41 - 2016-05-02 07:55 - 03613240 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Poco.dll
2016-06-01 08:32 - 2015-12-07 06:14 - 00093696 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\Windows.UI.Shell.SharedUtilities.dll
2016-06-01 08:33 - 2016-04-23 06:25 - 00472064 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2016-06-01 08:32 - 2016-04-23 06:25 - 00674816 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\MtcUvc.dll
2015-07-16 03:18 - 2015-07-16 03:18 - 00347968 _____ () C:\Program Files\Common Files\Acronis\BackupAndRecovery\Common\fnls.dll
2015-07-15 22:21 - 2015-07-15 22:21 - 00023872 _____ () C:\Program Files\Common Files\Acronis\BackupAndRecovery\Common\core_workers_shared_context.dll
2015-07-15 22:21 - 2015-07-15 22:21 - 01066304 _____ () C:\Program Files\Common Files\Acronis\BackupAndRecovery\Common\sqlite3.dll
2016-06-15 09:05 - 2016-05-28 05:59 - 07992832 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2016-06-15 09:05 - 2016-05-28 05:53 - 00591360 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-06-15 09:05 - 2016-05-28 05:54 - 02483200 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2016-06-15 09:05 - 2016-05-28 05:56 - 04089856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2016-05-20 15:41 - 2016-05-02 07:55 - 02667576 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\NvMdnsPlugin.dll
2016-05-20 15:41 - 2016-05-02 07:55 - 01990200 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\NvPortForwardPlugin.dll
2016-05-20 15:41 - 2016-05-02 07:55 - 01842232 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\Plugins\NSS\RtspPlugin.dll
2016-02-02 10:46 - 2016-05-02 07:55 - 00208952 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\RtspServer.dll
2015-03-17 17:36 - 2015-03-17 17:36 - 02411784 _____ () C:\Program Files (x86)\Audials\Audials 12\AudialsNotifier.exe
2016-01-25 10:09 - 2015-12-21 12:16 - 00269824 _____ () C:\Program Files (x86)\Syncios\SynciosDeviceService.exe
2015-11-28 19:12 - 2015-11-14 05:22 - 31401120 ____N () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
2016-06-03 14:40 - 2016-06-03 14:40 - 00017920 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.526.11220.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
2016-06-03 14:40 - 2016-06-03 14:40 - 13105152 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.526.11220.0_x64__8wekyb3d8bbwe\Microsoft.Photos.dll
2016-06-03 14:40 - 2016-06-03 14:40 - 00680448 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.526.11220.0_x64__8wekyb3d8bbwe\Microsoft.DesignCore.dll
2016-05-31 15:52 - 2016-05-31 15:52 - 00291328 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_16.526.11220.0_x64__8wekyb3d8bbwe\StoreRatingPromotion.dll
2016-05-31 15:52 - 2016-05-31 15:52 - 00144384 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe
2016-05-31 13:58 - 2016-05-31 13:58 - 00959168 _____ () C:\Users\Admin\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64\ClientTelemetry.dll
2016-05-20 15:41 - 2016-05-02 07:54 - 00035896 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\boost_system-vc120-mt-1_58.dll
2016-05-20 15:41 - 2016-05-02 07:54 - 00921656 _____ () C:\Program Files\NVIDIA Corporation\NvStreamSrv\boost_regex-vc120-mt-1_58.dll
2016-05-31 15:20 - 2016-05-31 15:20 - 00679624 _____ () C:\Users\Gerhard\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\ClientTelemetry.dll
2015-03-31 14:13 - 2016-05-02 08:02 - 00020536 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2016-06-02 17:04 - 2016-06-02 17:04 - 00134656 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\MailClient.1d52ed9e#\8b954fa3841099149fb902aef57b00ab\MailClient.Collections.ni.dll
2016-06-02 17:04 - 2016-06-02 17:04 - 00491520 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\MailClient.Mail\0287751dbfb4a91eb5d96e37b50cd420\MailClient.Mail.ni.dll
2016-06-02 17:04 - 2016-06-02 17:04 - 00934400 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\HTMLEditorControl\118e2a2afdc8e286fc61027af3d0db0a\HTMLEditorControl.ni.dll
2016-06-02 17:04 - 2016-06-02 17:04 - 00552960 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\LinqBridge\7bb0900f8f5cedd46a506431e78db50e\LinqBridge.ni.dll
2016-06-02 17:04 - 2016-06-02 17:04 - 00020992 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\MailClient.Interop\4600e088566adcb15be2425cd8eb257c\MailClient.Interop.ni.dll
2016-06-02 17:04 - 2016-06-02 17:04 - 00580096 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\MailClient.Common.UI\aa025cda2f377b8f7506078d3d0a08dc\MailClient.Common.UI.ni.dll
2014-05-28 17:48 - 2014-05-28 17:48 - 00642016 _____ () C:\Program Files (x86)\eM Client\SQLite\x86\sqlite3.dll
2016-06-02 17:04 - 2016-06-02 17:04 - 00082944 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\SystemCoreTimeZone\a7dc8ba7ce1c082eec3c2f1607dcafb9\SystemCoreTimeZone.ni.dll
2016-06-02 17:04 - 2016-06-02 17:04 - 00097280 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\MailClient.Sasl\71735f4b8ec19e93562b9a06c1ebca9f\MailClient.Sasl.ni.dll
2016-06-02 17:04 - 2016-06-02 17:04 - 00639488 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\HtmlInterop\6d0678987a0d179b076b78679df835dd\HtmlInterop.ni.dll
2016-06-02 17:04 - 2016-06-02 17:04 - 01570816 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\WindowsAPICodePack\9099fe289d4dce50355c9dec8e3744d4\WindowsAPICodePack.ni.dll
2016-06-02 17:04 - 2016-06-02 17:04 - 00249344 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\MailClient.Imap.Base\0edab2a256e078aa7c1cc73ea91fd5f4\MailClient.Imap.Base.ni.dll
2016-04-22 01:08 - 2016-04-22 01:08 - 01047864 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2016-04-22 01:08 - 2016-04-22 01:08 - 00080184 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2016-04-22 01:07 - 2016-04-22 01:07 - 00244024 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxslt.dll
2015-03-17 17:36 - 2015-03-17 17:36 - 00046080 _____ () C:\Program Files (x86)\Audials\Audials 12\boost_thread-vc90-mt-1_39.dll
2015-03-17 17:36 - 2015-03-17 17:36 - 00045056 _____ () C:\Program Files (x86)\Audials\Audials 12\boost_date_time-vc90-mt-1_39.dll
2015-03-17 17:36 - 2015-03-17 17:36 - 00068360 _____ () C:\Program Files (x86)\Audials\Audials 12\CrashRpt.dll
2015-03-17 17:36 - 2015-03-17 17:36 - 00580360 _____ () C:\Program Files (x86)\Audials\Audials 12\SQLite3.dll
2015-03-17 17:36 - 2015-03-17 17:36 - 00545032 _____ () C:\Program Files (x86)\Audials\Audials 12\StreamingClient.dll
2015-03-17 17:36 - 2015-03-17 17:36 - 00614912 _____ () C:\Program Files (x86)\Audials\Audials 12\boost_regex-vc90-mt-1_39.dll
2015-03-17 17:36 - 2015-03-17 17:36 - 00012800 _____ () C:\Program Files (x86)\Audials\Audials 12\boost_system-vc90-mt-1_39.dll
2016-06-02 17:02 - 2016-06-02 17:02 - 00315392 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\Utils\996d506219f17a60057e80ff6e15a48e\Utils.ni.dll
2016-06-02 17:02 - 2016-06-02 17:02 - 00650240 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\ManagedInterfaces\e22da1dab758d8f9056aefd8c90106d1\ManagedInterfaces.ni.dll
2016-06-12 15:13 - 2016-06-12 15:13 - 03868672 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\AudialsComponents\8fd79fc7895d67396f289514245dfe68\AudialsComponents.ni.dll
2016-06-02 17:02 - 2016-06-02 17:02 - 00176640 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\fastJSON\08fd291b6d2c01b97b0de9a4414ba06f\fastJSON.ni.dll
2016-06-02 17:02 - 2016-06-02 17:02 - 00062464 _____ () C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\CrashHandlerNET\89485467710c67e2b152be29733cd56c\CrashHandlerNET.ni.dll
2015-03-17 17:36 - 2015-03-17 17:36 - 00040712 _____ () C:\Program Files (x86)\Audials\Audials 12\CrashHandlerNET.dll
2015-03-17 02:34 - 2015-03-17 02:34 - 00010240 _____ () C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\locale\de_de\acrotray.deu
2015-11-28 19:12 - 2015-11-16 18:43 - 40523440 ____N () C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\CEF\libcef.dll
2015-11-28 19:12 - 2015-11-16 18:43 - 01365680 ____N () C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\CEF\libglesv2.dll
2015-11-28 19:12 - 2015-11-16 18:43 - 00219312 ____N () C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\CEF\libegl.dll
2016-01-25 10:09 - 2015-12-21 12:16 - 00398848 _____ () C:\Program Files (x86)\Syncios\DuiLib.dll
2016-01-25 10:10 - 2015-12-18 17:51 - 00073728 _____ () C:\Program Files (x86)\Syncios\generalFunc_pdt.dll
2016-01-25 10:10 - 2015-12-21 12:16 - 00176128 _____ () C:\Program Files (x86)\Syncios\driverMgr4Transfer_pdt.dll
2016-01-25 10:10 - 2015-12-21 12:16 - 00966144 _____ () C:\Program Files (x86)\Syncios\androidSyncCore_pdm.dll
2015-11-25 20:35 - 2015-11-25 20:35 - 00124416 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\fs-ext\build\Release\fs-ext.node
2015-11-25 20:35 - 2015-11-25 20:35 - 00188416 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\node-vulcanjs\build\Release\VulcanJS.node
2015-11-25 20:35 - 2015-11-25 20:35 - 00121344 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\ref\build\Release\binding.node
2015-11-25 20:35 - 2015-11-25 20:35 - 00129536 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\ffi\build\Release\ffi_bindings.node
2015-11-25 14:22 - 2015-11-25 14:22 - 00158384 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\node-ProxyResolver\native\ProxyResolverWin.dll
2015-11-25 20:35 - 2015-11-25 20:35 - 00081408 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\idle-gc\build\Release\idle-gc.node
2016-05-31 15:52 - 2016-05-31 15:52 - 00141312 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeBackgroundTasks.dll
2016-05-31 15:52 - 2016-05-31 15:52 - 22284800 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkyWrap.dll
2016-05-31 13:58 - 2016-05-31 13:58 - 00679624 _____ () C:\Users\Admin\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\ClientTelemetry.dll
2016-06-30 11:19 - 2016-06-02 10:33 - 00268080 _____ () C:\Program Files (x86)\Ashampoo\Ashampoo Snap 9\CrashRpt1403.dll
2016-06-30 11:19 - 2016-06-02 10:32 - 00085296 _____ () C:\Program Files (x86)\Ashampoo\Ashampoo Snap 9\MouseHook.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)

AlternateDataStreams: C:\Users\Admin\Downloads\setup_syncios.exe:BDU [0]
AlternateDataStreams: C:\Users\Gerhard\Desktop\adwcleaner_5.201.exe:BDU [0]
AlternateDataStreams: C:\Users\Gerhard\Desktop\esetsmartinstaller_deu.exe:BDU [0]
AlternateDataStreams: C:\Users\Gerhard\Desktop\RevoUninstallerPortable_1.95_Rev_2.paf.exe:BDU [0]
AlternateDataStreams: C:\Users\Gerhard\Desktop\tdsskiller.exe:BDU [0]
AlternateDataStreams: C:\Users\Gerhard\Downloads\HMA-Pro-VPN-2.8.24.0-installer.exe:BDU [0]

==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)


==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)

IE restricted site: HKU\S-1-5-21-3206007939-3703904605-1476991908-1000\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-21-3206007939-3703904605-1476991908-1000\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-3206007939-3703904605-1476991908-1000\...\008k.com -> www.008k.com
IE restricted site: HKU\S-1-5-21-3206007939-3703904605-1476991908-1000\...\00hq.com -> www.00hq.com
IE restricted site: HKU\S-1-5-21-3206007939-3703904605-1476991908-1000\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-21-3206007939-3703904605-1476991908-1000\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-3206007939-3703904605-1476991908-1000\...\0scan.com -> www.0scan.com
IE restricted site: HKU\S-1-5-21-3206007939-3703904605-1476991908-1000\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\S-1-5-21-3206007939-3703904605-1476991908-1000\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-3206007939-3703904605-1476991908-1000\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\S-1-5-21-3206007939-3703904605-1476991908-1000\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\S-1-5-21-3206007939-3703904605-1476991908-1000\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\S-1-5-21-3206007939-3703904605-1476991908-1000\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\S-1-5-21-3206007939-3703904605-1476991908-1000\...\10sek.com -> www.10sek.com
IE restricted site: HKU\S-1-5-21-3206007939-3703904605-1476991908-1000\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\S-1-5-21-3206007939-3703904605-1476991908-1000\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\S-1-5-21-3206007939-3703904605-1476991908-1000\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\S-1-5-21-3206007939-3703904605-1476991908-1000\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\S-1-5-21-3206007939-3703904605-1476991908-1000\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\S-1-5-21-3206007939-3703904605-1476991908-1000\...\123simsen.com -> www.123simsen.com

Da befinden sich 7849 mehr Seiten.

IE restricted site: HKU\S-1-5-21-3206007939-3703904605-1476991908-1001\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-21-3206007939-3703904605-1476991908-1001\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-3206007939-3703904605-1476991908-1001\...\008k.com -> www.008k.com
IE restricted site: HKU\S-1-5-21-3206007939-3703904605-1476991908-1001\...\00hq.com -> www.00hq.com
IE restricted site: HKU\S-1-5-21-3206007939-3703904605-1476991908-1001\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-21-3206007939-3703904605-1476991908-1001\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-3206007939-3703904605-1476991908-1001\...\0scan.com -> www.0scan.com
IE restricted site: HKU\S-1-5-21-3206007939-3703904605-1476991908-1001\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\S-1-5-21-3206007939-3703904605-1476991908-1001\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-3206007939-3703904605-1476991908-1001\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\S-1-5-21-3206007939-3703904605-1476991908-1001\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\S-1-5-21-3206007939-3703904605-1476991908-1001\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\S-1-5-21-3206007939-3703904605-1476991908-1001\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\S-1-5-21-3206007939-3703904605-1476991908-1001\...\10sek.com -> www.10sek.com
IE restricted site: HKU\S-1-5-21-3206007939-3703904605-1476991908-1001\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\S-1-5-21-3206007939-3703904605-1476991908-1001\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\S-1-5-21-3206007939-3703904605-1476991908-1001\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\S-1-5-21-3206007939-3703904605-1476991908-1001\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\S-1-5-21-3206007939-3703904605-1476991908-1001\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\S-1-5-21-3206007939-3703904605-1476991908-1001\...\123simsen.com -> www.123simsen.com

Da befinden sich 7849 mehr Seiten.


==================== Hosts Inhalt: ==========================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2009-07-14 04:34 - 2016-07-02 22:20 - 00000989 ____A C:\WINDOWS\system32\Drivers\etc\hosts

127.0.0.1       www.softwarenetz.de
127.0.0.1 activation.cloud.techsmith.com
127.0.0.1 support.apowersoft.com
127.0.0.1 apowersoft.com
127.0.0.1 apowersoft.com

==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-3206007939-3703904605-1476991908-1000\Control Panel\Desktop\\Wallpaper -> E:\BILDER\04 10 2014\DSC07553.JPG
HKU\S-1-5-21-3206007939-3703904605-1476991908-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Windows\img0.jpg
HKU\S-1-5-21-3206007939-3703904605-1476991908-1009\Control Panel\Desktop\\Wallpaper -> 
DNS Servers: 217.16.112.21 - 112.15.112.22
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist deaktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

MSCONFIG\Services: MpsSvc => 2
MSCONFIG\startupreg: Acrobat Assistant 8.0 => 
MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
MSCONFIG\startupreg: iTunesHelper => 
MSCONFIG\startupreg: Wondershare Helper Compact.exe => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [MSMQ-In-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-In-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [WCF-NetTcpActivator-In-TCP-64bit] => (Allow) LPort=808
FirewallRules: [{DF0961B8-5FFB-4D8C-835E-F20DB52AB2C1}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe
FirewallRules: [{344FE62C-F5C3-4B1D-A080-646EF62D4961}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{EC2346D7-7D91-48BB-B8D9-2BE23D5C5C27}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{4373B100-02EB-40FB-A42B-582C9828E782}] => (Allow) C:\Program Files\BackupClient\BackupAndRecovery\mms.exe
FirewallRules: [{FD87C8A6-E919-44E4-BDED-2B0BCF7BE7C9}] => (Allow) C:\Program Files\BackupClient\BackupAndRecovery\mms.exe
FirewallRules: [{6DE1297D-7458-40AB-B5D1-94BD6D5C21EC}] => (Allow) C:\Program Files\BackupClient\BackupAndRecovery\mms.exe
FirewallRules: [{F157F8F4-7763-4649-9D77-802D14B03553}] => (Allow) C:\Program Files\BackupClient\BackupAndRecovery\mms.exe
FirewallRules: [{98CBFA30-3BE5-482D-9D40-395AA38557A2}] => (Allow) C:\Program Files\BackupClient\BackupAndRecovery\mms.exe
FirewallRules: [{C54713A1-7F5A-47BE-B88F-56DBEB0BB8FD}] => (Allow) C:\Program Files\BackupClient\BackupAndRecovery\mms.exe
FirewallRules: [{C219B68D-107D-4ED6-A8F4-62078C9FA3E7}] => (Allow) C:\Program Files (x86)\Common Files\Acronis\Agent\agent.exe
FirewallRules: [{89EF4EAF-AD22-472B-B596-8FB3A09DA617}] => (Allow) C:\Program Files (x86)\Common Files\Acronis\Agent\agent.exe
FirewallRules: [{2906CA5B-2EB8-45C6-8FB5-78E73F1E78F2}] => (Allow) C:\Program Files (x86)\Common Files\Acronis\Agent\agent.exe
FirewallRules: [{AAFFDD27-18DD-4C62-BF40-B6375A5A0E87}] => (Allow) C:\Program Files (x86)\Common Files\Acronis\Agent\agent.exe
FirewallRules: [{6B920B10-4172-4CD7-8C5B-1B19B5728707}] => (Allow) C:\Program Files (x86)\Common Files\Acronis\Agent\agent.exe
FirewallRules: [{3917D885-7A3D-4250-9F22-6F79AE07311F}] => (Allow) C:\Program Files (x86)\Common Files\Acronis\Agent\agent.exe
FirewallRules: [{7C33CAB8-81EA-4FF7-93D5-FFCF6A7DECF1}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{F5799F4D-8C3A-4886-8037-4B7C4A96047E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{993254D7-D46E-4F0C-90DC-5553B1C4D7CB}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{F5327A53-6AE4-4444-B641-E28871D00E35}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{75616997-624E-453D-88C1-9DB4C2DEF35E}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{AB873D58-FC63-4C82-BB8A-71E1A351D3FF}] => (Allow) C:\Users\Gerhard\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{CD7B6402-9108-41E1-B1F7-CD3E4B6D37F3}] => (Allow) C:\Users\Gerhard\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{F34D2806-7817-4FA7-942E-CD97F97D78D3}] => (Allow) C:\Users\Gerhard\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{30E17762-A5DD-4D7C-A9DF-A7ED68A37F56}] => (Allow) C:\Users\Gerhard\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{9FC98E83-922A-4CED-88DD-534B9669CC07}] => (Allow) LPort=31931
FirewallRules: [{270E5188-42D0-4796-9DDE-DC99A8FAB9D8}] => (Allow) LPort=14714
FirewallRules: [{0DFDE7C3-EF83-4750-BC6B-C8236871A478}] => (Allow) LPort=12972
FirewallRules: [{8B8570CF-B9A2-4912-91C7-96EA544AB508}] => (Allow) C:\Program Files (x86)\Audials\Audials 12\Audials.exe
FirewallRules: [{10D1FFDD-5D80-4C9B-88A8-755F66733D56}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{891E2C80-7443-45FF-A22E-C5A9EED44116}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{F44FA888-5BE1-40BF-BDEE-D5CD48065F62}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{E86A1B46-7192-466E-8E8B-26D48EB5B786}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{6F04EB14-97A7-48A4-B759-902C493B4001}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{501D221F-1194-4D82-844C-C5C9C732E926}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Wiederherstellungspunkte =========================

17-06-2016 14:37:59 Windows Update
19-06-2016 12:32:12 Removed SpiderOak x64
23-06-2016 12:31:15 Windows Update
29-06-2016 13:35:40 Removed AliG SIF
30-06-2016 23:52:55 Snagit 12
02-07-2016 17:49:21 Revo Uninstaller's restore point - Video Performer

==================== Fehlerhafte Geräte im Gerätemanager =============


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (07/03/2016 04:05:33 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_8c15ae12515e1c22.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.10586.0_none_d3c2e4e965da4528.manifest.

Error: (07/03/2016 03:57:46 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Admin-PC)
Description: Bei der Aktivierung der App „Microsoft.Windows.Photos_8wekyb3d8bbwe!App“ ist folgender Fehler aufgetreten: -2147023170. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (07/03/2016 03:57:46 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: LogonUI.exe, Version: 10.0.10586.0, Zeitstempel: 0x5632d88c
Name des fehlerhaften Moduls: Windows.UI.Xaml.dll, Version: 10.0.10586.306, Zeitstempel: 0x571af9f6
Ausnahmecode: 0xc000027b
Fehleroffset: 0x0000000000517ad4
ID des fehlerhaften Prozesses: 0x2e34
Startzeit der fehlerhaften Anwendung: 0xLogonUI.exe0
Pfad der fehlerhaften Anwendung: LogonUI.exe1
Pfad des fehlerhaften Moduls: LogonUI.exe2
Berichtskennung: LogonUI.exe3
Vollständiger Name des fehlerhaften Pakets: LogonUI.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: LogonUI.exe5

Error: (07/03/2016 02:24:59 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1125

Error: (07/03/2016 02:24:59 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1125

Error: (07/03/2016 02:24:59 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (07/03/2016 02:09:21 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 2688

Error: (07/03/2016 02:09:21 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 2688

Error: (07/03/2016 02:09:21 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (07/03/2016 02:09:20 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1282


Systemfehler:
=============
Error: (07/03/2016 04:08:13 PM) (Source: DCOM) (EventID: 10016) (User: Admin-PC)
Description: AnwendungsspezifischLokalAktivierung{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}Admin-PCGerhardS-1-5-21-3206007939-3703904605-1476991908-1001LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (07/03/2016 02:24:24 PM) (Source: DCOM) (EventID: 10016) (User: Admin-PC)
Description: ComputerstandardLokalAktivierung{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}Admin-PCGerhardS-1-5-21-3206007939-3703904605-1476991908-1001LocalHost (unter Verwendung von LRPC)Microsoft.Windows.Cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewyS-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742

Error: (07/03/2016 02:24:24 PM) (Source: DCOM) (EventID: 10016) (User: Admin-PC)
Description: ComputerstandardLokalAktivierung{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}Admin-PCGerhardS-1-5-21-3206007939-3703904605-1476991908-1001LocalHost (unter Verwendung von LRPC)Microsoft.Windows.Cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewyS-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742

Error: (07/03/2016 02:17:40 PM) (Source: ACPI) (EventID: 10) (User: )
Description: ACPI: ACPI-BIOS versucht, in einen ungültigen PCI-Operationsbereich (0x4) zu schreiben. Wenden Sie sich an den Systemhersteller, um technische Unterstützung zu erhalten.

Error: (07/03/2016 02:17:40 PM) (Source: ACPI) (EventID: 10) (User: )
Description: ACPI: ACPI-BIOS versucht, in einen ungültigen PCI-Operationsbereich (0x4) zu schreiben. Wenden Sie sich an den Systemhersteller, um technische Unterstützung zu erhalten.

Error: (07/03/2016 02:06:51 PM) (Source: ACPI) (EventID: 10) (User: )
Description: ACPI: ACPI-BIOS versucht, in einen ungültigen PCI-Operationsbereich (0x4) zu schreiben. Wenden Sie sich an den Systemhersteller, um technische Unterstützung zu erhalten.

Error: (07/03/2016 02:06:51 PM) (Source: ACPI) (EventID: 10) (User: )
Description: ACPI: ACPI-BIOS versucht, in einen ungültigen PCI-Operationsbereich (0x4) zu schreiben. Wenden Sie sich an den Systemhersteller, um technische Unterstützung zu erhalten.

Error: (07/03/2016 09:56:06 AM) (Source: DCOM) (EventID: 10016) (User: Admin-PC)
Description: ComputerstandardLokalAktivierung{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}Admin-PCGerhardS-1-5-21-3206007939-3703904605-1476991908-1001LocalHost (unter Verwendung von LRPC)Microsoft.Windows.Cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewyS-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742

Error: (07/03/2016 09:56:06 AM) (Source: DCOM) (EventID: 10016) (User: Admin-PC)
Description: ComputerstandardLokalAktivierung{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}Admin-PCGerhardS-1-5-21-3206007939-3703904605-1476991908-1001LocalHost (unter Verwendung von LRPC)Microsoft.Windows.Cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewyS-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742

Error: (07/03/2016 09:55:57 AM) (Source: ACPI) (EventID: 10) (User: )
Description: ACPI: ACPI-BIOS versucht, in einen ungültigen PCI-Operationsbereich (0x4) zu schreiben. Wenden Sie sich an den Systemhersteller, um technische Unterstützung zu erhalten.


CodeIntegrity:
===================================
  Date: 2016-07-03 16:04:01.751
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files\Emsisoft Internet Security\a2hooks64.dll that did not meet the Windows signing level requirements.

  Date: 2016-07-03 16:00:51.029
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Emsisoft Internet Security\a2hooks64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-07-03 15:58:11.244
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Program Files\Emsisoft Internet Security\a2hooks64.dll that did not meet the Microsoft signing level requirements.

  Date: 2016-07-03 14:08:35.298
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files\Emsisoft Internet Security\a2hooks64.dll that did not meet the Windows signing level requirements.

  Date: 2016-07-03 14:07:28.012
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Emsisoft Internet Security\a2hooks64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-07-03 09:48:10.567
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Emsisoft Internet Security\a2hooks64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-07-03 09:44:20.110
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Emsisoft Internet Security\a2hooks64.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-07-03 09:41:43.556
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume2\Program Files\Emsisoft Internet Security\a2hooks64.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-07-03 09:41:43.410
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Emsisoft Internet Security\a2hooks64.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-07-03 09:40:42.807
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.


==================== Speicherinformationen =========================== 

Prozessor: Intel(R) Core(TM) i5-2430M CPU @ 2.40GHz
Prozentuale Nutzung des RAM: 54%
Installierter physikalischer RAM: 8169.16 MB
Verfügbarer physikalischer RAM: 3702.07 MB
Summe virtueller Speicher: 8945.16 MB
Verfügbarer virtueller Speicher: 3413.62 MB

==================== Laufwerke ================================

Drive c: () (Fixed) (Total:129.28 GB) (Free:48.23 GB) NTFS ==>[Laufwerk mit Startkomponenten (eingeholt von BCD)]
Drive d: () (Fixed) (Total:349.3 GB) (Free:92.6 GB) NTFS
Drive e: () (Fixed) (Total:349.33 GB) (Free:34.26 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 149.1 GB) (Disk ID: AA9693FE)
Partition 1: (Not Active) - (Size=19.3 GB) - (Type=1C)
Partition 2: (Active) - (Size=129.3 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=503 MB) - (Type=27)

========================================================
Disk: 1 (Size: 698.6 GB) (Disk ID: BBC58B91)
Partition 1: (Not Active) - (Size=349.3 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=349.3 GB) - (Type=07 NTFS)

==================== Ende von Addition.txt ============================
         
Danke für die Mühe und die Sonntagsarbeit!!!

PS: Scheint als hätte ich in ein Trojanernest gestochen

PPS: Die Online Banking Seite wird jetzt wieder korrekt angezeigt, ich hab jedoch noch kein Login versucht (mich getraut), solange da noch jede Menge Trojaner auf dem Laptop sind. Andere Probleme kann ich nicht feststellen.

Geändert von pinocchio (03.07.2016 um 16:30 Uhr)

Alt 03.07.2016, 17:04   #15
deeprybka
/// TB-Ausbilder
/// Anleitungs-Guru
 
Banking Trojaner auf Smartphone, Online Konto gehackt, Login mit Laptop nicht möglich - Standard

Banking Trojaner auf Smartphone, Online Konto gehackt, Login mit Laptop nicht möglich



Was ist denn das Zeug? Hast Du das angelegt?

D:\Websiten\Webseiten\Eiler\schaedliche Dateien

Wenn nicht benötigt, einfach löschen...
__________________
Gruß
deeprybka

Lob, Kritik, Wünsche?

Spende fürs trojaner-board?
_______________________________________________
„Neminem laede, immo omnes, quantum potes, iuva.“ Arthur Schopenhauer

Antwort

Themen zu Banking Trojaner auf Smartphone, Online Konto gehackt, Login mit Laptop nicht möglich
adobe, ashampoo uninstaller, banking trojaner, computer, defender, desktop, explorer, fehlermeldung, firefox, geld, google, home, homepage, mozilla, npdicihegicnhaangkdmcgbjceoemeoo, pixel, prozesse, realtek, registry, rundll, scan, software, system, trojaner, trojaner board, usb, windows



Ähnliche Themen: Banking Trojaner auf Smartphone, Online Konto gehackt, Login mit Laptop nicht möglich


  1. Online Banking Manipuliert - Fehlüberweisung vorgegaukelt - Online Banking gesperrt bis Rücküberweisung
    Plagegeister aller Art und deren Bekämpfung - 14.03.2016 (26)
  2. Windows 7: Online-Konto gehackt- Verdacht Trojaner oder Spyware
    Log-Analyse und Auswertung - 24.12.2015 (7)
  3. Windows 8.1: Online-Banking-Trojaner (BAWAG) entfernt, noch immer falsche Login-Seite
    Plagegeister aller Art und deren Bekämpfung - 15.11.2015 (24)
  4. Online Banking vermutlich Phishing vor Login
    Plagegeister aller Art und deren Bekämpfung - 18.05.2015 (38)
  5. Merkwürdige TAN-Abfrage nach Login bei Online-Banking
    Plagegeister aller Art und deren Bekämpfung - 19.05.2013 (27)
  6. Online Banking Zugriff durch Trojaner - Laptop neu aufsetzen?
    Plagegeister aller Art und deren Bekämpfung - 02.04.2013 (4)
  7. Online-Banking Trojaner bekomme ich nicht weg
    Plagegeister aller Art und deren Bekämpfung - 10.11.2012 (12)
  8. Kreditkartenabfrage nach Online-Banking-Login - Trojan.BTSoft.Gen ?
    Plagegeister aller Art und deren Bekämpfung - 12.07.2012 (3)
  9. PIN angeblich falsch mit TAN bestätigen - Login online Banking comdirect
    Log-Analyse und Auswertung - 28.04.2012 (15)
  10. Online-Banking wurde Gehackt, Trojaner?
    Plagegeister aller Art und deren Bekämpfung - 30.10.2011 (19)
  11. Wurde ich infected ? Seit heute früh ist mein Online-Banking Konto gesperrt !
    Log-Analyse und Auswertung - 20.07.2011 (1)
  12. Online Banking nicht möglich. Seite verlangt 20 TAN
    Plagegeister aller Art und deren Bekämpfung - 31.01.2011 (3)
  13. Online-Banking gehackt ? Benachrichtigung von der Bank
    Plagegeister aller Art und deren Bekämpfung - 29.01.2011 (6)
  14. Online-Banking (Sparkasse) verlangt nach Login Eingabe von mehreren TAN
    Plagegeister aller Art und deren Bekämpfung - 22.10.2010 (1)
  15. Trojaner (Online-Banking) im Hotelnetzwerk möglich
    Plagegeister aller Art und deren Bekämpfung - 06.07.2010 (4)
  16. Login auf trojaner-board.com nicht möglich?
    Lob, Kritik und Wünsche - 03.02.2007 (1)
  17. Online Banking gehackt durch Trojaner !!!!!!!!
    Plagegeister aller Art und deren Bekämpfung - 24.01.2006 (9)

Zum Thema Banking Trojaner auf Smartphone, Online Konto gehackt, Login mit Laptop nicht möglich - Hallo liebes Trojaner Board Team, vor ca. 2 Wochen wurde mein Online-Banking Konto gehackt und eine größere Menge Geld an ein fremdes Konto überwiesen. (Strafanzeige läuft, Polizei ist ebenfalls am - Banking Trojaner auf Smartphone, Online Konto gehackt, Login mit Laptop nicht möglich...
Archiv
Du betrachtest: Banking Trojaner auf Smartphone, Online Konto gehackt, Login mit Laptop nicht möglich auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.