Zurück   Trojaner-Board > Malware entfernen > Log-Analyse und Auswertung

Log-Analyse und Auswertung: Löschung von McAfee resten

Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.

Antwort
Alt 20.03.2017, 20:02   #1
bütti
 
Löschung von McAfee resten - Standard

Löschung von McAfee resten



Mit der Bitte und Hilfe beim Löschen von McAfee Resten hat mich Purzelbär hierher verwiesen.

hxxp://www.trojaner-board.de/184845-kontrolle-deinstallation-mcafee-windows-10-a.html

Alt 20.03.2017, 21:10   #2
M-K-D-B
/// TB-Ausbilder
 
Löschung von McAfee resten - Standard

Löschung von McAfee resten









Mein Name ist Matthias und ich werde dir bei der Bereinigung deines Computers helfen.



Um die Bereinigung möchlichst effektiv und schnell gestalten zu können, bitte ich um Beachtung der folgenden Hinweise:
  1. Falls wir Hinweise auf illegal erworbene Software finden, werden wir den Support unterbrechen bis jegliche Art von illegaler Software vom Rechner entfernt wurde.
  2. Lies dir meine Anleitungen immer sorgfältig durch, arbeite alle Schritte in der vorgegebenen Reihefolge nacheinander ab und poste immer alle Logdateien (auch wenn nichts gefunden wurde). Solltest du Probleme haben, stoppe mit deiner Bearbeitung und beschreibe mir dein Problem so gut es geht.
  3. Solltest du mir nicht innerhalb von 3 Tagen antworten, gehe ich davon aus, dass du keine Hilfe mehr benötigst. Dann lösche ich dein Thema aus meinem Abo. Solltest du einmal länger abwesend sein, so gib mir bitte Bescheid!
  4. Während der Bereinigung bitte nichts installieren oder deinstallieren, außer ich bitte dich darum!
    Außerdem bitte ich dich, nicht eigenmächtig irgendwelche Sicherheitsprogramme auszuführen und damit deinen Rechner zu überprüfen/bereinigen, da ich so leicht den Überblick verlieren kann.
    Außerdem hättest du dir das Eröffnen eines Themas in diesem Fall auch gleich sparen können, wenn du dann doch wieder alleine rumhantierst.

  5. Bitte beachten: Download bei filepony.de: So ladet Ihr unsere Tools richtig!
  6. Alle zu verwendenen Programme sind auf dem Desktop ( C:\users\dein Benutzername\Desktop\ ) abzuspeichern und von dort als Administrator zu starten!
  7. Einige Programme, die wir hier verwenden, können unter Umständen von deinem Antiviren- oder Anti-Malwareprogramm fälschlicherweise als Bedrohung eingestuft werden. Die Sicherheitsprogramme können aufgrund eines bestimmten Programmverhaltens nicht zwischen "gut" oder "böse" unterscheiden und schlagen Alarm. Dabei handelt es sich um Fehlalarme, welche du getrost ignorieren kannst. Gegebenenfalls musst du deine Sicherheitssoftware vor der Ausführung eines Programms deaktivieren, damit unsere Bereinigungsvorgänge nicht beeinträchtigt werden.
  8. Sollten die Logdateien einmal die zulässige Länge (~ 120.000 Zeichen) überschreiten, so teile die Logdateien auf mehrere Posts auf.
    Zur Not kannst du die Logdateien dann auch zippen (in ein .zip Archiv packen) und als Anhang hochladen.

  9. Bitte arbeite so lange mit mir zusammen, bis ich dir sage, dass wir fertig sind und dein Rechner "sauber" ist. Das vorzeitige Verschwinden von Symptomen heißt nicht automatisch, dass dein Rechner bereits vollständig sauber ist.
  10. In der Regel antworte ich dir innerhalb von 24 Stunden, oft sogar wesentlich schneller.
    Jedoch habe auch ich einen normalen Beruf und Familie. Ich bin daher nicht jeden Tag stundenlag hier im Forum unterwegs. Es kann unter Umständen bis zu 2 Tage dauern, bis du eine Antwort von mir erhältst. Sollte diese Zeit überschritten sein, so kannst du mir gerne eine PM als Erinnerung schicken.





Bitte arbeite alle Schritte in der vorgegebenen Reihefolge nacheinander ab und poste alle Logdateien in CODE-Tags:
So funktioniert es:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert deinem Helfer massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu groß für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
  • Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
  • Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
  • Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
  • Klicke aauf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.

Danke für deine Mitarbeit!






Du hast McAfee bereits über die Systemsteuerung deinstalliert und das McAfee Removal Tool ausgeführt?





Schritt 1
Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)







Schritt 2
Lade dir die passende Version von SystemLook vom folgenden Spiegel herunter und speichere das Tool auf dem Desktop:
SystemLook (32 bit) | SystemLook (64 bit)
  • Doppelklicke auf die SystemLook.exe, um das Tool zu starten.
  • Kopiere den Inhalt der folgenden Codebox in das Textfeld des Tools:

    Code:
    ATTFilter
    :filefind
    *McAfee*
    
    :folderfind
    *McAfee*
    
    :regfind
    McAfee
             
  • Klicke nun auf den Button Look, um den Scan zu starten.
  • Der Suchlauf kann einige Zeit dauern.
  • Wenn der Suchlauf beendet ist, wird sich dein Editor mit den Ergebnissen öffnen, poste diese in deinen Thread.
  • Die Ergebnisse werden auch auf dem Desktop als SystemLook.txt gespeichert.








Bitte poste mit deiner nächsten Antwort
  • die beiden neuen Logdateien von FRST,
  • die Logdatei von SystemLook.
__________________

__________________

Geändert von M-K-D-B (20.03.2017 um 21:38 Uhr)

Alt 21.03.2017, 12:29   #3
bütti
 
Löschung von McAfee resten - Standard

Löschung von McAfee resten



Hallo Matthias schön das du mir hilfst, für mich ist das alles Neuland.
Ich muss die Logs in mehere Beiträge aufteilen.
Hier die 1.Datei:
Code:
ATTFilter
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x86) Version: 15-03-2017
durchgeführt von Klaus (21-03-2017 11:35:54)
Gestartet von C:\Users\Klaus\Desktop
Microsoft Windows 10 Home Version 1607 (X86) (2016-10-14 10:17:07)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-1016556084-3091970497-507946437-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1016556084-3091970497-507946437-503 - Limited - Disabled)
Gast (S-1-5-21-1016556084-3091970497-507946437-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1016556084-3091970497-507946437-1002 - Limited - Enabled)
Klaus (S-1-5-21-1016556084-3091970497-507946437-1001 - Administrator - Enabled) => C:\Users\Klaus

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

[verify-U] AVS 2.1.9 (HKLM\...\[verify-U] AVS) (Version: 2.1.9 - :cybits: GmbH)
2007 Microsoft Office system (HKLM\...\PROHYBRIDR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Adobe Acrobat Reader DC - Deutsch (HKLM\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.023.20070 - Adobe Systems Incorporated)
Adobe Flash Player 24 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 24.0.0.194 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.0 (HKLM\...\Adobe Shockwave Player) (Version: 12.0.0.112 - Adobe Systems, Inc.)
Alice Greenfingers (HKLM\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-112920767}) (Version:  - Oberon Media)
ANT Drivers Installer x86 (Version: 2.3.4 - Garmin Ltd or its subsidiaries) Hidden
Apple Application Support (HKLM\...\{A922C4B7-50E0-4787-A94C-59DBF3C65DBE}) (Version: 3.0 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{0592EF96-69D8-4E4B-9CC9-88F58EA86F01}) (Version: 7.0.0.117 - Apple Inc.)
Apple Software Update (HKLM\...\{C6579A65-9CAE-4B31-8B6B-3306E0630A66}) (Version: 2.1.3.127 - Apple Inc.)
Atheros Client Installation Program (HKLM\...\{D1434266-0486-4469-B338-A60082CC04E1}) (Version: 1.0.1.0805 - Atheros)
ATI Catalyst Install Manager (HKLM\...\{6848704E-C8D4-4F4F-9181-5926D4A11E98}) (Version: 3.0.741.0 - ATI Technologies, Inc.)
AVS Update Manager 1.0 (HKLM\...\AVS Update Manager_is1) (Version:  - Online Media Technologies Ltd.)
AVS Video Editor 6 (HKLM\...\AVS Video Editor_is1) (Version: 6.3.2.234 - Online Media Technologies Ltd.)
AVS YouTube Uploader version 2.1 (HKLM\...\AVS YouTube Uploader 2.1_is1) (Version:  - Online Media Technologies Ltd.)
AVS4YOU Software Navigator 1.3 (HKLM\...\AVS4YOU Software Navigator_is1) (Version:  - Online Media Technologies Ltd.)
B1315AppGuid (Version: 1.0.0 - DATEV eG) Hidden
BatteryLifeExtender (HKLM\...\{AA16A9E5-40E9-44F5-801E-6B3D3CFE79E5}) (Version: 1.0.0 - Samsung)
Bonjour (HKLM\...\{79155F2B-9895-49D7-8612-D92580E0DE5B}) (Version: 3.0.0.10 - Apple Inc.)
Brother MFL-Pro Suite MFC-5490CN (HKLM\...\{48D082B9-18F6-4426-AFAC-8B6A3E7021B1}) (Version: 1.0.1.0 - Brother Industries, Ltd.)
ccc-core-static (Version: 2009.0901.2227.38495 - ATI) Hidden
ChargeableUSB (HKLM\...\{92D50865-FC60-4EA8-BA7A-5581B0D13EFB}) (Version: 1.0.0.0 - SAMSUNG)
chip 1-click download service (HKLM\...\{503CA94E-0834-4CEE-AD92-BA17AF4E809A}) (Version: 3.6.9.0 - Chip Digital GmbH)
Corel Snapfire (HKLM\...\{0EE4030A-8FD4-4798-A21D-17E525B1F7CF}) (Version: 1.20.0000 - Corel Corporation)
CyberLink DVD Suite (HKLM\...\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 6.0.2806 - CyberLink Corp.)
CyberLink LabelPrint (HKLM\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.1916 - CyberLink Corp.)
CyberLink Power2Go (HKLM\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.0.3108a - CyberLink Corp.)
CyberLink PowerDirector (HKLM\...\InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 7.0.3213 - CyberLink Corp.)
CyberLink PowerDVD 8 (HKLM\...\InstallShield_{2BF2E31F-B8BB-40A7-B650-98D28E0F7D47}) (Version: 8.0.2815b - CyberLink Corp.)
CyberLink PowerProducer (HKLM\...\InstallShield_{B7A0CE06-068E-11D6-97FD-0050BACBF861}) (Version: 5.0.1.1812 - CyberLink Corp.)
CyberLink YouCam (HKLM\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 2.0.2907 - CyberLink Corp.)
Dairy Dash (HKLM\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-115053100}) (Version:  - Oberon Media)
DATEV Installation V.2.73 (HKLM\...\DATEVB00000482.0) (Version:  - )
Dropbox (HKU\S-1-5-21-1016556084-3091970497-507946437-1001\...\Dropbox) (Version: 21.4.25 - Dropbox, Inc.)
Easy Display Manager (HKLM\...\{17283B95-21A8-4996-97DA-547A48DB266F}) (Version: 3.0 - Samsung Electronics Co., Ltd.)
Easy Network Manager (HKLM\...\{B660E0D0-A8CB-45A7-96FB-93E8C915A0B2}) (Version: 4.2.4 - Samsung)
Easy SpeedUp Manager (HKLM\...\{EF367AA4-070B-493C-9575-85BE59D789C9}) (Version: 3.0.0.4 - Samsung Electronics Co.,Ltd.)
EasyBatteryManager (HKLM\...\{178EE5F4-0F86-4BF0-A0D1-9790AFF409D1}) (Version: 4.0.0.2 - Samsung)
Elevated Installer (Version: 5.1.1.0 - Garmin Ltd or its subsidiaries) Hidden
Elf Bowling Hawaiian Vacation (HKLM\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-115246907}) (Version:  - Oberon Media)
Farm Frenzy 2 (HKLM\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11531173}) (Version:  - Oberon Media)
Firebird SQL Server - MAGIX Edition (HKLM\...\{34EB6245-C8D0-4D8A-B8D8-EEBFF7A91485}) (Version: 2.1.27.0 - MAGIX AG)
Foxit Reader 5.1 (HKLM\...\Foxit Reader_is1) (Version: 5.1.4.104 - Foxit Corporation)
Free Mp3 Wma Converter V 1.9 (HKLM\...\Free Mp3 Wma Converter_is1) (Version: 1.9.0.0 - Koyote Soft)
Game Pack (HKLM\...\{63eafc52-b963-4297-a7eb-d412944e7065}_is1) (Version: 5.3.0.10 - Oberon Media, Inc.)
Garmin Express (HKLM\...\{9fbf4745-0038-4ed3-aee1-87af9b9ef8f1}) (Version: 5.1.1.0 - Garmin Ltd or its subsidiaries)
Garmin Express (Version: 5.1.1.0 - Garmin Ltd or its subsidiaries) Hidden
Garmin Express Tray (Version: 5.1.1.0 - Garmin Ltd or its subsidiaries) Hidden
Garmin Training Center (HKLM\...\{078C3718-6621-4FC8-B03A-502FFF83F600}) (Version: 3.5.3 - Garmin Ltd or its subsidiaries)
Garmin USB Drivers (HKLM\...\{65F9E1F3-A2C1-4AA9-9F33-A3AEB0255F0E}) (Version: 2.3.0.0 - Garmin Ltd or its subsidiaries)
Google Chrome (HKLM\...\Google Chrome) (Version: 33.0.1750.154 - Google Inc.)
Google Earth (HKLM\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Toolbar for Internet Explorer (HKLM\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version:  - Google Inc.)
Google Toolbar for Internet Explorer (Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (Version: 1.3.23.9 - Google Inc.) Hidden
Google Update Helper (Version: 1.3.26.9 - Google Inc.) Hidden
Google+ Auto Backup (HKLM\...\{A50DE037-B5C0-4C8A-8049-B0C576B313D1}) (Version: 1.0.21.81 - Google)
Intel® Matrix Storage Manager (HKLM\...\{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}) (Version:  - Intel Corporation)
IrfanView (remove only) (HKLM\...\IrfanView) (Version: 4.28 - Irfan Skiljan)
iTunes (HKLM\...\{C197BC08-3D82-4651-8886-E68C21578A38}) (Version: 11.1.3.8 - Apple Inc.)
Java 8 Update 73 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83218073F0}) (Version: 8.0.730.2 - Oracle Corporation)
Junk Mail filter update (Version: 14.0.8089.726 - Microsoft Corporation) Hidden
LogMeIn (HKLM\...\{34F93E31-E1A0-421C-8E86-BCF7C4193A91}) (Version: 4.0.982 - LogMeIn, Inc.)
LSI HDA Modem (HKLM\...\LSI Soft Modem) (Version: 2.2.97 - LSI Corporation)
MAGIX Filme auf DVD 9 Download-Version 9.0.0.12 (D) (HKLM\...\MAGIX Filme auf DVD 9 Download-Version D) (Version: 9.0.0.12 - MAGIX AG)
MAGIX Screenshare (HKLM\...\MAGIX Screenshare D) (Version: 4.3.6.1987 - MAGIX AG)
Marvell Miniport Driver (HKLM\...\Marvell Miniport Driver) (Version: 10.70.3.3 - Marvell)
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.8.141.11 - McAfee, Inc.)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office Enterprise 2007 (HKLM\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Live Add-in 1.5 (HKLM\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office Outlook Connector (HKLM\...\{95120000-0122-0407-0000-0000000FF1CE}) (Version: 12.0.6423.1000 - Microsoft Corporation)
Microsoft Office Professional Edition 2003 (HKLM\...\{90110407-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft Office Small Business Connectivity Components (HKLM\...\{A939D341-5A04-4E0A-BB55-3E65B386432D}) (Version: 2.0.7024.0 - Microsoft Corporation)
Microsoft Office Suite Activation Assistant (HKLM\...\{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}) (Version: 2.9 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1016556084-3091970497-507946437-1001\...\OneDriveSetup.exe) (Version: 17.3.6798.0207 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50905.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server Native Client (HKLM\...\{F46E21DF-5BE1-48E2-8390-5EEA8B25E36A}) (Version: 9.00.5000.00 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM\...\{4fcf070a-daac-45e9-a8b0-6850941f7ed8}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24212 (HKLM\...\{462f63a8-6347-4894-a1b3-dbfe3a4c981d}) (Version: 14.0.24212.0 - Microsoft Corporation)
Mozilla Firefox 52.0.1 (x86 de) (HKLM\...\Mozilla Firefox 52.0.1 (x86 de)) (Version: 52.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 52.0.1.6284 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
Namuga 1.3M Webcam (HKLM\...\{71A51B59-E7D3-11DB-A386-005056C00008}) (Version: 1.00.0000 - Vimicro Corporation)
PaperPort Image Printer (HKLM\...\{2BC2781A-F7F6-452E-95EB-018A522F1B2C}) (Version: 1.00.0000 - Nuance Communications, Inc.)
PC Speed Repair (HKLM\...\{75EF0384-FE3A-470D-B2C9-F6CAA6387ED6}) (Version: 2.4.7 - ShieldApps)
PDF24 Creator 7.9.0 (HKLM\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version:  - PDF24.org)
Picasa 3 (HKLM\...\Picasa 3) (Version: 3.9 - Google, Inc.)
PMB (HKLM\...\{B6A98E5F-D6A7-46FB-9E9D-1F7BF443491C}) (Version: 5.2.00.03250 - Sony Corporation)
QuickTime (HKLM\...\{B67BAFBA-4C9F-48FA-9496-933E3B255044}) (Version: 7.74.80.86 - Apple Inc.)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7535 - Realtek Semiconductor Corp.)
REALTEK Wireless LAN Software (HKLM\...\{F2BC3383-F000-410C-A038-3846ADBE8D90}) (Version: 1.01.0088 - REALTEK Semiconductor Corp.)
Samsung Recovery Solution 4 (HKLM\...\{145DE957-0679-4A2A-BB5C-1D3E9808FAB2}) (Version: 4.0.0.6 - Samsung)
Samsung Support Center (HKLM\...\{4D2121FE-5CCC-4D47-B3A0-BF56045A5099}) (Version: 1.0.1 - Samsung)
Samsung Update Plus (HKLM\...\{D3F2FAA5-FEC4-42AA-9ABA-1F763919A2B5}) (Version: 2.0 - Samsung Electronics Co., Ltd.)
ScanSoft PaperPort 11 (HKLM\...\{02570AE0-BEE0-4A6C-BE3F-D806E9F2EA17}) (Version: 11.2.0000 - Nuance Communications, Inc.)
Shared C Run-time for x86 (Version: 10.0.0 - McAfee) Hidden
Skype Click to Call (HKLM\...\{873F8E7C-10E6-449F-BD7E-5FBA7C8E1C9B}) (Version: 8.5.0.9167 - Microsoft Corporation)
Skype™ 7.30 (HKLM\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.30.105 - Skype Technologies S.A.)
Spybot - Search & Destroy (HKLM\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.2.25 - Safer-Networking Ltd.)
SQLXML4 (HKLM\...\{B4FC780C-94E2-41CB-970D-4B61C1905E5E}) (Version: 9.00.4035.00 - Microsoft Corporation)
StarBurn Version 12r10 (Build 0x20091021) (HKLM\...\StarBurn_is1) (Version:  - Rocket Division Software) <==== ACHTUNG
swMSM (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 13.2.4.12 - Synaptics Incorporated)
t@x 2014 (HKU\S-1-5-21-1016556084-3091970497-507946437-1001\...\{2547CF96-DBB7-4EDD-9327-0EFDD0D1FA8A}) (Version: 21.00.8480 - Buhl Data Service GmbH)
tax 2015 (HKLM\...\{4CF96070-DEE5-43B5-B6A7-23AC07BC0C77}) (Version: 22.00.8811 - Buhl Data Service GmbH)
tax 2016 (HKLM\...\{30E85B0C-57D8-4ECE-814B-264550A92FAB}) (Version: 23.00.1146 - Buhl Data Service GmbH)
tax 2017 (HKLM\...\{B0AB97B4-F1E7-4CD6-A93B-1ADC1A4E19E8}) (Version: 24.00.1375 - Buhl Data Service GmbH)
TeamViewer 10 (HKLM\...\TeamViewer) (Version: 10.0.47484 - TeamViewer)
Try Corel Snapfire muvee autoProducer add on (Version: 1.00.0000 - Ihr Firmenname) Hidden
Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM\...\{90120000-0016-0407-0000-0000000FF1CE}_ENTERPRISE_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version:  - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM\...\{90120000-0016-0407-0000-0000000FF1CE}_PROHYBRIDR_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version:  - Microsoft)
Update für Microsoft Office Outlook 2007 Help (KB963677) (HKLM\...\{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{F6828576-6F79-470D-AB50-69D1BBADBD30}) (Version:  - Microsoft)
Update für Microsoft Office Outlook 2007 Help (KB963677) (HKLM\...\{90120000-001A-0407-0000-0000000FF1CE}_PROHYBRIDR_{F6828576-6F79-470D-AB50-69D1BBADBD30}) (Version:  - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM\...\{90120000-0018-0407-0000-0000000FF1CE}_ENTERPRISE_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version:  - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM\...\{90120000-0018-0407-0000-0000000FF1CE}_PROHYBRIDR_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version:  - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (HKLM\...\{90120000-001B-0407-0000-0000000FF1CE}_ENTERPRISE_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version:  - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (HKLM\...\{90120000-001B-0407-0000-0000000FF1CE}_PROHYBRIDR_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version:  - Microsoft)
User Guide (HKLM\...\{BAE68339-B0F6-4D33-9554-5A3DB2DFF5DA}) (Version: 1.0 - )
VLC media player 1.0.3 (HKLM\...\VLC media player) (Version: 1.0.3 - VideoLAN Team)
WEB.DE MailCheck für Windows (HKLM\...\1&1 Mail & Media GmbH Toolbar IE8) (Version: 2.6.9.0 - 1&1 Mail & Media GmbH)
WEB.DE Softwareaktualisierung (HKLM\...\1&1 Mail & Media GmbH 1und1Softwareaktualisierung) (Version: 4.0.3.0 - 1&1 Mail & Media GmbH)
Windows Driver Package - Dynastream Innovations (libusb0) LibUsbDevices  (07/07/2009 1.12.2) (HKLM\...\24DA573F901348FFDFF7717497830D45BE0C362E) (Version: 07/07/2009 1.12.2 - Dynastream Innovations)
Windows Driver Package - Garmin (grmnusb) GARMIN Devices  (06/03/2009 2.3.0.0) (HKLM\...\49CF605F02C7954F4E139D18828DE298CD59217C) (Version: 06/03/2009 2.3.0.0 - Garmin)
Windows Live Anmelde-Assistent (HKLM\...\{52B97218-98CB-4B8B-9283-D213C85E1AA4}) (Version: 5.000.818.5 - Microsoft Corporation)
Windows Live Essentials (HKLM\...\WinLiveSuite_Wave3) (Version: 14.0.8089.0726 - Microsoft Corporation)
Windows Live Sync (HKLM\...\{76618402-179D-4699-A66B-D351C59436BC}) (Version: 14.0.8089.726 - Microsoft Corporation)
Windows Live-Uploadtool (HKLM\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation)
Windows-Treiberpaket - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201) (HKLM\...\F9D2A789F9CFF8CEC36B544F53877C80F1F73C46) (Version: 04/11/2012 1.2.40.201 - Dynastream Innovations, Inc.)
Windows-Treiberpaket - Silicon Labs Software (DSI_SiUSBXp_3_1) USB  (02/06/2007 3.1) (HKLM\...\D1506E0025B5A3F9EB8270FE81C1EEDD9388B8A2) (Version: 02/06/2007 3.1 - Silicon Labs Software)
WinRAR (HKLM\...\WinRAR archiver) (Version:  - )

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-1016556084-3091970497-507946437-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Klaus\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1016556084-3091970497-507946437-1001_Classes\CLSID\{039B2CA5-3B41-4D93-AD77-47D3293FC5CB}\InprocServer32 -> C:\Program Files\Skype\Plugin Manager\ezPMUtils.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1016556084-3091970497-507946437-1001_Classes\CLSID\{04EBE69E-2DED-44F6-9854-9A3988F751ED}\InprocServer32 -> C:\Users\Klaus\AppData\Local\Dropbox\Update\1.3.51.1\psuser.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1016556084-3091970497-507946437-1001_Classes\CLSID\{0A368B9B-3566-4730-B40E-EAF6858A53AF}\InprocServer32 -> C:\Users\Klaus\AppData\Local\Dropbox\Update\1.3.27.33\psuser.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1016556084-3091970497-507946437-1001_Classes\CLSID\{2027D000-8CEB-4191-9620-15DD2561855F}\InprocServer32 -> C:\Users\Klaus\AppData\Local\Dropbox\Update\1.3.57.1\psuser.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1016556084-3091970497-507946437-1001_Classes\CLSID\{3059C9E6-9EDC-4C89-933E-C65623F8FD60}\localserver32 -> C:\Users\Klaus\AppData\Local\Dropbox\Update\DropboxUpdate.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1016556084-3091970497-507946437-1001_Classes\CLSID\{42481700-CF3C-4D05-8EC6-F9A1C57E8DC0}\InprocServer32 -> C:\Program Files\Skype\Plugin Manager\ezPMUtils.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1016556084-3091970497-507946437-1001_Classes\CLSID\{449CFB1B-1C07-48EA-9A9A-7A7881C2B49B}\InprocServer32 -> C:\Users\Klaus\AppData\Local\Dropbox\Update\1.3.59.1\psuser.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1016556084-3091970497-507946437-1001_Classes\CLSID\{6d05bf60-3eaf-4a97-87c5-10cce505435b}\localserver32 -> C:\Users\Klaus\AppData\Local\Temp\{9c0ba3c1-2b67-45eb-bf69-bed9658d28d2}\IDriver.NonElevated.exe =>  (Der Dateneintrag hat 11 mehr Zeichen).
CustomCLSID: HKU\S-1-5-21-1016556084-3091970497-507946437-1001_Classes\CLSID\{87DC457B-B35D-48AC-BD42-BDF35EF623CE}\localserver32 -> C:\Users\Klaus\AppData\Local\Dropbox\Update\1.3.59.1\DropboxUpdateOnDemand.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1016556084-3091970497-507946437-1001_Classes\CLSID\{9FAA38ED-5635-44F7-9BE0-8CAFE29B3783}\localserver32 -> C:\Users\Klaus\AppData\Local\Dropbox\Update\1.3.59.1\DropboxUpdateOnDemand.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1016556084-3091970497-507946437-1001_Classes\CLSID\{BB6410D8-F879-4184-9C5C-6A02D16AE0B3}\InprocServer32 -> C:\Program Files\Skype\Plugin Manager\ezPMUtils.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1016556084-3091970497-507946437-1001_Classes\CLSID\{C0DD324D-A74F-4533-84AD-030F76771C77}\localserver32 -> C:\Users\Klaus\AppData\Local\Dropbox\Update\1.3.59.1\DropboxUpdateOnDemand.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1016556084-3091970497-507946437-1001_Classes\CLSID\{C32E3EEC-3C10-426E-95F3-38C7F139FADD}\localserver32 -> C:\Users\Klaus\AppData\Local\Dropbox\Update\1.3.59.1\DropboxUpdateOnDemand.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1016556084-3091970497-507946437-1001_Classes\CLSID\{CA1073A2-5F3F-4445-8E5E-7109BDCEDDBE}\InprocServer32 -> C:\Program Files\Skype\Plugin Manager\ezPMUtils.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1016556084-3091970497-507946437-1001_Classes\CLSID\{D0D38C6E-BF64-4C42-840D-3E0019D9F7A6}\InprocServer32 -> C:\Program Files\Skype\Plugin Manager\ezPMUtils.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1016556084-3091970497-507946437-1001_Classes\CLSID\{D166BD15-03AF-413A-BEFD-0679FF410B49}\InprocServer32 -> C:\Users\Klaus\AppData\Local\Dropbox\Update\1.3.27.29\psuser.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1016556084-3091970497-507946437-1001_Classes\CLSID\{D5A55D2D-C59D-42C3-A5BF-4C08EEE74339}\InprocServer32 -> C:\Program Files\Skype\Plugin Manager\ezPMUtils.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1016556084-3091970497-507946437-1001_Classes\CLSID\{E7A37920-253C-4FF1-B169-298A7CE6CAA9}\localserver32 -> C:\Users\Klaus\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1016556084-3091970497-507946437-1001_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Klaus\AppData\Roaming\Dropbox\bin\DropboxExt.14.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1016556084-3091970497-507946437-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Klaus\AppData\Roaming\Dropbox\bin\DropboxExt.14.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1016556084-3091970497-507946437-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Klaus\AppData\Roaming\Dropbox\bin\DropboxExt.14.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1016556084-3091970497-507946437-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Klaus\AppData\Roaming\Dropbox\bin\DropboxExt.14.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1016556084-3091970497-507946437-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Klaus\AppData\Roaming\Dropbox\bin\DropboxExt.14.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1016556084-3091970497-507946437-1001_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Klaus\AppData\Roaming\Dropbox\bin\DropboxExt.14.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1016556084-3091970497-507946437-1001_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Klaus\AppData\Roaming\Dropbox\bin\DropboxExt.14.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1016556084-3091970497-507946437-1001_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Klaus\AppData\Roaming\Dropbox\bin\DropboxExt.14.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1016556084-3091970497-507946437-1001_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Klaus\AppData\Roaming\Dropbox\bin\DropboxExt.14.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1016556084-3091970497-507946437-1001_Classes\CLSID\{FB314EE1-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Klaus\AppData\Roaming\Dropbox\bin\DropboxExt.14.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1016556084-3091970497-507946437-1001_Classes\CLSID\{FB314EE2-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Klaus\AppData\Roaming\Dropbox\bin\DropboxExt.14.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1016556084-3091970497-507946437-1001_Classes\CLSID\{FBC9D74C-AF55-4309-9FB2-C426E071637F}\InprocServer32 -> C:\Users\Klaus\AppData\Roaming\Dropbox\bin\DropboxExt.14.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1016556084-3091970497-507946437-1001_Classes\CLSID\{FE819BE5-BADF-4370-9913-6FB84ABA6FB1}\InprocServer32 -> C:\Users\Klaus\AppData\Local\Dropbox\Update\1.3.59.1\psuser.dll (Dropbox, Inc.)

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {0795DF25-C56A-4D8B-BA63-A2C599FCE5A8} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => %SystemRoot%\ehome\ehPrivJob.exe 
Task: {097873EF-C53A-4071-9A79-F3D901D0E1D2} - System32\Tasks\OneDrive Standalone Update Task => C:\Users\Klaus\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\OneDriveStandaloneUpdater.exe 
Task: {1230973C-2DCB-4EC8-AFB4-D282BBF7A90C} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-1016556084-3091970497-507946437-1001Core1d23a61c29ba9b => C:\Users\Klaus\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2016-11-09] (Dropbox, Inc.)
Task: {198A6903-7142-4352-9B9D-BBA22660644C} - System32\Tasks\CreateChoiceProcessTask => C:\Windows\System32\browserchoice.exe 
Task: {1A90A8B3-2B42-4620-B9E9-8F360369FD1A} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => %SystemRoot%\ehome\mcupdate.exe 
Task: {22FC3F00-07C5-4DE1-9F84-EEB9702DF954} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => %SystemRoot%\ehome\ehrec.exe 
Task: {2305DEF5-962C-43C2-B137-6BA272EB80A9} - System32\Tasks\EasySpeedUpManager => C:\Program Files\SAMSUNG\EasySpeedUpManager\EasySpeedUpManager.exe [2009-08-23] (Samsung Electronics Co., Ltd.)
Task: {2E8BC9B0-BDB9-4E9F-A4F9-D6B8AC6C9FFE} - System32\Tasks\GarminUpdaterTask => C:\Program Files\Garmin\Express SelfUpdater\ExpressSelfUpdater.exe [2017-01-16] ()
Task: {30829DA0-1BAA-4F47-BF9E-E7F6ED0FC545} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => %SystemRoot%\ehome\ehPrivJob.exe 
Task: {35787037-8448-42A7-80B0-2084FA4E35F4} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG
Task: {36E6601D-B561-4F31-BED3-4ECDFDFFEFA5} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei <==== ACHTUNG
Task: {3BEA1269-71AA-491F-B309-219AE332725E} - System32\Tasks\EasyBatteryManager => C:\Program Files\Samsung\EasyBatteryManager\EasyBatteryMgr4.exe [2009-08-01] (SAMSUNG Electronics co., LTD.)
Task: {3E6EAA52-AA76-4F97-8A46-E061DD041269} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Keine Datei <==== ACHTUNG
Task: {40AE5E88-810B-4C52-9DC7-2FA010522BA5} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => %SystemRoot%\ehome\mcupdate.exe 
Task: {43DD993F-00A1-46EB-945C-774807C5125A} - System32\Tasks\{4EE692CD-843A-4815-A4E9-FA5E6A45F531} => C:\Program Files\Skype\Phone\Skype.exe [2016-11-15] (Skype Technologies S.A.)
Task: {450582EF-258E-4743-BEA3-416533CE2E24} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Keine Datei <==== ACHTUNG
Task: {450A414F-692C-46C1-9AC4-92497D16F2FC} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => %SystemRoot%\ehome\ehPrivJob.exe 
Task: {47C2D29E-9E4D-4D91-AE12-47DCA976EA9F} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => %SystemRoot%\ehome\ehPrivJob.exe 
Task: {491C4756-8771-49A3-AE79-91EDEB50793D} - System32\Tasks\advSRS4 => C:\Program Files\Samsung\Samsung Recovery Solution 4\WCScheduler.exe [2010-01-19] (SEC)
Task: {4D94345D-EFB8-4603-9D91-EB25D3A55825} - \Safer-Networking\Spybot - Search and Destroy\Refresh immunization -> Keine Datei <==== ACHTUNG
Task: {501312D6-1923-4F5D-9E5A-665FE315667C} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => %windir%\ehome\MCUpdate.exe 
Task: {5C55623F-9CD1-4858-AC15-23084841B334} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => %SystemRoot%\ehome\mcupdate.exe 
Task: {60600B73-0A3B-47E0-9092-BD03D38B94B2} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => %SystemRoot%\ehome\mcupdate.exe 
Task: {6458BDCF-4753-422B-A773-FB14B0380B3B} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => %SystemRoot%\ehome\ehPrivJob.exe 
Task: {65CAA3FC-6411-4E38-A61B-05EDDDD07C53} - System32\Tasks\SUPBackground => C:\Program Files\Samsung\Samsung Update Plus\SUPBackground.exe [2010-04-20] ()
Task: {66D59E4D-2020-4226-B0E6-4633BD8163D6} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => %SystemRoot%\ehome\ehPrivJob.exe 
Task: {6A099255-DAE2-45F6-9F77-9E30B3FC6B7C} - System32\Tasks\Registration 1und1 Task => C:\Program Files\1und1Softwareaktualisierung\cdsupdclient.exe [2016-03-25] (1&1 Mail & Media GmbH)
Task: {6A7B9FBB-E293-4E66-A097-2884CC62B8E0} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => %SystemRoot%\ehome\mcupdate.exe 
Task: {6C02EDCC-7681-4732-B9E7-FE92A385C4DC} - \Safer-Networking\Spybot - Search and Destroy\Check for updates -> Keine Datei <==== ACHTUNG
Task: {7166BF19-C763-4BE2-B7CE-AA6B5C20F780} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Keine Datei <==== ACHTUNG
Task: {734E4AC8-E775-40F1-9A87-06CADC8B44E7} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine Datei <==== ACHTUNG
Task: {7366B38C-B7CB-49A5-AE9B-DC9EF847FB55} - System32\Tasks\BatteryLifeExtender => C:\Program Files\Samsung\BatteryLifeExtender\BatteryLifeExtender.exe [2009-08-12] (Samsung Electronics. Co. Ltd.)
Task: {7525F94C-573A-4AAD-B8B1-BC4E47D3CE00} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-12-19] (Adobe Systems Incorporated)
Task: {763EA265-CBF6-435E-9BD8-D61F67755760} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => %SystemRoot%\ehome\ehPrivJob.exe 
Task: {7B51D5A0-DBA7-4DBC-9C0F-3152FF668A9C} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => %SystemRoot%\ehome\ehrec.exe 
Task: {7C39AFEA-9F57-48AF-A6F0-6F5EF48BC660} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-1016556084-3091970497-507946437-1001UA1d23a61c5472f3 => C:\Users\Klaus\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2016-11-09] (Dropbox, Inc.)
Task: {7C46FD08-1243-4F3A-9313-3FF61C883D3A} - System32\Tasks\{36AF7C9B-3B45-4446-9387-B0336493ABB4} => Iexplore.exe hxxp://ui.skype.com/ui/0/7.0.0.102/de/abandoninstall?page=tsProgressBar
Task: {7DBEDEFD-518F-4EFE-99AE-F84A96112229} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2014-10-26] (Google Inc.)
Task: {7DDD83AF-A2A1-40C0-A524-FED7B8931888} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2014-10-26] (Google Inc.)
Task: {80D96DC3-D35B-42EE-9D49-9E377069CA91} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Keine Datei <==== ACHTUNG
Task: {814EDA48-377A-4E0E-9C06-8F493364864C} - System32\Tasks\PCSpeedRepair_Start => C:\Program Files\PC Speed Repair\PCSpeedRepair.exe 
Task: {844E1910-FAC2-4466-ADBA-2A709EF2874C} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => %SystemRoot%\ehome\ehPrivJob.exe 
Task: {86AABC58-8DA0-4A1A-90C8-7AE51DC464DB} - System32\Tasks\SamsungSupportCenter => C:\Program Files\Samsung\Samsung Support Center\SSCKbdHk.exe [2009-09-07] (SAMSUNG Electronics)
Task: {8A29FF2D-80A1-4DAC-8007-66FDEA4D5BE9} - System32\Tasks\EasyDisplayMgr => C:\Program Files\Samsung\Easy Display Manager\dmhkcore.exe [2009-09-12] (Samsung Electronics Co., Ltd.)
Task: {90D61C1E-A65D-4B5F-A847-025258DEC1B0} - System32\Tasks\Adobe Flash Player Updater => C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2017-01-30] (Adobe Systems Incorporated)
Task: {91210341-8AD4-4871-8656-8ABD0492C0DA} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => %SystemRoot%\ehome\ehPrivJob.exe 
Task: {922FE938-1748-4735-8331-BBF17E2B72AF} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2017-03-15] (Microsoft Corporation)
Task: {92E0867F-8B03-457D-B108-AD3DE6C5368C} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => %SystemRoot%\ehome\mcupdate.exe 
Task: {966C563E-BC9B-4AC0-8147-A8C670D0895F} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG
Task: {9DE427DD-3C43-4699-9B13-66A3A7DB4373} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => %SystemRoot%\ehome\mcupdate.exe 
Task: {B7033D2E-08CF-4688-BF7F-EC0506643A8E} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> Keine Datei <==== ACHTUNG
Task: {BADCD1CD-8C3C-46B8-A002-911FC9DBEE8B} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => %SystemRoot%\ehome\ehPrivJob.exe 
Task: {C05B0A34-48CB-4469-9B2F-B83F17047117} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => %SystemRoot%\ehome\ehPrivJob.exe 
Task: {C9845C55-D8D4-4F9F-965E-1DD8FE2678ED} - System32\Tasks\PCSpeedRepair_Popup => C:\Program Files\PC Speed Repair\Splash.exe 
Task: {CD8517F5-7615-4448-A396-68751820F791} - System32\Tasks\{DD144569-13B3-4780-9D0A-61ABDDF82E46} => Iexplore.exe hxxp://www.skype.com/go/downloading?source=lightinstaller&amp;ver=7.1.0.105&amp;LastError=12002
Task: {D3C25474-0E08-4083-A0DD-D7EF82F4DB95} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Keine Datei <==== ACHTUNG
Task: {D5364B3A-382D-4027-BF2E-AD5D4720B672} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => %SystemRoot%\ehome\ehPrivJob.exe 
Task: {E97EF085-9494-4C30-9B62-7FD5A266E90F} - \Safer-Networking\Spybot - Search and Destroy\Scan the system -> Keine Datei <==== ACHTUNG
Task: {F49FDCCC-02E8-4464-96C4-144C4E2515D7} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => %SystemRoot%\ehome\ehPrivJob.exe 
Task: {FCB0AB86-49B1-4B75-871B-1F0CA5B59EC0} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Keine Datei <==== ACHTUNG

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-1016556084-3091970497-507946437-1001Core1d23a61c29ba9b.job => C:\Users\Klaus\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-1016556084-3091970497-507946437-1001UA1d23a61c5472f3.job => C:\Users\Klaus\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe

==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

Shortcut: C:\Users\Klaus\AppData\Roaming\Microsoft\Windows\Network Shortcuts\Meine Websites auf MSN\target.lnk -> hxxp://www.msnusers.co

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2016-07-16 09:25 - 2016-07-16 09:25 - 00190976 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2017-03-15 08:21 - 2017-03-04 08:04 - 02048496 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2014-03-06 13:27 - 2007-08-21 12:59 - 00014616 _____ () C:\WINDOWS\System32\skypdfmonpro.dll
2016-11-08 18:14 - 2016-11-08 18:14 - 00326144 _____ () C:\Program Files\Garmin\Device Interaction Service\GpsImgWrapper.dll
2017-01-16 14:43 - 2017-01-16 14:43 - 00073216 _____ () C:\Program Files\Garmin\Device Interaction Service\FixBootSector.dll
2006-11-02 19:40 - 2006-11-02 19:40 - 00174656 _____ () C:\windows\system32\PSIService.exe
2009-09-16 22:57 - 2009-03-05 10:54 - 00311296 _____ () C:\windows\SYSTEM32\Rezip.exe
2010-01-24 16:49 - 2009-07-07 03:23 - 00247152 ____N () C:\Program Files\CyberLink\Shared files\RichVideo.exe
2017-03-15 08:21 - 2017-03-04 08:04 - 02048496 _____ () C:\WINDOWS\SYSTEM32\CoreUIComponents.dll
2010-12-28 12:11 - 2010-03-15 11:28 - 00141824 _____ () C:\Program Files\WinRAR\rarext.dll
2016-07-16 09:25 - 2016-07-16 09:25 - 00108032 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll
2017-03-15 08:22 - 2017-03-04 07:24 - 00321536 _____ () C:\Windows\ShellExperiences\QuickActions.dll
2009-09-16 23:06 - 2006-08-12 04:48 - 00049152 _____ () C:\Program Files\Samsung\Easy Display Manager\HookDllPS2.dll
2017-03-15 08:20 - 2017-03-04 07:04 - 06726656 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2017-03-15 08:20 - 2017-03-04 06:58 - 01150464 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-10-14 11:29 - 2016-10-14 11:29 - 00526848 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll
2017-03-15 08:20 - 2017-03-04 06:58 - 00779776 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Actions.dll
2017-03-15 08:20 - 2017-03-04 06:58 - 01724928 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2017-03-15 08:20 - 2017-03-04 07:00 - 03158528 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2017-03-13 11:14 - 2017-03-13 11:16 - 00067072 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.12.112.0_x86__kzf8qxf38zg5c\SkypeHost.exe
2017-03-13 11:14 - 2017-03-13 11:16 - 00156672 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.12.112.0_x86__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2017-03-13 11:14 - 2017-03-13 11:16 - 29441536 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.12.112.0_x86__kzf8qxf38zg5c\SkyWrap.dll
2017-03-13 11:14 - 2017-03-13 11:16 - 01578984 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.12.112.0_x86__kzf8qxf38zg5c\roottools.dll
2012-06-17 15:56 - 2009-02-27 15:38 - 00139264 ____R () C:\Program Files\Brother\BrUtilities\BrLogAPI.dll
2017-03-10 11:33 - 2017-03-06 21:59 - 00807232 _____ () C:\Users\Klaus\AppData\Roaming\Dropbox\bin\dropbox_watchdog.dll
2017-03-10 11:33 - 2017-02-09 03:19 - 00035792 _____ () C:\Users\Klaus\AppData\Roaming\Dropbox\bin\_multiprocessing.pyd
2017-03-10 11:33 - 2017-02-09 03:19 - 00100296 _____ () C:\Users\Klaus\AppData\Roaming\Dropbox\bin\_ctypes.pyd
2017-03-10 11:33 - 2017-02-09 03:19 - 00018888 _____ () C:\Users\Klaus\AppData\Roaming\Dropbox\bin\select.pyd
2017-03-10 11:33 - 2017-03-06 22:01 - 00019776 _____ () C:\Users\Klaus\AppData\Roaming\Dropbox\bin\tornado.speedups.pyd
2017-03-10 11:33 - 2017-02-09 03:19 - 00694224 _____ () C:\Users\Klaus\AppData\Roaming\Dropbox\bin\unicodedata.pyd
2017-03-10 11:33 - 2017-03-06 22:01 - 00020824 _____ () C:\Users\Klaus\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._constant_time.pyd
2017-03-10 11:33 - 2017-02-09 03:20 - 00123856 _____ () C:\Users\Klaus\AppData\Roaming\Dropbox\bin\_cffi_backend.pyd
2017-03-10 11:33 - 2017-03-06 22:01 - 01682768 _____ () C:\Users\Klaus\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._openssl.pyd
2017-03-10 11:33 - 2017-03-06 22:01 - 00020816 _____ () C:\Users\Klaus\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._padding.pyd
2017-03-10 11:33 - 2017-02-09 03:19 - 00145864 _____ () C:\Users\Klaus\AppData\Roaming\Dropbox\bin\pyexpat.pyd
2017-03-10 11:33 - 2017-02-09 03:20 - 00019408 _____ () C:\Users\Klaus\AppData\Roaming\Dropbox\bin\faulthandler.pyd
2017-03-10 11:33 - 2017-02-09 03:19 - 00116688 _____ () C:\Users\Klaus\AppData\Roaming\Dropbox\bin\pywintypes27.dll
2017-03-10 11:33 - 2017-02-09 03:22 - 00105928 _____ () C:\Users\Klaus\AppData\Roaming\Dropbox\bin\win32api.pyd
2017-03-10 11:33 - 2017-03-06 22:01 - 00022864 _____ () C:\Users\Klaus\AppData\Roaming\Dropbox\bin\winffi.crt.compiled._winffi_crt.pyd
2017-03-10 11:33 - 2017-03-06 22:01 - 00038712 _____ () C:\Users\Klaus\AppData\Roaming\Dropbox\bin\fastpath.pyd
2017-03-10 11:33 - 2017-03-06 22:01 - 00060736 _____ () C:\Users\Klaus\AppData\Roaming\Dropbox\bin\psutil._psutil_windows.pyd
2017-03-10 11:33 - 2017-02-09 03:22 - 00024528 _____ () C:\Users\Klaus\AppData\Roaming\Dropbox\bin\win32event.pyd
2017-03-10 11:33 - 2017-02-09 03:22 - 00175560 _____ () C:\Users\Klaus\AppData\Roaming\Dropbox\bin\win32gui.pyd
2017-03-10 11:33 - 2017-02-09 03:19 - 00392144 _____ () C:\Users\Klaus\AppData\Roaming\Dropbox\bin\pythoncom27.dll
2017-03-10 11:33 - 2017-02-09 03:22 - 00020936 _____ () C:\Users\Klaus\AppData\Roaming\Dropbox\bin\mmapfile.pyd
2017-03-10 11:33 - 2017-02-09 03:22 - 00116176 _____ () C:\Users\Klaus\AppData\Roaming\Dropbox\bin\win32security.pyd
2017-03-10 11:33 - 2017-03-06 22:01 - 00381760 _____ () C:\Users\Klaus\AppData\Roaming\Dropbox\bin\win32com.shell.shell.pyd
2017-03-10 11:33 - 2017-02-09 03:22 - 00124880 _____ () C:\Users\Klaus\AppData\Roaming\Dropbox\bin\win32file.pyd
2017-03-10 11:33 - 2017-03-06 22:01 - 00026456 _____ () C:\Users\Klaus\AppData\Roaming\Dropbox\bin\winffi.kernel32.compiled._winffi_kernel32.pyd
2017-03-10 11:33 - 2017-02-09 03:22 - 00024016 _____ () C:\Users\Klaus\AppData\Roaming\Dropbox\bin\win32clipboard.pyd
2017-03-10 11:33 - 2017-02-09 03:22 - 00030160 _____ () C:\Users\Klaus\AppData\Roaming\Dropbox\bin\win32pipe.pyd
2017-03-10 11:33 - 2017-02-09 03:22 - 00043472 _____ () C:\Users\Klaus\AppData\Roaming\Dropbox\bin\win32process.pyd
2017-03-10 11:33 - 2017-02-09 03:22 - 00048592 _____ () C:\Users\Klaus\AppData\Roaming\Dropbox\bin\win32service.pyd
2017-03-10 11:33 - 2017-02-09 03:22 - 00057808 _____ () C:\Users\Klaus\AppData\Roaming\Dropbox\bin\win32evtlog.pyd
2017-03-10 11:33 - 2017-02-09 03:22 - 00024016 _____ () C:\Users\Klaus\AppData\Roaming\Dropbox\bin\win32profile.pyd
2017-03-10 11:33 - 2017-03-06 22:01 - 00246608 _____ () C:\Users\Klaus\AppData\Roaming\Dropbox\bin\breakpad.client.windows.handler.pyd
2017-03-10 11:33 - 2017-03-06 22:01 - 00027488 _____ () C:\Users\Klaus\AppData\Roaming\Dropbox\bin\dropbox.infinite.win.compiled._driverinstallation.pyd
2017-03-10 11:33 - 2017-02-09 03:21 - 00241104 _____ () C:\Users\Klaus\AppData\Roaming\Dropbox\bin\_jpegtran.pyd
2017-03-10 11:33 - 2017-03-06 22:01 - 00022336 _____ () C:\Users\Klaus\AppData\Roaming\Dropbox\bin\cpuid.compiled._cpuid.pyd
2017-03-10 11:33 - 2017-03-06 22:01 - 00025432 _____ () C:\Users\Klaus\AppData\Roaming\Dropbox\bin\winscreenshot.compiled._CaptureScreenshot.pyd
2017-03-10 11:33 - 2017-02-09 03:22 - 00028616 _____ () C:\Users\Klaus\AppData\Roaming\Dropbox\bin\win32ts.pyd
2017-03-10 11:33 - 2017-03-06 22:01 - 01826104 _____ () C:\Users\Klaus\AppData\Roaming\Dropbox\bin\PyQt5.QtCore.pyd
2017-03-10 11:33 - 2017-02-09 03:20 - 00083912 _____ () C:\Users\Klaus\AppData\Roaming\Dropbox\bin\sip.pyd
2017-03-10 11:33 - 2017-03-06 22:01 - 01972536 _____ () C:\Users\Klaus\AppData\Roaming\Dropbox\bin\PyQt5.QtGui.pyd
2017-03-10 11:33 - 2017-03-06 22:01 - 03928896 _____ () C:\Users\Klaus\AppData\Roaming\Dropbox\bin\PyQt5.QtWidgets.pyd
2017-03-10 11:33 - 2017-03-06 22:01 - 00531264 _____ () C:\Users\Klaus\AppData\Roaming\Dropbox\bin\PyQt5.QtNetwork.pyd
2017-03-10 11:33 - 2017-03-06 22:01 - 00053072 _____ () C:\Users\Klaus\AppData\Roaming\Dropbox\bin\winrpcserver.compiled._RPCServer.pyd
2017-03-10 11:33 - 2017-03-06 22:01 - 00133432 _____ () C:\Users\Klaus\AppData\Roaming\Dropbox\bin\PyQt5.QtWebKit.pyd
2017-03-10 11:33 - 2017-03-06 22:01 - 00224064 _____ () C:\Users\Klaus\AppData\Roaming\Dropbox\bin\PyQt5.QtWebKitWidgets.pyd
2017-03-10 11:33 - 2017-03-06 22:01 - 00207680 _____ () C:\Users\Klaus\AppData\Roaming\Dropbox\bin\PyQt5.QtPrintSupport.pyd
2017-03-10 11:33 - 2017-03-06 22:01 - 00022864 _____ () C:\Users\Klaus\AppData\Roaming\Dropbox\bin\winffi.user32.compiled._winffi_user32.pyd
2017-03-10 11:33 - 2017-03-06 22:01 - 00069968 _____ () C:\Users\Klaus\AppData\Roaming\Dropbox\bin\windisplaytoast.compiled._DisplayToast.pyd
2017-03-10 11:33 - 2017-03-06 22:01 - 00022872 _____ () C:\Users\Klaus\AppData\Roaming\Dropbox\bin\winffi.iphlpapi.compiled._winffi_iphlpapi.pyd
2017-03-10 11:33 - 2017-03-06 22:01 - 00021848 _____ () C:\Users\Klaus\AppData\Roaming\Dropbox\bin\winffi.winerror.compiled._winffi_winerror.pyd
2017-03-10 11:33 - 2017-03-06 22:01 - 00022872 _____ () C:\Users\Klaus\AppData\Roaming\Dropbox\bin\winffi.wininet.compiled._winffi_wininet.pyd
2017-03-10 11:33 - 2017-02-09 03:22 - 00350152 _____ () C:\Users\Klaus\AppData\Roaming\Dropbox\bin\winxpgui.pyd
2017-03-10 11:33 - 2017-03-06 22:01 - 00103232 _____ () C:\Users\Klaus\AppData\Roaming\Dropbox\bin\PyQt5.QtWinExtras.pyd
2017-03-10 11:33 - 2017-03-06 22:01 - 00023896 _____ () C:\Users\Klaus\AppData\Roaming\Dropbox\bin\winverifysignature.compiled._VerifySignature.pyd
2017-03-10 11:33 - 2017-03-06 22:01 - 00025936 _____ () C:\Users\Klaus\AppData\Roaming\Dropbox\bin\librsyncffi.compiled._librsyncffi.pyd
2017-03-10 11:33 - 2017-02-09 03:17 - 00036296 _____ () C:\Users\Klaus\AppData\Roaming\Dropbox\bin\librsync.dll
2017-03-10 11:33 - 2017-03-06 22:01 - 00033112 _____ () C:\Users\Klaus\AppData\Roaming\Dropbox\bin\enterprise_data.compiled._enterprise_data.pyd
2017-03-10 11:33 - 2016-12-02 22:44 - 00293392 _____ () C:\Users\Klaus\AppData\Roaming\Dropbox\bin\EnterpriseDataAdapter.dll
2017-03-10 11:33 - 2017-03-06 22:01 - 00084288 _____ () C:\Users\Klaus\AppData\Roaming\Dropbox\bin\dropbox_sqlite_ext.DLL
2017-03-10 11:33 - 2017-02-09 03:27 - 00017864 _____ () C:\Users\Klaus\AppData\Roaming\Dropbox\bin\libEGL.dll
2017-03-10 11:33 - 2017-02-09 03:27 - 01631184 _____ () C:\Users\Klaus\AppData\Roaming\Dropbox\bin\libGLESv2.dll
2017-03-10 11:33 - 2017-03-06 22:01 - 00042816 _____ () C:\Users\Klaus\AppData\Roaming\Dropbox\bin\PyQt5.QtWebChannel.pyd
2017-03-10 11:33 - 2017-03-06 22:01 - 00171336 _____ () C:\Users\Klaus\AppData\Roaming\Dropbox\bin\PyQt5.QtWebEngineWidgets.pyd
2017-03-10 11:33 - 2017-03-06 22:01 - 00357688 _____ () C:\Users\Klaus\AppData\Roaming\Dropbox\bin\PyQt5.QtQml.pyd
2017-03-10 11:33 - 2017-02-09 03:22 - 00060880 _____ () C:\Users\Klaus\AppData\Roaming\Dropbox\bin\win32print.pyd
2017-03-10 11:33 - 2017-03-06 22:01 - 00026456 _____ () C:\Users\Klaus\AppData\Roaming\Dropbox\bin\winffi.winhttp.compiled._winffi_winhttp.pyd
2017-03-10 11:33 - 2017-03-06 22:01 - 00546104 _____ () C:\Users\Klaus\AppData\Roaming\Dropbox\bin\PyQt5.QtQuick.pyd
2015-11-11 03:41 - 2015-11-11 03:41 - 00756376 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSPTLS.DLL

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)


==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)


==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)

IE trusted site: HKU\S-1-5-21-1016556084-3091970497-507946437-1001\...\internet -> internet
IE trusted site: HKU\S-1-5-21-1016556084-3091970497-507946437-1001\...\mcafee.com -> hxxp://mcafee.com
IE trusted site: HKU\S-1-5-21-1016556084-3091970497-507946437-1001\...\mcafee.com -> hxxps://mcafee.com

==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2009-07-14 03:04 - 2009-06-10 22:39 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-1016556084-3091970497-507946437-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Klaus\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\urlaub frankreich 082011 037.jpg
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

MSCONFIG\startupreg: ANT Agent => C:\Program Files\Garmin\ANT Agent\ANT Agent.exe
MSCONFIG\startupreg: CLMLServer => "C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe"
MSCONFIG\startupreg: Corel Photo Downloader => C:\Program Files\Corel\Corel Snapfire\Corel PhotoDownloader.exe
MSCONFIG\startupreg: GrooveMonitor => "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
MSCONFIG\startupreg: gStart => C:\Garmin\gStart.exe
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: PDVD8LanguageShortcut => "C:\Program Files\CyberLink\PowerDVD8\Language\Language.exe"
MSCONFIG\startupreg: RemoteControl8 => "C:\Program Files\CyberLink\PowerDVD8\PDVD8Serv.exe"
MSCONFIG\startupreg: Skype => "C:\Program Files\Skype\\Phone\Skype.exe" /nosplash /minimized
MSCONFIG\startupreg: UpdateLBPShortCut => "C:\Program Files\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\LabelPrint" UpdateWithCreateOnce "Software\CyberLink\LabelPrint\2.5"
MSCONFIG\startupreg: UpdateP2GoShortCut => "C:\Program Files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"
MSCONFIG\startupreg: UpdatePDRShortCut => "C:\Program Files\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\PowerDirector" UpdateWithCreateOnce "Software\CyberLink\PowerDirector\7.0"
MSCONFIG\startupreg: UpdatePPShortCut => "C:\Program Files\CyberLink\PowerProducer\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\PowerProducer" UpdateWithCreateOnce "Software\CyberLink\PowerProducer\5.0"
MSCONFIG\startupreg: UpdatePSTShortCut => "C:\Program Files\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\DVD Suite" UpdateWithCreateOnce "Software\CyberLink\PowerStarter"

==================== FirewallRules (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [MSMQ-In-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-In-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [WCF-NetTcpActivator-In-TCP-32bit] => (Allow) LPort=808
FirewallRules: [UDP Query User{1EC2C7DD-F10F-4299-AFD7-914BFA7E3A27}C:\program files\mozilla firefox\firefox.exe] => (Block) C:\program files\mozilla firefox\firefox.exe
FirewallRules: [TCP Query User{7FED0E7A-DBB5-41C6-888E-9AC0692372F2}C:\program files\mozilla firefox\firefox.exe] => (Block) C:\program files\mozilla firefox\firefox.exe
FirewallRules: [{11C9BEFD-F35C-4A20-B82C-8750FE6E7BCB}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{449AE68C-4211-4903-926E-1C4F1C520CD7}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{0DC1C072-B70B-4D63-84F1-164DE7B720C0}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{0536E000-C3EB-4A0A-91C3-5EA90256CAB2}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{19B4B433-AF69-42A6-8005-315C11356EBF}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{3B2EB46D-5D1C-45D4-A463-C987ED66CFE1}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe
FirewallRules: [UDP Query User{D42F8C95-33C3-4615-9FD7-AD5CA8EA29A4}C:\users\klaus\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\klaus\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [TCP Query User{2689A049-06C1-4CFF-9DB3-859EB1BB8F5C}C:\users\klaus\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\klaus\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [{037FFB73-8BEF-4D86-9E2A-0F27EC39D952}] => (Allow) C:\DATEV\PROGRAMM\RWAPPLIC\Datev.Irw.Managed.ServiceProvider.exe
FirewallRules: [{96CF0146-E687-4E14-AF86-ED5303157D7D}] => (Allow) C:\DATEV\PROGRAMM\RWAPPLIC\Datev.Irw.Managed.ServiceProvider.exe
FirewallRules: [{D467463D-8A4C-4110-BFCE-2BF059AD56F1}] => (Allow) C:\DATEV\PROGRAMM\K0005000\Arbeitsplatz.exe
FirewallRules: [{04206976-A6EC-4E97-9AB4-813655243B1D}] => (Allow) C:\DATEV\PROGRAMM\K0005000\Arbeitsplatz.exe
FirewallRules: [{AB9C8DE5-8467-4A5E-9655-78B477F81C6E}] => (Allow) C:\DATEV\PROGRAMM\Sws\LimaService.exe
FirewallRules: [{D2C91D17-C558-4CC3-96A9-DB8CF31B623E}] => (Allow) C:\windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
FirewallRules: [{C41D2E4C-6D4E-4C94-9611-87C41D68675B}] => (Allow) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
FirewallRules: [{5999E9F2-6AE6-4BC0-86E4-7E10AAD0DC8F}] => (Allow) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
FirewallRules: [{75DDA7C9-2A15-4812-8BCF-7E14E996FAFC}] => (Allow) C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
FirewallRules: [{13238EAF-06BC-4D40-813A-275523D3FD8F}] => (Allow) C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
FirewallRules: [{04007B08-A2E5-4010-8CCA-C07A89F93EA9}] => (Allow) C:\Users\Klaus\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{23B8DD95-5375-4928-9CB8-EE23A22AFE04}] => (Allow) C:\Users\Klaus\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{D252D2AE-D295-44FA-8EEE-72D2CCC6193A}] => (Allow) C:\Program Files\Common Files\Mcafee\MNA\McNaSvc.exe
FirewallRules: [{C63039A6-D017-4561-8BB3-1572A0BD5B4E}] => (Allow) C:\Program Files\CyberLink\PowerDVD8\PowerDVD8.EXE
FirewallRules: [{B7BEA400-D614-4A30-BCDD-84E14676FA28}] => (Allow) C:\Program Files\CyberLink\PowerDirector\PDR.EXE
FirewallRules: [{BF143FC9-EB73-4F56-9EE3-5F49343EB1C3}] => (Allow) C:\Program Files\Skype\Phone\Skype.exe
FirewallRules: [{C00BB162-BFF6-4273-9E05-9DC730F73D59}] => (Allow) C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe
FirewallRules: [{16E4F06C-1AF6-4678-ABC3-7219ABCD1549}] => (Allow) svchost.exe
FirewallRules: [{D44F7DA8-60E2-454B-84D7-6478E80A925C}] => (Allow) C:\Program Files\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{F1C8F380-E5CD-4DFD-8F6D-5B27D455E585}] => (Allow) C:\Program Files\Windows Live\Messenger\wlcsdk.exe
FirewallRules: [{CEC48A29-F96A-4A10-A366-245ED2FF7183}] => (Allow) C:\Program Files\TeamViewer\TeamViewer.exe
FirewallRules: [{76CB0CB6-3855-463B-ACBF-596851650CA0}] => (Allow) C:\Program Files\TeamViewer\TeamViewer.exe
FirewallRules: [{6A172810-F164-4CD4-8EED-952A19924205}] => (Allow) C:\Program Files\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{B7147B16-BBCE-47A6-97A4-E7B4E8214FEA}] => (Allow) C:\Program Files\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{1A03A65C-37BA-4C65-8C0B-6B23509BFCC4}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{1AC8ECDE-410B-4BAE-B7DD-40DCA9BC2B51}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
StandardProfile\AuthorizedApplications: [C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe] => Enabled:Spybot-S&D 2 Tray Icon
StandardProfile\AuthorizedApplications: [C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe] => Enabled:Spybot-S&D 2 Scanner Service
StandardProfile\AuthorizedApplications: [C:\Program Files\Spybot - Search & Destroy 2\SDUpdate.exe] => Enabled:Spybot-S&D 2 Updater
StandardProfile\AuthorizedApplications: [C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe] => Enabled:Spybot-S&D 2 Background update service

==================== Wiederherstellungspunkte =========================

04-03-2017 16:55:26 Geplanter Prüfpunkt
13-03-2017 13:36:21 Geplanter Prüfpunkt
16-03-2017 17:32:15 Installiert tax 2017
18-03-2017 13:49:23 Removed McAfee Virtual Technician

==================== Fehlerhafte Geräte im Gerätemanager =============


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (03/21/2017 11:37:36 AM) (Source: Brother BrLog) (EventID: 1001) (User: )
Description: STMON BrtSTMON: [2017/03/21 11:37:36.238]: [00004144]:    Don't Create FileMapping!!!!

Error: (03/21/2017 11:37:36 AM) (Source: Brother BrLog) (EventID: 1001) (User: )
Description: STMON BrtSTMON: [2017/03/21 11:37:36.238]: [00004144]:    FrendlyName : Brother MFC-5490CN Printer

Error: (03/21/2017 11:37:36 AM) (Source: Brother BrLog) (EventID: 1001) (User: )
Description: STMON BrtSTMON: [2017/03/21 11:37:36.238]: [00004144]:    Error : ExecMonitor()

Error: (03/21/2017 11:35:36 AM) (Source: Brother BrLog) (EventID: 1001) (User: )
Description: STMON BrtSTMON: [2017/03/21 11:35:36.236]: [00004144]:    Don't Create FileMapping!!!!

Error: (03/21/2017 11:35:36 AM) (Source: Brother BrLog) (EventID: 1001) (User: )
Description: STMON BrtSTMON: [2017/03/21 11:35:36.236]: [00004144]:    FrendlyName : Brother MFC-5490CN Printer

Error: (03/21/2017 11:35:36 AM) (Source: Brother BrLog) (EventID: 1001) (User: )
Description: STMON BrtSTMON: [2017/03/21 11:35:36.236]: [00004144]:    Error : ExecMonitor()

Error: (03/21/2017 11:33:36 AM) (Source: Brother BrLog) (EventID: 1001) (User: )
Description: STMON BrtSTMON: [2017/03/21 11:33:36.239]: [00004144]:    Don't Create FileMapping!!!!

Error: (03/21/2017 11:33:36 AM) (Source: Brother BrLog) (EventID: 1001) (User: )
Description: STMON BrtSTMON: [2017/03/21 11:33:36.239]: [00004144]:    FrendlyName : Brother MFC-5490CN Printer

Error: (03/21/2017 11:33:36 AM) (Source: Brother BrLog) (EventID: 1001) (User: )
Description: STMON BrtSTMON: [2017/03/21 11:33:36.238]: [00004144]:    Error : ExecMonitor()

Error: (03/21/2017 11:31:36 AM) (Source: Brother BrLog) (EventID: 1001) (User: )
Description: STMON BrtSTMON: [2017/03/21 11:31:36.228]: [00004144]:    Don't Create FileMapping!!!!


Systemfehler:
=============
Error: (03/21/2017 11:24:55 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Google Update Service (gupdate)" wurde aufgrund folgenden Fehlers nicht gestartet: 
Der Dienst antwortete nicht rechtzeitig auf die Start- oder Steuerungsanforderung.

Error: (03/21/2017 11:24:55 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst gupdate erreicht.

Error: (03/21/2017 11:23:01 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID 
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
 und der APPID 
{F72671A9-012C-4725-9D2F-2A4D32D65169}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (03/21/2017 11:22:29 AM) (Source: Service Control Manager) (EventID: 7016) (User: )
Description: Der Dienst "chip1click" hat einen ungültigen aktuellen Status gemeldet: 0

Error: (03/21/2017 11:22:29 AM) (Source: Service Control Manager) (EventID: 7016) (User: )
Description: Der Dienst "chip1click" hat einen ungültigen aktuellen Status gemeldet: 0

Error: (03/21/2017 11:22:21 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Apple Mobile Device" wurde aufgrund folgenden Fehlers nicht gestartet: 
Der Dienst antwortete nicht rechtzeitig auf die Start- oder Steuerungsanforderung.

Error: (03/21/2017 11:22:21 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Apple Mobile Device erreicht.

Error: (03/21/2017 11:22:20 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "NetTcpActivator" ist vom Dienst "NetTcpPortSharing" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
Der angegebene Dienst kann nicht gestartet werden. Er ist deaktiviert oder nicht mit aktivierten Geräten verbunden.

Error: (03/21/2017 11:22:19 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "LMIGuardianSvc" wurde aufgrund folgenden Fehlers nicht gestartet: 
Der Dienst antwortete nicht rechtzeitig auf die Start- oder Steuerungsanforderung.

Error: (03/21/2017 11:22:19 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst LMIGuardianSvc erreicht.


CodeIntegrity:
===================================
  Date: 2017-03-19 18:08:49.561
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2017-03-16 18:01:57.346
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2017-03-05 11:23:12.033
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2017-02-03 11:37:22.753
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2017-02-03 11:37:22.751
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Office\OFFICE11\MCPS.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2017-02-03 11:37:22.747
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2017-02-03 11:37:22.745
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Office\OFFICE11\MCPS.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2017-02-03 11:37:22.717
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2017-02-03 11:37:22.671
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Office\OFFICE11\MCPS.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2017-01-30 11:58:25.130
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.


==================== Memory info =========================== 

Processor: Intel(R) Core(TM)2 Duo CPU T6500 @ 2.10GHz
Prozentuale Nutzung des RAM: 59%
Installierter physikalischer RAM: 3036.61 MB
Verfügbarer physikalischer RAM: 1235.42 MB
Summe virtueller Speicher: 6108.61 MB
Verfügbarer virtueller Speicher: 3970.36 MB

==================== Laufwerke ================================

Drive c: () (Fixed) (Total:252.37 GB) (Free:115.91 GB) NTFS
Drive d: () (Fixed) (Total:198.29 GB) (Free:169.56 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: B4B6F23B)
Partition 1: (Not Active) - (Size=15 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=252.4 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=198.3 GB) - (Type=07 NTFS)

==================== Ende vom Addition.txt ============================
         
__________________

Alt 21.03.2017, 12:32   #4
bütti
 
Löschung von McAfee resten - Standard

Löschung von McAfee resten



Die 2.Datei: First Editor
Code:
ATTFilter
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x86) Version: 15-03-2017
durchgeführt von Klaus (Administrator) auf KLAUS-PC (21-03-2017 11:33:25)
Gestartet von C:\Users\Klaus\Desktop
Geladene Profile: Klaus (Verfügbare Profile: Klaus)
Platform: Microsoft Windows 10 Home Version 1607 (X86) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(DATEV eG) C:\DATEV\PROGRAMM\B0001442\PSNTServ.exe
(Garmin Ltd. or its subsidiaries) C:\Program Files\Garmin\Device Interaction Service\GarminService.exe
(Chip Digital GmbH) C:\Program Files\Chip Digital GmbH\chip1click\chip 1-click installer.exe
() C:\Windows\System32\PSIService.exe
(Sony Corporation) C:\Program Files\Sony\PMB\PMBDeviceInfoProvider.exe
() C:\Windows\System32\Rezip.exe
() C:\Program Files\CyberLink\Shared files\RichVideo.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\TeamViewer_Service.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(SAMSUNG Electronics) C:\Program Files\Samsung\Samsung Support Center\SSCKbdHk.exe
(Samsung Electronics Co., Ltd.) C:\Program Files\Samsung\EasySpeedUpManager\EasySpeedUpManager.exe
(Samsung Electronics Co., Ltd.) C:\Program Files\Samsung\Easy Display Manager\dmhkcore.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\TeamViewer.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.12.112.0_x86__kzf8qxf38zg5c\SkypeHost.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\tv_w32.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Sony Corporation) C:\Program Files\Sony\PMB\PMBVolumeWatcher.exe
(Nuance Communications, Inc.) C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe
(Brother Industries, Ltd.) C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe
(Brother Industries, Ltd.) C:\Program Files\Brother\ControlCenter3\BrccMCtl.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Geek Software GmbH) C:\Program Files\PDF24\pdf24.exe
(1und1 Mail und Media GmbH) C:\Program Files\WEB.DE MailCheck\IE\WEB.DE_MailCheck_Broker.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Google Inc.) C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
(Dropbox, Inc.) C:\Users\Klaus\AppData\Local\Dropbox\Update\DropboxUpdate.exe
(© 2015 Microsoft Corporation) C:\Users\Klaus\AppData\Local\Microsoft\BingSvc\BingSvc.exe
(Skype Technologies S.A.) C:\Program Files\Skype\Phone\Skype.exe
(Garmin Ltd. or its subsidiaries) C:\Program Files\Garmin\Express Tray\ExpressTray.exe
(Dropbox, Inc.) C:\Users\Klaus\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Dropbox, Inc.) C:\Users\Klaus\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jucheck.exe
(Microsoft Corporation) C:\Windows\WinSxS\x86_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.14393.1051_none_230d5c666974907c\TiWorker.exe
(Microsoft Corporation) C:\Windows\System32\wuauclt.exe
(Microsoft Corporation) C:\Windows\SoftwareDistribution\Download\Install\AM_Delta_Patch_1.237.1657.0.exe
(Microsoft Corporation) C:\Windows\System32\MpSigStub.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe

==================== Registry (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [12214528 2015-06-24] (Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1541416 2009-07-15] (Synaptics Incorporated)
HKLM\...\Run: [UCam_Menu] => C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe [218408 2009-02-25] (CyberLink Corp.)
HKLM\...\Run: [TrayServer] => C:\Program Files\MAGIX\Filme_auf_DVD_9_Download-Version\TrayServer.exe [90112 2008-01-17] (MAGIX AG)
HKLM\...\Run: [PMBVolumeWatcher] => C:\Program Files\Sony\PMB\PMBVolumeWatcher.exe [599328 2010-03-24] (Sony Corporation)
HKLM\...\Run: [SSBkgdUpdate] => C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe [210472 2006-10-25] (Nuance Communications, Inc.)
HKLM\...\Run: [PaperPort PTD] => C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe [29984 2008-07-09] (Nuance Communications, Inc.)
HKLM\...\Run: [IndexSearch] => C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe [46368 2008-07-09] (Nuance Communications, Inc.)
HKLM\...\Run: [PPort11reminder] => "C:\Program Files\ScanSoft\PaperPort\Ereg\Ereg.exe" -r "C:\ProgramData\ScanSoft\PaperPort\11\Config\Ereg\Ereg.ini"
HKLM\...\Run: [BrMfcWnd] => C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe [1159168 2009-05-26] (Brother Industries, Ltd.)
HKLM\...\Run: [ControlCenter3] => C:\Program Files\Brother\ControlCenter3\brctrcen.exe [114688 2008-12-24] (Brother Industries, Ltd.)
HKLM\...\Run: [QuickTime Task] => C:\Program Files\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [594992 2016-01-29] (Oracle Corporation)
HKLM\...\Run: [PDFPrint] => C:\Program Files\PDF24\pdf24.exe [210432 2016-07-05] (Geek Software GmbH)
HKLM\...\Run: [MailCheck IE Broker] => C:\Program Files\WEB.DE MailCheck\IE\WEB.DE_MailCheck_Broker.exe [2356080 2016-07-21] (1und1 Mail und Media GmbH)
HKLM\...\Run: [WindowsDefender] => C:\Program Files\Windows Defender\MSASCuiL.exe [483840 2016-07-16] (Microsoft Corporation)
Winlogon\Notify\SDWinLogon: SDWinLogon.dll [X]
HKU\S-1-5-21-1016556084-3091970497-507946437-1001\...\Run: [swg] => C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2009-09-16] (Google Inc.)
HKU\S-1-5-21-1016556084-3091970497-507946437-1001\...\Run: [Dropbox Update] => C:\Users\Klaus\AppData\Local\Dropbox\Update\DropboxUpdate.exe [143144 2016-11-09] (Dropbox, Inc.)
HKU\S-1-5-21-1016556084-3091970497-507946437-1001\...\Run: [BingSvc] => C:\Users\Klaus\AppData\Local\Microsoft\BingSvc\BingSvc.exe [144008 2016-07-12] (© 2015 Microsoft Corporation)
HKU\S-1-5-21-1016556084-3091970497-507946437-1001\...\Run: [Skype] => C:\Program Files\Skype\Phone\Skype.exe [27230168 2016-11-15] (Skype Technologies S.A.)
HKU\S-1-5-21-1016556084-3091970497-507946437-1001\...\Run: [GarminExpressTrayApp] => C:\Program Files\Garmin\Express Tray\ExpressTray.exe [1407912 2017-01-16] (Garmin Ltd. or its subsidiaries)
HKU\S-1-5-18\...\Run: [GarminExpressTrayApp] => C:\Program Files\Garmin\Express Tray\ExpressTray.exe [1407912 2017-01-16] (Garmin Ltd. or its subsidiaries)
Lsa: [Notification Packages] scecli C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Klaus\AppData\Roaming\Dropbox\bin\DropboxExt.14.0.dll [2017-03-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Klaus\AppData\Roaming\Dropbox\bin\DropboxExt.14.0.dll [2017-03-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Klaus\AppData\Roaming\Dropbox\bin\DropboxExt.14.0.dll [2017-03-06] (Dropbox, Inc.)
Startup: C:\Users\Klaus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2017-03-10]
ShortcutTarget: Dropbox.lnk -> C:\Users\Klaus\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{282c3c11-bd40-49ce-a090-a878048b4175}: [DhcpNameServer] 192.168.178.1

Internet Explorer:
==================
HKU\S-1-5-21-1016556084-3091970497-507946437-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=SK2M&ocid=SK2MDHP&osmkt=de-de
HKU\S-1-5-21-1016556084-3091970497-507946437-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=smsn&bmod=smsn
HKU\S-1-5-21-1016556084-3091970497-507946437-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.google.de/
SearchScopes: HKLM -> DefaultScope {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7SMSN
SearchScopes: HKLM -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7SMSN
SearchScopes: HKU\S-1-5-21-1016556084-3091970497-507946437-1001 -> DefaultScope {36667B61-113B-4D4A-9655-2D5EEBF56FC0} URL = hxxps://de.search.yahoo.com/search?fr=mcafee&type=C011DE532D20140110&p={searchTerms}
SearchScopes: HKU\S-1-5-21-1016556084-3091970497-507946437-1001 -> {3188016B-9C61-4D96-A3F0-26240792A64F} URL = hxxp://go.gmx.de/tb/ie_searchplugin/?q={searchTerms}&enc=UTF-8
SearchScopes: HKU\S-1-5-21-1016556084-3091970497-507946437-1001 -> {36667B61-113B-4D4A-9655-2D5EEBF56FC0} URL = hxxps://de.search.yahoo.com/search?fr=mcafee&type=C011DE532D20140110&p={searchTerms}
SearchScopes: HKU\S-1-5-21-1016556084-3091970497-507946437-1001 -> {55E10C83-66E2-4DF3-8C6D-F1FCA32463AE} URL = hxxp://go.web.de/tb/ie_searchplugin/?q={searchTerms}&enc=UTF-8
SearchScopes: HKU\S-1-5-21-1016556084-3091970497-507946437-1001 -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.bing.com/search?FORM=SK2MDF&PC=SK2M&q={searchTerms}&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-1016556084-3091970497-507946437-1001 -> {8739C06C-4C0E-4EC0-BE0C-E7BCB362BEFF} URL = hxxp://go.1und1.de/tb/ie_searchplugin/?q={searchTerms}&enc=UTF-8
SearchScopes: HKU\S-1-5-21-1016556084-3091970497-507946437-1001 -> {942EC6E8-747D-448C-9B55-23B6147D7F60} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7SMSN_de___DE363
SearchScopes: HKU\S-1-5-21-1016556084-3091970497-507946437-1001 -> {B3C47B51-F87A-43DF-B84E-70B7324A9378} URL = hxxp://go.mail.com/tb/en-us/ie_searchplugin/?q={searchTerms}&enc=UTF-8
SearchScopes: HKU\S-1-5-21-1016556084-3091970497-507946437-1001 -> {DCA67887-DB28-490D-B4B0-BE2669C80B30} URL = hxxps://de.search.yahoo.com/search?fr=mcafee&type=B011DE532D20140110&p={searchTerms}
BHO: MSS+ Identifier -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> C:\Program Files\McAfee Security Scan\3.8.141\McAfeeMSS_IE.dll => Keine Datei
BHO: Kein Name -> {27B4851A-3207-45A2-B947-BE8AFE6163AB} -> Keine Datei
BHO: Kein Name -> {5C255C8A-E604-49b4-9D64-90988571CECB} -> Keine Datei
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_73\bin\ssv.dll [2016-02-08] (Oracle Corporation)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2010-01-18] (Google Inc.)
BHO: Google Toolbar Notifier BHO -> {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} -> C:\Program Files\Google\GoogleToolbarNotifier\5.6.5612.1312\swg.dll [2010-10-08] (Google Inc.)
BHO: WEB.DE MailCheck BHO -> {BF42D4A8-016E-4fcd-B1EB-837659FD77C6} -> C:\Program Files\WEB.DE MailCheck\IE\WEB.DE_MailCheck.dll [2016-07-21] (1und1 Mail und Media GmbH)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_73\bin\jp2ssv.dll [2016-02-08] (Oracle Corporation)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2010-01-18] (Google Inc.)
Toolbar: HKU\S-1-5-21-1016556084-3091970497-507946437-1001 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2010-01-18] (Google Inc.)
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll [2009-02-26] (Microsoft Corporation)
Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll [2009-07-26] (Microsoft Corporation)
Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll [2009-07-26] (Microsoft Corporation)
Handler: webde - {8FAF0273-9CA8-4efc-9536-1E35E254D5CD} - C:\Program Files\WEB.DE MailCheck\IE\WEB.DE_MailCheck.dll [2016-07-21] (1und1 Mail und Media GmbH)

FireFox:
========
FF ProfilePath: C:\Users\Klaus\AppData\Roaming\Mozilla\Firefox\Profiles\fx8m4482.default [2017-03-21]
FF SearchEngineOrder.1: Mozilla\Firefox\Profiles\fx8m4482.default -> Sichere Suche
FF SearchEngineOrder.3: Mozilla\Firefox\Profiles\fx8m4482.default -> Bing 
FF SelectedSearchEngine: Mozilla\Firefox\Profiles\fx8m4482.default -> Bing 
FF Homepage: Mozilla\Firefox\Profiles\fx8m4482.default -> hxxps://www.google.de/?gws_rd=ssl
FF Keyword.URL: Mozilla\Firefox\Profiles\fx8m4482.default -> hxxp://www.bing.com/search?FORM=SK2MDF&PC=SK2M&q=
FF Extension: (Bing Search) - C:\Users\Klaus\AppData\Roaming\Mozilla\Firefox\Profiles\fx8m4482.default\Extensions\bingsearch.full@microsoft.com.xpi [2015-11-29]
FF Extension: (WEB.DE MailCheck) - C:\Users\Klaus\AppData\Roaming\Mozilla\Firefox\Profiles\fx8m4482.default\Extensions\mailcheck@web.de [2016-11-23]
FF Extension: (McAfee WebAdvisor) - C:\Users\Klaus\AppData\Roaming\Mozilla\Firefox\Profiles\fx8m4482.default\Extensions\{4ED1F68A-5463-4931-9384-8FFF5ED91D92}.xpi [2015-08-04] [ist nicht signiert]
FF Extension: (Adblock Plus) - C:\Users\Klaus\AppData\Roaming\Mozilla\Firefox\Profiles\fx8m4482.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-11-24]
FF SearchPlugin: C:\Users\Klaus\AppData\Roaming\Mozilla\Firefox\Profiles\fx8m4482.default\searchplugins\bing-.xml [2015-11-29]
FF SearchPlugin: C:\Users\Klaus\AppData\Roaming\Mozilla\Firefox\Profiles\fx8m4482.default\searchplugins\yahoo-ysp.xml [2015-11-30]
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\McSiteAdvisor.xml [2015-08-20]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_24_0_0_194.dll [2017-01-30] ()
FF Plugin: @adobe.com/ShockwavePlayer -> C:\windows\system32\Adobe\Director\np32dsw_1200112.dll [2013-02-18] (Adobe Systems, Inc.)
FF Plugin: @Apple.com/iTunes,version=1.0 -> C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll [Keine Datei]
FF Plugin: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2011-07-19] (Foxit Corporation)
FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google)
FF Plugin: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files\Google\Picasa3\npPicasa3.dll [2014-01-06] (Google, Inc.)
FF Plugin: @java.com/DTPlugin,version=11.73.2 -> C:\Program Files\Java\jre1.8.0_73\bin\dtplugin\npDeployJava1.dll [2016-02-08] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.73.2 -> C:\Program Files\Java\jre1.8.0_73\bin\plugin2\npjp2.dll [2016-02-08] (Oracle Corporation)
FF Plugin: @mcafee.com/McAfeeMssPlugin -> C:\Program Files\McAfee Security Scan\3.8.141\npMcAfeeMss.dll [Keine Datei]
FF Plugin: @mcafee.com/MVT -> C:\Program Files\McAfee\Supportability\MVT\NPMVTPlugin.dll [Keine Datei]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50905.0\npctrl.dll [2017-02-10] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files\Microsoft\Office Live\npOLW.dll [2010-04-26] (Microsoft Corp.)
FF Plugin: @microsoft.com/WLPG,version=14.0.8081.0709 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2009-07-10] (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.23.9\npGoogleUpdate3.dll [Keine Datei]
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.23.9\npGoogleUpdate3.dll [Keine Datei]
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-12-23] (Adobe Systems Inc.)

Chrome: 
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\Klaus\AppData\Local\Google\Chrome\User Data\Default [2017-03-21]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Klaus\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2016-11-07]
CHR Extension: (Skype) - C:\Users\Klaus\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2017-03-08]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Klaus\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-02-08]
CHR HKLM\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - hxxps://clients2.google.com/service/update2/crx

==================== Dienste (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 chip1click; C:\Program Files\Chip Digital GmbH\chip1click\chip 1-click installer.exe [91136 2016-10-27] (Chip Digital GmbH) [Datei ist nicht signiert]
S3 DATEV Update-Service; C:\DATEV\PROGRAMM\INSTALL\DvInesASDSvc.Exe [147040 2009-12-03] (DATEV eG) [Datei ist nicht signiert]
R2 DatevPrintService; C:\DATEV\PROGRAMM\B0001442\PSNTSERV.EXE [77312 2008-11-24] (DATEV eG) [Datei ist nicht signiert]
R2 Garmin Device Interaction Service; C:\Program Files\Garmin\Device Interaction Service\GarminService.exe [1039376 2017-01-16] (Garmin Ltd. or its subsidiaries)
R2 ProtexisLicensing; C:\windows\system32\PSIService.exe [174656 2006-11-02] () [Datei ist nicht signiert]
R2 Rezip; C:\windows\SYSTEM32\Rezip.exe [311296 2009-03-05] () [Datei ist nicht signiert]
R2 RichVideo; C:\Program Files\CyberLink\Shared files\RichVideo.exe [247152 2009-07-07] ()
R2 TeamViewer; C:\Program Files\TeamViewer\TeamViewer_Service.exe [5702416 2015-09-11] (TeamViewer GmbH)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [271496 2016-07-16] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [84920 2017-03-04] (Microsoft Corporation)
S2 0184281489596451mcinstcleanup; C:\WINDOWS\TEMP\018428~1.EXE -cleanup -nolog [X]
S2 InstallerService; C:\Program Files\TrueKey\Mcafee.TrueKey.InstallerService.exe -originalversion 4.4.127.0 [X]

===================== Treiber (Nicht auf der Ausnahmeliste) ======================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [108032 2016-04-24] (Samsung Electronics Co., Ltd.)
R2 KMDFMEMIO; C:\WINDOWS\System32\DRIVERS\kmdfmemio.sys [13312 2007-06-01] (SAMSUNG ELECTRONICS CO., LTD.)
S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [62976 2016-07-16] ()
R3 rtl819xp; C:\WINDOWS\System32\drivers\rtl819xp.sys [552448 2016-07-16] (Realtek Semiconductor Corporation                           )
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [199936 2016-04-24] (Samsung Electronics Co., Ltd.)
R1 StarPortLite; C:\WINDOWS\System32\drivers\StarPortLite.sys [95592 2009-03-02] (Rocket Division Software)
R3 VMC326; C:\WINDOWS\System32\Drivers\VMC326.sys [237696 2009-08-10] (Vimicro Corporation)
S0 WdBoot; C:\WINDOWS\System32\drivers\WdBoot.sys [37912 2016-07-16] (Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\WdFilter.sys [244576 2016-07-16] (Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [100192 2016-07-16] (Microsoft Corporation)
R3 yukonw8; C:\WINDOWS\System32\drivers\yk63x86.sys [242688 2016-07-16] (Marvell)
U3 idsvc; kein ImagePath

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2017-03-21 11:33 - 2017-03-21 11:34 - 00021752 _____ C:\Users\Klaus\Desktop\FRST.txt
2017-03-21 11:33 - 2017-03-21 11:33 - 00000000 ____D C:\FRST
2017-03-21 11:31 - 2017-03-21 11:32 - 01766912 _____ (Farbar) C:\Users\Klaus\Desktop\FRST.exe
2017-03-21 10:58 - 2017-03-21 10:59 - 04031440 _____ C:\Users\Klaus\Downloads\AdwCleaner_6.044(1).exe
2017-03-21 10:56 - 2017-03-21 10:57 - 04031440 _____ C:\Users\Klaus\Desktop\AdwCleaner_6.044.exe
2017-03-21 10:24 - 2017-03-21 10:24 - 00000000 ___HD C:\OneDriveTemp
2017-03-20 18:31 - 2017-03-20 18:35 - 00047608 _____ C:\Users\Klaus\Downloads\SystemLook.txt
2017-03-20 18:25 - 2017-03-20 18:25 - 00139264 _____ C:\Users\Klaus\Desktop\SystemLook.exe
2017-03-18 16:48 - 2017-03-18 16:48 - 00000000 ____D C:\Users\Klaus\AppData\Local\Downloaded Installations
2017-03-18 16:48 - 2017-03-18 16:48 - 00000000 ____D C:\Program Files\Chip Digital GmbH
2017-03-18 16:45 - 2017-03-18 16:46 - 01496584 _____ C:\Users\Klaus\Downloads\McAfee Consumer Product Removal Tool - CHIP-Installer.exe
2017-03-18 16:25 - 2017-03-18 16:36 - 00000000 ____D C:\WINDOWS\Microsoft Antimalware
2017-03-18 16:03 - 2017-03-18 16:04 - 08681136 _____ (McAfee, Inc.) C:\Users\Klaus\Downloads\MCPR.exe
2017-03-18 09:15 - 2017-03-18 16:12 - 00000000 ____D C:\Program Files\Mozilla Firefox
2017-03-16 17:36 - 2017-03-16 17:36 - 00002233 _____ C:\Users\Public\Desktop\tax 2017.lnk
2017-03-16 17:36 - 2017-03-16 17:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\tax 2017
2017-03-15 17:51 - 2017-03-15 17:50 - 00095050 _____ C:\Users\Klaus\Documents\01-LorenzMaroldtMitte-Tour.gpx
2017-03-15 08:22 - 2017-03-04 08:57 - 01339744 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2017-03-15 08:22 - 2017-03-04 08:57 - 00980320 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2017-03-15 08:22 - 2017-03-04 08:57 - 00513888 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2017-03-15 08:22 - 2017-03-04 08:57 - 00450912 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2017-03-15 08:22 - 2017-03-04 08:57 - 00279392 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2017-03-15 08:22 - 2017-03-04 08:57 - 00229720 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcntel.dll
2017-03-15 08:22 - 2017-03-04 08:57 - 00192352 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2017-03-15 08:22 - 2017-03-04 08:57 - 00113504 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2017-03-15 08:22 - 2017-03-04 08:57 - 00073056 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2017-03-15 08:22 - 2017-03-04 08:57 - 00031584 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2017-03-15 08:22 - 2017-03-04 08:40 - 00965472 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReAgent.dll
2017-03-15 08:22 - 2017-03-04 08:09 - 00890984 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2017-03-15 08:22 - 2017-03-04 08:09 - 00320144 _____ (Microsoft Corporation) C:\WINDOWS\system32\systemreset.exe
2017-03-15 08:22 - 2017-03-04 08:08 - 01725136 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2017-03-15 08:22 - 2017-03-04 08:08 - 00036704 _____ (Microsoft Corporation) C:\WINDOWS\system32\SysResetErr.exe
2017-03-15 08:22 - 2017-03-04 07:59 - 00869728 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2017-03-15 08:22 - 2017-03-04 07:59 - 00274272 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinSetupUI.dll
2017-03-15 08:22 - 2017-03-04 07:57 - 00581672 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2017-03-15 08:22 - 2017-03-04 07:54 - 02277288 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll
2017-03-15 08:22 - 2017-03-04 07:54 - 00524776 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2017-03-15 08:22 - 2017-03-04 07:53 - 05722320 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2017-03-15 08:22 - 2017-03-04 07:53 - 00313568 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanapi.dll
2017-03-15 08:22 - 2017-03-04 07:51 - 01980768 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2017-03-15 08:22 - 2017-03-04 07:51 - 00523784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2017-03-15 08:22 - 2017-03-04 07:51 - 00399712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2017-03-15 08:22 - 2017-03-04 07:51 - 00186720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2017-03-15 08:22 - 2017-03-04 07:50 - 00846560 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2017-03-15 08:22 - 2017-03-04 07:50 - 00355680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2017-03-15 08:22 - 2017-03-04 07:47 - 06667528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2017-03-15 08:22 - 2017-03-04 07:46 - 04312248 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2017-03-15 08:22 - 2017-03-04 07:45 - 00117280 _____ (Microsoft Corporation) C:\WINDOWS\system32\AuthHost.exe
2017-03-15 08:22 - 2017-03-04 07:42 - 01411616 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2017-03-15 08:22 - 2017-03-04 07:42 - 01260784 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2017-03-15 08:22 - 2017-03-04 07:31 - 00027648 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsUpdateElevatedInstaller.exe
2017-03-15 08:22 - 2017-03-04 07:30 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchWinApp.exe
2017-03-15 08:22 - 2017-03-04 07:28 - 00045568 _____ (Microsoft Corporation) C:\WINDOWS\system32\BluetoothDesktopHandlers.dll
2017-03-15 08:22 - 2017-03-04 07:28 - 00041984 _____ (Microsoft Corporation) C:\WINDOWS\system32\musdialoghandlers.dll
2017-03-15 08:22 - 2017-03-04 07:26 - 00430080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nwifi.sys
2017-03-15 08:22 - 2017-03-04 07:26 - 00119296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Family.Client.dll
2017-03-15 08:22 - 2017-03-04 07:26 - 00038912 _____ (Microsoft Corporation) C:\WINDOWS\system32\wfdprov.dll
2017-03-15 08:22 - 2017-03-04 07:25 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\system32\BrowserSettingSync.dll
2017-03-15 08:22 - 2017-03-04 07:24 - 00395264 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansec.dll
2017-03-15 08:22 - 2017-03-04 07:24 - 00186880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Family.SyncEngine.dll
2017-03-15 08:22 - 2017-03-04 07:24 - 00129024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.SerialCommunication.dll
2017-03-15 08:22 - 2017-03-04 07:22 - 01299968 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVPXENC.dll
2017-03-15 08:22 - 2017-03-04 07:22 - 00774144 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll
2017-03-15 08:22 - 2017-03-04 07:22 - 00414208 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2017-03-15 08:22 - 2017-03-04 07:22 - 00271872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.SmartCards.Phone.dll
2017-03-15 08:22 - 2017-03-04 07:22 - 00265728 _____ C:\WINDOWS\system32\Windows.Perception.Stub.dll
2017-03-15 08:22 - 2017-03-04 07:22 - 00231424 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudBackupSettings.dll
2017-03-15 08:22 - 2017-03-04 07:22 - 00230912 _____ (Microsoft Corporation) C:\WINDOWS\system32\icm32.dll
2017-03-15 08:22 - 2017-03-04 07:22 - 00216576 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeveloperOptionsSettingsHandlers.dll
2017-03-15 08:22 - 2017-03-04 07:22 - 00113152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dfsc.sys
2017-03-15 08:22 - 2017-03-04 07:21 - 01243136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.FaceAnalysis.dll
2017-03-15 08:22 - 2017-03-04 07:21 - 00631296 _____ (Microsoft Corporation) C:\WINDOWS\system32\main.cpl
2017-03-15 08:22 - 2017-03-04 07:21 - 00389632 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2017-03-15 08:22 - 2017-03-04 07:20 - 00632832 _____ (Microsoft Corporation) C:\WINDOWS\system32\sud.dll
2017-03-15 08:22 - 2017-03-04 07:20 - 00518656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdiWiFi.sys
2017-03-15 08:22 - 2017-03-04 07:20 - 00506880 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevicePairing.dll
2017-03-15 08:22 - 2017-03-04 07:20 - 00368128 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanui.dll
2017-03-15 08:22 - 2017-03-04 07:19 - 00498688 _____ (Microsoft Corporation) C:\WINDOWS\system32\mbsmsapi.dll
2017-03-15 08:22 - 2017-03-04 07:19 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Picker.dll
2017-03-15 08:22 - 2017-03-04 07:18 - 00896512 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontext.dll
2017-03-15 08:22 - 2017-03-04 07:18 - 00387072 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.UserAccountsHandlers.dll
2017-03-15 08:22 - 2017-03-04 07:17 - 01110016 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModel.dll
2017-03-15 08:22 - 2017-03-04 07:16 - 00994304 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplicationFrame.dll
2017-03-15 08:22 - 2017-03-04 07:16 - 00760832 _____ (Microsoft Corporation) C:\WINDOWS\system32\appwiz.cpl
2017-03-15 08:22 - 2017-03-04 07:16 - 00636928 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
2017-03-15 08:22 - 2017-03-04 07:16 - 00623616 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2017-03-15 08:22 - 2017-03-04 07:16 - 00526336 _____ (Microsoft Corporation) C:\WINDOWS\system32\mscms.dll
2017-03-15 08:22 - 2017-03-04 07:15 - 00313856 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2017-03-15 08:22 - 2017-03-04 07:13 - 07626752 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2017-03-15 08:22 - 2017-03-04 07:13 - 06474752 _____ (Microsoft Corporation) C:\WINDOWS\system32\mspaint.exe
2017-03-15 08:22 - 2017-03-04 07:13 - 03733504 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_47.dll
2017-03-15 08:22 - 2017-03-04 07:13 - 02458112 _____ (Microsoft Corporation) C:\WINDOWS\system32\themecpl.dll
2017-03-15 08:22 - 2017-03-04 07:13 - 01104896 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpeechPal.dll
2017-03-15 08:22 - 2017-03-04 07:12 - 00589312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Sensors.dll
2017-03-15 08:22 - 2017-03-04 07:11 - 00355328 _____ (Microsoft Corporation) C:\WINDOWS\system32\RTMediaFrame.dll
2017-03-15 08:22 - 2017-03-04 07:10 - 00300544 _____ (Microsoft Corporation) C:\WINDOWS\regedit.exe
2017-03-15 08:22 - 2017-03-04 07:10 - 00144384 _____ (Microsoft Corporation) C:\WINDOWS\system32\RelPost.exe
2017-03-15 08:22 - 2017-03-04 07:09 - 00945664 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2017-03-15 08:22 - 2017-03-04 07:09 - 00795648 _____ (Microsoft Corporation) C:\WINDOWS\system32\MiracastReceiver.dll
2017-03-15 08:22 - 2017-03-04 07:09 - 00570368 _____ (Microsoft Corporation) C:\WINDOWS\system32\clusapi.dll
2017-03-15 08:22 - 2017-03-04 07:09 - 00192000 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhengine.dll
2017-03-15 08:22 - 2017-03-04 07:09 - 00123904 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProximityCommon.dll
2017-03-15 08:22 - 2017-03-04 07:08 - 12349952 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2017-03-15 08:22 - 2017-03-04 07:08 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhcfg.dll
2017-03-15 08:22 - 2017-03-04 07:07 - 02748928 _____ (Microsoft Corporation) C:\WINDOWS\system32\mispace.dll
2017-03-15 08:22 - 2017-03-04 07:07 - 02643456 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2017-03-15 08:22 - 2017-03-04 07:07 - 01255936 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2017-03-15 08:22 - 2017-03-04 07:07 - 00582656 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpaceControl.dll
2017-03-15 08:22 - 2017-03-04 07:07 - 00551424 _____ (Microsoft Corporation) C:\WINDOWS\system32\vds.exe
2017-03-15 08:22 - 2017-03-04 07:07 - 00495104 _____ (Microsoft Corporation) C:\WINDOWS\system32\BootMenuUX.dll
2017-03-15 08:22 - 2017-03-04 07:07 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhtask.dll
2017-03-15 08:22 - 2017-03-04 07:06 - 03774464 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2017-03-15 08:22 - 2017-03-04 07:06 - 02153984 _____ (Microsoft Corporation) C:\WINDOWS\system32\storagewmi.dll
2017-03-15 08:22 - 2017-03-04 07:06 - 01017856 _____ (Microsoft Corporation) C:\WINDOWS\system32\VSSVC.exe
2017-03-15 08:22 - 2017-03-04 07:05 - 01133568 _____ (Microsoft Corporation) C:\WINDOWS\system32\vssapi.dll
2017-03-15 08:22 - 2017-03-04 07:05 - 00339968 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhsettingsprovider.dll
2017-03-15 08:22 - 2017-03-04 07:05 - 00298496 _____ (Microsoft Corporation) C:\WINDOWS\system32\resutils.dll
2017-03-15 08:22 - 2017-03-04 07:05 - 00113152 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpaceAgent.exe
2017-03-15 08:22 - 2017-03-04 07:04 - 01136128 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2017-03-15 08:22 - 2017-03-04 07:04 - 00640000 _____ (Microsoft Corporation) C:\WINDOWS\system32\MCRecvSrc.dll
2017-03-15 08:22 - 2017-03-04 07:02 - 04423680 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
2017-03-15 08:22 - 2017-03-04 07:02 - 02484736 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameux.dll
2017-03-15 08:22 - 2017-03-04 07:02 - 01997824 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2017-03-15 08:22 - 2017-03-04 07:02 - 01170944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.dll
2017-03-15 08:22 - 2017-03-04 07:02 - 00580608 _____ (Microsoft Corporation) C:\WINDOWS\system32\hgcpl.dll
2017-03-15 08:22 - 2017-03-04 07:01 - 01988096 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2017-03-15 08:22 - 2017-03-04 07:01 - 01556992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2017-03-15 08:22 - 2017-03-04 07:01 - 00773120 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2017-03-15 08:22 - 2017-03-04 07:01 - 00560640 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserLanguagesCpl.dll
2017-03-15 08:22 - 2017-03-04 07:01 - 00422400 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.dll
2017-03-15 08:22 - 2017-03-04 07:00 - 04557824 _____ (Microsoft) C:\WINDOWS\system32\dbgeng.dll
2017-03-15 08:22 - 2017-03-04 07:00 - 02996736 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2017-03-15 08:22 - 2017-03-04 07:00 - 02003968 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2017-03-15 08:22 - 2017-03-04 07:00 - 01524224 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2017-03-15 08:22 - 2017-03-04 07:00 - 01121280 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2017-03-15 08:22 - 2017-03-04 07:00 - 00798208 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2017-03-15 08:22 - 2017-03-04 07:00 - 00654336 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApiPublic.dll
2017-03-15 08:22 - 2017-03-04 06:57 - 01438720 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.dll
2017-03-15 08:22 - 2017-03-04 06:57 - 00449024 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmCoreProvisioning.dll
2017-03-15 08:21 - 2017-03-04 08:57 - 00484584 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2017-03-15 08:21 - 2017-03-04 08:57 - 00315744 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2017-03-15 08:21 - 2017-03-04 08:46 - 00448864 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContentDeliveryManager.Utilities.dll
2017-03-15 08:21 - 2017-03-04 08:09 - 02206496 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2017-03-15 08:21 - 2017-03-04 08:09 - 01969912 _____ (Microsoft Corporation) C:\WINDOWS\system32\hevcdecoder.dll
2017-03-15 08:21 - 2017-03-04 08:09 - 00783552 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2017-03-15 08:21 - 2017-03-04 08:09 - 00092000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys
2017-03-15 08:21 - 2017-03-04 08:07 - 01073816 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2017-03-15 08:21 - 2017-03-04 08:07 - 00945760 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2017-03-15 08:21 - 2017-03-04 08:06 - 01956704 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2017-03-15 08:21 - 2017-03-04 08:06 - 00341336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Classpnp.sys
2017-03-15 08:21 - 2017-03-04 08:06 - 00106336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\partmgr.sys
2017-03-15 08:21 - 2017-03-04 08:04 - 02048496 _____ C:\WINDOWS\system32\CoreUIComponents.dll
2017-03-15 08:21 - 2017-03-04 08:03 - 00583136 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2017-03-15 08:21 - 2017-03-04 08:02 - 00950112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2017-03-15 08:21 - 2017-03-04 07:59 - 00055136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dam.sys
2017-03-15 08:21 - 2017-03-04 07:56 - 00248992 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanager.dll
2017-03-15 08:21 - 2017-03-04 07:54 - 01897824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2017-03-15 08:21 - 2017-03-04 07:53 - 02256080 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2017-03-15 08:21 - 2017-03-04 07:53 - 00975744 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2017-03-15 08:21 - 2017-03-04 07:53 - 00551264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2017-03-15 08:21 - 2017-03-04 07:53 - 00493912 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2017-03-15 08:21 - 2017-03-04 07:52 - 00272720 _____ (Microsoft Corporation) C:\WINDOWS\system32\wintrust.dll
2017-03-15 08:21 - 2017-03-04 07:51 - 00576408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2017-03-15 08:21 - 2017-03-04 07:51 - 00458592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2017-03-15 08:21 - 2017-03-04 07:51 - 00454496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2017-03-15 08:21 - 2017-03-04 07:50 - 00100704 _____ (Microsoft Corporation) C:\WINDOWS\system32\icfupgd.dll
2017-03-15 08:21 - 2017-03-04 07:47 - 20969928 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2017-03-15 08:21 - 2017-03-04 07:47 - 01557808 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2017-03-15 08:21 - 2017-03-04 07:47 - 00530480 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2017-03-15 08:21 - 2017-03-04 07:47 - 00432336 _____ (Microsoft Corporation) C:\WINDOWS\system32\DMRServer.dll
2017-03-15 08:21 - 2017-03-04 07:47 - 00374448 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFPlay.dll
2017-03-15 08:21 - 2017-03-04 07:47 - 00352760 _____ (Microsoft Corporation) C:\WINDOWS\system32\MMDevAPI.dll
2017-03-15 08:21 - 2017-03-04 07:47 - 00034088 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompPkgSup.dll
2017-03-15 08:21 - 2017-03-04 07:46 - 01384704 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2017-03-15 08:21 - 2017-03-04 07:46 - 01224104 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcMon.exe
2017-03-15 08:21 - 2017-03-04 07:46 - 00321792 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppHost.exe
2017-03-15 08:21 - 2017-03-04 07:46 - 00198496 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHost.dll
2017-03-15 08:21 - 2017-03-04 07:46 - 00125792 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostBroker.dll
2017-03-15 08:21 - 2017-03-04 07:45 - 00173408 _____ (Microsoft Corporation) C:\WINDOWS\system32\basecsp.dll
2017-03-15 08:21 - 2017-03-04 07:45 - 00112120 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpapi.dll
2017-03-15 08:21 - 2017-03-04 07:45 - 00093984 _____ (Microsoft Corporation) C:\WINDOWS\system32\phoneactivate.exe
2017-03-15 08:21 - 2017-03-04 07:42 - 00545944 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2017-03-15 08:21 - 2017-03-04 07:42 - 00276832 _____ (Microsoft Corporation) C:\WINDOWS\system32\input.dll
2017-03-15 08:21 - 2017-03-04 07:36 - 05685760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2017-03-15 08:21 - 2017-03-04 07:30 - 00095232 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTimeUtil.dll
2017-03-15 08:21 - 2017-03-04 07:30 - 00051712 _____ (Microsoft Corporation) C:\WINDOWS\system32\usoapi.dll
2017-03-15 08:21 - 2017-03-04 07:30 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\odbcconf.dll
2017-03-15 08:21 - 2017-03-04 07:29 - 00112640 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssitlb.dll
2017-03-15 08:21 - 2017-03-04 07:29 - 00091648 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctfp.dll
2017-03-15 08:21 - 2017-03-04 07:29 - 00075264 _____ (Microsoft Corporation) C:\WINDOWS\system32\DuCsps.dll
2017-03-15 08:21 - 2017-03-04 07:28 - 00216576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\xboxgip.sys
2017-03-15 08:21 - 2017-03-04 07:27 - 00192512 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2017-03-15 08:21 - 2017-03-04 07:27 - 00123392 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcertinst.exe
2017-03-15 08:21 - 2017-03-04 07:27 - 00108544 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblGameSaveExt.dll
2017-03-15 08:21 - 2017-03-04 07:27 - 00055296 _____ (Microsoft Corporation) C:\WINDOWS\system32\findnetprinters.dll
2017-03-15 08:21 - 2017-03-04 07:27 - 00045056 _____ (Microsoft Corporation) C:\WINDOWS\system32\ddrawex.dll
2017-03-15 08:21 - 2017-03-04 07:26 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbonRes.dll
2017-03-15 08:21 - 2017-03-04 07:26 - 00215040 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_WorkAccess.dll
2017-03-15 08:21 - 2017-03-04 07:26 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDeviceRegistration.dll
2017-03-15 08:21 - 2017-03-04 07:26 - 00073216 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2017-03-15 08:21 - 2017-03-04 07:25 - 00519680 _____ (Microsoft Corporation) C:\WINDOWS\system32\vpnike.dll
2017-03-15 08:21 - 2017-03-04 07:25 - 00251904 _____ (Microsoft Corporation) C:\WINDOWS\system32\mscandui.dll
2017-03-15 08:21 - 2017-03-04 07:25 - 00175104 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiapi.dll
2017-03-15 08:21 - 2017-03-04 07:25 - 00073216 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzautoupdate.dll
2017-03-15 08:21 - 2017-03-04 07:25 - 00057344 _____ (Microsoft Corporation) C:\WINDOWS\system32\WPDShServiceObj.dll
2017-03-15 08:21 - 2017-03-04 07:25 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\tbauth.dll
2017-03-15 08:21 - 2017-03-04 07:24 - 00328192 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2017-03-15 08:21 - 2017-03-04 07:24 - 00223232 _____ (Microsoft Corporation) C:\WINDOWS\system32\scksp.dll
2017-03-15 08:21 - 2017-03-04 07:24 - 00093184 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctfui.dll
2017-03-15 08:21 - 2017-03-04 07:24 - 00088576 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDeviceRegistration.Ngc.dll
2017-03-15 08:21 - 2017-03-04 07:24 - 00022016 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBrokerCookies.exe
2017-03-15 08:21 - 2017-03-04 07:23 - 00374784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.LowLevel.dll
2017-03-15 08:21 - 2017-03-04 07:23 - 00315904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Gaming.XboxLive.Storage.dll
2017-03-15 08:21 - 2017-03-04 07:23 - 00291840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Search.ProtocolHandler.MAPI2.dll
2017-03-15 08:21 - 2017-03-04 07:23 - 00231936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.LockScreen.dll
2017-03-15 08:21 - 2017-03-04 07:23 - 00184320 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserMgrProxy.dll
2017-03-15 08:21 - 2017-03-04 07:23 - 00172032 _____ (Microsoft Corporation) C:\WINDOWS\system32\netiohlp.dll
2017-03-15 08:21 - 2017-03-04 07:23 - 00102912 _____ (Microsoft Corporation) C:\WINDOWS\system32\appinfo.dll
2017-03-15 08:21 - 2017-03-04 07:22 - 00237568 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncSettings.dll
2017-03-15 08:21 - 2017-03-04 07:22 - 00183296 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFilterHost.exe
2017-03-15 08:21 - 2017-03-04 07:22 - 00117760 _____ (Microsoft Corporation) C:\WINDOWS\system32\AuthBroker.dll
2017-03-15 08:21 - 2017-03-04 07:22 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\DafPrintProvider.dll
2017-03-15 08:21 - 2017-03-04 07:21 - 00670208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.PointOfService.dll
2017-03-15 08:21 - 2017-03-04 07:21 - 00579072 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblAuthManager.dll
2017-03-15 08:21 - 2017-03-04 07:21 - 00483840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.AllJoyn.dll
2017-03-15 08:21 - 2017-03-04 07:21 - 00445952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.UX.EapRequestHandler.dll
2017-03-15 08:21 - 2017-03-04 07:21 - 00196608 _____ (Microsoft Corporation) C:\WINDOWS\system32\tapi32.dll
2017-03-15 08:21 - 2017-03-04 07:20 - 00562176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.SmartCards.dll
2017-03-15 08:21 - 2017-03-04 07:20 - 00534528 _____ (Microsoft Corporation) C:\WINDOWS\system32\PCPTpm12.dll
2017-03-15 08:21 - 2017-03-04 07:20 - 00426496 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneDriveSettingSyncProvider.dll
2017-03-15 08:21 - 2017-03-04 07:20 - 00424960 _____ (Microsoft Corporation) C:\WINDOWS\system32\msutb.dll
2017-03-15 08:21 - 2017-03-04 07:20 - 00386048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.WiFiDirect.dll
2017-03-15 08:21 - 2017-03-04 07:20 - 00325120 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleacc.dll
2017-03-15 08:21 - 2017-03-04 07:20 - 00322560 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpAXHolder.dll
2017-03-15 08:21 - 2017-03-04 07:20 - 00284672 _____ (Microsoft Corporation) C:\WINDOWS\system32\apprepsync.dll
2017-03-15 08:21 - 2017-03-04 07:20 - 00206336 _____ (Microsoft Corporation) C:\WINDOWS\system32\vaultcli.dll
2017-03-15 08:21 - 2017-03-04 07:20 - 00175616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Scanners.dll
2017-03-15 08:21 - 2017-03-04 07:20 - 00161792 _____ (Microsoft Corporation) C:\WINDOWS\system32\certprop.dll
2017-03-15 08:21 - 2017-03-04 07:20 - 00125952 _____ (Microsoft Corporation) C:\WINDOWS\system32\apprepapi.dll
2017-03-15 08:21 - 2017-03-04 07:19 - 00790528 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2017-03-15 08:21 - 2017-03-04 07:19 - 00714752 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssvp.dll
2017-03-15 08:21 - 2017-03-04 07:19 - 00704512 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblGameSave.dll
2017-03-15 08:21 - 2017-03-04 07:19 - 00414208 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2017-03-15 08:21 - 2017-03-04 07:19 - 00390656 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredProvDataModel.dll
2017-03-15 08:21 - 2017-03-04 07:19 - 00318464 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFolder.dll
2017-03-15 08:21 - 2017-03-04 07:19 - 00277504 _____ (Microsoft Corporation) C:\WINDOWS\system32\icsvcext.dll
2017-03-15 08:21 - 2017-03-04 07:19 - 00273920 _____ (Microsoft Corporation) C:\WINDOWS\system32\PrintDialogs3D.dll
2017-03-15 08:21 - 2017-03-04 07:19 - 00214528 _____ (Microsoft Corporation) C:\WINDOWS\system32\ubpm.dll
2017-03-15 08:21 - 2017-03-04 07:18 - 01378304 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2017-03-15 08:21 - 2017-03-04 07:18 - 00828928 _____ (Microsoft Corporation) C:\WINDOWS\system32\XboxNetApiSvc.dll
2017-03-15 08:21 - 2017-03-04 07:18 - 00819200 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppContracts.dll
2017-03-15 08:21 - 2017-03-04 07:18 - 00548352 _____ (Microsoft Corporation) C:\WINDOWS\system32\ddraw.dll
2017-03-15 08:21 - 2017-03-04 07:18 - 00525824 _____ (Microsoft Corporation) C:\WINDOWS\system32\PrintDialogs.dll
2017-03-15 08:21 - 2017-03-04 07:18 - 00517632 _____ (Microsoft Corporation) C:\WINDOWS\system32\FlightSettings.dll
2017-03-15 08:21 - 2017-03-04 07:18 - 00284672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.dll
2017-03-15 08:21 - 2017-03-04 07:18 - 00254464 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssphtb.dll
2017-03-15 08:21 - 2017-03-04 07:18 - 00140800 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssph.dll
2017-03-15 08:21 - 2017-03-04 07:18 - 00074752 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll
2017-03-15 08:21 - 2017-03-04 07:17 - 00827392 _____ (Microsoft Corporation) C:\WINDOWS\system32\iphlpsvc.dll
2017-03-15 08:21 - 2017-03-04 07:17 - 00482304 _____ (Microsoft Corporation) C:\WINDOWS\system32\ipnathlp.dll
2017-03-15 08:21 - 2017-03-04 07:17 - 00425472 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2017-03-15 08:21 - 2017-03-04 07:17 - 00297472 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2017-03-15 08:21 - 2017-03-04 07:17 - 00256512 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2017-03-15 08:21 - 2017-03-04 07:17 - 00218112 _____ (Microsoft Corporation) C:\WINDOWS\system32\sharemediacpl.dll
2017-03-15 08:21 - 2017-03-04 07:16 - 01456640 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2017-03-15 08:21 - 2017-03-04 07:16 - 01013248 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2017-03-15 08:21 - 2017-03-04 07:16 - 00858112 _____ (Microsoft Corporation) C:\WINDOWS\system32\EmailApis.dll
2017-03-15 08:21 - 2017-03-04 07:16 - 00846336 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebcamUi.dll
2017-03-15 08:21 - 2017-03-04 07:16 - 00816640 _____ (Microsoft Corporation) C:\WINDOWS\system32\NaturalLanguage6.dll
2017-03-15 08:21 - 2017-03-04 07:16 - 00711680 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2017-03-15 08:21 - 2017-03-04 07:16 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2017-03-15 08:21 - 2017-03-04 07:16 - 00565248 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2017-03-15 08:21 - 2017-03-04 07:16 - 00561664 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmans.dll
2017-03-15 08:21 - 2017-03-04 07:16 - 00473600 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2017-03-15 08:21 - 2017-03-04 07:16 - 00368128 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiobj.dll
2017-03-15 08:21 - 2017-03-04 07:16 - 00288256 _____ (Microsoft Corporation) C:\WINDOWS\system32\CryptoWinRT.dll
2017-03-15 08:21 - 2017-03-04 07:16 - 00242688 _____ (Microsoft Corporation) C:\WINDOWS\system32\NgcCtnrSvc.dll
2017-03-15 08:21 - 2017-03-04 07:15 - 00336384 _____ (Microsoft Corporation) C:\WINDOWS\system32\azroleui.dll
2017-03-15 08:21 - 2017-03-04 07:14 - 01534464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Printing.3D.dll
2017-03-15 08:21 - 2017-03-04 07:14 - 00236032 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmWmiPl.dll
2017-03-15 08:21 - 2017-03-04 07:14 - 00151552 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXApplicabilityBlob.dll
2017-03-15 08:21 - 2017-03-04 07:13 - 01228288 _____ (Microsoft Corporation) C:\WINDOWS\system32\usercpl.dll
2017-03-15 08:21 - 2017-03-04 07:13 - 01056768 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll
2017-03-15 08:21 - 2017-03-04 07:13 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppointmentApis.dll
2017-03-15 08:21 - 2017-03-04 07:13 - 00653312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.AccountsControl.dll
2017-03-15 08:21 - 2017-03-04 07:13 - 00608768 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
2017-03-15 08:21 - 2017-03-04 07:12 - 01842688 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnidui.dll
2017-03-15 08:21 - 2017-03-04 07:12 - 00884224 _____ (Microsoft Corporation) C:\WINDOWS\HelpPane.exe
2017-03-15 08:21 - 2017-03-04 07:12 - 00818176 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2017-03-15 08:21 - 2017-03-04 07:12 - 00700416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Storage.Search.dll
2017-03-15 08:21 - 2017-03-04 07:11 - 01320448 _____ (Microsoft Corporation) C:\WINDOWS\system32\comsvcs.dll
2017-03-15 08:21 - 2017-03-04 07:11 - 01284096 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdtctm.dll
2017-03-15 08:21 - 2017-03-04 07:11 - 00343552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys
2017-03-15 08:21 - 2017-03-04 07:10 - 01098752 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpsvc.dll
2017-03-15 08:21 - 2017-03-04 07:10 - 00471552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.BackgroundMediaPlayback.dll
2017-03-15 08:21 - 2017-03-04 07:09 - 00343040 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToDevice.dll
2017-03-15 08:21 - 2017-03-04 07:08 - 00713216 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnapps.dll
2017-03-15 08:21 - 2017-03-04 07:07 - 01406976 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationFramework.dll
2017-03-15 08:21 - 2017-03-04 07:07 - 00895488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.dll
2017-03-15 08:21 - 2017-03-04 07:07 - 00085504 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpninprc.dll
2017-03-15 08:21 - 2017-03-04 07:06 - 06109184 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2017-03-15 08:21 - 2017-03-04 07:06 - 05380608 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2017-03-15 08:21 - 2017-03-04 07:06 - 03198464 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
2017-03-15 08:21 - 2017-03-04 07:06 - 01382400 _____ (Microsoft Corporation) C:\WINDOWS\system32\workfolderssvc.dll
2017-03-15 08:21 - 2017-03-04 07:06 - 00090624 _____ (Microsoft Corporation) C:\WINDOWS\system32\olepro32.dll
2017-03-15 08:21 - 2017-03-04 07:05 - 07468544 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2017-03-15 08:21 - 2017-03-04 07:05 - 03520512 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsrchvw.exe
2017-03-15 08:21 - 2017-03-04 07:05 - 00194560 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkFoldersShell.dll
2017-03-15 08:21 - 2017-03-04 07:05 - 00089600 _____ (Microsoft Corporation) C:\WINDOWS\system32\CameraCaptureUI.dll
2017-03-15 08:21 - 2017-03-04 07:05 - 00086016 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkFoldersGPExt.dll
2017-03-15 08:21 - 2017-03-04 07:03 - 02363904 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapRouter.dll
2017-03-15 08:21 - 2017-03-04 07:03 - 02109952 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapGeocoder.dll
2017-03-15 08:21 - 2017-03-04 07:03 - 00400384 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToManager.dll
2017-03-15 08:21 - 2017-03-04 07:03 - 00359936 _____ (Microsoft Corporation) C:\WINDOWS\system32\mtxclu.dll
2017-03-15 08:21 - 2017-03-04 07:02 - 02740224 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll
2017-03-15 08:21 - 2017-03-04 07:02 - 01949696 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2017-03-15 08:21 - 2017-03-04 07:02 - 01485824 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2017-03-15 08:21 - 2017-03-04 07:02 - 01155072 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVP9DEC.dll
2017-03-15 08:21 - 2017-03-04 07:02 - 01004544 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Input.Inking.dll
2017-03-15 08:21 - 2017-03-04 07:02 - 00707072 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
2017-03-15 08:21 - 2017-03-04 07:01 - 03478528 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbon.dll
2017-03-15 08:21 - 2017-03-04 07:01 - 02646528 _____ (Microsoft Corporation) C:\WINDOWS\system32\CertEnroll.dll
2017-03-15 08:21 - 2017-03-04 07:01 - 01993216 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2017-03-15 08:21 - 2017-03-04 07:01 - 01656320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Perception.dll
2017-03-15 08:21 - 2017-03-04 07:01 - 01595904 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2017-03-15 08:21 - 2017-03-04 07:01 - 01571840 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2017-03-15 08:21 - 2017-03-04 07:01 - 01564160 _____ (Microsoft Corporation) C:\WINDOWS\system32\quartz.dll
2017-03-15 08:21 - 2017-03-04 07:01 - 01493504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wpc.dll
2017-03-15 08:21 - 2017-03-04 07:01 - 01293312 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPDMC.exe
2017-03-15 08:21 - 2017-03-04 07:01 - 00941568 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2017-03-15 08:21 - 2017-03-04 07:01 - 00827904 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll
2017-03-15 08:21 - 2017-03-04 07:01 - 00666624 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkfoldersControl.dll
2017-03-15 08:21 - 2017-03-04 07:01 - 00620544 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
2017-03-15 08:21 - 2017-03-04 07:01 - 00566784 _____ (Microsoft Corporation) C:\WINDOWS\system32\ShareHost.dll
2017-03-15 08:21 - 2017-03-04 07:01 - 00094208 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkFolders.exe
2017-03-15 08:21 - 2017-03-04 07:00 - 02483200 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2017-03-15 08:21 - 2017-03-04 07:00 - 01888256 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2017-03-15 08:21 - 2017-03-04 07:00 - 01235968 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2017-03-15 08:21 - 2017-03-04 07:00 - 00862208 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2017-03-15 08:21 - 2017-03-04 07:00 - 00711680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
2017-03-15 08:21 - 2017-03-04 07:00 - 00691200 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2017-03-15 08:21 - 2017-03-04 07:00 - 00529408 _____ (Microsoft Corporation) C:\WINDOWS\system32\spoolsv.exe
2017-03-15 08:21 - 2017-03-04 06:59 - 01252352 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataService.dll
2017-03-15 08:21 - 2017-03-04 06:57 - 03106304 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstsc.exe
2017-03-15 08:21 - 2017-03-04 06:57 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\system32\spaceman.exe
2017-03-15 08:21 - 2016-07-16 02:45 - 00014848 _____ (Microsoft Corporation) C:\WINDOWS\system32\CspCellularSettings.dll
2017-03-15 08:21 - 2016-07-16 02:43 - 00102912 _____ (Microsoft Corporation) C:\WINDOWS\system32\CfgSPCellular.dll
2017-03-15 08:21 - 2016-07-16 02:43 - 00100352 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseAPNCsp.dll
2017-03-15 08:20 - 2017-03-04 08:44 - 00685440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Shell.Broker.dll
2017-03-15 08:20 - 2017-03-04 08:41 - 00078176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\IPMIDrv.sys
2017-03-15 08:20 - 2017-03-04 08:09 - 00497416 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll
2017-03-15 08:20 - 2017-03-04 08:08 - 05999968 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2017-03-15 08:20 - 2017-03-04 08:04 - 01362512 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpmde.dll
2017-03-15 08:20 - 2017-03-04 08:02 - 00184416 _____ (Microsoft Corporation) C:\WINDOWS\system32\IPHLPAPI.DLL
2017-03-15 08:20 - 2017-03-04 08:02 - 00095584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tdx.sys
2017-03-15 08:20 - 2017-03-04 07:56 - 00263472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Storage.ApplicationData.dll
2017-03-15 08:20 - 2017-03-04 07:54 - 00290272 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2017-03-15 08:20 - 2017-03-04 07:53 - 01431232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2017-03-15 08:20 - 2017-03-04 07:53 - 00861024 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2017-03-15 08:20 - 2017-03-04 07:53 - 00781152 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2017-03-15 08:20 - 2017-03-04 07:53 - 00342880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2017-03-15 08:20 - 2017-03-04 07:52 - 00111968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storahci.sys
2017-03-15 08:20 - 2017-03-04 07:51 - 00086360 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvsocket.sys
2017-03-15 08:20 - 2017-03-04 07:51 - 00060768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmbkmcl.sys
2017-03-15 08:20 - 2017-03-04 07:47 - 04023000 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2017-03-15 08:20 - 2017-03-04 07:47 - 01853224 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2017-03-15 08:20 - 2017-03-04 07:47 - 01360456 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetsrc.dll
2017-03-15 08:20 - 2017-03-04 07:47 - 01344448 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsrcsnk.dll
2017-03-15 08:20 - 2017-03-04 07:47 - 01277856 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
2017-03-15 08:20 - 2017-03-04 07:47 - 01202384 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2017-03-15 08:20 - 2017-03-04 07:47 - 01123912 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2017-03-15 08:20 - 2017-03-04 07:47 - 00981376 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetcore.dll
2017-03-15 08:20 - 2017-03-04 07:47 - 00976184 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfds.dll
2017-03-15 08:20 - 2017-03-04 07:47 - 00952416 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2017-03-15 08:20 - 2017-03-04 07:40 - 01967968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2017-03-15 08:20 - 2017-03-04 07:40 - 00306800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.MediaControl.dll
2017-03-15 08:20 - 2017-03-04 07:34 - 00281088 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXTaskFactory.dll
2017-03-15 08:20 - 2017-03-04 07:30 - 01631232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll
2017-03-15 08:20 - 2017-03-04 07:29 - 00039424 _____ (Microsoft Corporation) C:\WINDOWS\system32\XInputUap.dll
2017-03-15 08:20 - 2017-03-04 07:29 - 00020992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mskssrv.sys
2017-03-15 08:20 - 2017-03-04 07:28 - 00224256 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExSMime.dll
2017-03-15 08:20 - 2017-03-04 07:27 - 00275968 _____ (Microsoft Corporation) C:\WINDOWS\system32\accountaccessor.dll
2017-03-15 08:20 - 2017-03-04 07:27 - 00141824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Radios.dll
2017-03-15 08:20 - 2017-03-04 07:27 - 00100864 _____ (Microsoft Corporation) C:\WINDOWS\system32\MediaFoundation.DefaultPerceptionProvider.dll
2017-03-15 08:20 - 2017-03-04 07:26 - 00177664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.Diagnostics.dll
2017-03-15 08:20 - 2017-03-04 07:26 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\system32\BcastDVRHelper.dll
2017-03-15 08:20 - 2017-03-04 07:26 - 00147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\VCardParser.dll
2017-03-15 08:20 - 2017-03-04 07:26 - 00138240 _____ (Microsoft Corporation) C:\WINDOWS\system32\DisplayManager.dll
2017-03-15 08:20 - 2017-03-04 07:26 - 00123904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.HostName.dll
2017-03-15 08:20 - 2017-03-04 07:26 - 00065024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Gaming.UI.GameBar.dll
2017-03-15 08:20 - 2017-03-04 07:26 - 00047104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Shell.Search.UriHandler.dll
2017-03-15 08:20 - 2017-03-04 07:26 - 00025600 _____ (Microsoft Corporation) C:\WINDOWS\system32\netiougc.exe
2017-03-15 08:20 - 2017-03-04 07:25 - 00255488 _____ (Microsoft Corporation) C:\WINDOWS\system32\unimdm.tsp
2017-03-15 08:20 - 2017-03-04 07:25 - 00167936 _____ (Microsoft Corporation) C:\WINDOWS\system32\PimIndexMaintenance.dll
2017-03-15 08:20 - 2017-03-04 07:25 - 00152064 _____ (Microsoft Corporation) C:\WINDOWS\system32\MCCSEngineShared.dll
2017-03-15 08:20 - 2017-03-04 07:25 - 00136192 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinRtTracing.dll
2017-03-15 08:20 - 2017-03-04 07:25 - 00097792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.System.SystemManagement.dll
2017-03-15 08:20 - 2017-03-04 07:25 - 00063488 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshost.dll
2017-03-15 08:20 - 2017-03-04 07:24 - 00330752 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
2017-03-15 08:20 - 2017-03-04 07:24 - 00142336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.WiFi.dll
2017-03-15 08:20 - 2017-03-04 07:24 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.ServiceDiscovery.Dnssd.dll
2017-03-15 08:20 - 2017-03-04 07:24 - 00040448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpipreg.sys
2017-03-15 08:20 - 2017-03-04 07:23 - 00531456 _____ (Microsoft Corporation) C:\WINDOWS\system32\iprtrmgr.dll
2017-03-15 08:20 - 2017-03-04 07:23 - 00506368 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.exe
2017-03-15 08:20 - 2017-03-04 07:23 - 00392192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Gaming.Input.dll
2017-03-15 08:20 - 2017-03-04 07:23 - 00334848 _____ (Microsoft Corporation) C:\WINDOWS\system32\DavSyncProvider.dll
2017-03-15 08:20 - 2017-03-04 07:23 - 00299520 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataAccountApis.dll
2017-03-15 08:20 - 2017-03-04 07:23 - 00242688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Dxpserver.exe
2017-03-15 08:20 - 2017-03-04 07:23 - 00193024 _____ (Microsoft Corporation) C:\WINDOWS\system32\shutdownux.dll
2017-03-15 08:20 - 2017-03-04 07:23 - 00186880 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Flights.dll
2017-03-15 08:20 - 2017-03-04 07:22 - 06534656 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanmm.dll
2017-03-15 08:20 - 2017-03-04 07:22 - 00822784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2017-03-15 08:20 - 2017-03-04 07:22 - 00392704 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanconn.dll
2017-03-15 08:20 - 2017-03-04 07:22 - 00332288 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapConfiguration.dll
2017-03-15 08:20 - 2017-03-04 07:22 - 00212992 _____ (Microsoft Corporation) C:\WINDOWS\system32\cemapi.dll
2017-03-15 08:20 - 2017-03-04 07:22 - 00115712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Core.dll
2017-03-15 08:20 - 2017-03-04 07:21 - 00609280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Import.dll
2017-03-15 08:20 - 2017-03-04 07:21 - 00575488 _____ (Microsoft Corporation) C:\WINDOWS\system32\nshwfp.dll
2017-03-15 08:20 - 2017-03-04 07:21 - 00298496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2017-03-15 08:20 - 2017-03-04 07:21 - 00185856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Identity.Provider.dll
2017-03-15 08:20 - 2017-03-04 07:20 - 13873664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2017-03-15 08:20 - 2017-03-04 07:20 - 00426496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Wallet.dll
2017-03-15 08:20 - 2017-03-04 07:20 - 00332800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Cortana.Desktop.dll
2017-03-15 08:20 - 2017-03-04 07:20 - 00301568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ks.sys
2017-03-15 08:20 - 2017-03-04 07:20 - 00271360 _____ (Microsoft Corporation) C:\WINDOWS\system32\deviceaccess.dll
2017-03-15 08:20 - 2017-03-04 07:20 - 00218624 _____ (Microsoft Corporation) C:\WINDOWS\system32\WwaApi.dll
2017-03-15 08:20 - 2017-03-04 07:19 - 00635904 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2017-03-15 08:20 - 2017-03-04 07:19 - 00615936 _____ (Microsoft Corporation) C:\WINDOWS\system32\internetmail.dll
2017-03-15 08:20 - 2017-03-04 07:19 - 00431616 _____ (Microsoft Corporation) C:\WINDOWS\system32\efswrt.dll
2017-03-15 08:20 - 2017-03-04 07:19 - 00226816 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore6.dll
2017-03-15 08:20 - 2017-03-04 07:19 - 00203264 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsrslvr.dll
2017-03-15 08:20 - 2017-03-04 07:19 - 00181760 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcpipcfg.dll
2017-03-15 08:20 - 2017-03-04 07:19 - 00147968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Cortana.OneCore.dll
2017-03-15 08:20 - 2017-03-04 07:18 - 01231360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcnwiz.dll
2017-03-15 08:20 - 2017-03-04 07:18 - 00747520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Ocr.dll
2017-03-15 08:20 - 2017-03-04 07:18 - 00567808 _____ (Microsoft Corporation) C:\WINDOWS\system32\ChatApis.dll
2017-03-15 08:20 - 2017-03-04 07:18 - 00493056 _____ (Microsoft Corporation) C:\WINDOWS\system32\WlanMediaManager.dll
2017-03-15 08:20 - 2017-03-04 07:18 - 00314368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Usb.dll
2017-03-15 08:20 - 2017-03-04 07:18 - 00253952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2017-03-15 08:20 - 2017-03-04 07:18 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\system32\indexeddbserver.dll
2017-03-15 08:20 - 2017-03-04 07:17 - 02318848 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll
2017-03-15 08:20 - 2017-03-04 07:17 - 00661504 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll
2017-03-15 08:20 - 2017-03-04 07:17 - 00570368 _____ (Microsoft Corporation) C:\WINDOWS\system32\PrintRenderAPIHost.DLL
2017-03-15 08:20 - 2017-03-04 07:17 - 00529920 _____ (Microsoft Corporation) C:\WINDOWS\system32\StructuredQuery.dll
2017-03-15 08:20 - 2017-03-04 07:17 - 00427008 _____ (Microsoft Corporation) C:\WINDOWS\system32\DXP.dll
2017-03-15 08:20 - 2017-03-04 07:17 - 00238080 _____ (Microsoft Corporation) C:\WINDOWS\system32\AboveLockAppHost.dll
2017-03-15 08:20 - 2017-03-04 07:16 - 00968704 _____ (Microsoft Corporation) C:\WINDOWS\system32\Unistore.dll
2017-03-15 08:20 - 2017-03-04 07:16 - 00850432 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasgcw.dll
2017-03-15 08:20 - 2017-03-04 07:16 - 00762880 _____ (Microsoft Corporation) C:\WINDOWS\system32\mprddm.dll
2017-03-15 08:20 - 2017-03-04 07:16 - 00500224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Printing.dll
2017-03-15 08:20 - 2017-03-04 07:16 - 00465920 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppBroker.dll
2017-03-15 08:20 - 2017-03-04 07:16 - 00298496 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascustom.dll
2017-03-15 08:20 - 2017-03-04 07:15 - 18362368 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2017-03-15 08:20 - 2017-03-04 07:15 - 00509440 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2017-03-15 08:20 - 2017-03-04 07:13 - 19411968 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2017-03-15 08:20 - 2017-03-04 07:13 - 04613120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2017-03-15 08:20 - 2017-03-04 07:13 - 01003520 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqqm.dll
2017-03-15 08:20 - 2017-03-04 07:13 - 00699904 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll
2017-03-15 08:20 - 2017-03-04 07:13 - 00675840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.dll
2017-03-15 08:20 - 2017-03-04 07:13 - 00497152 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2017-03-15 08:20 - 2017-03-04 07:13 - 00296960 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2017-03-15 08:20 - 2017-03-04 07:13 - 00256512 _____ (Microsoft Corporation) C:\WINDOWS\system32\thumbcache.dll
2017-03-15 08:20 - 2017-03-04 07:12 - 00901120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Bluetooth.dll
2017-03-15 08:20 - 2017-03-04 07:12 - 00894976 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorDataService.exe
2017-03-15 08:20 - 2017-03-04 07:12 - 00886272 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2017-03-15 08:20 - 2017-03-04 07:12 - 00884224 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2017-03-15 08:20 - 2017-03-04 07:12 - 00395264 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll
2017-03-15 08:20 - 2017-03-04 07:12 - 00144896 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceEnroller.exe
2017-03-15 08:20 - 2017-03-04 07:11 - 01357312 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSPhotography.dll
2017-03-15 08:20 - 2017-03-04 07:11 - 01323008 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_fs.dll
2017-03-15 08:20 - 2017-03-04 07:11 - 01137152 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_health.dll
2017-03-15 08:20 - 2017-03-04 07:11 - 00729600 _____ (Microsoft Corporation) C:\WINDOWS\system32\TabletPC.cpl
2017-03-15 08:20 - 2017-03-04 07:11 - 00073728 _____ (Microsoft Corporation) C:\WINDOWS\system32\tabcal.exe
2017-03-15 08:20 - 2017-03-04 07:10 - 03307008 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2017-03-15 08:20 - 2017-03-04 07:10 - 01077760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Editing.dll
2017-03-15 08:20 - 2017-03-04 07:10 - 00259584 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdtcuiu.dll
2017-03-15 08:20 - 2017-03-04 07:10 - 00151552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Tabbtn.dll
2017-03-15 08:20 - 2017-03-04 07:07 - 12178944 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2017-03-15 08:20 - 2017-03-04 07:07 - 00545280 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmkvsrcsnk.dll
2017-03-15 08:20 - 2017-03-04 07:06 - 00220672 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToReceiver.dll
2017-03-15 08:20 - 2017-03-04 07:05 - 01221120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Audio.dll
2017-03-15 08:20 - 2017-03-04 07:05 - 00134144 _____ (Microsoft Corporation) C:\WINDOWS\system32\ErrorDetails.dll
2017-03-15 08:20 - 2017-03-04 07:04 - 00719872 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_sr.dll
2017-03-15 08:20 - 2017-03-04 07:03 - 06044672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2017-03-15 08:20 - 2017-03-04 07:03 - 03666432 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2017-03-15 08:20 - 2017-03-04 07:03 - 01247232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Globalization.dll
2017-03-15 08:20 - 2017-03-04 07:03 - 00409600 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVSENCD.DLL
2017-03-15 08:20 - 2017-03-04 07:03 - 00049664 _____ (Microsoft Corporation) C:\WINDOWS\system32\MultiDigiMon.exe
2017-03-15 08:20 - 2017-03-04 07:02 - 02138112 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
2017-03-15 08:20 - 2017-03-04 07:02 - 01709056 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActiveSyncProvider.dll
2017-03-15 08:20 - 2017-03-04 07:01 - 02682880 _____ (Microsoft Corporation) C:\WINDOWS\system32\netshell.dll
2017-03-15 08:20 - 2017-03-04 07:01 - 01232384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Maps.dll
2017-03-15 08:20 - 2017-03-04 07:01 - 01154560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Pimstore.dll
2017-03-15 08:20 - 2017-03-04 07:01 - 01013248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.Http.dll
2017-03-15 08:20 - 2017-03-04 07:00 - 02026496 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2017-03-15 08:20 - 2017-03-04 07:00 - 01883648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2017-03-15 08:20 - 2017-03-04 07:00 - 01170944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Phone.dll
2017-03-15 08:20 - 2017-03-04 07:00 - 00850944 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContactApis.dll
2017-03-15 08:20 - 2017-03-04 07:00 - 00751104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.BackgroundTransfer.dll
2017-03-15 08:20 - 2017-03-04 07:00 - 00598528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.dll
2017-03-15 08:20 - 2017-03-04 07:00 - 00348160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Midi.dll
2017-03-15 08:20 - 2017-03-04 06:59 - 00353280 _____ (Microsoft Corporation) C:\WINDOWS\system32\TextInputFramework.dll
2017-03-15 08:20 - 2017-03-04 06:59 - 00206848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll
2017-03-15 08:20 - 2017-03-04 06:57 - 00783360 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWorkspace.dll
2017-03-15 08:20 - 2017-03-04 06:57 - 00375296 _____ (Microsoft Corporation) C:\WINDOWS\system32\wksprt.exe
2017-03-15 08:20 - 2017-03-04 06:57 - 00299008 _____ (Microsoft Corporation) C:\WINDOWS\system32\RADCUI.dll
2017-03-15 08:20 - 2017-02-22 03:03 - 00448285 _____ C:\WINDOWS\system32\ApnDatabase.xml
2017-03-15 08:19 - 2016-05-29 19:38 - 08886976 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneDriveSetup.exe
2017-03-10 11:33 - 2017-03-10 11:33 - 00000000 ____D C:\Users\Klaus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2017-03-21 11:35 - 2015-06-18 19:01 - 00000000 ____D C:\Users\Klaus\AppData\Local\Dropbox
2017-03-21 11:29 - 2016-10-14 10:42 - 01924632 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-03-21 11:29 - 2016-07-16 18:27 - 00684796 _____ C:\WINDOWS\system32\perfh007.dat
2017-03-21 11:29 - 2016-07-16 18:27 - 00153878 _____ C:\WINDOWS\system32\perfc007.dat
2017-03-21 11:27 - 2016-11-18 22:19 - 00000000 ____D C:\Users\Klaus\AppData\LocalLow\Mozilla
2017-03-21 11:24 - 2012-06-04 18:28 - 00000000 ___RD C:\Users\Klaus\Dropbox
2017-03-21 11:24 - 2010-01-20 17:12 - 00000000 ____D C:\Users\Klaus\AppData\Roaming\Skype
2017-03-21 11:23 - 2015-08-26 08:37 - 00000000 ___RD C:\Users\Klaus\OneDrive
2017-03-21 11:22 - 2016-10-14 11:08 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-03-21 11:21 - 2016-10-14 10:43 - 00000000 ____D C:\Users\Klaus
2017-03-21 11:21 - 2016-07-16 03:22 - 03670016 _____ C:\WINDOWS\system32\config\BBI
2017-03-21 11:21 - 2015-03-09 18:47 - 00000000 ____D C:\Program Files\TeamViewer
2017-03-21 11:20 - 2014-04-12 12:25 - 00000000 ____D C:\AdwCleaner
2017-03-21 11:19 - 2016-05-23 09:13 - 00000000 ____D C:\Program Files\iolo
2017-03-21 11:19 - 2015-11-30 16:17 - 00000000 ____D C:\Program Files\Yahoo!
2017-03-21 10:32 - 2016-07-16 09:29 - 00000000 ___HD C:\Program Files\WindowsApps
2017-03-21 10:32 - 2016-07-16 09:29 - 00000000 ____D C:\WINDOWS\AppReadiness
2017-03-20 20:26 - 2016-10-14 10:37 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2017-03-18 16:12 - 2013-12-22 14:21 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2017-03-18 16:08 - 2016-07-16 09:28 - 00000000 ____D C:\WINDOWS\INF
2017-03-18 16:07 - 2016-10-14 10:46 - 00000000 ____D C:\WINDOWS\system32\config\bbimigrate
2017-03-18 16:07 - 2016-07-16 09:29 - 00000000 ____D C:\WINDOWS\system32\config\Journal
2017-03-17 19:59 - 2016-07-16 09:29 - 00000000 ____D C:\WINDOWS\system32\appraiser
2017-03-17 19:59 - 2016-07-16 09:19 - 00000000 ____D C:\WINDOWS\CbsTemp
2017-03-16 19:04 - 2016-07-16 09:29 - 00000000 ____D C:\WINDOWS\rescache
2017-03-16 17:55 - 2014-03-01 12:30 - 00000000 ____D C:\Users\Klaus\Documents\tax
2017-03-16 17:38 - 2014-03-01 11:56 - 00000000 ____D C:\ProgramData\Buhl Data Service GmbH
2017-03-16 17:36 - 2014-03-01 12:04 - 00000000 ____D C:\Users\Klaus\AppData\Local\Buhl
2017-03-16 17:32 - 2014-03-01 12:00 - 00000000 ____D C:\Program Files\Buhl finance
2017-03-16 17:32 - 2009-09-16 22:48 - 00000000 ___HD C:\Program Files\InstallShield Installation Information
2017-03-16 17:30 - 2014-05-20 09:20 - 00000000 ____D C:\ProgramData\Package Cache
2017-03-15 17:46 - 2015-08-26 08:30 - 00000000 __RHD C:\Users\Public\AccountPictures
2017-03-15 17:42 - 2016-10-14 10:36 - 00380912 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2017-03-15 17:42 - 2010-01-18 17:06 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2017-03-15 17:40 - 2016-07-16 09:29 - 00000000 ____D C:\WINDOWS\system32\setup
2017-03-15 17:40 - 2016-07-16 09:29 - 00000000 ____D C:\WINDOWS\system32\oobe
2017-03-15 17:39 - 2016-07-16 09:29 - 00000000 ___RD C:\WINDOWS\PrintDialog
2017-03-15 17:39 - 2016-07-16 09:29 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2017-03-15 17:39 - 2016-07-16 09:29 - 00000000 ___RD C:\Program Files\Windows Defender
2017-03-15 17:39 - 2016-07-16 09:29 - 00000000 ____D C:\WINDOWS\ShellExperiences
2017-03-15 17:39 - 2016-07-16 09:29 - 00000000 ____D C:\WINDOWS\bcastdvr
2017-03-15 17:39 - 2016-07-16 09:29 - 00000000 ____D C:\Program Files\Windows Photo Viewer
2017-03-15 09:33 - 2013-08-14 17:12 - 00000000 ____D C:\WINDOWS\system32\MRT
2017-03-15 09:28 - 2010-03-20 09:45 - 135706696 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-03-15 09:17 - 2010-11-18 18:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2017-03-13 13:05 - 2012-06-17 15:52 - 00000425 _____ C:\WINDOWS\BRWMARK.INI
2017-03-13 13:05 - 2012-06-17 15:52 - 00000027 _____ C:\WINDOWS\BRPP2KA.INI
2017-03-10 11:33 - 2012-06-04 18:27 - 00000000 ____D C:\Users\Klaus\AppData\Roaming\Dropbox
2017-03-10 06:17 - 2016-07-16 09:31 - 00835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe
2017-03-10 06:17 - 2016-07-16 09:31 - 00177656 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl
2017-03-05 10:43 - 2012-04-10 17:21 - 00000884 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2017-02-28 10:46 - 2010-03-19 20:59 - 00407720 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2017-02-23 19:43 - 2015-10-31 12:36 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2014-03-06 15:16 - 2009-08-06 13:43 - 0006733 _____ () C:\Users\Klaus\AppData\Roaming\abspann_datev_idea.gif
2014-03-06 15:16 - 2008-06-02 10:57 - 0000291 _____ () C:\Users\Klaus\AppData\Roaming\lastscreen.html
2014-03-06 15:16 - 2009-08-13 14:32 - 0000105 _____ () C:\Users\Klaus\AppData\Roaming\lastscreen.ikf
2010-06-10 19:08 - 2013-08-16 08:19 - 0040960 _____ () C:\Users\Klaus\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-03-06 15:16 - 2014-03-06 18:07 - 0004672 _____ () C:\Users\Klaus\AppData\Local\EmptySettings.xml
2013-02-13 12:01 - 2013-02-13 12:01 - 0004096 ____H () C:\Users\Klaus\AppData\Local\keyfile3.drm
2016-10-14 10:39 - 2016-10-14 10:39 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2010-01-20 17:17 - 2010-01-20 17:17 - 0000056 ____H () C:\ProgramData\ezsidmv.dat
2010-01-18 16:50 - 2009-08-17 06:54 - 0131368 _____ () C:\ProgramData\FullRemove.exe
2009-09-16 23:05 - 2009-09-16 23:05 - 0000109 _____ () C:\ProgramData\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}.log
2009-09-16 23:03 - 2009-09-16 23:03 - 0000106 _____ () C:\ProgramData\{2BF2E31F-B8BB-40A7-B650-98D28E0F7D47}.log
2009-09-16 23:00 - 2009-09-16 23:00 - 0000105 _____ () C:\ProgramData\{40BF1E83-20EB-11D8-97C5-0009C5020658}.log
2009-09-16 23:04 - 2009-09-16 23:04 - 0000110 _____ () C:\ProgramData\{B7A0CE06-068E-11D6-97FD-0050BACBF861}.log
2009-09-16 22:59 - 2009-09-16 22:59 - 0000107 _____ () C:\ProgramData\{C59C179C-668D-49A9-B6EA-0121CCFC1243}.log
2009-09-16 23:01 - 2009-09-16 23:03 - 0000110 _____ () C:\ProgramData\{CB099890-1D5F-11D5-9EA9-0050BAE317E1}.log

==================== Bamital & volsnap ======================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert

LastRegBack: 2017-03-16 18:01

==================== Ende vom FRST.txt ============================
         
Die 3.Datei: System Look
Code:
ATTFilter
SystemLook 30.07.11 by jpshortstuff
Log created at 11:40 on 21/03/2017 by Klaus
Administrator - Elevation successful

========== filefind ==========

Searching for "*McAfee*"
C:\Users\Klaus\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\MCAFEE~2.EXE.log	--a---- 1064 bytes	[21:34 01/02/2017]	[19:39 16/03/2017] 5FBB7E3F9DACB0189EB06496FCF3F76E
C:\Users\Klaus\AppData\Local\Microsoft\Windows\INetCache\IE\RF8M5LXX\Intel_McAfee_Security_horiz_300[1].png	--a---- 19839 bytes	[12:37 17/03/2017]	[12:37 17/03/2017] B33B163FE1D31F9F9080928FD2BB7B21
C:\Users\Klaus\AppData\Local\Microsoft\Windows\INetCache\IE\Y86HSHYM\mcafee_logo[1].gif	--a---- 4013 bytes	[12:38 17/03/2017]	[12:38 17/03/2017] 7E96CF8574FD78B283316A8B7878A95E
C:\Users\Klaus\AppData\Local\Microsoft\Windows\INetCookies\klaus@mcafee[1].txt	--a---- 1328 bytes	[16:38 15/01/2011]	[16:38 15/01/2011] 480D42B07C6ACD87B27133512A46340C
C:\Users\Klaus\Downloads\McAfee Consumer Product Removal Tool - CHIP-Installer.exe	--a---- 1496584 bytes	[15:45 18/03/2017]	[15:46 18/03/2017] EEA39371BF05E311B146F914F2AD52FC
C:\Windows\Microsoft.NET\assembly\GAC_32\McAfee.CSP.ClientAPI\v4.0_1.3.336.0__a63667ab4267742d\McAfee.CSP.ClientAPI.dll	--a---- 12664 bytes	[09:48 14/10/2016]	[09:48 14/10/2016] 44FB47F80120E396C1A160FE225B09FA
C:\Windows\Prefetch\MCAFEE CONSUMER PRODUCT REMOV-0BB7DA7F.pf	--a---- 9890 bytes	[15:46 18/03/2017]	[15:46 18/03/2017] D467113746F8761125BF1E83DDB71ECE
C:\Windows\Prefetch\MCAFEE.TRUEKEY.SERVICE.EXE-FF6D78D3.pf	--a---- 45694 bytes	[19:38 16/03/2017]	[19:38 16/03/2017] 8E24F1FB49ECB408839279BC46C4ACD8
C:\Windows\Prefetch\MCAFEE.TRUEKEY.SERVICEHELPER.-2E3CCB1B.pf	--a---- 5293 bytes	[19:36 16/03/2017]	[19:36 16/03/2017] D4E007ECCEB19CCAC139CC456FC532BF
C:\Windows\Prefetch\MCAFEE.YAP.TKUPDMGR.EXE-6E8EDDE9.pf	--a---- 7071 bytes	[19:36 16/03/2017]	[19:36 16/03/2017] 3BD046F50C01AFDEC1C1E191F21DDFC7
C:\Windows\Prefetch\MCAFEE~2.EXE-8BDEB7F0.pf	--a---- 6910 bytes	[19:38 16/03/2017]	[19:38 16/03/2017] C6D9BFEF815295E6C4C3A9420F026798
C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\Mcafee.TrueKey.InstallerService.exe.log	--a---- 2096 bytes	[10:38 30/01/2017]	[10:38 30/01/2017] 569BFC0D1A09B9BA51D7FA047208049D
C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\McAfee.TrueKey.Service.exe.log	--a---- 4891 bytes	[21:33 01/02/2017]	[15:10 18/03/2017] BD8A91BA1AD538E3D003CEE93BE495E9

========== folderfind ==========

Searching for "*McAfee*"
C:\Users\Klaus\AppData\Roaming\McAfee	d------	[19:51 19/03/2010]
C:\Windows\Microsoft.NET\assembly\GAC_32\McAfee.CSP.ClientAPI	d------	[09:48 14/10/2016]

========== regfind ==========

Searching for "McAfee"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\InternetRegistry\McAfee]
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-1016556084-3091970497-507946437-1001\Software\McAfee]
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\LowRegistry\Audio\PolicyConfig\PropertyStore\629b1277_0]
@="{0.0.0.00000000}.{6c74cf87-3d82-4e09-a1e3-142ee3afdc68}|\Device\HarddiskVolume3\Program Files\McAfee\MSC\mcupdui.exe%b{00000000-0000-0000-0000-000000000000}"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\LowRegistry\Audio\PolicyConfig\PropertyStore\70303b06_0]
@="{0.0.0.00000000}.{6c74cf87-3d82-4e09-a1e3-142ee3afdc68}|\Device\HarddiskVolume3\PROGRA~1\McAfee\MSC\mcupdui.exe%b{00000000-0000-0000-0000-000000000000}"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\LowRegistry\Audio\PolicyConfig\PropertyStore\8470cbf8_0]
@="{0.0.0.00000000}.{6c74cf87-3d82-4e09-a1e3-142ee3afdc68}|\Device\HarddiskVolume3\Program Files\McAfee.com\Agent\mcagent.exe%b{00000000-0000-0000-0000-000000000000}"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\LowRegistry\Audio\PolicyConfig\PropertyStore\b62fc6b2_0]
@="{0.0.0.00000000}.{1a4ddf1b-76ab-4615-93e5-d3f4599ad24b}|\Device\HarddiskVolume3\Program Files\McAfee\MSC\mchlp32.exe%b{00000000-0000-0000-0000-000000000000}"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\LowRegistry\Audio\PolicyConfig\PropertyStore\f7226fa1_0]
@="{0.0.0.00000000}.{1a4ddf1b-76ab-4615-93e5-d3f4599ad24b}|\Device\HarddiskVolume3\PROGRA~1\McAfee\MSC\mchlp32.exe%b{00000000-0000-0000-0000-000000000000}"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{36667B61-113B-4D4A-9655-2D5EEBF56FC0}]
"FaviconURL"="hxxp://sadownload.mcafee.com/products/SA/Win/favicon.ico"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{36667B61-113B-4D4A-9655-2D5EEBF56FC0}]
"URL"="https://de.search.yahoo.com/search?fr=mcafee&type=C011DE532D20140110&p={searchTerms}"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{DCA67887-DB28-490D-B4B0-BE2669C80B30}]
"FaviconURL"="hxxp://sadownload.mcafee.com/products/SA/Win/favicon.ico"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{DCA67887-DB28-490D-B4B0-BE2669C80B30}]
"URL"="https://de.search.yahoo.com/search?fr=mcafee&type=B011DE532D20140110&p={searchTerms}"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{DCA67887-DB28-490D-B4B0-BE2669C80B30}]
"FaviconPath"="C:\Program Files\McAfee\SiteAdvisor\Scripts\favicon.ico"
[HKEY_CURRENT_USER\Software\Microsoft\Office\12.0\Common\Internet]
"UseRWHlinkNavigation"="http://www.trojaner-board.de/184851-...new-post.html"
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.com/search?q=mcafee&form=WNSGPH&qs=AS&cvid=3d23e1f30b1040d5a9d22f144e9857aa&pq=Mc&cc=DE&setlang=de-DE&nclid=FE9C2656DBED2E56A8D0C50628EEED79&ts=1489841062563&nclidts=1489841062&tsms=563]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\mcafee.com]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Search\RecentApps\{5D4F72AA-E5F4-4DE1-870B-A5067DC7C2F5}\RecentItems\{6F6B9BBE-2136-47D2-933A-4223B122F059}]
"Path"="microsoft-edge:https://www.bing.com/search?q=mcafee&form=WNSGPH&qs=AS&cvid=3d23e1f30b1040d5a9d22f144e9857aa&pq=Mc&cc=DE&setlang=de-DE&nclid=FE9C2656DBED2E56A8D0C50628EEED79&ts=1489841062563&nclidts=1489841062&tsms=563"
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Search\RecentApps\{5D4F72AA-E5F4-4DE1-870B-A5067DC7C2F5}\RecentItems\{6F6B9BBE-2136-47D2-933A-4223B122F059}]
"DisplayName"="microsoft-edge:https://www.bing.com/search?q=mcafee&form=WNSGPH&qs=AS&cvid=3d23e1f30b1040d5a9d22f144e9857aa&pq=Mc&cc=DE&setlang=de-DE&nclid=FE9C2656DBED2E56A8D0C50628EEED79&ts=1489841062563&nclidts=1489841062&tsms=563"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0E8A89AD-95D7-40EB-8D9D-083EF7066A01}\InprocServer32]
@="C:\Program Files\McAfee Security Scan\3.8.141\McAfeeMSS_IE.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0E8A89AD-95D7-40EB-8D9D-083EF7066A01}\ProgId]
@="McAfeeMssBHO"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{cc6f4d12-8575-4cff-9455-cf5774aeb13b}\LocalServer32]
@=""C:\Program Files\McAfee Security Scan\3.8.141\McCHSvc.exe""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\5B4A54916B379ED4993A5062B1F7ED0D\SourceList]
"LastUsedSource"="n;1;C:\Program Files\McAfee\Temp\qxz3C83\"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\5B4A54916B379ED4993A5062B1F7ED0D\SourceList\Net]
"1"="C:\Program Files\McAfee\Temp\qxz3C83\"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{4E53C1ED-9601-4715-99E7-A9657D8F5953}]
@="IMcAfeeMssBHO"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{66F54008-1EE3-43A7-95FD-C0D821EE1EFF}\1.0\0\win32]
@="C:\Program Files\McAfee Security Scan\3.8.141\McCHSvc.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{66F54008-1EE3-43A7-95FD-C0D821EE1EFF}\1.0\HELPDIR]
@="C:\Program Files\McAfee Security Scan\3.8.141"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{CAE5E39D-46A2-4954-B96F-5075B0BE9836}\1.0]
@="McAfeeMSS_IELib"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{CAE5E39D-46A2-4954-B96F-5075B0BE9836}\1.0\0\win32]
@="C:\Program Files\McAfee Security Scan\3.8.141\McAfeeMSS_IE.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{CAE5E39D-46A2-4954-B96F-5075B0BE9836}\1.0\HELPDIR]
@="C:\Program Files\McAfee Security Scan\3.8.141"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2EBE1406-BE0E-44E6-AE10-247A0C5AEDCF}]
@="McAfee Virtual Technician"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\McAfee Trust]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{27B4851A-3207-45A2-B947-BE8AFE6163AB}]
@="McAfee Phishing Filter"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\Program Files\McAfee\"="1"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\ProgramData\McAfee\Supportability\"="1"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\5B4A54916B379ED4993A5062B1F7ED0D\InstallProperties]
"Contact"="McAfee"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\5B4A54916B379ED4993A5062B1F7ED0D\InstallProperties]
"InstallSource"="C:\Program Files\McAfee\Temp\qxz3C83\"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\5B4A54916B379ED4993A5062B1F7ED0D\InstallProperties]
"Publisher"="McAfee"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\User Agent\Post Platform]
"McAfee"=""
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\McAfee Security Scan]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\McAfee Security Scan]
"HideDisplayName"="McAfee Security Scan Plus"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\McAfee Security Scan]
"DisplayIcon"=""C:\Program Files\McAfee Security Scan\uninstall.exe""
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\McAfee Security Scan]
"UninstallString"=""C:\Program Files\McAfee Security Scan\uninstall.exe""
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\McAfee Security Scan]
"ExePath"="C:\Program Files\McAfee Security Scan\3.8.141\McUICnt.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\McAfee Security Scan]
"InstallVersionDirectory"="C:\Program Files\McAfee Security Scan\3.8.141\"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\McAfee Security Scan]
"InstallDirectory"="C:\Program Files\McAfee Security Scan"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\McAfee Security Scan]
"Publisher"="McAfee, Inc."
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\McAfee Security Scan]
"DisplayName"="McAfee Security Scan Plus"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{1945A4B5-73B6-4DE9-99A3-05261B7FDED0}]
"Contact"="McAfee"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{1945A4B5-73B6-4DE9-99A3-05261B7FDED0}]
"InstallSource"="C:\Program Files\McAfee\Temp\qxz3C83\"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{1945A4B5-73B6-4DE9-99A3-05261B7FDED0}]
"Publisher"="McAfee"
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@mcafee.com/McAfeeMssPlugin]
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@mcafee.com/McAfeeMssPlugin]
"Description"="McAfee Mss Plugin"
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@mcafee.com/McAfeeMssPlugin]
"Path"="C:\Program Files\McAfee Security Scan\3.8.141\npMcAfeeMss.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@mcafee.com/McAfeeMssPlugin]
"Product"="McAfee MSS"
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@mcafee.com/McAfeeMssPlugin]
"Vendor"="McAfee"
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@mcafee.com/MVT]
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@mcafee.com/MVT]
"Description"="McAfee Virtual Technician Plugin"
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@mcafee.com/MVT]
"Path"="C:\Program Files\McAfee\Supportability\MVT\NPMVTPlugin.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@mcafee.com/MVT]
"ProductName"="McAfee Virtual Technician Plugin"
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@mcafee.com/MVT]
"Vendor"="McAfee Inc."
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Lsa]
"Notification Packages"="scecli C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\0184281489596451mcinstcleanup]
"DisplayName"="McAfee Application Installer Cleanup (0184281489596451)"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\EventLog\Application\AVLogEvent]
"EventMessageFile"="C:\Program Files\Common Files\McAfee\AMCore\AVEvent.dll"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\EventLog\System\cfwids.sys]
"EventMessageFile"="C:\Program Files\Common Files\McAfee\SystemCore\"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\EventLog\System\mfeapfk.sys]
"EventMessageFile"="C:\Program Files\Common Files\McAfee\SystemCore\"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\EventLog\System\mfeavfk.sys]
"EventMessageFile"="C:\Program Files\Common Files\McAfee\SystemCore\"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\EventLog\System\mfebopk.sys]
"EventMessageFile"="C:\Program Files\Common Files\McAfee\SystemCore\"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\EventLog\System\mfefirek.sys]
"EventMessageFile"="C:\Program Files\Common Files\McAfee\SystemCore\"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\EventLog\System\mfenlfk.sys]
"EventMessageFile"="C:\Program Files\Common Files\McAfee\SystemCore\"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\EventLog\System\mferkdet.sys]
"EventMessageFile"="C:\Program Files\Common Files\McAfee\SystemCore\"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\InstallerService]
"ImagePath"="C:\Program Files\TrueKey\Mcafee.TrueKey.InstallerService.exe -originalversion 4.4.127.0"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{C41D2E4C-6D4E-4C94-9611-87C41D68675B}"="v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe|Name=McAfee Shared Service Host|"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{5999E9F2-6AE6-4BC0-86E4-7E10AAD0DC8F}"="v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe|Name=McAfee Shared Service Host|"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{75DDA7C9-2A15-4812-8BCF-7E14E996FAFC}"="v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe|Name=McAfee Shared Service Host|"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{13238EAF-06BC-4D40-813A-275523D3FD8F}"="v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe|Name=McAfee Shared Service Host|"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{D252D2AE-D295-44FA-8EEE-72D2CCC6193A}"="v2.10|Action=Allow|Active=TRUE|Dir=In|App=C:\Program Files\Common Files\Mcafee\MNA\McNaSvc.exe|Name=McAfee Network Agent|Desc=McAfee Network Agent|"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"Notification Packages"="scecli C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\0184281489596451mcinstcleanup]
"DisplayName"="McAfee Application Installer Cleanup (0184281489596451)"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\EventLog\Application\AVLogEvent]
"EventMessageFile"="C:\Program Files\Common Files\McAfee\AMCore\AVEvent.dll"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\EventLog\System\cfwids.sys]
"EventMessageFile"="C:\Program Files\Common Files\McAfee\SystemCore\"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\EventLog\System\mfeapfk.sys]
"EventMessageFile"="C:\Program Files\Common Files\McAfee\SystemCore\"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\EventLog\System\mfeavfk.sys]
"EventMessageFile"="C:\Program Files\Common Files\McAfee\SystemCore\"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\EventLog\System\mfebopk.sys]
"EventMessageFile"="C:\Program Files\Common Files\McAfee\SystemCore\"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\EventLog\System\mfefirek.sys]
"EventMessageFile"="C:\Program Files\Common Files\McAfee\SystemCore\"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\EventLog\System\mfenlfk.sys]
"EventMessageFile"="C:\Program Files\Common Files\McAfee\SystemCore\"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\EventLog\System\mferkdet.sys]
"EventMessageFile"="C:\Program Files\Common Files\McAfee\SystemCore\"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\InstallerService]
"ImagePath"="C:\Program Files\TrueKey\Mcafee.TrueKey.InstallerService.exe -originalversion 4.4.127.0"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{C41D2E4C-6D4E-4C94-9611-87C41D68675B}"="v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe|Name=McAfee Shared Service Host|"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{5999E9F2-6AE6-4BC0-86E4-7E10AAD0DC8F}"="v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe|Name=McAfee Shared Service Host|"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{75DDA7C9-2A15-4812-8BCF-7E14E996FAFC}"="v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe|Name=McAfee Shared Service Host|"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{13238EAF-06BC-4D40-813A-275523D3FD8F}"="v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe|Name=McAfee Shared Service Host|"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{D252D2AE-D295-44FA-8EEE-72D2CCC6193A}"="v2.10|Action=Allow|Active=TRUE|Dir=In|App=C:\Program Files\Common Files\Mcafee\MNA\McNaSvc.exe|Name=McAfee Network Agent|Desc=McAfee Network Agent|"
[HKEY_USERS\S-1-5-21-1016556084-3091970497-507946437-1001\Software\Microsoft\Internet Explorer\InternetRegistry\McAfee]
[HKEY_USERS\S-1-5-21-1016556084-3091970497-507946437-1001\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-1016556084-3091970497-507946437-1001\Software\McAfee]
[HKEY_USERS\S-1-5-21-1016556084-3091970497-507946437-1001\Software\Microsoft\Internet Explorer\LowRegistry\Audio\PolicyConfig\PropertyStore\629b1277_0]
@="{0.0.0.00000000}.{6c74cf87-3d82-4e09-a1e3-142ee3afdc68}|\Device\HarddiskVolume3\Program Files\McAfee\MSC\mcupdui.exe%b{00000000-0000-0000-0000-000000000000}"
[HKEY_USERS\S-1-5-21-1016556084-3091970497-507946437-1001\Software\Microsoft\Internet Explorer\LowRegistry\Audio\PolicyConfig\PropertyStore\70303b06_0]
@="{0.0.0.00000000}.{6c74cf87-3d82-4e09-a1e3-142ee3afdc68}|\Device\HarddiskVolume3\PROGRA~1\McAfee\MSC\mcupdui.exe%b{00000000-0000-0000-0000-000000000000}"
[HKEY_USERS\S-1-5-21-1016556084-3091970497-507946437-1001\Software\Microsoft\Internet Explorer\LowRegistry\Audio\PolicyConfig\PropertyStore\8470cbf8_0]
@="{0.0.0.00000000}.{6c74cf87-3d82-4e09-a1e3-142ee3afdc68}|\Device\HarddiskVolume3\Program Files\McAfee.com\Agent\mcagent.exe%b{00000000-0000-0000-0000-000000000000}"
[HKEY_USERS\S-1-5-21-1016556084-3091970497-507946437-1001\Software\Microsoft\Internet Explorer\LowRegistry\Audio\PolicyConfig\PropertyStore\b62fc6b2_0]
@="{0.0.0.00000000}.{1a4ddf1b-76ab-4615-93e5-d3f4599ad24b}|\Device\HarddiskVolume3\Program Files\McAfee\MSC\mchlp32.exe%b{00000000-0000-0000-0000-000000000000}"
[HKEY_USERS\S-1-5-21-1016556084-3091970497-507946437-1001\Software\Microsoft\Internet Explorer\LowRegistry\Audio\PolicyConfig\PropertyStore\f7226fa1_0]
@="{0.0.0.00000000}.{1a4ddf1b-76ab-4615-93e5-d3f4599ad24b}|\Device\HarddiskVolume3\PROGRA~1\McAfee\MSC\mchlp32.exe%b{00000000-0000-0000-0000-000000000000}"
[HKEY_USERS\S-1-5-21-1016556084-3091970497-507946437-1001\Software\Microsoft\Internet Explorer\SearchScopes\{36667B61-113B-4D4A-9655-2D5EEBF56FC0}]
"FaviconURL"="hxxp://sadownload.mcafee.com/products/SA/Win/favicon.ico"
[HKEY_USERS\S-1-5-21-1016556084-3091970497-507946437-1001\Software\Microsoft\Internet Explorer\SearchScopes\{36667B61-113B-4D4A-9655-2D5EEBF56FC0}]
"URL"="https://de.search.yahoo.com/search?fr=mcafee&type=C011DE532D20140110&p={searchTerms}"
[HKEY_USERS\S-1-5-21-1016556084-3091970497-507946437-1001\Software\Microsoft\Internet Explorer\SearchScopes\{DCA67887-DB28-490D-B4B0-BE2669C80B30}]
"FaviconURL"="hxxp://sadownload.mcafee.com/products/SA/Win/favicon.ico"
[HKEY_USERS\S-1-5-21-1016556084-3091970497-507946437-1001\Software\Microsoft\Internet Explorer\SearchScopes\{DCA67887-DB28-490D-B4B0-BE2669C80B30}]
"URL"="https://de.search.yahoo.com/search?fr=mcafee&type=B011DE532D20140110&p={searchTerms}"
[HKEY_USERS\S-1-5-21-1016556084-3091970497-507946437-1001\Software\Microsoft\Internet Explorer\SearchScopes\{DCA67887-DB28-490D-B4B0-BE2669C80B30}]
"FaviconPath"="C:\Program Files\McAfee\SiteAdvisor\Scripts\favicon.ico"
[HKEY_USERS\S-1-5-21-1016556084-3091970497-507946437-1001\Software\Microsoft\Office\12.0\Common\Internet]
"UseRWHlinkNavigation"="http://www.trojaner-board.de/184851-...new-post.html"
[HKEY_USERS\S-1-5-21-1016556084-3091970497-507946437-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.com/search?q=mcafee&form=WNSGPH&qs=AS&cvid=3d23e1f30b1040d5a9d22f144e9857aa&pq=Mc&cc=DE&setlang=de-DE&nclid=FE9C2656DBED2E56A8D0C50628EEED79&ts=1489841062563&nclidts=1489841062&tsms=563]
[HKEY_USERS\S-1-5-21-1016556084-3091970497-507946437-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\mcafee.com]
[HKEY_USERS\S-1-5-21-1016556084-3091970497-507946437-1001\Software\Microsoft\Windows\CurrentVersion\Search\RecentApps\{5D4F72AA-E5F4-4DE1-870B-A5067DC7C2F5}\RecentItems\{6F6B9BBE-2136-47D2-933A-4223B122F059}]
"Path"="microsoft-edge:https://www.bing.com/search?q=mcafee&form=WNSGPH&qs=AS&cvid=3d23e1f30b1040d5a9d22f144e9857aa&pq=Mc&cc=DE&setlang=de-DE&nclid=FE9C2656DBED2E56A8D0C50628EEED79&ts=1489841062563&nclidts=1489841062&tsms=563"
[HKEY_USERS\S-1-5-21-1016556084-3091970497-507946437-1001\Software\Microsoft\Windows\CurrentVersion\Search\RecentApps\{5D4F72AA-E5F4-4DE1-870B-A5067DC7C2F5}\RecentItems\{6F6B9BBE-2136-47D2-933A-4223B122F059}]
"DisplayName"="microsoft-edge:https://www.bing.com/search?q=mcafee&form=WNSGPH&qs=AS&cvid=3d23e1f30b1040d5a9d22f144e9857aa&pq=Mc&cc=DE&setlang=de-DE&nclid=FE9C2656DBED2E56A8D0C50628EEED79&ts=1489841062563&nclidts=1489841062&tsms=563"

-= EOF =-
         

Alt 21.03.2017, 21:57   #5
M-K-D-B
/// TB-Ausbilder
 
Löschung von McAfee resten - Standard

Löschung von McAfee resten



Servus,





Schritt 1
  • Deinstalliere über die Systemsteuerung (Bebilderte Anleitung):
    • McAfee Security Scan Plus
  • Starte den Rechner im Anschluss neu auf.






Schritt 2
Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument


Code:
ATTFilter
start
CloseProcesses:
BHO: MSS+ Identifier -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> C:\Program Files\McAfee Security Scan\3.8.141\McAfeeMSS_IE.dll => Keine Datei
BHO: Kein Name -> {27B4851A-3207-45A2-B947-BE8AFE6163AB} -> Keine Datei
BHO: Kein Name -> {5C255C8A-E604-49b4-9D64-90988571CECB} -> Keine Datei
FF Plugin: @mcafee.com/McAfeeMssPlugin -> C:\Program Files\McAfee Security Scan\3.8.141\npMcAfeeMss.dll [Keine Datei]
S2 0184281489596451mcinstcleanup; C:\WINDOWS\TEMP\018428~1.EXE -cleanup -nolog [X]
IE trusted site: HKU\S-1-5-21-1016556084-3091970497-507946437-1001\...\mcafee.com -> hxxp://mcafee.com
IE trusted site: HKU\S-1-5-21-1016556084-3091970497-507946437-1001\...\mcafee.com -> hxxps://mcafee.com
FirewallRules: [{C41D2E4C-6D4E-4C94-9611-87C41D68675B}] => (Allow) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
FirewallRules: [{5999E9F2-6AE6-4BC0-86E4-7E10AAD0DC8F}] => (Allow) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
FirewallRules: [{75DDA7C9-2A15-4812-8BCF-7E14E996FAFC}] => (Allow) C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
FirewallRules: [{13238EAF-06BC-4D40-813A-275523D3FD8F}] => (Allow) C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
FirewallRules: [{D252D2AE-D295-44FA-8EEE-72D2CCC6193A}] => (Allow) C:\Program Files\Common Files\Mcafee\MNA\McNaSvc.exe
C:\Users\Klaus\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\MCAFEE~2.EXE.log
C:\Windows\Prefetch\MCAFEE*.*
C:\Users\Klaus\AppData\Roaming\McAfee
C:\Windows\Microsoft.NET\assembly\GAC_32\McAfee.CSP.ClientAPI
DeleteKey: HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\InternetRegistry\McAfee
DeleteKey: HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-1016556084-3091970497-507946437-1001\Software\McAfee
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0E8A89AD-95D7-40EB-8D9D-083EF7066A01}
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{cc6f4d12-8575-4cff-9455-cf5774aeb13b}
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{4E53C1ED-9601-4715-99E7-A9657D8F5953}
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{66F54008-1EE3-43A7-95FD-C0D821EE1EFF}
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{CAE5E39D-46A2-4954-B96F-5075B0BE9836}
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2EBE1406-BE0E-44E6-AE10-247A0C5AEDCF}
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\McAfee Trust
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{27B4851A-3207-45A2-B947-BE8AFE6163AB}
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\5B4A54916B379ED4993A5062B1F7ED0D
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\McAfee Security Scan
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{1945A4B5-73B6-4DE9-99A3-05261B7FDED0}
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@mcafee.com/McAfeeMssPlugin
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@mcafee.com/MVT
EmptyTemp:
end
         

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
  • Starte nun FRST erneut und klicke den Entfernen Button.
  • Das Tool erstellt eine Fixlog.txt.
  • Poste mir deren Inhalt.







Schritt 3
Lade dir die passende Version von SystemLook vom folgenden Spiegel herunter und speichere das Tool auf dem Desktop:
SystemLook (32 bit) | SystemLook (64 bit)
  • Doppelklicke auf die SystemLook.exe, um das Tool zu starten.
  • Kopiere den Inhalt der folgenden Codebox in das Textfeld des Tools:

    Code:
    ATTFilter
    :filefind
    *McAfee*
    
    :folderfind
    *McAfee*
    
    :regfind
    McAfee
             
  • Klicke nun auf den Button Look, um den Scan zu starten.
  • Der Suchlauf kann einige Zeit dauern.
  • Wenn der Suchlauf beendet ist, wird sich dein Editor mit den Ergebnissen öffnen, poste diese in deinen Thread.
  • Die Ergebnisse werden auch auf dem Desktop als SystemLook.txt gespeichert.







Schritt 4
  • Starte die FRST.exe erneut. Vergewissere dich, dass vor Addition.txt ein Haken gesetzt ist und drücke auf Untersuchen.
  • FRST erstellt wieder zwei Logdateien (FRST.txt und Addition.txt).
  • Poste mir beide Logdateien mit deiner nächsten Antwort.






Bitte poste mit deiner nächsten Antwort
  • die Logdatei des FRST-Fix,
  • die Logdatei von SystemLook,
  • die beiden neuen Logdateien von FRST (FRST.txt und Addition.txt).

__________________
Gruß
M-K-D-B


==========================================================
offline vom 22.12.2018 bis 01.01.2019
==========================================================

Das Trojaner-Board unterstützen

Alt 22.03.2017, 14:13   #6
bütti
 
Löschung von McAfee resten - Standard

Löschung von McAfee resten



Hallo Matthias,

vielen Dank die neuen Aufgaben.
Es hapert gleich beim ersten Schritt, denn ich kann die Desinstallation nicht ausführen. Siehe Screenshot.
Miniaturansicht angehängter Grafiken
-screenshot-buetti.jpg  

Geändert von bütti (22.03.2017 um 14:33 Uhr)

Alt 22.03.2017, 14:36   #7
bütti
 
Löschung von McAfee resten - Standard

Löschung von McAfee resten



Hallo Matthias,

Dannn habe ich noch einmal mit Windows+X die Systemsteuerung aufgerufen und bekam diese Anzeige (2. Screenshot). Habe auf "Ja" geklickt, weil ich in der Tat, bevor ich hier das erste Mal gepostet hatte, schon einen Deinstallationsversuch unternommen hatte.
Danach ist McAfee aus der Liste in der Systemsteuerung verschwunden und ich werde jetzt die anderen Aufgaben nacheinander abarbeiten.
Miniaturansicht angehängter Grafiken
-systemsteuerung.jpg  

Alt 22.03.2017, 15:16   #8
bütti
 
Löschung von McAfee resten - Standard

Löschung von McAfee resten



1.Datei: Fixlog

Code:
ATTFilter
Entferungsergebnis von Farbar Recovery Scan Tool (x86) Version: 15-03-2017
durchgeführt von Klaus (22-03-2017 14:45:34) Run:1
Gestartet von C:\Users\Klaus\Desktop
Geladene Profile: Klaus (Verfügbare Profile: Klaus)
Start-Modus: Normal

==============================================

fixlist Inhalt:
*****************
start
CloseProcesses:
BHO: MSS+ Identifier -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> C:\Program Files\McAfee Security Scan\3.8.141\McAfeeMSS_IE.dll => Keine Datei
BHO: Kein Name -> {27B4851A-3207-45A2-B947-BE8AFE6163AB} -> Keine Datei
BHO: Kein Name -> {5C255C8A-E604-49b4-9D64-90988571CECB} -> Keine Datei
FF Plugin: @mcafee.com/McAfeeMssPlugin -> C:\Program Files\McAfee Security Scan\3.8.141\npMcAfeeMss.dll [Keine Datei]
S2 0184281489596451mcinstcleanup; C:\WINDOWS\TEMP\018428~1.EXE -cleanup -nolog [X]
IE trusted site: HKU\S-1-5-21-1016556084-3091970497-507946437-1001\...\mcafee.com -> hxxp://mcafee.com
IE trusted site: HKU\S-1-5-21-1016556084-3091970497-507946437-1001\...\mcafee.com -> hxxps://mcafee.com
FirewallRules: [{C41D2E4C-6D4E-4C94-9611-87C41D68675B}] => (Allow) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
FirewallRules: [{5999E9F2-6AE6-4BC0-86E4-7E10AAD0DC8F}] => (Allow) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
FirewallRules: [{75DDA7C9-2A15-4812-8BCF-7E14E996FAFC}] => (Allow) C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
FirewallRules: [{13238EAF-06BC-4D40-813A-275523D3FD8F}] => (Allow) C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
FirewallRules: [{D252D2AE-D295-44FA-8EEE-72D2CCC6193A}] => (Allow) C:\Program Files\Common Files\Mcafee\MNA\McNaSvc.exe
C:\Users\Klaus\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\MCAFEE~2.EXE.log
C:\Windows\Prefetch\MCAFEE*.*
C:\Users\Klaus\AppData\Roaming\McAfee
C:\Windows\Microsoft.NET\assembly\GAC_32\McAfee.CSP.ClientAPI
DeleteKey: HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\InternetRegistry\McAfee
DeleteKey: HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-1016556084-3091970497-507946437-1001\Software\McAfee
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0E8A89AD-95D7-40EB-8D9D-083EF7066A01}
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{cc6f4d12-8575-4cff-9455-cf5774aeb13b}
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{4E53C1ED-9601-4715-99E7-A9657D8F5953}
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{66F54008-1EE3-43A7-95FD-C0D821EE1EFF}
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{CAE5E39D-46A2-4954-B96F-5075B0BE9836}
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2EBE1406-BE0E-44E6-AE10-247A0C5AEDCF}
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\McAfee Trust
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{27B4851A-3207-45A2-B947-BE8AFE6163AB}
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\5B4A54916B379ED4993A5062B1F7ED0D
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\McAfee Security Scan
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{1945A4B5-73B6-4DE9-99A3-05261B7FDED0}
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@mcafee.com/McAfeeMssPlugin
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@mcafee.com/MVT
EmptyTemp:
end
         
*****************

Prozesse erfolgreich geschlossen.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0E8A89AD-95D7-40EB-8D9D-083EF7066A01} => Schlüssel erfolgreich entfernt
HKCR\CLSID\{0E8A89AD-95D7-40EB-8D9D-083EF7066A01} => Schlüssel nicht gefunden. 
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{27B4851A-3207-45A2-B947-BE8AFE6163AB} => Schlüssel erfolgreich entfernt
HKCR\CLSID\{27B4851A-3207-45A2-B947-BE8AFE6163AB} => Schlüssel nicht gefunden. 
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB} => Schlüssel erfolgreich entfernt
HKCR\CLSID\{5C255C8A-E604-49b4-9D64-90988571CECB} => Schlüssel nicht gefunden. 
HKLM\Software\MozillaPlugins\@mcafee.com/McAfeeMssPlugin => Schlüssel erfolgreich entfernt
HKLM\System\CurrentControlSet\Services\0184281489596451mcinstcleanup => Schlüssel erfolgreich entfernt
0184281489596451mcinstcleanup => service erfolgreich entfernt
HKU\S-1-5-21-1016556084-3091970497-507946437-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\mcafee.com => Schlüssel erfolgreich entfernt
HKU\S-1-5-21-1016556084-3091970497-507946437-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\mcafee.com => Schlüssel nicht gefunden. 
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{C41D2E4C-6D4E-4C94-9611-87C41D68675B} => Wert erfolgreich entfernt
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{5999E9F2-6AE6-4BC0-86E4-7E10AAD0DC8F} => Wert erfolgreich entfernt
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{75DDA7C9-2A15-4812-8BCF-7E14E996FAFC} => Wert erfolgreich entfernt
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{13238EAF-06BC-4D40-813A-275523D3FD8F} => Wert erfolgreich entfernt
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{D252D2AE-D295-44FA-8EEE-72D2CCC6193A} => Wert erfolgreich entfernt
C:\Users\Klaus\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\MCAFEE~2.EXE.log => erfolgreich verschoben

=========== "C:\Windows\Prefetch\MCAFEE*.*" ==========

C:\Windows\Prefetch\MCAFEE CONSUMER PRODUCT REMOV-0BB7DA7F.pf => erfolgreich verschoben
C:\Windows\Prefetch\MCAFEE.TRUEKEY.SERVICE.EXE-FF6D78D3.pf => erfolgreich verschoben
C:\Windows\Prefetch\MCAFEE.TRUEKEY.SERVICEHELPER.-2E3CCB1B.pf => erfolgreich verschoben
C:\Windows\Prefetch\MCAFEE.YAP.TKUPDMGR.EXE-6E8EDDE9.pf => erfolgreich verschoben
C:\Windows\Prefetch\MCAFEE~2.EXE-8BDEB7F0.pf => erfolgreich verschoben

========= Ende -> "C:\Windows\Prefetch\MCAFEE*.*" ========

C:\Users\Klaus\AppData\Roaming\McAfee => erfolgreich verschoben
C:\Windows\Microsoft.NET\assembly\GAC_32\McAfee.CSP.ClientAPI => erfolgreich verschoben
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\InternetRegistry\McAfee => Schlüssel erfolgreich entfernt
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-1016556084-3091970497-507946437-1001\Software\McAfee => Schlüssel erfolgreich entfernt
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0E8A89AD-95D7-40EB-8D9D-083EF7066A01} => Schlüssel erfolgreich entfernt
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{cc6f4d12-8575-4cff-9455-cf5774aeb13b} => Schlüssel erfolgreich entfernt
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{4E53C1ED-9601-4715-99E7-A9657D8F5953} => Schlüssel erfolgreich entfernt
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{66F54008-1EE3-43A7-95FD-C0D821EE1EFF} => Schlüssel erfolgreich entfernt
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{CAE5E39D-46A2-4954-B96F-5075B0BE9836} => Schlüssel erfolgreich entfernt
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2EBE1406-BE0E-44E6-AE10-247A0C5AEDCF} => Schlüssel erfolgreich entfernt
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\McAfee Trust => Schlüssel erfolgreich entfernt
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{27B4851A-3207-45A2-B947-BE8AFE6163AB} => Schlüssel nicht gefunden. 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\5B4A54916B379ED4993A5062B1F7ED0D => Schlüssel erfolgreich entfernt
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\McAfee Security Scan => Schlüssel nicht gefunden. 
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{1945A4B5-73B6-4DE9-99A3-05261B7FDED0} => Schlüssel erfolgreich entfernt
HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@mcafee.com/McAfeeMssPlugin => Schlüssel nicht gefunden. 
HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@mcafee.com/MVT => Schlüssel erfolgreich entfernt

=========== EmptyTemp: ==========

BITS transfer queue => 5550932 B
DOMStoree, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 249152962 B
Java, Flash, Steam htmlcache => 303 B
Windows/system/drivers => 251634678 B
Edge => 2149414 B
Chrome => 8541862 B
Firefox => 47559806 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 72396 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 128 B
LocalService => 66880 B
NetworkService => 787831 B
Klaus => 679487321 B

RecycleBin => 3932150420 B
EmptyTemp: => 4.8 GB temporäre Dateien entfernt.

================================


Das System musste neu gestartet werden.

==== Ende vom Fixlog 14:48:03 ====
         
2.Datei:Systemlook

Code:
ATTFilter
SystemLook 30.07.11 by jpshortstuff
Log created at 15:01 on 22/03/2017 by Klaus
Administrator - Elevation successful

========== filefind ==========

Searching for "*McAfee*"
C:\FRST\Quarantine\C\Users\Klaus\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\MCAFEE~2.EXE.log.xBAD	--a---- 1064 bytes	[21:34 01/02/2017]	[19:39 16/03/2017] 5FBB7E3F9DACB0189EB06496FCF3F76E
C:\FRST\Quarantine\C\Windows\Microsoft.NET\assembly\GAC_32\McAfee.CSP.ClientAPI\v4.0_1.3.336.0__a63667ab4267742d\McAfee.CSP.ClientAPI.dll	--a---- 12664 bytes	[09:48 14/10/2016]	[09:48 14/10/2016] 44FB47F80120E396C1A160FE225B09FA
C:\FRST\Quarantine\C\Windows\Prefetch\MCAFEE CONSUMER PRODUCT REMOV-0BB7DA7F.pf.xBAD	--a---- 9890 bytes	[15:46 18/03/2017]	[15:46 18/03/2017] D467113746F8761125BF1E83DDB71ECE
C:\FRST\Quarantine\C\Windows\Prefetch\MCAFEE.TRUEKEY.SERVICE.EXE-FF6D78D3.pf.xBAD	--a---- 45694 bytes	[19:38 16/03/2017]	[19:38 16/03/2017] 8E24F1FB49ECB408839279BC46C4ACD8
C:\FRST\Quarantine\C\Windows\Prefetch\MCAFEE.TRUEKEY.SERVICEHELPER.-2E3CCB1B.pf.xBAD	--a---- 5293 bytes	[19:36 16/03/2017]	[19:36 16/03/2017] D4E007ECCEB19CCAC139CC456FC532BF
C:\FRST\Quarantine\C\Windows\Prefetch\MCAFEE.YAP.TKUPDMGR.EXE-6E8EDDE9.pf.xBAD	--a---- 7071 bytes	[19:36 16/03/2017]	[19:36 16/03/2017] 3BD046F50C01AFDEC1C1E191F21DDFC7
C:\FRST\Quarantine\C\Windows\Prefetch\MCAFEE~2.EXE-8BDEB7F0.pf.xBAD	--a---- 6910 bytes	[19:38 16/03/2017]	[19:38 16/03/2017] C6D9BFEF815295E6C4C3A9420F026798
C:\Users\Klaus\Downloads\McAfee Consumer Product Removal Tool - CHIP-Installer.exe	--a---- 1496584 bytes	[15:45 18/03/2017]	[15:46 18/03/2017] EEA39371BF05E311B146F914F2AD52FC
C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\Mcafee.TrueKey.InstallerService.exe.log	--a---- 2096 bytes	[10:38 30/01/2017]	[10:38 30/01/2017] 569BFC0D1A09B9BA51D7FA047208049D
C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\McAfee.TrueKey.Service.exe.log	--a---- 4891 bytes	[21:33 01/02/2017]	[15:10 18/03/2017] BD8A91BA1AD538E3D003CEE93BE495E9

========== folderfind ==========

Searching for "*McAfee*"
C:\FRST\Quarantine\C\Users\Klaus\AppData\Roaming\McAfee	d------	[19:51 19/03/2010]
C:\FRST\Quarantine\C\Windows\Microsoft.NET\assembly\GAC_32\McAfee.CSP.ClientAPI	d------	[09:48 14/10/2016]

========== regfind ==========

Searching for "McAfee"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\LowRegistry\Audio\PolicyConfig\PropertyStore\629b1277_0]
@="{0.0.0.00000000}.{6c74cf87-3d82-4e09-a1e3-142ee3afdc68}|\Device\HarddiskVolume3\Program Files\McAfee\MSC\mcupdui.exe%b{00000000-0000-0000-0000-000000000000}"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\LowRegistry\Audio\PolicyConfig\PropertyStore\70303b06_0]
@="{0.0.0.00000000}.{6c74cf87-3d82-4e09-a1e3-142ee3afdc68}|\Device\HarddiskVolume3\PROGRA~1\McAfee\MSC\mcupdui.exe%b{00000000-0000-0000-0000-000000000000}"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\LowRegistry\Audio\PolicyConfig\PropertyStore\8470cbf8_0]
@="{0.0.0.00000000}.{6c74cf87-3d82-4e09-a1e3-142ee3afdc68}|\Device\HarddiskVolume3\Program Files\McAfee.com\Agent\mcagent.exe%b{00000000-0000-0000-0000-000000000000}"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\LowRegistry\Audio\PolicyConfig\PropertyStore\b62fc6b2_0]
@="{0.0.0.00000000}.{1a4ddf1b-76ab-4615-93e5-d3f4599ad24b}|\Device\HarddiskVolume3\Program Files\McAfee\MSC\mchlp32.exe%b{00000000-0000-0000-0000-000000000000}"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\LowRegistry\Audio\PolicyConfig\PropertyStore\f7226fa1_0]
@="{0.0.0.00000000}.{1a4ddf1b-76ab-4615-93e5-d3f4599ad24b}|\Device\HarddiskVolume3\PROGRA~1\McAfee\MSC\mchlp32.exe%b{00000000-0000-0000-0000-000000000000}"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{36667B61-113B-4D4A-9655-2D5EEBF56FC0}]
"FaviconURL"="hxxp://sadownload.mcafee.com/products/SA/Win/favicon.ico"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{36667B61-113B-4D4A-9655-2D5EEBF56FC0}]
"URL"="https://de.search.yahoo.com/search?fr=mcafee&type=C011DE532D20140110&p={searchTerms}"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{DCA67887-DB28-490D-B4B0-BE2669C80B30}]
"FaviconURL"="hxxp://sadownload.mcafee.com/products/SA/Win/favicon.ico"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{DCA67887-DB28-490D-B4B0-BE2669C80B30}]
"URL"="https://de.search.yahoo.com/search?fr=mcafee&type=B011DE532D20140110&p={searchTerms}"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{DCA67887-DB28-490D-B4B0-BE2669C80B30}]
"FaviconPath"="C:\Program Files\McAfee\SiteAdvisor\Scripts\favicon.ico"
[HKEY_CURRENT_USER\Software\Microsoft\Office\12.0\Common\Internet]
"UseRWHlinkNavigation"="http://www.trojaner-board.de/184851-...new-post.html"
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.com/search?q=mcafee&form=WNSGPH&qs=AS&cvid=3d23e1f30b1040d5a9d22f144e9857aa&pq=Mc&cc=DE&setlang=de-DE&nclid=FE9C2656DBED2E56A8D0C50628EEED79&ts=1489841062563&nclidts=1489841062&tsms=563]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Search\RecentApps\{5D4F72AA-E5F4-4DE1-870B-A5067DC7C2F5}\RecentItems\{6F6B9BBE-2136-47D2-933A-4223B122F059}]
"Path"="microsoft-edge:https://www.bing.com/search?q=mcafee&form=WNSGPH&qs=AS&cvid=3d23e1f30b1040d5a9d22f144e9857aa&pq=Mc&cc=DE&setlang=de-DE&nclid=FE9C2656DBED2E56A8D0C50628EEED79&ts=1489841062563&nclidts=1489841062&tsms=563"
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Search\RecentApps\{5D4F72AA-E5F4-4DE1-870B-A5067DC7C2F5}\RecentItems\{6F6B9BBE-2136-47D2-933A-4223B122F059}]
"DisplayName"="microsoft-edge:https://www.bing.com/search?q=mcafee&form=WNSGPH&qs=AS&cvid=3d23e1f30b1040d5a9d22f144e9857aa&pq=Mc&cc=DE&setlang=de-DE&nclid=FE9C2656DBED2E56A8D0C50628EEED79&ts=1489841062563&nclidts=1489841062&tsms=563"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\5B4A54916B379ED4993A5062B1F7ED0D\SourceList]
"LastUsedSource"="n;1;C:\Program Files\McAfee\Temp\qxz3C83\"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\5B4A54916B379ED4993A5062B1F7ED0D\SourceList\Net]
"1"="C:\Program Files\McAfee\Temp\qxz3C83\"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\Program Files\McAfee\"="1"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\ProgramData\McAfee\Supportability\"="1"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\User Agent\Post Platform]
"McAfee"=""
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Lsa]
"Notification Packages"="scecli C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\EventLog\Application\AVLogEvent]
"EventMessageFile"="C:\Program Files\Common Files\McAfee\AMCore\AVEvent.dll"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\EventLog\System\cfwids.sys]
"EventMessageFile"="C:\Program Files\Common Files\McAfee\SystemCore\"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\EventLog\System\mfeapfk.sys]
"EventMessageFile"="C:\Program Files\Common Files\McAfee\SystemCore\"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\EventLog\System\mfeavfk.sys]
"EventMessageFile"="C:\Program Files\Common Files\McAfee\SystemCore\"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\EventLog\System\mfebopk.sys]
"EventMessageFile"="C:\Program Files\Common Files\McAfee\SystemCore\"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\EventLog\System\mfefirek.sys]
"EventMessageFile"="C:\Program Files\Common Files\McAfee\SystemCore\"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\EventLog\System\mfenlfk.sys]
"EventMessageFile"="C:\Program Files\Common Files\McAfee\SystemCore\"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\EventLog\System\mferkdet.sys]
"EventMessageFile"="C:\Program Files\Common Files\McAfee\SystemCore\"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\InstallerService]
"ImagePath"="C:\Program Files\TrueKey\Mcafee.TrueKey.InstallerService.exe -originalversion 4.4.127.0"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"Notification Packages"="scecli C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\EventLog\Application\AVLogEvent]
"EventMessageFile"="C:\Program Files\Common Files\McAfee\AMCore\AVEvent.dll"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\EventLog\System\cfwids.sys]
"EventMessageFile"="C:\Program Files\Common Files\McAfee\SystemCore\"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\EventLog\System\mfeapfk.sys]
"EventMessageFile"="C:\Program Files\Common Files\McAfee\SystemCore\"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\EventLog\System\mfeavfk.sys]
"EventMessageFile"="C:\Program Files\Common Files\McAfee\SystemCore\"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\EventLog\System\mfebopk.sys]
"EventMessageFile"="C:\Program Files\Common Files\McAfee\SystemCore\"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\EventLog\System\mfefirek.sys]
"EventMessageFile"="C:\Program Files\Common Files\McAfee\SystemCore\"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\EventLog\System\mfenlfk.sys]
"EventMessageFile"="C:\Program Files\Common Files\McAfee\SystemCore\"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\EventLog\System\mferkdet.sys]
"EventMessageFile"="C:\Program Files\Common Files\McAfee\SystemCore\"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\InstallerService]
"ImagePath"="C:\Program Files\TrueKey\Mcafee.TrueKey.InstallerService.exe -originalversion 4.4.127.0"
[HKEY_USERS\S-1-5-21-1016556084-3091970497-507946437-1001\Software\Microsoft\Internet Explorer\LowRegistry\Audio\PolicyConfig\PropertyStore\629b1277_0]
@="{0.0.0.00000000}.{6c74cf87-3d82-4e09-a1e3-142ee3afdc68}|\Device\HarddiskVolume3\Program Files\McAfee\MSC\mcupdui.exe%b{00000000-0000-0000-0000-000000000000}"
[HKEY_USERS\S-1-5-21-1016556084-3091970497-507946437-1001\Software\Microsoft\Internet Explorer\LowRegistry\Audio\PolicyConfig\PropertyStore\70303b06_0]
@="{0.0.0.00000000}.{6c74cf87-3d82-4e09-a1e3-142ee3afdc68}|\Device\HarddiskVolume3\PROGRA~1\McAfee\MSC\mcupdui.exe%b{00000000-0000-0000-0000-000000000000}"
[HKEY_USERS\S-1-5-21-1016556084-3091970497-507946437-1001\Software\Microsoft\Internet Explorer\LowRegistry\Audio\PolicyConfig\PropertyStore\8470cbf8_0]
@="{0.0.0.00000000}.{6c74cf87-3d82-4e09-a1e3-142ee3afdc68}|\Device\HarddiskVolume3\Program Files\McAfee.com\Agent\mcagent.exe%b{00000000-0000-0000-0000-000000000000}"
[HKEY_USERS\S-1-5-21-1016556084-3091970497-507946437-1001\Software\Microsoft\Internet Explorer\LowRegistry\Audio\PolicyConfig\PropertyStore\b62fc6b2_0]
@="{0.0.0.00000000}.{1a4ddf1b-76ab-4615-93e5-d3f4599ad24b}|\Device\HarddiskVolume3\Program Files\McAfee\MSC\mchlp32.exe%b{00000000-0000-0000-0000-000000000000}"
[HKEY_USERS\S-1-5-21-1016556084-3091970497-507946437-1001\Software\Microsoft\Internet Explorer\LowRegistry\Audio\PolicyConfig\PropertyStore\f7226fa1_0]
@="{0.0.0.00000000}.{1a4ddf1b-76ab-4615-93e5-d3f4599ad24b}|\Device\HarddiskVolume3\PROGRA~1\McAfee\MSC\mchlp32.exe%b{00000000-0000-0000-0000-000000000000}"
[HKEY_USERS\S-1-5-21-1016556084-3091970497-507946437-1001\Software\Microsoft\Internet Explorer\SearchScopes\{36667B61-113B-4D4A-9655-2D5EEBF56FC0}]
"FaviconURL"="hxxp://sadownload.mcafee.com/products/SA/Win/favicon.ico"
[HKEY_USERS\S-1-5-21-1016556084-3091970497-507946437-1001\Software\Microsoft\Internet Explorer\SearchScopes\{36667B61-113B-4D4A-9655-2D5EEBF56FC0}]
"URL"="https://de.search.yahoo.com/search?fr=mcafee&type=C011DE532D20140110&p={searchTerms}"
[HKEY_USERS\S-1-5-21-1016556084-3091970497-507946437-1001\Software\Microsoft\Internet Explorer\SearchScopes\{DCA67887-DB28-490D-B4B0-BE2669C80B30}]
"FaviconURL"="hxxp://sadownload.mcafee.com/products/SA/Win/favicon.ico"
[HKEY_USERS\S-1-5-21-1016556084-3091970497-507946437-1001\Software\Microsoft\Internet Explorer\SearchScopes\{DCA67887-DB28-490D-B4B0-BE2669C80B30}]
"URL"="https://de.search.yahoo.com/search?fr=mcafee&type=B011DE532D20140110&p={searchTerms}"
[HKEY_USERS\S-1-5-21-1016556084-3091970497-507946437-1001\Software\Microsoft\Internet Explorer\SearchScopes\{DCA67887-DB28-490D-B4B0-BE2669C80B30}]
"FaviconPath"="C:\Program Files\McAfee\SiteAdvisor\Scripts\favicon.ico"
[HKEY_USERS\S-1-5-21-1016556084-3091970497-507946437-1001\Software\Microsoft\Office\12.0\Common\Internet]
"UseRWHlinkNavigation"="http://www.trojaner-board.de/184851-...new-post.html"
[HKEY_USERS\S-1-5-21-1016556084-3091970497-507946437-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.com/search?q=mcafee&form=WNSGPH&qs=AS&cvid=3d23e1f30b1040d5a9d22f144e9857aa&pq=Mc&cc=DE&setlang=de-DE&nclid=FE9C2656DBED2E56A8D0C50628EEED79&ts=1489841062563&nclidts=1489841062&tsms=563]
[HKEY_USERS\S-1-5-21-1016556084-3091970497-507946437-1001\Software\Microsoft\Windows\CurrentVersion\Search\RecentApps\{5D4F72AA-E5F4-4DE1-870B-A5067DC7C2F5}\RecentItems\{6F6B9BBE-2136-47D2-933A-4223B122F059}]
"Path"="microsoft-edge:https://www.bing.com/search?q=mcafee&form=WNSGPH&qs=AS&cvid=3d23e1f30b1040d5a9d22f144e9857aa&pq=Mc&cc=DE&setlang=de-DE&nclid=FE9C2656DBED2E56A8D0C50628EEED79&ts=1489841062563&nclidts=1489841062&tsms=563"
[HKEY_USERS\S-1-5-21-1016556084-3091970497-507946437-1001\Software\Microsoft\Windows\CurrentVersion\Search\RecentApps\{5D4F72AA-E5F4-4DE1-870B-A5067DC7C2F5}\RecentItems\{6F6B9BBE-2136-47D2-933A-4223B122F059}]
"DisplayName"="microsoft-edge:https://www.bing.com/search?q=mcafee&form=WNSGPH&qs=AS&cvid=3d23e1f30b1040d5a9d22f144e9857aa&pq=Mc&cc=DE&setlang=de-DE&nclid=FE9C2656DBED2E56A8D0C50628EEED79&ts=1489841062563&nclidts=1489841062&tsms=563"

Searching for "         "
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WSMAN\Plugin\Microsoft.PowerShell]
"ConfigXML"="             <PlugInConfiguration xmlns="hxxp://schemas.microsoft.com/wbem/wsman/1/config/PluginConfiguration" Name="microsoft.powershell" Filename="%windir%\system32\pwrshplugin.dll" SDKVersion="2" XmlRenderingType="text" Enabled="true" >                 <InitializationParameters>                     <Param Name="PSVersion" Value="5.1"/>                 </InitializationParameters>                 <Resources>                     <Resource ResourceUri="hxxp://schemas.microsoft.com/powershell/microsoft.powershell" SupportsOptions="true" ExactMatch="true">                         <Security xmlns="hxxp://schemas.microsoft.com/wbem/wsman/1/config/PluginConfiguration" Uri="hxxp://schemas.microsoft.com/powershell/microsoft.powershell" ExactMatch="true" Sddl="O:NSG:BAD:P(A;;GA;;;BA)(A;;GA;;;IU)(A;;GA;;;RM)S:P(AU;FA;GA;;;WD)(AU;SA;GXGW;;;WD)"/>                         <Capability Type="Shell"/>               
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WSMAN\Plugin\Microsoft.PowerShell.Workflow]
"ConfigXML"="             <PlugInConfiguration xmlns="hxxp://schemas.microsoft.com/wbem/wsman/1/config/PluginConfiguration" Name="microsoft.powershell.workflow" Filename="%windir%\system32\pwrshplugin.dll" SDKVersion="2" XmlRenderingType="text" UseSharedProcess="true" ProcessIdleTimeoutSec="1209600" RunAsUser="" RunAsPassword="" AutoRestart="false"     Enabled="true" >                 <InitializationParameters>                     <Param Name="PSVersion" Value="5.1"/>                     <Param Name="AssemblyName" Value="Microsoft.PowerShell.Workflow.ServiceCore, Version=3.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35, processorArchitecture=MSIL"/>                     <Param Name="PSSessionConfigurationTypeName" Value="Microsoft.PowerShell.Workflow.PSWorkflowSessionConfiguration"/>                     <Param Name="SessionConfigurationData"                          Value="                       

-= EOF =-
         
3.Datei:FRST Editor

Code:
ATTFilter
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x86) Version: 15-03-2017
durchgeführt von Klaus (Administrator) auf KLAUS-PC (22-03-2017 15:07:07)
Gestartet von C:\Users\Klaus\Desktop
Geladene Profile: Klaus (Verfügbare Profile: Klaus)
Platform: Microsoft Windows 10 Home Version 1607 (X86) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(DATEV eG) C:\DATEV\PROGRAMM\B0001442\PSNTServ.exe
(Chip Digital GmbH) C:\Program Files\Chip Digital GmbH\chip1click\chip 1-click installer.exe
() C:\Program Files\CyberLink\Shared files\RichVideo.exe
() C:\Windows\System32\PSIService.exe
() C:\Windows\System32\Rezip.exe
(Sony Corporation) C:\Program Files\Sony\PMB\PMBDeviceInfoProvider.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\TeamViewer_Service.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(SAMSUNG Electronics) C:\Program Files\Samsung\Samsung Support Center\SSCKbdHk.exe
(Samsung Electronics Co., Ltd.) C:\Program Files\Samsung\EasySpeedUpManager\EasySpeedUpManager.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\TeamViewer.exe
(Samsung Electronics Co., Ltd.) C:\Program Files\Samsung\Easy Display Manager\dmhkcore.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.12.112.0_x86__kzf8qxf38zg5c\SkypeHost.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\tv_w32.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Sony Corporation) C:\Program Files\Sony\PMB\PMBVolumeWatcher.exe
(Nuance Communications, Inc.) C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe
(Brother Industries, Ltd.) C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe
(Brother Industries, Ltd.) C:\Program Files\Brother\ControlCenter3\BrccMCtl.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Geek Software GmbH) C:\Program Files\PDF24\pdf24.exe
(1und1 Mail und Media GmbH) C:\Program Files\WEB.DE MailCheck\IE\WEB.DE_MailCheck_Broker.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Google Inc.) C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
(Dropbox, Inc.) C:\Users\Klaus\AppData\Local\Dropbox\Update\DropboxUpdate.exe
(© 2015 Microsoft Corporation) C:\Users\Klaus\AppData\Local\Microsoft\BingSvc\BingSvc.exe
(Skype Technologies S.A.) C:\Program Files\Skype\Phone\Skype.exe
(Dropbox, Inc.) C:\Users\Klaus\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Dropbox, Inc.) C:\Users\Klaus\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jucheck.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe

==================== Registry (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [12214528 2015-06-24] (Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1541416 2009-07-15] (Synaptics Incorporated)
HKLM\...\Run: [UCam_Menu] => C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe [218408 2009-02-25] (CyberLink Corp.)
HKLM\...\Run: [TrayServer] => C:\Program Files\MAGIX\Filme_auf_DVD_9_Download-Version\TrayServer.exe [90112 2008-01-17] (MAGIX AG)
HKLM\...\Run: [PMBVolumeWatcher] => C:\Program Files\Sony\PMB\PMBVolumeWatcher.exe [599328 2010-03-24] (Sony Corporation)
HKLM\...\Run: [SSBkgdUpdate] => C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe [210472 2006-10-25] (Nuance Communications, Inc.)
HKLM\...\Run: [PaperPort PTD] => C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe [29984 2008-07-09] (Nuance Communications, Inc.)
HKLM\...\Run: [IndexSearch] => C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe [46368 2008-07-09] (Nuance Communications, Inc.)
HKLM\...\Run: [PPort11reminder] => "C:\Program Files\ScanSoft\PaperPort\Ereg\Ereg.exe" -r "C:\ProgramData\ScanSoft\PaperPort\11\Config\Ereg\Ereg.ini"
HKLM\...\Run: [BrMfcWnd] => C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe [1159168 2009-05-26] (Brother Industries, Ltd.)
HKLM\...\Run: [ControlCenter3] => C:\Program Files\Brother\ControlCenter3\brctrcen.exe [114688 2008-12-24] (Brother Industries, Ltd.)
HKLM\...\Run: [QuickTime Task] => C:\Program Files\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [594992 2016-01-29] (Oracle Corporation)
HKLM\...\Run: [PDFPrint] => C:\Program Files\PDF24\pdf24.exe [210432 2016-07-05] (Geek Software GmbH)
HKLM\...\Run: [MailCheck IE Broker] => C:\Program Files\WEB.DE MailCheck\IE\WEB.DE_MailCheck_Broker.exe [2356080 2016-07-21] (1und1 Mail und Media GmbH)
HKLM\...\Run: [WindowsDefender] => C:\Program Files\Windows Defender\MSASCuiL.exe [483840 2016-07-16] (Microsoft Corporation)
Winlogon\Notify\SDWinLogon: SDWinLogon.dll [X]
HKU\S-1-5-21-1016556084-3091970497-507946437-1001\...\Run: [swg] => C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2009-09-16] (Google Inc.)
HKU\S-1-5-21-1016556084-3091970497-507946437-1001\...\Run: [Dropbox Update] => C:\Users\Klaus\AppData\Local\Dropbox\Update\DropboxUpdate.exe [143144 2016-11-09] (Dropbox, Inc.)
HKU\S-1-5-21-1016556084-3091970497-507946437-1001\...\Run: [BingSvc] => C:\Users\Klaus\AppData\Local\Microsoft\BingSvc\BingSvc.exe [144008 2016-07-12] (© 2015 Microsoft Corporation)
HKU\S-1-5-21-1016556084-3091970497-507946437-1001\...\Run: [Skype] => C:\Program Files\Skype\Phone\Skype.exe [27230168 2016-11-15] (Skype Technologies S.A.)
HKU\S-1-5-21-1016556084-3091970497-507946437-1001\...\Run: [GarminExpressTrayApp] => C:\Program Files\Garmin\Express Tray\ExpressTray.exe [1407912 2017-01-16] (Garmin Ltd. or its subsidiaries)
HKU\S-1-5-18\...\Run: [GarminExpressTrayApp] => C:\Program Files\Garmin\Express Tray\ExpressTray.exe [1407912 2017-01-16] (Garmin Ltd. or its subsidiaries)
Lsa: [Notification Packages] scecli C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Klaus\AppData\Roaming\Dropbox\bin\DropboxExt.14.0.dll [2017-03-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Klaus\AppData\Roaming\Dropbox\bin\DropboxExt.14.0.dll [2017-03-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Klaus\AppData\Roaming\Dropbox\bin\DropboxExt.14.0.dll [2017-03-06] (Dropbox, Inc.)
Startup: C:\Users\Klaus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2017-03-10]
ShortcutTarget: Dropbox.lnk -> C:\Users\Klaus\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{282c3c11-bd40-49ce-a090-a878048b4175}: [DhcpNameServer] 192.168.178.1

Internet Explorer:
==================
HKU\S-1-5-21-1016556084-3091970497-507946437-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=SK2M&ocid=SK2MDHP&osmkt=de-de
HKU\S-1-5-21-1016556084-3091970497-507946437-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=smsn&bmod=smsn
HKU\S-1-5-21-1016556084-3091970497-507946437-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.google.de/
SearchScopes: HKLM -> DefaultScope {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7SMSN
SearchScopes: HKLM -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7SMSN
SearchScopes: HKU\S-1-5-21-1016556084-3091970497-507946437-1001 -> DefaultScope {36667B61-113B-4D4A-9655-2D5EEBF56FC0} URL = hxxps://de.search.yahoo.com/search?fr=mcafee&type=C011DE532D20140110&p={searchTerms}
SearchScopes: HKU\S-1-5-21-1016556084-3091970497-507946437-1001 -> {3188016B-9C61-4D96-A3F0-26240792A64F} URL = hxxp://go.gmx.de/tb/ie_searchplugin/?q={searchTerms}&enc=UTF-8
SearchScopes: HKU\S-1-5-21-1016556084-3091970497-507946437-1001 -> {36667B61-113B-4D4A-9655-2D5EEBF56FC0} URL = hxxps://de.search.yahoo.com/search?fr=mcafee&type=C011DE532D20140110&p={searchTerms}
SearchScopes: HKU\S-1-5-21-1016556084-3091970497-507946437-1001 -> {55E10C83-66E2-4DF3-8C6D-F1FCA32463AE} URL = hxxp://go.web.de/tb/ie_searchplugin/?q={searchTerms}&enc=UTF-8
SearchScopes: HKU\S-1-5-21-1016556084-3091970497-507946437-1001 -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.bing.com/search?FORM=SK2MDF&PC=SK2M&q={searchTerms}&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-1016556084-3091970497-507946437-1001 -> {8739C06C-4C0E-4EC0-BE0C-E7BCB362BEFF} URL = hxxp://go.1und1.de/tb/ie_searchplugin/?q={searchTerms}&enc=UTF-8
SearchScopes: HKU\S-1-5-21-1016556084-3091970497-507946437-1001 -> {942EC6E8-747D-448C-9B55-23B6147D7F60} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7SMSN_de___DE363
SearchScopes: HKU\S-1-5-21-1016556084-3091970497-507946437-1001 -> {B3C47B51-F87A-43DF-B84E-70B7324A9378} URL = hxxp://go.mail.com/tb/en-us/ie_searchplugin/?q={searchTerms}&enc=UTF-8
SearchScopes: HKU\S-1-5-21-1016556084-3091970497-507946437-1001 -> {DCA67887-DB28-490D-B4B0-BE2669C80B30} URL = hxxps://de.search.yahoo.com/search?fr=mcafee&type=B011DE532D20140110&p={searchTerms}
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_73\bin\ssv.dll [2016-02-08] (Oracle Corporation)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2010-01-18] (Google Inc.)
BHO: Google Toolbar Notifier BHO -> {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} -> C:\Program Files\Google\GoogleToolbarNotifier\5.6.5612.1312\swg.dll [2010-10-08] (Google Inc.)
BHO: WEB.DE MailCheck BHO -> {BF42D4A8-016E-4fcd-B1EB-837659FD77C6} -> C:\Program Files\WEB.DE MailCheck\IE\WEB.DE_MailCheck.dll [2016-07-21] (1und1 Mail und Media GmbH)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_73\bin\jp2ssv.dll [2016-02-08] (Oracle Corporation)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2010-01-18] (Google Inc.)
Toolbar: HKU\S-1-5-21-1016556084-3091970497-507946437-1001 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2010-01-18] (Google Inc.)
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll [2009-02-26] (Microsoft Corporation)
Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll [2009-07-26] (Microsoft Corporation)
Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll [2009-07-26] (Microsoft Corporation)
Handler: webde - {8FAF0273-9CA8-4efc-9536-1E35E254D5CD} - C:\Program Files\WEB.DE MailCheck\IE\WEB.DE_MailCheck.dll [2016-07-21] (1und1 Mail und Media GmbH)

FireFox:
========
FF ProfilePath: C:\Users\Klaus\AppData\Roaming\Mozilla\Firefox\Profiles\fx8m4482.default [2017-03-22]
FF SearchEngineOrder.1: Mozilla\Firefox\Profiles\fx8m4482.default -> Sichere Suche
FF SearchEngineOrder.3: Mozilla\Firefox\Profiles\fx8m4482.default -> Bing 
FF SelectedSearchEngine: Mozilla\Firefox\Profiles\fx8m4482.default -> Bing 
FF Homepage: Mozilla\Firefox\Profiles\fx8m4482.default -> hxxps://www.google.de/?gws_rd=ssl
FF Keyword.URL: Mozilla\Firefox\Profiles\fx8m4482.default -> hxxp://www.bing.com/search?FORM=SK2MDF&PC=SK2M&q=
FF Extension: (Bing Search) - C:\Users\Klaus\AppData\Roaming\Mozilla\Firefox\Profiles\fx8m4482.default\Extensions\bingsearch.full@microsoft.com.xpi [2015-11-29]
FF Extension: (WEB.DE MailCheck) - C:\Users\Klaus\AppData\Roaming\Mozilla\Firefox\Profiles\fx8m4482.default\Extensions\mailcheck@web.de [2016-11-23]
FF Extension: (McAfee WebAdvisor) - C:\Users\Klaus\AppData\Roaming\Mozilla\Firefox\Profiles\fx8m4482.default\Extensions\{4ED1F68A-5463-4931-9384-8FFF5ED91D92}.xpi [2015-08-04] [ist nicht signiert]
FF Extension: (Adblock Plus) - C:\Users\Klaus\AppData\Roaming\Mozilla\Firefox\Profiles\fx8m4482.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-11-24]
FF SearchPlugin: C:\Users\Klaus\AppData\Roaming\Mozilla\Firefox\Profiles\fx8m4482.default\searchplugins\bing-.xml [2015-11-29]
FF SearchPlugin: C:\Users\Klaus\AppData\Roaming\Mozilla\Firefox\Profiles\fx8m4482.default\searchplugins\yahoo-ysp.xml [2015-11-30]
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\McSiteAdvisor.xml [2015-08-20]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_24_0_0_194.dll [2017-01-30] ()
FF Plugin: @adobe.com/ShockwavePlayer -> C:\windows\system32\Adobe\Director\np32dsw_1200112.dll [2013-02-18] (Adobe Systems, Inc.)
FF Plugin: @Apple.com/iTunes,version=1.0 -> C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll [Keine Datei]
FF Plugin: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2011-07-19] (Foxit Corporation)
FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google)
FF Plugin: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files\Google\Picasa3\npPicasa3.dll [2014-01-06] (Google, Inc.)
FF Plugin: @java.com/DTPlugin,version=11.73.2 -> C:\Program Files\Java\jre1.8.0_73\bin\dtplugin\npDeployJava1.dll [2016-02-08] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.73.2 -> C:\Program Files\Java\jre1.8.0_73\bin\plugin2\npjp2.dll [2016-02-08] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50905.0\npctrl.dll [2017-02-10] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files\Microsoft\Office Live\npOLW.dll [2010-04-26] (Microsoft Corp.)
FF Plugin: @microsoft.com/WLPG,version=14.0.8081.0709 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2009-07-10] (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.23.9\npGoogleUpdate3.dll [Keine Datei]
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.23.9\npGoogleUpdate3.dll [Keine Datei]
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-12-23] (Adobe Systems Inc.)

Chrome: 
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\Klaus\AppData\Local\Google\Chrome\User Data\Default [2017-03-22]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Klaus\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2016-11-07]
CHR Extension: (Skype) - C:\Users\Klaus\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2017-03-08]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Klaus\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-02-08]
CHR HKLM\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - hxxps://clients2.google.com/service/update2/crx

==================== Dienste (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 chip1click; C:\Program Files\Chip Digital GmbH\chip1click\chip 1-click installer.exe [91136 2016-10-27] (Chip Digital GmbH) [Datei ist nicht signiert]
S3 DATEV Update-Service; C:\DATEV\PROGRAMM\INSTALL\DvInesASDSvc.Exe [147040 2009-12-03] (DATEV eG) [Datei ist nicht signiert]
R2 DatevPrintService; C:\DATEV\PROGRAMM\B0001442\PSNTSERV.EXE [77312 2008-11-24] (DATEV eG) [Datei ist nicht signiert]
S2 Garmin Device Interaction Service; C:\Program Files\Garmin\Device Interaction Service\GarminService.exe [1039376 2017-01-16] (Garmin Ltd. or its subsidiaries)
R2 ProtexisLicensing; C:\windows\system32\PSIService.exe [174656 2006-11-02] () [Datei ist nicht signiert]
R2 Rezip; C:\windows\SYSTEM32\Rezip.exe [311296 2009-03-05] () [Datei ist nicht signiert]
R2 RichVideo; C:\Program Files\CyberLink\Shared files\RichVideo.exe [247152 2009-07-07] ()
R2 TeamViewer; C:\Program Files\TeamViewer\TeamViewer_Service.exe [5702416 2015-09-11] (TeamViewer GmbH)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [271496 2016-07-16] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [84920 2017-03-04] (Microsoft Corporation)
S2 InstallerService; C:\Program Files\TrueKey\Mcafee.TrueKey.InstallerService.exe -originalversion 4.4.127.0 [X]

===================== Treiber (Nicht auf der Ausnahmeliste) ======================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [108032 2016-04-24] (Samsung Electronics Co., Ltd.)
R2 KMDFMEMIO; C:\WINDOWS\System32\DRIVERS\kmdfmemio.sys [13312 2007-06-01] (SAMSUNG ELECTRONICS CO., LTD.)
S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [62976 2016-07-16] ()
R3 rtl819xp; C:\WINDOWS\System32\drivers\rtl819xp.sys [552448 2016-07-16] (Realtek Semiconductor Corporation                           )
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [199936 2016-04-24] (Samsung Electronics Co., Ltd.)
R1 StarPortLite; C:\WINDOWS\System32\drivers\StarPortLite.sys [95592 2009-03-02] (Rocket Division Software)
R3 VMC326; C:\WINDOWS\System32\Drivers\VMC326.sys [237696 2009-08-10] (Vimicro Corporation)
S0 WdBoot; C:\WINDOWS\System32\drivers\WdBoot.sys [37912 2016-07-16] (Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\WdFilter.sys [244576 2016-07-16] (Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [100192 2016-07-16] (Microsoft Corporation)
R3 yukonw8; C:\WINDOWS\System32\drivers\yk63x86.sys [242688 2016-07-16] (Marvell)
U3 idsvc; kein ImagePath

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2017-03-22 15:07 - 2017-03-22 15:07 - 00020535 _____ C:\Users\Klaus\Desktop\FRST.txt
2017-03-22 15:01 - 2017-03-22 15:04 - 00031904 _____ C:\Users\Klaus\Desktop\SystemLook.txt
2017-03-22 14:59 - 2017-03-22 15:00 - 00139264 _____ C:\Users\Klaus\Desktop\SystemLook.exe
2017-03-22 14:45 - 2017-03-22 14:48 - 00009213 _____ C:\Users\Klaus\Desktop\Fixlog.txt
2017-03-22 09:32 - 2017-03-22 09:32 - 00000000 ___HD C:\OneDriveTemp
2017-03-21 11:33 - 2017-03-22 15:07 - 00000000 ____D C:\FRST
2017-03-21 11:31 - 2017-03-21 11:32 - 01766912 _____ (Farbar) C:\Users\Klaus\Desktop\FRST.exe
2017-03-21 10:58 - 2017-03-21 10:59 - 04031440 _____ C:\Users\Klaus\Downloads\AdwCleaner_6.044(1).exe
2017-03-21 10:56 - 2017-03-21 10:57 - 04031440 _____ C:\Users\Klaus\Desktop\AdwCleaner_6.044.exe
2017-03-20 18:31 - 2017-03-20 18:35 - 00047608 _____ C:\Users\Klaus\Downloads\SystemLook.txt
2017-03-18 16:48 - 2017-03-18 16:48 - 00000000 ____D C:\Users\Klaus\AppData\Local\Downloaded Installations
2017-03-18 16:48 - 2017-03-18 16:48 - 00000000 ____D C:\Program Files\Chip Digital GmbH
2017-03-18 16:45 - 2017-03-18 16:46 - 01496584 _____ C:\Users\Klaus\Downloads\McAfee Consumer Product Removal Tool - CHIP-Installer.exe
2017-03-18 16:25 - 2017-03-18 16:36 - 00000000 ____D C:\WINDOWS\Microsoft Antimalware
2017-03-18 16:03 - 2017-03-18 16:04 - 08681136 _____ (McAfee, Inc.) C:\Users\Klaus\Downloads\MCPR.exe
2017-03-18 09:15 - 2017-03-18 16:12 - 00000000 ____D C:\Program Files\Mozilla Firefox
2017-03-16 17:36 - 2017-03-16 17:36 - 00002233 _____ C:\Users\Public\Desktop\tax 2017.lnk
2017-03-16 17:36 - 2017-03-16 17:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\tax 2017
2017-03-15 17:51 - 2017-03-15 17:50 - 00095050 _____ C:\Users\Klaus\Documents\01-LorenzMaroldtMitte-Tour.gpx
2017-03-15 08:22 - 2017-03-04 08:57 - 01339744 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2017-03-15 08:22 - 2017-03-04 08:57 - 00980320 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2017-03-15 08:22 - 2017-03-04 08:57 - 00513888 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2017-03-15 08:22 - 2017-03-04 08:57 - 00450912 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2017-03-15 08:22 - 2017-03-04 08:57 - 00279392 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2017-03-15 08:22 - 2017-03-04 08:57 - 00229720 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcntel.dll
2017-03-15 08:22 - 2017-03-04 08:57 - 00192352 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2017-03-15 08:22 - 2017-03-04 08:57 - 00113504 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2017-03-15 08:22 - 2017-03-04 08:57 - 00073056 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2017-03-15 08:22 - 2017-03-04 08:57 - 00031584 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2017-03-15 08:22 - 2017-03-04 08:40 - 00965472 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReAgent.dll
2017-03-15 08:22 - 2017-03-04 08:09 - 00890984 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2017-03-15 08:22 - 2017-03-04 08:09 - 00320144 _____ (Microsoft Corporation) C:\WINDOWS\system32\systemreset.exe
2017-03-15 08:22 - 2017-03-04 08:08 - 01725136 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2017-03-15 08:22 - 2017-03-04 08:08 - 00036704 _____ (Microsoft Corporation) C:\WINDOWS\system32\SysResetErr.exe
2017-03-15 08:22 - 2017-03-04 07:59 - 00869728 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2017-03-15 08:22 - 2017-03-04 07:59 - 00274272 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinSetupUI.dll
2017-03-15 08:22 - 2017-03-04 07:57 - 00581672 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2017-03-15 08:22 - 2017-03-04 07:54 - 02277288 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll
2017-03-15 08:22 - 2017-03-04 07:54 - 00524776 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2017-03-15 08:22 - 2017-03-04 07:53 - 05722320 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2017-03-15 08:22 - 2017-03-04 07:53 - 00313568 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanapi.dll
2017-03-15 08:22 - 2017-03-04 07:51 - 01980768 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2017-03-15 08:22 - 2017-03-04 07:51 - 00523784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2017-03-15 08:22 - 2017-03-04 07:51 - 00399712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2017-03-15 08:22 - 2017-03-04 07:51 - 00186720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2017-03-15 08:22 - 2017-03-04 07:50 - 00846560 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2017-03-15 08:22 - 2017-03-04 07:50 - 00355680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2017-03-15 08:22 - 2017-03-04 07:47 - 06667528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2017-03-15 08:22 - 2017-03-04 07:46 - 04312248 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2017-03-15 08:22 - 2017-03-04 07:45 - 00117280 _____ (Microsoft Corporation) C:\WINDOWS\system32\AuthHost.exe
2017-03-15 08:22 - 2017-03-04 07:42 - 01411616 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2017-03-15 08:22 - 2017-03-04 07:42 - 01260784 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2017-03-15 08:22 - 2017-03-04 07:31 - 00027648 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsUpdateElevatedInstaller.exe
2017-03-15 08:22 - 2017-03-04 07:30 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchWinApp.exe
2017-03-15 08:22 - 2017-03-04 07:28 - 00045568 _____ (Microsoft Corporation) C:\WINDOWS\system32\BluetoothDesktopHandlers.dll
2017-03-15 08:22 - 2017-03-04 07:28 - 00041984 _____ (Microsoft Corporation) C:\WINDOWS\system32\musdialoghandlers.dll
2017-03-15 08:22 - 2017-03-04 07:26 - 00430080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nwifi.sys
2017-03-15 08:22 - 2017-03-04 07:26 - 00119296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Family.Client.dll
2017-03-15 08:22 - 2017-03-04 07:26 - 00038912 _____ (Microsoft Corporation) C:\WINDOWS\system32\wfdprov.dll
2017-03-15 08:22 - 2017-03-04 07:25 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\system32\BrowserSettingSync.dll
2017-03-15 08:22 - 2017-03-04 07:24 - 00395264 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansec.dll
2017-03-15 08:22 - 2017-03-04 07:24 - 00186880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Family.SyncEngine.dll
2017-03-15 08:22 - 2017-03-04 07:24 - 00129024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.SerialCommunication.dll
2017-03-15 08:22 - 2017-03-04 07:22 - 01299968 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVPXENC.dll
2017-03-15 08:22 - 2017-03-04 07:22 - 00774144 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll
2017-03-15 08:22 - 2017-03-04 07:22 - 00414208 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2017-03-15 08:22 - 2017-03-04 07:22 - 00271872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.SmartCards.Phone.dll
2017-03-15 08:22 - 2017-03-04 07:22 - 00265728 _____ C:\WINDOWS\system32\Windows.Perception.Stub.dll
2017-03-15 08:22 - 2017-03-04 07:22 - 00231424 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudBackupSettings.dll
2017-03-15 08:22 - 2017-03-04 07:22 - 00230912 _____ (Microsoft Corporation) C:\WINDOWS\system32\icm32.dll
2017-03-15 08:22 - 2017-03-04 07:22 - 00216576 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeveloperOptionsSettingsHandlers.dll
2017-03-15 08:22 - 2017-03-04 07:22 - 00113152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dfsc.sys
2017-03-15 08:22 - 2017-03-04 07:21 - 01243136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.FaceAnalysis.dll
2017-03-15 08:22 - 2017-03-04 07:21 - 00631296 _____ (Microsoft Corporation) C:\WINDOWS\system32\main.cpl
2017-03-15 08:22 - 2017-03-04 07:21 - 00389632 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2017-03-15 08:22 - 2017-03-04 07:20 - 00632832 _____ (Microsoft Corporation) C:\WINDOWS\system32\sud.dll
2017-03-15 08:22 - 2017-03-04 07:20 - 00518656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdiWiFi.sys
2017-03-15 08:22 - 2017-03-04 07:20 - 00506880 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevicePairing.dll
2017-03-15 08:22 - 2017-03-04 07:20 - 00368128 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanui.dll
2017-03-15 08:22 - 2017-03-04 07:19 - 00498688 _____ (Microsoft Corporation) C:\WINDOWS\system32\mbsmsapi.dll
2017-03-15 08:22 - 2017-03-04 07:19 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Picker.dll
2017-03-15 08:22 - 2017-03-04 07:18 - 00896512 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontext.dll
2017-03-15 08:22 - 2017-03-04 07:18 - 00387072 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.UserAccountsHandlers.dll
2017-03-15 08:22 - 2017-03-04 07:17 - 01110016 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModel.dll
2017-03-15 08:22 - 2017-03-04 07:16 - 00994304 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplicationFrame.dll
2017-03-15 08:22 - 2017-03-04 07:16 - 00760832 _____ (Microsoft Corporation) C:\WINDOWS\system32\appwiz.cpl
2017-03-15 08:22 - 2017-03-04 07:16 - 00636928 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
2017-03-15 08:22 - 2017-03-04 07:16 - 00623616 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2017-03-15 08:22 - 2017-03-04 07:16 - 00526336 _____ (Microsoft Corporation) C:\WINDOWS\system32\mscms.dll
2017-03-15 08:22 - 2017-03-04 07:15 - 00313856 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2017-03-15 08:22 - 2017-03-04 07:13 - 07626752 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2017-03-15 08:22 - 2017-03-04 07:13 - 06474752 _____ (Microsoft Corporation) C:\WINDOWS\system32\mspaint.exe
2017-03-15 08:22 - 2017-03-04 07:13 - 03733504 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_47.dll
2017-03-15 08:22 - 2017-03-04 07:13 - 02458112 _____ (Microsoft Corporation) C:\WINDOWS\system32\themecpl.dll
2017-03-15 08:22 - 2017-03-04 07:13 - 01104896 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpeechPal.dll
2017-03-15 08:22 - 2017-03-04 07:12 - 00589312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Sensors.dll
2017-03-15 08:22 - 2017-03-04 07:11 - 00355328 _____ (Microsoft Corporation) C:\WINDOWS\system32\RTMediaFrame.dll
2017-03-15 08:22 - 2017-03-04 07:10 - 00300544 _____ (Microsoft Corporation) C:\WINDOWS\regedit.exe
2017-03-15 08:22 - 2017-03-04 07:10 - 00144384 _____ (Microsoft Corporation) C:\WINDOWS\system32\RelPost.exe
2017-03-15 08:22 - 2017-03-04 07:09 - 00945664 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2017-03-15 08:22 - 2017-03-04 07:09 - 00795648 _____ (Microsoft Corporation) C:\WINDOWS\system32\MiracastReceiver.dll
2017-03-15 08:22 - 2017-03-04 07:09 - 00570368 _____ (Microsoft Corporation) C:\WINDOWS\system32\clusapi.dll
2017-03-15 08:22 - 2017-03-04 07:09 - 00192000 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhengine.dll
2017-03-15 08:22 - 2017-03-04 07:09 - 00123904 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProximityCommon.dll
2017-03-15 08:22 - 2017-03-04 07:08 - 12349952 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2017-03-15 08:22 - 2017-03-04 07:08 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhcfg.dll
2017-03-15 08:22 - 2017-03-04 07:07 - 02748928 _____ (Microsoft Corporation) C:\WINDOWS\system32\mispace.dll
2017-03-15 08:22 - 2017-03-04 07:07 - 02643456 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2017-03-15 08:22 - 2017-03-04 07:07 - 01255936 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2017-03-15 08:22 - 2017-03-04 07:07 - 00582656 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpaceControl.dll
2017-03-15 08:22 - 2017-03-04 07:07 - 00551424 _____ (Microsoft Corporation) C:\WINDOWS\system32\vds.exe
2017-03-15 08:22 - 2017-03-04 07:07 - 00495104 _____ (Microsoft Corporation) C:\WINDOWS\system32\BootMenuUX.dll
2017-03-15 08:22 - 2017-03-04 07:07 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhtask.dll
2017-03-15 08:22 - 2017-03-04 07:06 - 03774464 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2017-03-15 08:22 - 2017-03-04 07:06 - 02153984 _____ (Microsoft Corporation) C:\WINDOWS\system32\storagewmi.dll
2017-03-15 08:22 - 2017-03-04 07:06 - 01017856 _____ (Microsoft Corporation) C:\WINDOWS\system32\VSSVC.exe
2017-03-15 08:22 - 2017-03-04 07:05 - 01133568 _____ (Microsoft Corporation) C:\WINDOWS\system32\vssapi.dll
2017-03-15 08:22 - 2017-03-04 07:05 - 00339968 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhsettingsprovider.dll
2017-03-15 08:22 - 2017-03-04 07:05 - 00298496 _____ (Microsoft Corporation) C:\WINDOWS\system32\resutils.dll
2017-03-15 08:22 - 2017-03-04 07:05 - 00113152 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpaceAgent.exe
2017-03-15 08:22 - 2017-03-04 07:04 - 01136128 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2017-03-15 08:22 - 2017-03-04 07:04 - 00640000 _____ (Microsoft Corporation) C:\WINDOWS\system32\MCRecvSrc.dll
2017-03-15 08:22 - 2017-03-04 07:02 - 04423680 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
2017-03-15 08:22 - 2017-03-04 07:02 - 02484736 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameux.dll
2017-03-15 08:22 - 2017-03-04 07:02 - 01997824 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2017-03-15 08:22 - 2017-03-04 07:02 - 01170944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.dll
2017-03-15 08:22 - 2017-03-04 07:02 - 00580608 _____ (Microsoft Corporation) C:\WINDOWS\system32\hgcpl.dll
2017-03-15 08:22 - 2017-03-04 07:01 - 01988096 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2017-03-15 08:22 - 2017-03-04 07:01 - 01556992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2017-03-15 08:22 - 2017-03-04 07:01 - 00773120 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2017-03-15 08:22 - 2017-03-04 07:01 - 00560640 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserLanguagesCpl.dll
2017-03-15 08:22 - 2017-03-04 07:01 - 00422400 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.dll
2017-03-15 08:22 - 2017-03-04 07:00 - 04557824 _____ (Microsoft) C:\WINDOWS\system32\dbgeng.dll
2017-03-15 08:22 - 2017-03-04 07:00 - 02996736 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2017-03-15 08:22 - 2017-03-04 07:00 - 02003968 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2017-03-15 08:22 - 2017-03-04 07:00 - 01524224 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2017-03-15 08:22 - 2017-03-04 07:00 - 01121280 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2017-03-15 08:22 - 2017-03-04 07:00 - 00798208 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2017-03-15 08:22 - 2017-03-04 07:00 - 00654336 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApiPublic.dll
2017-03-15 08:22 - 2017-03-04 06:57 - 01438720 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.dll
2017-03-15 08:22 - 2017-03-04 06:57 - 00449024 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmCoreProvisioning.dll
2017-03-15 08:21 - 2017-03-04 08:57 - 00484584 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2017-03-15 08:21 - 2017-03-04 08:57 - 00315744 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2017-03-15 08:21 - 2017-03-04 08:46 - 00448864 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContentDeliveryManager.Utilities.dll
2017-03-15 08:21 - 2017-03-04 08:09 - 02206496 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2017-03-15 08:21 - 2017-03-04 08:09 - 01969912 _____ (Microsoft Corporation) C:\WINDOWS\system32\hevcdecoder.dll
2017-03-15 08:21 - 2017-03-04 08:09 - 00783552 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2017-03-15 08:21 - 2017-03-04 08:09 - 00092000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys
2017-03-15 08:21 - 2017-03-04 08:07 - 01073816 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2017-03-15 08:21 - 2017-03-04 08:07 - 00945760 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2017-03-15 08:21 - 2017-03-04 08:06 - 01956704 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2017-03-15 08:21 - 2017-03-04 08:06 - 00341336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Classpnp.sys
2017-03-15 08:21 - 2017-03-04 08:06 - 00106336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\partmgr.sys
2017-03-15 08:21 - 2017-03-04 08:04 - 02048496 _____ C:\WINDOWS\system32\CoreUIComponents.dll
2017-03-15 08:21 - 2017-03-04 08:03 - 00583136 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2017-03-15 08:21 - 2017-03-04 08:02 - 00950112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2017-03-15 08:21 - 2017-03-04 07:59 - 00055136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dam.sys
2017-03-15 08:21 - 2017-03-04 07:56 - 00248992 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanager.dll
2017-03-15 08:21 - 2017-03-04 07:54 - 01897824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2017-03-15 08:21 - 2017-03-04 07:53 - 02256080 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2017-03-15 08:21 - 2017-03-04 07:53 - 00975744 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2017-03-15 08:21 - 2017-03-04 07:53 - 00551264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2017-03-15 08:21 - 2017-03-04 07:53 - 00493912 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2017-03-15 08:21 - 2017-03-04 07:52 - 00272720 _____ (Microsoft Corporation) C:\WINDOWS\system32\wintrust.dll
2017-03-15 08:21 - 2017-03-04 07:51 - 00576408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2017-03-15 08:21 - 2017-03-04 07:51 - 00458592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2017-03-15 08:21 - 2017-03-04 07:51 - 00454496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2017-03-15 08:21 - 2017-03-04 07:50 - 00100704 _____ (Microsoft Corporation) C:\WINDOWS\system32\icfupgd.dll
2017-03-15 08:21 - 2017-03-04 07:47 - 20969928 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2017-03-15 08:21 - 2017-03-04 07:47 - 01557808 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2017-03-15 08:21 - 2017-03-04 07:47 - 00530480 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2017-03-15 08:21 - 2017-03-04 07:47 - 00432336 _____ (Microsoft Corporation) C:\WINDOWS\system32\DMRServer.dll
2017-03-15 08:21 - 2017-03-04 07:47 - 00374448 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFPlay.dll
2017-03-15 08:21 - 2017-03-04 07:47 - 00352760 _____ (Microsoft Corporation) C:\WINDOWS\system32\MMDevAPI.dll
2017-03-15 08:21 - 2017-03-04 07:47 - 00034088 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompPkgSup.dll
2017-03-15 08:21 - 2017-03-04 07:46 - 01384704 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2017-03-15 08:21 - 2017-03-04 07:46 - 01224104 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcMon.exe
2017-03-15 08:21 - 2017-03-04 07:46 - 00321792 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppHost.exe
2017-03-15 08:21 - 2017-03-04 07:46 - 00198496 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHost.dll
2017-03-15 08:21 - 2017-03-04 07:46 - 00125792 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostBroker.dll
2017-03-15 08:21 - 2017-03-04 07:45 - 00173408 _____ (Microsoft Corporation) C:\WINDOWS\system32\basecsp.dll
2017-03-15 08:21 - 2017-03-04 07:45 - 00112120 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpapi.dll
2017-03-15 08:21 - 2017-03-04 07:45 - 00093984 _____ (Microsoft Corporation) C:\WINDOWS\system32\phoneactivate.exe
2017-03-15 08:21 - 2017-03-04 07:42 - 00545944 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2017-03-15 08:21 - 2017-03-04 07:42 - 00276832 _____ (Microsoft Corporation) C:\WINDOWS\system32\input.dll
2017-03-15 08:21 - 2017-03-04 07:36 - 05685760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2017-03-15 08:21 - 2017-03-04 07:30 - 00095232 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTimeUtil.dll
2017-03-15 08:21 - 2017-03-04 07:30 - 00051712 _____ (Microsoft Corporation) C:\WINDOWS\system32\usoapi.dll
2017-03-15 08:21 - 2017-03-04 07:30 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\odbcconf.dll
2017-03-15 08:21 - 2017-03-04 07:29 - 00112640 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssitlb.dll
2017-03-15 08:21 - 2017-03-04 07:29 - 00091648 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctfp.dll
2017-03-15 08:21 - 2017-03-04 07:29 - 00075264 _____ (Microsoft Corporation) C:\WINDOWS\system32\DuCsps.dll
2017-03-15 08:21 - 2017-03-04 07:28 - 00216576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\xboxgip.sys
2017-03-15 08:21 - 2017-03-04 07:27 - 00192512 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2017-03-15 08:21 - 2017-03-04 07:27 - 00123392 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcertinst.exe
2017-03-15 08:21 - 2017-03-04 07:27 - 00108544 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblGameSaveExt.dll
2017-03-15 08:21 - 2017-03-04 07:27 - 00055296 _____ (Microsoft Corporation) C:\WINDOWS\system32\findnetprinters.dll
2017-03-15 08:21 - 2017-03-04 07:27 - 00045056 _____ (Microsoft Corporation) C:\WINDOWS\system32\ddrawex.dll
2017-03-15 08:21 - 2017-03-04 07:26 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbonRes.dll
2017-03-15 08:21 - 2017-03-04 07:26 - 00215040 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_WorkAccess.dll
2017-03-15 08:21 - 2017-03-04 07:26 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDeviceRegistration.dll
2017-03-15 08:21 - 2017-03-04 07:26 - 00073216 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2017-03-15 08:21 - 2017-03-04 07:25 - 00519680 _____ (Microsoft Corporation) C:\WINDOWS\system32\vpnike.dll
2017-03-15 08:21 - 2017-03-04 07:25 - 00251904 _____ (Microsoft Corporation) C:\WINDOWS\system32\mscandui.dll
2017-03-15 08:21 - 2017-03-04 07:25 - 00175104 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiapi.dll
2017-03-15 08:21 - 2017-03-04 07:25 - 00073216 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzautoupdate.dll
2017-03-15 08:21 - 2017-03-04 07:25 - 00057344 _____ (Microsoft Corporation) C:\WINDOWS\system32\WPDShServiceObj.dll
2017-03-15 08:21 - 2017-03-04 07:25 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\tbauth.dll
2017-03-15 08:21 - 2017-03-04 07:24 - 00328192 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2017-03-15 08:21 - 2017-03-04 07:24 - 00223232 _____ (Microsoft Corporation) C:\WINDOWS\system32\scksp.dll
2017-03-15 08:21 - 2017-03-04 07:24 - 00093184 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctfui.dll
2017-03-15 08:21 - 2017-03-04 07:24 - 00088576 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDeviceRegistration.Ngc.dll
2017-03-15 08:21 - 2017-03-04 07:24 - 00022016 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBrokerCookies.exe
2017-03-15 08:21 - 2017-03-04 07:23 - 00374784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.LowLevel.dll
2017-03-15 08:21 - 2017-03-04 07:23 - 00315904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Gaming.XboxLive.Storage.dll
2017-03-15 08:21 - 2017-03-04 07:23 - 00291840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Search.ProtocolHandler.MAPI2.dll
2017-03-15 08:21 - 2017-03-04 07:23 - 00231936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.LockScreen.dll
2017-03-15 08:21 - 2017-03-04 07:23 - 00184320 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserMgrProxy.dll
2017-03-15 08:21 - 2017-03-04 07:23 - 00172032 _____ (Microsoft Corporation) C:\WINDOWS\system32\netiohlp.dll
2017-03-15 08:21 - 2017-03-04 07:23 - 00102912 _____ (Microsoft Corporation) C:\WINDOWS\system32\appinfo.dll
2017-03-15 08:21 - 2017-03-04 07:22 - 00237568 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncSettings.dll
2017-03-15 08:21 - 2017-03-04 07:22 - 00183296 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFilterHost.exe
2017-03-15 08:21 - 2017-03-04 07:22 - 00117760 _____ (Microsoft Corporation) C:\WINDOWS\system32\AuthBroker.dll
2017-03-15 08:21 - 2017-03-04 07:22 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\DafPrintProvider.dll
2017-03-15 08:21 - 2017-03-04 07:21 - 00670208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.PointOfService.dll
2017-03-15 08:21 - 2017-03-04 07:21 - 00579072 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblAuthManager.dll
2017-03-15 08:21 - 2017-03-04 07:21 - 00483840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.AllJoyn.dll
2017-03-15 08:21 - 2017-03-04 07:21 - 00445952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.UX.EapRequestHandler.dll
2017-03-15 08:21 - 2017-03-04 07:21 - 00196608 _____ (Microsoft Corporation) C:\WINDOWS\system32\tapi32.dll
2017-03-15 08:21 - 2017-03-04 07:20 - 00562176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.SmartCards.dll
2017-03-15 08:21 - 2017-03-04 07:20 - 00534528 _____ (Microsoft Corporation) C:\WINDOWS\system32\PCPTpm12.dll
2017-03-15 08:21 - 2017-03-04 07:20 - 00426496 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneDriveSettingSyncProvider.dll
2017-03-15 08:21 - 2017-03-04 07:20 - 00424960 _____ (Microsoft Corporation) C:\WINDOWS\system32\msutb.dll
2017-03-15 08:21 - 2017-03-04 07:20 - 00386048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.WiFiDirect.dll
2017-03-15 08:21 - 2017-03-04 07:20 - 00325120 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleacc.dll
2017-03-15 08:21 - 2017-03-04 07:20 - 00322560 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpAXHolder.dll
2017-03-15 08:21 - 2017-03-04 07:20 - 00284672 _____ (Microsoft Corporation) C:\WINDOWS\system32\apprepsync.dll
2017-03-15 08:21 - 2017-03-04 07:20 - 00206336 _____ (Microsoft Corporation) C:\WINDOWS\system32\vaultcli.dll
2017-03-15 08:21 - 2017-03-04 07:20 - 00175616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Scanners.dll
2017-03-15 08:21 - 2017-03-04 07:20 - 00161792 _____ (Microsoft Corporation) C:\WINDOWS\system32\certprop.dll
2017-03-15 08:21 - 2017-03-04 07:20 - 00125952 _____ (Microsoft Corporation) C:\WINDOWS\system32\apprepapi.dll
2017-03-15 08:21 - 2017-03-04 07:19 - 00790528 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2017-03-15 08:21 - 2017-03-04 07:19 - 00714752 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssvp.dll
2017-03-15 08:21 - 2017-03-04 07:19 - 00704512 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblGameSave.dll
2017-03-15 08:21 - 2017-03-04 07:19 - 00414208 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2017-03-15 08:21 - 2017-03-04 07:19 - 00390656 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredProvDataModel.dll
2017-03-15 08:21 - 2017-03-04 07:19 - 00318464 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFolder.dll
2017-03-15 08:21 - 2017-03-04 07:19 - 00277504 _____ (Microsoft Corporation) C:\WINDOWS\system32\icsvcext.dll
2017-03-15 08:21 - 2017-03-04 07:19 - 00273920 _____ (Microsoft Corporation) C:\WINDOWS\system32\PrintDialogs3D.dll
2017-03-15 08:21 - 2017-03-04 07:19 - 00214528 _____ (Microsoft Corporation) C:\WINDOWS\system32\ubpm.dll
2017-03-15 08:21 - 2017-03-04 07:18 - 01378304 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2017-03-15 08:21 - 2017-03-04 07:18 - 00828928 _____ (Microsoft Corporation) C:\WINDOWS\system32\XboxNetApiSvc.dll
2017-03-15 08:21 - 2017-03-04 07:18 - 00819200 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppContracts.dll
2017-03-15 08:21 - 2017-03-04 07:18 - 00548352 _____ (Microsoft Corporation) C:\WINDOWS\system32\ddraw.dll
2017-03-15 08:21 - 2017-03-04 07:18 - 00525824 _____ (Microsoft Corporation) C:\WINDOWS\system32\PrintDialogs.dll
2017-03-15 08:21 - 2017-03-04 07:18 - 00517632 _____ (Microsoft Corporation) C:\WINDOWS\system32\FlightSettings.dll
2017-03-15 08:21 - 2017-03-04 07:18 - 00284672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.dll
2017-03-15 08:21 - 2017-03-04 07:18 - 00254464 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssphtb.dll
2017-03-15 08:21 - 2017-03-04 07:18 - 00140800 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssph.dll
2017-03-15 08:21 - 2017-03-04 07:18 - 00074752 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll
2017-03-15 08:21 - 2017-03-04 07:17 - 00827392 _____ (Microsoft Corporation) C:\WINDOWS\system32\iphlpsvc.dll
2017-03-15 08:21 - 2017-03-04 07:17 - 00482304 _____ (Microsoft Corporation) C:\WINDOWS\system32\ipnathlp.dll
2017-03-15 08:21 - 2017-03-04 07:17 - 00425472 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2017-03-15 08:21 - 2017-03-04 07:17 - 00297472 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2017-03-15 08:21 - 2017-03-04 07:17 - 00256512 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2017-03-15 08:21 - 2017-03-04 07:17 - 00218112 _____ (Microsoft Corporation) C:\WINDOWS\system32\sharemediacpl.dll
2017-03-15 08:21 - 2017-03-04 07:16 - 01456640 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2017-03-15 08:21 - 2017-03-04 07:16 - 01013248 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2017-03-15 08:21 - 2017-03-04 07:16 - 00858112 _____ (Microsoft Corporation) C:\WINDOWS\system32\EmailApis.dll
2017-03-15 08:21 - 2017-03-04 07:16 - 00846336 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebcamUi.dll
2017-03-15 08:21 - 2017-03-04 07:16 - 00816640 _____ (Microsoft Corporation) C:\WINDOWS\system32\NaturalLanguage6.dll
2017-03-15 08:21 - 2017-03-04 07:16 - 00711680 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2017-03-15 08:21 - 2017-03-04 07:16 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2017-03-15 08:21 - 2017-03-04 07:16 - 00565248 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2017-03-15 08:21 - 2017-03-04 07:16 - 00561664 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmans.dll
2017-03-15 08:21 - 2017-03-04 07:16 - 00473600 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2017-03-15 08:21 - 2017-03-04 07:16 - 00368128 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiobj.dll
2017-03-15 08:21 - 2017-03-04 07:16 - 00288256 _____ (Microsoft Corporation) C:\WINDOWS\system32\CryptoWinRT.dll
2017-03-15 08:21 - 2017-03-04 07:16 - 00242688 _____ (Microsoft Corporation) C:\WINDOWS\system32\NgcCtnrSvc.dll
2017-03-15 08:21 - 2017-03-04 07:15 - 00336384 _____ (Microsoft Corporation) C:\WINDOWS\system32\azroleui.dll
2017-03-15 08:21 - 2017-03-04 07:14 - 01534464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Printing.3D.dll
2017-03-15 08:21 - 2017-03-04 07:14 - 00236032 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmWmiPl.dll
2017-03-15 08:21 - 2017-03-04 07:14 - 00151552 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXApplicabilityBlob.dll
2017-03-15 08:21 - 2017-03-04 07:13 - 01228288 _____ (Microsoft Corporation) C:\WINDOWS\system32\usercpl.dll
2017-03-15 08:21 - 2017-03-04 07:13 - 01056768 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll
2017-03-15 08:21 - 2017-03-04 07:13 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppointmentApis.dll
2017-03-15 08:21 - 2017-03-04 07:13 - 00653312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.AccountsControl.dll
2017-03-15 08:21 - 2017-03-04 07:13 - 00608768 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
2017-03-15 08:21 - 2017-03-04 07:12 - 01842688 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnidui.dll
2017-03-15 08:21 - 2017-03-04 07:12 - 00884224 _____ (Microsoft Corporation) C:\WINDOWS\HelpPane.exe
2017-03-15 08:21 - 2017-03-04 07:12 - 00818176 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2017-03-15 08:21 - 2017-03-04 07:12 - 00700416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Storage.Search.dll
2017-03-15 08:21 - 2017-03-04 07:11 - 01320448 _____ (Microsoft Corporation) C:\WINDOWS\system32\comsvcs.dll
2017-03-15 08:21 - 2017-03-04 07:11 - 01284096 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdtctm.dll
2017-03-15 08:21 - 2017-03-04 07:11 - 00343552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys
2017-03-15 08:21 - 2017-03-04 07:10 - 01098752 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpsvc.dll
2017-03-15 08:21 - 2017-03-04 07:10 - 00471552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.BackgroundMediaPlayback.dll
2017-03-15 08:21 - 2017-03-04 07:09 - 00343040 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToDevice.dll
2017-03-15 08:21 - 2017-03-04 07:08 - 00713216 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnapps.dll
2017-03-15 08:21 - 2017-03-04 07:07 - 01406976 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationFramework.dll
2017-03-15 08:21 - 2017-03-04 07:07 - 00895488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.dll
2017-03-15 08:21 - 2017-03-04 07:07 - 00085504 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpninprc.dll
2017-03-15 08:21 - 2017-03-04 07:06 - 06109184 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2017-03-15 08:21 - 2017-03-04 07:06 - 05380608 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2017-03-15 08:21 - 2017-03-04 07:06 - 03198464 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
2017-03-15 08:21 - 2017-03-04 07:06 - 01382400 _____ (Microsoft Corporation) C:\WINDOWS\system32\workfolderssvc.dll
2017-03-15 08:21 - 2017-03-04 07:06 - 00090624 _____ (Microsoft Corporation) C:\WINDOWS\system32\olepro32.dll
2017-03-15 08:21 - 2017-03-04 07:05 - 07468544 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2017-03-15 08:21 - 2017-03-04 07:05 - 03520512 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsrchvw.exe
2017-03-15 08:21 - 2017-03-04 07:05 - 00194560 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkFoldersShell.dll
2017-03-15 08:21 - 2017-03-04 07:05 - 00089600 _____ (Microsoft Corporation) C:\WINDOWS\system32\CameraCaptureUI.dll
2017-03-15 08:21 - 2017-03-04 07:05 - 00086016 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkFoldersGPExt.dll
2017-03-15 08:21 - 2017-03-04 07:03 - 02363904 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapRouter.dll
2017-03-15 08:21 - 2017-03-04 07:03 - 02109952 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapGeocoder.dll
2017-03-15 08:21 - 2017-03-04 07:03 - 00400384 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToManager.dll
2017-03-15 08:21 - 2017-03-04 07:03 - 00359936 _____ (Microsoft Corporation) C:\WINDOWS\system32\mtxclu.dll
2017-03-15 08:21 - 2017-03-04 07:02 - 02740224 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll
2017-03-15 08:21 - 2017-03-04 07:02 - 01949696 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2017-03-15 08:21 - 2017-03-04 07:02 - 01485824 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2017-03-15 08:21 - 2017-03-04 07:02 - 01155072 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVP9DEC.dll
2017-03-15 08:21 - 2017-03-04 07:02 - 01004544 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Input.Inking.dll
2017-03-15 08:21 - 2017-03-04 07:02 - 00707072 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
2017-03-15 08:21 - 2017-03-04 07:01 - 03478528 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbon.dll
2017-03-15 08:21 - 2017-03-04 07:01 - 02646528 _____ (Microsoft Corporation) C:\WINDOWS\system32\CertEnroll.dll
2017-03-15 08:21 - 2017-03-04 07:01 - 01993216 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2017-03-15 08:21 - 2017-03-04 07:01 - 01656320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Perception.dll
2017-03-15 08:21 - 2017-03-04 07:01 - 01595904 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2017-03-15 08:21 - 2017-03-04 07:01 - 01571840 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2017-03-15 08:21 - 2017-03-04 07:01 - 01564160 _____ (Microsoft Corporation) C:\WINDOWS\system32\quartz.dll
2017-03-15 08:21 - 2017-03-04 07:01 - 01493504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wpc.dll
2017-03-15 08:21 - 2017-03-04 07:01 - 01293312 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPDMC.exe
2017-03-15 08:21 - 2017-03-04 07:01 - 00941568 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2017-03-15 08:21 - 2017-03-04 07:01 - 00827904 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll
2017-03-15 08:21 - 2017-03-04 07:01 - 00666624 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkfoldersControl.dll
2017-03-15 08:21 - 2017-03-04 07:01 - 00620544 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
2017-03-15 08:21 - 2017-03-04 07:01 - 00566784 _____ (Microsoft Corporation) C:\WINDOWS\system32\ShareHost.dll
2017-03-15 08:21 - 2017-03-04 07:01 - 00094208 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkFolders.exe
2017-03-15 08:21 - 2017-03-04 07:00 - 02483200 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2017-03-15 08:21 - 2017-03-04 07:00 - 01888256 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2017-03-15 08:21 - 2017-03-04 07:00 - 01235968 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2017-03-15 08:21 - 2017-03-04 07:00 - 00862208 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2017-03-15 08:21 - 2017-03-04 07:00 - 00711680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
2017-03-15 08:21 - 2017-03-04 07:00 - 00691200 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2017-03-15 08:21 - 2017-03-04 07:00 - 00529408 _____ (Microsoft Corporation) C:\WINDOWS\system32\spoolsv.exe
2017-03-15 08:21 - 2017-03-04 06:59 - 01252352 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataService.dll
2017-03-15 08:21 - 2017-03-04 06:57 - 03106304 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstsc.exe
2017-03-15 08:21 - 2017-03-04 06:57 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\system32\spaceman.exe
2017-03-15 08:21 - 2016-07-16 02:45 - 00014848 _____ (Microsoft Corporation) C:\WINDOWS\system32\CspCellularSettings.dll
2017-03-15 08:21 - 2016-07-16 02:43 - 00102912 _____ (Microsoft Corporation) C:\WINDOWS\system32\CfgSPCellular.dll
2017-03-15 08:21 - 2016-07-16 02:43 - 00100352 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseAPNCsp.dll
2017-03-15 08:20 - 2017-03-04 08:44 - 00685440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Shell.Broker.dll
2017-03-15 08:20 - 2017-03-04 08:41 - 00078176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\IPMIDrv.sys
2017-03-15 08:20 - 2017-03-04 08:09 - 00497416 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll
2017-03-15 08:20 - 2017-03-04 08:08 - 05999968 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2017-03-15 08:20 - 2017-03-04 08:04 - 01362512 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpmde.dll
2017-03-15 08:20 - 2017-03-04 08:02 - 00184416 _____ (Microsoft Corporation) C:\WINDOWS\system32\IPHLPAPI.DLL
2017-03-15 08:20 - 2017-03-04 08:02 - 00095584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tdx.sys
2017-03-15 08:20 - 2017-03-04 07:56 - 00263472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Storage.ApplicationData.dll
2017-03-15 08:20 - 2017-03-04 07:54 - 00290272 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2017-03-15 08:20 - 2017-03-04 07:53 - 01431232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2017-03-15 08:20 - 2017-03-04 07:53 - 00861024 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2017-03-15 08:20 - 2017-03-04 07:53 - 00781152 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2017-03-15 08:20 - 2017-03-04 07:53 - 00342880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2017-03-15 08:20 - 2017-03-04 07:52 - 00111968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storahci.sys
2017-03-15 08:20 - 2017-03-04 07:51 - 00086360 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvsocket.sys
2017-03-15 08:20 - 2017-03-04 07:51 - 00060768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmbkmcl.sys
2017-03-15 08:20 - 2017-03-04 07:47 - 04023000 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2017-03-15 08:20 - 2017-03-04 07:47 - 01853224 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2017-03-15 08:20 - 2017-03-04 07:47 - 01360456 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetsrc.dll
2017-03-15 08:20 - 2017-03-04 07:47 - 01344448 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsrcsnk.dll
2017-03-15 08:20 - 2017-03-04 07:47 - 01277856 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
2017-03-15 08:20 - 2017-03-04 07:47 - 01202384 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2017-03-15 08:20 - 2017-03-04 07:47 - 01123912 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2017-03-15 08:20 - 2017-03-04 07:47 - 00981376 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetcore.dll
2017-03-15 08:20 - 2017-03-04 07:47 - 00976184 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfds.dll
2017-03-15 08:20 - 2017-03-04 07:47 - 00952416 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2017-03-15 08:20 - 2017-03-04 07:40 - 01967968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2017-03-15 08:20 - 2017-03-04 07:40 - 00306800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.MediaControl.dll
2017-03-15 08:20 - 2017-03-04 07:34 - 00281088 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXTaskFactory.dll
2017-03-15 08:20 - 2017-03-04 07:30 - 01631232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll
2017-03-15 08:20 - 2017-03-04 07:29 - 00039424 _____ (Microsoft Corporation) C:\WINDOWS\system32\XInputUap.dll
2017-03-15 08:20 - 2017-03-04 07:29 - 00020992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mskssrv.sys
2017-03-15 08:20 - 2017-03-04 07:28 - 00224256 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExSMime.dll
2017-03-15 08:20 - 2017-03-04 07:27 - 00275968 _____ (Microsoft Corporation) C:\WINDOWS\system32\accountaccessor.dll
2017-03-15 08:20 - 2017-03-04 07:27 - 00141824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Radios.dll
2017-03-15 08:20 - 2017-03-04 07:27 - 00100864 _____ (Microsoft Corporation) C:\WINDOWS\system32\MediaFoundation.DefaultPerceptionProvider.dll
2017-03-15 08:20 - 2017-03-04 07:26 - 00177664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.Diagnostics.dll
2017-03-15 08:20 - 2017-03-04 07:26 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\system32\BcastDVRHelper.dll
2017-03-15 08:20 - 2017-03-04 07:26 - 00147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\VCardParser.dll
2017-03-15 08:20 - 2017-03-04 07:26 - 00138240 _____ (Microsoft Corporation) C:\WINDOWS\system32\DisplayManager.dll
2017-03-15 08:20 - 2017-03-04 07:26 - 00123904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.HostName.dll
2017-03-15 08:20 - 2017-03-04 07:26 - 00065024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Gaming.UI.GameBar.dll
2017-03-15 08:20 - 2017-03-04 07:26 - 00047104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Shell.Search.UriHandler.dll
2017-03-15 08:20 - 2017-03-04 07:26 - 00025600 _____ (Microsoft Corporation) C:\WINDOWS\system32\netiougc.exe
2017-03-15 08:20 - 2017-03-04 07:25 - 00255488 _____ (Microsoft Corporation) C:\WINDOWS\system32\unimdm.tsp
2017-03-15 08:20 - 2017-03-04 07:25 - 00167936 _____ (Microsoft Corporation) C:\WINDOWS\system32\PimIndexMaintenance.dll
2017-03-15 08:20 - 2017-03-04 07:25 - 00152064 _____ (Microsoft Corporation) C:\WINDOWS\system32\MCCSEngineShared.dll
2017-03-15 08:20 - 2017-03-04 07:25 - 00136192 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinRtTracing.dll
2017-03-15 08:20 - 2017-03-04 07:25 - 00097792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.System.SystemManagement.dll
2017-03-15 08:20 - 2017-03-04 07:25 - 00063488 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshost.dll
2017-03-15 08:20 - 2017-03-04 07:24 - 00330752 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
2017-03-15 08:20 - 2017-03-04 07:24 - 00142336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.WiFi.dll
2017-03-15 08:20 - 2017-03-04 07:24 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.ServiceDiscovery.Dnssd.dll
2017-03-15 08:20 - 2017-03-04 07:24 - 00040448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpipreg.sys
2017-03-15 08:20 - 2017-03-04 07:23 - 00531456 _____ (Microsoft Corporation) C:\WINDOWS\system32\iprtrmgr.dll
2017-03-15 08:20 - 2017-03-04 07:23 - 00506368 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.exe
2017-03-15 08:20 - 2017-03-04 07:23 - 00392192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Gaming.Input.dll
2017-03-15 08:20 - 2017-03-04 07:23 - 00334848 _____ (Microsoft Corporation) C:\WINDOWS\system32\DavSyncProvider.dll
2017-03-15 08:20 - 2017-03-04 07:23 - 00299520 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataAccountApis.dll
2017-03-15 08:20 - 2017-03-04 07:23 - 00242688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Dxpserver.exe
2017-03-15 08:20 - 2017-03-04 07:23 - 00193024 _____ (Microsoft Corporation) C:\WINDOWS\system32\shutdownux.dll
2017-03-15 08:20 - 2017-03-04 07:23 - 00186880 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Flights.dll
2017-03-15 08:20 - 2017-03-04 07:22 - 06534656 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanmm.dll
2017-03-15 08:20 - 2017-03-04 07:22 - 00822784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2017-03-15 08:20 - 2017-03-04 07:22 - 00392704 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanconn.dll
2017-03-15 08:20 - 2017-03-04 07:22 - 00332288 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapConfiguration.dll
2017-03-15 08:20 - 2017-03-04 07:22 - 00212992 _____ (Microsoft Corporation) C:\WINDOWS\system32\cemapi.dll
2017-03-15 08:20 - 2017-03-04 07:22 - 00115712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Core.dll
2017-03-15 08:20 - 2017-03-04 07:21 - 00609280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Import.dll
2017-03-15 08:20 - 2017-03-04 07:21 - 00575488 _____ (Microsoft Corporation) C:\WINDOWS\system32\nshwfp.dll
2017-03-15 08:20 - 2017-03-04 07:21 - 00298496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2017-03-15 08:20 - 2017-03-04 07:21 - 00185856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Identity.Provider.dll
2017-03-15 08:20 - 2017-03-04 07:20 - 13873664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2017-03-15 08:20 - 2017-03-04 07:20 - 00426496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Wallet.dll
2017-03-15 08:20 - 2017-03-04 07:20 - 00332800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Cortana.Desktop.dll
2017-03-15 08:20 - 2017-03-04 07:20 - 00301568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ks.sys
2017-03-15 08:20 - 2017-03-04 07:20 - 00271360 _____ (Microsoft Corporation) C:\WINDOWS\system32\deviceaccess.dll
2017-03-15 08:20 - 2017-03-04 07:20 - 00218624 _____ (Microsoft Corporation) C:\WINDOWS\system32\WwaApi.dll
2017-03-15 08:20 - 2017-03-04 07:19 - 00635904 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2017-03-15 08:20 - 2017-03-04 07:19 - 00615936 _____ (Microsoft Corporation) C:\WINDOWS\system32\internetmail.dll
2017-03-15 08:20 - 2017-03-04 07:19 - 00431616 _____ (Microsoft Corporation) C:\WINDOWS\system32\efswrt.dll
2017-03-15 08:20 - 2017-03-04 07:19 - 00226816 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore6.dll
2017-03-15 08:20 - 2017-03-04 07:19 - 00203264 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsrslvr.dll
2017-03-15 08:20 - 2017-03-04 07:19 - 00181760 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcpipcfg.dll
2017-03-15 08:20 - 2017-03-04 07:19 - 00147968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Cortana.OneCore.dll
2017-03-15 08:20 - 2017-03-04 07:18 - 01231360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcnwiz.dll
2017-03-15 08:20 - 2017-03-04 07:18 - 00747520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Ocr.dll
2017-03-15 08:20 - 2017-03-04 07:18 - 00567808 _____ (Microsoft Corporation) C:\WINDOWS\system32\ChatApis.dll
2017-03-15 08:20 - 2017-03-04 07:18 - 00493056 _____ (Microsoft Corporation) C:\WINDOWS\system32\WlanMediaManager.dll
2017-03-15 08:20 - 2017-03-04 07:18 - 00314368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Usb.dll
2017-03-15 08:20 - 2017-03-04 07:18 - 00253952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2017-03-15 08:20 - 2017-03-04 07:18 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\system32\indexeddbserver.dll
2017-03-15 08:20 - 2017-03-04 07:17 - 02318848 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll
2017-03-15 08:20 - 2017-03-04 07:17 - 00661504 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll
2017-03-15 08:20 - 2017-03-04 07:17 - 00570368 _____ (Microsoft Corporation) C:\WINDOWS\system32\PrintRenderAPIHost.DLL
2017-03-15 08:20 - 2017-03-04 07:17 - 00529920 _____ (Microsoft Corporation) C:\WINDOWS\system32\StructuredQuery.dll
2017-03-15 08:20 - 2017-03-04 07:17 - 00427008 _____ (Microsoft Corporation) C:\WINDOWS\system32\DXP.dll
2017-03-15 08:20 - 2017-03-04 07:17 - 00238080 _____ (Microsoft Corporation) C:\WINDOWS\system32\AboveLockAppHost.dll
2017-03-15 08:20 - 2017-03-04 07:16 - 00968704 _____ (Microsoft Corporation) C:\WINDOWS\system32\Unistore.dll
2017-03-15 08:20 - 2017-03-04 07:16 - 00850432 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasgcw.dll
2017-03-15 08:20 - 2017-03-04 07:16 - 00762880 _____ (Microsoft Corporation) C:\WINDOWS\system32\mprddm.dll
2017-03-15 08:20 - 2017-03-04 07:16 - 00500224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Printing.dll
2017-03-15 08:20 - 2017-03-04 07:16 - 00465920 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppBroker.dll
2017-03-15 08:20 - 2017-03-04 07:16 - 00298496 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascustom.dll
2017-03-15 08:20 - 2017-03-04 07:15 - 18362368 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2017-03-15 08:20 - 2017-03-04 07:15 - 00509440 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2017-03-15 08:20 - 2017-03-04 07:13 - 19411968 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2017-03-15 08:20 - 2017-03-04 07:13 - 04613120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2017-03-15 08:20 - 2017-03-04 07:13 - 01003520 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqqm.dll
2017-03-15 08:20 - 2017-03-04 07:13 - 00699904 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll
2017-03-15 08:20 - 2017-03-04 07:13 - 00675840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.dll
2017-03-15 08:20 - 2017-03-04 07:13 - 00497152 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2017-03-15 08:20 - 2017-03-04 07:13 - 00296960 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2017-03-15 08:20 - 2017-03-04 07:13 - 00256512 _____ (Microsoft Corporation) C:\WINDOWS\system32\thumbcache.dll
2017-03-15 08:20 - 2017-03-04 07:12 - 00901120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Bluetooth.dll
2017-03-15 08:20 - 2017-03-04 07:12 - 00894976 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorDataService.exe
2017-03-15 08:20 - 2017-03-04 07:12 - 00886272 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2017-03-15 08:20 - 2017-03-04 07:12 - 00884224 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2017-03-15 08:20 - 2017-03-04 07:12 - 00395264 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll
2017-03-15 08:20 - 2017-03-04 07:12 - 00144896 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceEnroller.exe
2017-03-15 08:20 - 2017-03-04 07:11 - 01357312 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSPhotography.dll
2017-03-15 08:20 - 2017-03-04 07:11 - 01323008 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_fs.dll
2017-03-15 08:20 - 2017-03-04 07:11 - 01137152 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_health.dll
2017-03-15 08:20 - 2017-03-04 07:11 - 00729600 _____ (Microsoft Corporation) C:\WINDOWS\system32\TabletPC.cpl
2017-03-15 08:20 - 2017-03-04 07:11 - 00073728 _____ (Microsoft Corporation) C:\WINDOWS\system32\tabcal.exe
2017-03-15 08:20 - 2017-03-04 07:10 - 03307008 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2017-03-15 08:20 - 2017-03-04 07:10 - 01077760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Editing.dll
2017-03-15 08:20 - 2017-03-04 07:10 - 00259584 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdtcuiu.dll
2017-03-15 08:20 - 2017-03-04 07:10 - 00151552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Tabbtn.dll
2017-03-15 08:20 - 2017-03-04 07:07 - 12178944 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2017-03-15 08:20 - 2017-03-04 07:07 - 00545280 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmkvsrcsnk.dll
2017-03-15 08:20 - 2017-03-04 07:06 - 00220672 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToReceiver.dll
2017-03-15 08:20 - 2017-03-04 07:05 - 01221120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Audio.dll
2017-03-15 08:20 - 2017-03-04 07:05 - 00134144 _____ (Microsoft Corporation) C:\WINDOWS\system32\ErrorDetails.dll
2017-03-15 08:20 - 2017-03-04 07:04 - 00719872 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_sr.dll
2017-03-15 08:20 - 2017-03-04 07:03 - 06044672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2017-03-15 08:20 - 2017-03-04 07:03 - 03666432 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2017-03-15 08:20 - 2017-03-04 07:03 - 01247232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Globalization.dll
2017-03-15 08:20 - 2017-03-04 07:03 - 00409600 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVSENCD.DLL
2017-03-15 08:20 - 2017-03-04 07:03 - 00049664 _____ (Microsoft Corporation) C:\WINDOWS\system32\MultiDigiMon.exe
2017-03-15 08:20 - 2017-03-04 07:02 - 02138112 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
2017-03-15 08:20 - 2017-03-04 07:02 - 01709056 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActiveSyncProvider.dll
2017-03-15 08:20 - 2017-03-04 07:01 - 02682880 _____ (Microsoft Corporation) C:\WINDOWS\system32\netshell.dll
2017-03-15 08:20 - 2017-03-04 07:01 - 01232384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Maps.dll
2017-03-15 08:20 - 2017-03-04 07:01 - 01154560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Pimstore.dll
2017-03-15 08:20 - 2017-03-04 07:01 - 01013248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.Http.dll
2017-03-15 08:20 - 2017-03-04 07:00 - 02026496 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2017-03-15 08:20 - 2017-03-04 07:00 - 01883648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2017-03-15 08:20 - 2017-03-04 07:00 - 01170944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Phone.dll
2017-03-15 08:20 - 2017-03-04 07:00 - 00850944 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContactApis.dll
2017-03-15 08:20 - 2017-03-04 07:00 - 00751104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.BackgroundTransfer.dll
2017-03-15 08:20 - 2017-03-04 07:00 - 00598528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.dll
2017-03-15 08:20 - 2017-03-04 07:00 - 00348160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Midi.dll
2017-03-15 08:20 - 2017-03-04 06:59 - 00353280 _____ (Microsoft Corporation) C:\WINDOWS\system32\TextInputFramework.dll
2017-03-15 08:20 - 2017-03-04 06:59 - 00206848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll
2017-03-15 08:20 - 2017-03-04 06:57 - 00783360 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWorkspace.dll
2017-03-15 08:20 - 2017-03-04 06:57 - 00375296 _____ (Microsoft Corporation) C:\WINDOWS\system32\wksprt.exe
2017-03-15 08:20 - 2017-03-04 06:57 - 00299008 _____ (Microsoft Corporation) C:\WINDOWS\system32\RADCUI.dll
2017-03-15 08:20 - 2017-02-22 03:03 - 00448285 _____ C:\WINDOWS\system32\ApnDatabase.xml
2017-03-15 08:19 - 2016-05-29 19:38 - 08886976 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneDriveSetup.exe
2017-03-10 11:33 - 2017-03-10 11:33 - 00000000 ____D C:\Users\Klaus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2017-03-22 15:08 - 2015-06-18 19:01 - 00000000 ____D C:\Users\Klaus\AppData\Local\Dropbox
2017-03-22 14:56 - 2016-10-14 10:42 - 01955762 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-03-22 14:56 - 2016-07-16 18:27 - 00701738 _____ C:\WINDOWS\system32\perfh007.dat
2017-03-22 14:56 - 2016-07-16 18:27 - 00158614 _____ C:\WINDOWS\system32\perfc007.dat
2017-03-22 14:55 - 2016-10-14 10:43 - 00000000 ____D C:\Users\Klaus
2017-03-22 14:52 - 2016-11-18 22:19 - 00000000 ____D C:\Users\Klaus\AppData\LocalLow\Mozilla
2017-03-22 14:52 - 2016-07-16 09:29 - 00000000 ____D C:\WINDOWS\AppReadiness
2017-03-22 14:51 - 2015-08-26 08:37 - 00000000 ___RD C:\Users\Klaus\OneDrive
2017-03-22 14:51 - 2012-06-04 18:28 - 00000000 ___RD C:\Users\Klaus\Dropbox
2017-03-22 14:51 - 2010-01-20 17:12 - 00000000 ____D C:\Users\Klaus\AppData\Roaming\Skype
2017-03-22 14:49 - 2016-10-14 11:08 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-03-22 14:48 - 2016-07-16 03:22 - 03670016 _____ C:\WINDOWS\system32\config\BBI
2017-03-22 14:46 - 2016-04-27 11:18 - 00000000 ____D C:\Users\Klaus\AppData\LocalLow\Temp
2017-03-22 13:46 - 2016-10-14 10:37 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2017-03-21 11:21 - 2015-03-09 18:47 - 00000000 ____D C:\Program Files\TeamViewer
2017-03-21 11:20 - 2014-04-12 12:25 - 00000000 ____D C:\AdwCleaner
2017-03-21 11:19 - 2016-05-23 09:13 - 00000000 ____D C:\Program Files\iolo
2017-03-21 11:19 - 2015-11-30 16:17 - 00000000 ____D C:\Program Files\Yahoo!
2017-03-21 10:32 - 2016-07-16 09:29 - 00000000 ___HD C:\Program Files\WindowsApps
2017-03-18 16:12 - 2013-12-22 14:21 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2017-03-18 16:08 - 2016-07-16 09:28 - 00000000 ____D C:\WINDOWS\INF
2017-03-18 16:07 - 2016-10-14 10:46 - 00000000 ____D C:\WINDOWS\system32\config\bbimigrate
2017-03-18 16:07 - 2016-07-16 09:29 - 00000000 ____D C:\WINDOWS\system32\config\Journal
2017-03-17 19:59 - 2016-07-16 09:29 - 00000000 ____D C:\WINDOWS\system32\appraiser
2017-03-17 19:59 - 2016-07-16 09:19 - 00000000 ____D C:\WINDOWS\CbsTemp
2017-03-16 19:04 - 2016-07-16 09:29 - 00000000 ____D C:\WINDOWS\rescache
2017-03-16 17:55 - 2014-03-01 12:30 - 00000000 ____D C:\Users\Klaus\Documents\tax
2017-03-16 17:38 - 2014-03-01 11:56 - 00000000 ____D C:\ProgramData\Buhl Data Service GmbH
2017-03-16 17:36 - 2014-03-01 12:04 - 00000000 ____D C:\Users\Klaus\AppData\Local\Buhl
2017-03-16 17:32 - 2014-03-01 12:00 - 00000000 ____D C:\Program Files\Buhl finance
2017-03-16 17:32 - 2009-09-16 22:48 - 00000000 ___HD C:\Program Files\InstallShield Installation Information
2017-03-16 17:30 - 2014-05-20 09:20 - 00000000 ____D C:\ProgramData\Package Cache
2017-03-15 17:46 - 2015-08-26 08:30 - 00000000 __RHD C:\Users\Public\AccountPictures
2017-03-15 17:42 - 2016-10-14 10:36 - 00380912 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2017-03-15 17:42 - 2010-01-18 17:06 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2017-03-15 17:40 - 2016-07-16 09:29 - 00000000 ____D C:\WINDOWS\system32\setup
2017-03-15 17:40 - 2016-07-16 09:29 - 00000000 ____D C:\WINDOWS\system32\oobe
2017-03-15 17:39 - 2016-07-16 09:29 - 00000000 ___RD C:\WINDOWS\PrintDialog
2017-03-15 17:39 - 2016-07-16 09:29 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2017-03-15 17:39 - 2016-07-16 09:29 - 00000000 ___RD C:\Program Files\Windows Defender
2017-03-15 17:39 - 2016-07-16 09:29 - 00000000 ____D C:\WINDOWS\ShellExperiences
2017-03-15 17:39 - 2016-07-16 09:29 - 00000000 ____D C:\WINDOWS\bcastdvr
2017-03-15 17:39 - 2016-07-16 09:29 - 00000000 ____D C:\Program Files\Windows Photo Viewer
2017-03-15 09:33 - 2013-08-14 17:12 - 00000000 ____D C:\WINDOWS\system32\MRT
2017-03-15 09:28 - 2010-03-20 09:45 - 135706696 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-03-15 09:17 - 2010-11-18 18:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2017-03-13 13:05 - 2012-06-17 15:52 - 00000425 _____ C:\WINDOWS\BRWMARK.INI
2017-03-13 13:05 - 2012-06-17 15:52 - 00000027 _____ C:\WINDOWS\BRPP2KA.INI
2017-03-10 11:33 - 2012-06-04 18:27 - 00000000 ____D C:\Users\Klaus\AppData\Roaming\Dropbox
2017-03-10 06:17 - 2016-07-16 09:31 - 00835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe
2017-03-10 06:17 - 2016-07-16 09:31 - 00177656 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl
2017-03-05 10:43 - 2012-04-10 17:21 - 00000884 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2017-02-28 10:46 - 2010-03-19 20:59 - 00407720 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2017-02-23 19:43 - 2015-10-31 12:36 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2014-03-06 15:16 - 2009-08-06 13:43 - 0006733 _____ () C:\Users\Klaus\AppData\Roaming\abspann_datev_idea.gif
2014-03-06 15:16 - 2008-06-02 10:57 - 0000291 _____ () C:\Users\Klaus\AppData\Roaming\lastscreen.html
2014-03-06 15:16 - 2009-08-13 14:32 - 0000105 _____ () C:\Users\Klaus\AppData\Roaming\lastscreen.ikf
2010-06-10 19:08 - 2013-08-16 08:19 - 0040960 _____ () C:\Users\Klaus\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-03-06 15:16 - 2014-03-06 18:07 - 0004672 _____ () C:\Users\Klaus\AppData\Local\EmptySettings.xml
2013-02-13 12:01 - 2013-02-13 12:01 - 0004096 ____H () C:\Users\Klaus\AppData\Local\keyfile3.drm
2016-10-14 10:39 - 2016-10-14 10:39 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2010-01-20 17:17 - 2010-01-20 17:17 - 0000056 ____H () C:\ProgramData\ezsidmv.dat
2010-01-18 16:50 - 2009-08-17 06:54 - 0131368 _____ () C:\ProgramData\FullRemove.exe
2009-09-16 23:05 - 2009-09-16 23:05 - 0000109 _____ () C:\ProgramData\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}.log
2009-09-16 23:03 - 2009-09-16 23:03 - 0000106 _____ () C:\ProgramData\{2BF2E31F-B8BB-40A7-B650-98D28E0F7D47}.log
2009-09-16 23:00 - 2009-09-16 23:00 - 0000105 _____ () C:\ProgramData\{40BF1E83-20EB-11D8-97C5-0009C5020658}.log
2009-09-16 23:04 - 2009-09-16 23:04 - 0000110 _____ () C:\ProgramData\{B7A0CE06-068E-11D6-97FD-0050BACBF861}.log
2009-09-16 22:59 - 2009-09-16 22:59 - 0000107 _____ () C:\ProgramData\{C59C179C-668D-49A9-B6EA-0121CCFC1243}.log
2009-09-16 23:01 - 2009-09-16 23:03 - 0000110 _____ () C:\ProgramData\{CB099890-1D5F-11D5-9EA9-0050BAE317E1}.log

==================== Bamital & volsnap ======================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert

LastRegBack: 2017-03-16 18:01

==================== Ende vom FRST.txt ============================
         

Alt 22.03.2017, 15:18   #9
bütti
 
Löschung von McAfee resten - Standard

Löschung von McAfee resten



3.Datei:FRST Editor

Code:
ATTFilter
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x86) Version: 15-03-2017
durchgeführt von Klaus (Administrator) auf KLAUS-PC (22-03-2017 15:07:07)
Gestartet von C:\Users\Klaus\Desktop
Geladene Profile: Klaus (Verfügbare Profile: Klaus)
Platform: Microsoft Windows 10 Home Version 1607 (X86) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(DATEV eG) C:\DATEV\PROGRAMM\B0001442\PSNTServ.exe
(Chip Digital GmbH) C:\Program Files\Chip Digital GmbH\chip1click\chip 1-click installer.exe
() C:\Program Files\CyberLink\Shared files\RichVideo.exe
() C:\Windows\System32\PSIService.exe
() C:\Windows\System32\Rezip.exe
(Sony Corporation) C:\Program Files\Sony\PMB\PMBDeviceInfoProvider.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\TeamViewer_Service.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(SAMSUNG Electronics) C:\Program Files\Samsung\Samsung Support Center\SSCKbdHk.exe
(Samsung Electronics Co., Ltd.) C:\Program Files\Samsung\EasySpeedUpManager\EasySpeedUpManager.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\TeamViewer.exe
(Samsung Electronics Co., Ltd.) C:\Program Files\Samsung\Easy Display Manager\dmhkcore.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.12.112.0_x86__kzf8qxf38zg5c\SkypeHost.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\tv_w32.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Sony Corporation) C:\Program Files\Sony\PMB\PMBVolumeWatcher.exe
(Nuance Communications, Inc.) C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe
(Brother Industries, Ltd.) C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe
(Brother Industries, Ltd.) C:\Program Files\Brother\ControlCenter3\BrccMCtl.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Geek Software GmbH) C:\Program Files\PDF24\pdf24.exe
(1und1 Mail und Media GmbH) C:\Program Files\WEB.DE MailCheck\IE\WEB.DE_MailCheck_Broker.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Google Inc.) C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
(Dropbox, Inc.) C:\Users\Klaus\AppData\Local\Dropbox\Update\DropboxUpdate.exe
(© 2015 Microsoft Corporation) C:\Users\Klaus\AppData\Local\Microsoft\BingSvc\BingSvc.exe
(Skype Technologies S.A.) C:\Program Files\Skype\Phone\Skype.exe
(Dropbox, Inc.) C:\Users\Klaus\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Dropbox, Inc.) C:\Users\Klaus\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jucheck.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe

==================== Registry (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [12214528 2015-06-24] (Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1541416 2009-07-15] (Synaptics Incorporated)
HKLM\...\Run: [UCam_Menu] => C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe [218408 2009-02-25] (CyberLink Corp.)
HKLM\...\Run: [TrayServer] => C:\Program Files\MAGIX\Filme_auf_DVD_9_Download-Version\TrayServer.exe [90112 2008-01-17] (MAGIX AG)
HKLM\...\Run: [PMBVolumeWatcher] => C:\Program Files\Sony\PMB\PMBVolumeWatcher.exe [599328 2010-03-24] (Sony Corporation)
HKLM\...\Run: [SSBkgdUpdate] => C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe [210472 2006-10-25] (Nuance Communications, Inc.)
HKLM\...\Run: [PaperPort PTD] => C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe [29984 2008-07-09] (Nuance Communications, Inc.)
HKLM\...\Run: [IndexSearch] => C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe [46368 2008-07-09] (Nuance Communications, Inc.)
HKLM\...\Run: [PPort11reminder] => "C:\Program Files\ScanSoft\PaperPort\Ereg\Ereg.exe" -r "C:\ProgramData\ScanSoft\PaperPort\11\Config\Ereg\Ereg.ini"
HKLM\...\Run: [BrMfcWnd] => C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe [1159168 2009-05-26] (Brother Industries, Ltd.)
HKLM\...\Run: [ControlCenter3] => C:\Program Files\Brother\ControlCenter3\brctrcen.exe [114688 2008-12-24] (Brother Industries, Ltd.)
HKLM\...\Run: [QuickTime Task] => C:\Program Files\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [594992 2016-01-29] (Oracle Corporation)
HKLM\...\Run: [PDFPrint] => C:\Program Files\PDF24\pdf24.exe [210432 2016-07-05] (Geek Software GmbH)
HKLM\...\Run: [MailCheck IE Broker] => C:\Program Files\WEB.DE MailCheck\IE\WEB.DE_MailCheck_Broker.exe [2356080 2016-07-21] (1und1 Mail und Media GmbH)
HKLM\...\Run: [WindowsDefender] => C:\Program Files\Windows Defender\MSASCuiL.exe [483840 2016-07-16] (Microsoft Corporation)
Winlogon\Notify\SDWinLogon: SDWinLogon.dll [X]
HKU\S-1-5-21-1016556084-3091970497-507946437-1001\...\Run: [swg] => C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2009-09-16] (Google Inc.)
HKU\S-1-5-21-1016556084-3091970497-507946437-1001\...\Run: [Dropbox Update] => C:\Users\Klaus\AppData\Local\Dropbox\Update\DropboxUpdate.exe [143144 2016-11-09] (Dropbox, Inc.)
HKU\S-1-5-21-1016556084-3091970497-507946437-1001\...\Run: [BingSvc] => C:\Users\Klaus\AppData\Local\Microsoft\BingSvc\BingSvc.exe [144008 2016-07-12] (© 2015 Microsoft Corporation)
HKU\S-1-5-21-1016556084-3091970497-507946437-1001\...\Run: [Skype] => C:\Program Files\Skype\Phone\Skype.exe [27230168 2016-11-15] (Skype Technologies S.A.)
HKU\S-1-5-21-1016556084-3091970497-507946437-1001\...\Run: [GarminExpressTrayApp] => C:\Program Files\Garmin\Express Tray\ExpressTray.exe [1407912 2017-01-16] (Garmin Ltd. or its subsidiaries)
HKU\S-1-5-18\...\Run: [GarminExpressTrayApp] => C:\Program Files\Garmin\Express Tray\ExpressTray.exe [1407912 2017-01-16] (Garmin Ltd. or its subsidiaries)
Lsa: [Notification Packages] scecli C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Klaus\AppData\Roaming\Dropbox\bin\DropboxExt.14.0.dll [2017-03-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Klaus\AppData\Roaming\Dropbox\bin\DropboxExt.14.0.dll [2017-03-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Klaus\AppData\Roaming\Dropbox\bin\DropboxExt.14.0.dll [2017-03-06] (Dropbox, Inc.)
Startup: C:\Users\Klaus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2017-03-10]
ShortcutTarget: Dropbox.lnk -> C:\Users\Klaus\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{282c3c11-bd40-49ce-a090-a878048b4175}: [DhcpNameServer] 192.168.178.1

Internet Explorer:
==================
HKU\S-1-5-21-1016556084-3091970497-507946437-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=SK2M&ocid=SK2MDHP&osmkt=de-de
HKU\S-1-5-21-1016556084-3091970497-507946437-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=smsn&bmod=smsn
HKU\S-1-5-21-1016556084-3091970497-507946437-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.google.de/
SearchScopes: HKLM -> DefaultScope {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7SMSN
SearchScopes: HKLM -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7SMSN
SearchScopes: HKU\S-1-5-21-1016556084-3091970497-507946437-1001 -> DefaultScope {36667B61-113B-4D4A-9655-2D5EEBF56FC0} URL = hxxps://de.search.yahoo.com/search?fr=mcafee&type=C011DE532D20140110&p={searchTerms}
SearchScopes: HKU\S-1-5-21-1016556084-3091970497-507946437-1001 -> {3188016B-9C61-4D96-A3F0-26240792A64F} URL = hxxp://go.gmx.de/tb/ie_searchplugin/?q={searchTerms}&enc=UTF-8
SearchScopes: HKU\S-1-5-21-1016556084-3091970497-507946437-1001 -> {36667B61-113B-4D4A-9655-2D5EEBF56FC0} URL = hxxps://de.search.yahoo.com/search?fr=mcafee&type=C011DE532D20140110&p={searchTerms}
SearchScopes: HKU\S-1-5-21-1016556084-3091970497-507946437-1001 -> {55E10C83-66E2-4DF3-8C6D-F1FCA32463AE} URL = hxxp://go.web.de/tb/ie_searchplugin/?q={searchTerms}&enc=UTF-8
SearchScopes: HKU\S-1-5-21-1016556084-3091970497-507946437-1001 -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.bing.com/search?FORM=SK2MDF&PC=SK2M&q={searchTerms}&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-1016556084-3091970497-507946437-1001 -> {8739C06C-4C0E-4EC0-BE0C-E7BCB362BEFF} URL = hxxp://go.1und1.de/tb/ie_searchplugin/?q={searchTerms}&enc=UTF-8
SearchScopes: HKU\S-1-5-21-1016556084-3091970497-507946437-1001 -> {942EC6E8-747D-448C-9B55-23B6147D7F60} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7SMSN_de___DE363
SearchScopes: HKU\S-1-5-21-1016556084-3091970497-507946437-1001 -> {B3C47B51-F87A-43DF-B84E-70B7324A9378} URL = hxxp://go.mail.com/tb/en-us/ie_searchplugin/?q={searchTerms}&enc=UTF-8
SearchScopes: HKU\S-1-5-21-1016556084-3091970497-507946437-1001 -> {DCA67887-DB28-490D-B4B0-BE2669C80B30} URL = hxxps://de.search.yahoo.com/search?fr=mcafee&type=B011DE532D20140110&p={searchTerms}
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_73\bin\ssv.dll [2016-02-08] (Oracle Corporation)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2010-01-18] (Google Inc.)
BHO: Google Toolbar Notifier BHO -> {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} -> C:\Program Files\Google\GoogleToolbarNotifier\5.6.5612.1312\swg.dll [2010-10-08] (Google Inc.)
BHO: WEB.DE MailCheck BHO -> {BF42D4A8-016E-4fcd-B1EB-837659FD77C6} -> C:\Program Files\WEB.DE MailCheck\IE\WEB.DE_MailCheck.dll [2016-07-21] (1und1 Mail und Media GmbH)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_73\bin\jp2ssv.dll [2016-02-08] (Oracle Corporation)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2010-01-18] (Google Inc.)
Toolbar: HKU\S-1-5-21-1016556084-3091970497-507946437-1001 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2010-01-18] (Google Inc.)
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll [2009-02-26] (Microsoft Corporation)
Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll [2009-07-26] (Microsoft Corporation)
Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll [2009-07-26] (Microsoft Corporation)
Handler: webde - {8FAF0273-9CA8-4efc-9536-1E35E254D5CD} - C:\Program Files\WEB.DE MailCheck\IE\WEB.DE_MailCheck.dll [2016-07-21] (1und1 Mail und Media GmbH)

FireFox:
========
FF ProfilePath: C:\Users\Klaus\AppData\Roaming\Mozilla\Firefox\Profiles\fx8m4482.default [2017-03-22]
FF SearchEngineOrder.1: Mozilla\Firefox\Profiles\fx8m4482.default -> Sichere Suche
FF SearchEngineOrder.3: Mozilla\Firefox\Profiles\fx8m4482.default -> Bing 
FF SelectedSearchEngine: Mozilla\Firefox\Profiles\fx8m4482.default -> Bing 
FF Homepage: Mozilla\Firefox\Profiles\fx8m4482.default -> hxxps://www.google.de/?gws_rd=ssl
FF Keyword.URL: Mozilla\Firefox\Profiles\fx8m4482.default -> hxxp://www.bing.com/search?FORM=SK2MDF&PC=SK2M&q=
FF Extension: (Bing Search) - C:\Users\Klaus\AppData\Roaming\Mozilla\Firefox\Profiles\fx8m4482.default\Extensions\bingsearch.full@microsoft.com.xpi [2015-11-29]
FF Extension: (WEB.DE MailCheck) - C:\Users\Klaus\AppData\Roaming\Mozilla\Firefox\Profiles\fx8m4482.default\Extensions\mailcheck@web.de [2016-11-23]
FF Extension: (McAfee WebAdvisor) - C:\Users\Klaus\AppData\Roaming\Mozilla\Firefox\Profiles\fx8m4482.default\Extensions\{4ED1F68A-5463-4931-9384-8FFF5ED91D92}.xpi [2015-08-04] [ist nicht signiert]
FF Extension: (Adblock Plus) - C:\Users\Klaus\AppData\Roaming\Mozilla\Firefox\Profiles\fx8m4482.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-11-24]
FF SearchPlugin: C:\Users\Klaus\AppData\Roaming\Mozilla\Firefox\Profiles\fx8m4482.default\searchplugins\bing-.xml [2015-11-29]
FF SearchPlugin: C:\Users\Klaus\AppData\Roaming\Mozilla\Firefox\Profiles\fx8m4482.default\searchplugins\yahoo-ysp.xml [2015-11-30]
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\McSiteAdvisor.xml [2015-08-20]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_24_0_0_194.dll [2017-01-30] ()
FF Plugin: @adobe.com/ShockwavePlayer -> C:\windows\system32\Adobe\Director\np32dsw_1200112.dll [2013-02-18] (Adobe Systems, Inc.)
FF Plugin: @Apple.com/iTunes,version=1.0 -> C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll [Keine Datei]
FF Plugin: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2011-07-19] (Foxit Corporation)
FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google)
FF Plugin: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files\Google\Picasa3\npPicasa3.dll [2014-01-06] (Google, Inc.)
FF Plugin: @java.com/DTPlugin,version=11.73.2 -> C:\Program Files\Java\jre1.8.0_73\bin\dtplugin\npDeployJava1.dll [2016-02-08] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.73.2 -> C:\Program Files\Java\jre1.8.0_73\bin\plugin2\npjp2.dll [2016-02-08] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50905.0\npctrl.dll [2017-02-10] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files\Microsoft\Office Live\npOLW.dll [2010-04-26] (Microsoft Corp.)
FF Plugin: @microsoft.com/WLPG,version=14.0.8081.0709 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2009-07-10] (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.23.9\npGoogleUpdate3.dll [Keine Datei]
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.23.9\npGoogleUpdate3.dll [Keine Datei]
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-12-23] (Adobe Systems Inc.)

Chrome: 
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\Klaus\AppData\Local\Google\Chrome\User Data\Default [2017-03-22]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Klaus\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2016-11-07]
CHR Extension: (Skype) - C:\Users\Klaus\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2017-03-08]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Klaus\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-02-08]
CHR HKLM\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - hxxps://clients2.google.com/service/update2/crx

==================== Dienste (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 chip1click; C:\Program Files\Chip Digital GmbH\chip1click\chip 1-click installer.exe [91136 2016-10-27] (Chip Digital GmbH) [Datei ist nicht signiert]
S3 DATEV Update-Service; C:\DATEV\PROGRAMM\INSTALL\DvInesASDSvc.Exe [147040 2009-12-03] (DATEV eG) [Datei ist nicht signiert]
R2 DatevPrintService; C:\DATEV\PROGRAMM\B0001442\PSNTSERV.EXE [77312 2008-11-24] (DATEV eG) [Datei ist nicht signiert]
S2 Garmin Device Interaction Service; C:\Program Files\Garmin\Device Interaction Service\GarminService.exe [1039376 2017-01-16] (Garmin Ltd. or its subsidiaries)
R2 ProtexisLicensing; C:\windows\system32\PSIService.exe [174656 2006-11-02] () [Datei ist nicht signiert]
R2 Rezip; C:\windows\SYSTEM32\Rezip.exe [311296 2009-03-05] () [Datei ist nicht signiert]
R2 RichVideo; C:\Program Files\CyberLink\Shared files\RichVideo.exe [247152 2009-07-07] ()
R2 TeamViewer; C:\Program Files\TeamViewer\TeamViewer_Service.exe [5702416 2015-09-11] (TeamViewer GmbH)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [271496 2016-07-16] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [84920 2017-03-04] (Microsoft Corporation)
S2 InstallerService; C:\Program Files\TrueKey\Mcafee.TrueKey.InstallerService.exe -originalversion 4.4.127.0 [X]

===================== Treiber (Nicht auf der Ausnahmeliste) ======================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [108032 2016-04-24] (Samsung Electronics Co., Ltd.)
R2 KMDFMEMIO; C:\WINDOWS\System32\DRIVERS\kmdfmemio.sys [13312 2007-06-01] (SAMSUNG ELECTRONICS CO., LTD.)
S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [62976 2016-07-16] ()
R3 rtl819xp; C:\WINDOWS\System32\drivers\rtl819xp.sys [552448 2016-07-16] (Realtek Semiconductor Corporation                           )
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [199936 2016-04-24] (Samsung Electronics Co., Ltd.)
R1 StarPortLite; C:\WINDOWS\System32\drivers\StarPortLite.sys [95592 2009-03-02] (Rocket Division Software)
R3 VMC326; C:\WINDOWS\System32\Drivers\VMC326.sys [237696 2009-08-10] (Vimicro Corporation)
S0 WdBoot; C:\WINDOWS\System32\drivers\WdBoot.sys [37912 2016-07-16] (Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\WdFilter.sys [244576 2016-07-16] (Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [100192 2016-07-16] (Microsoft Corporation)
R3 yukonw8; C:\WINDOWS\System32\drivers\yk63x86.sys [242688 2016-07-16] (Marvell)
U3 idsvc; kein ImagePath

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2017-03-22 15:07 - 2017-03-22 15:07 - 00020535 _____ C:\Users\Klaus\Desktop\FRST.txt
2017-03-22 15:01 - 2017-03-22 15:04 - 00031904 _____ C:\Users\Klaus\Desktop\SystemLook.txt
2017-03-22 14:59 - 2017-03-22 15:00 - 00139264 _____ C:\Users\Klaus\Desktop\SystemLook.exe
2017-03-22 14:45 - 2017-03-22 14:48 - 00009213 _____ C:\Users\Klaus\Desktop\Fixlog.txt
2017-03-22 09:32 - 2017-03-22 09:32 - 00000000 ___HD C:\OneDriveTemp
2017-03-21 11:33 - 2017-03-22 15:07 - 00000000 ____D C:\FRST
2017-03-21 11:31 - 2017-03-21 11:32 - 01766912 _____ (Farbar) C:\Users\Klaus\Desktop\FRST.exe
2017-03-21 10:58 - 2017-03-21 10:59 - 04031440 _____ C:\Users\Klaus\Downloads\AdwCleaner_6.044(1).exe
2017-03-21 10:56 - 2017-03-21 10:57 - 04031440 _____ C:\Users\Klaus\Desktop\AdwCleaner_6.044.exe
2017-03-20 18:31 - 2017-03-20 18:35 - 00047608 _____ C:\Users\Klaus\Downloads\SystemLook.txt
2017-03-18 16:48 - 2017-03-18 16:48 - 00000000 ____D C:\Users\Klaus\AppData\Local\Downloaded Installations
2017-03-18 16:48 - 2017-03-18 16:48 - 00000000 ____D C:\Program Files\Chip Digital GmbH
2017-03-18 16:45 - 2017-03-18 16:46 - 01496584 _____ C:\Users\Klaus\Downloads\McAfee Consumer Product Removal Tool - CHIP-Installer.exe
2017-03-18 16:25 - 2017-03-18 16:36 - 00000000 ____D C:\WINDOWS\Microsoft Antimalware
2017-03-18 16:03 - 2017-03-18 16:04 - 08681136 _____ (McAfee, Inc.) C:\Users\Klaus\Downloads\MCPR.exe
2017-03-18 09:15 - 2017-03-18 16:12 - 00000000 ____D C:\Program Files\Mozilla Firefox
2017-03-16 17:36 - 2017-03-16 17:36 - 00002233 _____ C:\Users\Public\Desktop\tax 2017.lnk
2017-03-16 17:36 - 2017-03-16 17:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\tax 2017
2017-03-15 17:51 - 2017-03-15 17:50 - 00095050 _____ C:\Users\Klaus\Documents\01-LorenzMaroldtMitte-Tour.gpx
2017-03-15 08:22 - 2017-03-04 08:57 - 01339744 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2017-03-15 08:22 - 2017-03-04 08:57 - 00980320 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2017-03-15 08:22 - 2017-03-04 08:57 - 00513888 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2017-03-15 08:22 - 2017-03-04 08:57 - 00450912 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2017-03-15 08:22 - 2017-03-04 08:57 - 00279392 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2017-03-15 08:22 - 2017-03-04 08:57 - 00229720 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcntel.dll
2017-03-15 08:22 - 2017-03-04 08:57 - 00192352 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2017-03-15 08:22 - 2017-03-04 08:57 - 00113504 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2017-03-15 08:22 - 2017-03-04 08:57 - 00073056 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2017-03-15 08:22 - 2017-03-04 08:57 - 00031584 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2017-03-15 08:22 - 2017-03-04 08:40 - 00965472 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReAgent.dll
2017-03-15 08:22 - 2017-03-04 08:09 - 00890984 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2017-03-15 08:22 - 2017-03-04 08:09 - 00320144 _____ (Microsoft Corporation) C:\WINDOWS\system32\systemreset.exe
2017-03-15 08:22 - 2017-03-04 08:08 - 01725136 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2017-03-15 08:22 - 2017-03-04 08:08 - 00036704 _____ (Microsoft Corporation) C:\WINDOWS\system32\SysResetErr.exe
2017-03-15 08:22 - 2017-03-04 07:59 - 00869728 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2017-03-15 08:22 - 2017-03-04 07:59 - 00274272 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinSetupUI.dll
2017-03-15 08:22 - 2017-03-04 07:57 - 00581672 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2017-03-15 08:22 - 2017-03-04 07:54 - 02277288 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll
2017-03-15 08:22 - 2017-03-04 07:54 - 00524776 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2017-03-15 08:22 - 2017-03-04 07:53 - 05722320 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2017-03-15 08:22 - 2017-03-04 07:53 - 00313568 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanapi.dll
2017-03-15 08:22 - 2017-03-04 07:51 - 01980768 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2017-03-15 08:22 - 2017-03-04 07:51 - 00523784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2017-03-15 08:22 - 2017-03-04 07:51 - 00399712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2017-03-15 08:22 - 2017-03-04 07:51 - 00186720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2017-03-15 08:22 - 2017-03-04 07:50 - 00846560 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2017-03-15 08:22 - 2017-03-04 07:50 - 00355680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2017-03-15 08:22 - 2017-03-04 07:47 - 06667528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2017-03-15 08:22 - 2017-03-04 07:46 - 04312248 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2017-03-15 08:22 - 2017-03-04 07:45 - 00117280 _____ (Microsoft Corporation) C:\WINDOWS\system32\AuthHost.exe
2017-03-15 08:22 - 2017-03-04 07:42 - 01411616 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2017-03-15 08:22 - 2017-03-04 07:42 - 01260784 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2017-03-15 08:22 - 2017-03-04 07:31 - 00027648 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsUpdateElevatedInstaller.exe
2017-03-15 08:22 - 2017-03-04 07:30 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchWinApp.exe
2017-03-15 08:22 - 2017-03-04 07:28 - 00045568 _____ (Microsoft Corporation) C:\WINDOWS\system32\BluetoothDesktopHandlers.dll
2017-03-15 08:22 - 2017-03-04 07:28 - 00041984 _____ (Microsoft Corporation) C:\WINDOWS\system32\musdialoghandlers.dll
2017-03-15 08:22 - 2017-03-04 07:26 - 00430080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nwifi.sys
2017-03-15 08:22 - 2017-03-04 07:26 - 00119296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Family.Client.dll
2017-03-15 08:22 - 2017-03-04 07:26 - 00038912 _____ (Microsoft Corporation) C:\WINDOWS\system32\wfdprov.dll
2017-03-15 08:22 - 2017-03-04 07:25 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\system32\BrowserSettingSync.dll
2017-03-15 08:22 - 2017-03-04 07:24 - 00395264 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansec.dll
2017-03-15 08:22 - 2017-03-04 07:24 - 00186880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Family.SyncEngine.dll
2017-03-15 08:22 - 2017-03-04 07:24 - 00129024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.SerialCommunication.dll
2017-03-15 08:22 - 2017-03-04 07:22 - 01299968 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVPXENC.dll
2017-03-15 08:22 - 2017-03-04 07:22 - 00774144 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll
2017-03-15 08:22 - 2017-03-04 07:22 - 00414208 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2017-03-15 08:22 - 2017-03-04 07:22 - 00271872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.SmartCards.Phone.dll
2017-03-15 08:22 - 2017-03-04 07:22 - 00265728 _____ C:\WINDOWS\system32\Windows.Perception.Stub.dll
2017-03-15 08:22 - 2017-03-04 07:22 - 00231424 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudBackupSettings.dll
2017-03-15 08:22 - 2017-03-04 07:22 - 00230912 _____ (Microsoft Corporation) C:\WINDOWS\system32\icm32.dll
2017-03-15 08:22 - 2017-03-04 07:22 - 00216576 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeveloperOptionsSettingsHandlers.dll
2017-03-15 08:22 - 2017-03-04 07:22 - 00113152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dfsc.sys
2017-03-15 08:22 - 2017-03-04 07:21 - 01243136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.FaceAnalysis.dll
2017-03-15 08:22 - 2017-03-04 07:21 - 00631296 _____ (Microsoft Corporation) C:\WINDOWS\system32\main.cpl
2017-03-15 08:22 - 2017-03-04 07:21 - 00389632 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2017-03-15 08:22 - 2017-03-04 07:20 - 00632832 _____ (Microsoft Corporation) C:\WINDOWS\system32\sud.dll
2017-03-15 08:22 - 2017-03-04 07:20 - 00518656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdiWiFi.sys
2017-03-15 08:22 - 2017-03-04 07:20 - 00506880 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevicePairing.dll
2017-03-15 08:22 - 2017-03-04 07:20 - 00368128 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanui.dll
2017-03-15 08:22 - 2017-03-04 07:19 - 00498688 _____ (Microsoft Corporation) C:\WINDOWS\system32\mbsmsapi.dll
2017-03-15 08:22 - 2017-03-04 07:19 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Picker.dll
2017-03-15 08:22 - 2017-03-04 07:18 - 00896512 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontext.dll
2017-03-15 08:22 - 2017-03-04 07:18 - 00387072 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.UserAccountsHandlers.dll
2017-03-15 08:22 - 2017-03-04 07:17 - 01110016 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModel.dll
2017-03-15 08:22 - 2017-03-04 07:16 - 00994304 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplicationFrame.dll
2017-03-15 08:22 - 2017-03-04 07:16 - 00760832 _____ (Microsoft Corporation) C:\WINDOWS\system32\appwiz.cpl
2017-03-15 08:22 - 2017-03-04 07:16 - 00636928 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
2017-03-15 08:22 - 2017-03-04 07:16 - 00623616 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2017-03-15 08:22 - 2017-03-04 07:16 - 00526336 _____ (Microsoft Corporation) C:\WINDOWS\system32\mscms.dll
2017-03-15 08:22 - 2017-03-04 07:15 - 00313856 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2017-03-15 08:22 - 2017-03-04 07:13 - 07626752 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2017-03-15 08:22 - 2017-03-04 07:13 - 06474752 _____ (Microsoft Corporation) C:\WINDOWS\system32\mspaint.exe
2017-03-15 08:22 - 2017-03-04 07:13 - 03733504 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_47.dll
2017-03-15 08:22 - 2017-03-04 07:13 - 02458112 _____ (Microsoft Corporation) C:\WINDOWS\system32\themecpl.dll
2017-03-15 08:22 - 2017-03-04 07:13 - 01104896 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpeechPal.dll
2017-03-15 08:22 - 2017-03-04 07:12 - 00589312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Sensors.dll
2017-03-15 08:22 - 2017-03-04 07:11 - 00355328 _____ (Microsoft Corporation) C:\WINDOWS\system32\RTMediaFrame.dll
2017-03-15 08:22 - 2017-03-04 07:10 - 00300544 _____ (Microsoft Corporation) C:\WINDOWS\regedit.exe
2017-03-15 08:22 - 2017-03-04 07:10 - 00144384 _____ (Microsoft Corporation) C:\WINDOWS\system32\RelPost.exe
2017-03-15 08:22 - 2017-03-04 07:09 - 00945664 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2017-03-15 08:22 - 2017-03-04 07:09 - 00795648 _____ (Microsoft Corporation) C:\WINDOWS\system32\MiracastReceiver.dll
2017-03-15 08:22 - 2017-03-04 07:09 - 00570368 _____ (Microsoft Corporation) C:\WINDOWS\system32\clusapi.dll
2017-03-15 08:22 - 2017-03-04 07:09 - 00192000 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhengine.dll
2017-03-15 08:22 - 2017-03-04 07:09 - 00123904 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProximityCommon.dll
2017-03-15 08:22 - 2017-03-04 07:08 - 12349952 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2017-03-15 08:22 - 2017-03-04 07:08 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhcfg.dll
2017-03-15 08:22 - 2017-03-04 07:07 - 02748928 _____ (Microsoft Corporation) C:\WINDOWS\system32\mispace.dll
2017-03-15 08:22 - 2017-03-04 07:07 - 02643456 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2017-03-15 08:22 - 2017-03-04 07:07 - 01255936 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2017-03-15 08:22 - 2017-03-04 07:07 - 00582656 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpaceControl.dll
2017-03-15 08:22 - 2017-03-04 07:07 - 00551424 _____ (Microsoft Corporation) C:\WINDOWS\system32\vds.exe
2017-03-15 08:22 - 2017-03-04 07:07 - 00495104 _____ (Microsoft Corporation) C:\WINDOWS\system32\BootMenuUX.dll
2017-03-15 08:22 - 2017-03-04 07:07 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhtask.dll
2017-03-15 08:22 - 2017-03-04 07:06 - 03774464 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2017-03-15 08:22 - 2017-03-04 07:06 - 02153984 _____ (Microsoft Corporation) C:\WINDOWS\system32\storagewmi.dll
2017-03-15 08:22 - 2017-03-04 07:06 - 01017856 _____ (Microsoft Corporation) C:\WINDOWS\system32\VSSVC.exe
2017-03-15 08:22 - 2017-03-04 07:05 - 01133568 _____ (Microsoft Corporation) C:\WINDOWS\system32\vssapi.dll
2017-03-15 08:22 - 2017-03-04 07:05 - 00339968 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhsettingsprovider.dll
2017-03-15 08:22 - 2017-03-04 07:05 - 00298496 _____ (Microsoft Corporation) C:\WINDOWS\system32\resutils.dll
2017-03-15 08:22 - 2017-03-04 07:05 - 00113152 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpaceAgent.exe
2017-03-15 08:22 - 2017-03-04 07:04 - 01136128 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2017-03-15 08:22 - 2017-03-04 07:04 - 00640000 _____ (Microsoft Corporation) C:\WINDOWS\system32\MCRecvSrc.dll
2017-03-15 08:22 - 2017-03-04 07:02 - 04423680 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
2017-03-15 08:22 - 2017-03-04 07:02 - 02484736 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameux.dll
2017-03-15 08:22 - 2017-03-04 07:02 - 01997824 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2017-03-15 08:22 - 2017-03-04 07:02 - 01170944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.dll
2017-03-15 08:22 - 2017-03-04 07:02 - 00580608 _____ (Microsoft Corporation) C:\WINDOWS\system32\hgcpl.dll
2017-03-15 08:22 - 2017-03-04 07:01 - 01988096 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2017-03-15 08:22 - 2017-03-04 07:01 - 01556992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2017-03-15 08:22 - 2017-03-04 07:01 - 00773120 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2017-03-15 08:22 - 2017-03-04 07:01 - 00560640 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserLanguagesCpl.dll
2017-03-15 08:22 - 2017-03-04 07:01 - 00422400 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.dll
2017-03-15 08:22 - 2017-03-04 07:00 - 04557824 _____ (Microsoft) C:\WINDOWS\system32\dbgeng.dll
2017-03-15 08:22 - 2017-03-04 07:00 - 02996736 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2017-03-15 08:22 - 2017-03-04 07:00 - 02003968 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2017-03-15 08:22 - 2017-03-04 07:00 - 01524224 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2017-03-15 08:22 - 2017-03-04 07:00 - 01121280 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2017-03-15 08:22 - 2017-03-04 07:00 - 00798208 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2017-03-15 08:22 - 2017-03-04 07:00 - 00654336 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApiPublic.dll
2017-03-15 08:22 - 2017-03-04 06:57 - 01438720 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.dll
2017-03-15 08:22 - 2017-03-04 06:57 - 00449024 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmCoreProvisioning.dll
2017-03-15 08:21 - 2017-03-04 08:57 - 00484584 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2017-03-15 08:21 - 2017-03-04 08:57 - 00315744 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2017-03-15 08:21 - 2017-03-04 08:46 - 00448864 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContentDeliveryManager.Utilities.dll
2017-03-15 08:21 - 2017-03-04 08:09 - 02206496 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2017-03-15 08:21 - 2017-03-04 08:09 - 01969912 _____ (Microsoft Corporation) C:\WINDOWS\system32\hevcdecoder.dll
2017-03-15 08:21 - 2017-03-04 08:09 - 00783552 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2017-03-15 08:21 - 2017-03-04 08:09 - 00092000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys
2017-03-15 08:21 - 2017-03-04 08:07 - 01073816 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2017-03-15 08:21 - 2017-03-04 08:07 - 00945760 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2017-03-15 08:21 - 2017-03-04 08:06 - 01956704 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2017-03-15 08:21 - 2017-03-04 08:06 - 00341336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Classpnp.sys
2017-03-15 08:21 - 2017-03-04 08:06 - 00106336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\partmgr.sys
2017-03-15 08:21 - 2017-03-04 08:04 - 02048496 _____ C:\WINDOWS\system32\CoreUIComponents.dll
2017-03-15 08:21 - 2017-03-04 08:03 - 00583136 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2017-03-15 08:21 - 2017-03-04 08:02 - 00950112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2017-03-15 08:21 - 2017-03-04 07:59 - 00055136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dam.sys
2017-03-15 08:21 - 2017-03-04 07:56 - 00248992 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanager.dll
2017-03-15 08:21 - 2017-03-04 07:54 - 01897824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2017-03-15 08:21 - 2017-03-04 07:53 - 02256080 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2017-03-15 08:21 - 2017-03-04 07:53 - 00975744 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2017-03-15 08:21 - 2017-03-04 07:53 - 00551264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2017-03-15 08:21 - 2017-03-04 07:53 - 00493912 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2017-03-15 08:21 - 2017-03-04 07:52 - 00272720 _____ (Microsoft Corporation) C:\WINDOWS\system32\wintrust.dll
2017-03-15 08:21 - 2017-03-04 07:51 - 00576408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2017-03-15 08:21 - 2017-03-04 07:51 - 00458592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2017-03-15 08:21 - 2017-03-04 07:51 - 00454496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2017-03-15 08:21 - 2017-03-04 07:50 - 00100704 _____ (Microsoft Corporation) C:\WINDOWS\system32\icfupgd.dll
2017-03-15 08:21 - 2017-03-04 07:47 - 20969928 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2017-03-15 08:21 - 2017-03-04 07:47 - 01557808 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2017-03-15 08:21 - 2017-03-04 07:47 - 00530480 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2017-03-15 08:21 - 2017-03-04 07:47 - 00432336 _____ (Microsoft Corporation) C:\WINDOWS\system32\DMRServer.dll
2017-03-15 08:21 - 2017-03-04 07:47 - 00374448 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFPlay.dll
2017-03-15 08:21 - 2017-03-04 07:47 - 00352760 _____ (Microsoft Corporation) C:\WINDOWS\system32\MMDevAPI.dll
2017-03-15 08:21 - 2017-03-04 07:47 - 00034088 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompPkgSup.dll
2017-03-15 08:21 - 2017-03-04 07:46 - 01384704 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2017-03-15 08:21 - 2017-03-04 07:46 - 01224104 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcMon.exe
2017-03-15 08:21 - 2017-03-04 07:46 - 00321792 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppHost.exe
2017-03-15 08:21 - 2017-03-04 07:46 - 00198496 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHost.dll
2017-03-15 08:21 - 2017-03-04 07:46 - 00125792 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostBroker.dll
2017-03-15 08:21 - 2017-03-04 07:45 - 00173408 _____ (Microsoft Corporation) C:\WINDOWS\system32\basecsp.dll
2017-03-15 08:21 - 2017-03-04 07:45 - 00112120 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpapi.dll
2017-03-15 08:21 - 2017-03-04 07:45 - 00093984 _____ (Microsoft Corporation) C:\WINDOWS\system32\phoneactivate.exe
2017-03-15 08:21 - 2017-03-04 07:42 - 00545944 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2017-03-15 08:21 - 2017-03-04 07:42 - 00276832 _____ (Microsoft Corporation) C:\WINDOWS\system32\input.dll
2017-03-15 08:21 - 2017-03-04 07:36 - 05685760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2017-03-15 08:21 - 2017-03-04 07:30 - 00095232 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTimeUtil.dll
2017-03-15 08:21 - 2017-03-04 07:30 - 00051712 _____ (Microsoft Corporation) C:\WINDOWS\system32\usoapi.dll
2017-03-15 08:21 - 2017-03-04 07:30 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\odbcconf.dll
2017-03-15 08:21 - 2017-03-04 07:29 - 00112640 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssitlb.dll
2017-03-15 08:21 - 2017-03-04 07:29 - 00091648 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctfp.dll
2017-03-15 08:21 - 2017-03-04 07:29 - 00075264 _____ (Microsoft Corporation) C:\WINDOWS\system32\DuCsps.dll
2017-03-15 08:21 - 2017-03-04 07:28 - 00216576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\xboxgip.sys
2017-03-15 08:21 - 2017-03-04 07:27 - 00192512 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2017-03-15 08:21 - 2017-03-04 07:27 - 00123392 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcertinst.exe
2017-03-15 08:21 - 2017-03-04 07:27 - 00108544 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblGameSaveExt.dll
2017-03-15 08:21 - 2017-03-04 07:27 - 00055296 _____ (Microsoft Corporation) C:\WINDOWS\system32\findnetprinters.dll
2017-03-15 08:21 - 2017-03-04 07:27 - 00045056 _____ (Microsoft Corporation) C:\WINDOWS\system32\ddrawex.dll
2017-03-15 08:21 - 2017-03-04 07:26 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbonRes.dll
2017-03-15 08:21 - 2017-03-04 07:26 - 00215040 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_WorkAccess.dll
2017-03-15 08:21 - 2017-03-04 07:26 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDeviceRegistration.dll
2017-03-15 08:21 - 2017-03-04 07:26 - 00073216 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2017-03-15 08:21 - 2017-03-04 07:25 - 00519680 _____ (Microsoft Corporation) C:\WINDOWS\system32\vpnike.dll
2017-03-15 08:21 - 2017-03-04 07:25 - 00251904 _____ (Microsoft Corporation) C:\WINDOWS\system32\mscandui.dll
2017-03-15 08:21 - 2017-03-04 07:25 - 00175104 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiapi.dll
2017-03-15 08:21 - 2017-03-04 07:25 - 00073216 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzautoupdate.dll
2017-03-15 08:21 - 2017-03-04 07:25 - 00057344 _____ (Microsoft Corporation) C:\WINDOWS\system32\WPDShServiceObj.dll
2017-03-15 08:21 - 2017-03-04 07:25 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\tbauth.dll
2017-03-15 08:21 - 2017-03-04 07:24 - 00328192 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2017-03-15 08:21 - 2017-03-04 07:24 - 00223232 _____ (Microsoft Corporation) C:\WINDOWS\system32\scksp.dll
2017-03-15 08:21 - 2017-03-04 07:24 - 00093184 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctfui.dll
2017-03-15 08:21 - 2017-03-04 07:24 - 00088576 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDeviceRegistration.Ngc.dll
2017-03-15 08:21 - 2017-03-04 07:24 - 00022016 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBrokerCookies.exe
2017-03-15 08:21 - 2017-03-04 07:23 - 00374784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.LowLevel.dll
2017-03-15 08:21 - 2017-03-04 07:23 - 00315904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Gaming.XboxLive.Storage.dll
2017-03-15 08:21 - 2017-03-04 07:23 - 00291840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Search.ProtocolHandler.MAPI2.dll
2017-03-15 08:21 - 2017-03-04 07:23 - 00231936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.LockScreen.dll
2017-03-15 08:21 - 2017-03-04 07:23 - 00184320 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserMgrProxy.dll
2017-03-15 08:21 - 2017-03-04 07:23 - 00172032 _____ (Microsoft Corporation) C:\WINDOWS\system32\netiohlp.dll
2017-03-15 08:21 - 2017-03-04 07:23 - 00102912 _____ (Microsoft Corporation) C:\WINDOWS\system32\appinfo.dll
2017-03-15 08:21 - 2017-03-04 07:22 - 00237568 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncSettings.dll
2017-03-15 08:21 - 2017-03-04 07:22 - 00183296 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFilterHost.exe
2017-03-15 08:21 - 2017-03-04 07:22 - 00117760 _____ (Microsoft Corporation) C:\WINDOWS\system32\AuthBroker.dll
2017-03-15 08:21 - 2017-03-04 07:22 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\DafPrintProvider.dll
2017-03-15 08:21 - 2017-03-04 07:21 - 00670208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.PointOfService.dll
2017-03-15 08:21 - 2017-03-04 07:21 - 00579072 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblAuthManager.dll
2017-03-15 08:21 - 2017-03-04 07:21 - 00483840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.AllJoyn.dll
2017-03-15 08:21 - 2017-03-04 07:21 - 00445952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.UX.EapRequestHandler.dll
2017-03-15 08:21 - 2017-03-04 07:21 - 00196608 _____ (Microsoft Corporation) C:\WINDOWS\system32\tapi32.dll
2017-03-15 08:21 - 2017-03-04 07:20 - 00562176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.SmartCards.dll
2017-03-15 08:21 - 2017-03-04 07:20 - 00534528 _____ (Microsoft Corporation) C:\WINDOWS\system32\PCPTpm12.dll
2017-03-15 08:21 - 2017-03-04 07:20 - 00426496 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneDriveSettingSyncProvider.dll
2017-03-15 08:21 - 2017-03-04 07:20 - 00424960 _____ (Microsoft Corporation) C:\WINDOWS\system32\msutb.dll
2017-03-15 08:21 - 2017-03-04 07:20 - 00386048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.WiFiDirect.dll
2017-03-15 08:21 - 2017-03-04 07:20 - 00325120 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleacc.dll
2017-03-15 08:21 - 2017-03-04 07:20 - 00322560 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpAXHolder.dll
2017-03-15 08:21 - 2017-03-04 07:20 - 00284672 _____ (Microsoft Corporation) C:\WINDOWS\system32\apprepsync.dll
2017-03-15 08:21 - 2017-03-04 07:20 - 00206336 _____ (Microsoft Corporation) C:\WINDOWS\system32\vaultcli.dll
2017-03-15 08:21 - 2017-03-04 07:20 - 00175616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Scanners.dll
2017-03-15 08:21 - 2017-03-04 07:20 - 00161792 _____ (Microsoft Corporation) C:\WINDOWS\system32\certprop.dll
2017-03-15 08:21 - 2017-03-04 07:20 - 00125952 _____ (Microsoft Corporation) C:\WINDOWS\system32\apprepapi.dll
2017-03-15 08:21 - 2017-03-04 07:19 - 00790528 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2017-03-15 08:21 - 2017-03-04 07:19 - 00714752 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssvp.dll
2017-03-15 08:21 - 2017-03-04 07:19 - 00704512 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblGameSave.dll
2017-03-15 08:21 - 2017-03-04 07:19 - 00414208 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2017-03-15 08:21 - 2017-03-04 07:19 - 00390656 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredProvDataModel.dll
2017-03-15 08:21 - 2017-03-04 07:19 - 00318464 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFolder.dll
2017-03-15 08:21 - 2017-03-04 07:19 - 00277504 _____ (Microsoft Corporation) C:\WINDOWS\system32\icsvcext.dll
2017-03-15 08:21 - 2017-03-04 07:19 - 00273920 _____ (Microsoft Corporation) C:\WINDOWS\system32\PrintDialogs3D.dll
2017-03-15 08:21 - 2017-03-04 07:19 - 00214528 _____ (Microsoft Corporation) C:\WINDOWS\system32\ubpm.dll
2017-03-15 08:21 - 2017-03-04 07:18 - 01378304 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2017-03-15 08:21 - 2017-03-04 07:18 - 00828928 _____ (Microsoft Corporation) C:\WINDOWS\system32\XboxNetApiSvc.dll
2017-03-15 08:21 - 2017-03-04 07:18 - 00819200 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppContracts.dll
2017-03-15 08:21 - 2017-03-04 07:18 - 00548352 _____ (Microsoft Corporation) C:\WINDOWS\system32\ddraw.dll
2017-03-15 08:21 - 2017-03-04 07:18 - 00525824 _____ (Microsoft Corporation) C:\WINDOWS\system32\PrintDialogs.dll
2017-03-15 08:21 - 2017-03-04 07:18 - 00517632 _____ (Microsoft Corporation) C:\WINDOWS\system32\FlightSettings.dll
2017-03-15 08:21 - 2017-03-04 07:18 - 00284672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.dll
2017-03-15 08:21 - 2017-03-04 07:18 - 00254464 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssphtb.dll
2017-03-15 08:21 - 2017-03-04 07:18 - 00140800 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssph.dll
2017-03-15 08:21 - 2017-03-04 07:18 - 00074752 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll
2017-03-15 08:21 - 2017-03-04 07:17 - 00827392 _____ (Microsoft Corporation) C:\WINDOWS\system32\iphlpsvc.dll
2017-03-15 08:21 - 2017-03-04 07:17 - 00482304 _____ (Microsoft Corporation) C:\WINDOWS\system32\ipnathlp.dll
2017-03-15 08:21 - 2017-03-04 07:17 - 00425472 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2017-03-15 08:21 - 2017-03-04 07:17 - 00297472 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2017-03-15 08:21 - 2017-03-04 07:17 - 00256512 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2017-03-15 08:21 - 2017-03-04 07:17 - 00218112 _____ (Microsoft Corporation) C:\WINDOWS\system32\sharemediacpl.dll
2017-03-15 08:21 - 2017-03-04 07:16 - 01456640 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2017-03-15 08:21 - 2017-03-04 07:16 - 01013248 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2017-03-15 08:21 - 2017-03-04 07:16 - 00858112 _____ (Microsoft Corporation) C:\WINDOWS\system32\EmailApis.dll
2017-03-15 08:21 - 2017-03-04 07:16 - 00846336 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebcamUi.dll
2017-03-15 08:21 - 2017-03-04 07:16 - 00816640 _____ (Microsoft Corporation) C:\WINDOWS\system32\NaturalLanguage6.dll
2017-03-15 08:21 - 2017-03-04 07:16 - 00711680 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2017-03-15 08:21 - 2017-03-04 07:16 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2017-03-15 08:21 - 2017-03-04 07:16 - 00565248 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2017-03-15 08:21 - 2017-03-04 07:16 - 00561664 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmans.dll
2017-03-15 08:21 - 2017-03-04 07:16 - 00473600 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2017-03-15 08:21 - 2017-03-04 07:16 - 00368128 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiobj.dll
2017-03-15 08:21 - 2017-03-04 07:16 - 00288256 _____ (Microsoft Corporation) C:\WINDOWS\system32\CryptoWinRT.dll
2017-03-15 08:21 - 2017-03-04 07:16 - 00242688 _____ (Microsoft Corporation) C:\WINDOWS\system32\NgcCtnrSvc.dll
2017-03-15 08:21 - 2017-03-04 07:15 - 00336384 _____ (Microsoft Corporation) C:\WINDOWS\system32\azroleui.dll
2017-03-15 08:21 - 2017-03-04 07:14 - 01534464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Printing.3D.dll
2017-03-15 08:21 - 2017-03-04 07:14 - 00236032 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmWmiPl.dll
2017-03-15 08:21 - 2017-03-04 07:14 - 00151552 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXApplicabilityBlob.dll
2017-03-15 08:21 - 2017-03-04 07:13 - 01228288 _____ (Microsoft Corporation) C:\WINDOWS\system32\usercpl.dll
2017-03-15 08:21 - 2017-03-04 07:13 - 01056768 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll
2017-03-15 08:21 - 2017-03-04 07:13 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppointmentApis.dll
2017-03-15 08:21 - 2017-03-04 07:13 - 00653312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.AccountsControl.dll
2017-03-15 08:21 - 2017-03-04 07:13 - 00608768 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
2017-03-15 08:21 - 2017-03-04 07:12 - 01842688 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnidui.dll
2017-03-15 08:21 - 2017-03-04 07:12 - 00884224 _____ (Microsoft Corporation) C:\WINDOWS\HelpPane.exe
2017-03-15 08:21 - 2017-03-04 07:12 - 00818176 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2017-03-15 08:21 - 2017-03-04 07:12 - 00700416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Storage.Search.dll
2017-03-15 08:21 - 2017-03-04 07:11 - 01320448 _____ (Microsoft Corporation) C:\WINDOWS\system32\comsvcs.dll
2017-03-15 08:21 - 2017-03-04 07:11 - 01284096 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdtctm.dll
2017-03-15 08:21 - 2017-03-04 07:11 - 00343552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys
2017-03-15 08:21 - 2017-03-04 07:10 - 01098752 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpsvc.dll
2017-03-15 08:21 - 2017-03-04 07:10 - 00471552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.BackgroundMediaPlayback.dll
2017-03-15 08:21 - 2017-03-04 07:09 - 00343040 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToDevice.dll
2017-03-15 08:21 - 2017-03-04 07:08 - 00713216 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnapps.dll
2017-03-15 08:21 - 2017-03-04 07:07 - 01406976 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationFramework.dll
2017-03-15 08:21 - 2017-03-04 07:07 - 00895488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.dll
2017-03-15 08:21 - 2017-03-04 07:07 - 00085504 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpninprc.dll
2017-03-15 08:21 - 2017-03-04 07:06 - 06109184 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2017-03-15 08:21 - 2017-03-04 07:06 - 05380608 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2017-03-15 08:21 - 2017-03-04 07:06 - 03198464 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
2017-03-15 08:21 - 2017-03-04 07:06 - 01382400 _____ (Microsoft Corporation) C:\WINDOWS\system32\workfolderssvc.dll
2017-03-15 08:21 - 2017-03-04 07:06 - 00090624 _____ (Microsoft Corporation) C:\WINDOWS\system32\olepro32.dll
2017-03-15 08:21 - 2017-03-04 07:05 - 07468544 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2017-03-15 08:21 - 2017-03-04 07:05 - 03520512 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsrchvw.exe
2017-03-15 08:21 - 2017-03-04 07:05 - 00194560 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkFoldersShell.dll
2017-03-15 08:21 - 2017-03-04 07:05 - 00089600 _____ (Microsoft Corporation) C:\WINDOWS\system32\CameraCaptureUI.dll
2017-03-15 08:21 - 2017-03-04 07:05 - 00086016 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkFoldersGPExt.dll
2017-03-15 08:21 - 2017-03-04 07:03 - 02363904 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapRouter.dll
2017-03-15 08:21 - 2017-03-04 07:03 - 02109952 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapGeocoder.dll
2017-03-15 08:21 - 2017-03-04 07:03 - 00400384 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToManager.dll
2017-03-15 08:21 - 2017-03-04 07:03 - 00359936 _____ (Microsoft Corporation) C:\WINDOWS\system32\mtxclu.dll
2017-03-15 08:21 - 2017-03-04 07:02 - 02740224 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll
2017-03-15 08:21 - 2017-03-04 07:02 - 01949696 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2017-03-15 08:21 - 2017-03-04 07:02 - 01485824 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2017-03-15 08:21 - 2017-03-04 07:02 - 01155072 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVP9DEC.dll
2017-03-15 08:21 - 2017-03-04 07:02 - 01004544 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Input.Inking.dll
2017-03-15 08:21 - 2017-03-04 07:02 - 00707072 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
2017-03-15 08:21 - 2017-03-04 07:01 - 03478528 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbon.dll
2017-03-15 08:21 - 2017-03-04 07:01 - 02646528 _____ (Microsoft Corporation) C:\WINDOWS\system32\CertEnroll.dll
2017-03-15 08:21 - 2017-03-04 07:01 - 01993216 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2017-03-15 08:21 - 2017-03-04 07:01 - 01656320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Perception.dll
2017-03-15 08:21 - 2017-03-04 07:01 - 01595904 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2017-03-15 08:21 - 2017-03-04 07:01 - 01571840 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2017-03-15 08:21 - 2017-03-04 07:01 - 01564160 _____ (Microsoft Corporation) C:\WINDOWS\system32\quartz.dll
2017-03-15 08:21 - 2017-03-04 07:01 - 01493504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wpc.dll
2017-03-15 08:21 - 2017-03-04 07:01 - 01293312 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPDMC.exe
2017-03-15 08:21 - 2017-03-04 07:01 - 00941568 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2017-03-15 08:21 - 2017-03-04 07:01 - 00827904 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll
2017-03-15 08:21 - 2017-03-04 07:01 - 00666624 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkfoldersControl.dll
2017-03-15 08:21 - 2017-03-04 07:01 - 00620544 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
2017-03-15 08:21 - 2017-03-04 07:01 - 00566784 _____ (Microsoft Corporation) C:\WINDOWS\system32\ShareHost.dll
2017-03-15 08:21 - 2017-03-04 07:01 - 00094208 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkFolders.exe
2017-03-15 08:21 - 2017-03-04 07:00 - 02483200 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2017-03-15 08:21 - 2017-03-04 07:00 - 01888256 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2017-03-15 08:21 - 2017-03-04 07:00 - 01235968 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2017-03-15 08:21 - 2017-03-04 07:00 - 00862208 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2017-03-15 08:21 - 2017-03-04 07:00 - 00711680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
2017-03-15 08:21 - 2017-03-04 07:00 - 00691200 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2017-03-15 08:21 - 2017-03-04 07:00 - 00529408 _____ (Microsoft Corporation) C:\WINDOWS\system32\spoolsv.exe
2017-03-15 08:21 - 2017-03-04 06:59 - 01252352 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataService.dll
2017-03-15 08:21 - 2017-03-04 06:57 - 03106304 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstsc.exe
2017-03-15 08:21 - 2017-03-04 06:57 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\system32\spaceman.exe
2017-03-15 08:21 - 2016-07-16 02:45 - 00014848 _____ (Microsoft Corporation) C:\WINDOWS\system32\CspCellularSettings.dll
2017-03-15 08:21 - 2016-07-16 02:43 - 00102912 _____ (Microsoft Corporation) C:\WINDOWS\system32\CfgSPCellular.dll
2017-03-15 08:21 - 2016-07-16 02:43 - 00100352 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseAPNCsp.dll
2017-03-15 08:20 - 2017-03-04 08:44 - 00685440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Shell.Broker.dll
2017-03-15 08:20 - 2017-03-04 08:41 - 00078176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\IPMIDrv.sys
2017-03-15 08:20 - 2017-03-04 08:09 - 00497416 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll
2017-03-15 08:20 - 2017-03-04 08:08 - 05999968 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2017-03-15 08:20 - 2017-03-04 08:04 - 01362512 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpmde.dll
2017-03-15 08:20 - 2017-03-04 08:02 - 00184416 _____ (Microsoft Corporation) C:\WINDOWS\system32\IPHLPAPI.DLL
2017-03-15 08:20 - 2017-03-04 08:02 - 00095584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tdx.sys
2017-03-15 08:20 - 2017-03-04 07:56 - 00263472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Storage.ApplicationData.dll
2017-03-15 08:20 - 2017-03-04 07:54 - 00290272 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2017-03-15 08:20 - 2017-03-04 07:53 - 01431232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2017-03-15 08:20 - 2017-03-04 07:53 - 00861024 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2017-03-15 08:20 - 2017-03-04 07:53 - 00781152 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2017-03-15 08:20 - 2017-03-04 07:53 - 00342880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2017-03-15 08:20 - 2017-03-04 07:52 - 00111968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storahci.sys
2017-03-15 08:20 - 2017-03-04 07:51 - 00086360 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvsocket.sys
2017-03-15 08:20 - 2017-03-04 07:51 - 00060768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmbkmcl.sys
2017-03-15 08:20 - 2017-03-04 07:47 - 04023000 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2017-03-15 08:20 - 2017-03-04 07:47 - 01853224 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2017-03-15 08:20 - 2017-03-04 07:47 - 01360456 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetsrc.dll
2017-03-15 08:20 - 2017-03-04 07:47 - 01344448 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsrcsnk.dll
2017-03-15 08:20 - 2017-03-04 07:47 - 01277856 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
2017-03-15 08:20 - 2017-03-04 07:47 - 01202384 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2017-03-15 08:20 - 2017-03-04 07:47 - 01123912 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2017-03-15 08:20 - 2017-03-04 07:47 - 00981376 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetcore.dll
2017-03-15 08:20 - 2017-03-04 07:47 - 00976184 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfds.dll
2017-03-15 08:20 - 2017-03-04 07:47 - 00952416 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2017-03-15 08:20 - 2017-03-04 07:40 - 01967968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2017-03-15 08:20 - 2017-03-04 07:40 - 00306800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.MediaControl.dll
2017-03-15 08:20 - 2017-03-04 07:34 - 00281088 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXTaskFactory.dll
2017-03-15 08:20 - 2017-03-04 07:30 - 01631232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll
2017-03-15 08:20 - 2017-03-04 07:29 - 00039424 _____ (Microsoft Corporation) C:\WINDOWS\system32\XInputUap.dll
2017-03-15 08:20 - 2017-03-04 07:29 - 00020992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mskssrv.sys
2017-03-15 08:20 - 2017-03-04 07:28 - 00224256 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExSMime.dll
2017-03-15 08:20 - 2017-03-04 07:27 - 00275968 _____ (Microsoft Corporation) C:\WINDOWS\system32\accountaccessor.dll
2017-03-15 08:20 - 2017-03-04 07:27 - 00141824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Radios.dll
2017-03-15 08:20 - 2017-03-04 07:27 - 00100864 _____ (Microsoft Corporation) C:\WINDOWS\system32\MediaFoundation.DefaultPerceptionProvider.dll
2017-03-15 08:20 - 2017-03-04 07:26 - 00177664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.Diagnostics.dll
2017-03-15 08:20 - 2017-03-04 07:26 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\system32\BcastDVRHelper.dll
2017-03-15 08:20 - 2017-03-04 07:26 - 00147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\VCardParser.dll
2017-03-15 08:20 - 2017-03-04 07:26 - 00138240 _____ (Microsoft Corporation) C:\WINDOWS\system32\DisplayManager.dll
2017-03-15 08:20 - 2017-03-04 07:26 - 00123904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.HostName.dll
2017-03-15 08:20 - 2017-03-04 07:26 - 00065024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Gaming.UI.GameBar.dll
2017-03-15 08:20 - 2017-03-04 07:26 - 00047104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Shell.Search.UriHandler.dll
2017-03-15 08:20 - 2017-03-04 07:26 - 00025600 _____ (Microsoft Corporation) C:\WINDOWS\system32\netiougc.exe
2017-03-15 08:20 - 2017-03-04 07:25 - 00255488 _____ (Microsoft Corporation) C:\WINDOWS\system32\unimdm.tsp
2017-03-15 08:20 - 2017-03-04 07:25 - 00167936 _____ (Microsoft Corporation) C:\WINDOWS\system32\PimIndexMaintenance.dll
2017-03-15 08:20 - 2017-03-04 07:25 - 00152064 _____ (Microsoft Corporation) C:\WINDOWS\system32\MCCSEngineShared.dll
2017-03-15 08:20 - 2017-03-04 07:25 - 00136192 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinRtTracing.dll
2017-03-15 08:20 - 2017-03-04 07:25 - 00097792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.System.SystemManagement.dll
2017-03-15 08:20 - 2017-03-04 07:25 - 00063488 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshost.dll
2017-03-15 08:20 - 2017-03-04 07:24 - 00330752 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
2017-03-15 08:20 - 2017-03-04 07:24 - 00142336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.WiFi.dll
2017-03-15 08:20 - 2017-03-04 07:24 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.ServiceDiscovery.Dnssd.dll
2017-03-15 08:20 - 2017-03-04 07:24 - 00040448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpipreg.sys
2017-03-15 08:20 - 2017-03-04 07:23 - 00531456 _____ (Microsoft Corporation) C:\WINDOWS\system32\iprtrmgr.dll
2017-03-15 08:20 - 2017-03-04 07:23 - 00506368 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.exe
2017-03-15 08:20 - 2017-03-04 07:23 - 00392192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Gaming.Input.dll
2017-03-15 08:20 - 2017-03-04 07:23 - 00334848 _____ (Microsoft Corporation) C:\WINDOWS\system32\DavSyncProvider.dll
2017-03-15 08:20 - 2017-03-04 07:23 - 00299520 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataAccountApis.dll
2017-03-15 08:20 - 2017-03-04 07:23 - 00242688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Dxpserver.exe
2017-03-15 08:20 - 2017-03-04 07:23 - 00193024 _____ (Microsoft Corporation) C:\WINDOWS\system32\shutdownux.dll
2017-03-15 08:20 - 2017-03-04 07:23 - 00186880 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Flights.dll
2017-03-15 08:20 - 2017-03-04 07:22 - 06534656 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanmm.dll
2017-03-15 08:20 - 2017-03-04 07:22 - 00822784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2017-03-15 08:20 - 2017-03-04 07:22 - 00392704 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanconn.dll
2017-03-15 08:20 - 2017-03-04 07:22 - 00332288 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapConfiguration.dll
2017-03-15 08:20 - 2017-03-04 07:22 - 00212992 _____ (Microsoft Corporation) C:\WINDOWS\system32\cemapi.dll
2017-03-15 08:20 - 2017-03-04 07:22 - 00115712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Core.dll
2017-03-15 08:20 - 2017-03-04 07:21 - 00609280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Import.dll
2017-03-15 08:20 - 2017-03-04 07:21 - 00575488 _____ (Microsoft Corporation) C:\WINDOWS\system32\nshwfp.dll
2017-03-15 08:20 - 2017-03-04 07:21 - 00298496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2017-03-15 08:20 - 2017-03-04 07:21 - 00185856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Identity.Provider.dll
2017-03-15 08:20 - 2017-03-04 07:20 - 13873664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2017-03-15 08:20 - 2017-03-04 07:20 - 00426496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Wallet.dll
2017-03-15 08:20 - 2017-03-04 07:20 - 00332800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Cortana.Desktop.dll
2017-03-15 08:20 - 2017-03-04 07:20 - 00301568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ks.sys
2017-03-15 08:20 - 2017-03-04 07:20 - 00271360 _____ (Microsoft Corporation) C:\WINDOWS\system32\deviceaccess.dll
2017-03-15 08:20 - 2017-03-04 07:20 - 00218624 _____ (Microsoft Corporation) C:\WINDOWS\system32\WwaApi.dll
2017-03-15 08:20 - 2017-03-04 07:19 - 00635904 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2017-03-15 08:20 - 2017-03-04 07:19 - 00615936 _____ (Microsoft Corporation) C:\WINDOWS\system32\internetmail.dll
2017-03-15 08:20 - 2017-03-04 07:19 - 00431616 _____ (Microsoft Corporation) C:\WINDOWS\system32\efswrt.dll
2017-03-15 08:20 - 2017-03-04 07:19 - 00226816 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore6.dll
2017-03-15 08:20 - 2017-03-04 07:19 - 00203264 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsrslvr.dll
2017-03-15 08:20 - 2017-03-04 07:19 - 00181760 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcpipcfg.dll
2017-03-15 08:20 - 2017-03-04 07:19 - 00147968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Cortana.OneCore.dll
2017-03-15 08:20 - 2017-03-04 07:18 - 01231360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcnwiz.dll
2017-03-15 08:20 - 2017-03-04 07:18 - 00747520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Ocr.dll
2017-03-15 08:20 - 2017-03-04 07:18 - 00567808 _____ (Microsoft Corporation) C:\WINDOWS\system32\ChatApis.dll
2017-03-15 08:20 - 2017-03-04 07:18 - 00493056 _____ (Microsoft Corporation) C:\WINDOWS\system32\WlanMediaManager.dll
2017-03-15 08:20 - 2017-03-04 07:18 - 00314368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Usb.dll
2017-03-15 08:20 - 2017-03-04 07:18 - 00253952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2017-03-15 08:20 - 2017-03-04 07:18 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\system32\indexeddbserver.dll
2017-03-15 08:20 - 2017-03-04 07:17 - 02318848 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll
2017-03-15 08:20 - 2017-03-04 07:17 - 00661504 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll
2017-03-15 08:20 - 2017-03-04 07:17 - 00570368 _____ (Microsoft Corporation) C:\WINDOWS\system32\PrintRenderAPIHost.DLL
2017-03-15 08:20 - 2017-03-04 07:17 - 00529920 _____ (Microsoft Corporation) C:\WINDOWS\system32\StructuredQuery.dll
2017-03-15 08:20 - 2017-03-04 07:17 - 00427008 _____ (Microsoft Corporation) C:\WINDOWS\system32\DXP.dll
2017-03-15 08:20 - 2017-03-04 07:17 - 00238080 _____ (Microsoft Corporation) C:\WINDOWS\system32\AboveLockAppHost.dll
2017-03-15 08:20 - 2017-03-04 07:16 - 00968704 _____ (Microsoft Corporation) C:\WINDOWS\system32\Unistore.dll
2017-03-15 08:20 - 2017-03-04 07:16 - 00850432 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasgcw.dll
2017-03-15 08:20 - 2017-03-04 07:16 - 00762880 _____ (Microsoft Corporation) C:\WINDOWS\system32\mprddm.dll
2017-03-15 08:20 - 2017-03-04 07:16 - 00500224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Printing.dll
2017-03-15 08:20 - 2017-03-04 07:16 - 00465920 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppBroker.dll
2017-03-15 08:20 - 2017-03-04 07:16 - 00298496 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascustom.dll
2017-03-15 08:20 - 2017-03-04 07:15 - 18362368 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2017-03-15 08:20 - 2017-03-04 07:15 - 00509440 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2017-03-15 08:20 - 2017-03-04 07:13 - 19411968 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2017-03-15 08:20 - 2017-03-04 07:13 - 04613120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2017-03-15 08:20 - 2017-03-04 07:13 - 01003520 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqqm.dll
2017-03-15 08:20 - 2017-03-04 07:13 - 00699904 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll
2017-03-15 08:20 - 2017-03-04 07:13 - 00675840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.dll
2017-03-15 08:20 - 2017-03-04 07:13 - 00497152 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2017-03-15 08:20 - 2017-03-04 07:13 - 00296960 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2017-03-15 08:20 - 2017-03-04 07:13 - 00256512 _____ (Microsoft Corporation) C:\WINDOWS\system32\thumbcache.dll
2017-03-15 08:20 - 2017-03-04 07:12 - 00901120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Bluetooth.dll
2017-03-15 08:20 - 2017-03-04 07:12 - 00894976 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorDataService.exe
2017-03-15 08:20 - 2017-03-04 07:12 - 00886272 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2017-03-15 08:20 - 2017-03-04 07:12 - 00884224 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2017-03-15 08:20 - 2017-03-04 07:12 - 00395264 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll
2017-03-15 08:20 - 2017-03-04 07:12 - 00144896 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceEnroller.exe
2017-03-15 08:20 - 2017-03-04 07:11 - 01357312 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSPhotography.dll
2017-03-15 08:20 - 2017-03-04 07:11 - 01323008 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_fs.dll
2017-03-15 08:20 - 2017-03-04 07:11 - 01137152 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_health.dll
2017-03-15 08:20 - 2017-03-04 07:11 - 00729600 _____ (Microsoft Corporation) C:\WINDOWS\system32\TabletPC.cpl
2017-03-15 08:20 - 2017-03-04 07:11 - 00073728 _____ (Microsoft Corporation) C:\WINDOWS\system32\tabcal.exe
2017-03-15 08:20 - 2017-03-04 07:10 - 03307008 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2017-03-15 08:20 - 2017-03-04 07:10 - 01077760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Editing.dll
2017-03-15 08:20 - 2017-03-04 07:10 - 00259584 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdtcuiu.dll
2017-03-15 08:20 - 2017-03-04 07:10 - 00151552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Tabbtn.dll
2017-03-15 08:20 - 2017-03-04 07:07 - 12178944 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2017-03-15 08:20 - 2017-03-04 07:07 - 00545280 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmkvsrcsnk.dll
2017-03-15 08:20 - 2017-03-04 07:06 - 00220672 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToReceiver.dll
2017-03-15 08:20 - 2017-03-04 07:05 - 01221120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Audio.dll
2017-03-15 08:20 - 2017-03-04 07:05 - 00134144 _____ (Microsoft Corporation) C:\WINDOWS\system32\ErrorDetails.dll
2017-03-15 08:20 - 2017-03-04 07:04 - 00719872 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_sr.dll
2017-03-15 08:20 - 2017-03-04 07:03 - 06044672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2017-03-15 08:20 - 2017-03-04 07:03 - 03666432 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2017-03-15 08:20 - 2017-03-04 07:03 - 01247232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Globalization.dll
2017-03-15 08:20 - 2017-03-04 07:03 - 00409600 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVSENCD.DLL
2017-03-15 08:20 - 2017-03-04 07:03 - 00049664 _____ (Microsoft Corporation) C:\WINDOWS\system32\MultiDigiMon.exe
2017-03-15 08:20 - 2017-03-04 07:02 - 02138112 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
2017-03-15 08:20 - 2017-03-04 07:02 - 01709056 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActiveSyncProvider.dll
2017-03-15 08:20 - 2017-03-04 07:01 - 02682880 _____ (Microsoft Corporation) C:\WINDOWS\system32\netshell.dll
2017-03-15 08:20 - 2017-03-04 07:01 - 01232384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Maps.dll
2017-03-15 08:20 - 2017-03-04 07:01 - 01154560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Pimstore.dll
2017-03-15 08:20 - 2017-03-04 07:01 - 01013248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.Http.dll
2017-03-15 08:20 - 2017-03-04 07:00 - 02026496 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2017-03-15 08:20 - 2017-03-04 07:00 - 01883648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2017-03-15 08:20 - 2017-03-04 07:00 - 01170944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Phone.dll
2017-03-15 08:20 - 2017-03-04 07:00 - 00850944 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContactApis.dll
2017-03-15 08:20 - 2017-03-04 07:00 - 00751104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.BackgroundTransfer.dll
2017-03-15 08:20 - 2017-03-04 07:00 - 00598528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.dll
2017-03-15 08:20 - 2017-03-04 07:00 - 00348160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Midi.dll
2017-03-15 08:20 - 2017-03-04 06:59 - 00353280 _____ (Microsoft Corporation) C:\WINDOWS\system32\TextInputFramework.dll
2017-03-15 08:20 - 2017-03-04 06:59 - 00206848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll
2017-03-15 08:20 - 2017-03-04 06:57 - 00783360 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWorkspace.dll
2017-03-15 08:20 - 2017-03-04 06:57 - 00375296 _____ (Microsoft Corporation) C:\WINDOWS\system32\wksprt.exe
2017-03-15 08:20 - 2017-03-04 06:57 - 00299008 _____ (Microsoft Corporation) C:\WINDOWS\system32\RADCUI.dll
2017-03-15 08:20 - 2017-02-22 03:03 - 00448285 _____ C:\WINDOWS\system32\ApnDatabase.xml
2017-03-15 08:19 - 2016-05-29 19:38 - 08886976 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneDriveSetup.exe
2017-03-10 11:33 - 2017-03-10 11:33 - 00000000 ____D C:\Users\Klaus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2017-03-22 15:08 - 2015-06-18 19:01 - 00000000 ____D C:\Users\Klaus\AppData\Local\Dropbox
2017-03-22 14:56 - 2016-10-14 10:42 - 01955762 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-03-22 14:56 - 2016-07-16 18:27 - 00701738 _____ C:\WINDOWS\system32\perfh007.dat
2017-03-22 14:56 - 2016-07-16 18:27 - 00158614 _____ C:\WINDOWS\system32\perfc007.dat
2017-03-22 14:55 - 2016-10-14 10:43 - 00000000 ____D C:\Users\Klaus
2017-03-22 14:52 - 2016-11-18 22:19 - 00000000 ____D C:\Users\Klaus\AppData\LocalLow\Mozilla
2017-03-22 14:52 - 2016-07-16 09:29 - 00000000 ____D C:\WINDOWS\AppReadiness
2017-03-22 14:51 - 2015-08-26 08:37 - 00000000 ___RD C:\Users\Klaus\OneDrive
2017-03-22 14:51 - 2012-06-04 18:28 - 00000000 ___RD C:\Users\Klaus\Dropbox
2017-03-22 14:51 - 2010-01-20 17:12 - 00000000 ____D C:\Users\Klaus\AppData\Roaming\Skype
2017-03-22 14:49 - 2016-10-14 11:08 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-03-22 14:48 - 2016-07-16 03:22 - 03670016 _____ C:\WINDOWS\system32\config\BBI
2017-03-22 14:46 - 2016-04-27 11:18 - 00000000 ____D C:\Users\Klaus\AppData\LocalLow\Temp
2017-03-22 13:46 - 2016-10-14 10:37 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2017-03-21 11:21 - 2015-03-09 18:47 - 00000000 ____D C:\Program Files\TeamViewer
2017-03-21 11:20 - 2014-04-12 12:25 - 00000000 ____D C:\AdwCleaner
2017-03-21 11:19 - 2016-05-23 09:13 - 00000000 ____D C:\Program Files\iolo
2017-03-21 11:19 - 2015-11-30 16:17 - 00000000 ____D C:\Program Files\Yahoo!
2017-03-21 10:32 - 2016-07-16 09:29 - 00000000 ___HD C:\Program Files\WindowsApps
2017-03-18 16:12 - 2013-12-22 14:21 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2017-03-18 16:08 - 2016-07-16 09:28 - 00000000 ____D C:\WINDOWS\INF
2017-03-18 16:07 - 2016-10-14 10:46 - 00000000 ____D C:\WINDOWS\system32\config\bbimigrate
2017-03-18 16:07 - 2016-07-16 09:29 - 00000000 ____D C:\WINDOWS\system32\config\Journal
2017-03-17 19:59 - 2016-07-16 09:29 - 00000000 ____D C:\WINDOWS\system32\appraiser
2017-03-17 19:59 - 2016-07-16 09:19 - 00000000 ____D C:\WINDOWS\CbsTemp
2017-03-16 19:04 - 2016-07-16 09:29 - 00000000 ____D C:\WINDOWS\rescache
2017-03-16 17:55 - 2014-03-01 12:30 - 00000000 ____D C:\Users\Klaus\Documents\tax
2017-03-16 17:38 - 2014-03-01 11:56 - 00000000 ____D C:\ProgramData\Buhl Data Service GmbH
2017-03-16 17:36 - 2014-03-01 12:04 - 00000000 ____D C:\Users\Klaus\AppData\Local\Buhl
2017-03-16 17:32 - 2014-03-01 12:00 - 00000000 ____D C:\Program Files\Buhl finance
2017-03-16 17:32 - 2009-09-16 22:48 - 00000000 ___HD C:\Program Files\InstallShield Installation Information
2017-03-16 17:30 - 2014-05-20 09:20 - 00000000 ____D C:\ProgramData\Package Cache
2017-03-15 17:46 - 2015-08-26 08:30 - 00000000 __RHD C:\Users\Public\AccountPictures
2017-03-15 17:42 - 2016-10-14 10:36 - 00380912 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2017-03-15 17:42 - 2010-01-18 17:06 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2017-03-15 17:40 - 2016-07-16 09:29 - 00000000 ____D C:\WINDOWS\system32\setup
2017-03-15 17:40 - 2016-07-16 09:29 - 00000000 ____D C:\WINDOWS\system32\oobe
2017-03-15 17:39 - 2016-07-16 09:29 - 00000000 ___RD C:\WINDOWS\PrintDialog
2017-03-15 17:39 - 2016-07-16 09:29 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2017-03-15 17:39 - 2016-07-16 09:29 - 00000000 ___RD C:\Program Files\Windows Defender
2017-03-15 17:39 - 2016-07-16 09:29 - 00000000 ____D C:\WINDOWS\ShellExperiences
2017-03-15 17:39 - 2016-07-16 09:29 - 00000000 ____D C:\WINDOWS\bcastdvr
2017-03-15 17:39 - 2016-07-16 09:29 - 00000000 ____D C:\Program Files\Windows Photo Viewer
2017-03-15 09:33 - 2013-08-14 17:12 - 00000000 ____D C:\WINDOWS\system32\MRT
2017-03-15 09:28 - 2010-03-20 09:45 - 135706696 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-03-15 09:17 - 2010-11-18 18:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2017-03-13 13:05 - 2012-06-17 15:52 - 00000425 _____ C:\WINDOWS\BRWMARK.INI
2017-03-13 13:05 - 2012-06-17 15:52 - 00000027 _____ C:\WINDOWS\BRPP2KA.INI
2017-03-10 11:33 - 2012-06-04 18:27 - 00000000 ____D C:\Users\Klaus\AppData\Roaming\Dropbox
2017-03-10 06:17 - 2016-07-16 09:31 - 00835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe
2017-03-10 06:17 - 2016-07-16 09:31 - 00177656 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl
2017-03-05 10:43 - 2012-04-10 17:21 - 00000884 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2017-02-28 10:46 - 2010-03-19 20:59 - 00407720 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2017-02-23 19:43 - 2015-10-31 12:36 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2014-03-06 15:16 - 2009-08-06 13:43 - 0006733 _____ () C:\Users\Klaus\AppData\Roaming\abspann_datev_idea.gif
2014-03-06 15:16 - 2008-06-02 10:57 - 0000291 _____ () C:\Users\Klaus\AppData\Roaming\lastscreen.html
2014-03-06 15:16 - 2009-08-13 14:32 - 0000105 _____ () C:\Users\Klaus\AppData\Roaming\lastscreen.ikf
2010-06-10 19:08 - 2013-08-16 08:19 - 0040960 _____ () C:\Users\Klaus\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-03-06 15:16 - 2014-03-06 18:07 - 0004672 _____ () C:\Users\Klaus\AppData\Local\EmptySettings.xml
2013-02-13 12:01 - 2013-02-13 12:01 - 0004096 ____H () C:\Users\Klaus\AppData\Local\keyfile3.drm
2016-10-14 10:39 - 2016-10-14 10:39 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2010-01-20 17:17 - 2010-01-20 17:17 - 0000056 ____H () C:\ProgramData\ezsidmv.dat
2010-01-18 16:50 - 2009-08-17 06:54 - 0131368 _____ () C:\ProgramData\FullRemove.exe
2009-09-16 23:05 - 2009-09-16 23:05 - 0000109 _____ () C:\ProgramData\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}.log
2009-09-16 23:03 - 2009-09-16 23:03 - 0000106 _____ () C:\ProgramData\{2BF2E31F-B8BB-40A7-B650-98D28E0F7D47}.log
2009-09-16 23:00 - 2009-09-16 23:00 - 0000105 _____ () C:\ProgramData\{40BF1E83-20EB-11D8-97C5-0009C5020658}.log
2009-09-16 23:04 - 2009-09-16 23:04 - 0000110 _____ () C:\ProgramData\{B7A0CE06-068E-11D6-97FD-0050BACBF861}.log
2009-09-16 22:59 - 2009-09-16 22:59 - 0000107 _____ () C:\ProgramData\{C59C179C-668D-49A9-B6EA-0121CCFC1243}.log
2009-09-16 23:01 - 2009-09-16 23:03 - 0000110 _____ () C:\ProgramData\{CB099890-1D5F-11D5-9EA9-0050BAE317E1}.log

==================== Bamital & volsnap ======================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert

LastRegBack: 2017-03-16 18:01

==================== Ende vom FRST.txt ============================
         

Alt 22.03.2017, 15:20   #10
bütti
 
Löschung von McAfee resten - Standard

Löschung von McAfee resten



4.Datei:Addition Editor

Code:
ATTFilter
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x86) Version: 15-03-2017
durchgeführt von Klaus (22-03-2017 15:08:52)
Gestartet von C:\Users\Klaus\Desktop
Microsoft Windows 10 Home Version 1607 (X86) (2016-10-14 10:17:07)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-1016556084-3091970497-507946437-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1016556084-3091970497-507946437-503 - Limited - Disabled)
Gast (S-1-5-21-1016556084-3091970497-507946437-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1016556084-3091970497-507946437-1002 - Limited - Enabled)
Klaus (S-1-5-21-1016556084-3091970497-507946437-1001 - Administrator - Enabled) => C:\Users\Klaus

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

[verify-U] AVS 2.1.9 (HKLM\...\[verify-U] AVS) (Version: 2.1.9 - :cybits: GmbH)
2007 Microsoft Office system (HKLM\...\PROHYBRIDR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Adobe Acrobat Reader DC - Deutsch (HKLM\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.023.20070 - Adobe Systems Incorporated)
Adobe Flash Player 24 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 24.0.0.194 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.0 (HKLM\...\Adobe Shockwave Player) (Version: 12.0.0.112 - Adobe Systems, Inc.)
Alice Greenfingers (HKLM\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-112920767}) (Version:  - Oberon Media)
ANT Drivers Installer x86 (Version: 2.3.4 - Garmin Ltd or its subsidiaries) Hidden
Apple Application Support (HKLM\...\{A922C4B7-50E0-4787-A94C-59DBF3C65DBE}) (Version: 3.0 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{0592EF96-69D8-4E4B-9CC9-88F58EA86F01}) (Version: 7.0.0.117 - Apple Inc.)
Apple Software Update (HKLM\...\{C6579A65-9CAE-4B31-8B6B-3306E0630A66}) (Version: 2.1.3.127 - Apple Inc.)
Atheros Client Installation Program (HKLM\...\{D1434266-0486-4469-B338-A60082CC04E1}) (Version: 1.0.1.0805 - Atheros)
ATI Catalyst Install Manager (HKLM\...\{6848704E-C8D4-4F4F-9181-5926D4A11E98}) (Version: 3.0.741.0 - ATI Technologies, Inc.)
AVS Update Manager 1.0 (HKLM\...\AVS Update Manager_is1) (Version:  - Online Media Technologies Ltd.)
AVS Video Editor 6 (HKLM\...\AVS Video Editor_is1) (Version: 6.3.2.234 - Online Media Technologies Ltd.)
AVS YouTube Uploader version 2.1 (HKLM\...\AVS YouTube Uploader 2.1_is1) (Version:  - Online Media Technologies Ltd.)
AVS4YOU Software Navigator 1.3 (HKLM\...\AVS4YOU Software Navigator_is1) (Version:  - Online Media Technologies Ltd.)
B1315AppGuid (Version: 1.0.0 - DATEV eG) Hidden
BatteryLifeExtender (HKLM\...\{AA16A9E5-40E9-44F5-801E-6B3D3CFE79E5}) (Version: 1.0.0 - Samsung)
Bonjour (HKLM\...\{79155F2B-9895-49D7-8612-D92580E0DE5B}) (Version: 3.0.0.10 - Apple Inc.)
Brother MFL-Pro Suite MFC-5490CN (HKLM\...\{48D082B9-18F6-4426-AFAC-8B6A3E7021B1}) (Version: 1.0.1.0 - Brother Industries, Ltd.)
ccc-core-static (Version: 2009.0901.2227.38495 - ATI) Hidden
ChargeableUSB (HKLM\...\{92D50865-FC60-4EA8-BA7A-5581B0D13EFB}) (Version: 1.0.0.0 - SAMSUNG)
chip 1-click download service (HKLM\...\{503CA94E-0834-4CEE-AD92-BA17AF4E809A}) (Version: 3.6.9.0 - Chip Digital GmbH)
Corel Snapfire (HKLM\...\{0EE4030A-8FD4-4798-A21D-17E525B1F7CF}) (Version: 1.20.0000 - Corel Corporation)
CyberLink DVD Suite (HKLM\...\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 6.0.2806 - CyberLink Corp.)
CyberLink LabelPrint (HKLM\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.1916 - CyberLink Corp.)
CyberLink Power2Go (HKLM\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.0.3108a - CyberLink Corp.)
CyberLink PowerDirector (HKLM\...\InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 7.0.3213 - CyberLink Corp.)
CyberLink PowerDVD 8 (HKLM\...\InstallShield_{2BF2E31F-B8BB-40A7-B650-98D28E0F7D47}) (Version: 8.0.2815b - CyberLink Corp.)
CyberLink PowerProducer (HKLM\...\InstallShield_{B7A0CE06-068E-11D6-97FD-0050BACBF861}) (Version: 5.0.1.1812 - CyberLink Corp.)
CyberLink YouCam (HKLM\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 2.0.2907 - CyberLink Corp.)
Dairy Dash (HKLM\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-115053100}) (Version:  - Oberon Media)
DATEV Installation V.2.73 (HKLM\...\DATEVB00000482.0) (Version:  - )
Dropbox (HKU\S-1-5-21-1016556084-3091970497-507946437-1001\...\Dropbox) (Version: 21.4.25 - Dropbox, Inc.)
Easy Display Manager (HKLM\...\{17283B95-21A8-4996-97DA-547A48DB266F}) (Version: 3.0 - Samsung Electronics Co., Ltd.)
Easy Network Manager (HKLM\...\{B660E0D0-A8CB-45A7-96FB-93E8C915A0B2}) (Version: 4.2.4 - Samsung)
Easy SpeedUp Manager (HKLM\...\{EF367AA4-070B-493C-9575-85BE59D789C9}) (Version: 3.0.0.4 - Samsung Electronics Co.,Ltd.)
EasyBatteryManager (HKLM\...\{178EE5F4-0F86-4BF0-A0D1-9790AFF409D1}) (Version: 4.0.0.2 - Samsung)
Elevated Installer (Version: 5.1.1.0 - Garmin Ltd or its subsidiaries) Hidden
Elf Bowling Hawaiian Vacation (HKLM\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-115246907}) (Version:  - Oberon Media)
Farm Frenzy 2 (HKLM\...\{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-11531173}) (Version:  - Oberon Media)
Firebird SQL Server - MAGIX Edition (HKLM\...\{34EB6245-C8D0-4D8A-B8D8-EEBFF7A91485}) (Version: 2.1.27.0 - MAGIX AG)
Foxit Reader 5.1 (HKLM\...\Foxit Reader_is1) (Version: 5.1.4.104 - Foxit Corporation)
Free Mp3 Wma Converter V 1.9 (HKLM\...\Free Mp3 Wma Converter_is1) (Version: 1.9.0.0 - Koyote Soft)
Game Pack (HKLM\...\{63eafc52-b963-4297-a7eb-d412944e7065}_is1) (Version: 5.3.0.10 - Oberon Media, Inc.)
Garmin Express (HKLM\...\{9fbf4745-0038-4ed3-aee1-87af9b9ef8f1}) (Version: 5.1.1.0 - Garmin Ltd or its subsidiaries)
Garmin Express (Version: 5.1.1.0 - Garmin Ltd or its subsidiaries) Hidden
Garmin Express Tray (Version: 5.1.1.0 - Garmin Ltd or its subsidiaries) Hidden
Garmin Training Center (HKLM\...\{078C3718-6621-4FC8-B03A-502FFF83F600}) (Version: 3.5.3 - Garmin Ltd or its subsidiaries)
Garmin USB Drivers (HKLM\...\{65F9E1F3-A2C1-4AA9-9F33-A3AEB0255F0E}) (Version: 2.3.0.0 - Garmin Ltd or its subsidiaries)
Google Chrome (HKLM\...\Google Chrome) (Version: 33.0.1750.154 - Google Inc.)
Google Earth (HKLM\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Toolbar for Internet Explorer (HKLM\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version:  - Google Inc.)
Google Toolbar for Internet Explorer (Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (Version: 1.3.23.9 - Google Inc.) Hidden
Google Update Helper (Version: 1.3.26.9 - Google Inc.) Hidden
Google+ Auto Backup (HKLM\...\{A50DE037-B5C0-4C8A-8049-B0C576B313D1}) (Version: 1.0.21.81 - Google)
Intel® Matrix Storage Manager (HKLM\...\{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}) (Version:  - Intel Corporation)
IrfanView (remove only) (HKLM\...\IrfanView) (Version: 4.28 - Irfan Skiljan)
iTunes (HKLM\...\{C197BC08-3D82-4651-8886-E68C21578A38}) (Version: 11.1.3.8 - Apple Inc.)
Java 8 Update 73 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83218073F0}) (Version: 8.0.730.2 - Oracle Corporation)
Junk Mail filter update (Version: 14.0.8089.726 - Microsoft Corporation) Hidden
LogMeIn (HKLM\...\{34F93E31-E1A0-421C-8E86-BCF7C4193A91}) (Version: 4.0.982 - LogMeIn, Inc.)
LSI HDA Modem (HKLM\...\LSI Soft Modem) (Version: 2.2.97 - LSI Corporation)
MAGIX Filme auf DVD 9 Download-Version 9.0.0.12 (D) (HKLM\...\MAGIX Filme auf DVD 9 Download-Version D) (Version: 9.0.0.12 - MAGIX AG)
MAGIX Screenshare (HKLM\...\MAGIX Screenshare D) (Version: 4.3.6.1987 - MAGIX AG)
Marvell Miniport Driver (HKLM\...\Marvell Miniport Driver) (Version: 10.70.3.3 - Marvell)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office Enterprise 2007 (HKLM\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Live Add-in 1.5 (HKLM\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office Outlook Connector (HKLM\...\{95120000-0122-0407-0000-0000000FF1CE}) (Version: 12.0.6423.1000 - Microsoft Corporation)
Microsoft Office Professional Edition 2003 (HKLM\...\{90110407-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft Office Small Business Connectivity Components (HKLM\...\{A939D341-5A04-4E0A-BB55-3E65B386432D}) (Version: 2.0.7024.0 - Microsoft Corporation)
Microsoft Office Suite Activation Assistant (HKLM\...\{E50AE784-FABE-46DA-A1F8-7B6B56DCB22E}) (Version: 2.9 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1016556084-3091970497-507946437-1001\...\OneDriveSetup.exe) (Version: 17.3.6798.0207 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50905.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server Native Client (HKLM\...\{F46E21DF-5BE1-48E2-8390-5EEA8B25E36A}) (Version: 9.00.5000.00 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM\...\{4fcf070a-daac-45e9-a8b0-6850941f7ed8}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24212 (HKLM\...\{462f63a8-6347-4894-a1b3-dbfe3a4c981d}) (Version: 14.0.24212.0 - Microsoft Corporation)
Mozilla Firefox 52.0.1 (x86 de) (HKLM\...\Mozilla Firefox 52.0.1 (x86 de)) (Version: 52.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 52.0.1.6284 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
Namuga 1.3M Webcam (HKLM\...\{71A51B59-E7D3-11DB-A386-005056C00008}) (Version: 1.00.0000 - Vimicro Corporation)
PaperPort Image Printer (HKLM\...\{2BC2781A-F7F6-452E-95EB-018A522F1B2C}) (Version: 1.00.0000 - Nuance Communications, Inc.)
PC Speed Repair (HKLM\...\{75EF0384-FE3A-470D-B2C9-F6CAA6387ED6}) (Version: 2.4.7 - ShieldApps)
PDF24 Creator 7.9.0 (HKLM\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version:  - PDF24.org)
Picasa 3 (HKLM\...\Picasa 3) (Version: 3.9 - Google, Inc.)
PMB (HKLM\...\{B6A98E5F-D6A7-46FB-9E9D-1F7BF443491C}) (Version: 5.2.00.03250 - Sony Corporation)
QuickTime (HKLM\...\{B67BAFBA-4C9F-48FA-9496-933E3B255044}) (Version: 7.74.80.86 - Apple Inc.)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7535 - Realtek Semiconductor Corp.)
REALTEK Wireless LAN Software (HKLM\...\{F2BC3383-F000-410C-A038-3846ADBE8D90}) (Version: 1.01.0088 - REALTEK Semiconductor Corp.)
Samsung Recovery Solution 4 (HKLM\...\{145DE957-0679-4A2A-BB5C-1D3E9808FAB2}) (Version: 4.0.0.6 - Samsung)
Samsung Support Center (HKLM\...\{4D2121FE-5CCC-4D47-B3A0-BF56045A5099}) (Version: 1.0.1 - Samsung)
Samsung Update Plus (HKLM\...\{D3F2FAA5-FEC4-42AA-9ABA-1F763919A2B5}) (Version: 2.0 - Samsung Electronics Co., Ltd.)
ScanSoft PaperPort 11 (HKLM\...\{02570AE0-BEE0-4A6C-BE3F-D806E9F2EA17}) (Version: 11.2.0000 - Nuance Communications, Inc.)
Skype Click to Call (HKLM\...\{873F8E7C-10E6-449F-BD7E-5FBA7C8E1C9B}) (Version: 8.5.0.9167 - Microsoft Corporation)
Skype™ 7.30 (HKLM\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.30.105 - Skype Technologies S.A.)
Spybot - Search & Destroy (HKLM\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.2.25 - Safer-Networking Ltd.)
SQLXML4 (HKLM\...\{B4FC780C-94E2-41CB-970D-4B61C1905E5E}) (Version: 9.00.4035.00 - Microsoft Corporation)
StarBurn Version 12r10 (Build 0x20091021) (HKLM\...\StarBurn_is1) (Version:  - Rocket Division Software) <==== ACHTUNG
swMSM (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 13.2.4.12 - Synaptics Incorporated)
t@x 2014 (HKU\S-1-5-21-1016556084-3091970497-507946437-1001\...\{2547CF96-DBB7-4EDD-9327-0EFDD0D1FA8A}) (Version: 21.00.8480 - Buhl Data Service GmbH)
tax 2015 (HKLM\...\{4CF96070-DEE5-43B5-B6A7-23AC07BC0C77}) (Version: 22.00.8811 - Buhl Data Service GmbH)
tax 2016 (HKLM\...\{30E85B0C-57D8-4ECE-814B-264550A92FAB}) (Version: 23.00.1146 - Buhl Data Service GmbH)
tax 2017 (HKLM\...\{B0AB97B4-F1E7-4CD6-A93B-1ADC1A4E19E8}) (Version: 24.00.1375 - Buhl Data Service GmbH)
TeamViewer 10 (HKLM\...\TeamViewer) (Version: 10.0.47484 - TeamViewer)
Try Corel Snapfire muvee autoProducer add on (Version: 1.00.0000 - Ihr Firmenname) Hidden
Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM\...\{90120000-0016-0407-0000-0000000FF1CE}_ENTERPRISE_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version:  - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM\...\{90120000-0016-0407-0000-0000000FF1CE}_PROHYBRIDR_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version:  - Microsoft)
Update für Microsoft Office Outlook 2007 Help (KB963677) (HKLM\...\{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{F6828576-6F79-470D-AB50-69D1BBADBD30}) (Version:  - Microsoft)
Update für Microsoft Office Outlook 2007 Help (KB963677) (HKLM\...\{90120000-001A-0407-0000-0000000FF1CE}_PROHYBRIDR_{F6828576-6F79-470D-AB50-69D1BBADBD30}) (Version:  - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM\...\{90120000-0018-0407-0000-0000000FF1CE}_ENTERPRISE_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version:  - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM\...\{90120000-0018-0407-0000-0000000FF1CE}_PROHYBRIDR_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version:  - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (HKLM\...\{90120000-001B-0407-0000-0000000FF1CE}_ENTERPRISE_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version:  - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (HKLM\...\{90120000-001B-0407-0000-0000000FF1CE}_PROHYBRIDR_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version:  - Microsoft)
User Guide (HKLM\...\{BAE68339-B0F6-4D33-9554-5A3DB2DFF5DA}) (Version: 1.0 - )
VLC media player 1.0.3 (HKLM\...\VLC media player) (Version: 1.0.3 - VideoLAN Team)
WEB.DE MailCheck für Windows (HKLM\...\1&1 Mail & Media GmbH Toolbar IE8) (Version: 2.6.9.0 - 1&1 Mail & Media GmbH)
WEB.DE Softwareaktualisierung (HKLM\...\1&1 Mail & Media GmbH 1und1Softwareaktualisierung) (Version: 4.0.3.0 - 1&1 Mail & Media GmbH)
Windows Driver Package - Dynastream Innovations (libusb0) LibUsbDevices  (07/07/2009 1.12.2) (HKLM\...\24DA573F901348FFDFF7717497830D45BE0C362E) (Version: 07/07/2009 1.12.2 - Dynastream Innovations)
Windows Driver Package - Garmin (grmnusb) GARMIN Devices  (06/03/2009 2.3.0.0) (HKLM\...\49CF605F02C7954F4E139D18828DE298CD59217C) (Version: 06/03/2009 2.3.0.0 - Garmin)
Windows Live Anmelde-Assistent (HKLM\...\{52B97218-98CB-4B8B-9283-D213C85E1AA4}) (Version: 5.000.818.5 - Microsoft Corporation)
Windows Live Essentials (HKLM\...\WinLiveSuite_Wave3) (Version: 14.0.8089.0726 - Microsoft Corporation)
Windows Live Sync (HKLM\...\{76618402-179D-4699-A66B-D351C59436BC}) (Version: 14.0.8089.726 - Microsoft Corporation)
Windows Live-Uploadtool (HKLM\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation)
Windows-Treiberpaket - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201) (HKLM\...\F9D2A789F9CFF8CEC36B544F53877C80F1F73C46) (Version: 04/11/2012 1.2.40.201 - Dynastream Innovations, Inc.)
Windows-Treiberpaket - Silicon Labs Software (DSI_SiUSBXp_3_1) USB  (02/06/2007 3.1) (HKLM\...\D1506E0025B5A3F9EB8270FE81C1EEDD9388B8A2) (Version: 02/06/2007 3.1 - Silicon Labs Software)
WinRAR (HKLM\...\WinRAR archiver) (Version:  - )

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-1016556084-3091970497-507946437-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Klaus\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1016556084-3091970497-507946437-1001_Classes\CLSID\{039B2CA5-3B41-4D93-AD77-47D3293FC5CB}\InprocServer32 -> C:\Program Files\Skype\Plugin Manager\ezPMUtils.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1016556084-3091970497-507946437-1001_Classes\CLSID\{04EBE69E-2DED-44F6-9854-9A3988F751ED}\InprocServer32 -> C:\Users\Klaus\AppData\Local\Dropbox\Update\1.3.51.1\psuser.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1016556084-3091970497-507946437-1001_Classes\CLSID\{0A368B9B-3566-4730-B40E-EAF6858A53AF}\InprocServer32 -> C:\Users\Klaus\AppData\Local\Dropbox\Update\1.3.27.33\psuser.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1016556084-3091970497-507946437-1001_Classes\CLSID\{2027D000-8CEB-4191-9620-15DD2561855F}\InprocServer32 -> C:\Users\Klaus\AppData\Local\Dropbox\Update\1.3.57.1\psuser.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1016556084-3091970497-507946437-1001_Classes\CLSID\{3059C9E6-9EDC-4C89-933E-C65623F8FD60}\localserver32 -> C:\Users\Klaus\AppData\Local\Dropbox\Update\DropboxUpdate.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1016556084-3091970497-507946437-1001_Classes\CLSID\{42481700-CF3C-4D05-8EC6-F9A1C57E8DC0}\InprocServer32 -> C:\Program Files\Skype\Plugin Manager\ezPMUtils.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1016556084-3091970497-507946437-1001_Classes\CLSID\{449CFB1B-1C07-48EA-9A9A-7A7881C2B49B}\InprocServer32 -> C:\Users\Klaus\AppData\Local\Dropbox\Update\1.3.59.1\psuser.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1016556084-3091970497-507946437-1001_Classes\CLSID\{6d05bf60-3eaf-4a97-87c5-10cce505435b}\localserver32 -> C:\Users\Klaus\AppData\Local\Temp\{9c0ba3c1-2b67-45eb-bf69-bed9658d28d2}\IDriver.NonElevated.exe =>  (Der Dateneintrag hat 11 mehr Zeichen).
CustomCLSID: HKU\S-1-5-21-1016556084-3091970497-507946437-1001_Classes\CLSID\{87DC457B-B35D-48AC-BD42-BDF35EF623CE}\localserver32 -> C:\Users\Klaus\AppData\Local\Dropbox\Update\1.3.59.1\DropboxUpdateOnDemand.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1016556084-3091970497-507946437-1001_Classes\CLSID\{9FAA38ED-5635-44F7-9BE0-8CAFE29B3783}\localserver32 -> C:\Users\Klaus\AppData\Local\Dropbox\Update\1.3.59.1\DropboxUpdateOnDemand.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1016556084-3091970497-507946437-1001_Classes\CLSID\{BB6410D8-F879-4184-9C5C-6A02D16AE0B3}\InprocServer32 -> C:\Program Files\Skype\Plugin Manager\ezPMUtils.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1016556084-3091970497-507946437-1001_Classes\CLSID\{C0DD324D-A74F-4533-84AD-030F76771C77}\localserver32 -> C:\Users\Klaus\AppData\Local\Dropbox\Update\1.3.59.1\DropboxUpdateOnDemand.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1016556084-3091970497-507946437-1001_Classes\CLSID\{C32E3EEC-3C10-426E-95F3-38C7F139FADD}\localserver32 -> C:\Users\Klaus\AppData\Local\Dropbox\Update\1.3.59.1\DropboxUpdateOnDemand.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1016556084-3091970497-507946437-1001_Classes\CLSID\{CA1073A2-5F3F-4445-8E5E-7109BDCEDDBE}\InprocServer32 -> C:\Program Files\Skype\Plugin Manager\ezPMUtils.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1016556084-3091970497-507946437-1001_Classes\CLSID\{D0D38C6E-BF64-4C42-840D-3E0019D9F7A6}\InprocServer32 -> C:\Program Files\Skype\Plugin Manager\ezPMUtils.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1016556084-3091970497-507946437-1001_Classes\CLSID\{D166BD15-03AF-413A-BEFD-0679FF410B49}\InprocServer32 -> C:\Users\Klaus\AppData\Local\Dropbox\Update\1.3.27.29\psuser.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1016556084-3091970497-507946437-1001_Classes\CLSID\{D5A55D2D-C59D-42C3-A5BF-4C08EEE74339}\InprocServer32 -> C:\Program Files\Skype\Plugin Manager\ezPMUtils.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1016556084-3091970497-507946437-1001_Classes\CLSID\{E7A37920-253C-4FF1-B169-298A7CE6CAA9}\localserver32 -> C:\Users\Klaus\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1016556084-3091970497-507946437-1001_Classes\CLSID\{ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C}\InprocServer32 -> C:\Users\Klaus\AppData\Roaming\Dropbox\bin\DropboxExt.14.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1016556084-3091970497-507946437-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Klaus\AppData\Roaming\Dropbox\bin\DropboxExt.14.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1016556084-3091970497-507946437-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Klaus\AppData\Roaming\Dropbox\bin\DropboxExt.14.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1016556084-3091970497-507946437-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Klaus\AppData\Roaming\Dropbox\bin\DropboxExt.14.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1016556084-3091970497-507946437-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Klaus\AppData\Roaming\Dropbox\bin\DropboxExt.14.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1016556084-3091970497-507946437-1001_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Klaus\AppData\Roaming\Dropbox\bin\DropboxExt.14.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1016556084-3091970497-507946437-1001_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Klaus\AppData\Roaming\Dropbox\bin\DropboxExt.14.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1016556084-3091970497-507946437-1001_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Klaus\AppData\Roaming\Dropbox\bin\DropboxExt.14.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1016556084-3091970497-507946437-1001_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Klaus\AppData\Roaming\Dropbox\bin\DropboxExt.14.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1016556084-3091970497-507946437-1001_Classes\CLSID\{FB314EE1-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Klaus\AppData\Roaming\Dropbox\bin\DropboxExt.14.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1016556084-3091970497-507946437-1001_Classes\CLSID\{FB314EE2-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Klaus\AppData\Roaming\Dropbox\bin\DropboxExt.14.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1016556084-3091970497-507946437-1001_Classes\CLSID\{FBC9D74C-AF55-4309-9FB2-C426E071637F}\InprocServer32 -> C:\Users\Klaus\AppData\Roaming\Dropbox\bin\DropboxExt.14.0.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1016556084-3091970497-507946437-1001_Classes\CLSID\{FE819BE5-BADF-4370-9913-6FB84ABA6FB1}\InprocServer32 -> C:\Users\Klaus\AppData\Local\Dropbox\Update\1.3.59.1\psuser.dll (Dropbox, Inc.)

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {0795DF25-C56A-4D8B-BA63-A2C599FCE5A8} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => %SystemRoot%\ehome\ehPrivJob.exe 
Task: {097873EF-C53A-4071-9A79-F3D901D0E1D2} - System32\Tasks\OneDrive Standalone Update Task => C:\Users\Klaus\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\OneDriveStandaloneUpdater.exe 
Task: {1230973C-2DCB-4EC8-AFB4-D282BBF7A90C} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-1016556084-3091970497-507946437-1001Core1d23a61c29ba9b => C:\Users\Klaus\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2016-11-09] (Dropbox, Inc.)
Task: {198A6903-7142-4352-9B9D-BBA22660644C} - System32\Tasks\CreateChoiceProcessTask => C:\Windows\System32\browserchoice.exe 
Task: {1A90A8B3-2B42-4620-B9E9-8F360369FD1A} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => %SystemRoot%\ehome\mcupdate.exe 
Task: {22FC3F00-07C5-4DE1-9F84-EEB9702DF954} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => %SystemRoot%\ehome\ehrec.exe 
Task: {2305DEF5-962C-43C2-B137-6BA272EB80A9} - System32\Tasks\EasySpeedUpManager => C:\Program Files\SAMSUNG\EasySpeedUpManager\EasySpeedUpManager.exe [2009-08-23] (Samsung Electronics Co., Ltd.)
Task: {2E8BC9B0-BDB9-4E9F-A4F9-D6B8AC6C9FFE} - System32\Tasks\GarminUpdaterTask => C:\Program Files\Garmin\Express SelfUpdater\ExpressSelfUpdater.exe [2017-01-16] ()
Task: {30829DA0-1BAA-4F47-BF9E-E7F6ED0FC545} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => %SystemRoot%\ehome\ehPrivJob.exe 
Task: {35787037-8448-42A7-80B0-2084FA4E35F4} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG
Task: {36E6601D-B561-4F31-BED3-4ECDFDFFEFA5} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei <==== ACHTUNG
Task: {3BEA1269-71AA-491F-B309-219AE332725E} - System32\Tasks\EasyBatteryManager => C:\Program Files\Samsung\EasyBatteryManager\EasyBatteryMgr4.exe [2009-08-01] (SAMSUNG Electronics co., LTD.)
Task: {3E6EAA52-AA76-4F97-8A46-E061DD041269} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Keine Datei <==== ACHTUNG
Task: {40AE5E88-810B-4C52-9DC7-2FA010522BA5} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => %SystemRoot%\ehome\mcupdate.exe 
Task: {43DD993F-00A1-46EB-945C-774807C5125A} - System32\Tasks\{4EE692CD-843A-4815-A4E9-FA5E6A45F531} => C:\Program Files\Skype\Phone\Skype.exe [2016-11-15] (Skype Technologies S.A.)
Task: {450582EF-258E-4743-BEA3-416533CE2E24} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Keine Datei <==== ACHTUNG
Task: {450A414F-692C-46C1-9AC4-92497D16F2FC} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => %SystemRoot%\ehome\ehPrivJob.exe 
Task: {47C2D29E-9E4D-4D91-AE12-47DCA976EA9F} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => %SystemRoot%\ehome\ehPrivJob.exe 
Task: {491C4756-8771-49A3-AE79-91EDEB50793D} - System32\Tasks\advSRS4 => C:\Program Files\Samsung\Samsung Recovery Solution 4\WCScheduler.exe [2010-01-19] (SEC)
Task: {4D94345D-EFB8-4603-9D91-EB25D3A55825} - \Safer-Networking\Spybot - Search and Destroy\Refresh immunization -> Keine Datei <==== ACHTUNG
Task: {501312D6-1923-4F5D-9E5A-665FE315667C} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => %windir%\ehome\MCUpdate.exe 
Task: {5C55623F-9CD1-4858-AC15-23084841B334} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => %SystemRoot%\ehome\mcupdate.exe 
Task: {60600B73-0A3B-47E0-9092-BD03D38B94B2} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => %SystemRoot%\ehome\mcupdate.exe 
Task: {6458BDCF-4753-422B-A773-FB14B0380B3B} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => %SystemRoot%\ehome\ehPrivJob.exe 
Task: {65CAA3FC-6411-4E38-A61B-05EDDDD07C53} - System32\Tasks\SUPBackground => C:\Program Files\Samsung\Samsung Update Plus\SUPBackground.exe [2010-04-20] ()
Task: {66D59E4D-2020-4226-B0E6-4633BD8163D6} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => %SystemRoot%\ehome\ehPrivJob.exe 
Task: {6A099255-DAE2-45F6-9F77-9E30B3FC6B7C} - System32\Tasks\Registration 1und1 Task => C:\Program Files\1und1Softwareaktualisierung\cdsupdclient.exe [2016-03-25] (1&1 Mail & Media GmbH)
Task: {6A7B9FBB-E293-4E66-A097-2884CC62B8E0} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => %SystemRoot%\ehome\mcupdate.exe 
Task: {6C02EDCC-7681-4732-B9E7-FE92A385C4DC} - \Safer-Networking\Spybot - Search and Destroy\Check for updates -> Keine Datei <==== ACHTUNG
Task: {7166BF19-C763-4BE2-B7CE-AA6B5C20F780} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Keine Datei <==== ACHTUNG
Task: {734E4AC8-E775-40F1-9A87-06CADC8B44E7} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine Datei <==== ACHTUNG
Task: {7366B38C-B7CB-49A5-AE9B-DC9EF847FB55} - System32\Tasks\BatteryLifeExtender => C:\Program Files\Samsung\BatteryLifeExtender\BatteryLifeExtender.exe [2009-08-12] (Samsung Electronics. Co. Ltd.)
Task: {7525F94C-573A-4AAD-B8B1-BC4E47D3CE00} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-12-19] (Adobe Systems Incorporated)
Task: {763EA265-CBF6-435E-9BD8-D61F67755760} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => %SystemRoot%\ehome\ehPrivJob.exe 
Task: {7B51D5A0-DBA7-4DBC-9C0F-3152FF668A9C} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => %SystemRoot%\ehome\ehrec.exe 
Task: {7C39AFEA-9F57-48AF-A6F0-6F5EF48BC660} - System32\Tasks\DropboxUpdateTaskUserS-1-5-21-1016556084-3091970497-507946437-1001UA1d23a61c5472f3 => C:\Users\Klaus\AppData\Local\Dropbox\Update\DropboxUpdate.exe [2016-11-09] (Dropbox, Inc.)
Task: {7C46FD08-1243-4F3A-9313-3FF61C883D3A} - System32\Tasks\{36AF7C9B-3B45-4446-9387-B0336493ABB4} => Iexplore.exe hxxp://ui.skype.com/ui/0/7.0.0.102/de/abandoninstall?page=tsProgressBar
Task: {7DBEDEFD-518F-4EFE-99AE-F84A96112229} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2014-10-26] (Google Inc.)
Task: {7DDD83AF-A2A1-40C0-A524-FED7B8931888} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2014-10-26] (Google Inc.)
Task: {80D96DC3-D35B-42EE-9D49-9E377069CA91} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Keine Datei <==== ACHTUNG
Task: {814EDA48-377A-4E0E-9C06-8F493364864C} - System32\Tasks\PCSpeedRepair_Start => C:\Program Files\PC Speed Repair\PCSpeedRepair.exe 
Task: {844E1910-FAC2-4466-ADBA-2A709EF2874C} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => %SystemRoot%\ehome\ehPrivJob.exe 
Task: {86AABC58-8DA0-4A1A-90C8-7AE51DC464DB} - System32\Tasks\SamsungSupportCenter => C:\Program Files\Samsung\Samsung Support Center\SSCKbdHk.exe [2009-09-07] (SAMSUNG Electronics)
Task: {8A29FF2D-80A1-4DAC-8007-66FDEA4D5BE9} - System32\Tasks\EasyDisplayMgr => C:\Program Files\Samsung\Easy Display Manager\dmhkcore.exe [2009-09-12] (Samsung Electronics Co., Ltd.)
Task: {90D61C1E-A65D-4B5F-A847-025258DEC1B0} - System32\Tasks\Adobe Flash Player Updater => C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2017-01-30] (Adobe Systems Incorporated)
Task: {91210341-8AD4-4871-8656-8ABD0492C0DA} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => %SystemRoot%\ehome\ehPrivJob.exe 
Task: {922FE938-1748-4735-8331-BBF17E2B72AF} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2017-03-15] (Microsoft Corporation)
Task: {92E0867F-8B03-457D-B108-AD3DE6C5368C} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => %SystemRoot%\ehome\mcupdate.exe 
Task: {966C563E-BC9B-4AC0-8147-A8C670D0895F} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG
Task: {9DE427DD-3C43-4699-9B13-66A3A7DB4373} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => %SystemRoot%\ehome\mcupdate.exe 
Task: {B7033D2E-08CF-4688-BF7F-EC0506643A8E} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> Keine Datei <==== ACHTUNG
Task: {BADCD1CD-8C3C-46B8-A002-911FC9DBEE8B} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => %SystemRoot%\ehome\ehPrivJob.exe 
Task: {C05B0A34-48CB-4469-9B2F-B83F17047117} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => %SystemRoot%\ehome\ehPrivJob.exe 
Task: {C9845C55-D8D4-4F9F-965E-1DD8FE2678ED} - System32\Tasks\PCSpeedRepair_Popup => C:\Program Files\PC Speed Repair\Splash.exe 
Task: {CD8517F5-7615-4448-A396-68751820F791} - System32\Tasks\{DD144569-13B3-4780-9D0A-61ABDDF82E46} => Iexplore.exe hxxp://www.skype.com/go/downloading?source=lightinstaller&amp;ver=7.1.0.105&amp;LastError=12002
Task: {D3C25474-0E08-4083-A0DD-D7EF82F4DB95} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Keine Datei <==== ACHTUNG
Task: {D5364B3A-382D-4027-BF2E-AD5D4720B672} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => %SystemRoot%\ehome\ehPrivJob.exe 
Task: {E97EF085-9494-4C30-9B62-7FD5A266E90F} - \Safer-Networking\Spybot - Search and Destroy\Scan the system -> Keine Datei <==== ACHTUNG
Task: {F49FDCCC-02E8-4464-96C4-144C4E2515D7} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => %SystemRoot%\ehome\ehPrivJob.exe 
Task: {FCB0AB86-49B1-4B75-871B-1F0CA5B59EC0} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Keine Datei <==== ACHTUNG

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-1016556084-3091970497-507946437-1001Core1d23a61c29ba9b.job => C:\Users\Klaus\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskUserS-1-5-21-1016556084-3091970497-507946437-1001UA1d23a61c5472f3.job => C:\Users\Klaus\AppData\Local\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe

==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

Shortcut: C:\Users\Klaus\AppData\Roaming\Microsoft\Windows\Network Shortcuts\Meine Websites auf MSN\target.lnk -> hxxp://www.msnusers.co

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2016-07-16 09:25 - 2016-07-16 09:25 - 00190976 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2017-03-15 08:21 - 2017-03-04 08:04 - 02048496 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2014-03-06 13:27 - 2007-08-21 12:59 - 00014616 _____ () C:\WINDOWS\System32\skypdfmonpro.dll
2010-01-24 16:49 - 2009-07-07 03:23 - 00247152 ____N () C:\Program Files\CyberLink\Shared files\RichVideo.exe
2006-11-02 19:40 - 2006-11-02 19:40 - 00174656 _____ () C:\windows\system32\PSIService.exe
2009-09-16 22:57 - 2009-03-05 10:54 - 00311296 _____ () C:\windows\SYSTEM32\Rezip.exe
2017-03-15 08:21 - 2017-03-04 08:04 - 02048496 _____ () C:\WINDOWS\SYSTEM32\CoreUIComponents.dll
2010-12-28 12:11 - 2010-03-15 11:28 - 00141824 _____ () C:\Program Files\WinRAR\rarext.dll
2016-07-16 09:25 - 2016-07-16 09:25 - 00108032 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll
2017-03-15 08:22 - 2017-03-04 07:24 - 00321536 _____ () C:\Windows\ShellExperiences\QuickActions.dll
2009-09-16 23:06 - 2006-08-12 04:48 - 00049152 _____ () C:\Program Files\Samsung\Easy Display Manager\HookDllPS2.dll
2017-03-15 08:20 - 2017-03-04 07:04 - 06726656 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2017-03-15 08:20 - 2017-03-04 06:58 - 01150464 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-10-14 11:29 - 2016-10-14 11:29 - 00526848 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll
2017-03-15 08:20 - 2017-03-04 06:58 - 00779776 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Actions.dll
2017-03-15 08:20 - 2017-03-04 06:58 - 01724928 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2017-03-15 08:20 - 2017-03-04 07:00 - 03158528 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2017-03-13 11:14 - 2017-03-13 11:16 - 00067072 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.12.112.0_x86__kzf8qxf38zg5c\SkypeHost.exe
2017-03-13 11:14 - 2017-03-13 11:16 - 00156672 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.12.112.0_x86__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2017-03-13 11:14 - 2017-03-13 11:16 - 29441536 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.12.112.0_x86__kzf8qxf38zg5c\SkyWrap.dll
2017-03-13 11:14 - 2017-03-13 11:16 - 01578984 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.12.112.0_x86__kzf8qxf38zg5c\roottools.dll
2012-06-17 15:56 - 2009-02-27 15:38 - 00139264 ____R () C:\Program Files\Brother\BrUtilities\BrLogAPI.dll
2017-03-10 11:33 - 2017-03-06 21:59 - 00807232 _____ () C:\Users\Klaus\AppData\Roaming\Dropbox\bin\dropbox_watchdog.dll
2017-03-10 11:33 - 2017-02-09 03:19 - 00035792 _____ () C:\Users\Klaus\AppData\Roaming\Dropbox\bin\_multiprocessing.pyd
2017-03-10 11:33 - 2017-02-09 03:19 - 00100296 _____ () C:\Users\Klaus\AppData\Roaming\Dropbox\bin\_ctypes.pyd
2017-03-10 11:33 - 2017-02-09 03:19 - 00018888 _____ () C:\Users\Klaus\AppData\Roaming\Dropbox\bin\select.pyd
2017-03-10 11:33 - 2017-03-06 22:01 - 00019776 _____ () C:\Users\Klaus\AppData\Roaming\Dropbox\bin\tornado.speedups.pyd
2017-03-10 11:33 - 2017-02-09 03:19 - 00694224 _____ () C:\Users\Klaus\AppData\Roaming\Dropbox\bin\unicodedata.pyd
2017-03-10 11:33 - 2017-03-06 22:01 - 00020824 _____ () C:\Users\Klaus\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._constant_time.pyd
2017-03-10 11:33 - 2017-02-09 03:20 - 00123856 _____ () C:\Users\Klaus\AppData\Roaming\Dropbox\bin\_cffi_backend.pyd
2017-03-10 11:33 - 2017-03-06 22:01 - 01682768 _____ () C:\Users\Klaus\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._openssl.pyd
2017-03-10 11:33 - 2017-03-06 22:01 - 00020816 _____ () C:\Users\Klaus\AppData\Roaming\Dropbox\bin\cryptography.hazmat.bindings._padding.pyd
2017-03-10 11:33 - 2017-02-09 03:19 - 00145864 _____ () C:\Users\Klaus\AppData\Roaming\Dropbox\bin\pyexpat.pyd
2017-03-10 11:33 - 2017-02-09 03:20 - 00019408 _____ () C:\Users\Klaus\AppData\Roaming\Dropbox\bin\faulthandler.pyd
2017-03-10 11:33 - 2017-02-09 03:19 - 00116688 _____ () C:\Users\Klaus\AppData\Roaming\Dropbox\bin\pywintypes27.dll
2017-03-10 11:33 - 2017-02-09 03:22 - 00105928 _____ () C:\Users\Klaus\AppData\Roaming\Dropbox\bin\win32api.pyd
2017-03-10 11:33 - 2017-03-06 22:01 - 00022864 _____ () C:\Users\Klaus\AppData\Roaming\Dropbox\bin\winffi.crt.compiled._winffi_crt.pyd
2017-03-10 11:33 - 2017-03-06 22:01 - 00038712 _____ () C:\Users\Klaus\AppData\Roaming\Dropbox\bin\fastpath.pyd
2017-03-10 11:33 - 2017-03-06 22:01 - 00060736 _____ () C:\Users\Klaus\AppData\Roaming\Dropbox\bin\psutil._psutil_windows.pyd
2017-03-10 11:33 - 2017-02-09 03:22 - 00024528 _____ () C:\Users\Klaus\AppData\Roaming\Dropbox\bin\win32event.pyd
2017-03-10 11:33 - 2017-02-09 03:22 - 00175560 _____ () C:\Users\Klaus\AppData\Roaming\Dropbox\bin\win32gui.pyd
2017-03-10 11:33 - 2017-02-09 03:19 - 00392144 _____ () C:\Users\Klaus\AppData\Roaming\Dropbox\bin\pythoncom27.dll
2017-03-10 11:33 - 2017-02-09 03:22 - 00020936 _____ () C:\Users\Klaus\AppData\Roaming\Dropbox\bin\mmapfile.pyd
2017-03-10 11:33 - 2017-02-09 03:22 - 00116176 _____ () C:\Users\Klaus\AppData\Roaming\Dropbox\bin\win32security.pyd
2017-03-10 11:33 - 2017-03-06 22:01 - 00381760 _____ () C:\Users\Klaus\AppData\Roaming\Dropbox\bin\win32com.shell.shell.pyd
2017-03-10 11:33 - 2017-02-09 03:22 - 00124880 _____ () C:\Users\Klaus\AppData\Roaming\Dropbox\bin\win32file.pyd
2017-03-10 11:33 - 2017-03-06 22:01 - 00026456 _____ () C:\Users\Klaus\AppData\Roaming\Dropbox\bin\winffi.kernel32.compiled._winffi_kernel32.pyd
2017-03-10 11:33 - 2017-02-09 03:22 - 00024016 _____ () C:\Users\Klaus\AppData\Roaming\Dropbox\bin\win32clipboard.pyd
2017-03-10 11:33 - 2017-02-09 03:22 - 00030160 _____ () C:\Users\Klaus\AppData\Roaming\Dropbox\bin\win32pipe.pyd
2017-03-10 11:33 - 2017-02-09 03:22 - 00043472 _____ () C:\Users\Klaus\AppData\Roaming\Dropbox\bin\win32process.pyd
2017-03-10 11:33 - 2017-02-09 03:22 - 00048592 _____ () C:\Users\Klaus\AppData\Roaming\Dropbox\bin\win32service.pyd
2017-03-10 11:33 - 2017-02-09 03:22 - 00057808 _____ () C:\Users\Klaus\AppData\Roaming\Dropbox\bin\win32evtlog.pyd
2017-03-10 11:33 - 2017-02-09 03:22 - 00024016 _____ () C:\Users\Klaus\AppData\Roaming\Dropbox\bin\win32profile.pyd
2017-03-10 11:33 - 2017-03-06 22:01 - 00246608 _____ () C:\Users\Klaus\AppData\Roaming\Dropbox\bin\breakpad.client.windows.handler.pyd
2017-03-10 11:33 - 2017-03-06 22:01 - 00027488 _____ () C:\Users\Klaus\AppData\Roaming\Dropbox\bin\dropbox.infinite.win.compiled._driverinstallation.pyd
2017-03-10 11:33 - 2017-02-09 03:21 - 00241104 _____ () C:\Users\Klaus\AppData\Roaming\Dropbox\bin\_jpegtran.pyd
2017-03-10 11:33 - 2017-03-06 22:01 - 00022336 _____ () C:\Users\Klaus\AppData\Roaming\Dropbox\bin\cpuid.compiled._cpuid.pyd
2017-03-10 11:33 - 2017-03-06 22:01 - 00025432 _____ () C:\Users\Klaus\AppData\Roaming\Dropbox\bin\winscreenshot.compiled._CaptureScreenshot.pyd
2017-03-10 11:33 - 2017-02-09 03:22 - 00028616 _____ () C:\Users\Klaus\AppData\Roaming\Dropbox\bin\win32ts.pyd
2017-03-10 11:33 - 2017-03-06 22:01 - 01826104 _____ () C:\Users\Klaus\AppData\Roaming\Dropbox\bin\PyQt5.QtCore.pyd
2017-03-10 11:33 - 2017-02-09 03:20 - 00083912 _____ () C:\Users\Klaus\AppData\Roaming\Dropbox\bin\sip.pyd
2017-03-10 11:33 - 2017-03-06 22:01 - 01972536 _____ () C:\Users\Klaus\AppData\Roaming\Dropbox\bin\PyQt5.QtGui.pyd
2017-03-10 11:33 - 2017-03-06 22:01 - 03928896 _____ () C:\Users\Klaus\AppData\Roaming\Dropbox\bin\PyQt5.QtWidgets.pyd
2017-03-10 11:33 - 2017-03-06 22:01 - 00531264 _____ () C:\Users\Klaus\AppData\Roaming\Dropbox\bin\PyQt5.QtNetwork.pyd
2017-03-10 11:33 - 2017-03-06 22:01 - 00053072 _____ () C:\Users\Klaus\AppData\Roaming\Dropbox\bin\winrpcserver.compiled._RPCServer.pyd
2017-03-10 11:33 - 2017-03-06 22:01 - 00133432 _____ () C:\Users\Klaus\AppData\Roaming\Dropbox\bin\PyQt5.QtWebKit.pyd
2017-03-10 11:33 - 2017-03-06 22:01 - 00224064 _____ () C:\Users\Klaus\AppData\Roaming\Dropbox\bin\PyQt5.QtWebKitWidgets.pyd
2017-03-10 11:33 - 2017-03-06 22:01 - 00207680 _____ () C:\Users\Klaus\AppData\Roaming\Dropbox\bin\PyQt5.QtPrintSupport.pyd
2017-03-10 11:33 - 2017-03-06 22:01 - 00022864 _____ () C:\Users\Klaus\AppData\Roaming\Dropbox\bin\winffi.user32.compiled._winffi_user32.pyd
2017-03-10 11:33 - 2017-03-06 22:01 - 00069968 _____ () C:\Users\Klaus\AppData\Roaming\Dropbox\bin\windisplaytoast.compiled._DisplayToast.pyd
2017-03-10 11:33 - 2017-03-06 22:01 - 00022872 _____ () C:\Users\Klaus\AppData\Roaming\Dropbox\bin\winffi.iphlpapi.compiled._winffi_iphlpapi.pyd
2017-03-10 11:33 - 2017-03-06 22:01 - 00021848 _____ () C:\Users\Klaus\AppData\Roaming\Dropbox\bin\winffi.winerror.compiled._winffi_winerror.pyd
2017-03-10 11:33 - 2017-03-06 22:01 - 00022872 _____ () C:\Users\Klaus\AppData\Roaming\Dropbox\bin\winffi.wininet.compiled._winffi_wininet.pyd
2017-03-10 11:33 - 2017-02-09 03:22 - 00350152 _____ () C:\Users\Klaus\AppData\Roaming\Dropbox\bin\winxpgui.pyd
2017-03-10 11:33 - 2017-03-06 22:01 - 00103232 _____ () C:\Users\Klaus\AppData\Roaming\Dropbox\bin\PyQt5.QtWinExtras.pyd
2017-03-10 11:33 - 2017-03-06 22:01 - 00023896 _____ () C:\Users\Klaus\AppData\Roaming\Dropbox\bin\winverifysignature.compiled._VerifySignature.pyd
2017-03-10 11:33 - 2017-03-06 22:01 - 00025936 _____ () C:\Users\Klaus\AppData\Roaming\Dropbox\bin\librsyncffi.compiled._librsyncffi.pyd
2017-03-10 11:33 - 2017-02-09 03:17 - 00036296 _____ () C:\Users\Klaus\AppData\Roaming\Dropbox\bin\librsync.dll
2017-03-10 11:33 - 2017-03-06 22:01 - 00033112 _____ () C:\Users\Klaus\AppData\Roaming\Dropbox\bin\enterprise_data.compiled._enterprise_data.pyd
2017-03-10 11:33 - 2016-12-02 22:44 - 00293392 _____ () C:\Users\Klaus\AppData\Roaming\Dropbox\bin\EnterpriseDataAdapter.dll
2017-03-10 11:33 - 2017-03-06 22:01 - 00084288 _____ () C:\Users\Klaus\AppData\Roaming\Dropbox\bin\dropbox_sqlite_ext.DLL
2017-03-10 11:33 - 2017-02-09 03:27 - 00017864 _____ () C:\Users\Klaus\AppData\Roaming\Dropbox\bin\libEGL.dll
2017-03-10 11:33 - 2017-02-09 03:27 - 01631184 _____ () C:\Users\Klaus\AppData\Roaming\Dropbox\bin\libGLESv2.dll
2017-03-10 11:33 - 2017-03-06 22:01 - 00042816 _____ () C:\Users\Klaus\AppData\Roaming\Dropbox\bin\PyQt5.QtWebChannel.pyd
2017-03-10 11:33 - 2017-03-06 22:01 - 00171336 _____ () C:\Users\Klaus\AppData\Roaming\Dropbox\bin\PyQt5.QtWebEngineWidgets.pyd
2017-03-10 11:33 - 2017-03-06 22:01 - 00357688 _____ () C:\Users\Klaus\AppData\Roaming\Dropbox\bin\PyQt5.QtQml.pyd
2017-03-10 11:33 - 2017-02-09 03:22 - 00060880 _____ () C:\Users\Klaus\AppData\Roaming\Dropbox\bin\win32print.pyd
2017-03-10 11:33 - 2017-03-06 22:01 - 00026456 _____ () C:\Users\Klaus\AppData\Roaming\Dropbox\bin\winffi.winhttp.compiled._winffi_winhttp.pyd
2017-03-10 11:33 - 2017-03-06 22:01 - 00546104 _____ () C:\Users\Klaus\AppData\Roaming\Dropbox\bin\PyQt5.QtQuick.pyd

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)


==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)


==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)

IE trusted site: HKU\S-1-5-21-1016556084-3091970497-507946437-1001\...\internet -> internet

==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2009-07-14 03:04 - 2009-06-10 22:39 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-1016556084-3091970497-507946437-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Klaus\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\urlaub frankreich 082011 037.jpg
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

MSCONFIG\startupreg: ANT Agent => C:\Program Files\Garmin\ANT Agent\ANT Agent.exe
MSCONFIG\startupreg: CLMLServer => "C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe"
MSCONFIG\startupreg: Corel Photo Downloader => C:\Program Files\Corel\Corel Snapfire\Corel PhotoDownloader.exe
MSCONFIG\startupreg: GrooveMonitor => "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
MSCONFIG\startupreg: gStart => C:\Garmin\gStart.exe
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: PDVD8LanguageShortcut => "C:\Program Files\CyberLink\PowerDVD8\Language\Language.exe"
MSCONFIG\startupreg: RemoteControl8 => "C:\Program Files\CyberLink\PowerDVD8\PDVD8Serv.exe"
MSCONFIG\startupreg: Skype => "C:\Program Files\Skype\\Phone\Skype.exe" /nosplash /minimized
MSCONFIG\startupreg: UpdateLBPShortCut => "C:\Program Files\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\LabelPrint" UpdateWithCreateOnce "Software\CyberLink\LabelPrint\2.5"
MSCONFIG\startupreg: UpdateP2GoShortCut => "C:\Program Files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"
MSCONFIG\startupreg: UpdatePDRShortCut => "C:\Program Files\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\PowerDirector" UpdateWithCreateOnce "Software\CyberLink\PowerDirector\7.0"
MSCONFIG\startupreg: UpdatePPShortCut => "C:\Program Files\CyberLink\PowerProducer\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\PowerProducer" UpdateWithCreateOnce "Software\CyberLink\PowerProducer\5.0"
MSCONFIG\startupreg: UpdatePSTShortCut => "C:\Program Files\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\DVD Suite" UpdateWithCreateOnce "Software\CyberLink\PowerStarter"

==================== FirewallRules (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [MSMQ-In-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-In-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [WCF-NetTcpActivator-In-TCP-32bit] => (Allow) LPort=808
FirewallRules: [UDP Query User{1EC2C7DD-F10F-4299-AFD7-914BFA7E3A27}C:\program files\mozilla firefox\firefox.exe] => (Block) C:\program files\mozilla firefox\firefox.exe
FirewallRules: [TCP Query User{7FED0E7A-DBB5-41C6-888E-9AC0692372F2}C:\program files\mozilla firefox\firefox.exe] => (Block) C:\program files\mozilla firefox\firefox.exe
FirewallRules: [{11C9BEFD-F35C-4A20-B82C-8750FE6E7BCB}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{449AE68C-4211-4903-926E-1C4F1C520CD7}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{0DC1C072-B70B-4D63-84F1-164DE7B720C0}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{0536E000-C3EB-4A0A-91C3-5EA90256CAB2}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{19B4B433-AF69-42A6-8005-315C11356EBF}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{3B2EB46D-5D1C-45D4-A463-C987ED66CFE1}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe
FirewallRules: [UDP Query User{D42F8C95-33C3-4615-9FD7-AD5CA8EA29A4}C:\users\klaus\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\klaus\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [TCP Query User{2689A049-06C1-4CFF-9DB3-859EB1BB8F5C}C:\users\klaus\appdata\roaming\dropbox\bin\dropbox.exe] => (Block) C:\users\klaus\appdata\roaming\dropbox\bin\dropbox.exe
FirewallRules: [{037FFB73-8BEF-4D86-9E2A-0F27EC39D952}] => (Allow) C:\DATEV\PROGRAMM\RWAPPLIC\Datev.Irw.Managed.ServiceProvider.exe
FirewallRules: [{96CF0146-E687-4E14-AF86-ED5303157D7D}] => (Allow) C:\DATEV\PROGRAMM\RWAPPLIC\Datev.Irw.Managed.ServiceProvider.exe
FirewallRules: [{D467463D-8A4C-4110-BFCE-2BF059AD56F1}] => (Allow) C:\DATEV\PROGRAMM\K0005000\Arbeitsplatz.exe
FirewallRules: [{04206976-A6EC-4E97-9AB4-813655243B1D}] => (Allow) C:\DATEV\PROGRAMM\K0005000\Arbeitsplatz.exe
FirewallRules: [{AB9C8DE5-8467-4A5E-9655-78B477F81C6E}] => (Allow) C:\DATEV\PROGRAMM\Sws\LimaService.exe
FirewallRules: [{D2C91D17-C558-4CC3-96A9-DB8CF31B623E}] => (Allow) C:\windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
FirewallRules: [{04007B08-A2E5-4010-8CCA-C07A89F93EA9}] => (Allow) C:\Users\Klaus\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{23B8DD95-5375-4928-9CB8-EE23A22AFE04}] => (Allow) C:\Users\Klaus\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{C63039A6-D017-4561-8BB3-1572A0BD5B4E}] => (Allow) C:\Program Files\CyberLink\PowerDVD8\PowerDVD8.EXE
FirewallRules: [{B7BEA400-D614-4A30-BCDD-84E14676FA28}] => (Allow) C:\Program Files\CyberLink\PowerDirector\PDR.EXE
FirewallRules: [{BF143FC9-EB73-4F56-9EE3-5F49343EB1C3}] => (Allow) C:\Program Files\Skype\Phone\Skype.exe
FirewallRules: [{C00BB162-BFF6-4273-9E05-9DC730F73D59}] => (Allow) C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe
FirewallRules: [{16E4F06C-1AF6-4678-ABC3-7219ABCD1549}] => (Allow) svchost.exe
FirewallRules: [{D44F7DA8-60E2-454B-84D7-6478E80A925C}] => (Allow) C:\Program Files\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{F1C8F380-E5CD-4DFD-8F6D-5B27D455E585}] => (Allow) C:\Program Files\Windows Live\Messenger\wlcsdk.exe
FirewallRules: [{CEC48A29-F96A-4A10-A366-245ED2FF7183}] => (Allow) C:\Program Files\TeamViewer\TeamViewer.exe
FirewallRules: [{76CB0CB6-3855-463B-ACBF-596851650CA0}] => (Allow) C:\Program Files\TeamViewer\TeamViewer.exe
FirewallRules: [{6A172810-F164-4CD4-8EED-952A19924205}] => (Allow) C:\Program Files\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{B7147B16-BBCE-47A6-97A4-E7B4E8214FEA}] => (Allow) C:\Program Files\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{1A03A65C-37BA-4C65-8C0B-6B23509BFCC4}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{1AC8ECDE-410B-4BAE-B7DD-40DCA9BC2B51}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
StandardProfile\AuthorizedApplications: [C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe] => Enabled:Spybot-S&D 2 Tray Icon
StandardProfile\AuthorizedApplications: [C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe] => Enabled:Spybot-S&D 2 Scanner Service
StandardProfile\AuthorizedApplications: [C:\Program Files\Spybot - Search & Destroy 2\SDUpdate.exe] => Enabled:Spybot-S&D 2 Updater
StandardProfile\AuthorizedApplications: [C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe] => Enabled:Spybot-S&D 2 Background update service

==================== Wiederherstellungspunkte =========================

04-03-2017 16:55:26 Geplanter Prüfpunkt
13-03-2017 13:36:21 Geplanter Prüfpunkt
16-03-2017 17:32:15 Installiert tax 2017
18-03-2017 13:49:23 Removed McAfee Virtual Technician

==================== Fehlerhafte Geräte im Gerätemanager =============


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (03/22/2017 03:08:37 PM) (Source: Brother BrLog) (EventID: 1001) (User: )
Description: STMON BrtSTMON: [2017/03/22 15:08:37.454]: [00003340]:    Don't Create FileMapping!!!!

Error: (03/22/2017 03:08:37 PM) (Source: Brother BrLog) (EventID: 1001) (User: )
Description: STMON BrtSTMON: [2017/03/22 15:08:37.454]: [00003340]:    FrendlyName : Brother MFC-5490CN Printer

Error: (03/22/2017 03:08:37 PM) (Source: Brother BrLog) (EventID: 1001) (User: )
Description: STMON BrtSTMON: [2017/03/22 15:08:37.453]: [00003340]:    Error : ExecMonitor()

Error: (03/22/2017 03:06:37 PM) (Source: Brother BrLog) (EventID: 1001) (User: )
Description: STMON BrtSTMON: [2017/03/22 15:06:37.445]: [00003340]:    Don't Create FileMapping!!!!

Error: (03/22/2017 03:06:37 PM) (Source: Brother BrLog) (EventID: 1001) (User: )
Description: STMON BrtSTMON: [2017/03/22 15:06:37.445]: [00003340]:    FrendlyName : Brother MFC-5490CN Printer

Error: (03/22/2017 03:06:37 PM) (Source: Brother BrLog) (EventID: 1001) (User: )
Description: STMON BrtSTMON: [2017/03/22 15:06:37.444]: [00003340]:    Error : ExecMonitor()

Error: (03/22/2017 03:04:37 PM) (Source: Brother BrLog) (EventID: 1001) (User: )
Description: STMON BrtSTMON: [2017/03/22 15:04:37.440]: [00003340]:    Don't Create FileMapping!!!!

Error: (03/22/2017 03:04:37 PM) (Source: Brother BrLog) (EventID: 1001) (User: )
Description: STMON BrtSTMON: [2017/03/22 15:04:37.439]: [00003340]:    FrendlyName : Brother MFC-5490CN Printer

Error: (03/22/2017 03:04:37 PM) (Source: Brother BrLog) (EventID: 1001) (User: )
Description: STMON BrtSTMON: [2017/03/22 15:04:37.439]: [00003340]:    Error : ExecMonitor()

Error: (03/22/2017 03:02:37 PM) (Source: Brother BrLog) (EventID: 1001) (User: )
Description: STMON BrtSTMON: [2017/03/22 15:02:37.426]: [00003340]:    Don't Create FileMapping!!!!


Systemfehler:
=============
Error: (03/22/2017 02:53:27 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID 
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
 und der APPID 
{F72671A9-012C-4725-9D2F-2A4D32D65169}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (03/22/2017 02:52:14 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Google Update Service (gupdate)" wurde aufgrund folgenden Fehlers nicht gestartet: 
Der Dienst antwortete nicht rechtzeitig auf die Start- oder Steuerungsanforderung.

Error: (03/22/2017 02:52:14 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst gupdate erreicht.

Error: (03/22/2017 02:49:59 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Garmin Device Interaction Service" wurde aufgrund folgenden Fehlers nicht gestartet: 
Der Dienst antwortete nicht rechtzeitig auf die Start- oder Steuerungsanforderung.

Error: (03/22/2017 02:49:59 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Garmin Device Interaction Service erreicht.

Error: (03/22/2017 02:49:41 PM) (Source: Service Control Manager) (EventID: 7016) (User: )
Description: Der Dienst "chip1click" hat einen ungültigen aktuellen Status gemeldet: 0

Error: (03/22/2017 02:49:41 PM) (Source: Service Control Manager) (EventID: 7016) (User: )
Description: Der Dienst "chip1click" hat einen ungültigen aktuellen Status gemeldet: 0

Error: (03/22/2017 02:49:30 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Apple Mobile Device" wurde aufgrund folgenden Fehlers nicht gestartet: 
Der Dienst antwortete nicht rechtzeitig auf die Start- oder Steuerungsanforderung.

Error: (03/22/2017 02:49:30 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Apple Mobile Device erreicht.

Error: (03/22/2017 02:49:29 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "NetTcpActivator" ist vom Dienst "NetTcpPortSharing" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde: 
Der angegebene Dienst kann nicht gestartet werden. Er ist deaktiviert oder nicht mit aktivierten Geräten verbunden.


CodeIntegrity:
===================================
  Date: 2017-03-21 12:09:47.220
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2017-03-19 18:08:49.561
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2017-03-16 18:01:57.346
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2017-03-05 11:23:12.033
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2017-02-03 11:37:22.753
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2017-02-03 11:37:22.751
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Office\OFFICE11\MCPS.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2017-02-03 11:37:22.747
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2017-02-03 11:37:22.745
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Office\OFFICE11\MCPS.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2017-02-03 11:37:22.717
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2017-02-03 11:37:22.671
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\Microsoft Office\OFFICE11\MCPS.DLL that did not meet the Custom 3 / Antimalware signing level requirements.


==================== Memory info =========================== 

Processor: Intel(R) Core(TM)2 Duo CPU T6500 @ 2.10GHz
Prozentuale Nutzung des RAM: 54%
Installierter physikalischer RAM: 3036.61 MB
Verfügbarer physikalischer RAM: 1369.7 MB
Summe virtueller Speicher: 6108.61 MB
Verfügbarer virtueller Speicher: 4115.8 MB

==================== Laufwerke ================================

Drive c: () (Fixed) (Total:252.37 GB) (Free:120.78 GB) NTFS
Drive d: () (Fixed) (Total:198.29 GB) (Free:169.56 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: B4B6F23B)
Partition 1: (Not Active) - (Size=15 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=252.4 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=198.3 GB) - (Type=07 NTFS)

==================== Ende vom Addition.txt ============================
         

Alt 22.03.2017, 17:48   #11
M-K-D-B
/// TB-Ausbilder
 
Löschung von McAfee resten - Standard

Löschung von McAfee resten



Servus,




Evtl. hab ich Schadsoftware auf deinem PC gefunden...





Zitat:
CHIP-Installer.exe
Bitte keinen Chip-Installer mehr verwenden! Bitte lesen: CHIP-Installer – was ist das?






Schritt 1
Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument


Code:
ATTFilter
start
CloseProcesses:
S2 InstallerService; C:\Program Files\TrueKey\Mcafee.TrueKey.InstallerService.exe -originalversion 4.4.127.0 [X]
C:\Program Files\TrueKey
C:\Users\Klaus\Downloads\*CHIP-Installer*.exe
SearchScopes: HKLM -> DefaultScope {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7SMSN
SearchScopes: HKLM -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7SMSN
SearchScopes: HKU\S-1-5-21-1016556084-3091970497-507946437-1001 -> DefaultScope {36667B61-113B-4D4A-9655-2D5EEBF56FC0} URL = hxxps://de.search.yahoo.com/search?fr=mcafee&type=C011DE532D20140110&p={searchTerms}
SearchScopes: HKU\S-1-5-21-1016556084-3091970497-507946437-1001 -> {3188016B-9C61-4D96-A3F0-26240792A64F} URL = hxxp://go.gmx.de/tb/ie_searchplugin/?q={searchTerms}&enc=UTF-8
SearchScopes: HKU\S-1-5-21-1016556084-3091970497-507946437-1001 -> {36667B61-113B-4D4A-9655-2D5EEBF56FC0} URL = hxxps://de.search.yahoo.com/search?fr=mcafee&type=C011DE532D20140110&p={searchTerms}
SearchScopes: HKU\S-1-5-21-1016556084-3091970497-507946437-1001 -> {55E10C83-66E2-4DF3-8C6D-F1FCA32463AE} URL = hxxp://go.web.de/tb/ie_searchplugin/?q={searchTerms}&enc=UTF-8
SearchScopes: HKU\S-1-5-21-1016556084-3091970497-507946437-1001 -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.bing.com/search?FORM=SK2MDF&PC=SK2M&q={searchTerms}&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-1016556084-3091970497-507946437-1001 -> {8739C06C-4C0E-4EC0-BE0C-E7BCB362BEFF} URL = hxxp://go.1und1.de/tb/ie_searchplugin/?q={searchTerms}&enc=UTF-8
SearchScopes: HKU\S-1-5-21-1016556084-3091970497-507946437-1001 -> {942EC6E8-747D-448C-9B55-23B6147D7F60} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7SMSN_de___DE363
SearchScopes: HKU\S-1-5-21-1016556084-3091970497-507946437-1001 -> {B3C47B51-F87A-43DF-B84E-70B7324A9378} URL = hxxp://go.mail.com/tb/en-us/ie_searchplugin/?q={searchTerms}&enc=UTF-8
SearchScopes: HKU\S-1-5-21-1016556084-3091970497-507946437-1001 -> {DCA67887-DB28-490D-B4B0-BE2669C80B30} URL = hxxps://de.search.yahoo.com/search?fr=mcafee&type=B011DE532D20140110&p={searchTerms}
DeleteKey: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.com/search?q=mcafee&form=WNSGPH&qs=AS&cvid=3d23e1f30b1040d5a9d22f144e9857aa&pq=Mc&cc=DE&setlang=de-DE&nclid=FE9C2656DBED2E56A8D0C50628EEED79&ts=1489841062563&nclidts=1489841062&tsms=563
DeleteKey: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Search\RecentApps\{5D4F72AA-E5F4-4DE1-870B-A5067DC7C2F5}
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\5B4A54916B379ED4993A5062B1F7ED0D
DeleteValue: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\User Agent\Post Platform|McAfee
DeleteKey: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\EventLog\System\cfwids.sys
DeleteKey: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\EventLog\System\mfeavfk.sys
DeleteKey: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\EventLog\System\mfebopk.sys
DeleteKey: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\EventLog\System\mfefirek.sys
DeleteKey: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\EventLog\System\mfenlfk.sys
DeleteKey: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\EventLog\System\mferkdet.sys
Task: {35787037-8448-42A7-80B0-2084FA4E35F4} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG
Task: {36E6601D-B561-4F31-BED3-4ECDFDFFEFA5} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei <==== ACHTUNG
Task: {3E6EAA52-AA76-4F97-8A46-E061DD041269} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Keine Datei <==== ACHTUNG
Task: {450582EF-258E-4743-BEA3-416533CE2E24} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Keine Datei <==== ACHTUNG
Task: {4D94345D-EFB8-4603-9D91-EB25D3A55825} - \Safer-Networking\Spybot - Search and Destroy\Refresh immunization -> Keine Datei <==== ACHTUNG
Task: {6C02EDCC-7681-4732-B9E7-FE92A385C4DC} - \Safer-Networking\Spybot - Search and Destroy\Check for updates -> Keine Datei <==== ACHTUNG
Task: {7166BF19-C763-4BE2-B7CE-AA6B5C20F780} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Keine Datei <==== ACHTUNG
Task: {734E4AC8-E775-40F1-9A87-06CADC8B44E7} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine Datei <==== ACHTUNG
Task: {80D96DC3-D35B-42EE-9D49-9E377069CA91} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Keine Datei <==== ACHTUNG
Task: {966C563E-BC9B-4AC0-8147-A8C670D0895F} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG
Task: {B7033D2E-08CF-4688-BF7F-EC0506643A8E} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> Keine Datei <==== ACHTUNG
Task: {D3C25474-0E08-4083-A0DD-D7EF82F4DB95} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Keine Datei <==== ACHTUNG
Task: {E97EF085-9494-4C30-9B62-7FD5A266E90F} - \Safer-Networking\Spybot - Search and Destroy\Scan the system -> Keine Datei <==== ACHTUNG
Task: {FCB0AB86-49B1-4B75-871B-1F0CA5B59EC0} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Keine Datei <==== ACHTUNG

Reboot:
end
         

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
  • Starte nun FRST erneut und klicke den Entfernen Button.
  • Das Tool erstellt eine Fixlog.txt.
  • Poste mir deren Inhalt.







Schritt 2
Bitte lasse die Datei aus der Code-Box bei Virustotal überprüfen.
  • Klicke auf Wählen Sie eine
  • Kopiere nun folgendes in die Suchleiste
    Code:
    ATTFilter
    C:\Program Files\PC Speed Repair\PCSpeedRepair.exe
             
  • und klicke auf Öffnen.
  • Klicke auf Scannen!.
  • Warte bitte bis die Datei vollständig hochgeladen wurde. Solltest Du folgende Meldung bekommen
    Zitat:
    Diese Datei wurde bereits von VirusTotal analysiert...
    klicke auf Neu analysieren.
  • Warte bis dir das Analysedatum angezeigt wird und der Scan abgeschlossen ist.
  • Kopiere den Link aus deiner Adresszeile und poste ihn hier.








Bitte poste mit deiner nächsten Antwort
  • die Logdatei des FRST-Fix,
  • den Link zu VirusTotal.
__________________
Gruß
M-K-D-B


==========================================================
offline vom 22.12.2018 bis 01.01.2019
==========================================================

Das Trojaner-Board unterstützen

Alt 22.03.2017, 19:53   #12
bütti
 
Löschung von McAfee resten - Standard

Löschung von McAfee resten



Hallo, ja das stimmt, ich habe ein Remove Tool zum Deinstallieren von McAfee von Chip verwendet. Jetzt weiß ich bescheid, danke!

Code:
ATTFilter
Entferungsergebnis von Farbar Recovery Scan Tool (x86) Version: 15-03-2017
durchgeführt von Klaus (22-03-2017 18:53:55) Run:2
Gestartet von C:\Users\Klaus\Desktop
Geladene Profile: Klaus (Verfügbare Profile: Klaus)
Start-Modus: Normal

==============================================

fixlist Inhalt:
*****************
start
CloseProcesses:
S2 InstallerService; C:\Program Files\TrueKey\Mcafee.TrueKey.InstallerService.exe -originalversion 4.4.127.0 [X]
C:\Program Files\TrueKey
C:\Users\Klaus\Downloads\*CHIP-Installer*.exe
SearchScopes: HKLM -> DefaultScope {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7SMSN
SearchScopes: HKLM -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7SMSN
SearchScopes: HKU\S-1-5-21-1016556084-3091970497-507946437-1001 -> DefaultScope {36667B61-113B-4D4A-9655-2D5EEBF56FC0} URL = hxxps://de.search.yahoo.com/search?fr=mcafee&type=C011DE532D20140110&p={searchTerms}
SearchScopes: HKU\S-1-5-21-1016556084-3091970497-507946437-1001 -> {3188016B-9C61-4D96-A3F0-26240792A64F} URL = hxxp://go.gmx.de/tb/ie_searchplugin/?q={searchTerms}&enc=UTF-8
SearchScopes: HKU\S-1-5-21-1016556084-3091970497-507946437-1001 -> {36667B61-113B-4D4A-9655-2D5EEBF56FC0} URL = hxxps://de.search.yahoo.com/search?fr=mcafee&type=C011DE532D20140110&p={searchTerms}
SearchScopes: HKU\S-1-5-21-1016556084-3091970497-507946437-1001 -> {55E10C83-66E2-4DF3-8C6D-F1FCA32463AE} URL = hxxp://go.web.de/tb/ie_searchplugin/?q={searchTerms}&enc=UTF-8
SearchScopes: HKU\S-1-5-21-1016556084-3091970497-507946437-1001 -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.bing.com/search?FORM=SK2MDF&PC=SK2M&q={searchTerms}&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-1016556084-3091970497-507946437-1001 -> {8739C06C-4C0E-4EC0-BE0C-E7BCB362BEFF} URL = hxxp://go.1und1.de/tb/ie_searchplugin/?q={searchTerms}&enc=UTF-8
SearchScopes: HKU\S-1-5-21-1016556084-3091970497-507946437-1001 -> {942EC6E8-747D-448C-9B55-23B6147D7F60} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7SMSN_de___DE363
SearchScopes: HKU\S-1-5-21-1016556084-3091970497-507946437-1001 -> {B3C47B51-F87A-43DF-B84E-70B7324A9378} URL = hxxp://go.mail.com/tb/en-us/ie_searchplugin/?q={searchTerms}&enc=UTF-8
SearchScopes: HKU\S-1-5-21-1016556084-3091970497-507946437-1001 -> {DCA67887-DB28-490D-B4B0-BE2669C80B30} URL = hxxps://de.search.yahoo.com/search?fr=mcafee&type=B011DE532D20140110&p={searchTerms}
DeleteKey: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.com/search?q=mcafee&form=WNSGPH&qs=AS&cvid=3d23e1f30b1040d5a9d22f144e9857aa&pq=Mc&cc=DE&setlang=de-DE&nclid=FE9C2656DBED2E56A8D0C50628EEED79&ts=1489841062563&nclidts=1489841062&tsms=563
DeleteKey: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Search\RecentApps\{5D4F72AA-E5F4-4DE1-870B-A5067DC7C2F5}
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\5B4A54916B379ED4993A5062B1F7ED0D
DeleteValue: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\User Agent\Post Platform|McAfee
DeleteKey: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\EventLog\System\cfwids.sys
DeleteKey: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\EventLog\System\mfeavfk.sys
DeleteKey: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\EventLog\System\mfebopk.sys
DeleteKey: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\EventLog\System\mfefirek.sys
DeleteKey: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\EventLog\System\mfenlfk.sys
DeleteKey: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\EventLog\System\mferkdet.sys
Task: {35787037-8448-42A7-80B0-2084FA4E35F4} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG
Task: {36E6601D-B561-4F31-BED3-4ECDFDFFEFA5} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei <==== ACHTUNG
Task: {3E6EAA52-AA76-4F97-8A46-E061DD041269} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Keine Datei <==== ACHTUNG
Task: {450582EF-258E-4743-BEA3-416533CE2E24} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Keine Datei <==== ACHTUNG
Task: {4D94345D-EFB8-4603-9D91-EB25D3A55825} - \Safer-Networking\Spybot - Search and Destroy\Refresh immunization -> Keine Datei <==== ACHTUNG
Task: {6C02EDCC-7681-4732-B9E7-FE92A385C4DC} - \Safer-Networking\Spybot - Search and Destroy\Check for updates -> Keine Datei <==== ACHTUNG
Task: {7166BF19-C763-4BE2-B7CE-AA6B5C20F780} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Keine Datei <==== ACHTUNG
Task: {734E4AC8-E775-40F1-9A87-06CADC8B44E7} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine Datei <==== ACHTUNG
Task: {80D96DC3-D35B-42EE-9D49-9E377069CA91} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Keine Datei <==== ACHTUNG
Task: {966C563E-BC9B-4AC0-8147-A8C670D0895F} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG
Task: {B7033D2E-08CF-4688-BF7F-EC0506643A8E} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> Keine Datei <==== ACHTUNG
Task: {D3C25474-0E08-4083-A0DD-D7EF82F4DB95} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Keine Datei <==== ACHTUNG
Task: {E97EF085-9494-4C30-9B62-7FD5A266E90F} - \Safer-Networking\Spybot - Search and Destroy\Scan the system -> Keine Datei <==== ACHTUNG
Task: {FCB0AB86-49B1-4B75-871B-1F0CA5B59EC0} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Keine Datei <==== ACHTUNG

Reboot:
end
         
*****************

Prozesse erfolgreich geschlossen.
HKLM\System\CurrentControlSet\Services\InstallerService => Schlüssel erfolgreich entfernt
InstallerService => service erfolgreich entfernt
"C:\Program Files\TrueKey" => nicht gefunden.

=========== "C:\Users\Klaus\Downloads\*CHIP-Installer*.exe" ==========

C:\Users\Klaus\Downloads\McAfee Consumer Product Removal Tool - CHIP-Installer.exe => erfolgreich verschoben

========= Ende -> "C:\Users\Klaus\Downloads\*CHIP-Installer*.exe" ========

HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Wert erfolgreich wiederhergestellt
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64} => Schlüssel erfolgreich entfernt
HKCR\CLSID\{67A2568C-7A0A-4EED-AECC-B5405DE63B64} => Schlüssel nicht gefunden. 
HKU\S-1-5-21-1016556084-3091970497-507946437-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Wert erfolgreich entfernt
HKU\S-1-5-21-1016556084-3091970497-507946437-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{3188016B-9C61-4D96-A3F0-26240792A64F} => Schlüssel erfolgreich entfernt
HKCR\CLSID\{3188016B-9C61-4D96-A3F0-26240792A64F} => Schlüssel nicht gefunden. 
HKU\S-1-5-21-1016556084-3091970497-507946437-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{36667B61-113B-4D4A-9655-2D5EEBF56FC0} => Schlüssel erfolgreich entfernt
HKCR\CLSID\{36667B61-113B-4D4A-9655-2D5EEBF56FC0} => Schlüssel nicht gefunden. 
HKU\S-1-5-21-1016556084-3091970497-507946437-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{55E10C83-66E2-4DF3-8C6D-F1FCA32463AE} => Schlüssel erfolgreich entfernt
HKCR\CLSID\{55E10C83-66E2-4DF3-8C6D-F1FCA32463AE} => Schlüssel nicht gefunden. 
HKU\S-1-5-21-1016556084-3091970497-507946437-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64} => Schlüssel erfolgreich entfernt
HKCR\CLSID\{67A2568C-7A0A-4EED-AECC-B5405DE63B64} => Schlüssel nicht gefunden. 
HKU\S-1-5-21-1016556084-3091970497-507946437-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{8739C06C-4C0E-4EC0-BE0C-E7BCB362BEFF} => Schlüssel erfolgreich entfernt
HKCR\CLSID\{8739C06C-4C0E-4EC0-BE0C-E7BCB362BEFF} => Schlüssel nicht gefunden. 
HKU\S-1-5-21-1016556084-3091970497-507946437-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{942EC6E8-747D-448C-9B55-23B6147D7F60} => Schlüssel erfolgreich entfernt
HKCR\CLSID\{942EC6E8-747D-448C-9B55-23B6147D7F60} => Schlüssel nicht gefunden. 
HKU\S-1-5-21-1016556084-3091970497-507946437-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{B3C47B51-F87A-43DF-B84E-70B7324A9378} => Schlüssel erfolgreich entfernt
HKCR\CLSID\{B3C47B51-F87A-43DF-B84E-70B7324A9378} => Schlüssel nicht gefunden. 
HKU\S-1-5-21-1016556084-3091970497-507946437-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{DCA67887-DB28-490D-B4B0-BE2669C80B30} => Schlüssel erfolgreich entfernt
HKCR\CLSID\{DCA67887-DB28-490D-B4B0-BE2669C80B30} => Schlüssel nicht gefunden. 
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.com/search?q=mcafee&form=WNSGPH&qs=AS&cvid=3d23e1f30b1040d5a9d22f144e9857aa&pq=Mc&cc=DE&setlang=de-DE&nclid=FE9C2656DBED2E56A8D0C50628EEED79&ts=1489841062563&nclidts=1489841062&tsms=563 => Schlüssel erfolgreich entfernt
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Search\RecentApps\{5D4F72AA-E5F4-4DE1-870B-A5067DC7C2F5} => Schlüssel erfolgreich entfernt
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\5B4A54916B379ED4993A5062B1F7ED0D => Schlüssel erfolgreich entfernt
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\User Agent\Post Platform\\McAfee => Wert erfolgreich entfernt
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\EventLog\System\cfwids.sys => Schlüssel erfolgreich entfernt
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\EventLog\System\mfeavfk.sys => Schlüssel erfolgreich entfernt
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\EventLog\System\mfebopk.sys => Schlüssel erfolgreich entfernt
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\EventLog\System\mfefirek.sys => Schlüssel erfolgreich entfernt
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\EventLog\System\mfenlfk.sys => Schlüssel erfolgreich entfernt
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\EventLog\System\mferkdet.sys => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{35787037-8448-42A7-80B0-2084FA4E35F4} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{35787037-8448-42A7-80B0-2084FA4E35F4} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfig => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{36E6601D-B561-4F31-BED3-4ECDFDFFEFA5} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{36E6601D-B561-4F31-BED3-4ECDFDFFEFA5} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxcontent => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{3E6EAA52-AA76-4F97-8A46-E061DD041269} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3E6EAA52-AA76-4F97-8A46-E061DD041269} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{450582EF-258E-4743-BEA3-416533CE2E24} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{450582EF-258E-4743-BEA3-416533CE2E24} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{4D94345D-EFB8-4603-9D91-EB25D3A55825} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4D94345D-EFB8-4603-9D91-EB25D3A55825} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => Schlüssel nicht gefunden. 
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{6C02EDCC-7681-4732-B9E7-FE92A385C4DC} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6C02EDCC-7681-4732-B9E7-FE92A385C4DC} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Safer-Networking\Spybot - Search and Destroy\Check for updates => Schlüssel nicht gefunden. 
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{7166BF19-C763-4BE2-B7CE-AA6B5C20F780} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7166BF19-C763-4BE2-B7CE-AA6B5C20F780} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{734E4AC8-E775-40F1-9A87-06CADC8B44E7} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{734E4AC8-E775-40F1-9A87-06CADC8B44E7} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{80D96DC3-D35B-42EE-9D49-9E377069CA91} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{80D96DC3-D35B-42EE-9D49-9E377069CA91} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Logon-5d => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{966C563E-BC9B-4AC0-8147-A8C670D0895F} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{966C563E-BC9B-4AC0-8147-A8C670D0895F} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\launchtrayprocess => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{B7033D2E-08CF-4688-BF7F-EC0506643A8E} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B7033D2E-08CF-4688-BF7F-EC0506643A8E} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{D3C25474-0E08-4083-A0DD-D7EF82F4DB95} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D3C25474-0E08-4083-A0DD-D7EF82F4DB95} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Time-5d => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E97EF085-9494-4C30-9B62-7FD5A266E90F} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E97EF085-9494-4C30-9B62-7FD5A266E90F} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Safer-Networking\Spybot - Search and Destroy\Scan the system => Schlüssel nicht gefunden. 
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{FCB0AB86-49B1-4B75-871B-1F0CA5B59EC0} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FCB0AB86-49B1-4B75-871B-1F0CA5B59EC0} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d => Schlüssel erfolgreich entfernt


Das System musste neu gestartet werden.

==== Ende vom Fixlog 18:54:01 ====
         
Code:
ATTFilter
https://www.virustotal.com/de/file/35b0515e52fb3fd49e08e32abbb29f735c0cf2a048ce07cd7a42d123cc1f9bf0/analysis/1490207421/
         

Alt 22.03.2017, 20:39   #13
M-K-D-B
/// TB-Ausbilder
 
Löschung von McAfee resten - Standard

Löschung von McAfee resten



Servus,


du hast die falsche Datei hochgeladen.

Du sollst diese Datei bei VT hochladen:
C:\Program Files\PC Speed Repair\PCSpeedRepair.exe
__________________
Gruß
M-K-D-B


==========================================================
offline vom 22.12.2018 bis 01.01.2019
==========================================================

Das Trojaner-Board unterstützen

Alt 22.03.2017, 21:31   #14
bütti
 
Löschung von McAfee resten - Standard

Löschung von McAfee resten



Hallo Matthias, er kann diesen Pfad nicht finden.
C:\Program Files\PC Speed Repair\PCSpeedRepair.exe
Beim 1.Mal bot er mir die Additions Datei an, sorry.

Alt 22.03.2017, 21:36   #15
M-K-D-B
/// TB-Ausbilder
 
Löschung von McAfee resten - Standard

Löschung von McAfee resten



Servus,





Schritt 1
Downloade Dir bitte AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser.
  • Starte die adwcleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Werkzeuge > Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • Image File Execution Options Schlüssel
    • "Tracing" Schlüssel
    • "Prefetch" Dateien
    • Proxy
    • Winsock
    • Firewall
    • Internet Explorer Richtlinien
    • Chrome Richtlinien
  • Bestätige die Auswahl mit Ok.
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen (auch dann wenn AdwCleaner sagt, dass nichts gefunden wurde) und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).





Schritt 2
Downloade Dir bitte Malwarebytes Anti-Malware 3
  • Installiere das Programm in den vorgegebenen Pfad.
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Klicke im Anschluss auf Scan, wähle den Bedrohungs-Scan aus und klicke auf Scan starten.
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Ausgewählte Elemente in die Quarantäne verschieben.
  • Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM nach dem Neustart, klicke auf Berichte.
  • Wähle den neuesten Scan-Bericht aus, klicke auf Bericht anzeigen und dann auf Export.
  • Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.





Schritt 3
  • Starte die FRST erneut. Vergewissere dich, dass vor Addition.txt ein Haken gesetzt ist und drücke auf Untersuchen.
  • FRST erstellt nun zwei Logdateien (FRST.txt und Addition.txt).
  • Poste mir beide Logdateien mit deiner nächsten Antwort.






Bitte poste mit deiner nächsten Antwort
  • die Logdatei von AdwCleaner,
  • die Logdatei von MBAM,
  • die beiden neuen Logdateien von FRST.
__________________
Gruß
M-K-D-B


==========================================================
offline vom 22.12.2018 bis 01.01.2019
==========================================================

Das Trojaner-Board unterstützen

Antwort

Themen zu Löschung von McAfee resten
hilfe, löschen, löschung, mcafee, reste



Ähnliche Themen: Löschung von McAfee resten


  1. Suche nach Resten von McAfee Installationen
    Log-Analyse und Auswertung - 01.10.2016 (8)
  2. Streit mit Intel: John McAfee will sein Unternehmen John McAfee nennen
    Nachrichten - 07.09.2016 (1)
  3. Entfernen von infiziertem JonDoFox und Trojaner-Resten
    Log-Analyse und Auswertung - 28.05.2015 (21)
  4. GVU Trojaner - komplette löschung
    Plagegeister aller Art und deren Bekämpfung - 19.12.2012 (2)
  5. Incredibar-Löschung vergeblich
    Plagegeister aller Art und deren Bekämpfung - 11.09.2012 (9)
  6. Löschung meines Account
    Lob, Kritik und Wünsche - 26.07.2012 (9)
  7. Löschung des Accounts
    Lob, Kritik und Wünsche - 17.12.2010 (3)
  8. Löschung des Accounts
    Lob, Kritik und Wünsche - 16.11.2008 (1)
  9. TR/Patched.AA515 Löschung
    Log-Analyse und Auswertung - 28.09.2008 (15)
  10. Brauche Hilfe mit Spyware und Cookie-Resten
    Antiviren-, Firewall- und andere Schutzprogramme - 08.02.2008 (1)
  11. Frage zur Löschung / Nicht-Löschung von Prozessen (HiJack detected)
    Log-Analyse und Auswertung - 20.07.2007 (3)
  12. Löschung Festplatte
    Alles rund um Windows - 02.02.2005 (6)
  13. manuell Löschung von Einrägen
    Log-Analyse und Auswertung - 03.12.2004 (3)

Zum Thema Löschung von McAfee resten - Mit der Bitte und Hilfe beim Löschen von McAfee Resten hat mich Purzelbär hierher verwiesen. hxxp://www.trojaner-board.de/184845-kontrolle-deinstallation-mcafee-windows-10-a.html - Löschung von McAfee resten...
Archiv
Du betrachtest: Löschung von McAfee resten auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.