Ständige Werbung und NetUtils2016?

Luckyschatz · 19.05.2017, 20:23

Guten Abend

Ich beschreibe mal o kurz es geht mein Problem (hoffe Stichpunkte sind okay für euch)
- Werbung öffnet sich bei klicken auf Internetseiten in neuem oder dem gleichen Tab -> frisst sich manchmal fest bis ich nur noch über Taskmanager den Browser geschlossen bekomme
- Internetseiten (egal welche) stürzen häufig ab, nur noch schließen möglich
- Trotz adblock übermäßig viel Werbung - vor allem zwischen den Google-Suchergebnissen und bei Youtube als "Videovorschlag" getarnt, neuerdings auch Werbung über dem Video, welche sich nur über adblock manuell entfernen lässt
-Videos bei Youtube haben Ton, aber kein Bild mehr
- Google Chrome stürzt nach einigen Momenten komplett ab - lässt sich nur noch über Taskmanager schließen
- Werbung öffnet sich automatisch, ohne das ich am Pc war (war mal 20 min. nicht am Pc, kam wieder und es waren um die 15 Internetseiten mit Werbung geöffnet)
- habe kürzlich im Taskmanager "NetUtils2016" und in meinem Explorer "YeahDesktop" - beide lassen sich durch adwcleaner im normalen und abgesicherten Modus nicht entfernen

Puuh.. ich glaube das wars erstmal...
tut mir leid, dass das so viel ist, aber vielleicht ann mir ja trotzdem jemand helfen

Luckyschatz

M-K-D-B · 19.05.2017, 20:53

Mein Name ist Matthias und ich werde dir bei der Bereinigung deines Computers helfen.

Um die Bereinigung möchlichst effektiv und schnell gestalten zu können, bitte ich um Beachtung der folgenden Hinweise:

Falls wir Hinweise auf illegal erworbene Software finden, werden wir den Support unterbrechen bis jegliche Art von illegaler Software vom Rechner entfernt wurde.
Lies dir meine Anleitungen immer sorgfältig durch, arbeite alle Schritte in der vorgegebenen Reihefolge nacheinander ab und poste immer alle Logdateien (auch wenn nichts gefunden wurde). Solltest du Probleme haben, stoppe mit deiner Bearbeitung und beschreibe mir dein Problem so gut es geht.
Solltest du mir nicht innerhalb von 3 Tagen antworten, gehe ich davon aus, dass du keine Hilfe mehr benötigst. Dann lösche ich dein Thema aus meinem Abo. Solltest du einmal länger abwesend sein, so gib mir bitte Bescheid!
Während der Bereinigung bitte nichts installieren oder deinstallieren, außer ich bitte dich darum!
Außerdem bitte ich dich, nicht eigenmächtig irgendwelche Sicherheitsprogramme auszuführen und damit deinen Rechner zu überprüfen/bereinigen, da ich so leicht den Überblick verlieren kann.
Außerdem hättest du dir das Eröffnen eines Themas in diesem Fall auch gleich sparen können, wenn du dann doch wieder alleine rumhantierst.
Bitte beachten: Download bei filepony.de: So ladet Ihr unsere Tools richtig!
Alle zu verwendenen Programme sind auf dem Desktop ( C:\users\dein Benutzername\Desktop\ ) abzuspeichern und von dort als Administrator zu starten!
Einige Programme, die wir hier verwenden, können unter Umständen von deinem Antiviren- oder Anti-Malwareprogramm fälschlicherweise als Bedrohung eingestuft werden. Die Sicherheitsprogramme können aufgrund eines bestimmten Programmverhaltens nicht zwischen "gut" oder "böse" unterscheiden und schlagen Alarm. Dabei handelt es sich um Fehlalarme, welche du getrost ignorieren kannst. Gegebenenfalls musst du deine Sicherheitssoftware vor der Ausführung eines Programms deaktivieren, damit unsere Bereinigungsvorgänge nicht beeinträchtigt werden.
Sollten die Logdateien einmal die zulässige Länge (~ 120.000 Zeichen) überschreiten, so teile die Logdateien auf mehrere Posts auf.
Zur Not kannst du die Logdateien dann auch zippen (in ein .zip Archiv packen) und als Anhang hochladen.
Bitte arbeite so lange mit mir zusammen, bis ich dir sage, dass wir fertig sind und dein Rechner "sauber" ist. Das vorzeitige Verschwinden von Symptomen heißt nicht automatisch, dass dein Rechner bereits vollständig sauber ist.
In der Regel antworte ich dir innerhalb von 24 Stunden, oft sogar wesentlich schneller.
Jedoch habe auch ich einen normalen Beruf und Familie. Ich bin daher nicht jeden Tag stundenlag hier im Forum unterwegs. Es kann unter Umständen bis zu 2 Tage dauern, bis du eine Antwort von mir erhältst. Sollte diese Zeit überschritten sein, so kannst du mir gerne eine PM als Erinnerung schicken.

Bitte arbeite alle Schritte in der vorgegebenen Reihefolge nacheinander ab und poste alle Logdateien in CODE-Tags:

So funktioniert es:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert deinem Helfer massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu groß für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:

Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
Klicke aauf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.

Danke für deine Mitarbeit!

Schritt 1
Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:

FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)

Starte jetzt FRST.
Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

Schritt 2
Downloade dir bitte

TDSSKiller.exe und speichere diese Datei auf dem Desktop

Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
Drücke Start Scan
Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt

Poste den Inhalt bitte in jedem Fall hier in deinen Thread.

Bitte poste mit deiner nächsten Antwort

die Logdatei von TDSS-Killer,
die beiden neuen Logdateien von FRST.

Luckyschatz · 20.05.2017, 07:55

Hier mal die Logdateien von FRST (FRST.txt)

Code:

ATTFilter

Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 14-05-2017
durchgeführt von Pitti (Administrator) auf DESKTOP-TP9DC4I (20-05-2017 08:41:28)
Gestartet von C:\Users\Pitti\Downloads
Geladene Profile: Pitti (Verfügbare Profile: Pitti)
Platform: Windows 10 Home Version 1607 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Edge)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Intel Corporation) C:\Windows\SysWOW64\esif_uf.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Electronic Arts) C:\Program Files (x86)\Origin\OriginWebHelperService.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.5\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.5\GoogleCrashHandler64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(Intel Corporation) C:\Windows\Temp\DPTF\esif_assist_64.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\APRP\aprp.exe
(ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
() C:\Windows\System32\igfxTray.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.15.597.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(AVAST Software) C:\Program Files\AVAST Software\SecureLine\secureline.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
(Microsoft Corporation) C:\Windows\System32\browser_broker.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe

==================== Registry (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2654512 2015-10-03] (NVIDIA Corporation)
HKLM\...\Run: [WindowsDefender] => C:\Program Files\Windows Defender\MSASCuiL.exe [631808 2017-04-28] (Microsoft Corporation)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2017-03-15] (Oracle Corporation)
HKU\S-1-5-21-1585193191-2329745140-1049602013-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3019552 2017-04-26] (Valve Corporation)
HKU\S-1-5-21-1585193191-2329745140-1049602013-1001\...\MountPoints2: {3f9e17ff-a47a-11e5-9bc5-806e6f6e6963} - "E:\Autorun.exe" 
HKU\S-1-5-18\...\Run: [] => [X]
HKU\S-1-5-18\...\Run: [Lp2k0KLo3JN.exe] => C:\ProgramData\0cba1143376c450fbb3a89392df868d0\Lp2k0KLo3JN.exe [89600 2017-05-13] ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\avast! SecureLine.lnk [2015-12-17]
ShortcutTarget: avast! SecureLine.lnk -> C:\Program Files\AVAST Software\SecureLine\SecureLine.exe (AVAST Software)
CHR HKLM\SOFTWARE\Policies\Google: Beschränkung <======= ACHTUNG

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Winsock: Catalog5-x64 05 C:\WINDOWS\system32\NSBlockA.dll => Keine Datei  <===== ACHTUNG
Winsock: Catalog5-x64 08 C:\WINDOWS\system32\NSBlockB.dll => Keine Datei  <===== ACHTUNG
Hosts: Es ist mehr als ein Eintrag in der Hosts Datei zu finden. Siehe Hosts-Bereich in Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\Parameters: [NameServer] 82.163.143.157 82.163.142.159
Tcpip\..\Interfaces\{5ecc1828-dea3-4170-b6c6-6d557ec1c429}: [DhcpNameServer] 82.163.143.157
Tcpip\..\Interfaces\{6f16093c-bffb-4a7b-b894-777c10793d1c}: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{996ea0b8-ca4a-4c25-9b44-fbad264c8641}: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{ca4d7660-cb2f-4c16-a493-e99d991ed543}: [DhcpNameServer] 82.163.143.157
Tcpip\..\Interfaces\{efcfe49d-c6bb-4343-b2ec-b087ec086e71}: [DhcpNameServer] 192.168.2.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-1585193191-2329745140-1049602013-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-1585193191-2329745140-1049602013-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus15.msn.com/?pc=ASTE
SearchScopes: HKU\S-1-5-21-1585193191-2329745140-1049602013-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-1585193191-2329745140-1049602013-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2017-05-13] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_131\bin\ssv.dll [2017-04-26] (Oracle Corporation)
BHO: - -> {C654F3FE-8E84-4BB7-87CF-8D9171FC3C73} -> C:\Program Files\{D44B74DA-1C23-457E-A2CA-C96B81B04B5F}\{BB8C700C-D463-487B-BFFE-E771F86A8413}.bin => Keine Datei
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2017-05-13] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_131\bin\jp2ssv.dll [2017-04-26] (Oracle Corporation)
BHO-x32: Evernote extension -> {92EF2EAD-A7CE-4424-B0DB-499CF856608E} -> C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll [2015-04-30] (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-05-13] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-05-13] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-05-13] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-05-13] (Microsoft Corporation)

Edge: 
======
Edge Extension: (AdBlock) -> EdgeExtension_BetaFishAdBlock_c1wakc4j0nefm => C:\Program Files\WindowsApps\BetaFish.AdBlock_1.12.0.0_neutral__c1wakc4j0nefm [2017-05-02]

FireFox:
========
FF Plugin: @java.com/DTPlugin,version=11.131.2 -> C:\Program Files\Java\jre1.8.0_131\bin\dtplugin\npDeployJava1.dll [2017-04-26] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.131.2 -> C:\Program Files\Java\jre1.8.0_131\bin\plugin2\npjp2.dll [2017-04-26] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50906.0\npctrl.dll [2017-03-09] ( Microsoft Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.68 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-04-21] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2015-04-21] (Intel Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50906.0\npctrl.dll [2017-03-09] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2017-03-06] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-05-19] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-05-19] (Google Inc.)

Chrome: 
=======
CHR HomePage: Default -> hxxp://www.google.de/
CHR StartupUrls: Default -> "hxxps://www.google.de/","hxxps://www.google.com/"
CHR Profile: C:\Users\Pitti\AppData\Local\Google\Chrome\User Data\Default [2017-05-19]
CHR Extension: (Google Präsentationen) - C:\Users\Pitti\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-05-19]
CHR Extension: (Google Docs) - C:\Users\Pitti\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-05-19]
CHR Extension: (Google Drive) - C:\Users\Pitti\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-05-19]
CHR Extension: (YouTube) - C:\Users\Pitti\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-05-19]
CHR Extension: (Unknown Space) - C:\Users\Pitti\AppData\Local\Google\Chrome\User Data\Default\Extensions\bpjdbdbhiomamecfnjahemfimgjamhjd [2017-05-19]
CHR Extension: (Adblock Plus) - C:\Users\Pitti\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2017-05-19]
CHR Extension: (SingleClick Cleaner) - C:\Users\Pitti\AppData\Local\Google\Chrome\User Data\Default\Extensions\cknijndocnnlkpenngcdcpleddlmckkm [2017-05-19]
CHR Extension: (Google Tabellen) - C:\Users\Pitti\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-05-19]
CHR Extension: (Missing You Chrome Theme - Arthur) - C:\Users\Pitti\AppData\Local\Google\Chrome\User Data\Default\Extensions\fogbjgnancbcjnflfdkknedhcnnnkcbh [2017-05-19]
CHR Extension: (Google Docs Offline) - C:\Users\Pitti\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-05-19]
CHR Extension: (Little Alchemy) - C:\Users\Pitti\AppData\Local\Google\Chrome\User Data\Default\Extensions\knkapnclbofjjgicpkfoagdjohlfjhpd [2017-05-19]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Pitti\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-05-19]
CHR Extension: (Adblock Pro) - C:\Users\Pitti\AppData\Local\Google\Chrome\User Data\Default\Extensions\ocifcklkibdehekfnmflempfgjhbedch [2017-05-19]
CHR Extension: (Google Mail) - C:\Users\Pitti\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-05-19]
CHR Extension: (Chrome Media Router) - C:\Users\Pitti\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-05-19]

==================== Dienste (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1465352 2017-02-12] ()
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [3801280 2017-05-04] (Microsoft Corporation)
R2 esifsvc; C:\WINDOWS\SysWoW64\esif_uf.exe [1385640 2015-08-04] (Intel Corporation)
R2 igfxCUIService2.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [373728 2016-11-30] (Intel Corporation)
S4 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [881152 2015-05-22] (Intel(R) Corporation)
S4 Intel(R) Security Assist; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe [335872 2015-05-19] (Intel Corporation) [Datei ist nicht signiert]
S4 isaHelperSvc; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe [7680 2015-05-19] () [Datei ist nicht signiert]
S4 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [207648 2015-08-07] (Intel Corporation)
S4 Kingsoft_WPS_UpdateService; C:\Program Files (x86)\Kingsoft\WPS Office\9.1.0.4947\wtoolex\wpsupdatesvr.exe [133480 2015-08-18] (Zhuhai Kingsoft Office Software Co.,Ltd)
S4 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2960160 2016-04-22] (IObit)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2162064 2017-05-17] (Electronic Arts)
R2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3136920 2017-05-17] (Electronic Arts)
S4 SecureLine; C:\Program Files\AVAST Software\SecureLine\VpnSvc.exe [592392 2016-05-23] ()
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347320 2017-04-28] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103712 2017-04-28] (Microsoft Corporation)
S4 mccspsvc; "C:\Program Files\Common Files\McAfee\CSP\1.8.267.0\McCSPServiceHost.exe" [X]
S2 QForlLgs0EYm Updater; C:\Program Files (x86)\QForlLgs0EYm Updater\QForlLgs0EYm Updater.exe [X]

===================== Treiber (Nicht auf der Ausnahmeliste) ======================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 atksgt; C:\WINDOWS\System32\DRIVERS\atksgt.sys [311968 2016-04-30] ()
R3 ATP; C:\WINDOWS\System32\drivers\AsusTP.sys [101368 2015-12-14] (ASUS Corporation)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131712 2016-09-05] (Samsung Electronics Co., Ltd.)
R3 dptf_cpu; C:\WINDOWS\System32\drivers\dptf_cpu.sys [43512 2015-08-04] (Intel Corporation)
R3 dptf_pch; C:\WINDOWS\System32\drivers\dptf_pch.sys [41976 2015-08-04] (Intel Corporation)
R3 esif_lf; C:\WINDOWS\system32\DRIVERS\esif_lf.sys [251384 2015-08-04] (Intel Corporation)
R0 IntelHSWPcc; C:\WINDOWS\System32\drivers\IntelPcc.sys [88256 2015-06-26] (Intel Corporation)
R2 lirsgt; C:\WINDOWS\System32\DRIVERS\lirsgt.sys [43168 2016-04-30] ()
S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
R1 NetUtils2016; C:\WINDOWS\system32\drivers\NetUtils2016.sys [909944 2017-02-23] () [Datei ist nicht signiert] <==== ACHTUNG
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nvamwu.inf_amd64_d4715679184092a8\nvlddmkm.sys [13754936 2016-09-12] (NVIDIA Corporation)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [887552 2015-07-15] (Realtek                                            )
R3 RTSPER; C:\WINDOWS\system32\DRIVERS\RtsPer.sys [751632 2015-05-14] (Realsil Semiconductor Corporation)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [165504 2016-09-05] (Samsung Electronics Co., Ltd.)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2017-05-20 08:41 - 2017-05-20 08:42 - 00017775 _____ C:\Users\Pitti\Downloads\FRST.txt
2017-05-20 08:41 - 2017-05-20 08:41 - 00000000 ____D C:\FRST
2017-05-20 08:40 - 2017-05-20 08:40 - 02429952 _____ (Farbar) C:\Users\Pitti\Downloads\FRST64.exe
2017-05-19 20:56 - 2017-05-19 20:56 - 00000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job
2017-05-19 20:40 - 2017-05-19 20:40 - 04110280 _____ C:\Users\Pitti\Desktop\adwcleaner.exe
2017-05-19 20:32 - 2017-05-19 21:13 - 00001427 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-05-19 20:32 - 2017-05-19 21:13 - 00001415 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2017-05-19 20:32 - 2017-05-19 20:32 - 01130328 _____ (Google Inc.) C:\Users\Pitti\Downloads\ChromeSetup.exe
2017-05-19 20:32 - 2017-05-19 20:32 - 00003628 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2017-05-19 20:32 - 2017-05-19 20:32 - 00003504 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2017-05-18 17:53 - 2017-05-19 21:00 - 00000000 ____D C:\AdwCleaner
2017-05-14 18:31 - 2017-05-14 18:31 - 00001258 _____ C:\Users\Pitti\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Update- und Datenschutzeinstellungen.lnk
2017-05-14 18:31 - 2017-05-14 18:31 - 00000000 ____D C:\Users\Pitti\AppData\Local\UNP
2017-05-13 20:40 - 2017-05-13 20:40 - 01299424 _____ ( ) C:\Users\Pitti\Downloads\JavaPlugin.exe
2017-05-13 16:21 - 2017-05-13 16:21 - 00000000 ___HD C:\$SysReset
2017-05-13 15:34 - 2017-05-13 15:34 - 00000000 ____D C:\ProgramData\WinZip
2017-05-13 15:33 - 2017-05-13 15:34 - 00000000 ____D C:\Program Files\WinZip
2017-05-13 15:33 - 2017-05-13 15:33 - 00000000 ____D C:\Users\Pitti\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinZip 21.5
2017-05-13 15:32 - 2017-05-13 15:32 - 00000000 ____D C:\WINDOWS\CD95F661A5C444F5A6AAECDD91C2410F.TMP
2017-05-13 15:31 - 2017-05-13 17:06 - 00000000 ____D C:\Users\Pitti\AppData\Roaming\Nico Mak Computing
2017-05-13 15:29 - 2017-05-13 15:30 - 01263616 _____ (SecuredDownload) C:\Users\Pitti\Downloads\adwcleaner-5-013.exe
2017-05-13 15:19 - 2017-05-13 15:19 - 00000465 _____ C:\Users\Pitti\Downloads\SPug
2017-05-13 14:40 - 2017-05-13 14:40 - 00000000 ____D C:\Users\Pitti\AppData\Local\ElevatedDiagnostics
2017-05-13 14:39 - 2017-05-13 14:39 - 00003256 _____ C:\WINDOWS\System32\Tasks\{C4A9F1C2-B0D8-4A93-8B94-4D7396F9BCA3}
2017-05-13 14:24 - 2017-05-13 14:24 - 00000026 _____ C:\WINDOWS\Zone.Identifier
2017-05-13 13:55 - 2017-05-13 13:55 - 00000000 ____D C:\ProgramData\0cba1143376c450fbb3a89392df868d0
2017-05-13 08:52 - 2017-05-18 16:57 - 00000000 ____D C:\Program Files (x86)\FeOLMDtF4M
2017-05-12 20:18 - 2017-05-12 20:18 - 00000000 ____D C:\Users\Pitti\AppData\Roaming\Google
2017-05-12 17:09 - 2017-05-12 17:10 - 00000000 ____D C:\Program Files\UNP
2017-05-12 17:09 - 2017-05-12 17:09 - 00000000 ____D C:\WINDOWS\system32\UNP
2017-05-12 15:36 - 2017-05-12 15:36 - 00000000 ____D C:\Users\Pitti\AppData\Roaming\ServerTest
2017-05-12 15:32 - 2017-05-12 15:32 - 00000000 ____D C:\Users\Pitti\AppData\Local\CrashRpt
2017-05-12 15:26 - 2017-05-12 15:29 - 00000000 ____D C:\Program Files\1cc64dd1cb19ce97578e172dc264b81a
2017-05-12 15:24 - 2017-05-12 15:32 - 00000000 ____D C:\Users\Pitti\AppData\Local\navi
2017-05-10 16:09 - 2017-05-10 16:09 - 00051628 _____ C:\WINDOWS\uninstaller.dat
2017-05-10 14:35 - 2017-04-28 02:56 - 02048488 _____ C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2017-05-10 14:35 - 2017-04-28 02:48 - 00263472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Storage.ApplicationData.dll
2017-05-10 14:35 - 2017-04-28 02:46 - 05722320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2017-05-10 14:35 - 2017-04-28 02:46 - 01504056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2017-05-10 14:35 - 2017-04-28 02:46 - 01431232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2017-05-10 14:35 - 2017-04-28 02:45 - 02263832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2017-05-10 14:35 - 2017-04-28 02:45 - 00975744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll
2017-05-10 14:35 - 2017-04-28 02:45 - 00861024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2017-05-10 14:35 - 2017-04-28 02:45 - 00116576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudExperienceHostCommon.dll
2017-05-10 14:35 - 2017-04-28 02:43 - 00846560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll
2017-05-10 14:35 - 2017-04-28 02:40 - 06665952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2017-05-10 14:35 - 2017-04-28 02:40 - 04023008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2017-05-10 14:35 - 2017-04-28 02:40 - 01851696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2017-05-10 14:35 - 2017-04-28 02:40 - 01360456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetsrc.dll
2017-05-10 14:35 - 2017-04-28 02:40 - 01277856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll
2017-05-10 14:35 - 2017-04-28 02:40 - 01202936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2017-05-10 14:35 - 2017-04-28 02:40 - 00981888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetcore.dll
2017-05-10 14:35 - 2017-04-28 02:39 - 20967840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2017-05-10 14:35 - 2017-04-28 02:29 - 05685760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2017-05-10 14:35 - 2017-04-28 02:23 - 00095232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTimeUtil.dll
2017-05-10 14:35 - 2017-04-28 02:22 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\odbcconf.dll
2017-05-10 14:35 - 2017-04-28 02:21 - 00224256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExSMime.dll
2017-05-10 14:35 - 2017-04-28 02:20 - 00141824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Radios.dll
2017-05-10 14:35 - 2017-04-28 02:19 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDeviceRegistration.dll
2017-05-10 14:35 - 2017-04-28 02:19 - 00138240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DisplayManager.dll
2017-05-10 14:35 - 2017-04-28 02:18 - 00255488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\unimdm.tsp
2017-05-10 14:35 - 2017-04-28 02:17 - 00142336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.WiFi.dll
2017-05-10 14:35 - 2017-04-28 02:17 - 00136192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinRtTracing.dll
2017-05-10 14:35 - 2017-04-28 02:17 - 00094208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryClient.dll
2017-05-10 14:35 - 2017-04-28 02:16 - 00392192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Gaming.Input.dll
2017-05-10 14:35 - 2017-04-28 02:16 - 00374784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.LowLevel.dll
2017-05-10 14:35 - 2017-04-28 02:16 - 00315904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Gaming.XboxLive.Storage.dll
2017-05-10 14:35 - 2017-04-28 02:16 - 00184320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserMgrProxy.dll
2017-05-10 14:35 - 2017-04-28 02:16 - 00180224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
2017-05-10 14:35 - 2017-04-28 02:16 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppointmentActivation.dll
2017-05-10 14:35 - 2017-04-28 02:16 - 00113152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Lights.dll
2017-05-10 14:35 - 2017-04-28 02:15 - 00557568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll
2017-05-10 14:35 - 2017-04-28 02:15 - 00237568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SyncSettings.dll
2017-05-10 14:35 - 2017-04-28 02:15 - 00117760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AuthBroker.dll
2017-05-10 14:35 - 2017-04-28 02:15 - 00115712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Core.dll
2017-05-10 14:35 - 2017-04-28 02:14 - 00670208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.PointOfService.dll
2017-05-10 14:35 - 2017-04-28 02:14 - 00483840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.AllJoyn.dll
2017-05-10 14:35 - 2017-04-28 02:14 - 00223232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgentUserBroker.exe
2017-05-10 14:35 - 2017-04-28 02:13 - 13873664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2017-05-10 14:35 - 2017-04-28 02:13 - 01243136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.FaceAnalysis.dll
2017-05-10 14:35 - 2017-04-28 02:13 - 00562176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.SmartCards.dll
2017-05-10 14:35 - 2017-04-28 02:13 - 00426496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Wallet.dll
2017-05-10 14:35 - 2017-04-28 02:13 - 00386048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.WiFiDirect.dll
2017-05-10 14:35 - 2017-04-28 02:13 - 00332288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Bluetooth.dll
2017-05-10 14:35 - 2017-04-28 02:13 - 00325120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleacc.dll
2017-05-10 14:35 - 2017-04-28 02:13 - 00298496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2017-05-10 14:35 - 2017-04-28 02:13 - 00271360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\deviceaccess.dll
2017-05-10 14:35 - 2017-04-28 02:13 - 00218624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WwaApi.dll
2017-05-10 14:35 - 2017-04-28 02:13 - 00202752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.HumanInterfaceDevice.dll
2017-05-10 14:35 - 2017-04-28 02:13 - 00185856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Identity.Provider.dll
2017-05-10 14:35 - 2017-04-28 02:13 - 00175616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Scanners.dll
2017-05-10 14:35 - 2017-04-28 02:12 - 00498688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mbsmsapi.dll
2017-05-10 14:35 - 2017-04-28 02:12 - 00431616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\efswrt.dll
2017-05-10 14:35 - 2017-04-28 02:12 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Picker.dll
2017-05-10 14:35 - 2017-04-28 02:11 - 00747520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Ocr.dll
2017-05-10 14:35 - 2017-04-28 02:10 - 00819200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppContracts.dll
2017-05-10 14:35 - 2017-04-28 02:10 - 00314368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Usb.dll
2017-05-10 14:35 - 2017-04-28 02:10 - 00284672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.dll
2017-05-10 14:35 - 2017-04-28 02:10 - 00238080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AboveLockAppHost.dll
2017-05-10 14:35 - 2017-04-28 02:09 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2017-05-10 14:35 - 2017-04-28 02:08 - 01534464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.Printing.3D.dll
2017-05-10 14:35 - 2017-04-28 02:08 - 00653312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.AccountsControl.dll
2017-05-10 14:35 - 2017-04-28 02:08 - 00288256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CryptoWinRT.dll
2017-05-10 14:35 - 2017-04-28 02:06 - 04614656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2017-05-10 14:35 - 2017-04-28 02:06 - 02333184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmSvc.dll
2017-05-10 14:35 - 2017-04-28 02:06 - 00901120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Bluetooth.dll
2017-05-10 14:35 - 2017-04-28 02:06 - 00675840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.dll
2017-05-10 14:35 - 2017-04-28 02:05 - 03733504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_47.dll
2017-05-10 14:35 - 2017-04-28 02:05 - 00589312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Sensors.dll
2017-05-10 14:35 - 2017-04-28 02:03 - 01077760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Editing.dll
2017-05-10 14:35 - 2017-04-28 02:03 - 00355328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RTMediaFrame.dll
2017-05-10 14:35 - 2017-04-28 02:02 - 03307008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2017-05-10 14:35 - 2017-04-28 02:01 - 00795648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MiracastReceiver.dll
2017-05-10 14:35 - 2017-04-28 02:01 - 00713216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpnapps.dll
2017-05-10 14:35 - 2017-04-28 02:01 - 00343040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToDevice.dll
2017-05-10 14:35 - 2017-04-28 02:01 - 00248832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dlnashext.dll
2017-05-10 14:35 - 2017-04-28 02:01 - 00141312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dialclient.dll
2017-05-10 14:35 - 2017-04-28 02:00 - 01255936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll
2017-05-10 14:35 - 2017-04-28 01:59 - 00895488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Streaming.dll
2017-05-10 14:35 - 2017-04-28 01:59 - 00220672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToReceiver.dll
2017-05-10 14:35 - 2017-04-28 01:58 - 07468544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2017-05-10 14:35 - 2017-04-28 01:58 - 00134144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ErrorDetails.dll
2017-05-10 14:35 - 2017-04-28 01:57 - 01247232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Globalization.dll
2017-05-10 14:35 - 2017-04-28 01:57 - 01221120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Audio.dll
2017-05-10 14:35 - 2017-04-28 01:57 - 00641024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MCRecvSrc.dll
2017-05-10 14:35 - 2017-04-28 01:56 - 00400384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToManager.dll
2017-05-10 14:35 - 2017-04-28 01:56 - 00357376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Geolocation.dll
2017-05-10 14:35 - 2017-04-28 01:56 - 00103936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Devices.dll
2017-05-10 14:35 - 2017-04-28 01:55 - 01656320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Perception.dll
2017-05-10 14:35 - 2017-04-28 01:55 - 01232384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Maps.dll
2017-05-10 14:35 - 2017-04-28 01:55 - 01170944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Speech.dll
2017-05-10 14:35 - 2017-04-28 01:55 - 01004544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Input.Inking.dll
2017-05-10 14:35 - 2017-04-28 01:54 - 02646528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CertEnroll.dll
2017-05-10 14:35 - 2017-04-28 01:54 - 02483200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2017-05-10 14:35 - 2017-04-28 01:54 - 01013248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.Http.dll
2017-05-10 14:35 - 2017-04-28 01:54 - 00654336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MbaeApiPublic.dll
2017-05-10 14:35 - 2017-04-28 01:54 - 00598528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.dll
2017-05-10 14:35 - 2017-04-28 01:54 - 00566784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ShareHost.dll
2017-05-10 14:35 - 2017-04-28 01:54 - 00348160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Midi.dll
2017-05-10 14:35 - 2017-04-28 01:53 - 01170944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Phone.dll
2017-05-10 14:35 - 2017-04-28 01:53 - 00751104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.BackgroundTransfer.dll
2017-05-10 14:35 - 2017-04-28 01:53 - 00621056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll
2017-05-10 14:35 - 2017-04-28 01:52 - 03106304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstsc.exe
2017-05-10 14:35 - 2017-04-28 01:52 - 02994176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2017-05-10 14:35 - 2017-04-28 01:52 - 01600000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2017-05-10 14:35 - 2017-04-28 01:50 - 00783360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TSWorkspace.dll
2017-05-10 14:35 - 2017-04-28 01:30 - 00483840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2017-05-10 14:35 - 2017-03-04 09:57 - 00484584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2017-05-10 14:35 - 2017-03-04 08:22 - 00265728 _____ C:\WINDOWS\SysWOW64\Windows.Perception.Stub.dll
2017-05-10 14:35 - 2017-03-04 08:17 - 00529920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StructuredQuery.dll
2017-05-10 14:35 - 2017-03-04 08:16 - 00500224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.Printing.dll
2017-05-10 14:35 - 2017-03-04 08:01 - 00827904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll
2017-05-10 14:35 - 2017-03-04 08:00 - 00691200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2017-05-10 14:34 - 2017-04-28 03:28 - 00965472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReAgent.dll
2017-05-10 14:34 - 2017-04-28 02:59 - 00601712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2017-05-10 14:34 - 2017-04-28 02:58 - 01706488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2017-05-10 14:34 - 2017-04-28 02:57 - 00794928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Shell.Broker.dll
2017-05-10 14:34 - 2017-04-28 02:55 - 00088416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\scmbus.sys
2017-05-10 14:34 - 2017-04-28 02:53 - 02213760 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2017-05-10 14:34 - 2017-04-28 02:53 - 00774224 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2017-05-10 14:34 - 2017-04-28 02:53 - 00616048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kernel32.dll
2017-05-10 14:34 - 2017-04-28 02:45 - 00781144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2017-05-10 14:34 - 2017-04-28 02:45 - 00493920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2017-05-10 14:34 - 2017-04-28 02:43 - 02168288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2017-05-10 14:34 - 2017-04-28 02:43 - 01980768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2017-05-10 14:34 - 2017-04-28 02:43 - 01557224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\crypt32.dll
2017-05-10 14:34 - 2017-04-28 02:42 - 00601952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupEngine.dll
2017-05-10 14:34 - 2017-04-28 02:41 - 00361104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsmf.dll
2017-05-10 14:34 - 2017-04-28 02:40 - 07220184 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2017-05-10 14:34 - 2017-04-28 02:40 - 01860288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2017-05-10 14:34 - 2017-04-28 02:40 - 00857440 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2017-05-10 14:34 - 2017-04-28 02:40 - 00352760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MMDevAPI.dll
2017-05-10 14:34 - 2017-04-28 02:39 - 04312248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2017-05-10 14:34 - 2017-04-28 02:39 - 00962760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2017-05-10 14:34 - 2017-04-28 02:39 - 00715104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys
2017-05-10 14:34 - 2017-04-28 02:38 - 00847200 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupEngine.dll
2017-05-10 14:34 - 2017-04-28 02:38 - 00557408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2017-05-10 14:34 - 2017-04-28 02:36 - 00408600 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsmf.dll
2017-05-10 14:34 - 2017-04-28 02:36 - 00092512 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2017-05-10 14:34 - 2017-04-28 02:35 - 08170600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2017-05-10 14:34 - 2017-04-28 02:35 - 04260576 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2017-05-10 14:34 - 2017-04-28 02:35 - 01988048 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2017-05-10 14:34 - 2017-04-28 02:35 - 01702392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
2017-05-10 14:34 - 2017-04-28 02:35 - 01414208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2017-05-10 14:34 - 2017-04-28 02:35 - 01302136 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2017-05-10 14:34 - 2017-04-28 02:35 - 00596040 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2017-05-10 14:34 - 2017-04-28 02:35 - 00276832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\input.dll
2017-05-10 14:34 - 2017-04-28 02:34 - 22220856 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2017-05-10 14:34 - 2017-04-28 02:34 - 01072248 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetcore.dll
2017-05-10 14:34 - 2017-04-28 02:34 - 00443232 _____ (Microsoft Corporation) C:\WINDOWS\system32\MMDevAPI.dll
2017-05-10 14:34 - 2017-04-28 02:34 - 00244824 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2017-05-10 14:34 - 2017-04-28 02:28 - 00453536 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe
2017-05-10 14:34 - 2017-04-28 02:28 - 00387864 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpps.dll
2017-05-10 14:34 - 2017-04-28 02:23 - 01631232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Resources.dll
2017-05-10 14:34 - 2017-04-28 02:22 - 00165376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReInfo.dll
2017-05-10 14:34 - 2017-04-28 02:21 - 00027648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BthTelemetry.dll
2017-05-10 14:34 - 2017-04-28 02:20 - 00044032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\virtdisk.dll
2017-05-10 14:34 - 2017-04-28 02:18 - 00450560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastls.dll
2017-05-10 14:34 - 2017-04-28 02:18 - 00285184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.BlockedShutdown.dll
2017-05-10 14:34 - 2017-04-28 02:17 - 00328192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2017-05-10 14:34 - 2017-04-28 02:17 - 00095232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BluetoothApis.dll
2017-05-10 14:34 - 2017-04-28 02:16 - 00231936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.LockScreen.dll
2017-05-10 14:34 - 2017-04-28 02:16 - 00203776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\credprovhost.dll
2017-05-10 14:34 - 2017-04-28 02:15 - 00404992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dsreg.dll
2017-05-10 14:34 - 2017-04-28 02:15 - 00334848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastlsext.dll
2017-05-10 14:34 - 2017-04-28 02:15 - 00206336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bthprops.cpl
2017-05-10 14:34 - 2017-04-28 02:13 - 01755136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DeviceFlows.DataModel.dll
2017-05-10 14:34 - 2017-04-28 02:13 - 00506880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DevicePairing.dll
2017-05-10 14:34 - 2017-04-28 02:13 - 00206336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vaultcli.dll
2017-05-10 14:34 - 2017-04-28 02:13 - 00125952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apprepapi.dll
2017-05-10 14:34 - 2017-04-28 02:13 - 00114176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\setupugc.exe
2017-05-10 14:34 - 2017-04-28 02:12 - 00284672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apprepsync.dll
2017-05-10 14:34 - 2017-04-28 02:11 - 00846336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WebcamUi.dll
2017-05-10 14:34 - 2017-04-28 02:11 - 00075776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\updatepolicy.dll
2017-05-10 14:34 - 2017-04-28 02:10 - 00857600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EmailApis.dll
2017-05-10 14:34 - 2017-04-28 02:10 - 00816640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NaturalLanguage6.dll
2017-05-10 14:34 - 2017-04-28 02:10 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mprddm.dll
2017-05-10 14:34 - 2017-04-28 02:09 - 00525824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintDialogs.dll
2017-05-10 14:34 - 2017-04-28 02:09 - 00509440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2017-05-10 14:34 - 2017-04-28 02:09 - 00368128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\puiobj.dll
2017-05-10 14:34 - 2017-04-28 02:09 - 00352256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Enumeration.dll
2017-05-10 14:34 - 2017-04-28 02:08 - 07626752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2017-05-10 14:34 - 2017-04-28 02:08 - 01228288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usercpl.dll
2017-05-10 14:34 - 2017-04-28 02:07 - 03689984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2017-05-10 14:34 - 2017-04-28 02:07 - 00525312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LogonController.dll
2017-05-10 14:34 - 2017-04-28 02:07 - 00372736 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXTaskFactory.dll
2017-05-10 14:34 - 2017-04-28 02:07 - 00256512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\thumbcache.dll
2017-05-10 14:34 - 2017-04-28 02:05 - 00886272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2017-05-10 14:34 - 2017-04-28 02:05 - 00709120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CPFilters.dll
2017-05-10 14:34 - 2017-04-28 02:04 - 01323008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_fs.dll
2017-05-10 14:34 - 2017-04-28 02:04 - 00119808 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTimeUtil.dll
2017-05-10 14:34 - 2017-04-28 02:03 - 01137152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_health.dll
2017-05-10 14:34 - 2017-04-28 02:03 - 00318464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LocationApi.dll
2017-05-10 14:34 - 2017-04-28 02:03 - 00291328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\adsnt.dll
2017-05-10 14:34 - 2017-04-28 02:03 - 00134656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Energy.dll
2017-05-10 14:34 - 2017-04-28 02:02 - 00123904 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2017-05-10 14:34 - 2017-04-28 02:02 - 00115200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bridge.sys
2017-05-10 14:34 - 2017-04-28 02:02 - 00040448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vwifimp.sys
2017-05-10 14:34 - 2017-04-28 02:01 - 00295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\unimdm.tsp
2017-05-10 14:34 - 2017-04-28 02:01 - 00233472 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2017-05-10 14:34 - 2017-04-28 02:00 - 12349440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2017-05-10 14:34 - 2017-04-28 02:00 - 02749440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mispace.dll
2017-05-10 14:34 - 2017-04-28 02:00 - 00193536 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinRtTracing.dll
2017-05-10 14:34 - 2017-04-28 02:00 - 00149504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Core.dll
2017-05-10 14:34 - 2017-04-28 01:59 - 02154496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\storagewmi.dll
2017-05-10 14:34 - 2017-04-28 01:59 - 00467968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Gaming.XboxLive.Storage.dll
2017-05-10 14:34 - 2017-04-28 01:58 - 00546304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\uReFS.dll
2017-05-10 14:34 - 2017-04-28 01:58 - 00433664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\imapi2.dll
2017-05-10 14:34 - 2017-04-28 01:58 - 00418304 _____ C:\WINDOWS\system32\Windows.Perception.Stub.dll
2017-05-10 14:34 - 2017-04-28 01:58 - 00211968 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2017-05-10 14:34 - 2017-04-28 01:58 - 00090624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll
2017-05-10 14:34 - 2017-04-28 01:57 - 01507840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.FaceAnalysis.dll
2017-05-10 14:34 - 2017-04-28 01:57 - 00719872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_sr.dll
2017-05-10 14:34 - 2017-04-28 01:57 - 00216576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Scanners.dll
2017-05-10 14:34 - 2017-04-28 01:57 - 00089600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CameraCaptureUI.dll
2017-05-10 14:34 - 2017-04-28 01:56 - 00748544 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2017-05-10 14:34 - 2017-04-28 01:56 - 00590336 _____ (Microsoft Corporation) C:\WINDOWS\system32\efswrt.dll
2017-05-10 14:34 - 2017-04-28 01:56 - 00358912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.dll
2017-05-10 14:34 - 2017-04-28 01:56 - 00333312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsApi.dll
2017-05-10 14:34 - 2017-04-28 01:56 - 00293888 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2017-05-10 14:34 - 2017-04-28 01:56 - 00260608 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgentUserBroker.exe
2017-05-10 14:34 - 2017-04-28 01:55 - 01993216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2017-05-10 14:34 - 2017-04-28 01:55 - 01987584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2017-05-10 14:34 - 2017-04-28 01:55 - 01413632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OpcServices.dll
2017-05-10 14:34 - 2017-04-28 01:55 - 00561664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Wallet.dll
2017-05-10 14:34 - 2017-04-28 01:55 - 00307200 _____ (Microsoft Corporation) C:\WINDOWS\system32\PrintDialogs3D.dll
2017-05-10 14:34 - 2017-04-28 01:55 - 00252416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Identity.Provider.dll
2017-05-10 14:34 - 2017-04-28 01:54 - 02747904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpcore.dll
2017-05-10 14:34 - 2017-04-28 01:54 - 01883648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
2017-05-10 14:34 - 2017-04-28 01:54 - 00284160 _____ (Microsoft Corporation) C:\WINDOWS\system32\AboveLockAppHost.dll
2017-05-10 14:34 - 2017-04-28 01:53 - 06288384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2017-05-10 14:34 - 2017-04-28 01:53 - 03059200 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2017-05-10 14:34 - 2017-04-28 01:53 - 00798208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2017-05-10 14:34 - 2017-04-28 01:53 - 00671744 _____ (Microsoft Corporation) C:\WINDOWS\system32\mbsmsapi.dll
2017-05-10 14:34 - 2017-04-28 01:53 - 00579584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.UX.EapRequestHandler.dll
2017-05-10 14:34 - 2017-04-28 01:53 - 00245760 _____ (Microsoft Corporation) C:\WINDOWS\system32\WwaApi.dll
2017-05-10 14:34 - 2017-04-28 01:52 - 02008576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2017-05-10 14:34 - 2017-04-28 01:51 - 00713216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2017-05-10 14:34 - 2017-04-28 01:51 - 00458752 _____ (Microsoft Corporation) C:\WINDOWS\system32\RTMediaFrame.dll
2017-05-10 14:34 - 2017-04-28 01:51 - 00409600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys
2017-05-10 14:34 - 2017-04-28 01:50 - 03778048 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2017-05-10 14:34 - 2017-04-28 01:49 - 00864256 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnapps.dll
2017-05-10 14:34 - 2017-04-28 01:47 - 01908224 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2017-05-10 14:34 - 2017-04-28 01:47 - 01078784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.dll
2017-05-10 14:34 - 2017-04-28 01:47 - 00796672 _____ (Microsoft Corporation) C:\WINDOWS\system32\fvewiz.dll
2017-05-10 14:34 - 2017-04-28 01:47 - 00627200 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpaceControl.dll
2017-05-10 14:34 - 2017-04-28 01:45 - 01217024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Audio.dll
2017-05-10 14:34 - 2017-04-28 01:45 - 00411648 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsApi.dll
2017-05-10 14:34 - 2017-04-28 01:44 - 01366016 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2017-05-10 14:34 - 2017-04-28 01:44 - 01145344 _____ (Microsoft Corporation) C:\WINDOWS\system32\EmailApis.dll
2017-05-10 14:34 - 2017-04-28 01:44 - 00583680 _____ (Microsoft Corporation) C:\WINDOWS\system32\PrintDialogs.dll
2017-05-10 14:34 - 2017-04-28 01:44 - 00548864 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2017-05-10 14:34 - 2017-04-28 01:43 - 00963584 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebcamUi.dll
2017-05-10 14:34 - 2017-04-28 01:43 - 00646656 _____ (Microsoft Corporation) C:\WINDOWS\system32\wiaservc.dll
2017-05-10 14:34 - 2017-04-28 01:43 - 00526336 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2017-05-10 14:34 - 2017-04-28 01:43 - 00331264 _____ (Microsoft Corporation) C:\WINDOWS\system32\NgcCtnrSvc.dll
2017-05-10 14:34 - 2017-04-28 01:42 - 13441536 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2017-05-10 14:34 - 2017-04-28 01:42 - 08076288 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2017-05-10 14:34 - 2017-04-28 01:42 - 02390016 _____ (Microsoft Corporation) C:\WINDOWS\system32\smartscreen.exe
2017-05-10 14:34 - 2017-04-28 01:41 - 01080320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Ocr.dll
2017-05-10 14:34 - 2017-04-28 01:41 - 00983040 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcsvc.dll
2017-05-10 14:34 - 2017-04-28 01:41 - 00860160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mprddm.dll
2017-05-10 14:34 - 2017-04-28 01:41 - 00611328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Printing.dll
2017-05-10 14:34 - 2017-04-28 01:40 - 00816640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
2017-05-10 14:34 - 2017-04-28 01:39 - 04596224 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsrchvw.exe
2017-05-10 14:34 - 2017-04-28 01:39 - 00846336 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApiPublic.dll
2017-05-10 14:34 - 2017-04-28 01:38 - 02424320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Perception.dll
2017-05-10 14:34 - 2017-04-28 01:38 - 01359360 _____ (Microsoft Corporation) C:\WINDOWS\system32\usercpl.dll
2017-05-10 14:34 - 2017-04-28 01:38 - 00765440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Sensors.dll
2017-05-10 14:34 - 2017-04-28 01:37 - 04149248 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2017-05-10 14:34 - 2017-04-28 01:37 - 03134976 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcore.dll
2017-05-10 14:34 - 2017-04-28 01:37 - 02538496 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2017-05-10 14:34 - 2017-04-28 01:37 - 01984000 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2017-05-10 14:34 - 2017-04-28 01:37 - 01424896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Maps.dll
2017-05-10 14:34 - 2017-04-28 01:37 - 01266176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Input.Inking.dll
2017-05-10 14:34 - 2017-04-28 01:37 - 00391168 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2017-05-10 14:34 - 2017-04-28 01:36 - 01131008 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2017-05-10 14:34 - 2017-04-28 01:35 - 03299840 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstsc.exe
2017-05-10 14:34 - 2017-04-28 01:34 - 00999424 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWorkspace.dll
2017-05-10 14:34 - 2017-03-04 09:09 - 01293152 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2017-05-10 14:34 - 2017-03-04 08:27 - 00456192 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiobj.dll
2017-05-10 14:34 - 2017-03-04 08:25 - 01388544 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Cred.dll
2017-05-10 14:34 - 2017-03-04 08:23 - 00299520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataAccountApis.dll
2017-05-10 14:34 - 2017-03-04 08:19 - 01403392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Editing.dll
2017-05-10 14:34 - 2017-03-04 08:06 - 01369088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Phone.dll
2017-05-10 14:34 - 2017-03-04 08:05 - 03520512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xpsrchvw.exe
2017-05-10 14:33 - 2017-04-28 02:57 - 00603488 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContentDeliveryManager.Utilities.dll
2017-05-10 14:33 - 2017-04-28 02:56 - 01117024 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReAgent.dll
2017-05-10 14:33 - 2017-04-28 02:53 - 07784288 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2017-05-10 14:33 - 2017-04-28 02:52 - 02255712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2017-05-10 14:33 - 2017-04-28 02:49 - 02681200 _____ C:\WINDOWS\system32\CoreUIComponents.dll
2017-05-10 14:33 - 2017-04-28 02:49 - 00764392 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2017-05-10 14:33 - 2017-04-28 02:49 - 00700936 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel32.dll
2017-05-10 14:33 - 2017-04-28 02:47 - 00699744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimgapi.dll
2017-05-10 14:33 - 2017-04-28 02:47 - 00501088 _____ (Microsoft Corporation) C:\WINDOWS\system32\spwizeng.dll
2017-05-10 14:33 - 2017-04-28 02:46 - 00410464 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinSetupUI.dll
2017-05-10 14:33 - 2017-04-28 02:44 - 00062816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fsdepends.sys
2017-05-10 14:33 - 2017-04-28 02:42 - 00526176 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimserv.exe
2017-05-10 14:33 - 2017-04-28 02:42 - 00328008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Storage.ApplicationData.dll
2017-05-10 14:33 - 2017-04-28 02:40 - 02759704 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2017-05-10 14:33 - 2017-04-28 02:40 - 02187104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2017-05-10 14:33 - 2017-04-28 02:40 - 01738560 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2017-05-10 14:33 - 2017-04-28 02:40 - 01157000 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2017-05-10 14:33 - 2017-04-28 02:40 - 00578400 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2017-05-10 14:33 - 2017-04-28 02:40 - 00402784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2017-05-10 14:33 - 2017-04-28 02:40 - 00146784 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostCommon.dll
2017-05-10 14:33 - 2017-04-28 02:40 - 00026976 _____ (Microsoft Corporation) C:\WINDOWS\system32\browser_broker.exe
2017-05-10 14:33 - 2017-04-28 02:39 - 00624048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2017-05-10 14:33 - 2017-04-28 02:38 - 02915704 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2017-05-10 14:33 - 2017-04-28 02:38 - 02446704 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2017-05-10 14:33 - 2017-04-28 02:38 - 01852200 _____ (Microsoft Corporation) C:\WINDOWS\system32\crypt32.dll
2017-05-10 14:33 - 2017-04-28 02:38 - 01267512 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2017-05-10 14:33 - 2017-04-28 02:38 - 00431968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2017-05-10 14:33 - 2017-04-28 02:34 - 04674360 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2017-05-10 14:33 - 2017-04-28 02:34 - 01600624 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2017-05-10 14:33 - 2017-04-28 02:34 - 01277824 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2017-05-10 14:33 - 2017-04-28 02:34 - 00241504 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHost.dll
2017-05-10 14:33 - 2017-04-28 02:30 - 01569184 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2017-05-10 14:33 - 2017-04-28 02:30 - 00322912 _____ (Microsoft Corporation) C:\WINDOWS\system32\input.dll
2017-05-10 14:33 - 2017-04-28 02:28 - 00455520 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2017-05-10 14:33 - 2017-04-28 02:21 - 00073728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdc.ocx
2017-05-10 14:33 - 2017-04-28 02:19 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbonRes.dll
2017-05-10 14:33 - 2017-04-28 02:19 - 00081408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2017-05-10 14:33 - 2017-04-28 02:15 - 00822784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2017-05-10 14:33 - 2017-04-28 02:15 - 00126464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
2017-05-10 14:33 - 2017-04-28 02:14 - 00306688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2017-05-10 14:33 - 2017-04-28 02:14 - 00270336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2017-05-10 14:33 - 2017-04-28 02:12 - 00635904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2017-05-10 14:33 - 2017-04-28 02:12 - 00236544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2017-05-10 14:33 - 2017-04-28 02:11 - 00340480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2017-05-10 14:33 - 2017-04-28 02:10 - 07216640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2017-05-10 14:33 - 2017-04-28 02:10 - 00661504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll
2017-05-10 14:33 - 2017-04-28 02:08 - 18365440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2017-05-10 14:33 - 2017-04-28 02:06 - 22569472 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2017-05-10 14:33 - 2017-04-28 02:06 - 00691712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2017-05-10 14:33 - 2017-04-28 02:05 - 19414016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2017-05-10 14:33 - 2017-04-28 02:05 - 01631232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll
2017-05-10 14:33 - 2017-04-28 02:03 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbonRes.dll
2017-05-10 14:33 - 2017-04-28 02:03 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdc.ocx
2017-05-10 14:33 - 2017-04-28 02:03 - 00081408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\raspppoe.sys
2017-05-10 14:33 - 2017-04-28 02:03 - 00032256 _____ (Microsoft Corporation) C:\WINDOWS\system32\BthTelemetry.dll
2017-05-10 14:33 - 2017-04-28 02:03 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\odbcconf.dll
2017-05-10 14:33 - 2017-04-28 02:02 - 00019456 _____ (Microsoft Corporation) C:\WINDOWS\system32\appidcertstorecheck.exe
2017-05-10 14:33 - 2017-04-28 02:01 - 00259072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Family.SyncEngine.dll
2017-05-10 14:33 - 2017-04-28 02:01 - 00185344 _____ (Microsoft Corporation) C:\WINDOWS\system32\DisplayManager.dll
2017-05-10 14:33 - 2017-04-28 02:01 - 00156160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Family.Client.dll
2017-05-10 14:33 - 2017-04-28 02:01 - 00129536 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_ClosedCaptioning.dll
2017-05-10 14:33 - 2017-04-28 02:01 - 00090624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Printers.dll
2017-05-10 14:33 - 2017-04-28 02:01 - 00051712 _____ (Microsoft Corporation) C:\WINDOWS\system32\virtdisk.dll
2017-05-10 14:33 - 2017-04-28 02:00 - 00196096 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDeviceRegistration.dll
2017-05-10 14:33 - 2017-04-28 02:00 - 00193536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.WiFi.dll
2017-05-10 14:33 - 2017-04-28 02:00 - 00165376 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll
2017-05-10 14:33 - 2017-04-28 02:00 - 00148480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.System.Profile.RetailInfo.dll
2017-05-10 14:33 - 2017-04-28 02:00 - 00120832 _____ (Microsoft Corporation) C:\WINDOWS\system32\BluetoothApis.dll
2017-05-10 14:33 - 2017-04-28 02:00 - 00101888 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDeviceRegistration.Ngc.dll
2017-05-10 14:33 - 2017-04-28 02:00 - 00099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2017-05-10 14:33 - 2017-04-28 02:00 - 00073216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryBroker.dll
2017-05-10 14:33 - 2017-04-28 01:59 - 12187136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2017-05-10 14:33 - 2017-04-28 01:59 - 00635904 _____ (Microsoft Corporation) C:\WINDOWS\system32\FlightSettings.dll
2017-05-10 14:33 - 2017-04-28 01:59 - 00567296 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevicePairing.dll
2017-05-10 14:33 - 2017-04-28 01:59 - 00375296 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastlsext.dll
2017-05-10 14:33 - 2017-04-28 01:59 - 00186368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Radios.dll
2017-05-10 14:33 - 2017-04-28 01:59 - 00124416 _____ (Microsoft Corporation) C:\WINDOWS\system32\appidsvc.dll
2017-05-10 14:33 - 2017-04-28 01:59 - 00122880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryClient.dll
2017-05-10 14:33 - 2017-04-28 01:58 - 00547840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Gaming.Input.dll
2017-05-10 14:33 - 2017-04-28 01:58 - 00418304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.BlockedShutdown.dll
2017-05-10 14:33 - 2017-04-28 01:58 - 00360448 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpencom.dll
2017-05-10 14:33 - 2017-04-28 01:58 - 00289792 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeveloperOptionsSettingsHandlers.dll
2017-05-10 14:33 - 2017-04-28 01:58 - 00276992 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2017-05-10 14:33 - 2017-04-28 01:58 - 00231424 _____ (Microsoft Corporation) C:\WINDOWS\system32\shutdownux.dll
2017-05-10 14:33 - 2017-04-28 01:58 - 00150016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.AppDefaults.dll
2017-05-10 14:33 - 2017-04-28 01:58 - 00144896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Lights.dll
2017-05-10 14:33 - 2017-04-28 01:58 - 00130560 _____ (Microsoft Corporation) C:\WINDOWS\system32\ConsentUX.dll
2017-05-10 14:33 - 2017-04-28 01:57 - 00651264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.AllJoyn.dll
2017-05-10 14:33 - 2017-04-28 01:57 - 00568320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.LowLevel.dll
2017-05-10 14:33 - 2017-04-28 01:57 - 00505856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.WiFiDirect.dll
2017-05-10 14:33 - 2017-04-28 01:57 - 00502784 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastls.dll
2017-05-10 14:33 - 2017-04-28 01:57 - 00279552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.HumanInterfaceDevice.dll
2017-05-10 14:33 - 2017-04-28 01:57 - 00268800 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserMgrProxy.dll
2017-05-10 14:33 - 2017-04-28 01:57 - 00243712 _____ (Microsoft Corporation) C:\WINDOWS\system32\credprovhost.dll
2017-05-10 14:33 - 2017-04-28 01:57 - 00241152 _____ (Microsoft Corporation) C:\WINDOWS\system32\dafBth.dll
2017-05-10 14:33 - 2017-04-28 01:57 - 00223744 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2017-05-10 14:33 - 2017-04-28 01:57 - 00157184 _____ (Microsoft Corporation) C:\WINDOWS\system32\bthserv.dll
2017-05-10 14:33 - 2017-04-28 01:57 - 00139264 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2017-05-10 14:33 - 2017-04-28 01:57 - 00132096 _____ (Microsoft Corporation) C:\WINDOWS\system32\PrintWSDAHost.dll
2017-05-10 14:33 - 2017-04-28 01:56 - 00947712 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll
2017-05-10 14:33 - 2017-04-28 01:56 - 00912384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.SmartCards.dll
2017-05-10 14:33 - 2017-04-28 01:56 - 00692224 _____ (Microsoft Corporation) C:\WINDOWS\system32\CellularAPI.dll
2017-05-10 14:33 - 2017-04-28 01:56 - 00691200 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2017-05-10 14:33 - 2017-04-28 01:56 - 00387584 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2017-05-10 14:33 - 2017-04-28 01:56 - 00379904 _____ (Microsoft Corporation) C:\WINDOWS\system32\apprepsync.dll
2017-05-10 14:33 - 2017-04-28 01:56 - 00324608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.LockScreen.dll
2017-05-10 14:33 - 2017-04-28 01:56 - 00311296 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncSettings.dll
2017-05-10 14:33 - 2017-04-28 01:56 - 00267264 _____ (Microsoft Corporation) C:\WINDOWS\system32\vaultcli.dll
2017-05-10 14:33 - 2017-04-28 01:56 - 00147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll
2017-05-10 14:33 - 2017-04-28 01:56 - 00146432 _____ (Microsoft Corporation) C:\WINDOWS\system32\AuthBroker.dll
2017-05-10 14:33 - 2017-04-28 01:56 - 00088576 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2017-05-10 14:33 - 2017-04-28 01:55 - 06042624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2017-05-10 14:33 - 2017-04-28 01:55 - 02084352 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceFlows.DataModel.dll
2017-05-10 14:33 - 2017-04-28 01:55 - 00657920 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmans.dll
2017-05-10 14:33 - 2017-04-28 01:55 - 00431616 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpAXHolder.dll
2017-05-10 14:33 - 2017-04-28 01:55 - 00407552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2017-05-10 14:33 - 2017-04-28 01:55 - 00391168 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleacc.dll
2017-05-10 14:33 - 2017-04-28 01:55 - 00337408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Picker.dll
2017-05-10 14:33 - 2017-04-28 01:55 - 00231424 _____ (Microsoft Corporation) C:\WINDOWS\system32\bthprops.cpl
2017-05-10 14:33 - 2017-04-28 01:55 - 00176128 _____ (Microsoft Corporation) C:\WINDOWS\system32\apprepapi.dll
2017-05-10 14:33 - 2017-04-28 01:54 - 03664384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2017-05-10 14:33 - 2017-04-28 01:54 - 02027008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2017-05-10 14:33 - 2017-04-28 01:54 - 01509376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2017-05-10 14:33 - 2017-04-28 01:54 - 00949248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.PointOfService.dll
2017-05-10 14:33 - 2017-04-28 01:54 - 00472064 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Bluetooth.dll
2017-05-10 14:33 - 2017-04-28 01:54 - 00425984 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
2017-05-10 14:33 - 2017-04-28 01:54 - 00339456 _____ (Microsoft Corporation) C:\WINDOWS\system32\ConhostV2.dll
2017-05-10 14:33 - 2017-04-28 01:54 - 00329728 _____ (Microsoft Corporation) C:\WINDOWS\system32\deviceaccess.dll
2017-05-10 14:33 - 2017-04-28 01:54 - 00091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll
2017-05-10 14:33 - 2017-04-28 01:53 - 00458752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Enumeration.dll
2017-05-10 14:33 - 2017-04-28 01:53 - 00437248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Usb.dll
2017-05-10 14:33 - 2017-04-28 01:51 - 02104320 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll
2017-05-10 14:33 - 2017-04-28 01:51 - 01913856 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_fs.dll
2017-05-10 14:33 - 2017-04-28 01:51 - 01589760 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdtctm.dll
2017-05-10 14:33 - 2017-04-28 01:51 - 01584128 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_health.dll
2017-05-10 14:33 - 2017-04-28 01:51 - 00169984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Energy.dll
2017-05-10 14:33 - 2017-04-28 01:50 - 01476608 _____ (Microsoft Corporation) C:\WINDOWS\system32\RecoveryDrive.exe
2017-05-10 14:33 - 2017-04-28 01:50 - 00380416 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationApi.dll
2017-05-10 14:33 - 2017-04-28 01:50 - 00338944 _____ (Microsoft Corporation) C:\WINDOWS\system32\adsnt.dll
2017-05-10 14:33 - 2017-04-28 01:50 - 00329728 _____ (Microsoft Corporation) C:\WINDOWS\system32\fvecpl.dll
2017-05-10 14:33 - 2017-04-28 01:49 - 17198592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2017-05-10 14:33 - 2017-04-28 01:49 - 01105408 _____ (Microsoft Corporation) C:\WINDOWS\system32\MiracastReceiver.dll
2017-05-10 14:33 - 2017-04-28 01:49 - 00442368 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToDevice.dll
2017-05-10 14:33 - 2017-04-28 01:48 - 00337920 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2017-05-10 14:33 - 2017-04-28 01:48 - 00295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\dlnashext.dll
2017-05-10 14:33 - 2017-04-28 01:48 - 00187904 _____ (Microsoft Corporation) C:\WINDOWS\system32\dialclient.dll
2017-05-10 14:33 - 2017-04-28 01:47 - 09131008 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2017-05-10 14:33 - 2017-04-28 01:47 - 03290112 _____ (Microsoft Corporation) C:\WINDOWS\system32\mispace.dll
2017-05-10 14:33 - 2017-04-28 01:47 - 01790464 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationFramework.dll
2017-05-10 14:33 - 2017-04-28 01:47 - 00942080 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2017-05-10 14:33 - 2017-04-28 01:47 - 00649216 _____ (Microsoft Corporation) C:\WINDOWS\system32\vds.exe
2017-05-10 14:33 - 2017-04-28 01:46 - 02861056 _____ (Microsoft Corporation) C:\WINDOWS\system32\storagewmi.dll
2017-05-10 14:33 - 2017-04-28 01:46 - 01547264 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbengine.exe
2017-05-10 14:33 - 2017-04-28 01:46 - 01443328 _____ (Microsoft Corporation) C:\WINDOWS\system32\VSSVC.exe
2017-05-10 14:33 - 2017-04-28 01:46 - 00501248 _____ (Microsoft Corporation) C:\WINDOWS\system32\imapi2.dll
2017-05-10 14:33 - 2017-04-28 01:46 - 00374784 _____ (Microsoft Corporation) C:\WINDOWS\system32\resutils.dll
2017-05-10 14:33 - 2017-04-28 01:46 - 00279552 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToReceiver.dll
2017-05-10 14:33 - 2017-04-28 01:46 - 00049664 _____ (Microsoft Corporation) C:\WINDOWS\system32\catsrvps.dll
2017-05-10 14:33 - 2017-04-28 01:45 - 23677440 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2017-05-10 14:33 - 2017-04-28 01:45 - 00946688 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_sr.dll
2017-05-10 14:33 - 2017-04-28 01:45 - 00628736 _____ (Microsoft Corporation) C:\WINDOWS\system32\uReFS.dll
2017-05-10 14:33 - 2017-04-28 01:45 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2017-05-10 14:33 - 2017-04-28 01:45 - 00167936 _____ (Microsoft Corporation) C:\WINDOWS\system32\ErrorDetails.dll
2017-05-10 14:33 - 2017-04-28 01:45 - 00130560 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpaceAgent.exe
2017-05-10 14:33 - 2017-04-28 01:45 - 00112640 _____ (Microsoft Corporation) C:\WINDOWS\system32\CameraCaptureUI.dll
2017-05-10 14:33 - 2017-04-28 01:44 - 13091328 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2017-05-10 14:33 - 2017-04-28 01:44 - 04749824 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2017-05-10 14:33 - 2017-04-28 01:44 - 01010176 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2017-05-10 14:33 - 2017-04-28 01:44 - 00937984 _____ (Microsoft Corporation) C:\WINDOWS\system32\MCRecvSrc.dll
2017-05-10 14:33 - 2017-04-28 01:44 - 00896512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.AccountsControl.dll
2017-05-10 14:33 - 2017-04-28 01:44 - 00775168 _____ (Microsoft Corporation) C:\WINDOWS\system32\GamePanel.exe
2017-05-10 14:33 - 2017-04-28 01:44 - 00410112 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevicesFlowBroker.dll
2017-05-10 14:33 - 2017-04-28 01:44 - 00139776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Devices.dll
2017-05-10 14:33 - 2017-04-28 01:43 - 01184256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Unistore.dll
2017-05-10 14:33 - 2017-04-28 01:43 - 00634368 _____ (Microsoft Corporation) C:\WINDOWS\system32\StructuredQuery.dll
2017-05-10 14:33 - 2017-04-28 01:43 - 00600576 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptui.dll
2017-05-10 14:33 - 2017-04-28 01:43 - 00560128 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppReadiness.dll
2017-05-10 14:33 - 2017-04-28 01:43 - 00539136 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToManager.dll
2017-05-10 14:33 - 2017-04-28 01:43 - 00467968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Geolocation.dll
2017-05-10 14:33 - 2017-04-28 01:43 - 00460800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Midi.dll
2017-05-10 14:33 - 2017-04-28 01:43 - 00320512 _____ (Microsoft Corporation) C:\WINDOWS\system32\thumbcache.dll
2017-05-10 14:33 - 2017-04-28 01:42 - 08125440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2017-05-10 14:33 - 2017-04-28 01:42 - 01692160 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2017-05-10 14:33 - 2017-04-28 01:42 - 01021440 _____ (Microsoft Corporation) C:\WINDOWS\system32\usermgr.dll
2017-05-10 14:33 - 2017-04-28 01:42 - 00945664 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll
2017-05-10 14:33 - 2017-04-28 01:42 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2017-05-10 14:33 - 2017-04-28 01:41 - 01359872 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModel.dll
2017-05-10 14:33 - 2017-04-28 01:41 - 00890368 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll
2017-05-10 14:33 - 2017-04-28 01:41 - 00828416 _____ (Microsoft Corporation) C:\WINDOWS\system32\appwiz.cpl
2017-05-10 14:33 - 2017-04-28 01:41 - 00759296 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2017-05-10 14:33 - 2017-04-28 01:41 - 00650752 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2017-05-10 14:33 - 2017-04-28 01:41 - 00591360 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2017-05-10 14:33 - 2017-04-28 01:41 - 00376832 _____ (Microsoft Corporation) C:\WINDOWS\system32\CryptoWinRT.dll
2017-05-10 14:33 - 2017-04-28 01:40 - 04474368 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_47.dll
2017-05-10 14:33 - 2017-04-28 01:40 - 02914816 _____ (Microsoft Corporation) C:\WINDOWS\system32\CertEnroll.dll
2017-05-10 14:33 - 2017-04-28 01:40 - 02510848 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2017-05-10 14:33 - 2017-04-28 01:40 - 02208768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Printing.3D.dll
2017-05-10 14:33 - 2017-04-28 01:40 - 02096640 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2017-05-10 14:33 - 2017-04-28 01:40 - 01643008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.dll
2017-05-10 14:33 - 2017-04-28 01:40 - 01586176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Globalization.dll
2017-05-10 14:33 - 2017-04-28 01:40 - 01040896 _____ (Microsoft Corporation) C:\WINDOWS\system32\NaturalLanguage6.dll
2017-05-10 14:33 - 2017-04-28 01:40 - 00971264 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll
2017-05-10 14:33 - 2017-04-28 01:40 - 00913920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.dll
2017-05-10 14:33 - 2017-04-28 01:40 - 00886784 _____ (Microsoft Corporation) C:\WINDOWS\system32\CPFilters.dll
2017-05-10 14:33 - 2017-04-28 01:40 - 00770560 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2017-05-10 14:33 - 2017-04-28 01:39 - 00673792 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2017-05-10 14:33 - 2017-04-28 01:38 - 05611008 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll
2017-05-10 14:33 - 2017-04-28 01:38 - 01490432 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2017-05-10 14:33 - 2017-04-28 01:38 - 01275392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Bluetooth.dll
2017-05-10 14:33 - 2017-04-28 01:37 - 04744192 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2017-05-10 14:33 - 2017-04-28 01:37 - 02895872 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2017-05-10 14:33 - 2017-04-28 01:37 - 02316288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2017-05-10 14:33 - 2017-04-28 01:37 - 02286592 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2017-05-10 14:33 - 2017-04-28 01:37 - 02216960 _____ (Microsoft Corporation) C:\WINDOWS\system32\OpcServices.dll
2017-05-10 14:33 - 2017-04-28 01:37 - 01783296 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2017-05-10 14:33 - 2017-04-28 01:37 - 01637888 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2017-05-10 14:33 - 2017-04-28 01:37 - 00881664 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2017-05-10 14:33 - 2017-04-28 01:37 - 00875520 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2017-05-10 14:33 - 2017-04-28 01:36 - 03613184 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2017-05-10 14:33 - 2017-04-28 01:36 - 02691072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2017-05-10 14:33 - 2017-04-28 01:36 - 02478080 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2017-05-10 14:33 - 2017-04-28 01:36 - 01844224 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2017-05-10 14:33 - 2017-04-28 01:36 - 01513472 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2017-05-10 14:33 - 2017-04-28 01:36 - 01328640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.Http.dll
2017-05-10 14:33 - 2017-04-28 01:36 - 00774656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.dll
2017-05-10 14:33 - 2017-04-28 01:36 - 00735744 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2017-05-10 14:33 - 2017-04-28 01:36 - 00716800 _____ (Microsoft Corporation) C:\WINDOWS\system32\ShareHost.dll
2017-05-10 14:33 - 2017-04-28 01:35 - 01121280 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2017-05-10 14:33 - 2017-04-28 01:35 - 00924672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.BackgroundTransfer.dll
2017-05-10 14:33 - 2017-04-28 01:34 - 00439296 _____ (Microsoft Corporation) C:\WINDOWS\system32\wksprt.exe
2017-05-10 14:33 - 2017-04-28 01:34 - 00394240 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpclip.exe
2017-05-10 14:33 - 2017-04-28 01:34 - 00035328 _____ (Microsoft Corporation) C:\WINDOWS\system32\spaceman.exe
2017-05-10 14:33 - 2017-04-28 01:33 - 01817088 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.dll
2017-05-10 14:33 - 2017-03-04 08:26 - 00261632 _____ (Microsoft Corporation) C:\WINDOWS\system32\indexeddbserver.dll
2017-05-10 14:33 - 2017-03-04 08:25 - 01060352 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppContracts.dll
2017-05-10 14:33 - 2016-12-21 09:09 - 00368640 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneBackupHandler.dll
2017-05-04 18:16 - 2017-05-04 18:16 - 00004182 _____ C:\WINDOWS\System32\Tasks\{BCC45D64-0B6F-EACF-2DE6-5C519E1B3A6A}
2017-05-04 18:16 - 2017-05-04 18:16 - 00004182 _____ C:\WINDOWS\System32\Tasks\{66527076-D1F9-C7DD-F9E2-F0B84CD92CBF}
2017-05-04 18:16 - 2017-05-04 18:16 - 00000000 ____D C:\ProgramData\{EA4DE132-5DE6-5699-DDC3-8A4739838DA0}
2017-05-04 18:16 - 2017-05-04 18:16 - 00000000 ____D C:\ProgramData\{26AA403A-9101-F791-915D-90DE7C22D4DC}
2017-05-01 15:06 - 2017-05-19 13:19 - 00003550 _____ C:\WINDOWS\System32\Tasks\ASUS Live Update1
2017-04-26 16:07 - 2017-05-18 17:56 - 00000000 ____D C:\Program Files (x86)\iolo
2017-04-26 16:07 - 2017-04-26 16:23 - 00000000 ____D C:\ProgramData\iolo
2017-04-26 16:07 - 2017-04-26 16:07 - 18338352 _____ C:\Users\Pitti\Downloads\SCUDownloader.exe
2017-04-26 16:07 - 2017-04-26 16:07 - 00074703 _____ C:\WINDOWS\SysWOW64\mfc45.dat
2017-04-26 14:51 - 2017-04-26 14:50 - 00110144 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-64.dll
2017-04-26 14:04 - 2017-04-26 14:04 - 00000000 ____D C:\Users\Pitti\AppData\LocalLow\Oracle
2017-04-22 19:26 - 2017-04-22 19:26 - 00041485 _____ C:\Users\Pitti\Downloads\Sildurs Vibrant Shaders v1.141 Lite.zip
2017-04-22 19:17 - 2017-04-22 19:18 - 00000000 ____D C:\Users\Pitti\Downloads\Hier lassen!

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2017-05-20 08:39 - 2017-02-25 13:26 - 00000165 _____ C:\Users\Pitti\AppData\Roaming\sp_data.sys
2017-05-20 08:39 - 2017-01-02 13:26 - 00000000 ____D C:\Program Files (x86)\Steam
2017-05-20 08:39 - 2016-10-03 11:06 - 00000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2017-05-20 08:39 - 2016-03-23 14:36 - 00000000 ____D C:\ProgramData\ASUS Smart Gesture
2017-05-20 08:39 - 2016-03-22 06:25 - 00000000 __SHD C:\Users\Pitti\IntelGraphicsProfiles
2017-05-19 21:23 - 2017-02-23 15:44 - 00625272 _____ C:\WINDOWS\system32\NetUtils2016.dll
2017-05-19 21:23 - 2016-10-03 11:03 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2017-05-19 20:58 - 2016-10-03 11:32 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-05-19 20:58 - 2016-07-16 08:04 - 00786432 _____ C:\WINDOWS\system32\config\BBI
2017-05-19 20:47 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\AppReadiness
2017-05-19 20:42 - 2016-10-03 11:12 - 00000000 ____D C:\Users\Pitti
2017-05-19 20:32 - 2017-02-25 16:16 - 00000000 ____D C:\Users\Pitti\AppData\Local\Google
2017-05-19 20:32 - 2016-04-01 12:11 - 00000000 ____D C:\Program Files (x86)\Google
2017-05-19 15:44 - 2017-04-10 14:16 - 00000000 ____D C:\Users\Pitti\.litwrl
2017-05-19 13:19 - 2016-10-03 11:32 - 00003540 _____ C:\WINDOWS\System32\Tasks\ASUS Live Update2
2017-05-18 18:04 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2017-05-18 17:58 - 2016-10-03 11:44 - 00000008 __RSH C:\Users\Pitti\ntuser.pol
2017-05-18 17:58 - 2016-05-01 16:43 - 00000008 __RSH C:\ProgramData\ntuser.pol
2017-05-18 17:56 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\SysWOW64\GroupPolicy
2017-05-18 17:56 - 2016-05-17 13:49 - 00000000 ____D C:\ProgramData\IObit
2017-05-18 17:56 - 2015-07-10 13:04 - 00000000 ___HD C:\WINDOWS\system32\GroupPolicy
2017-05-18 16:23 - 2016-07-16 13:47 - 00000000 ___HD C:\Program Files\WindowsApps
2017-05-17 19:55 - 2016-03-27 11:48 - 00000000 ____D C:\ProgramData\Origin
2017-05-17 16:39 - 2017-02-25 17:22 - 00000000 ____D C:\Users\Pitti\AppData\Roaming\Origin
2017-05-17 16:36 - 2017-01-24 17:07 - 00000000 ____D C:\Program Files (x86)\Origin
2017-05-17 14:25 - 2016-07-16 13:45 - 00000000 ____D C:\WINDOWS\INF
2017-05-16 16:56 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\appraiser
2017-05-16 16:56 - 2016-07-16 13:36 - 00000000 ____D C:\WINDOWS\CbsTemp
2017-05-13 17:07 - 2017-04-10 13:06 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2017-05-13 16:26 - 2016-11-21 20:28 - 00000000 ____D C:\Users\Pitti\.gimp-2.8
2017-05-13 15:55 - 2016-03-22 21:32 - 00000000 ____D C:\Users\Pitti\Documents\Spiele
2017-05-13 14:52 - 2016-07-17 00:51 - 01038652 _____ C:\WINDOWS\system32\perfh007.dat
2017-05-13 14:52 - 2016-07-17 00:51 - 00241020 _____ C:\WINDOWS\system32\perfc007.dat
2017-05-13 14:52 - 2015-08-18 07:20 - 02498702 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-05-13 13:59 - 2017-02-23 15:43 - 00000000 ____D C:\Users\Default\AppData\Local\AdvinstAnalytics
2017-05-13 13:59 - 2017-02-23 15:43 - 00000000 ____D C:\Users\Default User\AppData\Local\AdvinstAnalytics
2017-05-13 09:07 - 2016-07-16 13:47 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2017-05-13 09:06 - 2015-08-18 07:29 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2017-05-12 17:18 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\rescache
2017-05-12 15:32 - 2016-10-03 11:06 - 00000000 ____D C:\Program Files\Realtek
2017-05-12 15:32 - 2016-07-16 13:47 - 00000000 __SHD C:\Program Files\Windows Sidebar
2017-05-11 18:14 - 2016-02-13 19:30 - 00000000 __RHD C:\Users\Public\AccountPictures
2017-05-11 18:11 - 2016-10-03 11:03 - 00339080 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2017-05-10 21:24 - 2016-07-16 13:47 - 00000000 ___SD C:\WINDOWS\SysWOW64\F12
2017-05-10 21:24 - 2016-07-16 13:47 - 00000000 ___SD C:\WINDOWS\system32\F12
2017-05-10 21:24 - 2016-07-16 13:47 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2017-05-10 21:24 - 2016-07-16 13:47 - 00000000 ___RD C:\Program Files\Windows Defender
2017-05-10 21:24 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2017-05-10 21:24 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\oobe
2017-05-10 21:24 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\ShellExperiences
2017-05-10 21:24 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\Provisioning
2017-05-10 21:24 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\PolicyDefinitions
2017-05-10 21:24 - 2016-07-16 13:47 - 00000000 ____D C:\Program Files\Windows Photo Viewer
2017-05-10 21:24 - 2016-07-16 13:47 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2017-05-10 21:24 - 2016-07-16 13:47 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2017-05-10 21:24 - 2016-07-16 08:04 - 00000000 ____D C:\WINDOWS\SysWOW64\Dism
2017-05-10 14:41 - 2016-04-30 12:30 - 00000000 ____D C:\WINDOWS\system32\MRT
2017-05-10 14:39 - 2016-04-30 12:30 - 156335152 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-05-10 14:09 - 2016-07-16 13:42 - 00073728 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSManMigrationPlugin.dll
2017-05-05 19:35 - 2015-12-17 07:31 - 00000000 ____D C:\ProgramData\McAfee
2017-05-05 19:30 - 2016-10-03 11:32 - 00000000 ____D C:\WINDOWS\System32\Tasks\McAfee
2017-05-05 19:30 - 2016-07-16 08:04 - 00032768 _____ C:\WINDOWS\system32\config\ELAM
2017-05-05 19:29 - 2015-10-30 08:28 - 00000000 ____D C:\Users\Default.migrated
2017-05-04 18:16 - 2017-04-13 23:32 - 00000000 ____D C:\ProgramData\{FEEFEE2F-4944-5984-A8C7-CDE4FAC6874A}
2017-05-04 18:16 - 2017-04-13 23:32 - 00000000 ____D C:\ProgramData\{F84DC8A7-4FE6-7F0C-0441-899F2FBD9651}
2017-05-03 19:33 - 2016-04-01 17:14 - 00000000 ____D C:\Users\Pitti\Documents\Word - Dokumente
2017-04-29 02:59 - 2017-04-12 23:31 - 00835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2017-04-29 02:59 - 2017-04-12 23:31 - 00177656 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2017-04-28 03:01 - 2016-10-03 11:06 - 02717184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2017-04-26 14:54 - 2016-04-01 13:16 - 00000000 ____D C:\ProgramData\Oracle
2017-04-26 14:51 - 2017-04-10 18:12 - 00000000 ____D C:\Program Files\Java
2017-04-26 14:50 - 2017-04-10 18:12 - 00110144 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge-64.dll
2017-04-22 17:33 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\NDF
2017-04-22 15:20 - 2017-04-10 13:00 - 00000000 ____D C:\Users\Pitti\AppData\Roaming\.minecraft
2017-04-20 13:54 - 2016-03-22 06:25 - 00000000 ____D C:\Users\Pitti\AppData\Local\Packages

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2017-02-25 13:26 - 2017-05-20 08:39 - 0000165 _____ () C:\Users\Pitti\AppData\Roaming\sp_data.sys
2016-10-03 11:07 - 2016-10-03 11:07 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

Einige Dateien in TEMP:
====================
2017-05-12 11:58 - 2017-05-12 11:58 - 0585370 _____ (                                                            ) C:\Users\Pitti\AppData\Local\Temp\241712c2-6a9a-481a-8f0b-fc4a49fb9424.exe
2017-04-26 14:04 - 2017-04-26 14:04 - 0739904 _____ (Oracle Corporation) C:\Users\Pitti\AppData\Local\Temp\jre-8u131-windows-au.exe
2016-02-23 12:43 - 2016-02-23 12:43 - 0120336 _____ (McAfee, Inc.) C:\Users\Pitti\AppData\Local\Temp\McCSPInstall.dll
2017-05-05 19:29 - 2016-02-23 12:43 - 0123360 _____ (McAfee Inc.) C:\Users\Pitti\AppData\Local\Temp\mccspuninstall.exe
2015-08-14 14:29 - 2015-07-29 22:08 - 0681097 _____ (SQLite Development Team) C:\Users\Pitti\AppData\Local\Temp\sqlite3.dll
2017-05-10 13:05 - 2017-05-10 13:05 - 2988888 _____ (IT Genius) C:\Users\Pitti\AppData\Local\Temp\W3rlsPaZ-prog.exe

==================== Bamital & volsnap ======================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert

LastRegBack: 2017-05-12 17:09

==================== Ende von FRST.txt ============================

Muss ne neue Antwort für den Addition.txt machen - wäre sonst zu lang

Luckyschatz · 20.05.2017, 08:04

Und hier noch die anderen (Addition.txt)

Code:

ATTFilter

ZusÃ¤tzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 14-05-2017
durchgefÃ¼hrt von Pitti (20-05-2017 08:43:42)
Gestartet von C:\Users\Pitti\Downloads
Windows 10 Home Version 1607 (X64) (2016-10-03 09:37:21)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-1585193191-2329745140-1049602013-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1585193191-2329745140-1049602013-503 - Limited - Disabled)
Gast (S-1-5-21-1585193191-2329745140-1049602013-501 - Limited - Disabled)
Pitti (S-1-5-21-1585193191-2329745140-1049602013-1001 - Administrator - Enabled) => C:\Users\Pitti

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" kÃ¶nnen in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

7-Zip 16.04 (HKLM-x32\...\7-Zip) (Version: 16.04 - Igor Pavlov)
Adobe Flash Player 24 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 24.0.0.194 - Adobe Systems Incorporated)
Archeage (HKLM-x32\...\Glyph Archeage) (Version:  - Trion Worlds, Inc.)
ARK: Survival Evolved (HKLM\...\Steam App 346110) (Version:  - Studio Wildcard)
ASUS HiPost (HKLM-x32\...\{04768366-F421-4BA5-8423-B84F644B5249}) (Version: 1.0.6 - ASUS)
ASUS Live Update (HKLM-x32\...\{FA540E67-095C-4A1B-97BA-4D547DEC9AF4}) (Version: 3.4.3 - ASUS)
ASUS Smart Gesture (HKLM-x32\...\{4D3286A6-F6AB-498A-82A4-E4F040529F3D}) (Version: 4.0.12 - ASUS)
ASUS Splendid Video Enhancement Technology (HKLM-x32\...\{0969AF05-4FF6-4C00-9406-43599238DE0D}) (Version: 3.13.0004 - ASUS)
ASUS USB Charger Plus (HKLM-x32\...\{A859E3E5-C62F-4BFA-AF1D-2B95E03166AF}) (Version: 4.1.6 - ASUS)
ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0041 - ASUS)
AudioWizard (HKLM-x32\...\{57E770A2-2BAF-4CAA-BAA3-BD896E2254D3}) (Version: 1.0.0.109 - ICEpower a/s)
Avast SecureLine for Asustek (HKLM\...\{2CD3C92F-EDC5-4B02-9B0A-9C1D37C58EF5}_is1) (Version: 1.0.239.3 - AVAST Software)
Banished 1.0.4 (HKLM-x32\...\Banished_is1) (Version:  - )
Craften Terminal 4.2.3 (HKLM-x32\...\{4e7c3936-7c06-4ef0-928b-c5d92f372578}_is1) (Version: 4.2.3 - Craften.de)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Device Setup (HKLM-x32\...\{8D6B05E0-F457-408C-9D13-549334D8FAE1}) (Version: 2.0.2 - ASUSTek Computer Inc.)
Die Simsâ„¢ 3 (HKLM-x32\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}) (Version: 1.69.43.024017 - Electronic Arts Inc.)
Die Simsâ„¢ 3 Design-Garten-Accessoires (HKLM-x32\...\{117B6BF6-82C3-420C-B284-9247C8568E53}) (Version: 7.0.55 - Electronic Arts)
Die Simsâ„¢ 3 Einfach tierisch (HKLM-x32\...\{C12631C6-804D-4B32-B0DD-8A496462F106}) (Version: 10.0.96 - Electronic Arts)
Die Simsâ„¢ 3 Jahreszeiten (HKLM-x32\...\{3DE92282-CB49-434F-81BF-94E5B380E889}) (Version: 16.0.136 - Electronic Arts)
Die Simsâ„¢ 3 Late Night (HKLM-x32\...\{45057FCE-5784-48BE-8176-D9D00AF56C3C}) (Version: 6.0.81 - Electronic Arts)
Die Simsâ„¢ 3 Lebensfreude (HKLM-x32\...\{E6B88BD6-E4B2-4701-A648-B6DAC6E491CC}) (Version: 8.0.152 - Electronic Arts)
Die Simsâ„¢ 3 Luxus-Accessoires (HKLM-x32\...\{71828142-5A24-4BD0-97E7-976DA08CE6CF}) (Version: 3.0.38 - Electronic Arts)
Die Simsâ„¢ 3 Reiseabenteuer (HKLM-x32\...\{BA26FFA5-6D47-47DB-BE56-34C357B5F8CC}) (Version: 2.0.86 - Electronic Arts)
Die Simsâ„¢ 3 Supernatural (HKLM-x32\...\{B37DAFA5-717D-41F8-BDFB-3A4B68C0B3A1}) (Version: 15.0.135 - Electronic Arts)
Die Simsâ„¢ 3 Traumkarrieren (HKLM-x32\...\{910F4A29-1134-49E0-AD8B-56E4A3152BD1}) (Version: 4.0.87 - Electronic Arts)
Die Simsâ„¢ 3 Traumsuite-Accessoires (HKLM-x32\...\{08A25478-C5DD-4EA7-B168-3D687CA987FF}) (Version: 11.0.84 - Electronic Arts)
Die Simsâ„¢ 3 Wildes Studentenleben (HKLM-x32\...\{F26DE8EF-F2CF-40DC-8CDA-CC0D82D11B36}) (Version: 18.0.126 - Electronic Arts)
Die Simsâ„¢ 4 (HKLM-x32\...\{48EBEBBF-B9F8-4520-A3CF-89A730721917}) (Version: 1.29.69.1020 - Electronic Arts Inc.)
Dropbox 25 GB (HKLM-x32\...\{597A58EC-42D6-4940-8739-FB94491B013C}) (Version: 1.0.8.0 - Dropbox, Inc.)
Evernote v. 5.8.6 (HKLM-x32\...\{FEDC7C10-EF67-11E4-9B07-00505695D7B0}) (Version: 5.8.6.7519 - Evernote Corp.)
Fotogalerie (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 58.0.3029.110 - Google Inc.)
Google Update Helper (x32 Version: 1.3.33.5 - Google Inc.) Hidden
Horsez - Abenteuer auf dem Reiterhof 5 (HKLM-x32\...\Horsez - Abenteuer auf dem Reiterhof 5) (Version:  - )
Intel Collaborative Processor Performance Control (HKLM-x32\...\0E7DAF70-FB54-4B91-B192-7E771C25AEEB) (Version: 1.0.0.1018 - Intel Corporation)
Intel(R) Chipset Device Software (x32 Version: 10.1.1.7 - Intel(R) Corporation) Hidden
Intel(R) Dynamic Platform and Thermal Framework (HKLM-x32\...\{654EE65D-FAA4-4EA6-8C07-DC94E6A304D4}) (Version: 8.1.10602.174 - Intel Corporation)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.0.1162 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4549 - Intel Corporation)
IntelÂ® Security Assist (HKLM-x32\...\{4B230374-6475-4A73-BA6E-41015E9C5013}) (Version: 1.0.0.532 - Intel Corporation)
Java 8 Update 131 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180131F0}) (Version: 8.0.1310.11 - Oracle Corporation)
Microsoft Office 365 - de-de (HKLM\...\O365HomePremRetail - de-de) (Version: 16.0.7967.2161 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50906.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24212 (HKLM-x32\...\{462f63a8-6347-4894-a1b3-dbfe3a4c981d}) (Version: 14.0.24212.0 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
Minecraft1.8 (HKLM-x32\...\Minecraft1.8) (Version:  - )
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
MySimsâ„¢ (HKLM-x32\...\{68DC42FA-962C-4973-A306-D595D861FA1E}) (Version: 1.00.0000 - Electronic Arts)
NVIDIA Graphics Driver 353.84 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 353.84 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (x32 Version: 16.0.7967.2161 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (Version: 16.0.7967.2161 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (Version: 16.0.7967.2161 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (x32 Version: 16.0.7668.2066 - Microsoft Corporation) Hidden
Online Special Application (x32 Version: 2.6.0 - Microleaves) Hidden <==== ACHTUNG
Online.io Application (x32 Version: 2.1.0 - Microleaves) Hidden <==== ACHTUNG
Origin (HKLM-x32\...\Origin) (Version: 10.4.10.46586 - Electronic Arts, Inc.)
Planet Coaster (HKLM\...\Steam App 493340) (Version:  - Frontier Developments)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.2.703.2015 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7673 - Realtek Semiconductor Corp.)
SimCityâ„¢ (HKLM-x32\...\{F70FDE4B-8F86-4eb6-8C8E-636EC89F6419}) (Version: 4.0.98.0213 - Electronic Arts)
Sims 4 Studio (HKLM-x32\...\{870AA913-0774-4ED0-B144-BC2C0CBE4BA0}_is1) (Version: 2.7.0.4 - Sims 4 Studio)
Star Stable (HKLM-x32\...\{2B03B553-4983-4005-99C4-31DFC25B4BB9}) (Version: 1.00.0000 - Star Stable Entertainment AB)
Star Stable Online (HKLM-x32\...\{8CD50415-04B7-459E-8CBD-DA96A9CDF98E}) (Version: 1.01.0000 - Star Stable Entertainment AB)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Traffic Exchange (x32 Version: 2.1.0 - Microleaves) Hidden <==== ACHTUNG
Wildlife Park 2 - Ultimate Edition v2.1 (HKLM-x32\...\Wildlife Park 2 - Ultimate Edition_is1) (Version:  - Deep Silver)
Windows 10 Update and Privacy Settings (HKLM\...\{293F2009-0145-450B-B4AA-063D43FB368C}) (Version: 1.0.13.0 - Microsoft Corporation)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
Windows-Treiberpaket - ASUS (ATP) Mouse  (11/11/2015 1.0.0.262) (HKLM\...\A044C5901003C24E6891688653ABA1068D04A1A0) (Version: 11/11/2015 1.0.0.262 - ASUS)
WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 3.0.1 - ASUS)
WinRAR 5.40 (32-Bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.40.0 - win.rar GmbH)
WPS Office for ASUS (HKLM-x32\...\Kingsoft Office) (Version: 9.1.0.4947 - Kingsoft Corp.)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-1585193191-2329745140-1049602013-1001_Classes\CLSID\{1BF42E4C-4AF4-4CFD-A1A0-CF2960B8F63E}\InprocServer32 -> C:\Users\Pitti\AppData\Local\Microsoft\OneDrive\17.3.6743.1212\amd64\FileSyncShell64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1585193191-2329745140-1049602013-1001_Classes\CLSID\{7AFDFDDB-F914-11E4-8377-6C3BE50D980C}\InprocServer32 -> C:\Users\Pitti\AppData\Local\Microsoft\OneDrive\17.3.6743.1212\amd64\FileSyncShell64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1585193191-2329745140-1049602013-1001_Classes\CLSID\{82CA8DE3-01AD-4CEA-9D75-BE4C51810A9E}\InprocServer32 -> C:\Users\Pitti\AppData\Local\Microsoft\OneDrive\17.3.6743.1212\amd64\FileSyncShell64.dll => Keine Datei

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {0F71139B-44DA-4814-95B3-36544058B19C} - System32\Tasks\DropboxOEM => C:\Program Files (x86)\Dropbox\DropboxOEM\DropboxOEM.exe [2015-05-29] ()
Task: {148E3E58-4318-4862-AF6A-6CD424956DF9} - System32\Tasks\Online Application v209 Guardian => C:\Program Files (x86)\Microleaves\Online.io Application\Online-Guardian-v2.0.9.exe  <==== ACHTUNG
Task: {1587944A-0D4F-4F8A-92B2-FD7CE91DB24C} - System32\Tasks\OneDrive Standalone Update Task => C:\Users\Pitti\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\OneDriveStandaloneUpdater.exe 
Task: {16C0F2CB-05FF-42DC-B079-DCDC8E771142} - System32\Tasks\WpsUpdateTask_Administrator => C:\Program Files (x86)\Kingsoft\WPS Office\9.1.0.4947\wtoolex\wpsupdate.exe [2015-08-18] (Zhuhai Kingsoft Office Software Co.,Ltd)
Task: {203759B5-C328-41AD-8021-61455168A7BE} - System32\Tasks\ATK Package A22126881260 => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\SimAppExec.exe [2015-03-10] (ASUSTek Computer Inc.)
Task: {24DDAEDA-CA5D-4A8A-A76E-BD9AC365B29F} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2015-11-27] (Realtek Semiconductor)
Task: {269D86B6-44B7-4D17-9C51-A21F71DD8D08} - System32\Tasks\{C4A9F1C2-B0D8-4A93-8B94-4D7396F9BCA3} => pcalua.exe -a "C:\Program Files (x86)\YeaDesktop\unins000.exe"
Task: {26EE79E3-674C-4A81-9C34-1F4DEE1872DF} - System32\Tasks\{51C6E08E-3B3D-4EDA-B8F6-6CF22112D5D8} => pcalua.exe -a "C:\Program Files (x86)\Kingsoft\WPS Office\9.1.0.4947\utility\uninst.exe"
Task: {2B87FDF9-B9DF-4CD4-9DF1-50FBE78A69CE} - System32\Tasks\ASUS\ASUS Product Register Service => C:\Program Files (x86)\ASUS\APRP\aprp.exe [2015-05-14] (ASUSTek Computer Inc.)
Task: {316BAD79-0487-493A-A4C9-15845492FF19} - System32\Tasks\WpsNotifyTask_Pitti => C:\Program Files (x86)\Kingsoft\WPS Office\9.1.0.4947\wtoolex\wpsnotify.exe [2015-08-18] (Zhuhai Kingsoft Office Software Co.,Ltd)
Task: {3B34459A-F06D-4E22-983E-31E8CF366847} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWoW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-01-14] (Adobe Systems Incorporated)
Task: {43DDFC13-D251-4D4E-9035-ACC3131E7444} - System32\Tasks\SMW_UpdateTask_Time_3335303535313533392d2d5b50342a4155456c5a236c => Wscript.exe //B "C:\ProgramData\SearchModule\smhe.js" smu.exe /invoke /f:check_services /l:0 <==== ACHTUNG
Task: {47B485D9-1AC5-4DE9-BEE0-A56921B2021A} - System32\Tasks\WpsNotifyTask_Administrator => C:\Program Files (x86)\Kingsoft\WPS Office\9.1.0.4947\wtoolex\wpsnotify.exe [2015-08-18] (Zhuhai Kingsoft Office Software Co.,Ltd)
Task: {4B6CEF02-C18B-4F4A-A42F-9A1A31108B3D} - System32\Tasks\RtHDVBg_ListenToDevice => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2015-11-27] (Realtek Semiconductor)
Task: {4C3E35AD-3C14-4459-9926-B85A3D527194} - System32\Tasks\Traffic Exchange v2 - 2 => C:\Program Files (x86)\Microleaves\Traffic Exchange\OnlineGuardian-v2.exe  <==== ACHTUNG
Task: {6473DBEC-0C27-4517-8AF1-A585996F6B48} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2017-05-13] (Microsoft Corporation)
Task: {77658E7D-82FB-4F5C-802E-A0199130AD6B} - System32\Tasks\avast! SL Update => C:\Program Files\AVAST Software\SecureLine\SLUpdate.exe [2016-04-24] (AVAST Software)
Task: {7D892A0F-D5D5-47B7-A643-B53F532170BB} - System32\Tasks\ASUS USB Charger Plus => C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe [2015-05-25] (ASUSTek Computer Inc.)
Task: {7FBF3021-4A12-4127-9327-6D277936257B} - System32\Tasks\{66D4ADE5-9B45-0B79-04A2-3751ABDE8755} => Regsvr32.exe /s /n /i:"/rt" "C:\PROGRA~3\591e1035\7956ba2f.dll" <==== ACHTUNG
Task: {8E1A1450-46F2-4C06-AD97-BCB24762C47D} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-05-19] (Google Inc.)
Task: {8F8515CE-3E8C-444B-B17F-108576010395} - System32\Tasks\ASUS Splendid ACMON => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [2015-08-25] (ASUS)
Task: {900990C8-6C4E-4281-B190-311B491074BC} - System32\Tasks\Online Application v209 => C:\Program Files (x86)\Microleaves\Online.io Application\Online-Guardian-v2.0.9.exe  <==== ACHTUNG
Task: {93612440-AEC9-4AE5-8938-4F6A23DA1036} - System32\Tasks\ATK Package 36D18D69AFC3 => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\SimAppExec.exe [2015-03-10] (ASUSTek Computer Inc.)
Task: {950C5063-7DC1-4C42-8C97-3363EE3E877D} - System32\Tasks\Traffic Exchange v209 - 3 => C:\Program Files (x86)\Microleaves\Traffic Exchange\Online-Guardian-v2.0.9.exe  <==== ACHTUNG
Task: {9D4021A6-EF40-4F60-947A-1B1C6163467D} - System32\Tasks\ASUS Smart Gesture Launcher => C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLauncher.exe [2015-12-14] (AsusTek)
Task: {A3BF07E2-5C1E-437A-BDDE-F94A50DE6B11} - System32\Tasks\{BCC45D64-0B6F-EACF-2DE6-5C519E1B3A6A} => C:\ProgramData\{26AA403A-9101-F791-915D-90DE7C22D4DC}\023A4473-B591-F3D8-8332-16CCB19D71B7.exe [2017-05-04] () <==== ACHTUNG
Task: {A5A108DD-A8FF-461E-820F-A59E8F383377} - System32\Tasks\Update Checker => C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe [2016-08-01] ()
Task: {AE293DA9-8CF4-4008-931E-1A929580CAD2} - System32\Tasks\WpsUpdateTask_Pitti => C:\Program Files (x86)\Kingsoft\WPS Office\9.1.0.4947\wtoolex\wpsupdate.exe [2015-08-18] (Zhuhai Kingsoft Office Software Co.,Ltd)
Task: {AFB50682-1153-4462-BE31-2EFA614115D4} - System32\Tasks\Traffic Exchange v209 - 2 => C:\Program Files (x86)\Microleaves\Traffic Exchange\Online-Guardian-v2.0.9.exe  <==== ACHTUNG
Task: {B0B56013-3EDC-4373-9D72-8F74AA1365EF} - System32\Tasks\Traffic Exchange v209 - 1 => C:\Program Files (x86)\Microleaves\Traffic Exchange\Online-Guardian-v2.0.9.exe  <==== ACHTUNG
Task: {B8B0C6E0-8F06-45CA-BEBF-5F77263279C5} - System32\Tasks\{860F2D22-6AC0-48ED-B6F5-6C3403AF1F30} => Chrome.exe hxxp://ui.skype.com/ui/0/7.24.85.104/de/abandoninstall?page=tsProgressBar
Task: {BB526CDD-906E-4EC2-B510-6BFECAE6A55E} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2017-05-04] (Microsoft Corporation)
Task: {BB7C439C-171B-465E-ACDA-D423FE47FC4C} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2017-05-04] (Microsoft Corporation)
Task: {BE555D2A-F976-44A8-8CA8-A11A4CA0F993} - System32\Tasks\{87E76E9E-4BB1-4726-9AC0-3E76FFCFC003} => Chrome.exe hxxp://www.skype.com/go/downloading?source=lightinstaller&amp;ver=7.23.0.105&amp;LastError=12002
Task: {BF2DD700-7AA5-409E-AEB8-81FFD5D4C48C} - System32\Tasks\{66527076-D1F9-C7DD-F9E2-F0B84CD92CBF} => C:\ProgramData\{EA4DE132-5DE6-5699-DDC3-8A4739838DA0}\DA07638A-6DAC-D421-ABCE-45A160C42F00.exe [2017-05-04] () <==== ACHTUNG
Task: {BF3AFF2B-261E-48AA-9EC8-67A2DD6BE42B} - System32\Tasks\ASUS Live Update1 => C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe [2016-08-01] ()
Task: {C226E8DC-E3FC-4944-8B6B-AFB76DCC37B1} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-05-19] (Google Inc.)
Task: {C3C12DFB-E158-4B37-ACE1-D74D3A301126} - System32\Tasks\Traffic Exchange v2 - 1 => C:\Program Files (x86)\Microleaves\Traffic Exchange\OnlineGuardian-v2.exe  <==== ACHTUNG
Task: {CFBC55E6-C36C-4DBA-8611-4FBB973714C3} - System32\Tasks\Online Application v209 Guard => C:\Program Files (x86)\Microleaves\Online.io Application\Online-Guardian-v2.0.9.exe  <==== ACHTUNG
Task: {D09BF922-C488-4930-B88E-2408714307F7} - System32\Tasks\ASUS Live Update2 => C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe [2016-08-01] ()
Task: {D90B0874-0A56-48B3-8F67-044DB3CA157C} - System32\Tasks\Updater_Online_Special_Application => C:\Program Files (x86)\Microleaves\Online Special Application\Online Special Application Updater.exe  <==== ACHTUNG
Task: {D9929395-7B21-4088-AA19-339478854ECA} - System32\Tasks\Traffic Exchange v2 - 3 => C:\Program Files (x86)\Microleaves\Traffic Exchange\OnlineGuardian-v2.exe  <==== ACHTUNG
Task: {F49014DF-5F42-4A1E-BC9C-EF02D9B57C1E} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\WINDOWS\explorer.exe /NOUACCHECK
Task: {FC57B35C-E13C-4544-9418-D73DED9A7450} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWoW64\Macromed\Flash\FlashUtil32_24_0_0_194_pepper.exe [2017-01-14] (Adobe Systems Incorporated)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\WINDOWS\Tasks\Adobe Flash Player PPAPI Notifier.job => C:\WINDOWS\SysWoW64\Macromed\Flash\FlashUtil32_24_0_0_194_pepper.exe
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWoW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
Task: C:\WINDOWS\Tasks\Online Application v209 Guard.job => C:\Program Files (x86)\Microleaves\Online.io Application\Online-Guardian-v2.0.9.exe <==== ACHTUNG
Task: C:\WINDOWS\Tasks\Online Application v209 Guardian.job => C:\Program Files (x86)\Microleaves\Online.io Application\Online-Guardian-v2.0.9.exe <==== ACHTUNG
Task: C:\WINDOWS\Tasks\Online Application v209.job => C:\Program Files (x86)\Microleaves\Online.io Application\Online-Guardian-v2.0.9.exe <==== ACHTUNG
Task: C:\WINDOWS\Tasks\SMW_UpdateTask_Time_3335303535313533392d23787845322a5b3434322d57.job => Wscript.exe  Q/B C:\ProgramData\SearchModule\smhe.js smu.exe <==== ACHTUNG
Task: C:\WINDOWS\Tasks\Traffic Exchange v2 - 1.job => C:\Program Files (x86)\Microleaves\Traffic Exchange\OnlineGuardian-v2.exe <==== ACHTUNG
Task: C:\WINDOWS\Tasks\Traffic Exchange v2 - 2.job => C:\Program Files (x86)\Microleaves\Traffic Exchange\OnlineGuardian-v2.exe <==== ACHTUNG
Task: C:\WINDOWS\Tasks\Traffic Exchange v2 - 3.job => C:\Program Files (x86)\Microleaves\Traffic Exchange\OnlineGuardian-v2.exe <==== ACHTUNG
Task: C:\WINDOWS\Tasks\Traffic Exchange v209 - 1.job => C:\Program Files (x86)\Microleaves\Traffic Exchange\Online-Guardian-v2.0.9.exe <==== ACHTUNG
Task: C:\WINDOWS\Tasks\Traffic Exchange v209 - 2.job => C:\Program Files (x86)\Microleaves\Traffic Exchange\Online-Guardian-v2.0.9.exe <==== ACHTUNG
Task: C:\WINDOWS\Tasks\Traffic Exchange v209 - 3.job => C:\Program Files (x86)\Microleaves\Traffic Exchange\Online-Guardian-v2.0.9.exe <==== ACHTUNG
Task: C:\WINDOWS\Tasks\Updater_Online_Special_Application.job => C:\Program Files (x86)\Microleaves\Online Special Application\Online Special Application Updater.exe <==== ACHTUNG
Task: C:\WINDOWS\Tasks\WpsNotifyTask_Administrator.job => C:\Program Files (x86)\Kingsoft\WPS Office\9.1.0.4947\wtoolex\wpsnotify.exe
Task: C:\WINDOWS\Tasks\WpsNotifyTask_Pitti.job => C:\Program Files (x86)\Kingsoft\WPS Office\9.1.0.4947\wtoolex\wpsnotify.exe
Task: C:\WINDOWS\Tasks\WpsUpdateTask_Administrator.job => C:\Program Files (x86)\Kingsoft\WPS Office\9.1.0.4947\wtoolex\wpsupdate.exe
Task: C:\WINDOWS\Tasks\WpsUpdateTask_Pitti.job => C:\Program Files (x86)\Kingsoft\WPS Office\9.1.0.4947\wtoolex\wpsupdate.exe

==================== VerknÃ¼pfungen =============================

(Die EintrÃ¤ge kÃ¶nnen gelistet werden, um sie zurÃ¼ckzusetzen oder zu entfernen.)

WMI_ActiveScriptEventConsumer_ASEC: <===== ACHTUNG

Shortcut: C:\Users\Pitti\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Minecraft\Minecraft Debugger.lnk -> C:\Users\Pitti\AppData\Roaming\.minecraft\minecraft launcher\Debug.bat ()

ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> hxxp://www.yeadesktop.com/
ShortcutWithArgument: C:\Users\Public\Desktop\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> hxxp://www.yeadesktop.com/

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2016-02-15 22:01 - 2016-02-15 22:01 - 00031256 _____ () C:\WINDOWS\System32\us008lm.dll
2016-07-16 13:42 - 2016-07-16 13:42 - 00231424 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2017-05-10 14:33 - 2017-04-28 02:49 - 02681200 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2016-10-03 11:07 - 2016-08-01 14:54 - 00133056 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2017-05-10 14:33 - 2017-04-28 02:49 - 02681200 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2015-10-16 09:26 - 2016-11-30 22:57 - 00401888 _____ () C:\WINDOWS\system32\igfxTray.exe
2017-05-10 14:33 - 2017-04-28 02:49 - 02681200 _____ () C:\WINDOWS\SYSTEM32\CoreUIComponents.dll
2016-10-03 11:56 - 2016-10-03 11:56 - 00134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll
2017-03-16 18:20 - 2017-03-04 08:31 - 00474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll
2017-03-16 18:21 - 2017-03-04 08:12 - 09760768 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2017-03-16 18:21 - 2017-03-04 08:05 - 01401856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2017-03-16 18:21 - 2017-03-04 08:05 - 00757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll
2017-05-10 14:33 - 2017-04-28 01:36 - 01033216 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Actions.dll
2017-05-10 14:33 - 2017-04-28 01:36 - 02424320 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2017-05-10 14:33 - 2017-04-28 01:37 - 04853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2017-05-09 14:09 - 2017-05-09 14:09 - 00074752 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.15.597.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2017-05-09 14:09 - 2017-05-09 14:09 - 00201728 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.15.597.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2017-05-09 14:09 - 2017-05-09 14:10 - 43195904 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.15.597.0_x64__kzf8qxf38zg5c\SkyWrap.dll
2017-05-09 14:09 - 2017-05-09 14:09 - 02457088 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.15.597.0_x64__kzf8qxf38zg5c\skypert.dll
2017-03-16 18:21 - 2017-03-04 08:04 - 00114176 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Dss.BackgroundTask.dll
2017-05-08 16:47 - 2017-05-08 16:48 - 00054272 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11703.1001.45.0_x64__8wekyb3d8bbwe\WinStoreTasksWrapper.dll
2017-04-08 11:48 - 2017-04-08 11:49 - 02567168 _____ () C:\Program Files\WindowsApps\Microsoft.People_10.2.831.0_x64__8wekyb3d8bbwe\People.BackgroundTasks.dll
2017-04-08 11:48 - 2017-04-08 11:49 - 00138752 _____ () C:\Program Files\WindowsApps\Microsoft.People_10.2.831.0_x64__8wekyb3d8bbwe\PeopleUtilRT.Windows.dll
2017-01-24 17:07 - 2017-05-17 16:35 - 02493440 _____ () C:\Program Files (x86)\Origin\libGLESv2.dll
2015-08-25 11:40 - 2015-08-25 11:40 - 00027648 _____ () C:\Program Files (x86)\ASUS\Splendid\DetectDisplayDC.dll
2015-08-25 11:40 - 2015-08-25 11:40 - 00124928 _____ () C:\Program Files (x86)\ASUS\Splendid\CCTAdjust.dll
2015-12-17 07:13 - 2015-10-03 04:24 - 00012080 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2017-01-02 13:33 - 2017-03-10 02:13 - 00674592 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2017-01-02 13:33 - 2016-09-01 03:02 - 04969248 _____ () C:\Program Files (x86)\Steam\v8.dll
2017-01-02 13:33 - 2017-04-26 01:55 - 02465056 _____ () C:\Program Files (x86)\Steam\video.dll
2017-01-02 13:33 - 2016-01-27 09:49 - 02549760 _____ () C:\Program Files (x86)\Steam\libavcodec-56.dll
2017-01-02 13:33 - 2016-01-27 09:49 - 00491008 _____ () C:\Program Files (x86)\Steam\libavformat-56.dll
2017-01-02 13:33 - 2016-01-27 09:49 - 00332800 _____ () C:\Program Files (x86)\Steam\libavresample-2.dll
2017-01-02 13:33 - 2016-01-27 09:49 - 00442880 _____ () C:\Program Files (x86)\Steam\libavutil-54.dll
2017-01-02 13:33 - 2016-01-27 09:49 - 00485888 _____ () C:\Program Files (x86)\Steam\libswscale-3.dll
2017-01-02 13:33 - 2016-09-01 03:02 - 01563936 _____ () C:\Program Files (x86)\Steam\icui18n.dll
2017-01-02 13:33 - 2016-09-01 03:02 - 01195296 _____ () C:\Program Files (x86)\Steam\icuuc.dll
2017-01-02 13:33 - 2017-04-26 01:55 - 00848672 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2017-01-02 13:33 - 2016-07-05 00:17 - 00266560 _____ () C:\Program Files (x86)\Steam\openvr_api.dll
2016-04-24 19:31 - 2016-04-24 19:31 - 38907672 _____ () C:\Program Files\AVAST Software\SecureLine\libcef.dll
2017-01-02 13:34 - 2017-01-30 23:41 - 68875552 _____ () C:\Program Files (x86)\Steam\bin\cef\cef.win7\libcef.dll
2016-08-01 10:35 - 2016-08-01 10:35 - 00017920 _____ () C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)

AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxlctlfudivq`qsp`28hfm [0]

==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)


==================== VerknÃ¼pfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurÃ¼ckgesetzt oder entfernt.)


==================== Internet Explorer VertrauenswÃ¼rdig/EingeschrÃ¤nkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)

IE trusted site: HKU\S-1-5-21-1585193191-2329745140-1049602013-1001\...\amazon.de -> hxxps://amazon.de

==================== Hosts Inhalt: ==========================

(Wenn benÃ¶tigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurÃ¼ckzusetzen.)

2015-07-10 13:04 - 2017-05-12 15:32 - 00001038 _____ C:\WINDOWS\system32\Drivers\etc\hosts

127.0.0.1 wepcdisplaysystem.com
127.0.0.1 wepcanalyticsystem.com
127.0.0.1 healthydownload.com
127.0.0.1 leading2download.com
127.0.0.1 dwl0.wizzlabs.com
127.0.0.1 dwl1.wizzlabs.com
127.0.0.1 wemsofts.com

==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix fÃ¼r diesen Bereich.)

HKU\S-1-5-21-1585193191-2329745140-1049602013-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Pitti\Pictures\Desktop Wallpaper\New York Wallpaper.png
DNS Servers: 192.168.2.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte EintrÃ¤ge ==

MSCONFIG\Services: ASLDRService => 2
MSCONFIG\Services: Asus WebStorage Windows Service => 2
MSCONFIG\Services: ASUSGiftBoxDekstop => 2
MSCONFIG\Services: ATKGFNEXSrv => 2
MSCONFIG\Services: BEService => 3
MSCONFIG\Services: c0aad75bcff65a6b9d3cb96f2f57af70 => 2
MSCONFIG\Services: cphs => 3
MSCONFIG\Services: esifsvc => 2
MSCONFIG\Services: gupdate => 2
MSCONFIG\Services: gupdatem => 3
MSCONFIG\Services: HomeNetSvc => 2
MSCONFIG\Services: igfxCUIService2.0.0.0 => 2
MSCONFIG\Services: Intel(R) Capability Licensing Service TCP IP Interface => 3
MSCONFIG\Services: Intel(R) Security Assist => 3
MSCONFIG\Services: isaHelperSvc => 2
MSCONFIG\Services: jhi_service => 2
MSCONFIG\Services: Kingsoft_WPS_UpdateService => 2
MSCONFIG\Services: LiveUpdateSvc => 2
MSCONFIG\Services: LMS => 2
MSCONFIG\Services: McAfee SiteAdvisor Service => 2
MSCONFIG\Services: McBootDelayStartSvc => 2
MSCONFIG\Services: mccspsvc => 2
MSCONFIG\Services: McNaiAnn => 2
MSCONFIG\Services: McODS => 3
MSCONFIG\Services: mcpltsvc => 2
MSCONFIG\Services: McProxy => 2
MSCONFIG\Services: MSK80Service => 2
MSCONFIG\Services: nvsvc => 2
MSCONFIG\Services: Origin Client Service => 3
MSCONFIG\Services: PEFService => 2
MSCONFIG\Services: RichVideo64 => 2
MSCONFIG\Services: SecureLine => 2
MSCONFIG\Services: SkypeUpdate => 2
MSCONFIG\Services: Steam Client Service => 3

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [{8A7A9FFF-6C0E-4C16-A38A-742E6089F5BD}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{29111026-B862-479C-A427-3AA920ADFA0C}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{27574A8D-55E5-4D31-B3B2-CC26F3EE48B0}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{89E2ABA7-BAAF-486E-BADF-0664647BD06E}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{AFEF88D6-C5B6-420F-92A8-84F765CEAED2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame_BE.exe
FirewallRules: [{29756DC3-8A13-479C-A949-F51233B07AC0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame_BE.exe
FirewallRules: [{8BFF7E68-5A01-423C-BDF8-F1A5AFB22497}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame.exe
FirewallRules: [{7186489D-3137-437E-87FE-A6090BE7A4B7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame.exe
FirewallRules: [{56943586-13B3-444B-9B66-7DD835682EA6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Planet Coaster\PlanetCoaster.exe
FirewallRules: [{D80423C6-0288-40FC-8C8C-20B985FB6411}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Planet Coaster\PlanetCoaster.exe
FirewallRules: [TCP Query User{115D21F2-02C6-46C3-BBFA-3069EB2A711F}C:\program files (x86)\google\chrome\application\chrome.exe] => (Block) C:\program files (x86)\google\chrome\application\chrome.exe
FirewallRules: [UDP Query User{C578F573-6F64-4F13-9CF1-5AEDAE62B8D9}C:\program files (x86)\google\chrome\application\chrome.exe] => (Block) C:\program files (x86)\google\chrome\application\chrome.exe
FirewallRules: [TCP Query User{897FB310-2CD4-41D2-80BD-85EFB548D18A}C:\program files (x86)\google\chrome\application\chrome.exe] => (Block) C:\program files (x86)\google\chrome\application\chrome.exe
FirewallRules: [UDP Query User{3A4D9CE5-5CFD-4685-B063-6F8965E57E85}C:\program files (x86)\google\chrome\application\chrome.exe] => (Block) C:\program files (x86)\google\chrome\application\chrome.exe
FirewallRules: [{AA73E109-E6A7-4351-BF74-B7D7910DE32C}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe
FirewallRules: [{B57EF5F8-4ACE-4CD0-9008-CEE0D1B0AAF9}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Wiederherstellungspunkte =========================

10-05-2017 14:36:48 Windows Update
10-05-2017 14:38:02 Windows Update
13-05-2017 14:34:22 Removed NetAdapterUpdate
16-05-2017 16:55:25 Windows Update

==================== Fehlerhafte GerÃ¤te im GerÃ¤temanager =============


==================== FehlereintrÃ¤ge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (05/20/2017 08:38:52 AM) (Source: DPTF) (EventID: 256) (User: )
Description: Intel(R) Dynamic Platform and Thermal Framework : ESIF(8.1.10602.174) TYPE: ERROR

DPTF Build Version:  8.1.10602.174
DPTF Build Date:  Jul 23 2015 11:24:10
Source File:  ..\..\..\Sources\Manager\EsifApplicationInterface.cpp @ line 737
Executing Function:  DptfEvent
Message:  Received unexpected event
Framework Event:  DptfResume [3]

Error: (05/19/2017 08:56:32 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-TP9DC4I)
Description: Bei der Aktivierung der App â€žMicrosoft.Getstarted_5.9.1042.0_x64__8wekyb3d8bbwe:App.AppX7mv0s3r0wanj0n66dy6vax24ps6avzvz.mcaâ€œ ist folgender Fehler aufgetreten: -2144927149. Weitere Informationen finden Sie im Protokoll â€žMicrosoft-Windows-TWinUI/Betriebsbereitâ€œ.

Error: (05/19/2017 08:53:31 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: SkypeHost.exe, Version: 11.15.597.0, Zeitstempel: 0x590ab960
Name des fehlerhaften Moduls: ntdll.dll, Version: 10.0.14393.479, Zeitstempel: 0x5825887f
Ausnahmecode: 0xc0000008
Fehleroffset: 0x00000000000a9d2a
ID des fehlerhaften Prozesses: 0x15d8
Startzeit der fehlerhaften Anwendung: 0x01d2d0d11ad8d364
Pfad der fehlerhaften Anwendung: C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.15.597.0_x64__kzf8qxf38zg5c\SkypeHost.exe
Pfad des fehlerhaften Moduls: C:\WINDOWS\SYSTEM32\ntdll.dll
Berichtskennung: f5c57ea5-a2d6-4af0-aa57-b9d8ef22d8b6
VollstÃ¤ndiger Name des fehlerhaften Pakets: Microsoft.SkypeApp_11.15.597.0_x64__kzf8qxf38zg5c
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: ppleae38af2e007f4358a809ac99a64a67c1

Error: (05/19/2017 08:47:05 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2484) (User: DESKTOP-TP9DC4I)
Description: Das Paket â€žMicrosoft.MicrosoftEdge_38.14393.1066.0_neutral__8wekyb3d8bbwe+MicrosoftEdge#{b173a47e-b2b5-463b-b957-1745ef3d8bb2}â€œ wurde beendet, da das Anhalten zu lange dauerte.

Error: (05/19/2017 08:45:17 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-TP9DC4I)
Description: Bei der Aktivierung der App â€žMicrosoft.AAD.BrokerPlugin_cw5n1h2txyewy!Appâ€œ ist folgender Fehler aufgetreten: -2147023170. Weitere Informationen finden Sie im Protokoll â€žMicrosoft-Windows-TWinUI/Betriebsbereitâ€œ.

Error: (05/19/2017 08:45:13 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: BackgroundTaskHost.exe, Version: 10.0.14393.0, Zeitstempel: 0x57899bb2
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 10.0.14393.1198, Zeitstempel: 0x5902808f
Ausnahmecode: 0x00000004
Fehleroffset: 0x0000000000033c58
ID des fehlerhaften Prozesses: 0x1f84
Startzeit der fehlerhaften Anwendung: 0x01d2d0d00c02e3f5
Pfad der fehlerhaften Anwendung: C:\WINDOWS\System32\BackgroundTaskHost.exe
Pfad des fehlerhaften Moduls: C:\WINDOWS\System32\KERNELBASE.dll
Berichtskennung: f37e96b9-1c6f-48e7-bbd4-1256aedf9b4b
VollstÃ¤ndiger Name des fehlerhaften Pakets: Microsoft.AAD.BrokerPlugin_1000.14393.0.0_neutral_neutral_cw5n1h2txyewy
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: App

Error: (05/19/2017 06:58:51 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-TP9DC4I)
Description: Bei der Aktivierung der App â€žMicrosoft.LockApp_cw5n1h2txyewy!WindowsDefaultLockScreenâ€œ ist folgender Fehler aufgetreten: -2147023170. Weitere Informationen finden Sie im Protokoll â€žMicrosoft-Windows-TWinUI/Betriebsbereitâ€œ.

Error: (05/19/2017 06:58:50 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: LockApp.exe, Version: 0.0.0.0, Zeitstempel: 0x5819bf0d
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 10.0.14393.1198, Zeitstempel: 0x5902808f
Ausnahmecode: 0x00000004
Fehleroffset: 0x0000000000033c58
ID des fehlerhaften Prozesses: 0x6fc
Startzeit der fehlerhaften Anwendung: 0x01d2d0c13063b8e7
Pfad der fehlerhaften Anwendung: C:\Windows\SystemApps\Microsoft.LockApp_cw5n1h2txyewy\LockApp.exe
Pfad des fehlerhaften Moduls: C:\WINDOWS\System32\KERNELBASE.dll
Berichtskennung: 2ea46a01-2035-4fbf-9c23-63e22f9b3514
VollstÃ¤ndiger Name des fehlerhaften Pakets: Microsoft.LockApp_10.0.14393.0_neutral__cw5n1h2txyewy
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: WindowsDefaultLockScreen

Error: (05/19/2017 06:58:19 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-TP9DC4I)
Description: Bei der Aktivierung der App â€žMicrosoft.LockApp_cw5n1h2txyewy!WindowsDefaultLockScreenâ€œ ist folgender Fehler aufgetreten: -2147023170. Weitere Informationen finden Sie im Protokoll â€žMicrosoft-Windows-TWinUI/Betriebsbereitâ€œ.

Error: (05/19/2017 06:58:18 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: LockApp.exe, Version: 0.0.0.0, Zeitstempel: 0x5819bf0d
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 10.0.14393.1198, Zeitstempel: 0x5902808f
Ausnahmecode: 0x00000004
Fehleroffset: 0x0000000000033c58
ID des fehlerhaften Prozesses: 0x508
Startzeit der fehlerhaften Anwendung: 0x01d2d0c11d134bfb
Pfad der fehlerhaften Anwendung: C:\Windows\SystemApps\Microsoft.LockApp_cw5n1h2txyewy\LockApp.exe
Pfad des fehlerhaften Moduls: C:\WINDOWS\System32\KERNELBASE.dll
Berichtskennung: 7c04adf6-f971-4fa8-9709-3203bf56e7e3
VollstÃ¤ndiger Name des fehlerhaften Pakets: Microsoft.LockApp_10.0.14393.0_neutral__cw5n1h2txyewy
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: WindowsDefaultLockScreen


Systemfehler:
=============
Error: (05/20/2017 08:39:08 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÃ„T)
Description: Durch die Berechtigungseinstellungen fÃ¼r "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÃ„T\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" fÃ¼r die COM-Serveranwendung mit der CLSID 
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
 und der APPID 
{F72671A9-012C-4725-9D2F-2A4D32D65169}
 im Anwendungscontainer "Nicht verfÃ¼gbar" (SID: Nicht verfÃ¼gbar) gewÃ¤hrt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool fÃ¼r Komponentendienste geÃ¤ndert werden.

Error: (05/19/2017 09:23:39 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÃ„T)
Description: Durch die Berechtigungseinstellungen fÃ¼r "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÃ„T\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" fÃ¼r die COM-Serveranwendung mit der CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 und der APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 im Anwendungscontainer "Nicht verfÃ¼gbar" (SID: Nicht verfÃ¼gbar) gewÃ¤hrt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool fÃ¼r Komponentendienste geÃ¤ndert werden.

Error: (05/19/2017 08:59:01 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÃ„T)
Description: Durch die Berechtigungseinstellungen fÃ¼r "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÃ„T\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" fÃ¼r die COM-Serveranwendung mit der CLSID 
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
 und der APPID 
{F72671A9-012C-4725-9D2F-2A4D32D65169}
 im Anwendungscontainer "Nicht verfÃ¼gbar" (SID: Nicht verfÃ¼gbar) gewÃ¤hrt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool fÃ¼r Komponentendienste geÃ¤ndert werden.

Error: (05/19/2017 08:59:01 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÃ„T)
Description: Durch die Berechtigungseinstellungen fÃ¼r "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÃ„T\Lokaler Dienst" (SID: S-1-5-19) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" fÃ¼r die COM-Serveranwendung mit der CLSID 
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
 und der APPID 
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
 im Anwendungscontainer "Nicht verfÃ¼gbar" (SID: Nicht verfÃ¼gbar) gewÃ¤hrt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool fÃ¼r Komponentendienste geÃ¤ndert werden.

Error: (05/19/2017 08:59:01 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÃ„T)
Description: Durch die Berechtigungseinstellungen fÃ¼r "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÃ„T\Lokaler Dienst" (SID: S-1-5-19) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" fÃ¼r die COM-Serveranwendung mit der CLSID 
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
 und der APPID 
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
 im Anwendungscontainer "Nicht verfÃ¼gbar" (SID: Nicht verfÃ¼gbar) gewÃ¤hrt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool fÃ¼r Komponentendienste geÃ¤ndert werden.

Error: (05/19/2017 08:58:53 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "QForlLgs0EYm Updater" wurde aufgrund folgenden Fehlers nicht gestartet: 
Das System kann die angegebene Datei nicht finden.

Error: (05/19/2017 08:58:14 PM) (Source: DCOM) (EventID: 10005) (User: NT-AUTORITÃ„T)
Description: Fehler "1084" in DCOM, als der Dienst "dps" mit den Argumenten "Nicht verfÃ¼gbar" gestartet wurde, um den folgenden Server zu verwenden:
{DDCFD26B-FEED-44CD-B71D-79487D2E5E5A}

Error: (05/19/2017 08:58:13 PM) (Source: DCOM) (EventID: 10005) (User: NT-AUTORITÃ„T)
Description: Fehler "1084" in DCOM, als der Dienst "dps" mit den Argumenten "Nicht verfÃ¼gbar" gestartet wurde, um den folgenden Server zu verwenden:
{DDCFD26B-FEED-44CD-B71D-79487D2E5E5A}

Error: (05/19/2017 08:58:13 PM) (Source: DCOM) (EventID: 10005) (User: NT-AUTORITÃ„T)
Description: Fehler "1084" in DCOM, als der Dienst "dps" mit den Argumenten "Nicht verfÃ¼gbar" gestartet wurde, um den folgenden Server zu verwenden:
{DDCFD26B-FEED-44CD-B71D-79487D2E5E5A}

Error: (05/19/2017 08:58:13 PM) (Source: DCOM) (EventID: 10005) (User: NT-AUTORITÃ„T)
Description: Fehler "1084" in DCOM, als der Dienst "dps" mit den Argumenten "Nicht verfÃ¼gbar" gestartet wurde, um den folgenden Server zu verwenden:
{DDCFD26B-FEED-44CD-B71D-79487D2E5E5A}


CodeIntegrity:
===================================
  Date: 2017-05-11 18:29:43.006
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\DriverStore\FileRepository\nvamwu.inf_amd64_d4715679184092a8\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2017-05-06 20:00:47.572
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\DriverStore\FileRepository\nvamwu.inf_amd64_d4715679184092a8\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2017-05-03 14:43:48.515
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\DriverStore\FileRepository\nvamwu.inf_amd64_d4715679184092a8\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2017-04-29 20:19:08.826
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\DriverStore\FileRepository\nvamwu.inf_amd64_d4715679184092a8\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2017-04-27 15:15:28.629
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\DriverStore\FileRepository\nvamwu.inf_amd64_d4715679184092a8\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2017-04-23 12:12:03.694
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\DriverStore\FileRepository\nvamwu.inf_amd64_d4715679184092a8\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2017-04-22 12:10:08.899
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\DriverStore\FileRepository\nvamwu.inf_amd64_d4715679184092a8\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2017-04-21 21:51:29.738
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\DriverStore\FileRepository\nvamwu.inf_amd64_d4715679184092a8\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2017-04-20 20:00:19.713
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\DriverStore\FileRepository\nvamwu.inf_amd64_d4715679184092a8\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2017-04-19 17:54:55.174
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\DriverStore\FileRepository\nvamwu.inf_amd64_d4715679184092a8\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.


==================== Speicherinformationen =========================== 

Prozessor: Intel(R) Core(TM) i7-5500U CPU @ 2.40GHz
Prozentuale Nutzung des RAM: 29%
Installierter physikalischer RAM: 8062.74 MB
Verfügbarer physikalischer RAM: 5682.39 MB
Summe virtueller Speicher: 9342.74 MB
Verfügbarer virtueller Speicher: 7005.14 MB

==================== Laufwerke ================================

Drive c: (OS) (Fixed) (Total:371.85 GB) (Free:124.62 GB) NTFS ==>[System mit Startkomponenten (eingeholt von Laufwerk)]
Drive d: (DATA) (Fixed) (Total:558.91 GB) (Free:508.23 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 8C5D880B)

Partition: GPT.

==================== Ende von Addition.txt ============================

Und hier noch vom TDSRKiller:

Code:

ATTFilter

09:00:21.0948 0x1b20  TDSS rootkit removing tool 3.1.0.15 Apr 18 2017 11:34:02
09:00:21.0948 0x1b20  UEFI system
09:00:26.0875 0x1b20  ============================================================
09:00:26.0875 0x1b20  Current date / time: 2017/05/20 09:00:26.0875
09:00:26.0875 0x1b20  SystemInfo:
09:00:26.0875 0x1b20  
09:00:26.0875 0x1b20  OS Version: 10.0.14393 ServicePack: 0.0
09:00:26.0875 0x1b20  Product type: Workstation
09:00:26.0875 0x1b20  ComputerName: DESKTOP-TP9DC4I
09:00:26.0875 0x1b20  UserName: Pitti
09:00:26.0875 0x1b20  Windows directory: C:\WINDOWS
09:00:26.0875 0x1b20  System windows directory: C:\WINDOWS
09:00:26.0875 0x1b20  Running under WOW64
09:00:26.0875 0x1b20  Processor architecture: Intel x64
09:00:26.0875 0x1b20  Number of processors: 4
09:00:26.0875 0x1b20  Page size: 0x1000
09:00:26.0875 0x1b20  Boot type: Normal boot
09:00:26.0875 0x1b20  CodeIntegrityOptions = 0x00000001
09:00:26.0875 0x1b20  ============================================================
09:00:27.0459 0x1b20  KLMD registered as C:\WINDOWS\system32\drivers\01159759.sys
09:00:27.0459 0x1b20  KLMD ARK init status: drvProperties = 0xFFF00, osBuild = 14393.1198, osProperties = 0x19
09:00:27.0575 0x1b20  System UUID: {B3FE7758-F3E5-A59B-FDA4-BDD2EE1C88A1}
09:00:27.0959 0x1b20  Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 ( 931.51 Gb ), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
09:00:27.0959 0x1b20  ============================================================
09:00:27.0959 0x1b20  \Device\Harddisk0\DR0:
09:00:27.0959 0x1b20  GPT partitions:
09:00:27.0959 0x1b20  \Device\Harddisk0\DR0\Partition1: GPT, TypeGUID: {C12A7328-F81F-11D2-BA4B-00A0C93EC93B}, UniqueGUID: {E22AFD5D-9CFF-4EB0-864A-DF7E49E12C80}, Name: EFI system partition, StartLBA 0x800, BlocksNum 0x82000
09:00:27.0959 0x1b20  \Device\Harddisk0\DR0\Partition2: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {1678DC8F-EE74-4723-B53B-F3B56782EED3}, Name: Microsoft reserved partition, StartLBA 0x82800, BlocksNum 0x8000
09:00:27.0959 0x1b20  \Device\Harddisk0\DR0\Partition3: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {D67F2EE5-2869-4E05-B1DE-D0DCD5C30FDC}, Name: Basic data partition, StartLBA 0x8A800, BlocksNum 0x2E7B2000
09:00:27.0959 0x1b20  \Device\Harddisk0\DR0\Partition4: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {8D967954-6FFD-4045-9486-97675A69DA77}, Name: Basic data partition, StartLBA 0x2E83C800, BlocksNum 0xF9800
09:00:27.0959 0x1b20  \Device\Harddisk0\DR0\Partition5: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {0772A3BD-A713-4144-8FDA-07E257193DF8}, Name: Basic data partition, StartLBA 0x2E936000, BlocksNum 0x45DD0800
09:00:27.0959 0x1b20  MBR partitions:
09:00:27.0959 0x1b20  ============================================================
09:00:27.0990 0x1b20  C: <-> \Device\Harddisk0\DR0\Partition3
09:00:28.0044 0x1b20  D: <-> \Device\Harddisk0\DR0\Partition5
09:00:28.0044 0x1b20  ============================================================
09:00:28.0044 0x1b20  Initialize success
09:00:28.0044 0x1b20  ============================================================
09:01:22.0751 0x20d8  ============================================================
09:01:22.0751 0x20d8  Scan started
09:01:22.0751 0x20d8  Mode: Manual; SigCheck; TDLFS; 
09:01:22.0751 0x20d8  ============================================================
09:01:22.0751 0x20d8  KSN ping started
09:01:22.0882 0x20d8  KSN ping finished: true
09:01:26.0106 0x20d8  ================ Scan system memory ========================
09:01:26.0106 0x20d8  System memory - ok
09:01:26.0106 0x20d8  ================ Scan services =============================
09:01:26.0230 0x20d8  1394ohci - ok
09:01:26.0230 0x20d8  3ware - ok
09:01:26.0262 0x20d8  ACPI - ok
09:01:26.0262 0x20d8  AcpiDev - ok
09:01:26.0262 0x20d8  acpiex - ok
09:01:26.0262 0x20d8  acpipagr - ok
09:01:26.0277 0x20d8  AcpiPmi - ok
09:01:26.0293 0x20d8  acpitime - ok
09:01:26.0362 0x20d8  [ 1EEC35CD4B215AF8C217084EDC629532, 62B527C9AB4443CC2513010E0BAB8474020368827417AAEDCE008B9AB499ECFE ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\SysWoW64\Macromed\Flash\FlashPlayerUpdateService.exe
09:01:26.0415 0x20d8  AdobeFlashPlayerUpdateSvc - ok
09:01:26.0447 0x20d8  ADP80XX - ok
09:01:26.0462 0x20d8  AFD - ok
09:01:26.0478 0x20d8  ahcache - ok
09:01:26.0515 0x20d8  [ 50910888109FA9C041D9256541BE70EC, 3E907506E386423DBD8DDCB36FDCE4F2FC2F90A522B24BEF60B8ED05F5A3BD0F ] AiCharger       C:\WINDOWS\system32\DRIVERS\AiCharger.sys
09:01:26.0530 0x20d8  AiCharger - ok
09:01:26.0562 0x20d8  AJRouter - ok
09:01:26.0562 0x20d8  ALG - ok
09:01:26.0562 0x20d8  AmdK8 - ok
09:01:26.0577 0x20d8  AmdPPM - ok
09:01:26.0577 0x20d8  amdsata - ok
09:01:26.0577 0x20d8  amdsbs - ok
09:01:26.0577 0x20d8  amdxata - ok
09:01:26.0593 0x20d8  AppID - ok
09:01:26.0615 0x20d8  AppIDSvc - ok
09:01:26.0646 0x20d8  Appinfo - ok
09:01:26.0646 0x20d8  applockerfltr - ok
09:01:26.0677 0x20d8  AppReadiness - ok
09:01:26.0693 0x20d8  AppXSvc - ok
09:01:26.0693 0x20d8  arcsas - ok
09:01:26.0815 0x20d8  [ 16829ED03B336F1B09DE2D6939B39778, D3FBE494537B2CB6D66E6A15B0F73C22CEFD3D8702256B5B5FA5F99E3EF821B6 ] ASLDRService    C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
09:01:26.0815 0x20d8  ASLDRService - ok
09:01:26.0846 0x20d8  [ 116DD55EEF8843D7C526EB17A932822F, 003326A58256A5BF9912A0B4F6F39295C2909596B33C3837A0C85C7BA7523E14 ] ASMMAP64        C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys
09:01:26.0862 0x20d8  ASMMAP64 - ok
09:01:26.0862 0x20d8  AsyncMac - ok
09:01:26.0877 0x20d8  atapi - ok
09:01:26.0893 0x20d8  athr - ok
09:01:26.0915 0x20d8  [ 89810E9E27C8BB0AFB01814523A76347, A85B817A16096730D8559FD5D5597CA1A9FA3F192FF83885840089AE8F7C9EF5 ] ATKGFNEXSrv     C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
09:01:26.0931 0x20d8  ATKGFNEXSrv - ok
09:01:26.0962 0x20d8  [ 1FD0FA6618B31FAD14385740D0F6C333, 85A06C52B42716D825296D138082FB896BD17928C1677A3479E5BF16BEF89D82 ] atksgt          C:\WINDOWS\system32\DRIVERS\atksgt.sys
09:01:26.0978 0x20d8  atksgt - ok
09:01:26.0994 0x20d8  [ 0E717D7FED23731863EC44B4031DC268, A6F98FE201320FE3FF041768E426008C86B15BA7593EA04B1AC71B6FAE837A1E ] ATKWMIACPIIO    C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys
09:01:26.0994 0x20d8  ATKWMIACPIIO - ok
09:01:27.0030 0x20d8  [ F71DEAB9297A5E4E35A08D7544C9E748, 2C685094B36F607173F8B089B0C31C31C806DBD10125EA55075301D4C9B0AC44 ] ATP             C:\WINDOWS\System32\drivers\AsusTP.sys
09:01:27.0046 0x20d8  ATP - ok
09:01:27.0077 0x20d8  AudioEndpointBuilder - ok
09:01:27.0115 0x20d8  Audiosrv - ok
09:01:27.0130 0x20d8  AxInstSV - ok
09:01:27.0146 0x20d8  b06bdrv - ok
09:01:27.0162 0x20d8  BasicDisplay - ok
09:01:27.0177 0x20d8  BasicRender - ok
09:01:27.0177 0x20d8  bcmfn - ok
09:01:27.0193 0x20d8  bcmfn2 - ok
09:01:27.0193 0x20d8  BDESVC - ok
09:01:27.0215 0x20d8  Beep - ok
09:01:27.0315 0x20d8  [ 5B413BEADC23C9D182F7EC09C10441FA, E16E06848492331107C6D682D93D35C5D1A0DC8CAD3816B42203A4BF05932C7E ] BEService       C:\Program Files (x86)\Common Files\BattlEye\BEService.exe
09:01:27.0362 0x20d8  BEService - ok
09:01:27.0378 0x20d8  BFE - ok
09:01:27.0409 0x20d8  BITS - ok
09:01:27.0414 0x20d8  bowser - ok
09:01:27.0431 0x20d8  BrokerInfrastructure - ok
09:01:27.0431 0x20d8  Browser - ok
09:01:27.0447 0x20d8  BthAvrcpTg - ok
09:01:27.0447 0x20d8  BthHFEnum - ok
09:01:27.0447 0x20d8  bthhfhid - ok
09:01:27.0463 0x20d8  BthHFSrv - ok
09:01:27.0463 0x20d8  BTHMODEM - ok
09:01:27.0463 0x20d8  bthserv - ok
09:01:27.0516 0x20d8  buttonconverter - ok
09:01:27.0516 0x20d8  CapImg - ok
09:01:27.0531 0x20d8  cdfs - ok
09:01:27.0547 0x20d8  CDPSvc - ok
09:01:27.0563 0x20d8  CDPUserSvc - ok
09:01:27.0594 0x20d8  cdrom - ok
09:01:27.0631 0x20d8  CertPropSvc - ok
09:01:27.0631 0x20d8  cht4iscsi - ok
09:01:27.0647 0x20d8  cht4vbd - ok
09:01:27.0647 0x20d8  circlass - ok
09:01:27.0662 0x20d8  CLFS - ok
09:01:27.0811 0x20d8  [ 79BEA02EBBD4F51A44939E9395A9BCB6, 247A4B1CBD591B02B5B1994FA745EB5E7963A097DEE3A8948875E63604A1E734 ] ClickToRunSvc   C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe
09:01:27.0894 0x20d8  ClickToRunSvc - ok
09:01:27.0915 0x20d8  ClipSVC - ok
09:01:27.0931 0x20d8  clreg - ok
09:01:27.0947 0x20d8  CmBatt - ok
09:01:27.0962 0x20d8  CNG - ok
09:01:27.0962 0x20d8  cnghwassist - ok
09:01:28.0031 0x20d8  CompositeBus - ok
09:01:28.0046 0x20d8  COMSysApp - ok
09:01:28.0046 0x20d8  condrv - ok
09:01:28.0062 0x20d8  CoreMessagingRegistrar - ok
09:01:28.0115 0x20d8  [ E49BF2E02840BF204F4A7F9EA60FF2EC, 1E1C51C6924F86997F46A520F9B2C4195DB44A8E6DED4A7AB49560BEF752CBF0 ] cphs            C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
09:01:28.0147 0x20d8  cphs - ok
09:01:28.0178 0x20d8  CryptSvc - ok
09:01:28.0178 0x20d8  dam - ok
09:01:28.0193 0x20d8  DcomLaunch - ok
09:01:28.0215 0x20d8  DcpSvc - ok
09:01:28.0215 0x20d8  defragsvc - ok
09:01:28.0231 0x20d8  DeviceAssociationService - ok
09:01:28.0247 0x20d8  DeviceInstall - ok
09:01:28.0247 0x20d8  DevQueryBroker - ok
09:01:28.0262 0x20d8  Dfsc - ok
09:01:28.0294 0x20d8  [ 9593475FBC857A05D93BFF4FA7323C2B, D2A958AF5EFDC6136A6ABB7F8D5FE1F84C967E79BEA96C5BE3661A0145DEB907 ] dg_ssudbus      C:\WINDOWS\system32\DRIVERS\ssudbus.sys
09:01:28.0294 0x20d8  dg_ssudbus - ok
09:01:28.0331 0x20d8  Dhcp - ok
09:01:28.0362 0x20d8  diagnosticshub.standardcollector.service - ok
09:01:28.0410 0x20d8  DiagTrack - ok
09:01:28.0431 0x20d8  disk - ok
09:01:28.0462 0x20d8  DmEnrollmentSvc - ok
09:01:28.0462 0x20d8  dmvsc - ok
09:01:28.0462 0x20d8  dmwappushservice - ok
09:01:28.0515 0x20d8  Dnscache - ok
09:01:28.0515 0x20d8  dot3svc - ok
09:01:28.0515 0x20d8  DPS - ok
09:01:28.0547 0x20d8  [ A62156EC313FF29FC873C9FED7FE9CEC, 3AD72C304E817C379F82CA8240AB3B7E5D9A4C61860444E98A7822253DE8F9FE ] dptf_cpu        C:\WINDOWS\System32\drivers\dptf_cpu.sys
09:01:28.0562 0x20d8  dptf_cpu - ok
09:01:28.0612 0x20d8  [ 8F799993098FC80128CFA73CF97E1365, 942D399C8D522F5CADDB7807B11495344835E7897921F9ECFE4A8924CCA978AE ] dptf_pch        C:\WINDOWS\System32\drivers\dptf_pch.sys
09:01:28.0616 0x20d8  dptf_pch - ok
09:01:28.0616 0x20d8  drmkaud - ok
09:01:28.0631 0x20d8  DsmSvc - ok
09:01:28.0631 0x20d8  DsSvc - ok
09:01:28.0647 0x20d8  DXGKrnl - ok
09:01:28.0663 0x20d8  EapHost - ok
09:01:28.0663 0x20d8  ebdrv - ok
09:01:28.0694 0x20d8  EFS - ok
09:01:28.0694 0x20d8  EhStorClass - ok
09:01:28.0716 0x20d8  EhStorTcgDrv - ok
09:01:28.0747 0x20d8  embeddedmode - ok
09:01:28.0763 0x20d8  EntAppSvc - ok
09:01:28.0778 0x20d8  ErrDev - ok
09:01:28.0834 0x20d8  [ DA9DE05B48FF9E0C75CA4FC230E9A216, 7E8C97258574A5D5C46BBAF49F83D0500705F5DFEE51F76E4FEC81779E7FE787 ] esifsvc         C:\WINDOWS\SysWoW64\esif_uf.exe
09:01:28.0880 0x20d8  esifsvc - ok
09:01:28.0933 0x20d8  [ 62A678ACFB37B8FFA2F3387D4D59766C, EAB928027B7CCEAE4050A8884D7DABDB21AC2842B0864A084947680ED1B49334 ] esif_lf         C:\WINDOWS\system32\DRIVERS\esif_lf.sys
09:01:28.0949 0x20d8  esif_lf - ok
09:01:28.0949 0x20d8  EventSystem - ok
09:01:28.0965 0x20d8  exfat - ok
09:01:28.0980 0x20d8  fastfat - ok
09:01:28.0996 0x20d8  Fax - ok
09:01:28.0996 0x20d8  fdc - ok
09:01:29.0018 0x20d8  fdPHost - ok
09:01:29.0018 0x20d8  FDResPub - ok
09:01:29.0049 0x20d8  fhsvc - ok
09:01:29.0065 0x20d8  FileCrypt - ok
09:01:29.0065 0x20d8  FileInfo - ok
09:01:29.0080 0x20d8  Filetrace - ok
09:01:29.0080 0x20d8  flpydisk - ok
09:01:29.0080 0x20d8  FltMgr - ok
09:01:29.0118 0x20d8  FontCache - ok
09:01:29.0196 0x20d8  FontCache3.0.0.0 - ok
09:01:29.0249 0x20d8  FrameServer - ok
09:01:29.0265 0x20d8  FsDepends - ok
09:01:29.0265 0x20d8  Fs_Rec - ok
09:01:29.0280 0x20d8  fvevol - ok
09:01:29.0296 0x20d8  gencounter - ok
09:01:29.0296 0x20d8  genericusbfn - ok
09:01:29.0296 0x20d8  GPIOClx0101 - ok
09:01:29.0318 0x20d8  gpsvc - ok
09:01:29.0318 0x20d8  GpuEnergyDrv - ok
09:01:29.0396 0x20d8  [ 0545A3EB959CFA4790D267BFB8C1ACA4, 69061E33ACB7587D773D05000390F9101F71DFD6EED7973B551594EAF3F04193 ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
09:01:29.0416 0x20d8  gupdate - ok
09:01:29.0434 0x20d8  [ 0545A3EB959CFA4790D267BFB8C1ACA4, 69061E33ACB7587D773D05000390F9101F71DFD6EED7973B551594EAF3F04193 ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
09:01:29.0449 0x20d8  gupdatem - ok
09:01:29.0449 0x20d8  HdAudAddService - ok
09:01:29.0465 0x20d8  HDAudBus - ok
09:01:29.0465 0x20d8  HidBatt - ok
09:01:29.0465 0x20d8  HidBth - ok
09:01:29.0465 0x20d8  hidi2c - ok
09:01:29.0465 0x20d8  hidinterrupt - ok
09:01:29.0465 0x20d8  HidIr - ok
09:01:29.0496 0x20d8  hidserv - ok
09:01:29.0518 0x20d8  [ 38DA94B6DD8022DA43810E4328608E54, ACE0A36143FF37BC42F136DB7317028540D1C0F21A5FD13F67E1A3DB2426A5EA ] HIDSwitch       C:\WINDOWS\System32\drivers\AsHIDSwitch64.sys
09:01:29.0518 0x20d8  HIDSwitch - ok
09:01:29.0580 0x20d8  HidUsb - ok
09:01:29.0580 0x20d8  HomeGroupListener - ok
09:01:29.0615 0x20d8  HomeGroupProvider - ok
09:01:29.0618 0x20d8  HpSAMD - ok
09:01:29.0634 0x20d8  HTTP - ok
09:01:29.0649 0x20d8  HvHost - ok
09:01:29.0781 0x20d8  hvservice - ok
09:01:29.0796 0x20d8  hwpolicy - ok
09:01:29.0796 0x20d8  hyperkbd - ok
09:01:29.0818 0x20d8  i8042prt - ok
09:01:29.0819 0x20d8  iagpio - ok
09:01:29.0819 0x20d8  iai2c - ok
09:01:29.0819 0x20d8  iaLPSS2i_GPIO2 - ok
09:01:29.0819 0x20d8  iaLPSS2i_I2C - ok
09:01:29.0850 0x20d8  iaLPSSi_GPIO - ok
09:01:29.0850 0x20d8  iaLPSSi_I2C - ok
09:01:29.0919 0x20d8  [ 5F6CA62BE8ECC4D0E1F5D4D4A02B456B, F720A1F14C9053D24C5B42827E5F9578A27F3E62A6C65A3CFA068E580F02F072 ] iaStorA         C:\WINDOWS\system32\drivers\iaStorA.sys
09:01:29.0966 0x20d8  iaStorA - ok
09:01:29.0966 0x20d8  iaStorAV - ok
09:01:29.0966 0x20d8  iaStorV - ok
09:01:29.0966 0x20d8  ibbus - ok
09:01:29.0997 0x20d8  icssvc - ok
09:01:30.0201 0x20d8  [ 7BA5F6FEAA79BB7C7A635E6B3982A0D3, 3AD37704AFB4FFA8877EC4B651C8C5B624CC8340E1392CCFCF14C2FC53259E2C ] igfx            C:\WINDOWS\system32\DRIVERS\igdkmd64.sys
09:01:30.0339 0x20d8  igfx - ok
09:01:30.0371 0x20d8  [ AFDAB46F7D47A5D298A4F956A3C18116, C329A1BF2F8FD703EE8AFC6F99297386BAD8217B98EA2300578B8EADA9F06D52 ] igfxCUIService2.0.0.0 C:\WINDOWS\system32\igfxCUIService.exe
09:01:30.0402 0x20d8  igfxCUIService2.0.0.0 - ok
09:01:30.0423 0x20d8  IKEEXT - ok
09:01:30.0423 0x20d8  IndirectKmd - ok
09:01:30.0555 0x20d8  [ 863F8914B6DB058F415215A1A433E7A1, B1F09DCBFD040A39B747DDC9375FF7CB45126E87EB85ABDA51B24B6D2D0BF8AE ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RTKVHD64.sys
09:01:30.0639 0x20d8  IntcAzAudAddService - ok
09:01:30.0686 0x20d8  [ E300D1E37B737ED14F7A08CD5604E5D9, 5C1135081E29D7F4A97D5CAA2C8FBE1DD04EC7A3D8E648E69F2AA9EBDD88EBBB ] IntcDAud        C:\WINDOWS\system32\DRIVERS\IntcDAud.sys
09:01:30.0701 0x20d8  IntcDAud - ok
09:01:30.0786 0x20d8  [ B63CF22D1AD2ABDC39D85851B2BEAA6D, 37E9043BABB5895BFD2B59AFB60C438B992C6EAA1B5FDE5B3445314343F4C406 ] Intel(R) Capability Licensing Service TCP IP Interface C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
09:01:30.0820 0x20d8  Intel(R) Capability Licensing Service TCP IP Interface - ok
09:01:30.0886 0x20d8  [ 8213094EA736A9C575AB0E22AD09B0BA, 12670A466B5AA37283BD4CB481D000DE3AE2A8D1BD159F67A41703A6FE5675EC ] Intel(R) Security Assist C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe
09:01:30.0901 0x20d8  Intel(R) Security Assist - detected UnsignedFile.Multi.Generic ( 1 )
09:01:31.0023 0x20d8  Detect skipped due to KSN trusted
09:01:31.0023 0x20d8  Intel(R) Security Assist - ok
09:01:31.0054 0x20d8  [ 72586E6D6DD4144D0C4CBD9D2653BBED, 3EE3CBB98D7A2CEEC92A86D5D2F49733BB1FD42F45CDE8973B71022E57093BBA ] IntelHSWPcc     C:\WINDOWS\system32\drivers\IntelPcc.sys
09:01:31.0054 0x20d8  IntelHSWPcc - ok
09:01:31.0086 0x20d8  intelide - ok
09:01:31.0118 0x20d8  intelpep - ok
09:01:31.0121 0x20d8  intelppm - ok
09:01:31.0139 0x20d8  iorate - ok
09:01:31.0155 0x20d8  IpFilterDriver - ok
09:01:31.0186 0x20d8  iphlpsvc - ok
09:01:31.0202 0x20d8  IPMIDRV - ok
09:01:31.0202 0x20d8  IPNAT - ok
09:01:31.0219 0x20d8  irda - ok
09:01:31.0221 0x20d8  IRENUM - ok
09:01:31.0223 0x20d8  irmon - ok
09:01:31.0254 0x20d8  [ 1DFC3CCA51785254C5604238BB1A5467, 31451A90A91AEE14C6B24F84CB9816E5C77179D411B8B3E8547F538235BEEFB0 ] isaHelperSvc    C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe
09:01:31.0254 0x20d8  isaHelperSvc - detected UnsignedFile.Multi.Generic ( 1 )
09:01:31.0354 0x20d8  Detect skipped due to KSN trusted
09:01:31.0354 0x20d8  isaHelperSvc - ok
09:01:31.0386 0x20d8  isapnp - ok
09:01:31.0386 0x20d8  iScsiPrt - ok
09:01:31.0439 0x20d8  [ 038CDE75D1D81B157C133EFC3471F939, 4E64FE8ECD53C06FCC07E361B727A6689E0738D453CE4EFB9C64428F3884DE46 ] jhi_service     C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
09:01:31.0454 0x20d8  jhi_service - ok
09:01:31.0454 0x20d8  kbdclass - ok
09:01:31.0470 0x20d8  kbdhid - ok
09:01:31.0470 0x20d8  kdnic - ok
09:01:31.0518 0x20d8  KeyIso - ok
09:01:31.0543 0x20d8  [ ED8E4FEC1D078C709DCC4D920416F7F5, 06197ECC1C8F315F6D843313AF24D269F1AAECC349D6E3BAA039057C85C75E72 ] Kingsoft_WPS_UpdateService C:\Program Files (x86)\Kingsoft\WPS Office\9.1.0.4947\wtoolex\wpsupdatesvr.exe
09:01:31.0558 0x20d8  Kingsoft_WPS_UpdateService - ok
09:01:31.0558 0x20d8  KSecDD - ok
09:01:31.0574 0x20d8  KSecPkg - ok
09:01:31.0590 0x20d8  ksthunk - ok
09:01:31.0590 0x20d8  KtmRm - ok
09:01:31.0605 0x20d8  LanmanServer - ok
09:01:31.0627 0x20d8  LanmanWorkstation - ok
09:01:31.0643 0x20d8  lfsvc - ok
09:01:31.0643 0x20d8  LicenseManager - ok
09:01:31.0674 0x20d8  [ 5EA407821BB3104C31A705175AB4F309, 32A350065990047E80B452FD2B82BC9B8E68AF3F8EA8CCD60E59FFD6D24CDF7C ] lirsgt          C:\WINDOWS\system32\DRIVERS\lirsgt.sys
09:01:31.0674 0x20d8  lirsgt - ok
09:01:31.0805 0x20d8  [ D15EBE877305F8CAB5C78822C9BA3C9F, 36D3BE65DF33EC2702C7A1B2DA0358D7F944C8C7A402A5D46DAC3D3DD8444570 ] LiveUpdateSvc   C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe
09:01:31.0859 0x20d8  LiveUpdateSvc - ok
09:01:31.0874 0x20d8  lltdio - ok
09:01:31.0874 0x20d8  lltdsvc - ok
09:01:31.0890 0x20d8  lmhosts - ok
09:01:31.0943 0x20d8  [ 57AD6DFAB9C84BAAF008F57DFE2335EA, 8981A7D1C1FBA57530B274246D5DD4D8C09D16A255B0E91EDB7047F0E6910C23 ] LMS             C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
09:01:31.0958 0x20d8  LMS - ok
09:01:31.0989 0x20d8  LSI_SAS - ok
09:01:31.0989 0x20d8  LSI_SAS2i - ok
09:01:31.0989 0x20d8  LSI_SAS3i - ok
09:01:32.0005 0x20d8  LSI_SSS - ok
09:01:32.0027 0x20d8  LSM - ok
09:01:32.0043 0x20d8  luafv - ok
09:01:32.0058 0x20d8  MapsBroker - ok
09:01:32.0074 0x20d8  mccspsvc - ok
09:01:32.0090 0x20d8  megasas - ok
09:01:32.0121 0x20d8  megasas2i - ok
09:01:32.0124 0x20d8  megasr - ok
09:01:32.0143 0x20d8  [ 296C443FCC228EA643ED310465772820, 4846A29DD631E2E253560E7A28439AE11F244AB77F0C826AD56EA485577DBDD6 ] MEIx64          C:\WINDOWS\System32\drivers\TeeDriverW8x64.sys
09:01:32.0158 0x20d8  MEIx64 - ok
09:01:32.0190 0x20d8  MessagingService - ok
09:01:32.0190 0x20d8  mlx4_bus - ok
09:01:32.0190 0x20d8  MMCSS - ok
09:01:32.0190 0x20d8  Modem - ok
09:01:32.0205 0x20d8  monitor - ok
09:01:32.0205 0x20d8  mouclass - ok
09:01:32.0223 0x20d8  mouhid - ok
09:01:32.0225 0x20d8  mountmgr - ok
09:01:32.0227 0x20d8  mpsdrv - ok
09:01:32.0227 0x20d8  MpsSvc - ok
09:01:32.0258 0x20d8  MRxDAV - ok
09:01:32.0274 0x20d8  mrxsmb - ok
09:01:32.0305 0x20d8  mrxsmb10 - ok
09:01:32.0326 0x20d8  mrxsmb20 - ok
09:01:32.0327 0x20d8  MsBridge - ok
09:01:32.0343 0x20d8  MSDTC - ok
09:01:32.0358 0x20d8  Msfs - ok
09:01:32.0358 0x20d8  msgpiowin32 - ok
09:01:32.0374 0x20d8  mshidkmdf - ok
09:01:32.0374 0x20d8  mshidumdf - ok
09:01:32.0374 0x20d8  msisadrv - ok
09:01:32.0405 0x20d8  MSiSCSI - ok
09:01:32.0405 0x20d8  msiserver - ok
09:01:32.0427 0x20d8  MSKSSRV - ok
09:01:32.0427 0x20d8  MsLldp - ok
09:01:32.0427 0x20d8  MSPCLOCK - ok
09:01:32.0427 0x20d8  MSPQM - ok
09:01:32.0442 0x20d8  MsRPC - ok
09:01:32.0442 0x20d8  mssmbios - ok
09:01:32.0442 0x20d8  MSTEE - ok
09:01:32.0442 0x20d8  MTConfig - ok
09:01:32.0458 0x20d8  Mup - ok
09:01:32.0458 0x20d8  mvumis - ok
09:01:32.0458 0x20d8  NativeWifiP - ok
09:01:32.0474 0x20d8  NcaSvc - ok
09:01:32.0489 0x20d8  NcbService - ok
09:01:32.0489 0x20d8  NcdAutoSetup - ok
09:01:32.0489 0x20d8  ndfltr - ok
09:01:32.0505 0x20d8  NDIS - ok
09:01:32.0523 0x20d8  NdisCap - ok
09:01:32.0527 0x20d8  NdisImPlatform - ok
09:01:32.0542 0x20d8  NdisTapi - ok
09:01:32.0542 0x20d8  Ndisuio - ok
09:01:32.0542 0x20d8  NdisVirtualBus - ok
09:01:32.0542 0x20d8  NdisWan - ok
09:01:32.0542 0x20d8  ndiswanlegacy - ok
09:01:32.0542 0x20d8  ndproxy - ok
09:01:32.0558 0x20d8  Ndu - ok
09:01:32.0558 0x20d8  NetAdapterCx - ok
09:01:32.0558 0x20d8  NetBIOS - ok
09:01:32.0558 0x20d8  NetBT - ok
09:01:32.0574 0x20d8  Netlogon - ok
09:01:32.0589 0x20d8  Netman - ok
09:01:32.0589 0x20d8  netprofm - ok
09:01:32.0625 0x20d8  NetSetupSvc - ok
09:01:32.0674 0x20d8  NetTcpPortSharing - ok
09:01:32.0789 0x20d8  [ 9EE21F7D46BD2B0F128E0907BABC7D28, 158CE7A2D8FD23CDAB6DF8EF35F624DF85435D2DF273EABF128D46354E12238B ] NetUtils2016    C:\WINDOWS\system32\drivers\NetUtils2016.sys
09:01:32.0789 0x20d8  Suspicious file ( NoAccess ): C:\WINDOWS\system32\drivers\NetUtils2016.sys. md5: 9EE21F7D46BD2B0F128E0907BABC7D28, sha256: 158CE7A2D8FD23CDAB6DF8EF35F624DF85435D2DF273EABF128D46354E12238B
09:01:32.0789 0x20d8  NetUtils2016 - detected LockedFile.Multi.Generic ( 1 )
09:01:32.0943 0x20d8  NetUtils2016 ( LockedFile.Multi.Generic ) - warning
09:01:32.0943 0x20d8  Force sending object to P2P due to detect: NetUtils2016
09:01:33.0158 0x20d8  Object send P2P result: true
09:01:33.0358 0x20d8  NgcCtnrSvc - ok
09:01:33.0358 0x20d8  NgcSvc - ok
09:01:33.0373 0x20d8  NlaSvc - ok
09:01:33.0389 0x20d8  Npfs - ok
09:01:33.0405 0x20d8  npsvctrig - ok
09:01:33.0425 0x20d8  nsi - ok
09:01:33.0427 0x20d8  nsiproxy - ok
09:01:33.0443 0x20d8  NTFS - ok
09:01:33.0443 0x20d8  Null - ok
09:01:33.0889 0x20d8  [ 60328FA27CB565D708CACAC8206037FB, 6D3A4B1B593428CA9F6EB2607C3F5A60DFEB92F4F437956FD916DF6B3B8E27FD ] nvlddmkm        C:\WINDOWS\System32\DriverStore\FileRepository\nvamwu.inf_amd64_d4715679184092a8\nvlddmkm.sys
09:01:34.0158 0x20d8  nvlddmkm - ok
09:01:34.0205 0x20d8  nvraid - ok
09:01:34.0221 0x20d8  nvstor - ok
09:01:34.0273 0x20d8  [ 85397430F424516BF8300FAAEF929366, 2EDF41407C7483AC8E4703BC0A13F764563E4B00D6923FD4678E6E361AC14D6B ] nvsvc           C:\WINDOWS\system32\nvvsvc.exe
09:01:34.0305 0x20d8  nvsvc - ok
09:01:34.0342 0x20d8  OneSyncSvc - ok
09:01:34.0458 0x20d8  [ F0E3F6F3E51EC1ABE2B6A57B65768B23, 0A82CFFB6F53A219E4CEA0747AD715BBFC8496E3227E7BCB5EBC43DB734C99F1 ] Origin Client Service C:\Program Files (x86)\Origin\OriginClientService.exe
09:01:34.0504 0x20d8  Origin Client Service - ok
09:01:34.0593 0x20d8  [ 4966CBBEA41A8F5F83A50D616E98D44C, C1C621B33BCD3930D7E40034F47D06B6E0E27DEA63AA454EB2777FFC6A8DA8A7 ] Origin Web Helper Service C:\Program Files (x86)\Origin\OriginWebHelperService.exe
09:01:34.0646 0x20d8  Origin Web Helper Service - ok
09:01:34.0728 0x20d8  [ 5B32D0B4376B02DA2DCFC8C521D66A11, 7442DA396874D01015345930ABB5986F66538CE80F06EA4758131E75954DBAF8 ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
09:01:34.0731 0x20d8  ose - ok
09:01:34.0747 0x20d8  p2pimsvc - ok
09:01:34.0762 0x20d8  p2psvc - ok
09:01:34.0778 0x20d8  Parport - ok
09:01:34.0778 0x20d8  partmgr - ok
09:01:34.0809 0x20d8  PcaSvc - ok
09:01:34.0809 0x20d8  pci - ok
09:01:34.0862 0x20d8  pciide - ok
09:01:34.0862 0x20d8  pcmcia - ok
09:01:34.0862 0x20d8  pcw - ok
09:01:34.0893 0x20d8  pdc - ok
09:01:34.0893 0x20d8  PEAUTH - ok
09:01:34.0893 0x20d8  percsas2i - ok
09:01:34.0893 0x20d8  percsas3i - ok
09:01:34.0962 0x20d8  PerfHost - ok
09:01:34.0962 0x20d8  PhoneSvc - ok
09:01:34.0977 0x20d8  PimIndexMaintenanceSvc - ok
09:01:34.0993 0x20d8  pla - ok
09:01:35.0009 0x20d8  PlugPlay - ok
09:01:35.0030 0x20d8  PNRPAutoReg - ok
09:01:35.0030 0x20d8  PNRPsvc - ok
09:01:35.0062 0x20d8  PolicyAgent - ok
09:01:35.0062 0x20d8  Power - ok
09:01:35.0062 0x20d8  PptpMiniport - ok
09:01:35.0230 0x20d8  [ 30AA256A85C1A7B17A590B1C5244D28E, 2C1FB30DEF53C37CA0D0CA54B65CB8572C53DDFB430DE57F964253F1082ACEA0 ] PrintNotify     C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfig.dll
09:01:35.0330 0x20d8  PrintNotify - ok
09:01:35.0347 0x20d8  Processor - ok
09:01:35.0362 0x20d8  ProfSvc - ok
09:01:35.0378 0x20d8  Psched - ok
09:01:35.0378 0x20d8  QForlLgs0EYm Updater - ok
09:01:35.0378 0x20d8  QWAVE - ok
09:01:35.0394 0x20d8  QWAVEdrv - ok
09:01:35.0394 0x20d8  RasAcd - ok
09:01:35.0431 0x20d8  RasAgileVpn - ok
09:01:35.0447 0x20d8  RasAuto - ok
09:01:35.0447 0x20d8  Rasl2tp - ok
09:01:35.0462 0x20d8  RasMan - ok
09:01:35.0462 0x20d8  RasPppoe - ok
09:01:35.0462 0x20d8  RasSstp - ok
09:01:35.0478 0x20d8  rdbss - ok
09:01:35.0493 0x20d8  rdpbus - ok
09:01:35.0509 0x20d8  RDPDR - ok
09:01:35.0531 0x20d8  RdpVideoMiniport - ok
09:01:35.0531 0x20d8  rdyboost - ok
09:01:35.0531 0x20d8  ReFSv1 - ok
09:01:35.0547 0x20d8  RemoteAccess - ok
09:01:35.0562 0x20d8  RemoteRegistry - ok
09:01:35.0578 0x20d8  RetailDemo - ok
09:01:35.0578 0x20d8  RmSvc - ok
09:01:35.0578 0x20d8  RpcEptMapper - ok
09:01:35.0609 0x20d8  RpcLocator - ok
09:01:35.0631 0x20d8  RpcSs - ok
09:01:35.0631 0x20d8  rspndr - ok
09:01:35.0678 0x20d8  [ E11A3F79475F9D019CD51ADCCC377909, CF14C494C4A969233C1D2B32A56C86C8636AC70004725B53447C42EB63C31BA9 ] rt640x64        C:\WINDOWS\System32\drivers\rt640x64.sys
09:01:35.0694 0x20d8  rt640x64 - ok
09:01:35.0747 0x20d8  [ 53FC65C60661B26BB8A47750306FEDF5, E376096556B29DB9726800DDFCDD6FFF281EFB94F4EE64F794ACC851AB3954B9 ] RTSPER          C:\WINDOWS\system32\DRIVERS\RtsPer.sys
09:01:35.0762 0x20d8  RTSPER - ok
09:01:35.0794 0x20d8  s3cap - ok
09:01:35.0831 0x20d8  SamSs - ok
09:01:35.0847 0x20d8  sbp2port - ok
09:01:35.0878 0x20d8  SCardSvr - ok
09:01:35.0909 0x20d8  ScDeviceEnum - ok
09:01:35.0947 0x20d8  scfilter - ok
09:01:35.0947 0x20d8  Schedule - ok
09:01:35.0978 0x20d8  scmbus - ok
09:01:35.0978 0x20d8  scmdisk0101 - ok
09:01:36.0009 0x20d8  SCPolicySvc - ok
09:01:36.0031 0x20d8  sdbus - ok
09:01:36.0047 0x20d8  SDRSVC - ok
09:01:36.0062 0x20d8  sdstor - ok
09:01:36.0062 0x20d8  seclogon - ok
09:01:36.0147 0x20d8  [ EA160DB2589350DFF52C7ACCD7763187, 1EA4C33AE67EE0EC0748D892D402AD49832FE752F6864AF99AFCA52873D6F4A4 ] SecureLine      C:\Program Files\AVAST Software\SecureLine\VpnSvc.exe
09:01:36.0178 0x20d8  SecureLine - ok
09:01:36.0194 0x20d8  SENS - ok
09:01:36.0209 0x20d8  SensorDataService - ok
09:01:36.0231 0x20d8  SensorService - ok
09:01:36.0231 0x20d8  SensrSvc - ok
09:01:36.0247 0x20d8  SerCx - ok
09:01:36.0247 0x20d8  SerCx2 - ok
09:01:36.0247 0x20d8  Serenum - ok
09:01:36.0247 0x20d8  Serial - ok
09:01:36.0247 0x20d8  sermouse - ok
09:01:36.0262 0x20d8  SessionEnv - ok
09:01:36.0262 0x20d8  sfloppy - ok
09:01:36.0331 0x20d8  SharedAccess - ok
09:01:36.0347 0x20d8  ShellHWDetection - ok
09:01:36.0362 0x20d8  shpamsvc - ok
09:01:36.0362 0x20d8  SiSRaid2 - ok
09:01:36.0362 0x20d8  SiSRaid4 - ok
09:01:36.0378 0x20d8  smphost - ok
09:01:36.0394 0x20d8  SmsRouter - ok
09:01:36.0409 0x20d8  SNMPTRAP - ok
09:01:36.0447 0x20d8  spaceport - ok
09:01:36.0447 0x20d8  SpbCx - ok
09:01:36.0478 0x20d8  Spooler - ok
09:01:36.0509 0x20d8  sppsvc - ok
09:01:36.0531 0x20d8  srv - ok
09:01:36.0531 0x20d8  srv2 - ok
09:01:36.0531 0x20d8  srvnet - ok
09:01:36.0547 0x20d8  SSDPSRV - ok
09:01:36.0563 0x20d8  SstpSvc - ok
09:01:36.0594 0x20d8  [ 592FF34A2FD6C6351B8A3AA76B2C0A9E, 152B7472DE531AC45492F562DD470B2CE33F1EEF13BC78F26046AE5ABF54E32F ] ssudmdm         C:\WINDOWS\system32\DRIVERS\ssudmdm.sys
09:01:36.0609 0x20d8  ssudmdm - ok
09:01:36.0631 0x20d8  StateRepository - ok
09:01:36.0731 0x20d8  [ C8DC0C34715627ABF7A265ED27D1F75A, 5B8B9AC65D7458A8C6C868107E0BE3F9B1A1A5117FC69FDC260BAA9F1BDD0008 ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
09:01:36.0763 0x20d8  Steam Client Service - ok
09:01:36.0794 0x20d8  stexstor - ok
09:01:36.0829 0x20d8  stisvc - ok
09:01:36.0847 0x20d8  storahci - ok
09:01:36.0847 0x20d8  storflt - ok
09:01:36.0847 0x20d8  stornvme - ok
09:01:36.0847 0x20d8  storqosflt - ok
09:01:36.0878 0x20d8  StorSvc - ok
09:01:36.0878 0x20d8  storufs - ok
09:01:36.0878 0x20d8  storvsc - ok
09:01:36.0894 0x20d8  svsvc - ok
09:01:36.0894 0x20d8  swenum - ok
09:01:36.0894 0x20d8  swprv - ok
09:01:36.0909 0x20d8  Synth3dVsc - ok
09:01:36.0931 0x20d8  SysMain - ok
09:01:36.0931 0x20d8  SystemEventsBroker - ok
09:01:36.0947 0x20d8  TabletInputService - ok
09:01:36.0947 0x20d8  TapiSrv - ok
09:01:36.0947 0x20d8  Tcpip - ok
09:01:36.0947 0x20d8  Tcpip6 - ok
09:01:36.0978 0x20d8  tcpipreg - ok
09:01:36.0978 0x20d8  tdx - ok
09:01:36.0978 0x20d8  terminpt - ok
09:01:36.0994 0x20d8  TermService - ok
09:01:36.0994 0x20d8  Themes - ok
09:01:37.0027 0x20d8  TieringEngineService - ok
09:01:37.0030 0x20d8  tiledatamodelsvc - ok
09:01:37.0032 0x20d8  TimeBrokerSvc - ok
09:01:37.0047 0x20d8  TPM - ok
09:01:37.0047 0x20d8  TrkWks - ok
09:01:37.0078 0x20d8  TrustedInstaller - ok
09:01:37.0078 0x20d8  tsusbflt - ok
09:01:37.0110 0x20d8  TsUsbGD - ok
09:01:37.0110 0x20d8  tunnel - ok
09:01:37.0131 0x20d8  tzautoupdate - ok
09:01:37.0147 0x20d8  UASPStor - ok
09:01:37.0147 0x20d8  UcmCx0101 - ok
09:01:37.0163 0x20d8  UcmTcpciCx0101 - ok
09:01:37.0163 0x20d8  UcmUcsi - ok
09:01:37.0163 0x20d8  Ucx01000 - ok
09:01:37.0163 0x20d8  UdeCx - ok
09:01:37.0163 0x20d8  udfs - ok
09:01:37.0163 0x20d8  UEFI - ok
09:01:37.0178 0x20d8  Ufx01000 - ok
09:01:37.0178 0x20d8  UfxChipidea - ok
09:01:37.0178 0x20d8  ufxsynopsys - ok
09:01:37.0178 0x20d8  UI0Detect - ok
09:01:37.0194 0x20d8  umbus - ok
09:01:37.0194 0x20d8  UmPass - ok
09:01:37.0194 0x20d8  UmRdpService - ok
09:01:37.0229 0x20d8  UnistoreSvc - ok
09:01:37.0231 0x20d8  upnphost - ok
09:01:37.0231 0x20d8  UrsChipidea - ok
09:01:37.0247 0x20d8  UrsCx01000 - ok
09:01:37.0247 0x20d8  UrsSynopsys - ok
09:01:37.0247 0x20d8  usbccgp - ok
09:01:37.0247 0x20d8  usbcir - ok
09:01:37.0247 0x20d8  usbehci - ok
09:01:37.0263 0x20d8  usbhub - ok
09:01:37.0263 0x20d8  USBHUB3 - ok
09:01:37.0263 0x20d8  usbohci - ok
09:01:37.0278 0x20d8  usbprint - ok
09:01:37.0278 0x20d8  usbser - ok
09:01:37.0278 0x20d8  USBSTOR - ok
09:01:37.0310 0x20d8  usbuhci - ok
09:01:37.0332 0x20d8  usbvideo - ok
09:01:37.0332 0x20d8  USBXHCI - ok
09:01:37.0364 0x20d8  UserDataSvc - ok
09:01:37.0379 0x20d8  UserManager - ok
09:01:37.0395 0x20d8  UsoSvc - ok
09:01:37.0395 0x20d8  VaultSvc - ok
09:01:37.0395 0x20d8  vdrvroot - ok
09:01:37.0411 0x20d8  vds - ok
09:01:37.0411 0x20d8  VerifierExt - ok
09:01:37.0411 0x20d8  vhdmp - ok
09:01:37.0411 0x20d8  vhf - ok
09:01:37.0428 0x20d8  vmbus - ok
09:01:37.0431 0x20d8  VMBusHID - ok
09:01:37.0433 0x20d8  vmgid - ok
09:01:37.0433 0x20d8  vmicguestinterface - ok
09:01:37.0433 0x20d8  vmicheartbeat - ok
09:01:37.0433 0x20d8  vmickvpexchange - ok
09:01:37.0464 0x20d8  vmicrdv - ok
09:01:37.0464 0x20d8  vmicshutdown - ok
09:01:37.0464 0x20d8  vmictimesync - ok
09:01:37.0464 0x20d8  vmicvmsession - ok
09:01:37.0464 0x20d8  vmicvss - ok
09:01:37.0480 0x20d8  volmgr - ok
09:01:37.0480 0x20d8  volmgrx - ok
09:01:37.0480 0x20d8  volsnap - ok
09:01:37.0480 0x20d8  volume - ok
09:01:37.0496 0x20d8  vpci - ok
09:01:37.0511 0x20d8  vsmraid - ok
09:01:37.0511 0x20d8  VSS - ok
09:01:37.0511 0x20d8  VSTXRAID - ok
09:01:37.0533 0x20d8  vwifibus - ok
09:01:37.0533 0x20d8  vwififlt - ok
09:01:37.0533 0x20d8  vwifimp - ok
09:01:37.0548 0x20d8  W32Time - ok
09:01:37.0548 0x20d8  WacomPen - ok
09:01:37.0580 0x20d8  WalletService - ok
09:01:37.0580 0x20d8  wanarp - ok
09:01:37.0580 0x20d8  wanarpv6 - ok
09:01:37.0611 0x20d8  wbengine - ok
09:01:37.0627 0x20d8  WbioSrvc - ok
09:01:37.0630 0x20d8  wcifs - ok
09:01:37.0649 0x20d8  Wcmsvc - ok
09:01:37.0649 0x20d8  wcncsvc - ok
09:01:37.0649 0x20d8  wcnfs - ok
09:01:37.0649 0x20d8  WdBoot - ok
09:01:37.0665 0x20d8  Wdf01000 - ok
09:01:37.0665 0x20d8  WdFilter - ok
09:01:37.0665 0x20d8  WdiServiceHost - ok
09:01:37.0665 0x20d8  WdiSystemHost - ok
09:01:37.0665 0x20d8  wdiwifi - ok
09:01:37.0680 0x20d8  WdNisDrv - ok
09:01:37.0712 0x20d8  WdNisSvc - ok
09:01:37.0712 0x20d8  WebClient - ok
09:01:37.0712 0x20d8  Wecsvc - ok
09:01:37.0712 0x20d8  WEPHOSTSVC - ok
09:01:37.0733 0x20d8  wercplsupport - ok
09:01:37.0733 0x20d8  WerSvc - ok
09:01:37.0733 0x20d8  WFPLWFS - ok
09:01:37.0749 0x20d8  WiaRpc - ok
09:01:37.0764 0x20d8  WIMMount - ok
09:01:37.0764 0x20d8  WinDefend - ok
09:01:37.0780 0x20d8  WindowsTrustedRT - ok
09:01:37.0796 0x20d8  WindowsTrustedRTProxy - ok
09:01:37.0796 0x20d8  WinHttpAutoProxySvc - ok
09:01:37.0811 0x20d8  WinMad - ok
09:01:37.0864 0x20d8  Winmgmt - ok
09:01:37.0896 0x20d8  WinRM - ok
09:01:37.0929 0x20d8  WINUSB - ok
09:01:37.0932 0x20d8  WinVerbs - ok
09:01:37.0965 0x20d8  wisvc - ok
09:01:38.0012 0x20d8  WlanSvc - ok
09:01:38.0049 0x20d8  wlidsvc - ok
09:01:38.0049 0x20d8  WmiAcpi - ok
09:01:38.0080 0x20d8  wmiApSrv - ok
09:01:38.0111 0x20d8  WMPNetworkSvc - ok
09:01:38.0111 0x20d8  Wof - ok
09:01:38.0133 0x20d8  workfolderssvc - ok
09:01:38.0149 0x20d8  WPDBusEnum - ok
09:01:38.0164 0x20d8  WpdUpFltr - ok
09:01:38.0180 0x20d8  WpnService - ok
09:01:38.0196 0x20d8  WpnUserService - ok
09:01:38.0196 0x20d8  ws2ifsl - ok
09:01:38.0233 0x20d8  wscsvc - ok
09:01:38.0249 0x20d8  WSDPrintDevice - ok
09:01:38.0249 0x20d8  WSDScan - ok
09:01:38.0264 0x20d8  WSearch - ok
09:01:38.0296 0x20d8  wuauserv - ok
09:01:38.0296 0x20d8  WudfPf - ok
09:01:38.0296 0x20d8  WUDFRd - ok
09:01:38.0311 0x20d8  wudfsvc - ok
09:01:38.0311 0x20d8  WUDFWpdFs - ok
09:01:38.0311 0x20d8  WUDFWpdMtp - ok
09:01:38.0333 0x20d8  WwanSvc - ok
09:01:38.0333 0x20d8  XblAuthManager - ok
09:01:38.0380 0x20d8  XblGameSave - ok
09:01:38.0380 0x20d8  xboxgip - ok
09:01:38.0380 0x20d8  XboxNetApiSvc - ok
09:01:38.0411 0x20d8  xinputhid - ok
09:01:38.0411 0x20d8  ================ Scan global ===============================
09:01:38.0496 0x20d8  [ Global ] - ok
09:01:38.0496 0x20d8  ================ Scan MBR ==================================
09:01:38.0511 0x20d8  [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk0\DR0
09:01:38.0580 0x20d8  \Device\Harddisk0\DR0 - ok
09:01:38.0580 0x20d8  ================ Scan VBR ==================================
09:01:38.0611 0x20d8  [ 8612D8C43B1E7B4CC91ABCE7E061BE09 ] \Device\Harddisk0\DR0\Partition1
09:01:38.0611 0x20d8  \Device\Harddisk0\DR0\Partition1 - ok
09:01:38.0629 0x20d8  [ 494C8CC71311C136DFDA0E9135EF2DC7 ] \Device\Harddisk0\DR0\Partition2
09:01:38.0630 0x20d8  \Device\Harddisk0\DR0\Partition2 - ok
09:01:38.0633 0x20d8  [ B7B9AB72ADA5D3F5A166E238F12251A9 ] \Device\Harddisk0\DR0\Partition3
09:01:38.0633 0x20d8  \Device\Harddisk0\DR0\Partition3 - ok
09:01:38.0665 0x20d8  [ 18C6C31C768DBA80CBA3ACC39CAD1923 ] \Device\Harddisk0\DR0\Partition4
09:01:38.0665 0x20d8  \Device\Harddisk0\DR0\Partition4 - ok
09:01:38.0681 0x20d8  [ DFC5EFFB659D1F9A44836D3B95F59B01 ] \Device\Harddisk0\DR0\Partition5
09:01:38.0681 0x20d8  \Device\Harddisk0\DR0\Partition5 - ok
09:01:38.0681 0x20d8  ================ Scan generic autorun ======================
09:01:38.0765 0x20d8  [ FEDF59A44767480267C5615C46F0FBA5, 91FE9E7E1FC471E99BD769F4F6FC96934B91A3E5406A921CD75292021B72C3CF ] C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
09:01:38.0834 0x20d8  NvBackend - ok
09:01:38.0834 0x20d8  WindowsDefender - ok
09:01:38.0881 0x20d8  [ A443A7C05ABF0FCD16E89593F63B633B, 3F579132A39AEC2513CD286AB9A43534DC05F9502FD1A369126236F69EF76282 ] C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
09:01:38.0896 0x20d8  SunJavaUpdateSched - ok
09:01:38.0980 0x20d8  OneDriveSetup - ok
09:01:38.0980 0x20d8  OneDriveSetup - ok
09:01:39.0082 0x20d8  [ 3F218819210022E0D585957FB155D4A3, A2F27FCB349BAE82B4A4475F3C26E5D57D0EC07C22228F35CFFE3ABBFBA2EEF8 ] C:\Program Files (x86)\Steam\steam.exe
09:01:39.0136 0x20d8  Steam - ok
09:01:39.0136 0x20d8  Waiting for KSN requests completion. In queue: 46
09:01:40.0153 0x20d8  AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.10.14393.1198 ), 0x60100 ( disabled : updated )
09:01:40.0153 0x20d8  Win FW state via NFP2: enabled ( trusted )
09:01:40.0257 0x20d8  ============================================================
09:01:40.0257 0x20d8  Scan finished
09:01:40.0257 0x20d8  ============================================================
09:01:40.0257 0x22c8  Detected object count: 1
09:01:40.0257 0x22c8  Actual detected object count: 1
09:02:02.0076 0x22c8  NetUtils2016 ( LockedFile.Multi.Generic ) - skipped by user
09:02:02.0076 0x22c8  NetUtils2016 ( LockedFile.Multi.Generic ) - User select action: Skip

M-K-D-B · 20.05.2017, 10:58

Servus,

Schritt 1
Downloade Dir bitte AdwCleaner auf deinen Desktop.

Schließe alle offenen Programme und Browser.
Starte die adwcleaner.exe mit einem Doppelklick.
Stimme den Nutzungsbedingungen zu.
Klicke auf Werkzeuge > Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
- Image File Execution Options Schlüssel
- "Tracing" Schlüssel
- "Prefetch" Dateien
- Proxy
- Winsock
- TCP/IP Einstellungen
- Firewall
- Internet Explorer Richtlinien
- Chrome Richtlinien
Bestätige die Auswahl mit Ok.
Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
Klicke nun auf Löschen (auch dann wenn AdwCleaner sagt, dass nichts gefunden wurde) und bestätige auftretende Hinweise mit Ok.
Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Schritt 2
Downloade Dir bitte Malwarebytes Anti-Malware 3

Installiere das Programm in den vorgegebenen Pfad.
Starte Malwarebytes' Anti-Malware (MBAM).
Klicke im Anschluss auf Scan, wähle den Bedrohungs-Scan aus und klicke auf Scan starten.
Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Ausgewählte Elemente in die Quarantäne verschieben.
Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
Starte MBAM nach dem Neustart, klicke auf Berichte.
Wähle den neuesten Scan-Bericht aus, klicke auf Bericht anzeigen und dann auf Export.
Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab.
Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.

Schritt 3

Starte die FRST erneut. Vergewissere dich, dass vor Addition.txt ein Haken gesetzt ist und drücke auf Untersuchen.
FRST erstellt nun zwei Logdateien (FRST.txt und Addition.txt).
Poste mir beide Logdateien mit deiner nächsten Antwort.

Bitte poste mit deiner nächsten Antwort

die Logdatei von AdwCleaner,
die Logdatei von MBAM,
die beiden neuen Logdateien von FRST.

Luckyschatz · 20.05.2017, 12:55

Hallo,

ich habe jetzt nach dem Scannen mit dem adwcleaner ein Problem.
Nachdem er mir anzeigte, dass der PC neu gestartet wird, wurde das Bild erst normal schwarz, doch dann kam ein blaues Bild mit der Fehlermeldung:

Auf dem PC ist ein Problem aufgetreten. Er muss neu gestartet werden. Es werden einige Fehlerinformationen gesammelt und dann wird ein Neustart ausgeführt.

Stilstandcode: SYSTEM SCAN AT RAISED RQL CAUGHT IMPROPER DRIVER UNLOAD
Fehlerursache: NetUtils2016.sys

Danach startete der PC neu und mir wurde keine Logdatei angezeigt, allerdings eine erstellt, die ich hier mal einblende:

Code:

ATTFilter

# AdwCleaner v6.047 - Bericht erstellt am 20/05/2017 um 13:44:39
# Aktualisiert am 19/05/2017 von Malwarebytes
# Datenbank : 2017-05-19.1 [Lokal]
# Betriebssystem : Windows 10 Home  (X64)
# Benutzername : Pitti - DESKTOP-TP9DC4I
# Gestartet von : C:\Users\Pitti\Desktop\adwcleaner.exe
# Modus: Suchlauf
# Unterstützung : https://www.malwarebytes.com/support



***** [ Dienste ] *****

Dienst Gefunden: NetUtils2016


***** [ Ordner ] *****

Keine schädlichen Ordner gefunden.


***** [ Dateien ] *****

Datei Gefunden: C:\WINDOWS\SysNative\NetUtils2016.dll
Datei Gefunden: C:\WINDOWS\SysNative\drivers\NetUtils2016.sys


***** [ DLL ] *****

Keine infizierten DLLs gefunden.


***** [ WMI ] *****

Schlüssel Gefunden : \root\subscription\\ActiveScriptEventConsumer [ASEC]


***** [ Verknüpfungen ] *****

Verknüpfung infiziert: C:\Users\Public\Desktop\Google Chrome.lnk ( hxxp://www.yeadesktop.com/ )
Verknüpfung infiziert: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk ( hxxp://www.yeadesktop.com/ )


***** [ Aufgabenplanung ] *****

Keine schädlichen Aufgaben gefunden.


***** [ Registrierungsdatenbank ] *****

Keine schädlichen Elemente in der Registrierungsdatenbank gefunden.


***** [ Internetbrowser ] *****

Keine schädlichen Elemente in Firefox basierten Browsern gefunden.
Keine schädlichen Elemente in Chrome basierten Browsern gefunden.

*************************

C:\AdwCleaner\AdwCleaner[C0].txt - [37559 Bytes] - [18/05/2017 17:57:18]
C:\AdwCleaner\AdwCleaner[C2].txt - [1370 Bytes] - [18/05/2017 18:02:40]
C:\AdwCleaner\AdwCleaner[C3].txt - [3786 Bytes] - [19/05/2017 20:48:47]
C:\AdwCleaner\AdwCleaner[C4].txt - [1814 Bytes] - [19/05/2017 20:57:58]
C:\AdwCleaner\AdwCleaner[S0].txt - [34348 Bytes] - [18/05/2017 17:54:44]
C:\AdwCleaner\AdwCleaner[S1].txt - [1586 Bytes] - [18/05/2017 18:02:11]
C:\AdwCleaner\AdwCleaner[S2].txt - [3983 Bytes] - [19/05/2017 20:40:56]
C:\AdwCleaner\AdwCleaner[S3].txt - [4047 Bytes] - [19/05/2017 20:48:09]
C:\AdwCleaner\AdwCleaner[S4].txt - [1944 Bytes] - [19/05/2017 20:57:44]
C:\AdwCleaner\AdwCleaner[S5].txt - [2106 Bytes] - [19/05/2017 21:00:39]
C:\AdwCleaner\AdwCleaner[S6].txt - [2360 Bytes] - [20/05/2017 13:10:37]
C:\AdwCleaner\AdwCleaner[S7].txt - [2433 Bytes] - [20/05/2017 13:15:06]
C:\AdwCleaner\AdwCleaner[S8].txt - [2506 Bytes] - [20/05/2017 13:38:11]
C:\AdwCleaner\AdwCleaner[S9].txt - [2427 Bytes] - [20/05/2017 13:44:39]

########## EOF - C:\AdwCleaner\AdwCleaner[S9].txt - [2500 Bytes] ##########

Die folgenden Schritte habe ich jetzt noch nicht gemacht, wegen der Fehlermeldung

M-K-D-B · 20.05.2017, 16:47

Servus,

ok, wir ändern die Reihenfolge.

Erst MBAM ausführen, dann nochmal AdwCleaner, dann weiter wie beschrieben.

Luckyschatz · 21.05.2017, 13:38

Morgen

hier schon mal (der 1.Teil) von MBAM:

Code:

ATTFilter

Malwarebytes
www.malwarebytes.com

-Protokolldetails-
Scan-Datum: 21.05.17
Scan-Zeit: 14:14
Protokolldatei: mbam.txt
Administrator: Ja

-Softwaredaten-
Version: 3.1.2.1733
Komponentenversion: 1.0.122
Version des Aktualisierungspakets: 1.0.1987
Lizenz: Testversion

-Systemdaten-
Betriebssystem: Windows 10
CPU: x64
Dateisystem: NTFS
Benutzer: DESKTOP-TP9DC4I\Pitti

-Scan-Übersicht-
Scan-Typ: Bedrohungs-Scan
Ergebnis: Abgeschlossen
Gescannte Objekte: 392695
Erkannte Bedrohungen: 807
In die Quarantäne verschobene Bedrohungen: 806
Abgelaufene Zeit: 8 Min., 33 Sek.

-Scan-Optionen-
Speicher: Aktiviert
Start: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

-Scan-Details-
Prozess: 2
Adware.FileTour, C:\PROGRAMDATA\{EA4DE132-5DE6-5699-DDC3-8A4739838DA0}\DA07638A-6DAC-D421-ABCE-45A160C42F00.EXE, In Quarantäne, [240], [397403],1.0.1987
Adware.FileTour, C:\PROGRAMDATA\{26AA403A-9101-F791-915D-90DE7C22D4DC}\023A4473-B591-F3D8-8332-16CCB19D71B7.EXE, In Quarantäne, [240], [397403],1.0.1987

Modul: 2
Adware.FileTour, C:\PROGRAMDATA\{EA4DE132-5DE6-5699-DDC3-8A4739838DA0}\DA07638A-6DAC-D421-ABCE-45A160C42F00.EXE, In Quarantäne, [240], [397403],1.0.1987
Adware.FileTour, C:\PROGRAMDATA\{26AA403A-9101-F791-915D-90DE7C22D4DC}\023A4473-B591-F3D8-8332-16CCB19D71B7.EXE, In Quarantäne, [240], [397403],1.0.1987

Registrierungsschlüssel: 37
PUP.Optional.StartGo123, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\NetUtils2016, In Quarantäne, [669], [325509],1.0.1987
PUP.Optional.DownloadProtect, HKLM\SOFTWARE\CLASSES\CLSID\{C654F3FE-8E84-4BB7-87CF-8D9171FC3C73}, In Quarantäne, [963], [167924],1.0.1987
PUP.Optional.DownloadProtect, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{C654F3FE-8E84-4BB7-87CF-8D9171FC3C73}, In Quarantäne, [963], [167924],1.0.1987
PUP.Optional.ByteFence, HKLM\SOFTWARE\MICROSOFT\TRACING\ByteFence_RASAPI32, In Quarantäne, [616], [389038],1.0.1987
PUP.Optional.ByteFence, HKLM\SOFTWARE\MICROSOFT\TRACING\ByteFence_RASMANCS, In Quarantäne, [616], [389038],1.0.1987
PUP.Optional.DNSUnlocker.ACMB2, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{591e1035}, In Quarantäne, [28], [260250],1.0.1987
PUP.Optional.OnlineIO, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{148E3E58-4318-4862-AF6A-6CD424956DF9}, In Quarantäne, [542], [317311],1.0.1987
PUP.Optional.Goobzo, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{43DDFC13-D251-4D4E-9035-ACC3131E7444}, In Quarantäne, [342], [258228],1.0.1987
PUP.Optional.OnlineIO, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{4C3E35AD-3C14-4459-9926-B85A3D527194}, In Quarantäne, [542], [333861],1.0.1987
PUP.Optional.OnlineIO, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{900990C8-6C4E-4281-B190-311B491074BC}, In Quarantäne, [542], [317311],1.0.1987
PUP.Optional.OnlineIO, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{950C5063-7DC1-4C42-8C97-3363EE3E877D}, In Quarantäne, [542], [333861],1.0.1987
PUP.Optional.OnlineIO, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{AFB50682-1153-4462-BE31-2EFA614115D4}, In Quarantäne, [542], [333861],1.0.1987
PUP.Optional.OnlineIO, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{B0B56013-3EDC-4373-9D72-8F74AA1365EF}, In Quarantäne, [542], [333861],1.0.1987
PUP.Optional.OnlineIO, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{C3C12DFB-E158-4B37-ACE1-D74D3A301126}, In Quarantäne, [542], [333861],1.0.1987
PUP.Optional.OnlineIO, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{CFBC55E6-C36C-4DBA-8611-4FBB973714C3}, In Quarantäne, [542], [317311],1.0.1987
Adware.OnlineIO, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{D90B0874-0A56-48B3-8F67-044DB3CA157C}, In Quarantäne, [9295], [399424],1.0.1987
PUP.Optional.OnlineIO, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{D9929395-7B21-4088-AA19-339478854ECA}, In Quarantäne, [542], [333861],1.0.1987
PUP.Optional.BitCoinMiner, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\gplyra, In Quarantäne, [194], [317317],1.0.1987
PUP.Optional.Elex.ShrtCln, HKLM\SOFTWARE\MOZILLA\FIREFOX\{EB52F1AB-3C2B-424F-9794-833C687025CF}, In Quarantäne, [993], [316191],1.0.1987
PUP.Optional.Wajam.Gen, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\NLASVC\PARAMETERS\INTERNET\MANUALPROXIES, In Quarantäne, [15575], [-1],0.0.0
PUP.Optional.OnlineIO, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\Online Application v209, Löschen bei Neustart, [542], [317313],1.0.1987
PUP.Optional.OnlineIO, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\Online Application v209 Guard, Löschen bei Neustart, [542], [317313],1.0.1987
PUP.Optional.InstaTime, HKU\S-1-5-21-1585193191-2329745140-1049602013-1001\SOFTWARE\APPDATALOW\SOFTWARE\InstaTime, Löschen bei Neustart, [8427], [254624],1.0.1987
PUP.Optional.OnlineIO, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\Online Application v209 Guardian, Löschen bei Neustart, [542], [317313],1.0.1987
PUP.Optional.Goobzo, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\SMW_UpdateTask_Time_3335303535313533392d2d5b50342a4155456c5a236c, Löschen bei Neustart, [342], [186804],1.0.1987
PUP.Optional.OnlineIO, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\Traffic Exchange v2 - 1, Löschen bei Neustart, [542], [333862],1.0.1987
PUP.Optional.OnlineIO, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\Traffic Exchange v2 - 2, Löschen bei Neustart, [542], [333862],1.0.1987
PUP.Optional.OnlineIO, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\Traffic Exchange v2 - 3, Löschen bei Neustart, [542], [333862],1.0.1987
PUP.Optional.OnlineIO, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\Traffic Exchange v209 - 1, Löschen bei Neustart, [542], [333862],1.0.1987
PUP.Optional.OnlineIO, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\Traffic Exchange v209 - 2, Löschen bei Neustart, [542], [333862],1.0.1987
PUP.Optional.OnlineIO, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\Traffic Exchange v209 - 3, Löschen bei Neustart, [542], [333862],1.0.1987
Adware.OnlineIO, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\Updater_Online_Special_Application, Löschen bei Neustart, [9295], [399426],1.0.1987
PUP.Optional.OnlineIO, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{F0847AE0-465A-4D7B-A555-AABB43B550F0}, Löschen bei Neustart, [542], [398593],1.0.1987
PUP.Optional.OnlineIO, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{52F7BE5C-2C3B-4C7B-A96D-F19B9EC1992D}, Löschen bei Neustart, [542], [335317],1.0.1987
PUP.Optional.OnlineIO, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{57281722-3238-4A30-AAE7-85D93977E0FE}, Löschen bei Neustart, [542], [321304],1.0.1987
PUP.Optional.StartGo123, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\NetUtils2016, Löschen bei Neustart, [669], [318109],1.0.1987
Adware.DNSUnlocker.Generic, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\QForlLgs0EYm Updater, Löschen bei Neustart, [2381], [372679],1.0.1987

Registrierungswert: 27
Trojan.Agent.Generic, HKU\.DEFAULT\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|Lp2k0KLo3JN.exe, In Quarantäne, [453], [369948],1.0.1987
Trojan.Agent.Generic, HKU\S-1-5-18\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|Lp2k0KLo3JN.exe, In Quarantäne, [453], [369948],1.0.1987
PUP.Optional.DNSUnlocker.ACMB2, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{591e1035}|1, In Quarantäne, [28], [260250],1.0.1987
PUP.Optional.OnlineIO, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{148E3E58-4318-4862-AF6A-6CD424956DF9}|PATH, In Quarantäne, [542], [317311],1.0.1987
PUP.Optional.Goobzo, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{43DDFC13-D251-4D4E-9035-ACC3131E7444}|PATH, In Quarantäne, [342], [258228],1.0.1987
PUP.Optional.OnlineIO, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{4C3E35AD-3C14-4459-9926-B85A3D527194}|PATH, In Quarantäne, [542], [333861],1.0.1987
PUP.Optional.OnlineIO, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{900990C8-6C4E-4281-B190-311B491074BC}|PATH, In Quarantäne, [542], [317311],1.0.1987
PUP.Optional.OnlineIO, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{950C5063-7DC1-4C42-8C97-3363EE3E877D}|PATH, In Quarantäne, [542], [333861],1.0.1987
PUP.Optional.OnlineIO, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{AFB50682-1153-4462-BE31-2EFA614115D4}|PATH, In Quarantäne, [542], [333861],1.0.1987
PUP.Optional.OnlineIO, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{B0B56013-3EDC-4373-9D72-8F74AA1365EF}|PATH, In Quarantäne, [542], [333861],1.0.1987
PUP.Optional.OnlineIO, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{C3C12DFB-E158-4B37-ACE1-D74D3A301126}|PATH, In Quarantäne, [542], [333861],1.0.1987
PUP.Optional.OnlineIO, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{CFBC55E6-C36C-4DBA-8611-4FBB973714C3}|PATH, In Quarantäne, [542], [317311],1.0.1987
Adware.OnlineIO, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{D90B0874-0A56-48B3-8F67-044DB3CA157C}|PATH, In Quarantäne, [9295], [399424],1.0.1987
PUP.Optional.OnlineIO, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{D9929395-7B21-4088-AA19-339478854ECA}|PATH, In Quarantäne, [542], [333861],1.0.1987
PUP.Optional.Elex.ShrtCln, HKLM\SOFTWARE\MOZILLA\FIREFOX\{EB52F1AB-3C2B-424F-9794-833C687025CF}|HP, In Quarantäne, [993], [316191],1.0.1987
PUP.Optional.Elex.ShrtCln, HKLM\SOFTWARE\MOZILLA\FIREFOX\{EB52F1AB-3C2B-424F-9794-833C687025CF}|TAB, In Quarantäne, [993], [316191],1.0.1987
PUP.Optional.Wajam.Gen, HKU\S-1-5-18\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS|PROXYENABLE, In Quarantäne, [15575], [-1],0.0.0
PUP.Optional.Wajam.Gen, HKU\S-1-5-21-1585193191-2329745140-1049602013-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS|PROXYENABLE, In Quarantäne, [15575], [-1],0.0.0
PUP.Optional.Wajam.Gen, HKU\.DEFAULT\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS|PROXYENABLE, Entfernung fehlgeschlagen, [15575], [-1],0.0.0
PUP.Optional.YeaDesktop.ClnShrt, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\MAIN\FEATURECONTROL\FEATURE_BROWSER_EMULATION|YEADESKTOP.EXE, Löschen bei Neustart, [1339], [396226],1.0.1987
PUP.Optional.OnlineIO, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{52F7BE5C-2C3B-4C7B-A96D-F19B9EC1992D}|CONTACT, Löschen bei Neustart, [542], [333852],1.0.1987
PUP.Optional.OnlineIO, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{52F7BE5C-2C3B-4C7B-A96D-F19B9EC1992D}|URLINFOABOUT, Löschen bei Neustart, [542], [335317],1.0.1987
PUP.Optional.OnlineIO, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{57281722-3238-4A30-AAE7-85D93977E0FE}|CONTACT, Löschen bei Neustart, [542], [333852],1.0.1987
PUP.Optional.OnlineIO, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{57281722-3238-4A30-AAE7-85D93977E0FE}|URLINFOABOUT, Löschen bei Neustart, [542], [321304],1.0.1987
PUP.Optional.OnlineIO, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{F0847AE0-465A-4D7B-A555-AABB43B550F0}|CONTACT, Löschen bei Neustart, [542], [333852],1.0.1987
PUP.Optional.OnlineIO, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{F0847AE0-465A-4D7B-A555-AABB43B550F0}|URLINFOABOUT, Löschen bei Neustart, [542], [321304],1.0.1987
Adware.DNSUnlocker.Generic, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\QForlLgs0EYm Updater|IMAGEPATH, Löschen bei Neustart, [2381], [372679],1.0.1987

Registrierungsdaten: 14
PUP.Optional.DNSUnlocker.ACMB2, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP\PARAMETERS|NameServer, Ersetzt, [28], [-1],0.0.0
PUP.Optional.DNSUnlocker.ACMB2, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP\PARAMETERS|DhcpNameServer, Ersetzt, [28], [-1],0.0.0
PUP.Optional.DNSUnlocker.ACMB2, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP\PARAMETERS\Interfaces\{26b11a49-585f-4b43-a90c-9af3c3d7b25b}|NameServer, Ersetzt, [28], [-1],0.0.0
PUP.Optional.DNSUnlocker.ACMB2, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP\PARAMETERS\Interfaces\{5ecc1828-dea3-4170-b6c6-6d557ec1c429}|NameServer, Ersetzt, [28], [-1],0.0.0
PUP.Optional.DNSUnlocker.ACMB2, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP\PARAMETERS\Interfaces\{5ecc1828-dea3-4170-b6c6-6d557ec1c429}|DhcpNameServer, Ersetzt, [28], [-1],0.0.0
PUP.Optional.DNSUnlocker.ACMB2, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP\PARAMETERS\Interfaces\{6f16093c-bffb-4a7b-b894-777c10793d1c}|NameServer, Ersetzt, [28], [-1],0.0.0
PUP.Optional.DNSUnlocker.ACMB2, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP\PARAMETERS\Interfaces\{6f16093c-bffb-4a7b-b894-777c10793d1c}|DhcpNameServer, Ersetzt, [28], [-1],0.0.0
PUP.Optional.DNSUnlocker.ACMB2, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP\PARAMETERS\Interfaces\{996ea0b8-ca4a-4c25-9b44-fbad264c8641}|NameServer, Ersetzt, [28], [-1],0.0.0
PUP.Optional.DNSUnlocker.ACMB2, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP\PARAMETERS\Interfaces\{996ea0b8-ca4a-4c25-9b44-fbad264c8641}|DhcpNameServer, Ersetzt, [28], [-1],0.0.0
PUP.Optional.DNSUnlocker.ACMB2, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP\PARAMETERS\Interfaces\{ca4d7660-cb2f-4c16-a493-e99d991ed543}|NameServer, Ersetzt, [28], [-1],0.0.0
PUP.Optional.DNSUnlocker.ACMB2, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP\PARAMETERS\Interfaces\{ca4d7660-cb2f-4c16-a493-e99d991ed543}|DhcpNameServer, Ersetzt, [28], [-1],0.0.0
PUP.Optional.DNSUnlocker.ACMB2, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP\PARAMETERS\Interfaces\{efcfe49d-c6bb-4343-b2ec-b087ec086e71}|NameServer, Ersetzt, [28], [-1],0.0.0
PUP.Optional.DNSUnlocker.ACMB2, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP\PARAMETERS\Interfaces\{efcfe49d-c6bb-4343-b2ec-b087ec086e71}|DhcpNameServer, Ersetzt, [28], [-1],0.0.0
Trojan.DNSChanger.ACMB2, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP\PARAMETERS|NAMESERVER, Ersetzt, [6327], [293494],1.0.1987

Daten-Stream: 0
(keine bösartigen Elemente erkannt)

Ordner: 162
PUP.Optional.BitCoinMiner, C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\gplyra, In Quarantäne, [194], [360749],1.0.1987
PUP.Optional.HohoSearch, C:\PROGRAM FILES (X86)\Razoghchak, In Quarantäne, [79], [182513],1.0.1987
PUP.Optional.OnlineIO, C:\WINDOWS\INSTALLER\{5266F634-7B7D-4537-BDDC-98DD6CFCBAA1}, Löschen bei Neustart, [542], [391425],1.0.1987
PUP.Optional.OnlineIO, C:\WINDOWS\INSTALLER\{F0847AE0-465A-4D7B-A555-AABB43B550F0}, Löschen bei Neustart, [542], [398586],1.0.1987
PUP.Optional.InterStat, C:\Users\Pitti\AppData\Local\CrashRpt\UnsentCrashReports\Interstatnogui_389\Logs, Löschen bei Neustart, [1391], [373566],1.0.1987
PUP.Optional.InterStat, C:\USERS\PITTI\APPDATA\LOCAL\CRASHRPT\UNSENTCRASHREPORTS\Interstatnogui_389, Löschen bei Neustart, [1391], [373566],1.0.1987
PUP.Optional.InterStat, C:\Windows\SysWOW64\config\systemprofile\AppData\Local\CrashRpt\UnsentCrashReports\Interstatnogui_389\Logs, Löschen bei Neustart, [1391], [373566],1.0.1987
PUP.Optional.InterStat, C:\WINDOWS\SYSWOW64\CONFIG\SYSTEMPROFILE\APPDATA\LOCAL\CRASHRPT\UNSENTCRASHREPORTS\Interstatnogui_389, Löschen bei Neustart, [1391], [373566],1.0.1987
PUP.Optional.ConvertAd, C:\PROGRAM FILES (X86)\27603F28-1462113873-824E-9253-5F3CB24D9BA8, Löschen bei Neustart, [365], [262107],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\tar\node_modules\fstream\node_modules\rimraf\node_modules\glob\node_modules\minimatch\node_modules\brace-expansion\node_modules\concat-map\example, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\tar\node_modules\fstream\node_modules\rimraf\node_modules\glob\node_modules\minimatch\node_modules\brace-expansion\node_modules\concat-map\test, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\tar\node_modules\fstream\node_modules\rimraf\node_modules\glob\node_modules\minimatch\node_modules\brace-expansion\node_modules\balanced-match, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\tar\node_modules\fstream\node_modules\rimraf\node_modules\glob\node_modules\minimatch\node_modules\brace-expansion\node_modules\concat-map, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\tar\node_modules\fstream\node_modules\rimraf\node_modules\glob\node_modules\minimatch\node_modules\brace-expansion\node_modules, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\tar\node_modules\fstream\node_modules\rimraf\node_modules\glob\node_modules\minimatch\node_modules\brace-expansion, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\tar\node_modules\fstream\node_modules\rimraf\node_modules\glob\node_modules\inflight\node_modules\wrappy, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\tar\node_modules\fstream\node_modules\rimraf\node_modules\glob\node_modules\once\node_modules\wrappy, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\tar\node_modules\fstream\node_modules\rimraf\node_modules\glob\node_modules\minimatch\node_modules, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\tar\node_modules\fstream\node_modules\rimraf\node_modules\glob\node_modules\inflight\node_modules, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\tar\node_modules\fstream\node_modules\rimraf\node_modules\glob\node_modules\once\node_modules, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\tar\node_modules\fstream\node_modules\rimraf\node_modules\glob\node_modules\path-is-absolute, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\tar\node_modules\fstream\node_modules\rimraf\node_modules\glob\node_modules\fs.realpath, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\tar\node_modules\fstream\node_modules\rimraf\node_modules\glob\node_modules\minimatch, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\tar\node_modules\fstream\node_modules\rimraf\node_modules\glob\node_modules\inflight, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\bl\node_modules\readable-stream\node_modules\core-util-is\lib, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\combined-stream\node_modules\delayed-stream\test\integration, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\bl\node_modules\readable-stream\node_modules\string_decoder, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\tar\node_modules\fstream\node_modules\rimraf\node_modules\glob\node_modules\once, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\bl\node_modules\readable-stream\node_modules\isarray\build, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\bl\node_modules\readable-stream\node_modules\core-util-is, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\form-data\node_modules\mime-types\node_modules\mime-db, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\tar\node_modules\fstream\node_modules\rimraf\node_modules\glob\node_modules, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\bl\node_modules\readable-stream\node_modules\inherits, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\tar\node_modules\fstream\node_modules\mkdirp\node_modules\minimist\example, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\bl\node_modules\readable-stream\node_modules\isarray, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\tar\node_modules\fstream\node_modules\mkdirp\node_modules\minimist\test, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\combined-stream\node_modules\delayed-stream\test, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\combined-stream\node_modules\delayed-stream\lib, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\http-signature\node_modules\ctype\man\man3ctype, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\form-data\node_modules\mime-types\node_modules, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\tar\node_modules\fstream\node_modules\mkdirp\node_modules\minimist, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\bl\node_modules\readable-stream\node_modules, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\combined-stream\node_modules\delayed-stream, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\tar\node_modules\fstream\node_modules\rimraf\node_modules\glob, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\http-signature\node_modules\asn1\tst\ber, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\http-signature\node_modules\asn1\lib\ber, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\http-signature\node_modules\assert-plus, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\http-signature\node_modules\ctype\tools, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\http-signature\node_modules\ctype\man, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\form-data\node_modules\async\support, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\tar\node_modules\fstream\node_modules\rimraf\node_modules, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\http-signature\node_modules\asn1\lib, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\http-signature\node_modules\asn1\tst, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\tar\node_modules\fstream\node_modules\mkdirp\node_modules, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\bl\node_modules\readable-stream\lib, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\hawk\node_modules\hoek\test\modules, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\tough-cookie\node_modules\punycode, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\form-data\node_modules\mime-types, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\http-signature\node_modules\ctype, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\form-data\node_modules\async\lib, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\hawk\node_modules\cryptiles\test, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\http-signature\node_modules\asn1, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\tar\node_modules\fstream\node_modules\mkdirp\examples, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\bl\node_modules\readable-stream, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\universal-analytics\node_modules\node-uuid\benchmark, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\hawk\node_modules\cryptiles\lib, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\hawk\node_modules\sntp\examples, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\hawk\node_modules\hoek\images, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\hawk\node_modules\boom\images, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\tar\node_modules\fstream\node_modules\graceful-fs, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\combined-stream\node_modules, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\tar\node_modules\fstream\node_modules\mkdirp\test, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\form-data\node_modules\async, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\hawk\node_modules\hoek\test, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\http-signature\node_modules, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\hawk\node_modules\boom\test, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\tar\node_modules\fstream\node_modules\mkdirp\bin, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\hawk\node_modules\sntp\test, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\hawk\node_modules\cryptiles, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\hawk\node_modules\boom\lib, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\hawk\node_modules\sntp\lib, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\hawk\node_modules\hoek\lib, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\universal-analytics\node_modules\node-uuid\test, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\tough-cookie\node_modules, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\universal-analytics\node_modules\node-uuid\lib, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\json-stringify-safe\test, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\tar\node_modules\fstream\node_modules\mkdirp, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\tar\node_modules\fstream\node_modules\rimraf, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\hawk\node_modules\sntp, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\hawk\node_modules\boom, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\form-data\node_modules, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\hawk\node_modules\hoek, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\universal-analytics\node_modules\underscore, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\universal-analytics\node_modules\async\lib, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\universal-analytics\node_modules\node-uuid, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\json-stringify-safe, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\node-uuid\benchmark, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\combined-stream\lib, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\http-signature\lib, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\hawk\node_modules, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\universal-analytics\node_modules\async, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\tough-cookie\lib, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\tar\node_modules\fstream\node_modules, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\bl\node_modules, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\combined-stream, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\mime-types\lib, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\http-signature, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\node-uuid\test, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\node-uuid\lib, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\form-data\lib, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\forever-agent, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\tunnel-agent, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\tar\node_modules\fstream\examples, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\hawk\example, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\stringstream, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\tough-cookie, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\hawk\images, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\universal-analytics\node_modules, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\oauth-sign, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\mime-types, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\hawk\test, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\node-uuid, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\aws-sign2, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\form-data, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\hawk\lib, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\caseless, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\tar\node_modules\block-stream, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\bl\test, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\tar\node_modules\fstream\lib, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\qs\test, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\qs\lib, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\tar\node_modules\inherits, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\hawk, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\tar\node_modules\fstream, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\universal-analytics\test, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\universal-analytics\lib, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\bl, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\qs, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\universal-analytics, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\examples, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\tar\node_modules, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\tar\examples, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\lib, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\tar\test, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\tar\lib, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\tar, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\storage, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\images, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\WINDOWS\TEMP\NW5028_4036, Löschen bei Neustart, [2850], [371306],1.0.1987
Adware.Agent.Generic, C:\PROGRAMDATA\{26AA403A-9101-F791-915D-90DE7C22D4DC}, In Quarantäne, [1402], [331038],1.0.1987
Adware.Agent.Generic, C:\PROGRAMDATA\{EA4DE132-5DE6-5699-DDC3-8A4739838DA0}, In Quarantäne, [1402], [331038],1.0.1987
PUP.Optional.Wajam.Gen, C:\Program Files\1cc64dd1cb19ce97578e172dc264b81a\b3f0c7927356814b985017264e62de9c, Löschen bei Neustart, [15575], [259462],1.0.1987
PUP.Optional.Wajam.Gen, C:\PROGRAM FILES\1cc64dd1cb19ce97578e172dc264b81a, In Quarantäne, [15575], [259462],1.0.1987
PUP.Optional.Wajam.Gen, C:\Program Files\5a84f5cced833c1322f7463f37107ed6\b3f0c7927356814b985017264e62de9c, Löschen bei Neustart, [15575], [259462],1.0.1987
PUP.Optional.Wajam.Gen, C:\PROGRAM FILES\5a84f5cced833c1322f7463f37107ed6, Löschen bei Neustart, [15575], [259462],1.0.1987
PUP.Optional.Amonetize, C:\WINDOWS\TEMP\00028308, Löschen bei Neustart, [6], [340209],1.0.1987
Adware.OtherSearch.TSKRST, C:\Program Files (x86)\FeOLMDtF4M\nss, Löschen bei Neustart, [2795], [371199],1.0.1987
Adware.OtherSearch.TSKRST, C:\Program Files (x86)\FeOLMDtF4M\SSL, Löschen bei Neustart, [2795], [371199],1.0.1987
Adware.OtherSearch.TSKRST, C:\PROGRAM FILES (X86)\FeOLMDtF4M, Löschen bei Neustart, [2795], [371199],1.0.1987

Datei: 563
Adware.FileTour, C:\PROGRAMDATA\{EA4DE132-5DE6-5699-DDC3-8A4739838DA0}\DA07638A-6DAC-D421-ABCE-45A160C42F00.EXE, In Quarantäne, [240], [397403],1.0.1987
Adware.FileTour, C:\PROGRAMDATA\{26AA403A-9101-F791-915D-90DE7C22D4DC}\023A4473-B591-F3D8-8332-16CCB19D71B7.EXE, In Quarantäne, [240], [397403],1.0.1987
PUP.Optional.StartGo123, C:\WINDOWS\SYSTEM32\DRIVERS\NETUTILS2016.SYS, In Quarantäne, [669], [325509],1.0.1987
Trojan.Agent.Generic, C:\PROGRAMDATA\0CBA1143376C450FBB3A89392DF868D0\LP2K0KLO3JN.EXE, In Quarantäne, [453], [369948],1.0.1987
PUP.Optional.InstallChecker, C:\PROGRAMDATA\INSTALLCHECKER\INSTALLCHECKER.EXE, In Quarantäne, [1215], [329962],1.0.1987
PUP.Optional.BitCoinMiner, C:\Windows\System32\config\systemprofile\AppData\Roaming\gplyra\config.json, In Quarantäne, [194], [360749],1.0.1987
PUP.Optional.BitCoinMiner, C:\Windows\System32\config\systemprofile\AppData\Roaming\gplyra\gplyra-uninst.exe, In Quarantäne, [194], [360749],1.0.1987
PUP.Optional.BitCoinMiner, C:\Windows\System32\config\systemprofile\AppData\Roaming\gplyra\gplyra.exe, In Quarantäne, [194], [360749],1.0.1987
PUP.Optional.OnlineIO, C:\Windows\Installer\{5266F634-7B7D-4537-BDDC-98DD6CFCBAA1}\online.exe, Löschen bei Neustart, [542], [391425],1.0.1987
PUP.Optional.OnlineIO, C:\Windows\Installer\{5266F634-7B7D-4537-BDDC-98DD6CFCBAA1}\SystemFoldermsiexec.exe, Löschen bei Neustart, [542], [391425],1.0.1987
PUP.Optional.OnlineIO, C:\Windows\Installer\{F0847AE0-465A-4D7B-A555-AABB43B550F0}\online.exe, Löschen bei Neustart, [542], [398586],1.0.1987
PUP.Optional.OnlineIO, C:\Windows\Installer\{F0847AE0-465A-4D7B-A555-AABB43B550F0}\SystemFoldermsiexec.exe, Löschen bei Neustart, [542], [398586],1.0.1987
PUP.Optional.InterStat, C:\Users\Pitti\AppData\Local\CrashRpt\UnsentCrashReports\Interstatnogui_389\Logs\CrashRpt-Log-20170512-154920-{44a5ae5b-74c1-4fc6-a2e9-f97a2b2f9ed7}.txt, Löschen bei Neustart, [1391], [373566],1.0.1987
Adware.Eszjuxuan, C:\USERS\PITTI\APPDATA\ROAMING\SERVERTEST\80887.EXE, Löschen bei Neustart, [41], [397967],1.0.1987
Adware.Eszjuxuan, C:\WINDOWS\SYSWOW64\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\SERVERTEST\80887.EXE, Löschen bei Neustart, [41], [397967],1.0.1987
PUP.Optional.ConvertAd, C:\PROGRAM FILES (X86)\27603F28-1462113873-824E-9253-5F3CB24D9BA8\UNINSTALL.EXE, Löschen bei Neustart, [365], [262107],1.0.1987
PUP.Optional.ConvertAd, C:\Program Files (x86)\27603F28-1462113873-824E-9253-5F3CB24D9BA8\knsp99AF.tmpfs, Löschen bei Neustart, [365], [262107],1.0.1987
PUP.Optional.ConvertAd, C:\Program Files (x86)\27603F28-1462113873-824E-9253-5F3CB24D9BA8\vnss7CDB.tmp, Löschen bei Neustart, [365], [262107],1.0.1987
Adware.Komodia, C:\PROGRAM FILES (X86)\FEOLMDTF4M\UPDENGINE.EXE, Löschen bei Neustart, [2663], [383627],1.0.1987
Adware.OtherSearch, C:\PROGRAM FILES (X86)\FEOLMDTF4M\UNINSTALL.EXE, Löschen bei Neustart, [2142], [384381],1.0.1987
Spyware.KeyLogger, C:\PROGRAM FILES (X86)\FEOLMDTF4M\KL.DLL, Löschen bei Neustart, [133], [378200],1.0.1987
Adware.ChinAd, C:\WINDOWS\SYSTEM32\NETUTILS2016.DLL, Löschen bei Neustart, [1126], [388081],1.0.1987
PUP.Optional.Amonetize, C:\USERS\PITTI\APPDATA\LOCAL\TEMP\AMIPIXEL.CFG, Löschen bei Neustart, [6], [302488],1.0.1987
Adware.NetAdapter, C:\USERS\PITTI\APPDATA\LOCAL\TEMP\03139916F7BF4AEA900B3190D112B1A8\NETADAPTERUPDATE_SETUP.EXE, Löschen bei Neustart, [9235], [398038],1.0.1987
PUP.Optional.SpeedingUpMyPC, C:\USERS\PITTI\APPDATA\LOCAL\TEMP\W3RLSPAZ-PROG.EXE, Löschen bei Neustart, [891], [389100],1.0.1987
Adware.Komodia, C:\USERS\PITTI\APPDATA\LOCAL\TEMP\29867F326836451994DBC86B629536BF\SETUPOS_4435.EXE, Löschen bei Neustart, [2663], [399798],1.0.1987
PUP.Optional.Amonetize, C:\USERS\PITTI\APPDATA\LOCAL\TEMP\607FC49CFAA04D21A08D5343DA2DB856\SETUP__20877.EXE, Löschen bei Neustart, [6], [397546],1.0.1987
PUP.Optional.SystemHealer, C:\USERS\PITTI\APPDATA\LOCAL\TEMP\7124AD21F5ED42D99C8F912038201D63\SYSTEMHEALER.EXE, Löschen bei Neustart, [964], [363442],1.0.1987
PUP.Optional.SpeedingUpMyPC, C:\USERS\PITTI\APPDATA\LOCAL\TEMP\85C9D8D8CA3E4B23A0E4D7B41E7DCCE3\INTER_SILENT.EXE, Löschen bei Neustart, [891], [389100],1.0.1987
Adware.NetAdapter, C:\USERS\PITTI\APPDATA\LOCAL\TEMP\B6FF831D8C2942C98DFEB4D9CD991825\NETADAPTERUPDATE_SETUP.EXE, Löschen bei Neustart, [9235], [398038],1.0.1987
PUP.Optional.Amonetize, C:\USERS\PITTI\APPDATA\LOCAL\TEMP\D3F0DA47B841453C83FED90EB9219752\SETUP__20877.EXE, Löschen bei Neustart, [6], [397546],1.0.1987
Adware.Amonetize, C:\USERS\PITTI\APPDATA\LOCAL\TEMP\{B76C90611CE9474FAFC436FDAD4BB76A}\2HB6IYK0P6\UNINSTALL.EXE, Löschen bei Neustart, [1074], [378669],1.0.1987
Adware.Amonetize, C:\USERS\PITTI\APPDATA\LOCAL\TEMP\{44173BAB27394558845FA849540D9617}\3+RTZOCVNT\UNINSTALL.EXE, Löschen bei Neustart, [1074], [378669],1.0.1987
PUP.Optional.SpeedingUpMyPC, C:\WINDOWS\TEMP\KPUXYMQM-PROG.EXE, Löschen bei Neustart, [891], [389100],1.0.1987
Adware.Agent, C:\WINDOWS\TEMP\00028308\MSIQL.EXE, Löschen bei Neustart, [246], [15006],1.0.1987
Adware.OptimizerEliteMax, C:\WINDOWS\TEMP\0917F9D0EBF941A390FCC27418493BC3\ONESYSTEMCARE.EXE, Löschen bei Neustart, [429], [311034],1.0.1987
PUP.Optional.OnlineIO, C:\WINDOWS\TEMP\297ADB65036E9306052EEAB78033FB74\TRAFFIC EXCHANGE UPDATER.EXE, Löschen bei Neustart, [542], [360154],1.0.1987
Adware.Eszjuxuan, C:\WINDOWS\TEMP\00028308\KPZIP.EXE, Löschen bei Neustart, [41], [380623],1.0.1987
Adware.Yeabests, C:\WINDOWS\TEMP\00028308\HP.EXE, Löschen bei Neustart, [1414], [383581],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\WINDOWS\TEMP\NW5028_4036\PACKAGE.JSON, Löschen bei Neustart, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\images\close.png, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\images\expand.png, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\images\icon16.png, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\images\icon20.png, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\images\icon24.png, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\images\icon256.png, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\images\icon36.png, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\images\icon48.png, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\images\icon64.png, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\images\icontray.png, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\images\loader.gif, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\images\minimize.png, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\images\search.png, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\images\unexpand.png, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\examples\README.md, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\lib\cookies.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\lib\copy.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\lib\debug.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\lib\helpers.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\aws-sign2\index.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\aws-sign2\package.json, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\aws-sign2\README.md, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\bl\node_modules\readable-stream\lib\_stream_duplex.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\bl\node_modules\readable-stream\lib\_stream_passthrough.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\bl\node_modules\readable-stream\lib\_stream_readable.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\bl\node_modules\readable-stream\lib\_stream_transform.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\bl\node_modules\readable-stream\lib\_stream_writable.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\bl\node_modules\readable-stream\node_modules\core-util-is\lib\util.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\bl\node_modules\readable-stream\node_modules\core-util-is\float.patch, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\bl\node_modules\readable-stream\node_modules\core-util-is\package.json, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\bl\node_modules\readable-stream\node_modules\core-util-is\README.md, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\bl\node_modules\readable-stream\node_modules\core-util-is\test.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\bl\node_modules\readable-stream\node_modules\inherits\inherits.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\bl\node_modules\readable-stream\node_modules\inherits\inherits_browser.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\bl\node_modules\readable-stream\node_modules\inherits\package.json, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\bl\node_modules\readable-stream\node_modules\inherits\README.md, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\bl\node_modules\readable-stream\node_modules\isarray\build\build.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\bl\node_modules\readable-stream\node_modules\isarray\component.json, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\bl\node_modules\readable-stream\node_modules\isarray\index.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\bl\node_modules\readable-stream\node_modules\isarray\package.json, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\bl\node_modules\readable-stream\node_modules\isarray\README.md, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\bl\node_modules\readable-stream\node_modules\string_decoder\index.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\bl\node_modules\readable-stream\node_modules\string_decoder\package.json, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\bl\node_modules\readable-stream\node_modules\string_decoder\README.md, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\bl\node_modules\readable-stream\duplex.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\bl\node_modules\readable-stream\package.json, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\bl\node_modules\readable-stream\passthrough.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\bl\node_modules\readable-stream\readable.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\bl\node_modules\readable-stream\README.md, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\bl\node_modules\readable-stream\transform.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\bl\node_modules\readable-stream\writable.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\bl\test\basic-test.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\bl\test\sauce.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\bl\test\test.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\bl\bl.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\bl\LICENSE.md, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\bl\package.json, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\bl\README.md, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\caseless\index.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\caseless\package.json, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\caseless\README.md, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\caseless\test.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\combined-stream\lib\combined_stream.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\combined-stream\node_modules\delayed-stream\lib\delayed_stream.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\combined-stream\node_modules\delayed-stream\test\integration\test-delayed-http-upload.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\combined-stream\node_modules\delayed-stream\test\integration\test-delayed-stream-auto-pause.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\combined-stream\node_modules\delayed-stream\test\integration\test-delayed-stream-pause.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\combined-stream\node_modules\delayed-stream\test\integration\test-delayed-stream.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\combined-stream\node_modules\delayed-stream\test\integration\test-handle-source-errors.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\combined-stream\node_modules\delayed-stream\test\integration\test-max-data-size.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\combined-stream\node_modules\delayed-stream\test\integration\test-pipe-resumes.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\combined-stream\node_modules\delayed-stream\test\integration\test-proxy-readable.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\combined-stream\node_modules\delayed-stream\test\common.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\combined-stream\node_modules\delayed-stream\test\run.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\combined-stream\node_modules\delayed-stream\package.json, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\combined-stream\node_modules\delayed-stream\Readme.md, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\combined-stream\package.json, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\combined-stream\Readme.md, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\forever-agent\index.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\forever-agent\package.json, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\forever-agent\README.md, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\form-data\lib\form_data.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\form-data\node_modules\async\lib\async.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\form-data\node_modules\async\support\sync-package-managers.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\form-data\node_modules\async\bower.json, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\form-data\node_modules\async\component.json, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\form-data\node_modules\async\package.json, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\form-data\node_modules\async\README.md, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\form-data\node_modules\mime-types\node_modules\mime-db\db.json, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\form-data\node_modules\mime-types\node_modules\mime-db\HISTORY.md, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\form-data\node_modules\mime-types\node_modules\mime-db\index.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\form-data\node_modules\mime-types\node_modules\mime-db\package.json, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\form-data\node_modules\mime-types\node_modules\mime-db\README.md, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\form-data\node_modules\mime-types\HISTORY.md, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\form-data\node_modules\mime-types\index.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\form-data\node_modules\mime-types\package.json, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\form-data\node_modules\mime-types\README.md, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\form-data\package.json, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\form-data\Readme.md, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\hawk\example\usage.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\hawk\images\hawk.png, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\hawk\images\logo.png, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\hawk\lib\browser.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\hawk\lib\client.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\hawk\lib\crypto.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\hawk\lib\index.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\hawk\lib\server.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\hawk\lib\utils.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\hawk\node_modules\boom\images\boom.png, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\hawk\node_modules\boom\lib\index.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\hawk\node_modules\boom\test\index.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\hawk\node_modules\boom\index.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\hawk\node_modules\boom\package.json, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\hawk\node_modules\boom\README.md, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\hawk\node_modules\cryptiles\lib\index.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\hawk\node_modules\cryptiles\test\index.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\hawk\node_modules\cryptiles\index.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\hawk\node_modules\cryptiles\package.json, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\hawk\node_modules\cryptiles\README.md, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\hawk\node_modules\hoek\images\hoek.png, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\hawk\node_modules\hoek\lib\escape.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\hawk\node_modules\hoek\lib\index.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\hawk\node_modules\hoek\test\modules\test1.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\hawk\node_modules\hoek\test\modules\test2.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\hawk\node_modules\hoek\test\modules\test3.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\hawk\node_modules\hoek\test\escaper.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\hawk\node_modules\hoek\test\index.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\hawk\node_modules\hoek\index.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\hawk\node_modules\hoek\package.json, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\hawk\node_modules\hoek\README.md, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\hawk\node_modules\sntp\examples\offset.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\hawk\node_modules\sntp\examples\time.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\hawk\node_modules\sntp\lib\index.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\hawk\node_modules\sntp\test\index.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\hawk\node_modules\sntp\index.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\hawk\node_modules\sntp\package.json, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\hawk\node_modules\sntp\README.md, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\hawk\test\browser.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\hawk\test\client.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\hawk\test\crypto.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\hawk\test\index.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\hawk\test\message.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\hawk\test\readme.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\hawk\test\server.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\hawk\test\uri.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\hawk\test\utils.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\hawk\index.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\hawk\package.json, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\hawk\README.md, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\http-signature\lib\index.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\http-signature\lib\parser.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\http-signature\lib\signer.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\http-signature\lib\util.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\http-signature\lib\verify.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\http-signature\node_modules\asn1\lib\ber\errors.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\http-signature\node_modules\asn1\lib\ber\index.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\http-signature\node_modules\asn1\lib\ber\reader.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\http-signature\node_modules\asn1\lib\ber\types.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\http-signature\node_modules\asn1\lib\ber\writer.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\http-signature\node_modules\asn1\lib\index.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\http-signature\node_modules\asn1\tst\ber\reader.test.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\http-signature\node_modules\asn1\tst\ber\writer.test.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\http-signature\node_modules\asn1\package.json, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\http-signature\node_modules\asn1\README.md, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\http-signature\node_modules\assert-plus\assert.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\http-signature\node_modules\assert-plus\package.json, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\http-signature\node_modules\assert-plus\README.md, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\http-signature\node_modules\ctype\man\man3ctype\ctio.3ctype, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\http-signature\node_modules\ctype\tools\jsl.conf, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\http-signature\node_modules\ctype\ctf.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\http-signature\node_modules\ctype\ctio.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\http-signature\node_modules\ctype\ctype.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\http-signature\node_modules\ctype\package.json, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\http-signature\node_modules\ctype\README.old, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\http-signature\http_signing.md, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\http-signature\package.json, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\http-signature\README.md, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\json-stringify-safe\test\mocha.opts, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\json-stringify-safe\test\stringify_test.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\json-stringify-safe\CHANGELOG.md, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\json-stringify-safe\package.json, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\json-stringify-safe\README.md, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\json-stringify-safe\stringify.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\mime-types\lib\custom.json, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\mime-types\lib\index.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\mime-types\lib\mime.json, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\mime-types\lib\node.json, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\mime-types\component.json, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\mime-types\package.json, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\mime-types\README.md, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\mime-types\SOURCES.md, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\node-uuid\benchmark\bench.gnu, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\node-uuid\benchmark\bench.sh, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\node-uuid\benchmark\benchmark-native.c, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\node-uuid\benchmark\benchmark.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\node-uuid\benchmark\README.md, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\node-uuid\lib\sha1-browser.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\node-uuid\test\compare_v1.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\node-uuid\test\test.html, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\node-uuid\test\test.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\node-uuid\bower.json, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\node-uuid\component.json, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\node-uuid\LICENSE.md, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\node-uuid\package.json, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\node-uuid\README.md, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\node-uuid\uuid.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\node-uuid\v3.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\oauth-sign\index.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\oauth-sign\package.json, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\oauth-sign\README.md, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\oauth-sign\test.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\qs\lib\index.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\qs\lib\parse.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\qs\lib\stringify.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\qs\lib\utils.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\qs\test\parse.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\qs\test\stringify.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\qs\CHANGELOG.md, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\qs\CONTRIBUTING.md, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\qs\index.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\qs\package.json, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\qs\README.md, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\stringstream\example.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\stringstream\LICENSE.txt, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\stringstream\package.json, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\stringstream\README.md, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\stringstream\stringstream.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\tough-cookie\lib\cookie.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\tough-cookie\lib\memstore.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\tough-cookie\lib\pathMatch.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\tough-cookie\lib\permuteDomain.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\tough-cookie\lib\pubsuffix.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\tough-cookie\lib\store.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\tough-cookie\node_modules\punycode\LICENSE-MIT.txt, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\tough-cookie\node_modules\punycode\package.json, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\tough-cookie\node_modules\punycode\punycode.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\tough-cookie\node_modules\punycode\README.md, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\tough-cookie\package.json, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\tough-cookie\README.md, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\tunnel-agent\index.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\tunnel-agent\package.json, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\tunnel-agent\README.md, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\CHANGELOG.md, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\CONTRIBUTING.md, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\disabled.appveyor.yml, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\index.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\package.json, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\README.md, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\release.sh, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\request.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\tar\examples\extracter.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\tar\examples\packer.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\tar\examples\reader.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\tar\lib\buffer-entry.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\tar\lib\entry-writer.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\tar\lib\entry.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\tar\lib\extended-header-writer.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\tar\lib\extended-header.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\tar\lib\extract.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\tar\lib\global-header-writer.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\tar\lib\header.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\tar\lib\pack.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\tar\lib\parse.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\tar\node_modules\block-stream\block-stream.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\tar\node_modules\block-stream\package.json, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\tar\node_modules\block-stream\README.md, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\tar\node_modules\fstream\examples\filter-pipe.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\tar\node_modules\fstream\examples\pipe.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\tar\node_modules\fstream\examples\reader.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\tar\node_modules\fstream\examples\symlink-write.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\tar\node_modules\fstream\lib\abstract.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\tar\node_modules\fstream\lib\collect.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\tar\node_modules\fstream\lib\dir-reader.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\tar\node_modules\fstream\lib\dir-writer.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\tar\node_modules\fstream\lib\file-reader.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\tar\node_modules\fstream\lib\file-writer.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\tar\node_modules\fstream\lib\get-type.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\tar\node_modules\fstream\lib\link-reader.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\tar\node_modules\fstream\lib\link-writer.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\tar\node_modules\fstream\lib\proxy-reader.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\tar\node_modules\fstream\lib\proxy-writer.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\tar\node_modules\fstream\lib\reader.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\tar\node_modules\fstream\lib\socket-reader.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\tar\node_modules\fstream\lib\writer.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\tar\node_modules\fstream\node_modules\graceful-fs\fs.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\tar\node_modules\fstream\node_modules\graceful-fs\graceful-fs.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\tar\node_modules\fstream\node_modules\graceful-fs\legacy-streams.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\tar\node_modules\fstream\node_modules\graceful-fs\package.json, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\tar\node_modules\fstream\node_modules\graceful-fs\polyfills.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\tar\node_modules\fstream\node_modules\graceful-fs\README.md, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\tar\node_modules\fstream\node_modules\mkdirp\bin\cmd.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\tar\node_modules\fstream\node_modules\mkdirp\bin\usage.txt, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\tar\node_modules\fstream\node_modules\mkdirp\examples\pow.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\tar\node_modules\fstream\node_modules\mkdirp\node_modules\minimist\example\parse.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\tar\node_modules\fstream\node_modules\mkdirp\node_modules\minimist\test\dash.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\tar\node_modules\fstream\node_modules\mkdirp\node_modules\minimist\test\default_bool.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\tar\node_modules\fstream\node_modules\mkdirp\node_modules\minimist\test\dotted.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\tar\node_modules\fstream\node_modules\mkdirp\node_modules\minimist\test\long.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\tar\node_modules\fstream\node_modules\mkdirp\node_modules\minimist\test\parse.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\tar\node_modules\fstream\node_modules\mkdirp\node_modules\minimist\test\parse_modified.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\tar\node_modules\fstream\node_modules\mkdirp\node_modules\minimist\test\short.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\tar\node_modules\fstream\node_modules\mkdirp\node_modules\minimist\test\whitespace.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\tar\node_modules\fstream\node_modules\mkdirp\node_modules\minimist\index.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\tar\node_modules\fstream\node_modules\mkdirp\node_modules\minimist\package.json, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\tar\node_modules\fstream\node_modules\mkdirp\node_modules\minimist\readme.markdown, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\tar\node_modules\fstream\node_modules\mkdirp\test\chmod.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\tar\node_modules\fstream\node_modules\mkdirp\test\clobber.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\tar\node_modules\fstream\node_modules\mkdirp\test\mkdirp.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\tar\node_modules\fstream\node_modules\mkdirp\test\opts_fs.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\tar\node_modules\fstream\node_modules\mkdirp\test\opts_fs_sync.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\tar\node_modules\fstream\node_modules\mkdirp\test\perm.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\tar\node_modules\fstream\node_modules\mkdirp\test\perm_sync.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\tar\node_modules\fstream\node_modules\mkdirp\test\race.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\tar\node_modules\fstream\node_modules\mkdirp\test\rel.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\tar\node_modules\fstream\node_modules\mkdirp\test\return.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\tar\node_modules\fstream\node_modules\mkdirp\test\return_sync.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\tar\node_modules\fstream\node_modules\mkdirp\test\root.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\tar\node_modules\fstream\node_modules\mkdirp\test\sync.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\tar\node_modules\fstream\node_modules\mkdirp\test\umask.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\tar\node_modules\fstream\node_modules\mkdirp\test\umask_sync.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\tar\node_modules\fstream\node_modules\mkdirp\index.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\tar\node_modules\fstream\node_modules\mkdirp\package.json, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\tar\node_modules\fstream\node_modules\mkdirp\readme.markdown, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\tar\node_modules\fstream\node_modules\rimraf\node_modules\glob\node_modules\fs.realpath\index.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\tar\node_modules\fstream\node_modules\rimraf\node_modules\glob\node_modules\fs.realpath\old.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\tar\node_modules\fstream\node_modules\rimraf\node_modules\glob\node_modules\fs.realpath\package.json, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\tar\node_modules\fstream\node_modules\rimraf\node_modules\glob\node_modules\fs.realpath\README.md, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\tar\node_modules\fstream\node_modules\rimraf\node_modules\glob\node_modules\inflight\node_modules\wrappy\package.json, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\tar\node_modules\fstream\node_modules\rimraf\node_modules\glob\node_modules\inflight\node_modules\wrappy\README.md, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\tar\node_modules\fstream\node_modules\rimraf\node_modules\glob\node_modules\inflight\node_modules\wrappy\wrappy.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\tar\node_modules\fstream\node_modules\rimraf\node_modules\glob\node_modules\inflight\inflight.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\tar\node_modules\fstream\node_modules\rimraf\node_modules\glob\node_modules\inflight\package.json, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\tar\node_modules\fstream\node_modules\rimraf\node_modules\glob\node_modules\inflight\README.md, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\tar\node_modules\fstream\node_modules\rimraf\node_modules\glob\node_modules\minimatch\node_modules\brace-expansion\node_modules\balanced-match\index.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\tar\node_modules\fstream\node_modules\rimraf\node_modules\glob\node_modules\minimatch\node_modules\brace-expansion\node_modules\balanced-match\LICENSE.md, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\tar\node_modules\fstream\node_modules\rimraf\node_modules\glob\node_modules\minimatch\node_modules\brace-expansion\node_modules\balanced-match\package.json, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\tar\node_modules\fstream\node_modules\rimraf\node_modules\glob\node_modules\minimatch\node_modules\brace-expansion\node_modules\balanced-match\README.md, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\tar\node_modules\fstream\node_modules\rimraf\node_modules\glob\node_modules\minimatch\node_modules\brace-expansion\node_modules\concat-map\example\map.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\tar\node_modules\fstream\node_modules\rimraf\node_modules\glob\node_modules\minimatch\node_modules\brace-expansion\node_modules\concat-map\test\map.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\tar\node_modules\fstream\node_modules\rimraf\node_modules\glob\node_modules\minimatch\node_modules\brace-expansion\node_modules\concat-map\index.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\tar\node_modules\fstream\node_modules\rimraf\node_modules\glob\node_modules\minimatch\node_modules\brace-expansion\node_modules\concat-map\package.json, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\tar\node_modules\fstream\node_modules\rimraf\node_modules\glob\node_modules\minimatch\node_modules\brace-expansion\node_modules\concat-map\README.markdown, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\tar\node_modules\fstream\node_modules\rimraf\node_modules\glob\node_modules\minimatch\node_modules\brace-expansion\index.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\tar\node_modules\fstream\node_modules\rimraf\node_modules\glob\node_modules\minimatch\node_modules\brace-expansion\package.json, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\tar\node_modules\fstream\node_modules\rimraf\node_modules\glob\node_modules\minimatch\node_modules\brace-expansion\README.md, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\tar\node_modules\fstream\node_modules\rimraf\node_modules\glob\node_modules\minimatch\minimatch.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\tar\node_modules\fstream\node_modules\rimraf\node_modules\glob\node_modules\minimatch\package.json, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\tar\node_modules\fstream\node_modules\rimraf\node_modules\glob\node_modules\minimatch\README.md, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\tar\node_modules\fstream\node_modules\rimraf\node_modules\glob\node_modules\once\node_modules\wrappy\package.json, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\tar\node_modules\fstream\node_modules\rimraf\node_modules\glob\node_modules\once\node_modules\wrappy\README.md, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\tar\node_modules\fstream\node_modules\rimraf\node_modules\glob\node_modules\once\node_modules\wrappy\wrappy.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\tar\node_modules\fstream\node_modules\rimraf\node_modules\glob\node_modules\once\once.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\tar\node_modules\fstream\node_modules\rimraf\node_modules\glob\node_modules\once\package.json, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\tar\node_modules\fstream\node_modules\rimraf\node_modules\glob\node_modules\once\README.md, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\tar\node_modules\fstream\node_modules\rimraf\node_modules\glob\node_modules\path-is-absolute\index.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\tar\node_modules\fstream\node_modules\rimraf\node_modules\glob\node_modules\path-is-absolute\package.json, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\tar\node_modules\fstream\node_modules\rimraf\node_modules\glob\node_modules\path-is-absolute\readme.md, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\tar\node_modules\fstream\node_modules\rimraf\node_modules\glob\changelog.md, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\tar\node_modules\fstream\node_modules\rimraf\node_modules\glob\common.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\tar\node_modules\fstream\node_modules\rimraf\node_modules\glob\glob.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\tar\node_modules\fstream\node_modules\rimraf\node_modules\glob\package.json, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\tar\node_modules\fstream\node_modules\rimraf\node_modules\glob\README.md, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\tar\node_modules\fstream\node_modules\rimraf\node_modules\glob\sync.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\tar\node_modules\fstream\node_modules\rimraf\bin.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\tar\node_modules\fstream\node_modules\rimraf\package.json, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\tar\node_modules\fstream\node_modules\rimraf\README.md, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\tar\node_modules\fstream\node_modules\rimraf\rimraf.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\tar\node_modules\fstream\fstream.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\tar\node_modules\fstream\package.json, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\tar\node_modules\fstream\README.md, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\tar\node_modules\inherits\inherits.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\tar\node_modules\inherits\inherits_browser.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\tar\node_modules\inherits\package.json, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\tar\node_modules\inherits\README.md, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\tar\test\00-setup-fixtures.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\tar\test\cb-never-called-1.0.1.tgz, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\tar\test\dir-normalization.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\tar\test\dir-normalization.tar, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\tar\test\error-on-broken.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\tar\test\extract-move.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\tar\test\extract.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\tar\test\fixtures.tgz, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\tar\test\header.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\tar\test\pack-no-proprietary.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\tar\test\pack.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\tar\test\parse-discard.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\tar\test\parse.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\tar\test\zz-cleanup.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\tar\package.json, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\tar\README.md, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\tar\tar.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\universal-analytics\lib\config.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\universal-analytics\lib\index.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\universal-analytics\lib\utils.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\universal-analytics\node_modules\async\lib\async.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\universal-analytics\node_modules\async\component.json, In Quarantäne, [2850], [371306],1.0.1987

Luckyschatz · 21.05.2017, 13:48

Gut dann hier mal alle Log Dateien

Adw Cleaner hat übrigens nichts gefunden, musste dann auch nicht neustarten.

LG

adw-Cleaner:

Code:

ATTFilter

# AdwCleaner v6.047 - Bericht erstellt am 21/05/2017 um 14:40:55
# Aktualisiert am 19/05/2017 von Malwarebytes
# Datenbank : 2017-05-19.1 [Lokal]
# Betriebssystem : Windows 10 Home  (X64)
# Benutzername : Pitti - DESKTOP-TP9DC4I
# Gestartet von : C:\Users\Pitti\Desktop\Scan\adwcleaner.exe
# Modus: Suchlauf
# Unterstützung : https://www.malwarebytes.com/support



***** [ Dienste ] *****

Keine schädlichen Dienste gefunden.


***** [ Ordner ] *****

Keine schädlichen Ordner gefunden.


***** [ Dateien ] *****

Keine schädlichen Dateien gefunden.


***** [ DLL ] *****

Keine infizierten DLLs gefunden.


***** [ WMI ] *****

Keine schädlichen Schlüssel gefunden.


***** [ Verknüpfungen ] *****

Keine infizierten Verknüpfungen gefunden.


***** [ Aufgabenplanung ] *****

Keine schädlichen Aufgaben gefunden.


***** [ Registrierungsdatenbank ] *****

Keine schädlichen Elemente in der Registrierungsdatenbank gefunden.


***** [ Internetbrowser ] *****

Keine schädlichen Elemente in Firefox basierten Browsern gefunden.
Keine schädlichen Elemente in Chrome basierten Browsern gefunden.

*************************

C:\AdwCleaner\AdwCleaner[C0].txt - [37559 Bytes] - [18/05/2017 17:57:18]
C:\AdwCleaner\AdwCleaner[C2].txt - [1370 Bytes] - [18/05/2017 18:02:40]
C:\AdwCleaner\AdwCleaner[C3].txt - [3786 Bytes] - [19/05/2017 20:48:47]
C:\AdwCleaner\AdwCleaner[C4].txt - [1814 Bytes] - [19/05/2017 20:57:58]
C:\AdwCleaner\AdwCleaner[S0].txt - [34348 Bytes] - [18/05/2017 17:54:44]
C:\AdwCleaner\AdwCleaner[S10].txt - [1559 Bytes] - [21/05/2017 14:40:55]
C:\AdwCleaner\AdwCleaner[S1].txt - [1586 Bytes] - [18/05/2017 18:02:11]
C:\AdwCleaner\AdwCleaner[S2].txt - [3983 Bytes] - [19/05/2017 20:40:56]
C:\AdwCleaner\AdwCleaner[S3].txt - [4047 Bytes] - [19/05/2017 20:48:09]
C:\AdwCleaner\AdwCleaner[S4].txt - [1944 Bytes] - [19/05/2017 20:57:44]
C:\AdwCleaner\AdwCleaner[S5].txt - [2106 Bytes] - [19/05/2017 21:00:39]
C:\AdwCleaner\AdwCleaner[S6].txt - [2360 Bytes] - [20/05/2017 13:10:37]
C:\AdwCleaner\AdwCleaner[S7].txt - [2433 Bytes] - [20/05/2017 13:15:06]
C:\AdwCleaner\AdwCleaner[S8].txt - [2506 Bytes] - [20/05/2017 13:38:11]
C:\AdwCleaner\AdwCleaner[S9].txt - [2579 Bytes] - [20/05/2017 13:44:39]

########## EOF - C:\AdwCleaner\AdwCleaner[S10].txt - [2290 Bytes] ##########

und Addition.txt:

Code:

ATTFilter

Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 20-05-2017
durchgeführt von Pitti (21-05-2017 14:43:10)
Gestartet von C:\Users\Pitti\Desktop\Scan
Windows 10 Home Version 1607 (X64) (2016-10-03 09:37:21)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-1585193191-2329745140-1049602013-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1585193191-2329745140-1049602013-503 - Limited - Disabled)
Gast (S-1-5-21-1585193191-2329745140-1049602013-501 - Limited - Disabled)
Pitti (S-1-5-21-1585193191-2329745140-1049602013-1001 - Administrator - Enabled) => C:\Users\Pitti

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

7-Zip 16.04 (HKLM-x32\...\7-Zip) (Version: 16.04 - Igor Pavlov)
Adobe Flash Player 24 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 24.0.0.194 - Adobe Systems Incorporated)
Archeage (HKLM-x32\...\Glyph Archeage) (Version:  - Trion Worlds, Inc.)
ARK: Survival Evolved (HKLM\...\Steam App 346110) (Version:  - Studio Wildcard)
ASUS HiPost (HKLM-x32\...\{04768366-F421-4BA5-8423-B84F644B5249}) (Version: 1.0.6 - ASUS)
ASUS Live Update (HKLM-x32\...\{FA540E67-095C-4A1B-97BA-4D547DEC9AF4}) (Version: 3.4.3 - ASUS)
ASUS Smart Gesture (HKLM-x32\...\{4D3286A6-F6AB-498A-82A4-E4F040529F3D}) (Version: 4.0.12 - ASUS)
ASUS Splendid Video Enhancement Technology (HKLM-x32\...\{0969AF05-4FF6-4C00-9406-43599238DE0D}) (Version: 3.13.0004 - ASUS)
ASUS USB Charger Plus (HKLM-x32\...\{A859E3E5-C62F-4BFA-AF1D-2B95E03166AF}) (Version: 4.1.6 - ASUS)
ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0041 - ASUS)
AudioWizard (HKLM-x32\...\{57E770A2-2BAF-4CAA-BAA3-BD896E2254D3}) (Version: 1.0.0.109 - ICEpower a/s)
Avast SecureLine for Asustek (HKLM\...\{2CD3C92F-EDC5-4B02-9B0A-9C1D37C58EF5}_is1) (Version: 1.0.239.3 - AVAST Software)
Banished 1.0.4 (HKLM-x32\...\Banished_is1) (Version:  - )
Craften Terminal 4.2.3 (HKLM-x32\...\{4e7c3936-7c06-4ef0-928b-c5d92f372578}_is1) (Version: 4.2.3 - Craften.de)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Device Setup (HKLM-x32\...\{8D6B05E0-F457-408C-9D13-549334D8FAE1}) (Version: 2.0.2 - ASUSTek Computer Inc.)
Die Sims™ 3 (HKLM-x32\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}) (Version: 1.69.43.024017 - Electronic Arts Inc.)
Die Sims™ 3 Design-Garten-Accessoires (HKLM-x32\...\{117B6BF6-82C3-420C-B284-9247C8568E53}) (Version: 7.0.55 - Electronic Arts)
Die Sims™ 3 Einfach tierisch (HKLM-x32\...\{C12631C6-804D-4B32-B0DD-8A496462F106}) (Version: 10.0.96 - Electronic Arts)
Die Sims™ 3 Jahreszeiten (HKLM-x32\...\{3DE92282-CB49-434F-81BF-94E5B380E889}) (Version: 16.0.136 - Electronic Arts)
Die Sims™ 3 Late Night (HKLM-x32\...\{45057FCE-5784-48BE-8176-D9D00AF56C3C}) (Version: 6.0.81 - Electronic Arts)
Die Sims™ 3 Lebensfreude (HKLM-x32\...\{E6B88BD6-E4B2-4701-A648-B6DAC6E491CC}) (Version: 8.0.152 - Electronic Arts)
Die Sims™ 3 Luxus-Accessoires (HKLM-x32\...\{71828142-5A24-4BD0-97E7-976DA08CE6CF}) (Version: 3.0.38 - Electronic Arts)
Die Sims™ 3 Reiseabenteuer (HKLM-x32\...\{BA26FFA5-6D47-47DB-BE56-34C357B5F8CC}) (Version: 2.0.86 - Electronic Arts)
Die Sims™ 3 Supernatural (HKLM-x32\...\{B37DAFA5-717D-41F8-BDFB-3A4B68C0B3A1}) (Version: 15.0.135 - Electronic Arts)
Die Sims™ 3 Traumkarrieren (HKLM-x32\...\{910F4A29-1134-49E0-AD8B-56E4A3152BD1}) (Version: 4.0.87 - Electronic Arts)
Die Sims™ 3 Traumsuite-Accessoires (HKLM-x32\...\{08A25478-C5DD-4EA7-B168-3D687CA987FF}) (Version: 11.0.84 - Electronic Arts)
Die Sims™ 3 Wildes Studentenleben (HKLM-x32\...\{F26DE8EF-F2CF-40DC-8CDA-CC0D82D11B36}) (Version: 18.0.126 - Electronic Arts)
Die Sims™ 4 (HKLM-x32\...\{48EBEBBF-B9F8-4520-A3CF-89A730721917}) (Version: 1.29.69.1020 - Electronic Arts Inc.)
Dropbox 25 GB (HKLM-x32\...\{597A58EC-42D6-4940-8739-FB94491B013C}) (Version: 1.0.8.0 - Dropbox, Inc.)
Evernote v. 5.8.6 (HKLM-x32\...\{FEDC7C10-EF67-11E4-9B07-00505695D7B0}) (Version: 5.8.6.7519 - Evernote Corp.)
Fotogalerie (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 58.0.3029.110 - Google Inc.)
Google Update Helper (x32 Version: 1.3.33.5 - Google Inc.) Hidden
Horsez - Abenteuer auf dem Reiterhof 5 (HKLM-x32\...\Horsez - Abenteuer auf dem Reiterhof 5) (Version:  - )
Intel Collaborative Processor Performance Control (HKLM-x32\...\0E7DAF70-FB54-4B91-B192-7E771C25AEEB) (Version: 1.0.0.1018 - Intel Corporation)
Intel(R) Chipset Device Software (x32 Version: 10.1.1.7 - Intel(R) Corporation) Hidden
Intel(R) Dynamic Platform and Thermal Framework (HKLM-x32\...\{654EE65D-FAA4-4EA6-8C07-DC94E6A304D4}) (Version: 8.1.10602.174 - Intel Corporation)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.0.1162 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4549 - Intel Corporation)
Intel® Security Assist (HKLM-x32\...\{4B230374-6475-4A73-BA6E-41015E9C5013}) (Version: 1.0.0.532 - Intel Corporation)
Java 8 Update 131 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180131F0}) (Version: 8.0.1310.11 - Oracle Corporation)
Malwarebytes Version 3.1.2.1733 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.1.2.1733 - Malwarebytes)
Microsoft Office 365 - de-de (HKLM\...\O365HomePremRetail - de-de) (Version: 16.0.7967.2161 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50906.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24212 (HKLM-x32\...\{462f63a8-6347-4894-a1b3-dbfe3a4c981d}) (Version: 14.0.24212.0 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
Minecraft1.8 (HKLM-x32\...\Minecraft1.8) (Version:  - )
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
MySims™ (HKLM-x32\...\{68DC42FA-962C-4973-A306-D595D861FA1E}) (Version: 1.00.0000 - Electronic Arts)
NVIDIA Graphics Driver 353.84 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 353.84 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (x32 Version: 16.0.7967.2161 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (Version: 16.0.7967.2161 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (Version: 16.0.7967.2161 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (x32 Version: 16.0.7668.2066 - Microsoft Corporation) Hidden
Origin (HKLM-x32\...\Origin) (Version: 10.4.10.46586 - Electronic Arts, Inc.)
Planet Coaster (HKLM\...\Steam App 493340) (Version:  - Frontier Developments)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.2.703.2015 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7673 - Realtek Semiconductor Corp.)
SimCity™ (HKLM-x32\...\{F70FDE4B-8F86-4eb6-8C8E-636EC89F6419}) (Version: 4.0.98.0213 - Electronic Arts)
Sims 4 Studio (HKLM-x32\...\{870AA913-0774-4ED0-B144-BC2C0CBE4BA0}_is1) (Version: 2.7.0.4 - Sims 4 Studio)
Star Stable (HKLM-x32\...\{2B03B553-4983-4005-99C4-31DFC25B4BB9}) (Version: 1.00.0000 - Star Stable Entertainment AB)
Star Stable Online (HKLM-x32\...\{8CD50415-04B7-459E-8CBD-DA96A9CDF98E}) (Version: 1.01.0000 - Star Stable Entertainment AB)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Wildlife Park 2 - Ultimate Edition v2.1 (HKLM-x32\...\Wildlife Park 2 - Ultimate Edition_is1) (Version:  - Deep Silver)
Windows 10 Update and Privacy Settings (HKLM\...\{293F2009-0145-450B-B4AA-063D43FB368C}) (Version: 1.0.13.0 - Microsoft Corporation)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
Windows-Treiberpaket - ASUS (ATP) Mouse  (11/11/2015 1.0.0.262) (HKLM\...\A044C5901003C24E6891688653ABA1068D04A1A0) (Version: 11/11/2015 1.0.0.262 - ASUS)
WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 3.0.1 - ASUS)
WinRAR 5.40 (32-Bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.40.0 - win.rar GmbH)
WPS Office for ASUS (HKLM-x32\...\Kingsoft Office) (Version: 9.1.0.4947 - Kingsoft Corp.)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-1585193191-2329745140-1049602013-1001_Classes\CLSID\{1BF42E4C-4AF4-4CFD-A1A0-CF2960B8F63E}\InprocServer32 -> C:\Users\Pitti\AppData\Local\Microsoft\OneDrive\17.3.6743.1212\amd64\FileSyncShell64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1585193191-2329745140-1049602013-1001_Classes\CLSID\{7AFDFDDB-F914-11E4-8377-6C3BE50D980C}\InprocServer32 -> C:\Users\Pitti\AppData\Local\Microsoft\OneDrive\17.3.6743.1212\amd64\FileSyncShell64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1585193191-2329745140-1049602013-1001_Classes\CLSID\{82CA8DE3-01AD-4CEA-9D75-BE4C51810A9E}\InprocServer32 -> C:\Users\Pitti\AppData\Local\Microsoft\OneDrive\17.3.6743.1212\amd64\FileSyncShell64.dll => Keine Datei

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {0F71139B-44DA-4814-95B3-36544058B19C} - System32\Tasks\DropboxOEM => C:\Program Files (x86)\Dropbox\DropboxOEM\DropboxOEM.exe [2015-05-29] ()
Task: {1587944A-0D4F-4F8A-92B2-FD7CE91DB24C} - System32\Tasks\OneDrive Standalone Update Task => C:\Users\Pitti\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\OneDriveStandaloneUpdater.exe 
Task: {16C0F2CB-05FF-42DC-B079-DCDC8E771142} - System32\Tasks\WpsUpdateTask_Administrator => C:\Program Files (x86)\Kingsoft\WPS Office\9.1.0.4947\wtoolex\wpsupdate.exe [2015-08-18] (Zhuhai Kingsoft Office Software Co.,Ltd)
Task: {203759B5-C328-41AD-8021-61455168A7BE} - System32\Tasks\ATK Package A22126881260 => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\SimAppExec.exe [2015-03-10] (ASUSTek Computer Inc.)
Task: {24DDAEDA-CA5D-4A8A-A76E-BD9AC365B29F} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2015-11-27] (Realtek Semiconductor)
Task: {269D86B6-44B7-4D17-9C51-A21F71DD8D08} - System32\Tasks\{C4A9F1C2-B0D8-4A93-8B94-4D7396F9BCA3} => pcalua.exe -a "C:\Program Files (x86)\YeaDesktop\unins000.exe"
Task: {26EE79E3-674C-4A81-9C34-1F4DEE1872DF} - System32\Tasks\{51C6E08E-3B3D-4EDA-B8F6-6CF22112D5D8} => pcalua.exe -a "C:\Program Files (x86)\Kingsoft\WPS Office\9.1.0.4947\utility\uninst.exe"
Task: {2B87FDF9-B9DF-4CD4-9DF1-50FBE78A69CE} - System32\Tasks\ASUS\ASUS Product Register Service => C:\Program Files (x86)\ASUS\APRP\aprp.exe [2015-05-14] (ASUSTek Computer Inc.)
Task: {316BAD79-0487-493A-A4C9-15845492FF19} - System32\Tasks\WpsNotifyTask_Pitti => C:\Program Files (x86)\Kingsoft\WPS Office\9.1.0.4947\wtoolex\wpsnotify.exe [2015-08-18] (Zhuhai Kingsoft Office Software Co.,Ltd)
Task: {3B34459A-F06D-4E22-983E-31E8CF366847} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWoW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-01-14] (Adobe Systems Incorporated)
Task: {47B485D9-1AC5-4DE9-BEE0-A56921B2021A} - System32\Tasks\WpsNotifyTask_Administrator => C:\Program Files (x86)\Kingsoft\WPS Office\9.1.0.4947\wtoolex\wpsnotify.exe [2015-08-18] (Zhuhai Kingsoft Office Software Co.,Ltd)
Task: {4B6CEF02-C18B-4F4A-A42F-9A1A31108B3D} - System32\Tasks\RtHDVBg_ListenToDevice => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2015-11-27] (Realtek Semiconductor)
Task: {6473DBEC-0C27-4517-8AF1-A585996F6B48} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2017-05-13] (Microsoft Corporation)
Task: {77658E7D-82FB-4F5C-802E-A0199130AD6B} - System32\Tasks\avast! SL Update => C:\Program Files\AVAST Software\SecureLine\SLUpdate.exe [2016-04-24] (AVAST Software)
Task: {7D892A0F-D5D5-47B7-A643-B53F532170BB} - System32\Tasks\ASUS USB Charger Plus => C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe [2015-05-25] (ASUSTek Computer Inc.)
Task: {7FBF3021-4A12-4127-9327-6D277936257B} - System32\Tasks\{66D4ADE5-9B45-0B79-04A2-3751ABDE8755} => Regsvr32.exe /s /n /i:"/rt" "C:\PROGRA~3\591e1035\7956ba2f.dll" <==== ACHTUNG
Task: {8E1A1450-46F2-4C06-AD97-BCB24762C47D} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-05-19] (Google Inc.)
Task: {8F590BA6-9712-48D9-B919-E1674A4BF022} - System32\Tasks\ASUS Live Update2 => C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe [2016-08-01] ()
Task: {8F8515CE-3E8C-444B-B17F-108576010395} - System32\Tasks\ASUS Splendid ACMON => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [2015-08-25] (ASUS)
Task: {93612440-AEC9-4AE5-8938-4F6A23DA1036} - System32\Tasks\ATK Package 36D18D69AFC3 => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\SimAppExec.exe [2015-03-10] (ASUSTek Computer Inc.)
Task: {9D4021A6-EF40-4F60-947A-1B1C6163467D} - System32\Tasks\ASUS Smart Gesture Launcher => C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLauncher.exe [2015-12-14] (AsusTek)
Task: {A3BF07E2-5C1E-437A-BDDE-F94A50DE6B11} - System32\Tasks\{BCC45D64-0B6F-EACF-2DE6-5C519E1B3A6A} => C:\ProgramData\{26AA403A-9101-F791-915D-90DE7C22D4DC}\023A4473-B591-F3D8-8332-16CCB19D71B7.exe  <==== ACHTUNG
Task: {A5A108DD-A8FF-461E-820F-A59E8F383377} - System32\Tasks\Update Checker => C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe [2016-08-01] ()
Task: {AE293DA9-8CF4-4008-931E-1A929580CAD2} - System32\Tasks\WpsUpdateTask_Pitti => C:\Program Files (x86)\Kingsoft\WPS Office\9.1.0.4947\wtoolex\wpsupdate.exe [2015-08-18] (Zhuhai Kingsoft Office Software Co.,Ltd)
Task: {B8B0C6E0-8F06-45CA-BEBF-5F77263279C5} - System32\Tasks\{860F2D22-6AC0-48ED-B6F5-6C3403AF1F30} => Chrome.exe hxxp://ui.skype.com/ui/0/7.24.85.104/de/abandoninstall?page=tsProgressBar
Task: {BB526CDD-906E-4EC2-B510-6BFECAE6A55E} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2017-05-04] (Microsoft Corporation)
Task: {BB7C439C-171B-465E-ACDA-D423FE47FC4C} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2017-05-04] (Microsoft Corporation)
Task: {BE555D2A-F976-44A8-8CA8-A11A4CA0F993} - System32\Tasks\{87E76E9E-4BB1-4726-9AC0-3E76FFCFC003} => Chrome.exe hxxp://www.skype.com/go/downloading?source=lightinstaller&amp;ver=7.23.0.105&amp;LastError=12002
Task: {BF2DD700-7AA5-409E-AEB8-81FFD5D4C48C} - System32\Tasks\{66527076-D1F9-C7DD-F9E2-F0B84CD92CBF} => C:\ProgramData\{EA4DE132-5DE6-5699-DDC3-8A4739838DA0}\DA07638A-6DAC-D421-ABCE-45A160C42F00.exe  <==== ACHTUNG
Task: {C226E8DC-E3FC-4944-8B6B-AFB76DCC37B1} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-05-19] (Google Inc.)
Task: {EEDC1261-707D-455B-B8C3-08B9E908F104} - System32\Tasks\ASUS Live Update1 => C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe [2016-08-01] ()
Task: {F49014DF-5F42-4A1E-BC9C-EF02D9B57C1E} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\WINDOWS\explorer.exe /NOUACCHECK
Task: {FC57B35C-E13C-4544-9418-D73DED9A7450} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWoW64\Macromed\Flash\FlashUtil32_24_0_0_194_pepper.exe [2017-01-14] (Adobe Systems Incorporated)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\WINDOWS\Tasks\Adobe Flash Player PPAPI Notifier.job => C:\WINDOWS\SysWoW64\Macromed\Flash\FlashUtil32_24_0_0_194_pepper.exe
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWoW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
Task: C:\WINDOWS\Tasks\WpsNotifyTask_Administrator.job => C:\Program Files (x86)\Kingsoft\WPS Office\9.1.0.4947\wtoolex\wpsnotify.exe
Task: C:\WINDOWS\Tasks\WpsNotifyTask_Pitti.job => C:\Program Files (x86)\Kingsoft\WPS Office\9.1.0.4947\wtoolex\wpsnotify.exe
Task: C:\WINDOWS\Tasks\WpsUpdateTask_Administrator.job => C:\Program Files (x86)\Kingsoft\WPS Office\9.1.0.4947\wtoolex\wpsupdate.exe
Task: C:\WINDOWS\Tasks\WpsUpdateTask_Pitti.job => C:\Program Files (x86)\Kingsoft\WPS Office\9.1.0.4947\wtoolex\wpsupdate.exe

==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

Shortcut: C:\Users\Pitti\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Minecraft\Minecraft Debugger.lnk -> C:\Users\Pitti\AppData\Roaming\.minecraft\minecraft launcher\Debug.bat ()

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2016-07-16 13:42 - 2016-07-16 13:42 - 00231424 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2017-05-10 14:33 - 2017-04-28 02:49 - 02681200 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2016-10-03 11:07 - 2016-08-01 14:54 - 00133056 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2016-02-15 22:01 - 2016-02-15 22:01 - 00031256 _____ () C:\WINDOWS\System32\us008lm.dll
2017-05-21 14:13 - 2017-05-09 16:38 - 02270672 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MwacLib.dll
2017-05-10 14:33 - 2017-04-28 02:49 - 02681200 _____ () C:\WINDOWS\SYSTEM32\CoreUIComponents.dll
2015-10-16 09:26 - 2016-11-30 22:57 - 00401888 _____ () C:\WINDOWS\system32\igfxTray.exe
2016-10-03 11:56 - 2016-10-03 11:56 - 00134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll
2017-03-16 18:20 - 2017-03-04 08:31 - 00474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll
2017-03-16 18:21 - 2017-03-04 08:12 - 09760768 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2017-03-16 18:21 - 2017-03-04 08:05 - 01401856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2017-03-16 18:21 - 2017-03-04 08:05 - 00757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll
2017-05-10 14:33 - 2017-04-28 01:36 - 01033216 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Actions.dll
2017-05-10 14:33 - 2017-04-28 01:36 - 02424320 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2017-05-10 14:33 - 2017-04-28 01:37 - 04853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2017-05-09 14:09 - 2017-05-09 14:09 - 00074752 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.15.597.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2017-05-09 14:09 - 2017-05-09 14:09 - 00201728 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.15.597.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2017-05-09 14:09 - 2017-05-09 14:10 - 43195904 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.15.597.0_x64__kzf8qxf38zg5c\SkyWrap.dll
2017-05-09 14:09 - 2017-05-09 14:09 - 02457088 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.15.597.0_x64__kzf8qxf38zg5c\skypert.dll
2017-01-24 17:07 - 2017-05-17 16:35 - 02493440 _____ () C:\Program Files (x86)\Origin\libGLESv2.dll
2015-08-25 11:40 - 2015-08-25 11:40 - 00027648 _____ () C:\Program Files (x86)\ASUS\Splendid\DetectDisplayDC.dll
2015-08-25 11:40 - 2015-08-25 11:40 - 00124928 _____ () C:\Program Files (x86)\ASUS\Splendid\CCTAdjust.dll
2015-12-17 07:13 - 2015-10-03 04:24 - 00012080 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2016-04-24 19:31 - 2016-04-24 19:31 - 38907672 _____ () C:\Program Files\AVAST Software\SecureLine\libcef.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)

AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxlctlfudivq`qsp`28hfm [0]

==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)

IE trusted site: HKU\S-1-5-21-1585193191-2329745140-1049602013-1001\...\amazon.de -> hxxps://amazon.de
IE trusted site: HKU\S-1-5-21-1585193191-2329745140-1049602013-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05212017143302850\...\amazon.de -> hxxps://amazon.de

==================== Hosts Inhalt: ==========================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2015-07-10 13:04 - 2017-05-12 15:32 - 00001038 _____ C:\WINDOWS\system32\Drivers\etc\hosts

127.0.0.1 wepcdisplaysystem.com
127.0.0.1 wepcanalyticsystem.com
127.0.0.1 healthydownload.com
127.0.0.1 leading2download.com
127.0.0.1 dwl0.wizzlabs.com
127.0.0.1 dwl1.wizzlabs.com
127.0.0.1 wemsofts.com

==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05212017143302522\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
HKU\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05212017143302725\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
HKU\S-1-5-21-1585193191-2329745140-1049602013-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Pitti\Pictures\Desktop Wallpaper\New York Wallpaper.png
HKU\S-1-5-21-1585193191-2329745140-1049602013-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05212017143302850\Control Panel\Desktop\\Wallpaper -> C:\Users\Pitti\Pictures\Desktop Wallpaper\New York Wallpaper.png
DNS Servers: 8.8.8.8
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

MSCONFIG\Services: ASLDRService => 2
MSCONFIG\Services: Asus WebStorage Windows Service => 2
MSCONFIG\Services: ASUSGiftBoxDekstop => 2
MSCONFIG\Services: ATKGFNEXSrv => 2
MSCONFIG\Services: BEService => 3
MSCONFIG\Services: c0aad75bcff65a6b9d3cb96f2f57af70 => 2
MSCONFIG\Services: cphs => 3
MSCONFIG\Services: esifsvc => 2
MSCONFIG\Services: gupdate => 2
MSCONFIG\Services: gupdatem => 3
MSCONFIG\Services: HomeNetSvc => 2
MSCONFIG\Services: igfxCUIService2.0.0.0 => 2
MSCONFIG\Services: Intel(R) Capability Licensing Service TCP IP Interface => 3
MSCONFIG\Services: Intel(R) Security Assist => 3
MSCONFIG\Services: isaHelperSvc => 2
MSCONFIG\Services: jhi_service => 2
MSCONFIG\Services: Kingsoft_WPS_UpdateService => 2
MSCONFIG\Services: LiveUpdateSvc => 2
MSCONFIG\Services: LMS => 2
MSCONFIG\Services: McAfee SiteAdvisor Service => 2
MSCONFIG\Services: McBootDelayStartSvc => 2
MSCONFIG\Services: mccspsvc => 2
MSCONFIG\Services: McNaiAnn => 2
MSCONFIG\Services: McODS => 3
MSCONFIG\Services: mcpltsvc => 2
MSCONFIG\Services: McProxy => 2
MSCONFIG\Services: MSK80Service => 2
MSCONFIG\Services: nvsvc => 2
MSCONFIG\Services: Origin Client Service => 3
MSCONFIG\Services: PEFService => 2
MSCONFIG\Services: RichVideo64 => 2
MSCONFIG\Services: SecureLine => 2
MSCONFIG\Services: SkypeUpdate => 2
MSCONFIG\Services: Steam Client Service => 3

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [{8A7A9FFF-6C0E-4C16-A38A-742E6089F5BD}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{29111026-B862-479C-A427-3AA920ADFA0C}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{27574A8D-55E5-4D31-B3B2-CC26F3EE48B0}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{89E2ABA7-BAAF-486E-BADF-0664647BD06E}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{AFEF88D6-C5B6-420F-92A8-84F765CEAED2}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame_BE.exe
FirewallRules: [{29756DC3-8A13-479C-A949-F51233B07AC0}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame_BE.exe
FirewallRules: [{8BFF7E68-5A01-423C-BDF8-F1A5AFB22497}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame.exe
FirewallRules: [{7186489D-3137-437E-87FE-A6090BE7A4B7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\ARK\ShooterGame\Binaries\Win64\ShooterGame.exe
FirewallRules: [{56943586-13B3-444B-9B66-7DD835682EA6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Planet Coaster\PlanetCoaster.exe
FirewallRules: [{D80423C6-0288-40FC-8C8C-20B985FB6411}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Planet Coaster\PlanetCoaster.exe
FirewallRules: [TCP Query User{115D21F2-02C6-46C3-BBFA-3069EB2A711F}C:\program files (x86)\google\chrome\application\chrome.exe] => (Block) C:\program files (x86)\google\chrome\application\chrome.exe
FirewallRules: [UDP Query User{C578F573-6F64-4F13-9CF1-5AEDAE62B8D9}C:\program files (x86)\google\chrome\application\chrome.exe] => (Block) C:\program files (x86)\google\chrome\application\chrome.exe
FirewallRules: [TCP Query User{897FB310-2CD4-41D2-80BD-85EFB548D18A}C:\program files (x86)\google\chrome\application\chrome.exe] => (Block) C:\program files (x86)\google\chrome\application\chrome.exe
FirewallRules: [UDP Query User{3A4D9CE5-5CFD-4685-B063-6F8965E57E85}C:\program files (x86)\google\chrome\application\chrome.exe] => (Block) C:\program files (x86)\google\chrome\application\chrome.exe
FirewallRules: [{AA73E109-E6A7-4351-BF74-B7D7910DE32C}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe
FirewallRules: [{B57EF5F8-4ACE-4CD0-9008-CEE0D1B0AAF9}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Wiederherstellungspunkte =========================

13-05-2017 14:34:22 Removed NetAdapterUpdate
16-05-2017 16:55:25 Windows Update

==================== Fehlerhafte Geräte im Gerätemanager =============


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (05/21/2017 02:26:19 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: SkypeHost.exe, Version: 11.15.597.0, Zeitstempel: 0x590ab960
Name des fehlerhaften Moduls: ntdll.dll, Version: 10.0.14393.479, Zeitstempel: 0x5825887f
Ausnahmecode: 0xc0000008
Fehleroffset: 0x00000000000a9d2a
ID des fehlerhaften Prozesses: 0xbbc
Startzeit der fehlerhaften Anwendung: 0x01d2d22d68065541
Pfad der fehlerhaften Anwendung: C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.15.597.0_x64__kzf8qxf38zg5c\SkypeHost.exe
Pfad des fehlerhaften Moduls: C:\WINDOWS\SYSTEM32\ntdll.dll
Berichtskennung: 08594976-8e01-4a30-be85-d0da6bb5bfd8
Vollständiger Name des fehlerhaften Pakets: Microsoft.SkypeApp_11.15.597.0_x64__kzf8qxf38zg5c
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: ppleae38af2e007f4358a809ac99a64a67c1

Error: (05/21/2017 02:21:43 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: UpdateChecker.exe, Version: 0.0.0.0, Zeitstempel: 0x576b4ce8
Name des fehlerhaften Moduls: alvupdt.dll, Version: 1.0.0.10, Zeitstempel: 0x579eb55e
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0001593d
ID des fehlerhaften Prozesses: 0xd38
Startzeit der fehlerhaften Anwendung: 0x01d2d22c57123e2d
Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe
Pfad des fehlerhaften Moduls: C:\Program Files (x86)\ASUS\ASUS Live Update\alvupdt.dll
Berichtskennung: cdc56dd1-523b-4e3e-8fe3-b26fa3030fed
Vollständiger Name des fehlerhaften Pakets: 
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (05/21/2017 02:10:34 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-TP9DC4I)
Description: Bei der Aktivierung der App „Microsoft.LockApp_cw5n1h2txyewy!WindowsDefaultLockScreen“ ist folgender Fehler aufgetreten: -2147023170. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (05/21/2017 02:10:33 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: LockApp.exe, Version: 0.0.0.0, Zeitstempel: 0x5819bf0d
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 10.0.14393.1198, Zeitstempel: 0x5902808f
Ausnahmecode: 0x00000004
Fehleroffset: 0x0000000000033c58
ID des fehlerhaften Prozesses: 0x1a94
Startzeit der fehlerhaften Anwendung: 0x01d2d22b3f004eab
Pfad der fehlerhaften Anwendung: C:\Windows\SystemApps\Microsoft.LockApp_cw5n1h2txyewy\LockApp.exe
Pfad des fehlerhaften Moduls: C:\WINDOWS\System32\KERNELBASE.dll
Berichtskennung: d9e14087-8dc5-460f-a559-58ab86dd35e7
Vollständiger Name des fehlerhaften Pakets: Microsoft.LockApp_10.0.14393.0_neutral__cw5n1h2txyewy
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: WindowsDefaultLockScreen

Error: (05/21/2017 01:57:55 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: SkypeHost.exe, Version: 11.15.597.0, Zeitstempel: 0x590ab960
Name des fehlerhaften Moduls: ntdll.dll, Version: 10.0.14393.479, Zeitstempel: 0x5825887f
Ausnahmecode: 0xc0000008
Fehleroffset: 0x00000000000a9d2a
ID des fehlerhaften Prozesses: 0x274
Startzeit der fehlerhaften Anwendung: 0x01d2d2297b4c34ec
Pfad der fehlerhaften Anwendung: C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.15.597.0_x64__kzf8qxf38zg5c\SkypeHost.exe
Pfad des fehlerhaften Moduls: C:\WINDOWS\SYSTEM32\ntdll.dll
Berichtskennung: 4eb9f545-4c2a-4ab2-bac5-c57ebaa88eff
Vollständiger Name des fehlerhaften Pakets: Microsoft.SkypeApp_11.15.597.0_x64__kzf8qxf38zg5c
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: ppleae38af2e007f4358a809ac99a64a67c1

Error: (05/21/2017 01:57:54 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: SkypeHost.exe, Version: 11.15.597.0, Zeitstempel: 0x590ab960
Name des fehlerhaften Moduls: ntdll.dll, Version: 10.0.14393.479, Zeitstempel: 0x5825887f
Ausnahmecode: 0xc0000008
Fehleroffset: 0x00000000000a9d2a
ID des fehlerhaften Prozesses: 0xbe4
Startzeit der fehlerhaften Anwendung: 0x01d2d229799d2a7c
Pfad der fehlerhaften Anwendung: C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.15.597.0_x64__kzf8qxf38zg5c\SkypeHost.exe
Pfad des fehlerhaften Moduls: C:\WINDOWS\SYSTEM32\ntdll.dll
Berichtskennung: 89b4f59c-da78-4aca-a99a-28659c34d92a
Vollständiger Name des fehlerhaften Pakets: Microsoft.SkypeApp_11.15.597.0_x64__kzf8qxf38zg5c
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: ppleae38af2e007f4358a809ac99a64a67c1

Error: (05/21/2017 01:57:51 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: SkypeHost.exe, Version: 11.15.597.0, Zeitstempel: 0x590ab960
Name des fehlerhaften Moduls: ntdll.dll, Version: 10.0.14393.479, Zeitstempel: 0x5825887f
Ausnahmecode: 0xc0000008
Fehleroffset: 0x00000000000a9d2a
ID des fehlerhaften Prozesses: 0x14e4
Startzeit der fehlerhaften Anwendung: 0x01d2d21288df3833
Pfad der fehlerhaften Anwendung: C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.15.597.0_x64__kzf8qxf38zg5c\SkypeHost.exe
Pfad des fehlerhaften Moduls: C:\WINDOWS\SYSTEM32\ntdll.dll
Berichtskennung: 1de21da4-bb7c-4ac6-bf89-a3e5a4f23598
Vollständiger Name des fehlerhaften Pakets: Microsoft.SkypeApp_11.15.597.0_x64__kzf8qxf38zg5c
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: ppleae38af2e007f4358a809ac99a64a67c1

Error: (05/20/2017 09:55:41 PM) (Source: Windows Search Service) (EventID: 3104) (User: )
Description: Fehler beim Aufzählen von Benutzersitzungen zum Generieren von Filterpools.

Details:
	(HRESULT : 0x80040210) (0x80040210)

Error: (05/20/2017 09:55:41 PM) (Source: Windows Search Service) (EventID: 3104) (User: )
Description: Fehler beim Aufzählen von Benutzersitzungen zum Generieren von Filterpools.

Details:
	(HRESULT : 0x80040210) (0x80040210)

Error: (05/20/2017 09:55:41 PM) (Source: Windows Search Service) (EventID: 3104) (User: )
Description: Fehler beim Aufzählen von Benutzersitzungen zum Generieren von Filterpools.

Details:
	(HRESULT : 0x80040210) (0x80040210)


Systemfehler:
=============
Error: (05/21/2017 02:33:25 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\Lokaler Dienst" (SID: S-1-5-19) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID 
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
 und der APPID 
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (05/21/2017 02:33:25 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\Lokaler Dienst" (SID: S-1-5-19) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID 
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
 und der APPID 
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (05/21/2017 02:33:23 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID 
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
 und der APPID 
{F72671A9-012C-4725-9D2F-2A4D32D65169}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (05/21/2017 02:31:47 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-TP9DC4I)
Description: Der Server "{0002DF02-0000-0000-C000-000000000046}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.

Error: (05/21/2017 02:31:45 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 und der APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (05/21/2017 02:10:32 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 und der APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (05/21/2017 11:13:21 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\Lokaler Dienst" (SID: S-1-5-19) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID 
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
 und der APPID 
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (05/21/2017 11:13:21 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\Lokaler Dienst" (SID: S-1-5-19) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID 
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
 und der APPID 
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (05/21/2017 11:13:20 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID 
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
 und der APPID 
{F72671A9-012C-4725-9D2F-2A4D32D65169}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (05/21/2017 11:12:55 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "QForlLgs0EYm Updater" wurde aufgrund folgenden Fehlers nicht gestartet: 
Das System kann die angegebene Datei nicht finden.


CodeIntegrity:
===================================
  Date: 2017-05-21 14:14:02.213
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.

  Date: 2017-05-21 14:14:02.169
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.

  Date: 2017-05-11 18:29:43.006
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\DriverStore\FileRepository\nvamwu.inf_amd64_d4715679184092a8\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2017-05-06 20:00:47.572
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\DriverStore\FileRepository\nvamwu.inf_amd64_d4715679184092a8\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2017-05-03 14:43:48.515
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\DriverStore\FileRepository\nvamwu.inf_amd64_d4715679184092a8\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2017-04-29 20:19:08.826
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\DriverStore\FileRepository\nvamwu.inf_amd64_d4715679184092a8\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2017-04-27 15:15:28.629
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\DriverStore\FileRepository\nvamwu.inf_amd64_d4715679184092a8\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2017-04-23 12:12:03.694
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\DriverStore\FileRepository\nvamwu.inf_amd64_d4715679184092a8\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2017-04-22 12:10:08.899
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\DriverStore\FileRepository\nvamwu.inf_amd64_d4715679184092a8\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2017-04-21 21:51:29.738
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\DriverStore\FileRepository\nvamwu.inf_amd64_d4715679184092a8\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.


==================== Speicherinformationen =========================== 

Prozessor: Intel(R) Core(TM) i7-5500U CPU @ 2.40GHz
Prozentuale Nutzung des RAM: 32%
Installierter physikalischer RAM: 8062.74 MB
Verfügbarer physikalischer RAM: 5467.7 MB
Summe virtueller Speicher: 9342.74 MB
Verfügbarer virtueller Speicher: 6849.5 MB

==================== Laufwerke ================================

Drive c: (OS) (Fixed) (Total:371.85 GB) (Free:126.76 GB) NTFS ==>[System mit Startkomponenten (eingeholt von Laufwerk)]
Drive d: (DATA) (Fixed) (Total:558.91 GB) (Free:508.23 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 8C5D880B)

Partition: GPT.

==================== Ende von Addition.txt ============================

Luckyschatz · 21.05.2017, 13:51

hier noch FRST.txt:

Code:

ATTFilter

Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 20-05-2017
durchgeführt von Pitti (Administrator) auf DESKTOP-TP9DC4I (21-05-2017 14:41:48)
Gestartet von C:\Users\Pitti\Desktop\Scan
Geladene Profile: Pitti &  (Verfügbare Profile: Pitti)
Platform: Windows 10 Home Version 1607 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Edge)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(Intel Corporation) C:\Windows\SysWOW64\esif_uf.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Electronic Arts) C:\Program Files (x86)\Origin\OriginWebHelperService.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Intel Corporation) C:\Windows\Temp\DPTF\esif_assist_64.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
(ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
() C:\Windows\System32\igfxTray.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.15.597.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(AVAST Software) C:\Program Files\AVAST Software\SecureLine\secureline.exe
(Microsoft Corporation) C:\Windows\System32\browser_broker.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.5\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.5\GoogleCrashHandler64.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe

==================== Registry (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2654512 2015-10-03] (NVIDIA Corporation)
HKLM\...\Run: [WindowsDefender] => C:\Program Files\Windows Defender\MSASCuiL.exe [631808 2017-04-28] (Microsoft Corporation)
HKLM\...\Run: [Malwarebytes TrayApp] => C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe [3146704 2017-05-09] (Malwarebytes)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2017-03-15] (Oracle Corporation)
HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05212017143302116\...\Run: [] => [X]
HKU\S-1-5-21-1585193191-2329745140-1049602013-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3019552 2017-04-26] (Valve Corporation)
HKU\S-1-5-21-1585193191-2329745140-1049602013-1001\...\MountPoints2: {3f9e17ff-a47a-11e5-9bc5-806e6f6e6963} - "E:\Autorun.exe" 
HKU\S-1-5-21-1585193191-2329745140-1049602013-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05212017143302850\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3019552 2017-04-26] (Valve Corporation)
HKU\S-1-5-21-1585193191-2329745140-1049602013-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05212017143302850\...\MountPoints2: {3f9e17ff-a47a-11e5-9bc5-806e6f6e6963} - "E:\Autorun.exe" 
HKU\S-1-5-18\...\Run: [] => [X]
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\avast! SecureLine.lnk [2015-12-17]
ShortcutTarget: avast! SecureLine.lnk -> C:\Program Files\AVAST Software\SecureLine\SecureLine.exe (AVAST Software)
CHR HKLM\SOFTWARE\Policies\Google: Beschränkung <======= ACHTUNG

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Winsock: Catalog5-x64 05 C:\WINDOWS\system32\NSBlockA.dll => Keine Datei  <===== ACHTUNG
Winsock: Catalog5-x64 08 C:\WINDOWS\system32\NSBlockB.dll => Keine Datei  <===== ACHTUNG
Hosts: Es ist mehr als ein Eintrag in der Hosts Datei zu finden. Siehe Hosts-Bereich in Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\Parameters: [NameServer] 8.8.8.8
Tcpip\..\Interfaces\{26b11a49-585f-4b43-a90c-9af3c3d7b25b}: [NameServer] 8.8.8.8
Tcpip\..\Interfaces\{5ecc1828-dea3-4170-b6c6-6d557ec1c429}: [NameServer] 8.8.8.8
Tcpip\..\Interfaces\{5ecc1828-dea3-4170-b6c6-6d557ec1c429}: [DhcpNameServer] 8.8.8.8
Tcpip\..\Interfaces\{6f16093c-bffb-4a7b-b894-777c10793d1c}: [NameServer] 8.8.8.8
Tcpip\..\Interfaces\{6f16093c-bffb-4a7b-b894-777c10793d1c}: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{7cc3dc70-8950-11e6-8ca6-806e6f6e6963}: [NameServer] 8.8.8.8
Tcpip\..\Interfaces\{996ea0b8-ca4a-4c25-9b44-fbad264c8641}: [NameServer] 8.8.8.8
Tcpip\..\Interfaces\{996ea0b8-ca4a-4c25-9b44-fbad264c8641}: [DhcpNameServer] 8.8.8.8
Tcpip\..\Interfaces\{ca4d7660-cb2f-4c16-a493-e99d991ed543}: [NameServer] 8.8.8.8
Tcpip\..\Interfaces\{ca4d7660-cb2f-4c16-a493-e99d991ed543}: [DhcpNameServer] 8.8.8.8
Tcpip\..\Interfaces\{efcfe49d-c6bb-4343-b2ec-b087ec086e71}: [NameServer] 8.8.8.8
Tcpip\..\Interfaces\{efcfe49d-c6bb-4343-b2ec-b087ec086e71}: [DhcpNameServer] 8.8.8.8

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-1585193191-2329745140-1049602013-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-1585193191-2329745140-1049602013-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus15.msn.com/?pc=ASTE
HKU\S-1-5-21-1585193191-2329745140-1049602013-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05212017143302850\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-1585193191-2329745140-1049602013-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05212017143302850\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus15.msn.com/?pc=ASTE
SearchScopes: HKU\S-1-5-21-1585193191-2329745140-1049602013-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-1585193191-2329745140-1049602013-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-1585193191-2329745140-1049602013-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05212017143302850 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-1585193191-2329745140-1049602013-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05212017143302850 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2017-05-13] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_131\bin\ssv.dll [2017-04-26] (Oracle Corporation)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2017-05-13] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_131\bin\jp2ssv.dll [2017-04-26] (Oracle Corporation)
BHO-x32: Evernote extension -> {92EF2EAD-A7CE-4424-B0DB-499CF856608E} -> C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll [2015-04-30] (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-05-13] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-05-13] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-05-13] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-05-13] (Microsoft Corporation)

Edge: 
======
Edge Extension: (AdBlock) -> EdgeExtension_BetaFishAdBlock_c1wakc4j0nefm => C:\Program Files\WindowsApps\BetaFish.AdBlock_1.12.0.0_neutral__c1wakc4j0nefm [2017-05-02]

FireFox:
========
FF Plugin: @java.com/DTPlugin,version=11.131.2 -> C:\Program Files\Java\jre1.8.0_131\bin\dtplugin\npDeployJava1.dll [2017-04-26] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.131.2 -> C:\Program Files\Java\jre1.8.0_131\bin\plugin2\npjp2.dll [2017-04-26] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50906.0\npctrl.dll [2017-03-09] ( Microsoft Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.68 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-04-21] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2015-04-21] (Intel Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50906.0\npctrl.dll [2017-03-09] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2017-03-06] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-05-19] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-05-19] (Google Inc.)

Chrome: 
=======
CHR HomePage: Default -> hxxp://www.google.de/
CHR StartupUrls: Default -> "hxxps://www.google.de/","hxxps://www.google.com/"
CHR Profile: C:\Users\Pitti\AppData\Local\Google\Chrome\User Data\Default [2017-05-19]
CHR Extension: (Google Präsentationen) - C:\Users\Pitti\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-05-19]
CHR Extension: (Google Docs) - C:\Users\Pitti\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-05-19]
CHR Extension: (Google Drive) - C:\Users\Pitti\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-05-19]
CHR Extension: (YouTube) - C:\Users\Pitti\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-05-19]
CHR Extension: (Unknown Space) - C:\Users\Pitti\AppData\Local\Google\Chrome\User Data\Default\Extensions\bpjdbdbhiomamecfnjahemfimgjamhjd [2017-05-19]
CHR Extension: (Adblock Plus) - C:\Users\Pitti\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2017-05-19]
CHR Extension: (SingleClick Cleaner) - C:\Users\Pitti\AppData\Local\Google\Chrome\User Data\Default\Extensions\cknijndocnnlkpenngcdcpleddlmckkm [2017-05-19]
CHR Extension: (Google Tabellen) - C:\Users\Pitti\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-05-19]
CHR Extension: (Missing You Chrome Theme - Arthur) - C:\Users\Pitti\AppData\Local\Google\Chrome\User Data\Default\Extensions\fogbjgnancbcjnflfdkknedhcnnnkcbh [2017-05-19]
CHR Extension: (Google Docs Offline) - C:\Users\Pitti\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-05-19]
CHR Extension: (Little Alchemy) - C:\Users\Pitti\AppData\Local\Google\Chrome\User Data\Default\Extensions\knkapnclbofjjgicpkfoagdjohlfjhpd [2017-05-19]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Pitti\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-05-19]
CHR Extension: (Adblock Pro) - C:\Users\Pitti\AppData\Local\Google\Chrome\User Data\Default\Extensions\ocifcklkibdehekfnmflempfgjhbedch [2017-05-19]
CHR Extension: (Google Mail) - C:\Users\Pitti\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-05-19]
CHR Extension: (Chrome Media Router) - C:\Users\Pitti\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-05-19]

==================== Dienste (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1465352 2017-02-12] ()
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [3801280 2017-05-04] (Microsoft Corporation)
R2 esifsvc; C:\WINDOWS\SysWoW64\esif_uf.exe [1385640 2015-08-04] (Intel Corporation)
R2 igfxCUIService2.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [373728 2016-11-30] (Intel Corporation)
S4 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [881152 2015-05-22] (Intel(R) Corporation)
S4 Intel(R) Security Assist; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe [335872 2015-05-19] (Intel Corporation) [Datei ist nicht signiert]
S4 isaHelperSvc; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe [7680 2015-05-19] () [Datei ist nicht signiert]
S4 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [207648 2015-08-07] (Intel Corporation)
S4 Kingsoft_WPS_UpdateService; C:\Program Files (x86)\Kingsoft\WPS Office\9.1.0.4947\wtoolex\wpsupdatesvr.exe [133480 2015-08-18] (Zhuhai Kingsoft Office Software Co.,Ltd)
S4 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2960160 2016-04-22] (IObit)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [4470736 2017-05-09] (Malwarebytes)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2162064 2017-05-17] (Electronic Arts)
R2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3136920 2017-05-17] (Electronic Arts)
S4 SecureLine; C:\Program Files\AVAST Software\SecureLine\VpnSvc.exe [592392 2016-05-23] ()
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347320 2017-04-28] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103712 2017-04-28] (Microsoft Corporation)
S4 mccspsvc; "C:\Program Files\Common Files\McAfee\CSP\1.8.267.0\McCSPServiceHost.exe" [X]

===================== Treiber (Nicht auf der Ausnahmeliste) ======================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 atksgt; C:\WINDOWS\System32\DRIVERS\atksgt.sys [311968 2016-04-30] ()
R3 ATP; C:\WINDOWS\System32\drivers\AsusTP.sys [101368 2015-12-14] (ASUS Corporation)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131712 2016-09-05] (Samsung Electronics Co., Ltd.)
R3 dptf_cpu; C:\WINDOWS\System32\drivers\dptf_cpu.sys [43512 2015-08-04] (Intel Corporation)
R3 dptf_pch; C:\WINDOWS\System32\drivers\dptf_pch.sys [41976 2015-08-04] (Intel Corporation)
R3 esif_lf; C:\WINDOWS\system32\DRIVERS\esif_lf.sys [251384 2015-08-04] (Intel Corporation)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [77440 2017-05-09] ()
R0 IntelHSWPcc; C:\WINDOWS\System32\drivers\IntelPcc.sys [88256 2015-06-26] (Intel Corporation)
R2 lirsgt; C:\WINDOWS\System32\DRIVERS\lirsgt.sys [43168 2016-04-30] ()
R2 MBAMChameleon; C:\WINDOWS\system32\drivers\MBAMChameleon.sys [187320 2017-05-21] (Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\system32\drivers\farflt.sys [113592 2017-05-21] (Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\drivers\mbam.sys [43968 2017-05-21] (Malwarebytes)
R0 MBAMSwissArmy; C:\WINDOWS\System32\drivers\MBAMSwissArmy.sys [251832 2017-05-21] (Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\drivers\mwac.sys [93624 2017-05-21] (Malwarebytes)
S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nvamwu.inf_amd64_d4715679184092a8\nvlddmkm.sys [13754936 2016-09-12] (NVIDIA Corporation)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [887552 2015-07-15] (Realtek                                            )
R3 RTSPER; C:\WINDOWS\system32\DRIVERS\RtsPer.sys [751632 2015-05-14] (Realsil Semiconductor Corporation)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [165504 2016-09-05] (Samsung Electronics Co., Ltd.)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2017-05-21 14:14 - 2017-05-21 14:33 - 00113592 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2017-05-21 14:14 - 2017-05-21 14:33 - 00093624 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2017-05-21 14:14 - 2017-05-21 14:14 - 00187320 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMChameleon.sys
2017-05-21 14:13 - 2017-05-21 14:33 - 00251832 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2017-05-21 14:13 - 2017-05-21 14:33 - 00043968 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2017-05-21 14:13 - 2017-05-21 14:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2017-05-21 14:13 - 2017-05-21 14:13 - 00000000 ____D C:\ProgramData\Malwarebytes
2017-05-21 14:13 - 2017-05-21 14:13 - 00000000 ____D C:\Program Files\Malwarebytes
2017-05-21 14:13 - 2017-05-09 16:37 - 00077440 _____ C:\WINDOWS\system32\Drivers\mbae64.sys
2017-05-21 14:12 - 2017-05-21 14:12 - 63364552 _____ (Malwarebytes ) C:\Users\Pitti\Downloads\mb3-setup-consumer-3.1.2.1733-1.0.122-1.0.1976.exe
2017-05-20 16:45 - 2017-05-21 14:41 - 00000000 ____D C:\Users\Pitti\Desktop\Scan
2017-05-20 13:45 - 2017-05-20 13:46 - 00505012 _____ C:\WINDOWS\Minidump\052017-36734-01.dmp
2017-05-20 13:39 - 2017-05-20 13:40 - 00508644 _____ C:\WINDOWS\Minidump\052017-29421-01.dmp
2017-05-20 13:16 - 2017-05-20 13:17 - 00504508 _____ C:\WINDOWS\Minidump\052017-34703-01.dmp
2017-05-20 13:11 - 2017-05-20 13:12 - 00512940 _____ C:\WINDOWS\Minidump\052017-27093-01.dmp
2017-05-20 08:41 - 2017-05-21 14:41 - 00000000 ____D C:\FRST
2017-05-19 20:56 - 2017-05-19 20:56 - 00000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job
2017-05-19 20:32 - 2017-05-21 14:29 - 00001373 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-05-19 20:32 - 2017-05-21 14:29 - 00001361 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2017-05-19 20:32 - 2017-05-19 20:32 - 01130328 _____ (Google Inc.) C:\Users\Pitti\Downloads\ChromeSetup.exe
2017-05-19 20:32 - 2017-05-19 20:32 - 00003628 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2017-05-19 20:32 - 2017-05-19 20:32 - 00003504 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2017-05-18 17:53 - 2017-05-21 14:40 - 00000000 ____D C:\AdwCleaner
2017-05-14 18:31 - 2017-05-14 18:31 - 00001258 _____ C:\Users\Pitti\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Update- und Datenschutzeinstellungen.lnk
2017-05-14 18:31 - 2017-05-14 18:31 - 00000000 ____D C:\Users\Pitti\AppData\Local\UNP
2017-05-13 16:21 - 2017-05-13 16:21 - 00000000 ___HD C:\$SysReset
2017-05-13 15:34 - 2017-05-13 15:34 - 00000000 ____D C:\ProgramData\WinZip
2017-05-13 15:33 - 2017-05-13 15:34 - 00000000 ____D C:\Program Files\WinZip
2017-05-13 15:33 - 2017-05-13 15:33 - 00000000 ____D C:\Users\Pitti\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinZip 21.5
2017-05-13 15:32 - 2017-05-13 15:32 - 00000000 ____D C:\WINDOWS\CD95F661A5C444F5A6AAECDD91C2410F.TMP
2017-05-13 15:31 - 2017-05-13 17:06 - 00000000 ____D C:\Users\Pitti\AppData\Roaming\Nico Mak Computing
2017-05-13 15:19 - 2017-05-13 15:19 - 00000465 _____ C:\Users\Pitti\Downloads\SPug
2017-05-13 14:40 - 2017-05-13 14:40 - 00000000 ____D C:\Users\Pitti\AppData\Local\ElevatedDiagnostics
2017-05-13 14:39 - 2017-05-13 14:39 - 00003256 _____ C:\WINDOWS\System32\Tasks\{C4A9F1C2-B0D8-4A93-8B94-4D7396F9BCA3}
2017-05-13 14:24 - 2017-05-13 14:24 - 00000026 _____ C:\WINDOWS\Zone.Identifier
2017-05-13 13:55 - 2017-05-21 14:23 - 00000000 ____D C:\ProgramData\0cba1143376c450fbb3a89392df868d0
2017-05-12 20:18 - 2017-05-12 20:18 - 00000000 ____D C:\Users\Pitti\AppData\Roaming\Google
2017-05-12 17:09 - 2017-05-12 17:10 - 00000000 ____D C:\Program Files\UNP
2017-05-12 17:09 - 2017-05-12 17:09 - 00000000 ____D C:\WINDOWS\system32\UNP
2017-05-12 15:36 - 2017-05-21 14:23 - 00000000 ____D C:\Users\Pitti\AppData\Roaming\ServerTest
2017-05-12 15:32 - 2017-05-12 15:32 - 00000000 ____D C:\Users\Pitti\AppData\Local\CrashRpt
2017-05-12 15:24 - 2017-05-12 15:32 - 00000000 ____D C:\Users\Pitti\AppData\Local\navi
2017-05-10 16:09 - 2017-05-10 16:09 - 00051628 _____ C:\WINDOWS\uninstaller.dat
2017-05-10 14:35 - 2017-04-28 02:56 - 02048488 _____ C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2017-05-10 14:35 - 2017-04-28 02:48 - 00263472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Storage.ApplicationData.dll
2017-05-10 14:35 - 2017-04-28 02:46 - 05722320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2017-05-10 14:35 - 2017-04-28 02:46 - 01504056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2017-05-10 14:35 - 2017-04-28 02:46 - 01431232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2017-05-10 14:35 - 2017-04-28 02:45 - 02263832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2017-05-10 14:35 - 2017-04-28 02:45 - 00975744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll
2017-05-10 14:35 - 2017-04-28 02:45 - 00861024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2017-05-10 14:35 - 2017-04-28 02:45 - 00116576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudExperienceHostCommon.dll
2017-05-10 14:35 - 2017-04-28 02:43 - 00846560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll
2017-05-10 14:35 - 2017-04-28 02:40 - 06665952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2017-05-10 14:35 - 2017-04-28 02:40 - 04023008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2017-05-10 14:35 - 2017-04-28 02:40 - 01851696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2017-05-10 14:35 - 2017-04-28 02:40 - 01360456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetsrc.dll
2017-05-10 14:35 - 2017-04-28 02:40 - 01277856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll
2017-05-10 14:35 - 2017-04-28 02:40 - 01202936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2017-05-10 14:35 - 2017-04-28 02:40 - 00981888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetcore.dll
2017-05-10 14:35 - 2017-04-28 02:39 - 20967840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2017-05-10 14:35 - 2017-04-28 02:29 - 05685760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2017-05-10 14:35 - 2017-04-28 02:23 - 00095232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTimeUtil.dll
2017-05-10 14:35 - 2017-04-28 02:22 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\odbcconf.dll
2017-05-10 14:35 - 2017-04-28 02:21 - 00224256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExSMime.dll
2017-05-10 14:35 - 2017-04-28 02:20 - 00141824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Radios.dll
2017-05-10 14:35 - 2017-04-28 02:19 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDeviceRegistration.dll
2017-05-10 14:35 - 2017-04-28 02:19 - 00138240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DisplayManager.dll
2017-05-10 14:35 - 2017-04-28 02:18 - 00255488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\unimdm.tsp
2017-05-10 14:35 - 2017-04-28 02:17 - 00142336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.WiFi.dll
2017-05-10 14:35 - 2017-04-28 02:17 - 00136192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinRtTracing.dll
2017-05-10 14:35 - 2017-04-28 02:17 - 00094208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryClient.dll
2017-05-10 14:35 - 2017-04-28 02:16 - 00392192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Gaming.Input.dll
2017-05-10 14:35 - 2017-04-28 02:16 - 00374784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.LowLevel.dll
2017-05-10 14:35 - 2017-04-28 02:16 - 00315904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Gaming.XboxLive.Storage.dll
2017-05-10 14:35 - 2017-04-28 02:16 - 00184320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserMgrProxy.dll
2017-05-10 14:35 - 2017-04-28 02:16 - 00180224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
2017-05-10 14:35 - 2017-04-28 02:16 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppointmentActivation.dll
2017-05-10 14:35 - 2017-04-28 02:16 - 00113152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Lights.dll
2017-05-10 14:35 - 2017-04-28 02:15 - 00557568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll
2017-05-10 14:35 - 2017-04-28 02:15 - 00237568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SyncSettings.dll
2017-05-10 14:35 - 2017-04-28 02:15 - 00117760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AuthBroker.dll
2017-05-10 14:35 - 2017-04-28 02:15 - 00115712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Core.dll
2017-05-10 14:35 - 2017-04-28 02:14 - 00670208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.PointOfService.dll
2017-05-10 14:35 - 2017-04-28 02:14 - 00483840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.AllJoyn.dll
2017-05-10 14:35 - 2017-04-28 02:14 - 00223232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgentUserBroker.exe
2017-05-10 14:35 - 2017-04-28 02:13 - 13873664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2017-05-10 14:35 - 2017-04-28 02:13 - 01243136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.FaceAnalysis.dll
2017-05-10 14:35 - 2017-04-28 02:13 - 00562176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.SmartCards.dll
2017-05-10 14:35 - 2017-04-28 02:13 - 00426496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Wallet.dll
2017-05-10 14:35 - 2017-04-28 02:13 - 00386048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.WiFiDirect.dll
2017-05-10 14:35 - 2017-04-28 02:13 - 00332288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Bluetooth.dll
2017-05-10 14:35 - 2017-04-28 02:13 - 00325120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleacc.dll
2017-05-10 14:35 - 2017-04-28 02:13 - 00298496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2017-05-10 14:35 - 2017-04-28 02:13 - 00271360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\deviceaccess.dll
2017-05-10 14:35 - 2017-04-28 02:13 - 00218624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WwaApi.dll
2017-05-10 14:35 - 2017-04-28 02:13 - 00202752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.HumanInterfaceDevice.dll
2017-05-10 14:35 - 2017-04-28 02:13 - 00185856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Identity.Provider.dll
2017-05-10 14:35 - 2017-04-28 02:13 - 00175616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Scanners.dll
2017-05-10 14:35 - 2017-04-28 02:12 - 00498688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mbsmsapi.dll
2017-05-10 14:35 - 2017-04-28 02:12 - 00431616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\efswrt.dll
2017-05-10 14:35 - 2017-04-28 02:12 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Picker.dll
2017-05-10 14:35 - 2017-04-28 02:11 - 00747520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Ocr.dll
2017-05-10 14:35 - 2017-04-28 02:10 - 00819200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppContracts.dll
2017-05-10 14:35 - 2017-04-28 02:10 - 00314368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Usb.dll
2017-05-10 14:35 - 2017-04-28 02:10 - 00284672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.dll
2017-05-10 14:35 - 2017-04-28 02:10 - 00238080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AboveLockAppHost.dll
2017-05-10 14:35 - 2017-04-28 02:09 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2017-05-10 14:35 - 2017-04-28 02:08 - 01534464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.Printing.3D.dll
2017-05-10 14:35 - 2017-04-28 02:08 - 00653312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.AccountsControl.dll
2017-05-10 14:35 - 2017-04-28 02:08 - 00288256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CryptoWinRT.dll
2017-05-10 14:35 - 2017-04-28 02:06 - 04614656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2017-05-10 14:35 - 2017-04-28 02:06 - 02333184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmSvc.dll
2017-05-10 14:35 - 2017-04-28 02:06 - 00901120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Bluetooth.dll
2017-05-10 14:35 - 2017-04-28 02:06 - 00675840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.dll
2017-05-10 14:35 - 2017-04-28 02:05 - 03733504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_47.dll
2017-05-10 14:35 - 2017-04-28 02:05 - 00589312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Sensors.dll
2017-05-10 14:35 - 2017-04-28 02:03 - 01077760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Editing.dll
2017-05-10 14:35 - 2017-04-28 02:03 - 00355328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RTMediaFrame.dll
2017-05-10 14:35 - 2017-04-28 02:02 - 03307008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2017-05-10 14:35 - 2017-04-28 02:01 - 00795648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MiracastReceiver.dll
2017-05-10 14:35 - 2017-04-28 02:01 - 00713216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpnapps.dll
2017-05-10 14:35 - 2017-04-28 02:01 - 00343040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToDevice.dll
2017-05-10 14:35 - 2017-04-28 02:01 - 00248832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dlnashext.dll
2017-05-10 14:35 - 2017-04-28 02:01 - 00141312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dialclient.dll
2017-05-10 14:35 - 2017-04-28 02:00 - 01255936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll
2017-05-10 14:35 - 2017-04-28 01:59 - 00895488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Streaming.dll
2017-05-10 14:35 - 2017-04-28 01:59 - 00220672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToReceiver.dll
2017-05-10 14:35 - 2017-04-28 01:58 - 07468544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2017-05-10 14:35 - 2017-04-28 01:58 - 00134144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ErrorDetails.dll
2017-05-10 14:35 - 2017-04-28 01:57 - 01247232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Globalization.dll
2017-05-10 14:35 - 2017-04-28 01:57 - 01221120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Audio.dll
2017-05-10 14:35 - 2017-04-28 01:57 - 00641024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MCRecvSrc.dll
2017-05-10 14:35 - 2017-04-28 01:56 - 00400384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToManager.dll
2017-05-10 14:35 - 2017-04-28 01:56 - 00357376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Geolocation.dll
2017-05-10 14:35 - 2017-04-28 01:56 - 00103936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Devices.dll
2017-05-10 14:35 - 2017-04-28 01:55 - 01656320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Perception.dll
2017-05-10 14:35 - 2017-04-28 01:55 - 01232384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Maps.dll
2017-05-10 14:35 - 2017-04-28 01:55 - 01170944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Speech.dll
2017-05-10 14:35 - 2017-04-28 01:55 - 01004544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Input.Inking.dll
2017-05-10 14:35 - 2017-04-28 01:54 - 02646528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CertEnroll.dll
2017-05-10 14:35 - 2017-04-28 01:54 - 02483200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2017-05-10 14:35 - 2017-04-28 01:54 - 01013248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.Http.dll
2017-05-10 14:35 - 2017-04-28 01:54 - 00654336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MbaeApiPublic.dll
2017-05-10 14:35 - 2017-04-28 01:54 - 00598528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.dll
2017-05-10 14:35 - 2017-04-28 01:54 - 00566784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ShareHost.dll
2017-05-10 14:35 - 2017-04-28 01:54 - 00348160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Midi.dll
2017-05-10 14:35 - 2017-04-28 01:53 - 01170944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Phone.dll
2017-05-10 14:35 - 2017-04-28 01:53 - 00751104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.BackgroundTransfer.dll
2017-05-10 14:35 - 2017-04-28 01:53 - 00621056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll
2017-05-10 14:35 - 2017-04-28 01:52 - 03106304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstsc.exe
2017-05-10 14:35 - 2017-04-28 01:52 - 02994176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2017-05-10 14:35 - 2017-04-28 01:52 - 01600000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2017-05-10 14:35 - 2017-04-28 01:50 - 00783360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TSWorkspace.dll
2017-05-10 14:35 - 2017-04-28 01:30 - 00483840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2017-05-10 14:35 - 2017-03-04 09:57 - 00484584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2017-05-10 14:35 - 2017-03-04 08:22 - 00265728 _____ C:\WINDOWS\SysWOW64\Windows.Perception.Stub.dll
2017-05-10 14:35 - 2017-03-04 08:17 - 00529920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StructuredQuery.dll
2017-05-10 14:35 - 2017-03-04 08:16 - 00500224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.Printing.dll
2017-05-10 14:35 - 2017-03-04 08:01 - 00827904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll
2017-05-10 14:35 - 2017-03-04 08:00 - 00691200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2017-05-10 14:34 - 2017-04-28 03:28 - 00965472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReAgent.dll
2017-05-10 14:34 - 2017-04-28 02:59 - 00601712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2017-05-10 14:34 - 2017-04-28 02:58 - 01706488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2017-05-10 14:34 - 2017-04-28 02:57 - 00794928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Shell.Broker.dll
2017-05-10 14:34 - 2017-04-28 02:55 - 00088416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\scmbus.sys
2017-05-10 14:34 - 2017-04-28 02:53 - 02213760 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2017-05-10 14:34 - 2017-04-28 02:53 - 00774224 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2017-05-10 14:34 - 2017-04-28 02:53 - 00616048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kernel32.dll
2017-05-10 14:34 - 2017-04-28 02:45 - 00781144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2017-05-10 14:34 - 2017-04-28 02:45 - 00493920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2017-05-10 14:34 - 2017-04-28 02:43 - 02168288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2017-05-10 14:34 - 2017-04-28 02:43 - 01980768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2017-05-10 14:34 - 2017-04-28 02:43 - 01557224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\crypt32.dll
2017-05-10 14:34 - 2017-04-28 02:42 - 00601952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupEngine.dll
2017-05-10 14:34 - 2017-04-28 02:41 - 00361104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsmf.dll
2017-05-10 14:34 - 2017-04-28 02:40 - 07220184 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2017-05-10 14:34 - 2017-04-28 02:40 - 01860288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2017-05-10 14:34 - 2017-04-28 02:40 - 00857440 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2017-05-10 14:34 - 2017-04-28 02:40 - 00352760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MMDevAPI.dll
2017-05-10 14:34 - 2017-04-28 02:39 - 04312248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2017-05-10 14:34 - 2017-04-28 02:39 - 00962760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2017-05-10 14:34 - 2017-04-28 02:39 - 00715104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys
2017-05-10 14:34 - 2017-04-28 02:38 - 00847200 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupEngine.dll
2017-05-10 14:34 - 2017-04-28 02:38 - 00557408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2017-05-10 14:34 - 2017-04-28 02:36 - 00408600 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsmf.dll
2017-05-10 14:34 - 2017-04-28 02:36 - 00092512 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2017-05-10 14:34 - 2017-04-28 02:35 - 08170600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2017-05-10 14:34 - 2017-04-28 02:35 - 04260576 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2017-05-10 14:34 - 2017-04-28 02:35 - 01988048 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2017-05-10 14:34 - 2017-04-28 02:35 - 01702392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
2017-05-10 14:34 - 2017-04-28 02:35 - 01414208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2017-05-10 14:34 - 2017-04-28 02:35 - 01302136 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2017-05-10 14:34 - 2017-04-28 02:35 - 00596040 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2017-05-10 14:34 - 2017-04-28 02:35 - 00276832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\input.dll
2017-05-10 14:34 - 2017-04-28 02:34 - 22220856 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2017-05-10 14:34 - 2017-04-28 02:34 - 01072248 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetcore.dll
2017-05-10 14:34 - 2017-04-28 02:34 - 00443232 _____ (Microsoft Corporation) C:\WINDOWS\system32\MMDevAPI.dll
2017-05-10 14:34 - 2017-04-28 02:34 - 00244824 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2017-05-10 14:34 - 2017-04-28 02:28 - 00453536 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe
2017-05-10 14:34 - 2017-04-28 02:28 - 00387864 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpps.dll
2017-05-10 14:34 - 2017-04-28 02:23 - 01631232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Resources.dll
2017-05-10 14:34 - 2017-04-28 02:22 - 00165376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReInfo.dll
2017-05-10 14:34 - 2017-04-28 02:21 - 00027648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BthTelemetry.dll
2017-05-10 14:34 - 2017-04-28 02:20 - 00044032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\virtdisk.dll
2017-05-10 14:34 - 2017-04-28 02:18 - 00450560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastls.dll
2017-05-10 14:34 - 2017-04-28 02:18 - 00285184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.BlockedShutdown.dll
2017-05-10 14:34 - 2017-04-28 02:17 - 00328192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2017-05-10 14:34 - 2017-04-28 02:17 - 00095232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BluetoothApis.dll
2017-05-10 14:34 - 2017-04-28 02:16 - 00231936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.LockScreen.dll
2017-05-10 14:34 - 2017-04-28 02:16 - 00203776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\credprovhost.dll
2017-05-10 14:34 - 2017-04-28 02:15 - 00404992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dsreg.dll
2017-05-10 14:34 - 2017-04-28 02:15 - 00334848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastlsext.dll
2017-05-10 14:34 - 2017-04-28 02:15 - 00206336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bthprops.cpl
2017-05-10 14:34 - 2017-04-28 02:13 - 01755136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DeviceFlows.DataModel.dll
2017-05-10 14:34 - 2017-04-28 02:13 - 00506880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DevicePairing.dll
2017-05-10 14:34 - 2017-04-28 02:13 - 00206336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vaultcli.dll
2017-05-10 14:34 - 2017-04-28 02:13 - 00125952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apprepapi.dll
2017-05-10 14:34 - 2017-04-28 02:13 - 00114176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\setupugc.exe
2017-05-10 14:34 - 2017-04-28 02:12 - 00284672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apprepsync.dll
2017-05-10 14:34 - 2017-04-28 02:11 - 00846336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WebcamUi.dll
2017-05-10 14:34 - 2017-04-28 02:11 - 00075776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\updatepolicy.dll
2017-05-10 14:34 - 2017-04-28 02:10 - 00857600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EmailApis.dll
2017-05-10 14:34 - 2017-04-28 02:10 - 00816640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NaturalLanguage6.dll
2017-05-10 14:34 - 2017-04-28 02:10 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mprddm.dll
2017-05-10 14:34 - 2017-04-28 02:09 - 00525824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintDialogs.dll
2017-05-10 14:34 - 2017-04-28 02:09 - 00509440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2017-05-10 14:34 - 2017-04-28 02:09 - 00368128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\puiobj.dll
2017-05-10 14:34 - 2017-04-28 02:09 - 00352256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Enumeration.dll
2017-05-10 14:34 - 2017-04-28 02:08 - 07626752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2017-05-10 14:34 - 2017-04-28 02:08 - 01228288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usercpl.dll
2017-05-10 14:34 - 2017-04-28 02:07 - 03689984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2017-05-10 14:34 - 2017-04-28 02:07 - 00525312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LogonController.dll
2017-05-10 14:34 - 2017-04-28 02:07 - 00372736 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXTaskFactory.dll
2017-05-10 14:34 - 2017-04-28 02:07 - 00256512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\thumbcache.dll
2017-05-10 14:34 - 2017-04-28 02:05 - 00886272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2017-05-10 14:34 - 2017-04-28 02:05 - 00709120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CPFilters.dll
2017-05-10 14:34 - 2017-04-28 02:04 - 01323008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_fs.dll
2017-05-10 14:34 - 2017-04-28 02:04 - 00119808 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTimeUtil.dll
2017-05-10 14:34 - 2017-04-28 02:03 - 01137152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_health.dll
2017-05-10 14:34 - 2017-04-28 02:03 - 00318464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LocationApi.dll
2017-05-10 14:34 - 2017-04-28 02:03 - 00291328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\adsnt.dll
2017-05-10 14:34 - 2017-04-28 02:03 - 00134656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Energy.dll
2017-05-10 14:34 - 2017-04-28 02:02 - 00123904 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2017-05-10 14:34 - 2017-04-28 02:02 - 00115200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bridge.sys
2017-05-10 14:34 - 2017-04-28 02:02 - 00040448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vwifimp.sys
2017-05-10 14:34 - 2017-04-28 02:01 - 00295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\unimdm.tsp
2017-05-10 14:34 - 2017-04-28 02:01 - 00233472 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2017-05-10 14:34 - 2017-04-28 02:00 - 12349440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2017-05-10 14:34 - 2017-04-28 02:00 - 02749440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mispace.dll
2017-05-10 14:34 - 2017-04-28 02:00 - 00193536 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinRtTracing.dll
2017-05-10 14:34 - 2017-04-28 02:00 - 00149504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Core.dll
2017-05-10 14:34 - 2017-04-28 01:59 - 02154496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\storagewmi.dll
2017-05-10 14:34 - 2017-04-28 01:59 - 00467968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Gaming.XboxLive.Storage.dll
2017-05-10 14:34 - 2017-04-28 01:58 - 00546304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\uReFS.dll
2017-05-10 14:34 - 2017-04-28 01:58 - 00433664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\imapi2.dll
2017-05-10 14:34 - 2017-04-28 01:58 - 00418304 _____ C:\WINDOWS\system32\Windows.Perception.Stub.dll
2017-05-10 14:34 - 2017-04-28 01:58 - 00211968 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2017-05-10 14:34 - 2017-04-28 01:58 - 00090624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll
2017-05-10 14:34 - 2017-04-28 01:57 - 01507840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.FaceAnalysis.dll
2017-05-10 14:34 - 2017-04-28 01:57 - 00719872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_sr.dll
2017-05-10 14:34 - 2017-04-28 01:57 - 00216576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Scanners.dll
2017-05-10 14:34 - 2017-04-28 01:57 - 00089600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CameraCaptureUI.dll
2017-05-10 14:34 - 2017-04-28 01:56 - 00748544 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2017-05-10 14:34 - 2017-04-28 01:56 - 00590336 _____ (Microsoft Corporation) C:\WINDOWS\system32\efswrt.dll
2017-05-10 14:34 - 2017-04-28 01:56 - 00358912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.dll
2017-05-10 14:34 - 2017-04-28 01:56 - 00333312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsApi.dll
2017-05-10 14:34 - 2017-04-28 01:56 - 00293888 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2017-05-10 14:34 - 2017-04-28 01:56 - 00260608 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgentUserBroker.exe
2017-05-10 14:34 - 2017-04-28 01:55 - 01993216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2017-05-10 14:34 - 2017-04-28 01:55 - 01987584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2017-05-10 14:34 - 2017-04-28 01:55 - 01413632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OpcServices.dll
2017-05-10 14:34 - 2017-04-28 01:55 - 00561664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Wallet.dll
2017-05-10 14:34 - 2017-04-28 01:55 - 00307200 _____ (Microsoft Corporation) C:\WINDOWS\system32\PrintDialogs3D.dll
2017-05-10 14:34 - 2017-04-28 01:55 - 00252416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Identity.Provider.dll
2017-05-10 14:34 - 2017-04-28 01:54 - 02747904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpcore.dll
2017-05-10 14:34 - 2017-04-28 01:54 - 01883648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
2017-05-10 14:34 - 2017-04-28 01:54 - 00284160 _____ (Microsoft Corporation) C:\WINDOWS\system32\AboveLockAppHost.dll
2017-05-10 14:34 - 2017-04-28 01:53 - 06288384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2017-05-10 14:34 - 2017-04-28 01:53 - 03059200 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2017-05-10 14:34 - 2017-04-28 01:53 - 00798208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2017-05-10 14:34 - 2017-04-28 01:53 - 00671744 _____ (Microsoft Corporation) C:\WINDOWS\system32\mbsmsapi.dll
2017-05-10 14:34 - 2017-04-28 01:53 - 00579584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.UX.EapRequestHandler.dll
2017-05-10 14:34 - 2017-04-28 01:53 - 00245760 _____ (Microsoft Corporation) C:\WINDOWS\system32\WwaApi.dll
2017-05-10 14:34 - 2017-04-28 01:52 - 02008576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2017-05-10 14:34 - 2017-04-28 01:51 - 00713216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2017-05-10 14:34 - 2017-04-28 01:51 - 00458752 _____ (Microsoft Corporation) C:\WINDOWS\system32\RTMediaFrame.dll
2017-05-10 14:34 - 2017-04-28 01:51 - 00409600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys
2017-05-10 14:34 - 2017-04-28 01:50 - 03778048 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2017-05-10 14:34 - 2017-04-28 01:49 - 00864256 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnapps.dll
2017-05-10 14:34 - 2017-04-28 01:47 - 01908224 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2017-05-10 14:34 - 2017-04-28 01:47 - 01078784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.dll
2017-05-10 14:34 - 2017-04-28 01:47 - 00796672 _____ (Microsoft Corporation) C:\WINDOWS\system32\fvewiz.dll
2017-05-10 14:34 - 2017-04-28 01:47 - 00627200 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpaceControl.dll
2017-05-10 14:34 - 2017-04-28 01:45 - 01217024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Audio.dll
2017-05-10 14:34 - 2017-04-28 01:45 - 00411648 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsApi.dll
2017-05-10 14:34 - 2017-04-28 01:44 - 01366016 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2017-05-10 14:34 - 2017-04-28 01:44 - 01145344 _____ (Microsoft Corporation) C:\WINDOWS\system32\EmailApis.dll
2017-05-10 14:34 - 2017-04-28 01:44 - 00583680 _____ (Microsoft Corporation) C:\WINDOWS\system32\PrintDialogs.dll
2017-05-10 14:34 - 2017-04-28 01:44 - 00548864 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2017-05-10 14:34 - 2017-04-28 01:43 - 00963584 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebcamUi.dll
2017-05-10 14:34 - 2017-04-28 01:43 - 00646656 _____ (Microsoft Corporation) C:\WINDOWS\system32\wiaservc.dll
2017-05-10 14:34 - 2017-04-28 01:43 - 00526336 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2017-05-10 14:34 - 2017-04-28 01:43 - 00331264 _____ (Microsoft Corporation) C:\WINDOWS\system32\NgcCtnrSvc.dll
2017-05-10 14:34 - 2017-04-28 01:42 - 13441536 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2017-05-10 14:34 - 2017-04-28 01:42 - 08076288 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2017-05-10 14:34 - 2017-04-28 01:42 - 02390016 _____ (Microsoft Corporation) C:\WINDOWS\system32\smartscreen.exe
2017-05-10 14:34 - 2017-04-28 01:41 - 01080320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Ocr.dll
2017-05-10 14:34 - 2017-04-28 01:41 - 00983040 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcsvc.dll
2017-05-10 14:34 - 2017-04-28 01:41 - 00860160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mprddm.dll
2017-05-10 14:34 - 2017-04-28 01:41 - 00611328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Printing.dll
2017-05-10 14:34 - 2017-04-28 01:40 - 00816640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
2017-05-10 14:34 - 2017-04-28 01:39 - 04596224 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsrchvw.exe
2017-05-10 14:34 - 2017-04-28 01:39 - 00846336 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApiPublic.dll
2017-05-10 14:34 - 2017-04-28 01:38 - 02424320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Perception.dll
2017-05-10 14:34 - 2017-04-28 01:38 - 01359360 _____ (Microsoft Corporation) C:\WINDOWS\system32\usercpl.dll
2017-05-10 14:34 - 2017-04-28 01:38 - 00765440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Sensors.dll
2017-05-10 14:34 - 2017-04-28 01:37 - 04149248 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2017-05-10 14:34 - 2017-04-28 01:37 - 03134976 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcore.dll
2017-05-10 14:34 - 2017-04-28 01:37 - 02538496 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2017-05-10 14:34 - 2017-04-28 01:37 - 01984000 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2017-05-10 14:34 - 2017-04-28 01:37 - 01424896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Maps.dll
2017-05-10 14:34 - 2017-04-28 01:37 - 01266176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Input.Inking.dll
2017-05-10 14:34 - 2017-04-28 01:37 - 00391168 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2017-05-10 14:34 - 2017-04-28 01:36 - 01131008 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2017-05-10 14:34 - 2017-04-28 01:35 - 03299840 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstsc.exe
2017-05-10 14:34 - 2017-04-28 01:34 - 00999424 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWorkspace.dll
2017-05-10 14:34 - 2017-03-04 09:09 - 01293152 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2017-05-10 14:34 - 2017-03-04 08:27 - 00456192 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiobj.dll
2017-05-10 14:34 - 2017-03-04 08:25 - 01388544 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Cred.dll
2017-05-10 14:34 - 2017-03-04 08:23 - 00299520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataAccountApis.dll
2017-05-10 14:34 - 2017-03-04 08:19 - 01403392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Editing.dll
2017-05-10 14:34 - 2017-03-04 08:06 - 01369088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Phone.dll
2017-05-10 14:34 - 2017-03-04 08:05 - 03520512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xpsrchvw.exe
2017-05-10 14:33 - 2017-04-28 02:57 - 00603488 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContentDeliveryManager.Utilities.dll
2017-05-10 14:33 - 2017-04-28 02:56 - 01117024 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReAgent.dll
2017-05-10 14:33 - 2017-04-28 02:53 - 07784288 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2017-05-10 14:33 - 2017-04-28 02:52 - 02255712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2017-05-10 14:33 - 2017-04-28 02:49 - 02681200 _____ C:\WINDOWS\system32\CoreUIComponents.dll
2017-05-10 14:33 - 2017-04-28 02:49 - 00764392 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2017-05-10 14:33 - 2017-04-28 02:49 - 00700936 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel32.dll
2017-05-10 14:33 - 2017-04-28 02:47 - 00699744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimgapi.dll
2017-05-10 14:33 - 2017-04-28 02:47 - 00501088 _____ (Microsoft Corporation) C:\WINDOWS\system32\spwizeng.dll
2017-05-10 14:33 - 2017-04-28 02:46 - 00410464 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinSetupUI.dll
2017-05-10 14:33 - 2017-04-28 02:44 - 00062816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fsdepends.sys
2017-05-10 14:33 - 2017-04-28 02:42 - 00526176 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimserv.exe
2017-05-10 14:33 - 2017-04-28 02:42 - 00328008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Storage.ApplicationData.dll
2017-05-10 14:33 - 2017-04-28 02:40 - 02759704 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2017-05-10 14:33 - 2017-04-28 02:40 - 02187104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2017-05-10 14:33 - 2017-04-28 02:40 - 01738560 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2017-05-10 14:33 - 2017-04-28 02:40 - 01157000 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2017-05-10 14:33 - 2017-04-28 02:40 - 00578400 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2017-05-10 14:33 - 2017-04-28 02:40 - 00402784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2017-05-10 14:33 - 2017-04-28 02:40 - 00146784 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostCommon.dll
2017-05-10 14:33 - 2017-04-28 02:40 - 00026976 _____ (Microsoft Corporation) C:\WINDOWS\system32\browser_broker.exe
2017-05-10 14:33 - 2017-04-28 02:39 - 00624048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2017-05-10 14:33 - 2017-04-28 02:38 - 02915704 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2017-05-10 14:33 - 2017-04-28 02:38 - 02446704 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2017-05-10 14:33 - 2017-04-28 02:38 - 01852200 _____ (Microsoft Corporation) C:\WINDOWS\system32\crypt32.dll
2017-05-10 14:33 - 2017-04-28 02:38 - 01267512 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2017-05-10 14:33 - 2017-04-28 02:38 - 00431968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2017-05-10 14:33 - 2017-04-28 02:34 - 04674360 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2017-05-10 14:33 - 2017-04-28 02:34 - 01600624 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2017-05-10 14:33 - 2017-04-28 02:34 - 01277824 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2017-05-10 14:33 - 2017-04-28 02:34 - 00241504 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHost.dll
2017-05-10 14:33 - 2017-04-28 02:30 - 01569184 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2017-05-10 14:33 - 2017-04-28 02:30 - 00322912 _____ (Microsoft Corporation) C:\WINDOWS\system32\input.dll
2017-05-10 14:33 - 2017-04-28 02:28 - 00455520 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2017-05-10 14:33 - 2017-04-28 02:21 - 00073728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdc.ocx
2017-05-10 14:33 - 2017-04-28 02:19 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbonRes.dll
2017-05-10 14:33 - 2017-04-28 02:19 - 00081408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2017-05-10 14:33 - 2017-04-28 02:15 - 00822784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2017-05-10 14:33 - 2017-04-28 02:15 - 00126464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
2017-05-10 14:33 - 2017-04-28 02:14 - 00306688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2017-05-10 14:33 - 2017-04-28 02:14 - 00270336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2017-05-10 14:33 - 2017-04-28 02:12 - 00635904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2017-05-10 14:33 - 2017-04-28 02:12 - 00236544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2017-05-10 14:33 - 2017-04-28 02:11 - 00340480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2017-05-10 14:33 - 2017-04-28 02:10 - 07216640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2017-05-10 14:33 - 2017-04-28 02:10 - 00661504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll
2017-05-10 14:33 - 2017-04-28 02:08 - 18365440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2017-05-10 14:33 - 2017-04-28 02:06 - 22569472 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2017-05-10 14:33 - 2017-04-28 02:06 - 00691712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2017-05-10 14:33 - 2017-04-28 02:05 - 19414016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2017-05-10 14:33 - 2017-04-28 02:05 - 01631232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll
2017-05-10 14:33 - 2017-04-28 02:03 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbonRes.dll
2017-05-10 14:33 - 2017-04-28 02:03 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdc.ocx
2017-05-10 14:33 - 2017-04-28 02:03 - 00081408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\raspppoe.sys
2017-05-10 14:33 - 2017-04-28 02:03 - 00032256 _____ (Microsoft Corporation) C:\WINDOWS\system32\BthTelemetry.dll
2017-05-10 14:33 - 2017-04-28 02:03 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\odbcconf.dll
2017-05-10 14:33 - 2017-04-28 02:02 - 00019456 _____ (Microsoft Corporation) C:\WINDOWS\system32\appidcertstorecheck.exe
2017-05-10 14:33 - 2017-04-28 02:01 - 00259072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Family.SyncEngine.dll
2017-05-10 14:33 - 2017-04-28 02:01 - 00185344 _____ (Microsoft Corporation) C:\WINDOWS\system32\DisplayManager.dll
2017-05-10 14:33 - 2017-04-28 02:01 - 00156160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Family.Client.dll
2017-05-10 14:33 - 2017-04-28 02:01 - 00129536 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_ClosedCaptioning.dll
2017-05-10 14:33 - 2017-04-28 02:01 - 00090624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Printers.dll
2017-05-10 14:33 - 2017-04-28 02:01 - 00051712 _____ (Microsoft Corporation) C:\WINDOWS\system32\virtdisk.dll
2017-05-10 14:33 - 2017-04-28 02:00 - 00196096 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDeviceRegistration.dll
2017-05-10 14:33 - 2017-04-28 02:00 - 00193536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.WiFi.dll
2017-05-10 14:33 - 2017-04-28 02:00 - 00165376 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll
2017-05-10 14:33 - 2017-04-28 02:00 - 00148480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.System.Profile.RetailInfo.dll
2017-05-10 14:33 - 2017-04-28 02:00 - 00120832 _____ (Microsoft Corporation) C:\WINDOWS\system32\BluetoothApis.dll
2017-05-10 14:33 - 2017-04-28 02:00 - 00101888 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDeviceRegistration.Ngc.dll
2017-05-10 14:33 - 2017-04-28 02:00 - 00099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2017-05-10 14:33 - 2017-04-28 02:00 - 00073216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryBroker.dll
2017-05-10 14:33 - 2017-04-28 01:59 - 12187136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2017-05-10 14:33 - 2017-04-28 01:59 - 00635904 _____ (Microsoft Corporation) C:\WINDOWS\system32\FlightSettings.dll
2017-05-10 14:33 - 2017-04-28 01:59 - 00567296 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevicePairing.dll
2017-05-10 14:33 - 2017-04-28 01:59 - 00375296 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastlsext.dll
2017-05-10 14:33 - 2017-04-28 01:59 - 00186368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Radios.dll
2017-05-10 14:33 - 2017-04-28 01:59 - 00124416 _____ (Microsoft Corporation) C:\WINDOWS\system32\appidsvc.dll
2017-05-10 14:33 - 2017-04-28 01:59 - 00122880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryClient.dll
2017-05-10 14:33 - 2017-04-28 01:58 - 00547840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Gaming.Input.dll
2017-05-10 14:33 - 2017-04-28 01:58 - 00418304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.BlockedShutdown.dll
2017-05-10 14:33 - 2017-04-28 01:58 - 00360448 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpencom.dll
2017-05-10 14:33 - 2017-04-28 01:58 - 00289792 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeveloperOptionsSettingsHandlers.dll
2017-05-10 14:33 - 2017-04-28 01:58 - 00276992 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2017-05-10 14:33 - 2017-04-28 01:58 - 00231424 _____ (Microsoft Corporation) C:\WINDOWS\system32\shutdownux.dll
2017-05-10 14:33 - 2017-04-28 01:58 - 00150016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.AppDefaults.dll
2017-05-10 14:33 - 2017-04-28 01:58 - 00144896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Lights.dll
2017-05-10 14:33 - 2017-04-28 01:58 - 00130560 _____ (Microsoft Corporation) C:\WINDOWS\system32\ConsentUX.dll
2017-05-10 14:33 - 2017-04-28 01:57 - 00651264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.AllJoyn.dll
2017-05-10 14:33 - 2017-04-28 01:57 - 00568320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.LowLevel.dll
2017-05-10 14:33 - 2017-04-28 01:57 - 00505856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.WiFiDirect.dll
2017-05-10 14:33 - 2017-04-28 01:57 - 00502784 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastls.dll
2017-05-10 14:33 - 2017-04-28 01:57 - 00279552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.HumanInterfaceDevice.dll
2017-05-10 14:33 - 2017-04-28 01:57 - 00268800 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserMgrProxy.dll
2017-05-10 14:33 - 2017-04-28 01:57 - 00243712 _____ (Microsoft Corporation) C:\WINDOWS\system32\credprovhost.dll
2017-05-10 14:33 - 2017-04-28 01:57 - 00241152 _____ (Microsoft Corporation) C:\WINDOWS\system32\dafBth.dll
2017-05-10 14:33 - 2017-04-28 01:57 - 00223744 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2017-05-10 14:33 - 2017-04-28 01:57 - 00157184 _____ (Microsoft Corporation) C:\WINDOWS\system32\bthserv.dll
2017-05-10 14:33 - 2017-04-28 01:57 - 00139264 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2017-05-10 14:33 - 2017-04-28 01:57 - 00132096 _____ (Microsoft Corporation) C:\WINDOWS\system32\PrintWSDAHost.dll
2017-05-10 14:33 - 2017-04-28 01:56 - 00947712 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll
2017-05-10 14:33 - 2017-04-28 01:56 - 00912384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.SmartCards.dll
2017-05-10 14:33 - 2017-04-28 01:56 - 00692224 _____ (Microsoft Corporation) C:\WINDOWS\system32\CellularAPI.dll
2017-05-10 14:33 - 2017-04-28 01:56 - 00691200 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2017-05-10 14:33 - 2017-04-28 01:56 - 00387584 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2017-05-10 14:33 - 2017-04-28 01:56 - 00379904 _____ (Microsoft Corporation) C:\WINDOWS\system32\apprepsync.dll
2017-05-10 14:33 - 2017-04-28 01:56 - 00324608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.LockScreen.dll
2017-05-10 14:33 - 2017-04-28 01:56 - 00311296 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncSettings.dll
2017-05-10 14:33 - 2017-04-28 01:56 - 00267264 _____ (Microsoft Corporation) C:\WINDOWS\system32\vaultcli.dll
2017-05-10 14:33 - 2017-04-28 01:56 - 00147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll
2017-05-10 14:33 - 2017-04-28 01:56 - 00146432 _____ (Microsoft Corporation) C:\WINDOWS\system32\AuthBroker.dll
2017-05-10 14:33 - 2017-04-28 01:56 - 00088576 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2017-05-10 14:33 - 2017-04-28 01:55 - 06042624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2017-05-10 14:33 - 2017-04-28 01:55 - 02084352 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceFlows.DataModel.dll
2017-05-10 14:33 - 2017-04-28 01:55 - 00657920 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmans.dll
2017-05-10 14:33 - 2017-04-28 01:55 - 00431616 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpAXHolder.dll
2017-05-10 14:33 - 2017-04-28 01:55 - 00407552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2017-05-10 14:33 - 2017-04-28 01:55 - 00391168 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleacc.dll
2017-05-10 14:33 - 2017-04-28 01:55 - 00337408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Picker.dll
2017-05-10 14:33 - 2017-04-28 01:55 - 00231424 _____ (Microsoft Corporation) C:\WINDOWS\system32\bthprops.cpl
2017-05-10 14:33 - 2017-04-28 01:55 - 00176128 _____ (Microsoft Corporation) C:\WINDOWS\system32\apprepapi.dll
2017-05-10 14:33 - 2017-04-28 01:54 - 03664384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2017-05-10 14:33 - 2017-04-28 01:54 - 02027008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2017-05-10 14:33 - 2017-04-28 01:54 - 01509376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2017-05-10 14:33 - 2017-04-28 01:54 - 00949248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.PointOfService.dll
2017-05-10 14:33 - 2017-04-28 01:54 - 00472064 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Bluetooth.dll
2017-05-10 14:33 - 2017-04-28 01:54 - 00425984 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
2017-05-10 14:33 - 2017-04-28 01:54 - 00339456 _____ (Microsoft Corporation) C:\WINDOWS\system32\ConhostV2.dll
2017-05-10 14:33 - 2017-04-28 01:54 - 00329728 _____ (Microsoft Corporation) C:\WINDOWS\system32\deviceaccess.dll
2017-05-10 14:33 - 2017-04-28 01:54 - 00091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll
2017-05-10 14:33 - 2017-04-28 01:53 - 00458752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Enumeration.dll
2017-05-10 14:33 - 2017-04-28 01:53 - 00437248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Usb.dll
2017-05-10 14:33 - 2017-04-28 01:51 - 02104320 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll
2017-05-10 14:33 - 2017-04-28 01:51 - 01913856 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_fs.dll
2017-05-10 14:33 - 2017-04-28 01:51 - 01589760 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdtctm.dll
2017-05-10 14:33 - 2017-04-28 01:51 - 01584128 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_health.dll
2017-05-10 14:33 - 2017-04-28 01:51 - 00169984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Energy.dll
2017-05-10 14:33 - 2017-04-28 01:50 - 01476608 _____ (Microsoft Corporation) C:\WINDOWS\system32\RecoveryDrive.exe
2017-05-10 14:33 - 2017-04-28 01:50 - 00380416 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationApi.dll
2017-05-10 14:33 - 2017-04-28 01:50 - 00338944 _____ (Microsoft Corporation) C:\WINDOWS\system32\adsnt.dll
2017-05-10 14:33 - 2017-04-28 01:50 - 00329728 _____ (Microsoft Corporation) C:\WINDOWS\system32\fvecpl.dll
2017-05-10 14:33 - 2017-04-28 01:49 - 17198592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2017-05-10 14:33 - 2017-04-28 01:49 - 01105408 _____ (Microsoft Corporation) C:\WINDOWS\system32\MiracastReceiver.dll
2017-05-10 14:33 - 2017-04-28 01:49 - 00442368 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToDevice.dll
2017-05-10 14:33 - 2017-04-28 01:48 - 00337920 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2017-05-10 14:33 - 2017-04-28 01:48 - 00295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\dlnashext.dll
2017-05-10 14:33 - 2017-04-28 01:48 - 00187904 _____ (Microsoft Corporation) C:\WINDOWS\system32\dialclient.dll
2017-05-10 14:33 - 2017-04-28 01:47 - 09131008 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2017-05-10 14:33 - 2017-04-28 01:47 - 03290112 _____ (Microsoft Corporation) C:\WINDOWS\system32\mispace.dll
2017-05-10 14:33 - 2017-04-28 01:47 - 01790464 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationFramework.dll
2017-05-10 14:33 - 2017-04-28 01:47 - 00942080 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2017-05-10 14:33 - 2017-04-28 01:47 - 00649216 _____ (Microsoft Corporation) C:\WINDOWS\system32\vds.exe
2017-05-10 14:33 - 2017-04-28 01:46 - 02861056 _____ (Microsoft Corporation) C:\WINDOWS\system32\storagewmi.dll
2017-05-10 14:33 - 2017-04-28 01:46 - 01547264 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbengine.exe
2017-05-10 14:33 - 2017-04-28 01:46 - 01443328 _____ (Microsoft Corporation) C:\WINDOWS\system32\VSSVC.exe
2017-05-10 14:33 - 2017-04-28 01:46 - 00501248 _____ (Microsoft Corporation) C:\WINDOWS\system32\imapi2.dll
2017-05-10 14:33 - 2017-04-28 01:46 - 00374784 _____ (Microsoft Corporation) C:\WINDOWS\system32\resutils.dll
2017-05-10 14:33 - 2017-04-28 01:46 - 00279552 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToReceiver.dll
2017-05-10 14:33 - 2017-04-28 01:46 - 00049664 _____ (Microsoft Corporation) C:\WINDOWS\system32\catsrvps.dll
2017-05-10 14:33 - 2017-04-28 01:45 - 23677440 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2017-05-10 14:33 - 2017-04-28 01:45 - 00946688 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_sr.dll
2017-05-10 14:33 - 2017-04-28 01:45 - 00628736 _____ (Microsoft Corporation) C:\WINDOWS\system32\uReFS.dll
2017-05-10 14:33 - 2017-04-28 01:45 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2017-05-10 14:33 - 2017-04-28 01:45 - 00167936 _____ (Microsoft Corporation) C:\WINDOWS\system32\ErrorDetails.dll
2017-05-10 14:33 - 2017-04-28 01:45 - 00130560 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpaceAgent.exe
2017-05-10 14:33 - 2017-04-28 01:45 - 00112640 _____ (Microsoft Corporation) C:\WINDOWS\system32\CameraCaptureUI.dll
2017-05-10 14:33 - 2017-04-28 01:44 - 13091328 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2017-05-10 14:33 - 2017-04-28 01:44 - 04749824 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2017-05-10 14:33 - 2017-04-28 01:44 - 01010176 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2017-05-10 14:33 - 2017-04-28 01:44 - 00937984 _____ (Microsoft Corporation) C:\WINDOWS\system32\MCRecvSrc.dll
2017-05-10 14:33 - 2017-04-28 01:44 - 00896512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.AccountsControl.dll
2017-05-10 14:33 - 2017-04-28 01:44 - 00775168 _____ (Microsoft Corporation) C:\WINDOWS\system32\GamePanel.exe
2017-05-10 14:33 - 2017-04-28 01:44 - 00410112 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevicesFlowBroker.dll
2017-05-10 14:33 - 2017-04-28 01:44 - 00139776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Devices.dll
2017-05-10 14:33 - 2017-04-28 01:43 - 01184256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Unistore.dll
2017-05-10 14:33 - 2017-04-28 01:43 - 00634368 _____ (Microsoft Corporation) C:\WINDOWS\system32\StructuredQuery.dll
2017-05-10 14:33 - 2017-04-28 01:43 - 00600576 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptui.dll
2017-05-10 14:33 - 2017-04-28 01:43 - 00560128 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppReadiness.dll
2017-05-10 14:33 - 2017-04-28 01:43 - 00539136 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToManager.dll
2017-05-10 14:33 - 2017-04-28 01:43 - 00467968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Geolocation.dll
2017-05-10 14:33 - 2017-04-28 01:43 - 00460800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Midi.dll
2017-05-10 14:33 - 2017-04-28 01:43 - 00320512 _____ (Microsoft Corporation) C:\WINDOWS\system32\thumbcache.dll
2017-05-10 14:33 - 2017-04-28 01:42 - 08125440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2017-05-10 14:33 - 2017-04-28 01:42 - 01692160 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2017-05-10 14:33 - 2017-04-28 01:42 - 01021440 _____ (Microsoft Corporation) C:\WINDOWS\system32\usermgr.dll
2017-05-10 14:33 - 2017-04-28 01:42 - 00945664 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll
2017-05-10 14:33 - 2017-04-28 01:42 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2017-05-10 14:33 - 2017-04-28 01:41 - 01359872 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModel.dll
2017-05-10 14:33 - 2017-04-28 01:41 - 00890368 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll
2017-05-10 14:33 - 2017-04-28 01:41 - 00828416 _____ (Microsoft Corporation) C:\WINDOWS\system32\appwiz.cpl
2017-05-10 14:33 - 2017-04-28 01:41 - 00759296 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2017-05-10 14:33 - 2017-04-28 01:41 - 00650752 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2017-05-10 14:33 - 2017-04-28 01:41 - 00591360 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2017-05-10 14:33 - 2017-04-28 01:41 - 00376832 _____ (Microsoft Corporation) C:\WINDOWS\system32\CryptoWinRT.dll
2017-05-10 14:33 - 2017-04-28 01:40 - 04474368 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_47.dll
2017-05-10 14:33 - 2017-04-28 01:40 - 02914816 _____ (Microsoft Corporation) C:\WINDOWS\system32\CertEnroll.dll
2017-05-10 14:33 - 2017-04-28 01:40 - 02510848 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2017-05-10 14:33 - 2017-04-28 01:40 - 02208768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Printing.3D.dll
2017-05-10 14:33 - 2017-04-28 01:40 - 02096640 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2017-05-10 14:33 - 2017-04-28 01:40 - 01643008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.dll
2017-05-10 14:33 - 2017-04-28 01:40 - 01586176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Globalization.dll
2017-05-10 14:33 - 2017-04-28 01:40 - 01040896 _____ (Microsoft Corporation) C:\WINDOWS\system32\NaturalLanguage6.dll
2017-05-10 14:33 - 2017-04-28 01:40 - 00971264 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll
2017-05-10 14:33 - 2017-04-28 01:40 - 00913920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.dll
2017-05-10 14:33 - 2017-04-28 01:40 - 00886784 _____ (Microsoft Corporation) C:\WINDOWS\system32\CPFilters.dll
2017-05-10 14:33 - 2017-04-28 01:40 - 00770560 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2017-05-10 14:33 - 2017-04-28 01:39 - 00673792 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2017-05-10 14:33 - 2017-04-28 01:38 - 05611008 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll
2017-05-10 14:33 - 2017-04-28 01:38 - 01490432 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2017-05-10 14:33 - 2017-04-28 01:38 - 01275392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Bluetooth.dll
2017-05-10 14:33 - 2017-04-28 01:37 - 04744192 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2017-05-10 14:33 - 2017-04-28 01:37 - 02895872 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2017-05-10 14:33 - 2017-04-28 01:37 - 02316288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2017-05-10 14:33 - 2017-04-28 01:37 - 02286592 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2017-05-10 14:33 - 2017-04-28 01:37 - 02216960 _____ (Microsoft Corporation) C:\WINDOWS\system32\OpcServices.dll
2017-05-10 14:33 - 2017-04-28 01:37 - 01783296 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2017-05-10 14:33 - 2017-04-28 01:37 - 01637888 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2017-05-10 14:33 - 2017-04-28 01:37 - 00881664 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2017-05-10 14:33 - 2017-04-28 01:37 - 00875520 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2017-05-10 14:33 - 2017-04-28 01:36 - 03613184 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2017-05-10 14:33 - 2017-04-28 01:36 - 02691072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2017-05-10 14:33 - 2017-04-28 01:36 - 02478080 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2017-05-10 14:33 - 2017-04-28 01:36 - 01844224 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2017-05-10 14:33 - 2017-04-28 01:36 - 01513472 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2017-05-10 14:33 - 2017-04-28 01:36 - 01328640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.Http.dll
2017-05-10 14:33 - 2017-04-28 01:36 - 00774656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.dll
2017-05-10 14:33 - 2017-04-28 01:36 - 00735744 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2017-05-10 14:33 - 2017-04-28 01:36 - 00716800 _____ (Microsoft Corporation) C:\WINDOWS\system32\ShareHost.dll
2017-05-10 14:33 - 2017-04-28 01:35 - 01121280 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2017-05-10 14:33 - 2017-04-28 01:35 - 00924672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.BackgroundTransfer.dll
2017-05-10 14:33 - 2017-04-28 01:34 - 00439296 _____ (Microsoft Corporation) C:\WINDOWS\system32\wksprt.exe
2017-05-10 14:33 - 2017-04-28 01:34 - 00394240 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpclip.exe
2017-05-10 14:33 - 2017-04-28 01:34 - 00035328 _____ (Microsoft Corporation) C:\WINDOWS\system32\spaceman.exe
2017-05-10 14:33 - 2017-04-28 01:33 - 01817088 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.dll
2017-05-10 14:33 - 2017-03-04 08:26 - 00261632 _____ (Microsoft Corporation) C:\WINDOWS\system32\indexeddbserver.dll
2017-05-10 14:33 - 2017-03-04 08:25 - 01060352 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppContracts.dll
2017-05-10 14:33 - 2016-12-21 09:09 - 00368640 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneBackupHandler.dll
2017-05-04 18:16 - 2017-05-04 18:16 - 00004182 _____ C:\WINDOWS\System32\Tasks\{BCC45D64-0B6F-EACF-2DE6-5C519E1B3A6A}
2017-05-04 18:16 - 2017-05-04 18:16 - 00004182 _____ C:\WINDOWS\System32\Tasks\{66527076-D1F9-C7DD-F9E2-F0B84CD92CBF}
2017-05-01 15:06 - 2017-05-21 12:00 - 00003550 _____ C:\WINDOWS\System32\Tasks\ASUS Live Update1
2017-04-26 16:07 - 2017-05-18 17:56 - 00000000 ____D C:\Program Files (x86)\iolo
2017-04-26 16:07 - 2017-04-26 16:23 - 00000000 ____D C:\ProgramData\iolo
2017-04-26 16:07 - 2017-04-26 16:07 - 00074703 _____ C:\WINDOWS\SysWOW64\mfc45.dat
2017-04-26 14:51 - 2017-04-26 14:50 - 00110144 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-64.dll
2017-04-26 14:04 - 2017-04-26 14:04 - 00000000 ____D C:\Users\Pitti\AppData\LocalLow\Oracle
2017-04-22 19:26 - 2017-04-22 19:26 - 00041485 _____ C:\Users\Pitti\Downloads\Sildurs Vibrant Shaders v1.141 Lite.zip
2017-04-22 19:17 - 2017-04-22 19:18 - 00000000 ____D C:\Users\Pitti\Downloads\Hier lassen!

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2017-05-21 14:38 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\AppReadiness
2017-05-21 14:34 - 2017-02-25 13:26 - 00000165 _____ C:\Users\Pitti\AppData\Roaming\sp_data.sys
2017-05-21 14:34 - 2017-01-02 13:26 - 00000000 ____D C:\Program Files (x86)\Steam
2017-05-21 14:34 - 2016-03-23 14:36 - 00000000 ____D C:\ProgramData\ASUS Smart Gesture
2017-05-21 14:33 - 2016-10-03 11:06 - 00000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2017-05-21 14:33 - 2016-03-22 06:25 - 00000000 __SHD C:\Users\Pitti\IntelGraphicsProfiles
2017-05-21 14:32 - 2016-10-03 11:32 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-05-21 14:32 - 2016-07-16 08:04 - 00786432 _____ C:\WINDOWS\system32\config\BBI
2017-05-21 14:31 - 2016-10-03 11:12 - 00000000 ____D C:\Users\Pitti
2017-05-21 14:10 - 2016-10-03 11:03 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2017-05-21 12:00 - 2016-10-03 11:32 - 00003540 _____ C:\WINDOWS\System32\Tasks\ASUS Live Update2
2017-05-21 11:33 - 2017-02-25 17:22 - 00000000 ____D C:\Users\Pitti\AppData\Roaming\Origin
2017-05-21 11:32 - 2016-03-27 11:48 - 00000000 ____D C:\ProgramData\Origin
2017-05-20 16:45 - 2017-04-10 14:16 - 00000000 ____D C:\Users\Pitti\.litwrl
2017-05-20 13:45 - 2016-10-18 20:49 - 626645085 _____ C:\WINDOWS\MEMORY.DMP
2017-05-20 13:45 - 2016-10-18 20:49 - 00000000 ____D C:\WINDOWS\Minidump
2017-05-20 13:22 - 2016-07-16 13:47 - 00000000 ___HD C:\Program Files\WindowsApps
2017-05-19 20:32 - 2017-02-25 16:16 - 00000000 ____D C:\Users\Pitti\AppData\Local\Google
2017-05-19 20:32 - 2016-04-01 12:11 - 00000000 ____D C:\Program Files (x86)\Google
2017-05-18 18:04 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2017-05-18 17:58 - 2016-10-03 11:44 - 00000008 __RSH C:\Users\Pitti\ntuser.pol
2017-05-18 17:58 - 2016-05-01 16:43 - 00000008 __RSH C:\ProgramData\ntuser.pol
2017-05-18 17:56 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\SysWOW64\GroupPolicy
2017-05-18 17:56 - 2016-05-17 13:49 - 00000000 ____D C:\ProgramData\IObit
2017-05-18 17:56 - 2015-07-10 13:04 - 00000000 ___HD C:\WINDOWS\system32\GroupPolicy
2017-05-17 16:36 - 2017-01-24 17:07 - 00000000 ____D C:\Program Files (x86)\Origin
2017-05-17 14:25 - 2016-07-16 13:45 - 00000000 ____D C:\WINDOWS\INF
2017-05-16 16:56 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\appraiser
2017-05-16 16:56 - 2016-07-16 13:36 - 00000000 ____D C:\WINDOWS\CbsTemp
2017-05-13 17:07 - 2017-04-10 13:06 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2017-05-13 16:26 - 2016-11-21 20:28 - 00000000 ____D C:\Users\Pitti\.gimp-2.8
2017-05-13 15:55 - 2016-03-22 21:32 - 00000000 ____D C:\Users\Pitti\Documents\Spiele
2017-05-13 14:52 - 2016-07-17 00:51 - 01038652 _____ C:\WINDOWS\system32\perfh007.dat
2017-05-13 14:52 - 2016-07-17 00:51 - 00241020 _____ C:\WINDOWS\system32\perfc007.dat
2017-05-13 14:52 - 2015-08-18 07:20 - 02498702 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-05-13 13:59 - 2017-02-23 15:43 - 00000000 ____D C:\Users\Default\AppData\Local\AdvinstAnalytics
2017-05-13 13:59 - 2017-02-23 15:43 - 00000000 ____D C:\Users\Default User\AppData\Local\AdvinstAnalytics
2017-05-13 09:07 - 2016-07-16 13:47 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2017-05-13 09:06 - 2015-08-18 07:29 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2017-05-12 17:18 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\rescache
2017-05-12 15:32 - 2016-10-03 11:06 - 00000000 ____D C:\Program Files\Realtek
2017-05-12 15:32 - 2016-07-16 13:47 - 00000000 __SHD C:\Program Files\Windows Sidebar
2017-05-11 18:14 - 2016-02-13 19:30 - 00000000 __RHD C:\Users\Public\AccountPictures
2017-05-11 18:11 - 2016-10-03 11:03 - 00339080 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2017-05-10 21:24 - 2016-07-16 13:47 - 00000000 ___SD C:\WINDOWS\SysWOW64\F12
2017-05-10 21:24 - 2016-07-16 13:47 - 00000000 ___SD C:\WINDOWS\system32\F12
2017-05-10 21:24 - 2016-07-16 13:47 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2017-05-10 21:24 - 2016-07-16 13:47 - 00000000 ___RD C:\Program Files\Windows Defender
2017-05-10 21:24 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2017-05-10 21:24 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\oobe
2017-05-10 21:24 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\ShellExperiences
2017-05-10 21:24 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\Provisioning
2017-05-10 21:24 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\PolicyDefinitions
2017-05-10 21:24 - 2016-07-16 13:47 - 00000000 ____D C:\Program Files\Windows Photo Viewer
2017-05-10 21:24 - 2016-07-16 13:47 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2017-05-10 21:24 - 2016-07-16 13:47 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2017-05-10 21:24 - 2016-07-16 08:04 - 00000000 ____D C:\WINDOWS\SysWOW64\Dism
2017-05-10 14:41 - 2016-04-30 12:30 - 00000000 ____D C:\WINDOWS\system32\MRT
2017-05-10 14:39 - 2016-04-30 12:30 - 156335152 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-05-10 14:09 - 2016-07-16 13:42 - 00073728 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSManMigrationPlugin.dll
2017-05-05 19:35 - 2015-12-17 07:31 - 00000000 ____D C:\ProgramData\McAfee
2017-05-05 19:30 - 2016-10-03 11:32 - 00000000 ____D C:\WINDOWS\System32\Tasks\McAfee
2017-05-05 19:30 - 2016-07-16 08:04 - 00032768 _____ C:\WINDOWS\system32\config\ELAM
2017-05-05 19:29 - 2015-10-30 08:28 - 00000000 ____D C:\Users\Default.migrated
2017-05-04 18:16 - 2017-04-13 23:32 - 00000000 ____D C:\ProgramData\{FEEFEE2F-4944-5984-A8C7-CDE4FAC6874A}
2017-05-04 18:16 - 2017-04-13 23:32 - 00000000 ____D C:\ProgramData\{F84DC8A7-4FE6-7F0C-0441-899F2FBD9651}
2017-05-03 19:33 - 2016-04-01 17:14 - 00000000 ____D C:\Users\Pitti\Documents\Word - Dokumente
2017-04-29 02:59 - 2017-04-12 23:31 - 00835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2017-04-29 02:59 - 2017-04-12 23:31 - 00177656 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2017-04-28 03:01 - 2016-10-03 11:06 - 02717184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2017-04-26 14:54 - 2016-04-01 13:16 - 00000000 ____D C:\ProgramData\Oracle
2017-04-26 14:51 - 2017-04-10 18:12 - 00000000 ____D C:\Program Files\Java
2017-04-26 14:50 - 2017-04-10 18:12 - 00110144 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge-64.dll
2017-04-22 17:33 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\NDF
2017-04-22 15:20 - 2017-04-10 13:00 - 00000000 ____D C:\Users\Pitti\AppData\Roaming\.minecraft

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2017-02-25 13:26 - 2017-05-21 14:34 - 0000165 _____ () C:\Users\Pitti\AppData\Roaming\sp_data.sys
2016-10-03 11:07 - 2016-10-03 11:07 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

Einige Dateien in TEMP:
====================
2017-05-12 11:58 - 2017-05-12 11:58 - 0585370 _____ (                                                            ) C:\Users\Pitti\AppData\Local\Temp\241712c2-6a9a-481a-8f0b-fc4a49fb9424.exe
2017-04-26 14:04 - 2017-04-26 14:04 - 0739904 _____ (Oracle Corporation) C:\Users\Pitti\AppData\Local\Temp\jre-8u131-windows-au.exe
2016-02-23 12:43 - 2016-02-23 12:43 - 0120336 _____ (McAfee, Inc.) C:\Users\Pitti\AppData\Local\Temp\McCSPInstall.dll
2017-05-05 19:29 - 2016-02-23 12:43 - 0123360 _____ (McAfee Inc.) C:\Users\Pitti\AppData\Local\Temp\mccspuninstall.exe
2015-08-14 14:29 - 2015-07-29 22:08 - 0681097 _____ (SQLite Development Team) C:\Users\Pitti\AppData\Local\Temp\sqlite3.dll

==================== Bamital & volsnap ======================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert

LastRegBack: 2017-05-12 17:09

==================== Ende von FRST.txt ============================

und der 1. Teil von der mbam:

Code:

ATTFilter

Malwarebytes
www.malwarebytes.com

-Protokolldetails-
Scan-Datum: 21.05.17
Scan-Zeit: 14:14
Protokolldatei: mbam.txt
Administrator: Ja

-Softwaredaten-
Version: 3.1.2.1733
Komponentenversion: 1.0.122
Version des Aktualisierungspakets: 1.0.1987
Lizenz: Testversion

-Systemdaten-
Betriebssystem: Windows 10
CPU: x64
Dateisystem: NTFS
Benutzer: DESKTOP-TP9DC4I\Pitti

-Scan-Übersicht-
Scan-Typ: Bedrohungs-Scan
Ergebnis: Abgeschlossen
Gescannte Objekte: 392695
Erkannte Bedrohungen: 807
In die Quarantäne verschobene Bedrohungen: 806
Abgelaufene Zeit: 8 Min., 33 Sek.

-Scan-Optionen-
Speicher: Aktiviert
Start: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

-Scan-Details-
Prozess: 2
Adware.FileTour, C:\PROGRAMDATA\{EA4DE132-5DE6-5699-DDC3-8A4739838DA0}\DA07638A-6DAC-D421-ABCE-45A160C42F00.EXE, In Quarantäne, [240], [397403],1.0.1987
Adware.FileTour, C:\PROGRAMDATA\{26AA403A-9101-F791-915D-90DE7C22D4DC}\023A4473-B591-F3D8-8332-16CCB19D71B7.EXE, In Quarantäne, [240], [397403],1.0.1987

Modul: 2
Adware.FileTour, C:\PROGRAMDATA\{EA4DE132-5DE6-5699-DDC3-8A4739838DA0}\DA07638A-6DAC-D421-ABCE-45A160C42F00.EXE, In Quarantäne, [240], [397403],1.0.1987
Adware.FileTour, C:\PROGRAMDATA\{26AA403A-9101-F791-915D-90DE7C22D4DC}\023A4473-B591-F3D8-8332-16CCB19D71B7.EXE, In Quarantäne, [240], [397403],1.0.1987

Registrierungsschlüssel: 37
PUP.Optional.StartGo123, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\NetUtils2016, In Quarantäne, [669], [325509],1.0.1987
PUP.Optional.DownloadProtect, HKLM\SOFTWARE\CLASSES\CLSID\{C654F3FE-8E84-4BB7-87CF-8D9171FC3C73}, In Quarantäne, [963], [167924],1.0.1987
PUP.Optional.DownloadProtect, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{C654F3FE-8E84-4BB7-87CF-8D9171FC3C73}, In Quarantäne, [963], [167924],1.0.1987
PUP.Optional.ByteFence, HKLM\SOFTWARE\MICROSOFT\TRACING\ByteFence_RASAPI32, In Quarantäne, [616], [389038],1.0.1987
PUP.Optional.ByteFence, HKLM\SOFTWARE\MICROSOFT\TRACING\ByteFence_RASMANCS, In Quarantäne, [616], [389038],1.0.1987
PUP.Optional.DNSUnlocker.ACMB2, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{591e1035}, In Quarantäne, [28], [260250],1.0.1987
PUP.Optional.OnlineIO, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{148E3E58-4318-4862-AF6A-6CD424956DF9}, In Quarantäne, [542], [317311],1.0.1987
PUP.Optional.Goobzo, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{43DDFC13-D251-4D4E-9035-ACC3131E7444}, In Quarantäne, [342], [258228],1.0.1987
PUP.Optional.OnlineIO, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{4C3E35AD-3C14-4459-9926-B85A3D527194}, In Quarantäne, [542], [333861],1.0.1987
PUP.Optional.OnlineIO, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{900990C8-6C4E-4281-B190-311B491074BC}, In Quarantäne, [542], [317311],1.0.1987
PUP.Optional.OnlineIO, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{950C5063-7DC1-4C42-8C97-3363EE3E877D}, In Quarantäne, [542], [333861],1.0.1987
PUP.Optional.OnlineIO, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{AFB50682-1153-4462-BE31-2EFA614115D4}, In Quarantäne, [542], [333861],1.0.1987
PUP.Optional.OnlineIO, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{B0B56013-3EDC-4373-9D72-8F74AA1365EF}, In Quarantäne, [542], [333861],1.0.1987
PUP.Optional.OnlineIO, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{C3C12DFB-E158-4B37-ACE1-D74D3A301126}, In Quarantäne, [542], [333861],1.0.1987
PUP.Optional.OnlineIO, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{CFBC55E6-C36C-4DBA-8611-4FBB973714C3}, In Quarantäne, [542], [317311],1.0.1987
Adware.OnlineIO, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{D90B0874-0A56-48B3-8F67-044DB3CA157C}, In Quarantäne, [9295], [399424],1.0.1987
PUP.Optional.OnlineIO, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{D9929395-7B21-4088-AA19-339478854ECA}, In Quarantäne, [542], [333861],1.0.1987
PUP.Optional.BitCoinMiner, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\gplyra, In Quarantäne, [194], [317317],1.0.1987
PUP.Optional.Elex.ShrtCln, HKLM\SOFTWARE\MOZILLA\FIREFOX\{EB52F1AB-3C2B-424F-9794-833C687025CF}, In Quarantäne, [993], [316191],1.0.1987
PUP.Optional.Wajam.Gen, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\NLASVC\PARAMETERS\INTERNET\MANUALPROXIES, In Quarantäne, [15575], [-1],0.0.0
PUP.Optional.OnlineIO, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\Online Application v209, Löschen bei Neustart, [542], [317313],1.0.1987
PUP.Optional.OnlineIO, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\Online Application v209 Guard, Löschen bei Neustart, [542], [317313],1.0.1987
PUP.Optional.InstaTime, HKU\S-1-5-21-1585193191-2329745140-1049602013-1001\SOFTWARE\APPDATALOW\SOFTWARE\InstaTime, Löschen bei Neustart, [8427], [254624],1.0.1987
PUP.Optional.OnlineIO, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\Online Application v209 Guardian, Löschen bei Neustart, [542], [317313],1.0.1987
PUP.Optional.Goobzo, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\SMW_UpdateTask_Time_3335303535313533392d2d5b50342a4155456c5a236c, Löschen bei Neustart, [342], [186804],1.0.1987
PUP.Optional.OnlineIO, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\Traffic Exchange v2 - 1, Löschen bei Neustart, [542], [333862],1.0.1987
PUP.Optional.OnlineIO, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\Traffic Exchange v2 - 2, Löschen bei Neustart, [542], [333862],1.0.1987
PUP.Optional.OnlineIO, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\Traffic Exchange v2 - 3, Löschen bei Neustart, [542], [333862],1.0.1987
PUP.Optional.OnlineIO, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\Traffic Exchange v209 - 1, Löschen bei Neustart, [542], [333862],1.0.1987
PUP.Optional.OnlineIO, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\Traffic Exchange v209 - 2, Löschen bei Neustart, [542], [333862],1.0.1987
PUP.Optional.OnlineIO, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\Traffic Exchange v209 - 3, Löschen bei Neustart, [542], [333862],1.0.1987
Adware.OnlineIO, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\Updater_Online_Special_Application, Löschen bei Neustart, [9295], [399426],1.0.1987
PUP.Optional.OnlineIO, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{F0847AE0-465A-4D7B-A555-AABB43B550F0}, Löschen bei Neustart, [542], [398593],1.0.1987
PUP.Optional.OnlineIO, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{52F7BE5C-2C3B-4C7B-A96D-F19B9EC1992D}, Löschen bei Neustart, [542], [335317],1.0.1987
PUP.Optional.OnlineIO, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{57281722-3238-4A30-AAE7-85D93977E0FE}, Löschen bei Neustart, [542], [321304],1.0.1987
PUP.Optional.StartGo123, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\NetUtils2016, Löschen bei Neustart, [669], [318109],1.0.1987
Adware.DNSUnlocker.Generic, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\QForlLgs0EYm Updater, Löschen bei Neustart, [2381], [372679],1.0.1987

Registrierungswert: 27
Trojan.Agent.Generic, HKU\.DEFAULT\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|Lp2k0KLo3JN.exe, In Quarantäne, [453], [369948],1.0.1987
Trojan.Agent.Generic, HKU\S-1-5-18\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|Lp2k0KLo3JN.exe, In Quarantäne, [453], [369948],1.0.1987
PUP.Optional.DNSUnlocker.ACMB2, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{591e1035}|1, In Quarantäne, [28], [260250],1.0.1987
PUP.Optional.OnlineIO, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{148E3E58-4318-4862-AF6A-6CD424956DF9}|PATH, In Quarantäne, [542], [317311],1.0.1987
PUP.Optional.Goobzo, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{43DDFC13-D251-4D4E-9035-ACC3131E7444}|PATH, In Quarantäne, [342], [258228],1.0.1987
PUP.Optional.OnlineIO, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{4C3E35AD-3C14-4459-9926-B85A3D527194}|PATH, In Quarantäne, [542], [333861],1.0.1987
PUP.Optional.OnlineIO, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{900990C8-6C4E-4281-B190-311B491074BC}|PATH, In Quarantäne, [542], [317311],1.0.1987
PUP.Optional.OnlineIO, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{950C5063-7DC1-4C42-8C97-3363EE3E877D}|PATH, In Quarantäne, [542], [333861],1.0.1987
PUP.Optional.OnlineIO, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{AFB50682-1153-4462-BE31-2EFA614115D4}|PATH, In Quarantäne, [542], [333861],1.0.1987
PUP.Optional.OnlineIO, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{B0B56013-3EDC-4373-9D72-8F74AA1365EF}|PATH, In Quarantäne, [542], [333861],1.0.1987
PUP.Optional.OnlineIO, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{C3C12DFB-E158-4B37-ACE1-D74D3A301126}|PATH, In Quarantäne, [542], [333861],1.0.1987
PUP.Optional.OnlineIO, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{CFBC55E6-C36C-4DBA-8611-4FBB973714C3}|PATH, In Quarantäne, [542], [317311],1.0.1987
Adware.OnlineIO, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{D90B0874-0A56-48B3-8F67-044DB3CA157C}|PATH, In Quarantäne, [9295], [399424],1.0.1987
PUP.Optional.OnlineIO, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{D9929395-7B21-4088-AA19-339478854ECA}|PATH, In Quarantäne, [542], [333861],1.0.1987
PUP.Optional.Elex.ShrtCln, HKLM\SOFTWARE\MOZILLA\FIREFOX\{EB52F1AB-3C2B-424F-9794-833C687025CF}|HP, In Quarantäne, [993], [316191],1.0.1987
PUP.Optional.Elex.ShrtCln, HKLM\SOFTWARE\MOZILLA\FIREFOX\{EB52F1AB-3C2B-424F-9794-833C687025CF}|TAB, In Quarantäne, [993], [316191],1.0.1987
PUP.Optional.Wajam.Gen, HKU\S-1-5-18\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS|PROXYENABLE, In Quarantäne, [15575], [-1],0.0.0
PUP.Optional.Wajam.Gen, HKU\S-1-5-21-1585193191-2329745140-1049602013-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS|PROXYENABLE, In Quarantäne, [15575], [-1],0.0.0
PUP.Optional.Wajam.Gen, HKU\.DEFAULT\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS|PROXYENABLE, Entfernung fehlgeschlagen, [15575], [-1],0.0.0
PUP.Optional.YeaDesktop.ClnShrt, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\MAIN\FEATURECONTROL\FEATURE_BROWSER_EMULATION|YEADESKTOP.EXE, Löschen bei Neustart, [1339], [396226],1.0.1987
PUP.Optional.OnlineIO, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{52F7BE5C-2C3B-4C7B-A96D-F19B9EC1992D}|CONTACT, Löschen bei Neustart, [542], [333852],1.0.1987
PUP.Optional.OnlineIO, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{52F7BE5C-2C3B-4C7B-A96D-F19B9EC1992D}|URLINFOABOUT, Löschen bei Neustart, [542], [335317],1.0.1987
PUP.Optional.OnlineIO, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{57281722-3238-4A30-AAE7-85D93977E0FE}|CONTACT, Löschen bei Neustart, [542], [333852],1.0.1987
PUP.Optional.OnlineIO, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{57281722-3238-4A30-AAE7-85D93977E0FE}|URLINFOABOUT, Löschen bei Neustart, [542], [321304],1.0.1987
PUP.Optional.OnlineIO, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{F0847AE0-465A-4D7B-A555-AABB43B550F0}|CONTACT, Löschen bei Neustart, [542], [333852],1.0.1987
PUP.Optional.OnlineIO, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{F0847AE0-465A-4D7B-A555-AABB43B550F0}|URLINFOABOUT, Löschen bei Neustart, [542], [321304],1.0.1987
Adware.DNSUnlocker.Generic, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\QForlLgs0EYm Updater|IMAGEPATH, Löschen bei Neustart, [2381], [372679],1.0.1987

Registrierungsdaten: 14
PUP.Optional.DNSUnlocker.ACMB2, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP\PARAMETERS|NameServer, Ersetzt, [28], [-1],0.0.0
PUP.Optional.DNSUnlocker.ACMB2, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP\PARAMETERS|DhcpNameServer, Ersetzt, [28], [-1],0.0.0
PUP.Optional.DNSUnlocker.ACMB2, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP\PARAMETERS\Interfaces\{26b11a49-585f-4b43-a90c-9af3c3d7b25b}|NameServer, Ersetzt, [28], [-1],0.0.0
PUP.Optional.DNSUnlocker.ACMB2, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP\PARAMETERS\Interfaces\{5ecc1828-dea3-4170-b6c6-6d557ec1c429}|NameServer, Ersetzt, [28], [-1],0.0.0
PUP.Optional.DNSUnlocker.ACMB2, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP\PARAMETERS\Interfaces\{5ecc1828-dea3-4170-b6c6-6d557ec1c429}|DhcpNameServer, Ersetzt, [28], [-1],0.0.0
PUP.Optional.DNSUnlocker.ACMB2, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP\PARAMETERS\Interfaces\{6f16093c-bffb-4a7b-b894-777c10793d1c}|NameServer, Ersetzt, [28], [-1],0.0.0
PUP.Optional.DNSUnlocker.ACMB2, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP\PARAMETERS\Interfaces\{6f16093c-bffb-4a7b-b894-777c10793d1c}|DhcpNameServer, Ersetzt, [28], [-1],0.0.0
PUP.Optional.DNSUnlocker.ACMB2, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP\PARAMETERS\Interfaces\{996ea0b8-ca4a-4c25-9b44-fbad264c8641}|NameServer, Ersetzt, [28], [-1],0.0.0
PUP.Optional.DNSUnlocker.ACMB2, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP\PARAMETERS\Interfaces\{996ea0b8-ca4a-4c25-9b44-fbad264c8641}|DhcpNameServer, Ersetzt, [28], [-1],0.0.0
PUP.Optional.DNSUnlocker.ACMB2, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP\PARAMETERS\Interfaces\{ca4d7660-cb2f-4c16-a493-e99d991ed543}|NameServer, Ersetzt, [28], [-1],0.0.0
PUP.Optional.DNSUnlocker.ACMB2, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP\PARAMETERS\Interfaces\{ca4d7660-cb2f-4c16-a493-e99d991ed543}|DhcpNameServer, Ersetzt, [28], [-1],0.0.0
PUP.Optional.DNSUnlocker.ACMB2, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP\PARAMETERS\Interfaces\{efcfe49d-c6bb-4343-b2ec-b087ec086e71}|NameServer, Ersetzt, [28], [-1],0.0.0
PUP.Optional.DNSUnlocker.ACMB2, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP\PARAMETERS\Interfaces\{efcfe49d-c6bb-4343-b2ec-b087ec086e71}|DhcpNameServer, Ersetzt, [28], [-1],0.0.0
Trojan.DNSChanger.ACMB2, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP\PARAMETERS|NAMESERVER, Ersetzt, [6327], [293494],1.0.1987

Daten-Stream: 0
(keine bösartigen Elemente erkannt)

Luckyschatz · 21.05.2017, 13:55

Und hier der nächste Teil der mbam:

Code:

ATTFilter

Ordner: 162
PUP.Optional.BitCoinMiner, C:\WINDOWS\SYSTEM32\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\gplyra, In Quarantäne, [194], [360749],1.0.1987
PUP.Optional.HohoSearch, C:\PROGRAM FILES (X86)\Razoghchak, In Quarantäne, [79], [182513],1.0.1987
PUP.Optional.OnlineIO, C:\WINDOWS\INSTALLER\{5266F634-7B7D-4537-BDDC-98DD6CFCBAA1}, Löschen bei Neustart, [542], [391425],1.0.1987
PUP.Optional.OnlineIO, C:\WINDOWS\INSTALLER\{F0847AE0-465A-4D7B-A555-AABB43B550F0}, Löschen bei Neustart, [542], [398586],1.0.1987
PUP.Optional.InterStat, C:\Users\Pitti\AppData\Local\CrashRpt\UnsentCrashReports\Interstatnogui_389\Logs, Löschen bei Neustart, [1391], [373566],1.0.1987
PUP.Optional.InterStat, C:\USERS\PITTI\APPDATA\LOCAL\CRASHRPT\UNSENTCRASHREPORTS\Interstatnogui_389, Löschen bei Neustart, [1391], [373566],1.0.1987
PUP.Optional.InterStat, C:\Windows\SysWOW64\config\systemprofile\AppData\Local\CrashRpt\UnsentCrashReports\Interstatnogui_389\Logs, Löschen bei Neustart, [1391], [373566],1.0.1987
PUP.Optional.InterStat, C:\WINDOWS\SYSWOW64\CONFIG\SYSTEMPROFILE\APPDATA\LOCAL\CRASHRPT\UNSENTCRASHREPORTS\Interstatnogui_389, Löschen bei Neustart, [1391], [373566],1.0.1987
PUP.Optional.ConvertAd, C:\PROGRAM FILES (X86)\27603F28-1462113873-824E-9253-5F3CB24D9BA8, Löschen bei Neustart, [365], [262107],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\tar\node_modules\fstream\node_modules\rimraf\node_modules\glob\node_modules\minimatch\node_modules\brace-expansion\node_modules\concat-map\example, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\tar\node_modules\fstream\node_modules\rimraf\node_modules\glob\node_modules\minimatch\node_modules\brace-expansion\node_modules\concat-map\test, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\tar\node_modules\fstream\node_modules\rimraf\node_modules\glob\node_modules\minimatch\node_modules\brace-expansion\node_modules\balanced-match, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\tar\node_modules\fstream\node_modules\rimraf\node_modules\glob\node_modules\minimatch\node_modules\brace-expansion\node_modules\concat-map, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\tar\node_modules\fstream\node_modules\rimraf\node_modules\glob\node_modules\minimatch\node_modules\brace-expansion\node_modules, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\tar\node_modules\fstream\node_modules\rimraf\node_modules\glob\node_modules\minimatch\node_modules\brace-expansion, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\tar\node_modules\fstream\node_modules\rimraf\node_modules\glob\node_modules\inflight\node_modules\wrappy, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\tar\node_modules\fstream\node_modules\rimraf\node_modules\glob\node_modules\once\node_modules\wrappy, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\tar\node_modules\fstream\node_modules\rimraf\node_modules\glob\node_modules\minimatch\node_modules, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\tar\node_modules\fstream\node_modules\rimraf\node_modules\glob\node_modules\inflight\node_modules, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\tar\node_modules\fstream\node_modules\rimraf\node_modules\glob\node_modules\once\node_modules, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\tar\node_modules\fstream\node_modules\rimraf\node_modules\glob\node_modules\path-is-absolute, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\tar\node_modules\fstream\node_modules\rimraf\node_modules\glob\node_modules\fs.realpath, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\tar\node_modules\fstream\node_modules\rimraf\node_modules\glob\node_modules\minimatch, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\tar\node_modules\fstream\node_modules\rimraf\node_modules\glob\node_modules\inflight, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\bl\node_modules\readable-stream\node_modules\core-util-is\lib, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\combined-stream\node_modules\delayed-stream\test\integration, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\bl\node_modules\readable-stream\node_modules\string_decoder, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\tar\node_modules\fstream\node_modules\rimraf\node_modules\glob\node_modules\once, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\bl\node_modules\readable-stream\node_modules\isarray\build, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\bl\node_modules\readable-stream\node_modules\core-util-is, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\form-data\node_modules\mime-types\node_modules\mime-db, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\tar\node_modules\fstream\node_modules\rimraf\node_modules\glob\node_modules, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\bl\node_modules\readable-stream\node_modules\inherits, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\tar\node_modules\fstream\node_modules\mkdirp\node_modules\minimist\example, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\bl\node_modules\readable-stream\node_modules\isarray, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\tar\node_modules\fstream\node_modules\mkdirp\node_modules\minimist\test, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\combined-stream\node_modules\delayed-stream\test, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\combined-stream\node_modules\delayed-stream\lib, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\http-signature\node_modules\ctype\man\man3ctype, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\form-data\node_modules\mime-types\node_modules, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\tar\node_modules\fstream\node_modules\mkdirp\node_modules\minimist, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\bl\node_modules\readable-stream\node_modules, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\combined-stream\node_modules\delayed-stream, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\tar\node_modules\fstream\node_modules\rimraf\node_modules\glob, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\http-signature\node_modules\asn1\tst\ber, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\http-signature\node_modules\asn1\lib\ber, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\http-signature\node_modules\assert-plus, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\http-signature\node_modules\ctype\tools, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\http-signature\node_modules\ctype\man, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\form-data\node_modules\async\support, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\tar\node_modules\fstream\node_modules\rimraf\node_modules, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\http-signature\node_modules\asn1\lib, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\http-signature\node_modules\asn1\tst, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\tar\node_modules\fstream\node_modules\mkdirp\node_modules, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\bl\node_modules\readable-stream\lib, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\hawk\node_modules\hoek\test\modules, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\tough-cookie\node_modules\punycode, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\form-data\node_modules\mime-types, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\http-signature\node_modules\ctype, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\form-data\node_modules\async\lib, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\hawk\node_modules\cryptiles\test, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\http-signature\node_modules\asn1, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\tar\node_modules\fstream\node_modules\mkdirp\examples, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\bl\node_modules\readable-stream, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\universal-analytics\node_modules\node-uuid\benchmark, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\hawk\node_modules\cryptiles\lib, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\hawk\node_modules\sntp\examples, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\hawk\node_modules\hoek\images, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\hawk\node_modules\boom\images, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\tar\node_modules\fstream\node_modules\graceful-fs, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\combined-stream\node_modules, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\tar\node_modules\fstream\node_modules\mkdirp\test, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\form-data\node_modules\async, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\hawk\node_modules\hoek\test, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\http-signature\node_modules, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\hawk\node_modules\boom\test, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\tar\node_modules\fstream\node_modules\mkdirp\bin, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\hawk\node_modules\sntp\test, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\hawk\node_modules\cryptiles, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\hawk\node_modules\boom\lib, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\hawk\node_modules\sntp\lib, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\hawk\node_modules\hoek\lib, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\universal-analytics\node_modules\node-uuid\test, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\tough-cookie\node_modules, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\universal-analytics\node_modules\node-uuid\lib, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\json-stringify-safe\test, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\tar\node_modules\fstream\node_modules\mkdirp, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\tar\node_modules\fstream\node_modules\rimraf, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\hawk\node_modules\sntp, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\hawk\node_modules\boom, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\form-data\node_modules, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\hawk\node_modules\hoek, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\universal-analytics\node_modules\underscore, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\universal-analytics\node_modules\async\lib, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\universal-analytics\node_modules\node-uuid, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\json-stringify-safe, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\node-uuid\benchmark, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\combined-stream\lib, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\http-signature\lib, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\hawk\node_modules, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\universal-analytics\node_modules\async, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\tough-cookie\lib, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\tar\node_modules\fstream\node_modules, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\bl\node_modules, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\combined-stream, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\mime-types\lib, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\http-signature, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\node-uuid\test, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\node-uuid\lib, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\form-data\lib, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\forever-agent, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\tunnel-agent, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\tar\node_modules\fstream\examples, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\hawk\example, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\stringstream, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\tough-cookie, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\hawk\images, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\universal-analytics\node_modules, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\oauth-sign, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\mime-types, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\hawk\test, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\node-uuid, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\aws-sign2, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\form-data, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\hawk\lib, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\caseless, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\tar\node_modules\block-stream, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\bl\test, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\tar\node_modules\fstream\lib, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\qs\test, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\qs\lib, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\tar\node_modules\inherits, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\hawk, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\tar\node_modules\fstream, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\universal-analytics\test, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\universal-analytics\lib, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\bl, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\qs, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\universal-analytics, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\examples, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\tar\node_modules, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\tar\examples, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\lib, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\tar\test, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\tar\lib, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\tar, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\storage, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\images, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\WINDOWS\TEMP\NW5028_4036, Löschen bei Neustart, [2850], [371306],1.0.1987
Adware.Agent.Generic, C:\PROGRAMDATA\{26AA403A-9101-F791-915D-90DE7C22D4DC}, In Quarantäne, [1402], [331038],1.0.1987
Adware.Agent.Generic, C:\PROGRAMDATA\{EA4DE132-5DE6-5699-DDC3-8A4739838DA0}, In Quarantäne, [1402], [331038],1.0.1987
PUP.Optional.Wajam.Gen, C:\Program Files\1cc64dd1cb19ce97578e172dc264b81a\b3f0c7927356814b985017264e62de9c, Löschen bei Neustart, [15575], [259462],1.0.1987
PUP.Optional.Wajam.Gen, C:\PROGRAM FILES\1cc64dd1cb19ce97578e172dc264b81a, In Quarantäne, [15575], [259462],1.0.1987
PUP.Optional.Wajam.Gen, C:\Program Files\5a84f5cced833c1322f7463f37107ed6\b3f0c7927356814b985017264e62de9c, Löschen bei Neustart, [15575], [259462],1.0.1987
PUP.Optional.Wajam.Gen, C:\PROGRAM FILES\5a84f5cced833c1322f7463f37107ed6, Löschen bei Neustart, [15575], [259462],1.0.1987
PUP.Optional.Amonetize, C:\WINDOWS\TEMP\00028308, Löschen bei Neustart, [6], [340209],1.0.1987
Adware.OtherSearch.TSKRST, C:\Program Files (x86)\FeOLMDtF4M\nss, Löschen bei Neustart, [2795], [371199],1.0.1987
Adware.OtherSearch.TSKRST, C:\Program Files (x86)\FeOLMDtF4M\SSL, Löschen bei Neustart, [2795], [371199],1.0.1987
Adware.OtherSearch.TSKRST, C:\PROGRAM FILES (X86)\FeOLMDtF4M, Löschen bei Neustart, [2795], [371199],1.0.1987

Luckyschatz · 21.05.2017, 13:56

Und der Rest:

Code:

ATTFilter

Datei: 563
Adware.FileTour, C:\PROGRAMDATA\{EA4DE132-5DE6-5699-DDC3-8A4739838DA0}\DA07638A-6DAC-D421-ABCE-45A160C42F00.EXE, In Quarantäne, [240], [397403],1.0.1987
Adware.FileTour, C:\PROGRAMDATA\{26AA403A-9101-F791-915D-90DE7C22D4DC}\023A4473-B591-F3D8-8332-16CCB19D71B7.EXE, In Quarantäne, [240], [397403],1.0.1987
PUP.Optional.StartGo123, C:\WINDOWS\SYSTEM32\DRIVERS\NETUTILS2016.SYS, In Quarantäne, [669], [325509],1.0.1987
Trojan.Agent.Generic, C:\PROGRAMDATA\0CBA1143376C450FBB3A89392DF868D0\LP2K0KLO3JN.EXE, In Quarantäne, [453], [369948],1.0.1987
PUP.Optional.InstallChecker, C:\PROGRAMDATA\INSTALLCHECKER\INSTALLCHECKER.EXE, In Quarantäne, [1215], [329962],1.0.1987
PUP.Optional.BitCoinMiner, C:\Windows\System32\config\systemprofile\AppData\Roaming\gplyra\config.json, In Quarantäne, [194], [360749],1.0.1987
PUP.Optional.BitCoinMiner, C:\Windows\System32\config\systemprofile\AppData\Roaming\gplyra\gplyra-uninst.exe, In Quarantäne, [194], [360749],1.0.1987
PUP.Optional.BitCoinMiner, C:\Windows\System32\config\systemprofile\AppData\Roaming\gplyra\gplyra.exe, In Quarantäne, [194], [360749],1.0.1987
PUP.Optional.OnlineIO, C:\Windows\Installer\{5266F634-7B7D-4537-BDDC-98DD6CFCBAA1}\online.exe, Löschen bei Neustart, [542], [391425],1.0.1987
PUP.Optional.OnlineIO, C:\Windows\Installer\{5266F634-7B7D-4537-BDDC-98DD6CFCBAA1}\SystemFoldermsiexec.exe, Löschen bei Neustart, [542], [391425],1.0.1987
PUP.Optional.OnlineIO, C:\Windows\Installer\{F0847AE0-465A-4D7B-A555-AABB43B550F0}\online.exe, Löschen bei Neustart, [542], [398586],1.0.1987
PUP.Optional.OnlineIO, C:\Windows\Installer\{F0847AE0-465A-4D7B-A555-AABB43B550F0}\SystemFoldermsiexec.exe, Löschen bei Neustart, [542], [398586],1.0.1987
PUP.Optional.InterStat, C:\Users\Pitti\AppData\Local\CrashRpt\UnsentCrashReports\Interstatnogui_389\Logs\CrashRpt-Log-20170512-154920-{44a5ae5b-74c1-4fc6-a2e9-f97a2b2f9ed7}.txt, Löschen bei Neustart, [1391], [373566],1.0.1987
Adware.Eszjuxuan, C:\USERS\PITTI\APPDATA\ROAMING\SERVERTEST\80887.EXE, Löschen bei Neustart, [41], [397967],1.0.1987
Adware.Eszjuxuan, C:\WINDOWS\SYSWOW64\CONFIG\SYSTEMPROFILE\APPDATA\ROAMING\SERVERTEST\80887.EXE, Löschen bei Neustart, [41], [397967],1.0.1987
PUP.Optional.ConvertAd, C:\PROGRAM FILES (X86)\27603F28-1462113873-824E-9253-5F3CB24D9BA8\UNINSTALL.EXE, Löschen bei Neustart, [365], [262107],1.0.1987
PUP.Optional.ConvertAd, C:\Program Files (x86)\27603F28-1462113873-824E-9253-5F3CB24D9BA8\knsp99AF.tmpfs, Löschen bei Neustart, [365], [262107],1.0.1987
PUP.Optional.ConvertAd, C:\Program Files (x86)\27603F28-1462113873-824E-9253-5F3CB24D9BA8\vnss7CDB.tmp, Löschen bei Neustart, [365], [262107],1.0.1987
Adware.Komodia, C:\PROGRAM FILES (X86)\FEOLMDTF4M\UPDENGINE.EXE, Löschen bei Neustart, [2663], [383627],1.0.1987
Adware.OtherSearch, C:\PROGRAM FILES (X86)\FEOLMDTF4M\UNINSTALL.EXE, Löschen bei Neustart, [2142], [384381],1.0.1987
Spyware.KeyLogger, C:\PROGRAM FILES (X86)\FEOLMDTF4M\KL.DLL, Löschen bei Neustart, [133], [378200],1.0.1987
Adware.ChinAd, C:\WINDOWS\SYSTEM32\NETUTILS2016.DLL, Löschen bei Neustart, [1126], [388081],1.0.1987
PUP.Optional.Amonetize, C:\USERS\PITTI\APPDATA\LOCAL\TEMP\AMIPIXEL.CFG, Löschen bei Neustart, [6], [302488],1.0.1987
Adware.NetAdapter, C:\USERS\PITTI\APPDATA\LOCAL\TEMP\03139916F7BF4AEA900B3190D112B1A8\NETADAPTERUPDATE_SETUP.EXE, Löschen bei Neustart, [9235], [398038],1.0.1987
PUP.Optional.SpeedingUpMyPC, C:\USERS\PITTI\APPDATA\LOCAL\TEMP\W3RLSPAZ-PROG.EXE, Löschen bei Neustart, [891], [389100],1.0.1987
Adware.Komodia, C:\USERS\PITTI\APPDATA\LOCAL\TEMP\29867F326836451994DBC86B629536BF\SETUPOS_4435.EXE, Löschen bei Neustart, [2663], [399798],1.0.1987
PUP.Optional.Amonetize, C:\USERS\PITTI\APPDATA\LOCAL\TEMP\607FC49CFAA04D21A08D5343DA2DB856\SETUP__20877.EXE, Löschen bei Neustart, [6], [397546],1.0.1987
PUP.Optional.SystemHealer, C:\USERS\PITTI\APPDATA\LOCAL\TEMP\7124AD21F5ED42D99C8F912038201D63\SYSTEMHEALER.EXE, Löschen bei Neustart, [964], [363442],1.0.1987
PUP.Optional.SpeedingUpMyPC, C:\USERS\PITTI\APPDATA\LOCAL\TEMP\85C9D8D8CA3E4B23A0E4D7B41E7DCCE3\INTER_SILENT.EXE, Löschen bei Neustart, [891], [389100],1.0.1987
Adware.NetAdapter, C:\USERS\PITTI\APPDATA\LOCAL\TEMP\B6FF831D8C2942C98DFEB4D9CD991825\NETADAPTERUPDATE_SETUP.EXE, Löschen bei Neustart, [9235], [398038],1.0.1987
PUP.Optional.Amonetize, C:\USERS\PITTI\APPDATA\LOCAL\TEMP\D3F0DA47B841453C83FED90EB9219752\SETUP__20877.EXE, Löschen bei Neustart, [6], [397546],1.0.1987
Adware.Amonetize, C:\USERS\PITTI\APPDATA\LOCAL\TEMP\{B76C90611CE9474FAFC436FDAD4BB76A}\2HB6IYK0P6\UNINSTALL.EXE, Löschen bei Neustart, [1074], [378669],1.0.1987
Adware.Amonetize, C:\USERS\PITTI\APPDATA\LOCAL\TEMP\{44173BAB27394558845FA849540D9617}\3+RTZOCVNT\UNINSTALL.EXE, Löschen bei Neustart, [1074], [378669],1.0.1987
PUP.Optional.SpeedingUpMyPC, C:\WINDOWS\TEMP\KPUXYMQM-PROG.EXE, Löschen bei Neustart, [891], [389100],1.0.1987
Adware.Agent, C:\WINDOWS\TEMP\00028308\MSIQL.EXE, Löschen bei Neustart, [246], [15006],1.0.1987
Adware.OptimizerEliteMax, C:\WINDOWS\TEMP\0917F9D0EBF941A390FCC27418493BC3\ONESYSTEMCARE.EXE, Löschen bei Neustart, [429], [311034],1.0.1987
PUP.Optional.OnlineIO, C:\WINDOWS\TEMP\297ADB65036E9306052EEAB78033FB74\TRAFFIC EXCHANGE UPDATER.EXE, Löschen bei Neustart, [542], [360154],1.0.1987
Adware.Eszjuxuan, C:\WINDOWS\TEMP\00028308\KPZIP.EXE, Löschen bei Neustart, [41], [380623],1.0.1987
Adware.Yeabests, C:\WINDOWS\TEMP\00028308\HP.EXE, Löschen bei Neustart, [1414], [383581],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\WINDOWS\TEMP\NW5028_4036\PACKAGE.JSON, Löschen bei Neustart, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\images\close.png, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\images\expand.png, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\images\icon16.png, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\images\icon20.png, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\images\icon24.png, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\images\icon256.png, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\images\icon36.png, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\images\icon48.png, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\images\icon64.png, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\images\icontray.png, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\images\loader.gif, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\images\minimize.png, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\images\search.png, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\images\unexpand.png, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\examples\README.md, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\lib\cookies.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\lib\copy.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\lib\debug.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\lib\helpers.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\aws-sign2\index.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\aws-sign2\package.json, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\aws-sign2\README.md, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\bl\node_modules\readable-stream\lib\_stream_duplex.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\bl\node_modules\readable-stream\lib\_stream_passthrough.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\bl\node_modules\readable-stream\lib\_stream_readable.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\bl\node_modules\readable-stream\lib\_stream_transform.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\bl\node_modules\readable-stream\lib\_stream_writable.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\bl\node_modules\readable-stream\node_modules\core-util-is\lib\util.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\bl\node_modules\readable-stream\node_modules\core-util-is\float.patch, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\bl\node_modules\readable-stream\node_modules\core-util-is\package.json, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\bl\node_modules\readable-stream\node_modules\core-util-is\README.md, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\bl\node_modules\readable-stream\node_modules\core-util-is\test.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\bl\node_modules\readable-stream\node_modules\inherits\inherits.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\bl\node_modules\readable-stream\node_modules\inherits\inherits_browser.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\bl\node_modules\readable-stream\node_modules\inherits\package.json, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\bl\node_modules\readable-stream\node_modules\inherits\README.md, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\bl\node_modules\readable-stream\node_modules\isarray\build\build.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\bl\node_modules\readable-stream\node_modules\isarray\component.json, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\bl\node_modules\readable-stream\node_modules\isarray\index.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\bl\node_modules\readable-stream\node_modules\isarray\package.json, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\bl\node_modules\readable-stream\node_modules\isarray\README.md, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\bl\node_modules\readable-stream\node_modules\string_decoder\index.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\bl\node_modules\readable-stream\node_modules\string_decoder\package.json, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\bl\node_modules\readable-stream\node_modules\string_decoder\README.md, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\bl\node_modules\readable-stream\duplex.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\bl\node_modules\readable-stream\package.json, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\bl\node_modules\readable-stream\passthrough.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\bl\node_modules\readable-stream\readable.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\bl\node_modules\readable-stream\README.md, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\bl\node_modules\readable-stream\transform.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\bl\node_modules\readable-stream\writable.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\bl\test\basic-test.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\bl\test\sauce.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\bl\test\test.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\bl\bl.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\bl\LICENSE.md, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\bl\package.json, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\bl\README.md, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\caseless\index.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\caseless\package.json, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\caseless\README.md, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\caseless\test.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\combined-stream\lib\combined_stream.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\combined-stream\node_modules\delayed-stream\lib\delayed_stream.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\combined-stream\node_modules\delayed-stream\test\integration\test-delayed-http-upload.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\combined-stream\node_modules\delayed-stream\test\integration\test-delayed-stream-auto-pause.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\combined-stream\node_modules\delayed-stream\test\integration\test-delayed-stream-pause.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\combined-stream\node_modules\delayed-stream\test\integration\test-delayed-stream.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\combined-stream\node_modules\delayed-stream\test\integration\test-handle-source-errors.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\combined-stream\node_modules\delayed-stream\test\integration\test-max-data-size.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\combined-stream\node_modules\delayed-stream\test\integration\test-pipe-resumes.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\combined-stream\node_modules\delayed-stream\test\integration\test-proxy-readable.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\combined-stream\node_modules\delayed-stream\test\common.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\combined-stream\node_modules\delayed-stream\test\run.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\combined-stream\node_modules\delayed-stream\package.json, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\combined-stream\node_modules\delayed-stream\Readme.md, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\combined-stream\package.json, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\combined-stream\Readme.md, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\forever-agent\index.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\forever-agent\package.json, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\forever-agent\README.md, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\form-data\lib\form_data.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\form-data\node_modules\async\lib\async.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\form-data\node_modules\async\support\sync-package-managers.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\form-data\node_modules\async\bower.json, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\form-data\node_modules\async\component.json, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\form-data\node_modules\async\package.json, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\form-data\node_modules\async\README.md, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\form-data\node_modules\mime-types\node_modules\mime-db\db.json, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\form-data\node_modules\mime-types\node_modules\mime-db\HISTORY.md, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\form-data\node_modules\mime-types\node_modules\mime-db\index.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\form-data\node_modules\mime-types\node_modules\mime-db\package.json, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\form-data\node_modules\mime-types\node_modules\mime-db\README.md, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\form-data\node_modules\mime-types\HISTORY.md, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\form-data\node_modules\mime-types\index.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\form-data\node_modules\mime-types\package.json, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\form-data\node_modules\mime-types\README.md, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\form-data\package.json, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\form-data\Readme.md, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\hawk\example\usage.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\hawk\images\hawk.png, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\hawk\images\logo.png, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\hawk\lib\browser.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\hawk\lib\client.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\hawk\lib\crypto.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\hawk\lib\index.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\hawk\lib\server.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\hawk\lib\utils.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\hawk\node_modules\boom\images\boom.png, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\hawk\node_modules\boom\lib\index.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\hawk\node_modules\boom\test\index.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\hawk\node_modules\boom\index.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\hawk\node_modules\boom\package.json, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\hawk\node_modules\boom\README.md, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\hawk\node_modules\cryptiles\lib\index.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\hawk\node_modules\cryptiles\test\index.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\hawk\node_modules\cryptiles\index.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\hawk\node_modules\cryptiles\package.json, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\hawk\node_modules\cryptiles\README.md, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\hawk\node_modules\hoek\images\hoek.png, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\hawk\node_modules\hoek\lib\escape.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\hawk\node_modules\hoek\lib\index.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\hawk\node_modules\hoek\test\modules\test1.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\hawk\node_modules\hoek\test\modules\test2.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\hawk\node_modules\hoek\test\modules\test3.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\hawk\node_modules\hoek\test\escaper.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\hawk\node_modules\hoek\test\index.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\hawk\node_modules\hoek\index.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\hawk\node_modules\hoek\package.json, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\hawk\node_modules\hoek\README.md, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\hawk\node_modules\sntp\examples\offset.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\hawk\node_modules\sntp\examples\time.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\hawk\node_modules\sntp\lib\index.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\hawk\node_modules\sntp\test\index.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\hawk\node_modules\sntp\index.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\hawk\node_modules\sntp\package.json, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\hawk\node_modules\sntp\README.md, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\hawk\test\browser.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\hawk\test\client.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\hawk\test\crypto.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\hawk\test\index.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\hawk\test\message.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\hawk\test\readme.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\hawk\test\server.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\hawk\test\uri.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\hawk\test\utils.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\hawk\index.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\hawk\package.json, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\hawk\README.md, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\http-signature\lib\index.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\http-signature\lib\parser.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\http-signature\lib\signer.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\http-signature\lib\util.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\http-signature\lib\verify.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\http-signature\node_modules\asn1\lib\ber\errors.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\http-signature\node_modules\asn1\lib\ber\index.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\http-signature\node_modules\asn1\lib\ber\reader.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\http-signature\node_modules\asn1\lib\ber\types.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\http-signature\node_modules\asn1\lib\ber\writer.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\http-signature\node_modules\asn1\lib\index.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\http-signature\node_modules\asn1\tst\ber\reader.test.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\http-signature\node_modules\asn1\tst\ber\writer.test.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\http-signature\node_modules\asn1\package.json, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\http-signature\node_modules\asn1\README.md, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\http-signature\node_modules\assert-plus\assert.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\http-signature\node_modules\assert-plus\package.json, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\http-signature\node_modules\assert-plus\README.md, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\http-signature\node_modules\ctype\man\man3ctype\ctio.3ctype, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\http-signature\node_modules\ctype\tools\jsl.conf, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\http-signature\node_modules\ctype\ctf.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\http-signature\node_modules\ctype\ctio.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\http-signature\node_modules\ctype\ctype.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\http-signature\node_modules\ctype\package.json, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\http-signature\node_modules\ctype\README.old, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\http-signature\http_signing.md, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\http-signature\package.json, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\http-signature\README.md, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\json-stringify-safe\test\mocha.opts, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\json-stringify-safe\test\stringify_test.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\json-stringify-safe\CHANGELOG.md, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\json-stringify-safe\package.json, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\json-stringify-safe\README.md, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\json-stringify-safe\stringify.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\mime-types\lib\custom.json, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\mime-types\lib\index.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\mime-types\lib\mime.json, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\mime-types\lib\node.json, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\mime-types\component.json, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\mime-types\package.json, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\mime-types\README.md, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\mime-types\SOURCES.md, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\node-uuid\benchmark\bench.gnu, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\node-uuid\benchmark\bench.sh, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\node-uuid\benchmark\benchmark-native.c, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\node-uuid\benchmark\benchmark.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\node-uuid\benchmark\README.md, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\node-uuid\lib\sha1-browser.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\node-uuid\test\compare_v1.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\node-uuid\test\test.html, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\node-uuid\test\test.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\node-uuid\bower.json, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\node-uuid\component.json, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\node-uuid\LICENSE.md, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\node-uuid\package.json, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\node-uuid\README.md, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\node-uuid\uuid.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\node-uuid\v3.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\oauth-sign\index.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\oauth-sign\package.json, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\oauth-sign\README.md, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\oauth-sign\test.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\qs\lib\index.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\qs\lib\parse.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\qs\lib\stringify.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\qs\lib\utils.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\qs\test\parse.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\qs\test\stringify.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\qs\CHANGELOG.md, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\qs\CONTRIBUTING.md, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\qs\index.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\qs\package.json, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\qs\README.md, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\stringstream\example.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\stringstream\LICENSE.txt, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\stringstream\package.json, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\stringstream\README.md, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\stringstream\stringstream.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\tough-cookie\lib\cookie.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\tough-cookie\lib\memstore.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\tough-cookie\lib\pathMatch.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\tough-cookie\lib\permuteDomain.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\tough-cookie\lib\pubsuffix.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\tough-cookie\lib\store.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\tough-cookie\node_modules\punycode\LICENSE-MIT.txt, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\tough-cookie\node_modules\punycode\package.json, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\tough-cookie\node_modules\punycode\punycode.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\tough-cookie\node_modules\punycode\README.md, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\tough-cookie\package.json, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\tough-cookie\README.md, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\tunnel-agent\index.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\tunnel-agent\package.json, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\node_modules\tunnel-agent\README.md, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\CHANGELOG.md, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\CONTRIBUTING.md, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\disabled.appveyor.yml, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\index.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\package.json, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\README.md, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\release.sh, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\request\request.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\tar\examples\extracter.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\tar\examples\packer.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\tar\examples\reader.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\tar\lib\buffer-entry.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\tar\lib\entry-writer.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\tar\lib\entry.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\tar\lib\extended-header-writer.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\tar\lib\extended-header.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\tar\lib\extract.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\tar\lib\global-header-writer.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\tar\lib\header.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\tar\lib\pack.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\tar\lib\parse.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\tar\node_modules\block-stream\block-stream.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\tar\node_modules\block-stream\package.json, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\tar\node_modules\block-stream\README.md, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\tar\node_modules\fstream\examples\filter-pipe.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\tar\node_modules\fstream\examples\pipe.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\tar\node_modules\fstream\examples\reader.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\tar\node_modules\fstream\examples\symlink-write.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\tar\node_modules\fstream\lib\abstract.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\tar\node_modules\fstream\lib\collect.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\tar\node_modules\fstream\lib\dir-reader.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\tar\node_modules\fstream\lib\dir-writer.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\tar\node_modules\fstream\lib\file-reader.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\tar\node_modules\fstream\lib\file-writer.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\tar\node_modules\fstream\lib\get-type.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\tar\node_modules\fstream\lib\link-reader.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\tar\node_modules\fstream\lib\link-writer.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\tar\node_modules\fstream\lib\proxy-reader.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\tar\node_modules\fstream\lib\proxy-writer.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\tar\node_modules\fstream\lib\reader.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\tar\node_modules\fstream\lib\socket-reader.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\tar\node_modules\fstream\lib\writer.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\tar\node_modules\fstream\node_modules\graceful-fs\fs.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\tar\node_modules\fstream\node_modules\graceful-fs\graceful-fs.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\tar\node_modules\fstream\node_modules\graceful-fs\legacy-streams.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\tar\node_modules\fstream\node_modules\graceful-fs\package.json, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\tar\node_modules\fstream\node_modules\graceful-fs\polyfills.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\tar\node_modules\fstream\node_modules\graceful-fs\README.md, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\tar\node_modules\fstream\node_modules\mkdirp\bin\cmd.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\tar\node_modules\fstream\node_modules\mkdirp\bin\usage.txt, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\tar\node_modules\fstream\node_modules\mkdirp\examples\pow.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\tar\node_modules\fstream\node_modules\mkdirp\node_modules\minimist\example\parse.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\tar\node_modules\fstream\node_modules\mkdirp\node_modules\minimist\test\dash.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\tar\node_modules\fstream\node_modules\mkdirp\node_modules\minimist\test\default_bool.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\tar\node_modules\fstream\node_modules\mkdirp\node_modules\minimist\test\dotted.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\tar\node_modules\fstream\node_modules\mkdirp\node_modules\minimist\test\long.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\tar\node_modules\fstream\node_modules\mkdirp\node_modules\minimist\test\parse.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\tar\node_modules\fstream\node_modules\mkdirp\node_modules\minimist\test\parse_modified.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\tar\node_modules\fstream\node_modules\mkdirp\node_modules\minimist\test\short.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\tar\node_modules\fstream\node_modules\mkdirp\node_modules\minimist\test\whitespace.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\tar\node_modules\fstream\node_modules\mkdirp\node_modules\minimist\index.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\tar\node_modules\fstream\node_modules\mkdirp\node_modules\minimist\package.json, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\tar\node_modules\fstream\node_modules\mkdirp\node_modules\minimist\readme.markdown, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\tar\node_modules\fstream\node_modules\mkdirp\test\chmod.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\tar\node_modules\fstream\node_modules\mkdirp\test\clobber.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\tar\node_modules\fstream\node_modules\mkdirp\test\mkdirp.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\tar\node_modules\fstream\node_modules\mkdirp\test\opts_fs.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\tar\node_modules\fstream\node_modules\mkdirp\test\opts_fs_sync.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\tar\node_modules\fstream\node_modules\mkdirp\test\perm.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\tar\node_modules\fstream\node_modules\mkdirp\test\perm_sync.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\tar\node_modules\fstream\node_modules\mkdirp\test\race.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\tar\node_modules\fstream\node_modules\mkdirp\test\rel.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\tar\node_modules\fstream\node_modules\mkdirp\test\return.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\tar\node_modules\fstream\node_modules\mkdirp\test\return_sync.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\tar\node_modules\fstream\node_modules\mkdirp\test\root.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\tar\node_modules\fstream\node_modules\mkdirp\test\sync.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\tar\node_modules\fstream\node_modules\mkdirp\test\umask.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\tar\node_modules\fstream\node_modules\mkdirp\test\umask_sync.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\tar\node_modules\fstream\node_modules\mkdirp\index.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\tar\node_modules\fstream\node_modules\mkdirp\package.json, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\tar\node_modules\fstream\node_modules\mkdirp\readme.markdown, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\tar\node_modules\fstream\node_modules\rimraf\node_modules\glob\node_modules\fs.realpath\index.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\tar\node_modules\fstream\node_modules\rimraf\node_modules\glob\node_modules\fs.realpath\old.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\tar\node_modules\fstream\node_modules\rimraf\node_modules\glob\node_modules\fs.realpath\package.json, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\tar\node_modules\fstream\node_modules\rimraf\node_modules\glob\node_modules\fs.realpath\README.md, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\tar\node_modules\fstream\node_modules\rimraf\node_modules\glob\node_modules\inflight\node_modules\wrappy\package.json, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\tar\node_modules\fstream\node_modules\rimraf\node_modules\glob\node_modules\inflight\node_modules\wrappy\README.md, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\tar\node_modules\fstream\node_modules\rimraf\node_modules\glob\node_modules\inflight\node_modules\wrappy\wrappy.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\tar\node_modules\fstream\node_modules\rimraf\node_modules\glob\node_modules\inflight\inflight.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\tar\node_modules\fstream\node_modules\rimraf\node_modules\glob\node_modules\inflight\package.json, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\tar\node_modules\fstream\node_modules\rimraf\node_modules\glob\node_modules\inflight\README.md, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\tar\node_modules\fstream\node_modules\rimraf\node_modules\glob\node_modules\minimatch\node_modules\brace-expansion\node_modules\balanced-match\index.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\tar\node_modules\fstream\node_modules\rimraf\node_modules\glob\node_modules\minimatch\node_modules\brace-expansion\node_modules\balanced-match\LICENSE.md, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\tar\node_modules\fstream\node_modules\rimraf\node_modules\glob\node_modules\minimatch\node_modules\brace-expansion\node_modules\balanced-match\package.json, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\tar\node_modules\fstream\node_modules\rimraf\node_modules\glob\node_modules\minimatch\node_modules\brace-expansion\node_modules\balanced-match\README.md, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\tar\node_modules\fstream\node_modules\rimraf\node_modules\glob\node_modules\minimatch\node_modules\brace-expansion\node_modules\concat-map\example\map.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\tar\node_modules\fstream\node_modules\rimraf\node_modules\glob\node_modules\minimatch\node_modules\brace-expansion\node_modules\concat-map\test\map.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\tar\node_modules\fstream\node_modules\rimraf\node_modules\glob\node_modules\minimatch\node_modules\brace-expansion\node_modules\concat-map\index.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\tar\node_modules\fstream\node_modules\rimraf\node_modules\glob\node_modules\minimatch\node_modules\brace-expansion\node_modules\concat-map\package.json, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\tar\node_modules\fstream\node_modules\rimraf\node_modules\glob\node_modules\minimatch\node_modules\brace-expansion\node_modules\concat-map\README.markdown, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\tar\node_modules\fstream\node_modules\rimraf\node_modules\glob\node_modules\minimatch\node_modules\brace-expansion\index.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\tar\node_modules\fstream\node_modules\rimraf\node_modules\glob\node_modules\minimatch\node_modules\brace-expansion\package.json, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\tar\node_modules\fstream\node_modules\rimraf\node_modules\glob\node_modules\minimatch\node_modules\brace-expansion\README.md, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\tar\node_modules\fstream\node_modules\rimraf\node_modules\glob\node_modules\minimatch\minimatch.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\tar\node_modules\fstream\node_modules\rimraf\node_modules\glob\node_modules\minimatch\package.json, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\tar\node_modules\fstream\node_modules\rimraf\node_modules\glob\node_modules\minimatch\README.md, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\tar\node_modules\fstream\node_modules\rimraf\node_modules\glob\node_modules\once\node_modules\wrappy\package.json, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\tar\node_modules\fstream\node_modules\rimraf\node_modules\glob\node_modules\once\node_modules\wrappy\README.md, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\tar\node_modules\fstream\node_modules\rimraf\node_modules\glob\node_modules\once\node_modules\wrappy\wrappy.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\tar\node_modules\fstream\node_modules\rimraf\node_modules\glob\node_modules\once\once.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\tar\node_modules\fstream\node_modules\rimraf\node_modules\glob\node_modules\once\package.json, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\tar\node_modules\fstream\node_modules\rimraf\node_modules\glob\node_modules\once\README.md, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\tar\node_modules\fstream\node_modules\rimraf\node_modules\glob\node_modules\path-is-absolute\index.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\tar\node_modules\fstream\node_modules\rimraf\node_modules\glob\node_modules\path-is-absolute\package.json, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\tar\node_modules\fstream\node_modules\rimraf\node_modules\glob\node_modules\path-is-absolute\readme.md, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\tar\node_modules\fstream\node_modules\rimraf\node_modules\glob\changelog.md, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\tar\node_modules\fstream\node_modules\rimraf\node_modules\glob\common.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\tar\node_modules\fstream\node_modules\rimraf\node_modules\glob\glob.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\tar\node_modules\fstream\node_modules\rimraf\node_modules\glob\package.json, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\tar\node_modules\fstream\node_modules\rimraf\node_modules\glob\README.md, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\tar\node_modules\fstream\node_modules\rimraf\node_modules\glob\sync.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\tar\node_modules\fstream\node_modules\rimraf\bin.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\tar\node_modules\fstream\node_modules\rimraf\package.json, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\tar\node_modules\fstream\node_modules\rimraf\README.md, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\tar\node_modules\fstream\node_modules\rimraf\rimraf.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\tar\node_modules\fstream\fstream.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\tar\node_modules\fstream\package.json, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\tar\node_modules\fstream\README.md, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\tar\node_modules\inherits\inherits.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\tar\node_modules\inherits\inherits_browser.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\tar\node_modules\inherits\package.json, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\tar\node_modules\inherits\README.md, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\tar\test\00-setup-fixtures.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\tar\test\cb-never-called-1.0.1.tgz, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\tar\test\dir-normalization.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\tar\test\dir-normalization.tar, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\tar\test\error-on-broken.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\tar\test\extract-move.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\tar\test\extract.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\tar\test\fixtures.tgz, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\tar\test\header.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\tar\test\pack-no-proprietary.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\tar\test\pack.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\tar\test\parse-discard.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\tar\test\parse.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\tar\test\zz-cleanup.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\tar\package.json, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\tar\README.md, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\tar\tar.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\universal-analytics\lib\config.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\universal-analytics\lib\index.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\universal-analytics\lib\utils.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\universal-analytics\node_modules\async\lib\async.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\universal-analytics\node_modules\async\component.json, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\universal-analytics\node_modules\async\package.json, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\universal-analytics\node_modules\async\README.md, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\universal-analytics\node_modules\node-uuid\benchmark\bench.gnu, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\universal-analytics\node_modules\node-uuid\benchmark\bench.sh, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\universal-analytics\node_modules\node-uuid\benchmark\benchmark-native.c, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\universal-analytics\node_modules\node-uuid\benchmark\benchmark.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\universal-analytics\node_modules\node-uuid\benchmark\README.md, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\universal-analytics\node_modules\node-uuid\lib\sha1-browser.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\universal-analytics\node_modules\node-uuid\test\compare_v1.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\universal-analytics\node_modules\node-uuid\test\test.html, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\universal-analytics\node_modules\node-uuid\test\test.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\universal-analytics\node_modules\node-uuid\bower.json, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\universal-analytics\node_modules\node-uuid\component.json, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\universal-analytics\node_modules\node-uuid\LICENSE.md, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\universal-analytics\node_modules\node-uuid\package.json, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\universal-analytics\node_modules\node-uuid\README.md, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\universal-analytics\node_modules\node-uuid\uuid.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\universal-analytics\node_modules\node-uuid\v3.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\universal-analytics\node_modules\underscore\package.json, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\universal-analytics\node_modules\underscore\README.md, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\universal-analytics\node_modules\underscore\underscore-min.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\universal-analytics\node_modules\underscore\underscore-min.map, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\universal-analytics\node_modules\underscore\underscore.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\universal-analytics\test\event.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\universal-analytics\test\exception.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\universal-analytics\test\index.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\universal-analytics\test\item.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\universal-analytics\test\middleware.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\universal-analytics\test\mocha.opts, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\universal-analytics\test\pageview.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\universal-analytics\test\send.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\universal-analytics\test\timing.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\universal-analytics\test\transaction.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\universal-analytics\test\_enqueue.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\universal-analytics\AcceptableParams.md, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\universal-analytics\HISTORY.md, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\universal-analytics\index.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\universal-analytics\package.json, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\node_modules\universal-analytics\README.md, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\storage\storage.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\storage\storageUtil.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\index.html, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\jquery.min.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\main.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\report.bin, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\settings.js, In Quarantäne, [2850], [371306],1.0.1987
PUP.Optional.AppTrailers.Generic, C:\Windows\Temp\nw5028_4036\shallow.html, In Quarantäne, [2850], [371306],1.0.1987
Adware.Amonetize, C:\WINDOWS\TEMP\015F9B01C11E4FA1A6C0BEEE7E453D32\BXMFPY6.EXE, In Quarantäne, [1074], [378669],1.0.1987
Adware.Agent, C:\WINDOWS\TEMP\29154\POPWNDUP.EXE, In Quarantäne, [246], [15006],1.0.1987
PUP.Optional.AppTrailers, C:\WINDOWS\TEMP\78CB60172A7747EB9B4044B54021789B\SETUP.EXE, In Quarantäne, [837], [338239],1.0.1987
Adware.NetAdapter, C:\WINDOWS\TEMP\2186B6995E0942D79B306611139DA3DC\NETADAPTERUPDATE_SETUP.EXE, In Quarantäne, [9235], [398038],1.0.1987
PUP.Optional.SystemHealer, C:\WINDOWS\TEMP\44D85F9B9686458A82ECF9FC9BB7DC43\SYSTEMHEALER.EXE, In Quarantäne, [964], [363442],1.0.1987
PUP.Optional.SpeedingUpMyPC, C:\WINDOWS\TEMP\96F63BCDDBB44A8DAE5AA046792820A9\INTER_SILENT.EXE, In Quarantäne, [891], [389100],1.0.1987
PUP.Optional.InstallCore, C:\USERS\PITTI\DOWNLOADS\JAVAPLUGIN.EXE, In Quarantäne, [3], [398632],1.0.1987
PUP.Optional.InstallCore, C:\USERS\PITTI\DOWNLOADS\ADWCLEANER-5-013.EXE, In Quarantäne, [3], [300867],1.0.1987
PUP.Optional.IoloSC, C:\USERS\PITTI\DOWNLOADS\SCUDOWNLOADER.EXE, In Quarantäne, [2205], [349236],1.0.1987
PUP.Optional.Amonetize, C:\WINDOWS\TEMP\AMIPIXEL.CFG, In Quarantäne, [6], [302488],1.0.1987
PUP.Optional.YeaDesktop, C:\WINDOWS\TEMP\YEAPUSERINFO.INI, In Quarantäne, [1518], [391398],1.0.1987
Adware.Eszjuxuan, C:\WINDOWS\TEMP\00028703\SERVICE.EXE, In Quarantäne, [41], [397967],1.0.1987
PUP.Optional.SystemHealer, C:\WINDOWS\TEMP\1410C0EA08D9458A873C5ACA10886D0C\SETUP.EXE, In Quarantäne, [964], [363442],1.0.1987
PUP.Optional.YeaDesktop, C:\WINDOWS\TEMP\27805\YEADESKTOP3.EXE, In Quarantäne, [1518], [391393],1.0.1987
PUP.Optional.BitCoinMiner, C:\WINDOWS\TEMP\55783B3EDE0948F7B7F06C89610C7C25\SCR4QXLXJO.EXE, In Quarantäne, [194], [363441],1.0.1987
PUP.Optional.Amonetize, C:\WINDOWS\TEMP\D0F57E236F634DC89A3BCACF6636D996\SETUP__20877.EXE, In Quarantäne, [6], [398271],1.0.1987
PUP.Optional.OnlineIO, C:\WINDOWS\TASKS\ONLINE APPLICATION V209.JOB, In Quarantäne, [542], [382506],1.0.1987
PUP.Optional.OnlineIO, C:\WINDOWS\TASKS\TRAFFIC EXCHANGE V209 - 1.JOB, In Quarantäne, [542], [333879],1.0.1987
PUP.Optional.OnlineIO, C:\WINDOWS\TASKS\TRAFFIC EXCHANGE V209 - 2.JOB, In Quarantäne, [542], [333879],1.0.1987
PUP.Optional.SearchModule, C:\WINDOWS\TASKS\SMW_UpdateTask_Time_3335303535313533392d23787845322a5b3434322d57.job, In Quarantäne, [635], [242734],1.0.1987
PUP.Optional.OnlineIO, C:\WINDOWS\TASKS\Traffic Exchange v2 - 1.job, In Quarantäne, [542], [333879],1.0.1987
PUP.Optional.OnlineIO, C:\WINDOWS\TASKS\Traffic Exchange v2 - 2.job, In Quarantäne, [542], [333879],1.0.1987
PUP.Optional.OnlineIO, C:\WINDOWS\TASKS\Traffic Exchange v2 - 3.job, In Quarantäne, [542], [333879],1.0.1987
PUP.Optional.OnlineIO, C:\WINDOWS\TASKS\Traffic Exchange v209 - 3.job, In Quarantäne, [542], [333879],1.0.1987
Adware.OnlineIO, C:\WINDOWS\TASKS\UPDATER_ONLINE_SPECIAL_APPLICATION.JOB, In Quarantäne, [9295], [399431],1.0.1987
PUP.Optional.OnlineIO, C:\WINDOWS\INSTALLER\SOURCEHASH{5266F634-7B7D-4537-BDDC-98DD6CFCBAA1}, In Quarantäne, [542], [391431],1.0.1987
PUP.Optional.OnlineIO, C:\WINDOWS\INSTALLER\SOURCEHASH{F0847AE0-465A-4D7B-A555-AABB43B550F0}, In Quarantäne, [542], [398594],1.0.1987
PUP.Optional.OnlineIO, C:\WINDOWS\TASKS\ONLINE APPLICATION V209 GUARDIAN.JOB, In Quarantäne, [542], [382506],1.0.1987
PUP.Optional.Goobzo, C:\WINDOWS\SYSTEM32\TASKS\SMW_UpdateTask_Time_3335303535313533392d2d5b50342a4155456c5a236c, In Quarantäne, [342], [189916],1.0.1987
PUP.Optional.Wajam.Gen, C:\PROGRAM FILES\1cc64dd1cb19ce97578e172dc264b81a\b3f0c7927356814b985017264e62de9c\2677c4e75bd512f95291197f9f0a1609.ico, In Quarantäne, [15575], [259462],1.0.1987
PUP.Optional.Wajam.Gen, C:\Program Files\1cc64dd1cb19ce97578e172dc264b81a\b3f0c7927356814b985017264e62de9c\50c04464ae4d791f13f6515d65223fa2.ico, In Quarantäne, [15575], [259462],1.0.1987
PUP.Optional.Wajam.Gen, C:\Program Files\1cc64dd1cb19ce97578e172dc264b81a\b3f0c7927356814b985017264e62de9c\a90803ae8bfd50ada7ffcfaecd4c359b.ico, In Quarantäne, [15575], [259462],1.0.1987
PUP.Optional.Wajam.Gen, C:\Program Files\1cc64dd1cb19ce97578e172dc264b81a\24a89a6378f8bc497b225edc002db823.exe, In Quarantäne, [15575], [259462],1.0.1987
PUP.Optional.Wajam.Gen, C:\Program Files\1cc64dd1cb19ce97578e172dc264b81a\2677c4e75bd512f95291197f9f0a1609.ico, Löschen bei Neustart, [15575], [259462],1.0.1987
PUP.Optional.Wajam.Gen, C:\Program Files\1cc64dd1cb19ce97578e172dc264b81a\3d1a45181032cbc1ebf6cfd4c1bf3ffc.exe, Löschen bei Neustart, [15575], [259462],1.0.1987
PUP.Optional.Wajam.Gen, C:\Program Files\1cc64dd1cb19ce97578e172dc264b81a\72698b7f311a35dc55616e6be28fbea7.exe, Löschen bei Neustart, [15575], [259462],1.0.1987
PUP.Optional.Wajam.Gen, C:\Program Files\1cc64dd1cb19ce97578e172dc264b81a\f13e9114f46a24e1c8301516f5da8898, Löschen bei Neustart, [15575], [259462],1.0.1987
PUP.Optional.Wajam.Gen, C:\Program Files\1cc64dd1cb19ce97578e172dc264b81a\service.dat, Löschen bei Neustart, [15575], [259462],1.0.1987
PUP.Optional.Wajam.Gen, C:\Program Files\1cc64dd1cb19ce97578e172dc264b81a\service_64.dat, Löschen bei Neustart, [15575], [259462],1.0.1987
PUP.Optional.Wajam.Gen, C:\Program Files\1cc64dd1cb19ce97578e172dc264b81a\WBE_uninstall.dat, Löschen bei Neustart, [15575], [259462],1.0.1987
PUP.Optional.Wajam.Gen, C:\PROGRAM FILES\5a84f5cced833c1322f7463f37107ed6\b3f0c7927356814b985017264e62de9c\2677c4e75bd512f95291197f9f0a1609.ico, Löschen bei Neustart, [15575], [259462],1.0.1987
PUP.Optional.Wajam.Gen, C:\Program Files\5a84f5cced833c1322f7463f37107ed6\b3f0c7927356814b985017264e62de9c\50c04464ae4d791f13f6515d65223fa2.ico, Löschen bei Neustart, [15575], [259462],1.0.1987
PUP.Optional.Wajam.Gen, C:\Program Files\5a84f5cced833c1322f7463f37107ed6\b3f0c7927356814b985017264e62de9c\a90803ae8bfd50ada7ffcfaecd4c359b.ico, Löschen bei Neustart, [15575], [259462],1.0.1987
PUP.Optional.Wajam.Gen, C:\Program Files\5a84f5cced833c1322f7463f37107ed6\2677c4e75bd512f95291197f9f0a1609.ico, Löschen bei Neustart, [15575], [259462],1.0.1987
PUP.Optional.Wajam.Gen, C:\Program Files\5a84f5cced833c1322f7463f37107ed6\2709795e572a69c194f1543ddf66beca.exe, Löschen bei Neustart, [15575], [259462],1.0.1987
PUP.Optional.Wajam.Gen, C:\Program Files\5a84f5cced833c1322f7463f37107ed6\420210ead7be995fca071e7d8bc9d97c, Löschen bei Neustart, [15575], [259462],1.0.1987
PUP.Optional.Wajam.Gen, C:\Program Files\5a84f5cced833c1322f7463f37107ed6\69faf28085b82fbe559c1962ea23298e.exe, Löschen bei Neustart, [15575], [259462],1.0.1987
PUP.Optional.Wajam.Gen, C:\Program Files\5a84f5cced833c1322f7463f37107ed6\96078e288fc2cb4a9ce40313dadd0771.exe, Löschen bei Neustart, [15575], [259462],1.0.1987
PUP.Optional.Wajam.Gen, C:\Program Files\5a84f5cced833c1322f7463f37107ed6\cca8b3ea1f10f28400d45c8ac76f088e.exe, Löschen bei Neustart, [15575], [259462],1.0.1987
PUP.Optional.Wajam.Gen, C:\Program Files\5a84f5cced833c1322f7463f37107ed6\cef699fb2306fa37d6b136aa38baefcc.exe, Löschen bei Neustart, [15575], [259462],1.0.1987
PUP.Optional.Wajam.Gen, C:\Program Files\5a84f5cced833c1322f7463f37107ed6\e93b6f3c693e1238901d6da48eaaefd0.exe, Löschen bei Neustart, [15575], [259462],1.0.1987
PUP.Optional.Wajam.Gen, C:\Program Files\5a84f5cced833c1322f7463f37107ed6\f66f714f49d4972223d2ed9eae2cec99.exe, Löschen bei Neustart, [15575], [259462],1.0.1987
PUP.Optional.OnlineIO, C:\WINDOWS\SYSTEM32\TASKS\Traffic Exchange v2 - 1, Löschen bei Neustart, [542], [333869],1.0.1987
PUP.Optional.OnlineIO, C:\WINDOWS\SYSTEM32\TASKS\Traffic Exchange v2 - 2, Löschen bei Neustart, [542], [333869],1.0.1987
PUP.Optional.OnlineIO, C:\WINDOWS\SYSTEM32\TASKS\Traffic Exchange v2 - 3, Löschen bei Neustart, [542], [333869],1.0.1987
PUP.Optional.OnlineIO, C:\WINDOWS\SYSTEM32\TASKS\Traffic Exchange v209 - 1, Löschen bei Neustart, [542], [333869],1.0.1987
PUP.Optional.OnlineIO, C:\WINDOWS\SYSTEM32\TASKS\Traffic Exchange v209 - 2, Löschen bei Neustart, [542], [333869],1.0.1987
PUP.Optional.OnlineIO, C:\WINDOWS\SYSTEM32\TASKS\Traffic Exchange v209 - 3, Löschen bei Neustart, [542], [333869],1.0.1987
Adware.OtherSearch.TSKRST, C:\PROGRAM FILES (X86)\FeOLMDtF4M\SSL\OtherSearch Inc CA 2.cer, Löschen bei Neustart, [2795], [371199],1.0.1987
Adware.OtherSearch.TSKRST, C:\Program Files (x86)\FeOLMDtF4M\nss\certutil.exe, Löschen bei Neustart, [2795], [371199],1.0.1987
Adware.OtherSearch.TSKRST, C:\Program Files (x86)\FeOLMDtF4M\nss\mozcrt19.dll, Löschen bei Neustart, [2795], [371199],1.0.1987
Adware.OtherSearch.TSKRST, C:\Program Files (x86)\FeOLMDtF4M\nss\nspr4.dll, Löschen bei Neustart, [2795], [371199],1.0.1987
Adware.OtherSearch.TSKRST, C:\Program Files (x86)\FeOLMDtF4M\nss\nss3.dll, Löschen bei Neustart, [2795], [371199],1.0.1987
Adware.OtherSearch.TSKRST, C:\Program Files (x86)\FeOLMDtF4M\nss\plc4.dll, Löschen bei Neustart, [2795], [371199],1.0.1987
Adware.OtherSearch.TSKRST, C:\Program Files (x86)\FeOLMDtF4M\nss\plds4.dll, Löschen bei Neustart, [2795], [371199],1.0.1987
Adware.OtherSearch.TSKRST, C:\Program Files (x86)\FeOLMDtF4M\nss\smime3.dll, Löschen bei Neustart, [2795], [371199],1.0.1987
Adware.OtherSearch.TSKRST, C:\Program Files (x86)\FeOLMDtF4M\nss\softokn3.dll, Löschen bei Neustart, [2795], [371199],1.0.1987
Adware.OtherSearch.TSKRST, C:\Program Files (x86)\FeOLMDtF4M\SSL\cert.db, Löschen bei Neustart, [2795], [371199],1.0.1987
Adware.OtherSearch.TSKRST, C:\Program Files (x86)\FeOLMDtF4M\SSL\xtls.db, Löschen bei Neustart, [2795], [371199],1.0.1987
Adware.OtherSearch.TSKRST, C:\Program Files (x86)\FeOLMDtF4M\data.dt, Löschen bei Neustart, [2795], [371199],1.0.1987
Adware.OtherSearch.TSKRST, C:\Program Files (x86)\FeOLMDtF4M\dlog.txt, Löschen bei Neustart, [2795], [371199],1.0.1987
Adware.OtherSearch.TSKRST, C:\Program Files (x86)\FeOLMDtF4M\kl.ecf, Löschen bei Neustart, [2795], [371199],1.0.1987
Adware.OtherSearch.TSKRST, C:\Program Files (x86)\FeOLMDtF4M\s.xml, Löschen bei Neustart, [2795], [371199],1.0.1987
Adware.OtherSearch.TSKRST, C:\Program Files (x86)\FeOLMDtF4M\slite.exe, Löschen bei Neustart, [2795], [371199],1.0.1987
PUP.Optional.OnlineIO, C:\WINDOWS\TASKS\Online Application v209 Guard.job, Löschen bei Neustart, [542], [382506],1.0.1987
Adware.OnlineIO, C:\WINDOWS\SYSTEM32\TASKS\UPDATER_ONLINE_SPECIAL_APPLICATION, Löschen bei Neustart, [9295], [399428],1.0.1987
PUP.Optional.OnlineIO, C:\WINDOWS\SYSTEM32\TASKS\Online Application v209, Löschen bei Neustart, [542], [317314],1.0.1987
PUP.Optional.OnlineIO, C:\WINDOWS\SYSTEM32\TASKS\Online Application v209 Guard, Löschen bei Neustart, [542], [317314],1.0.1987
PUP.Optional.OnlineIO, C:\WINDOWS\SYSTEM32\TASKS\Online Application v209 Guardian, Löschen bei Neustart, [542], [317314],1.0.1987
PUP.Optional.StartGo123, C:\WINDOWS\SYSTEM32\DRIVERS\NETUTILS2016.SYS, Löschen bei Neustart, [669], [318109],1.0.1987

Physischer Sektor: 0
(keine bösartigen Elemente erkannt)


(end)

M-K-D-B · 21.05.2017, 19:50

Servus,

auch wenn AdwCleaner nichts gefunden hat, bitte ich dich, auch auf den "Löschen"-Button zu drücken. Dann bitte nochmal MBAM zur Kontrolle und nochmal FRST zur Kontrolle.

Dann sehen wir weiter.

Luckyschatz · 21.05.2017, 20:22

Gut dann erstmal hier alles von
adw-Cleaner:

Code:

ATTFilter

# AdwCleaner v6.047 - Bericht erstellt am 21/05/2017 um 21:01:35
# Aktualisiert am 19/05/2017 von Malwarebytes
# Datenbank : 2017-05-19.1 [Lokal]
# Betriebssystem : Windows 10 Home  (X64)
# Benutzername : Pitti - DESKTOP-TP9DC4I
# Gestartet von : C:\Users\Pitti\Desktop\Scan\adwcleaner.exe
# Modus: Suchlauf
# Unterstützung : https://www.malwarebytes.com/support



***** [ Dienste ] *****

Keine schädlichen Dienste gefunden.


***** [ Ordner ] *****

Keine schädlichen Ordner gefunden.


***** [ Dateien ] *****

Keine schädlichen Dateien gefunden.


***** [ DLL ] *****

Keine infizierten DLLs gefunden.


***** [ WMI ] *****

Keine schädlichen Schlüssel gefunden.


***** [ Verknüpfungen ] *****

Keine infizierten Verknüpfungen gefunden.


***** [ Aufgabenplanung ] *****

Keine schädlichen Aufgaben gefunden.


***** [ Registrierungsdatenbank ] *****

Keine schädlichen Elemente in der Registrierungsdatenbank gefunden.


***** [ Internetbrowser ] *****

Keine schädlichen Elemente in Firefox basierten Browsern gefunden.
Keine schädlichen Elemente in Chrome basierten Browsern gefunden.

*************************

C:\AdwCleaner\AdwCleaner[C0].txt - [37559 Bytes] - [18/05/2017 17:57:18]
C:\AdwCleaner\AdwCleaner[C2].txt - [1370 Bytes] - [18/05/2017 18:02:40]
C:\AdwCleaner\AdwCleaner[C3].txt - [3786 Bytes] - [19/05/2017 20:48:47]
C:\AdwCleaner\AdwCleaner[C4].txt - [1814 Bytes] - [19/05/2017 20:57:58]
C:\AdwCleaner\AdwCleaner[S0].txt - [34348 Bytes] - [18/05/2017 17:54:44]
C:\AdwCleaner\AdwCleaner[S10].txt - [2370 Bytes] - [21/05/2017 14:40:55]
C:\AdwCleaner\AdwCleaner[S11].txt - [1633 Bytes] - [21/05/2017 21:01:35]
C:\AdwCleaner\AdwCleaner[S1].txt - [1586 Bytes] - [18/05/2017 18:02:11]
C:\AdwCleaner\AdwCleaner[S2].txt - [3983 Bytes] - [19/05/2017 20:40:56]
C:\AdwCleaner\AdwCleaner[S3].txt - [4047 Bytes] - [19/05/2017 20:48:09]
C:\AdwCleaner\AdwCleaner[S4].txt - [1944 Bytes] - [19/05/2017 20:57:44]
C:\AdwCleaner\AdwCleaner[S5].txt - [2106 Bytes] - [19/05/2017 21:00:39]
C:\AdwCleaner\AdwCleaner[S6].txt - [2360 Bytes] - [20/05/2017 13:10:37]
C:\AdwCleaner\AdwCleaner[S7].txt - [2433 Bytes] - [20/05/2017 13:15:06]
C:\AdwCleaner\AdwCleaner[S8].txt - [2506 Bytes] - [20/05/2017 13:38:11]
C:\AdwCleaner\AdwCleaner[S9].txt - [2579 Bytes] - [20/05/2017 13:44:39]

########## EOF - C:\AdwCleaner\AdwCleaner[S11].txt - [2364 Bytes] ##########

und dem mbam:

Code:

ATTFilter

Malwarebytes
www.malwarebytes.com

-Protokolldetails-
Scan-Datum: 21.05.17
Scan-Zeit: 21:05
Protokolldatei: mbam2.txt
Administrator: Ja

-Softwaredaten-
Version: 3.1.2.1733
Komponentenversion: 1.0.122
Version des Aktualisierungspakets: 1.0.1989
Lizenz: Testversion

-Systemdaten-
Betriebssystem: Windows 10
CPU: x64
Dateisystem: NTFS
Benutzer: DESKTOP-TP9DC4I\Pitti

-Scan-Übersicht-
Scan-Typ: Bedrohungs-Scan
Ergebnis: Abgeschlossen
Gescannte Objekte: 393910
Erkannte Bedrohungen: 0
(keine bösartigen Elemente erkannt)
In die Quarantäne verschobene Bedrohungen: 0
(keine bösartigen Elemente erkannt)
Abgelaufene Zeit: 8 Min., 36 Sek.

-Scan-Optionen-
Speicher: Aktiviert
Start: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

-Scan-Details-
Prozess: 0
(keine bösartigen Elemente erkannt)

Modul: 0
(keine bösartigen Elemente erkannt)

Registrierungsschlüssel: 0
(keine bösartigen Elemente erkannt)

Registrierungswert: 0
(keine bösartigen Elemente erkannt)

Registrierungsdaten: 0
(keine bösartigen Elemente erkannt)

Daten-Stream: 0
(keine bösartigen Elemente erkannt)

Ordner: 0
(keine bösartigen Elemente erkannt)

Datei: 0
(keine bösartigen Elemente erkannt)

Physischer Sektor: 0
(keine bösartigen Elemente erkannt)


(end)

Und zum Schluss noch die
Frst.txt:

Code:

ATTFilter

Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 20-05-2017
durchgeführt von Pitti (Administrator) auf DESKTOP-TP9DC4I (21-05-2017 21:15:31)
Gestartet von C:\Users\Pitti\Desktop\Scan
Geladene Profile: Pitti (Verfügbare Profile: Pitti)
Platform: Windows 10 Home Version 1607 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Edge)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Intel Corporation) C:\Windows\SysWOW64\esif_uf.exe
(Electronic Arts) C:\Program Files (x86)\Origin\OriginWebHelperService.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Intel Corporation) C:\Windows\Temp\DPTF\esif_assist_64.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
() C:\Windows\System32\igfxTray.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.15.597.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(AVAST Software) C:\Program Files\AVAST Software\SecureLine\secureline.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.5\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.5\GoogleCrashHandler64.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe
(Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.14393.1051_none_7f2bf7ea21d201b2\TiWorker.exe

==================== Registry (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2654512 2015-10-03] (NVIDIA Corporation)
HKLM\...\Run: [WindowsDefender] => C:\Program Files\Windows Defender\MSASCuiL.exe [631808 2017-04-28] (Microsoft Corporation)
HKLM\...\Run: [Malwarebytes TrayApp] => C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe [3146704 2017-05-09] (Malwarebytes)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2017-03-15] (Oracle Corporation)
HKU\S-1-5-21-1585193191-2329745140-1049602013-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3019552 2017-04-26] (Valve Corporation)
HKU\S-1-5-21-1585193191-2329745140-1049602013-1001\...\MountPoints2: {3f9e17ff-a47a-11e5-9bc5-806e6f6e6963} - "E:\Autorun.exe" 
HKU\S-1-5-18\...\Run: [] => [X]
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\avast! SecureLine.lnk [2015-12-17]
ShortcutTarget: avast! SecureLine.lnk -> C:\Program Files\AVAST Software\SecureLine\SecureLine.exe (AVAST Software)

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Winsock: Catalog5-x64 05 C:\WINDOWS\system32\NSBlockA.dll => Keine Datei  <===== ACHTUNG
Winsock: Catalog5-x64 08 C:\WINDOWS\system32\NSBlockB.dll => Keine Datei  <===== ACHTUNG
Hosts: Es ist mehr als ein Eintrag in der Hosts Datei zu finden. Siehe Hosts-Bereich in Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\Parameters: [NameServer] 8.8.8.8
Tcpip\..\Interfaces\{26b11a49-585f-4b43-a90c-9af3c3d7b25b}: [NameServer] 8.8.8.8
Tcpip\..\Interfaces\{5ecc1828-dea3-4170-b6c6-6d557ec1c429}: [NameServer] 8.8.8.8
Tcpip\..\Interfaces\{5ecc1828-dea3-4170-b6c6-6d557ec1c429}: [DhcpNameServer] 8.8.8.8
Tcpip\..\Interfaces\{6f16093c-bffb-4a7b-b894-777c10793d1c}: [NameServer] 8.8.8.8
Tcpip\..\Interfaces\{6f16093c-bffb-4a7b-b894-777c10793d1c}: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{7cc3dc70-8950-11e6-8ca6-806e6f6e6963}: [NameServer] 8.8.8.8
Tcpip\..\Interfaces\{996ea0b8-ca4a-4c25-9b44-fbad264c8641}: [NameServer] 8.8.8.8
Tcpip\..\Interfaces\{996ea0b8-ca4a-4c25-9b44-fbad264c8641}: [DhcpNameServer] 8.8.8.8
Tcpip\..\Interfaces\{ca4d7660-cb2f-4c16-a493-e99d991ed543}: [NameServer] 8.8.8.8
Tcpip\..\Interfaces\{ca4d7660-cb2f-4c16-a493-e99d991ed543}: [DhcpNameServer] 8.8.8.8
Tcpip\..\Interfaces\{efcfe49d-c6bb-4343-b2ec-b087ec086e71}: [NameServer] 8.8.8.8
Tcpip\..\Interfaces\{efcfe49d-c6bb-4343-b2ec-b087ec086e71}: [DhcpNameServer] 8.8.8.8
ManualProxies: 

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-1585193191-2329745140-1049602013-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-1585193191-2329745140-1049602013-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus15.msn.com/?pc=ASTE
SearchScopes: HKU\S-1-5-21-1585193191-2329745140-1049602013-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-1585193191-2329745140-1049602013-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2017-05-13] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_131\bin\ssv.dll [2017-04-26] (Oracle Corporation)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2017-05-13] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_131\bin\jp2ssv.dll [2017-04-26] (Oracle Corporation)
BHO-x32: Evernote extension -> {92EF2EAD-A7CE-4424-B0DB-499CF856608E} -> C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll [2015-04-30] (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-05-13] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-05-13] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-05-13] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-05-13] (Microsoft Corporation)

Edge: 
======
Edge Extension: (AdBlock) -> EdgeExtension_BetaFishAdBlock_c1wakc4j0nefm => C:\Program Files\WindowsApps\BetaFish.AdBlock_1.12.0.0_neutral__c1wakc4j0nefm [2017-05-02]

FireFox:
========
FF Plugin: @java.com/DTPlugin,version=11.131.2 -> C:\Program Files\Java\jre1.8.0_131\bin\dtplugin\npDeployJava1.dll [2017-04-26] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.131.2 -> C:\Program Files\Java\jre1.8.0_131\bin\plugin2\npjp2.dll [2017-04-26] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50906.0\npctrl.dll [2017-03-09] ( Microsoft Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.68 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-04-21] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2015-04-21] (Intel Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50906.0\npctrl.dll [2017-03-09] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2017-03-06] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-05-19] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-05-19] (Google Inc.)

Chrome: 
=======
CHR HomePage: Default -> hxxp://www.google.de/
CHR StartupUrls: Default -> "hxxps://www.google.de/","hxxps://www.google.com/"
CHR Profile: C:\Users\Pitti\AppData\Local\Google\Chrome\User Data\Default [2017-05-19]
CHR Extension: (Google Präsentationen) - C:\Users\Pitti\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-05-19]
CHR Extension: (Google Docs) - C:\Users\Pitti\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-05-19]
CHR Extension: (Google Drive) - C:\Users\Pitti\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-05-19]
CHR Extension: (YouTube) - C:\Users\Pitti\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-05-19]
CHR Extension: (Unknown Space) - C:\Users\Pitti\AppData\Local\Google\Chrome\User Data\Default\Extensions\bpjdbdbhiomamecfnjahemfimgjamhjd [2017-05-19]
CHR Extension: (Adblock Plus) - C:\Users\Pitti\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2017-05-19]
CHR Extension: (SingleClick Cleaner) - C:\Users\Pitti\AppData\Local\Google\Chrome\User Data\Default\Extensions\cknijndocnnlkpenngcdcpleddlmckkm [2017-05-19]
CHR Extension: (Google Tabellen) - C:\Users\Pitti\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-05-19]
CHR Extension: (Missing You Chrome Theme - Arthur) - C:\Users\Pitti\AppData\Local\Google\Chrome\User Data\Default\Extensions\fogbjgnancbcjnflfdkknedhcnnnkcbh [2017-05-19]
CHR Extension: (Google Docs Offline) - C:\Users\Pitti\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-05-19]
CHR Extension: (Little Alchemy) - C:\Users\Pitti\AppData\Local\Google\Chrome\User Data\Default\Extensions\knkapnclbofjjgicpkfoagdjohlfjhpd [2017-05-19]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Pitti\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-05-19]
CHR Extension: (Adblock Pro) - C:\Users\Pitti\AppData\Local\Google\Chrome\User Data\Default\Extensions\ocifcklkibdehekfnmflempfgjhbedch [2017-05-19]
CHR Extension: (Google Mail) - C:\Users\Pitti\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-05-19]
CHR Extension: (Chrome Media Router) - C:\Users\Pitti\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-05-19]

==================== Dienste (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1465352 2017-02-12] ()
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [3801280 2017-05-04] (Microsoft Corporation)
R2 esifsvc; C:\WINDOWS\SysWoW64\esif_uf.exe [1385640 2015-08-04] (Intel Corporation)
R2 igfxCUIService2.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [373728 2016-11-30] (Intel Corporation)
S4 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [881152 2015-05-22] (Intel(R) Corporation)
S4 Intel(R) Security Assist; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe [335872 2015-05-19] (Intel Corporation) [Datei ist nicht signiert]
S4 isaHelperSvc; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe [7680 2015-05-19] () [Datei ist nicht signiert]
S4 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [207648 2015-08-07] (Intel Corporation)
S4 Kingsoft_WPS_UpdateService; C:\Program Files (x86)\Kingsoft\WPS Office\9.1.0.4947\wtoolex\wpsupdatesvr.exe [133480 2015-08-18] (Zhuhai Kingsoft Office Software Co.,Ltd)
S4 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2960160 2016-04-22] (IObit)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [4470736 2017-05-09] (Malwarebytes)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2162064 2017-05-17] (Electronic Arts)
R2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3136920 2017-05-17] (Electronic Arts)
S4 SecureLine; C:\Program Files\AVAST Software\SecureLine\VpnSvc.exe [592392 2016-05-23] ()
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347320 2017-04-28] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103712 2017-04-28] (Microsoft Corporation)
S4 mccspsvc; "C:\Program Files\Common Files\McAfee\CSP\1.8.267.0\McCSPServiceHost.exe" [X]

===================== Treiber (Nicht auf der Ausnahmeliste) ======================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 atksgt; C:\WINDOWS\System32\DRIVERS\atksgt.sys [311968 2016-04-30] ()
R3 ATP; C:\WINDOWS\System32\drivers\AsusTP.sys [101368 2015-12-14] (ASUS Corporation)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131712 2016-09-05] (Samsung Electronics Co., Ltd.)
R3 dptf_cpu; C:\WINDOWS\System32\drivers\dptf_cpu.sys [43512 2015-08-04] (Intel Corporation)
R3 dptf_pch; C:\WINDOWS\System32\drivers\dptf_pch.sys [41976 2015-08-04] (Intel Corporation)
R3 esif_lf; C:\WINDOWS\system32\DRIVERS\esif_lf.sys [251384 2015-08-04] (Intel Corporation)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [77440 2017-05-09] ()
R0 IntelHSWPcc; C:\WINDOWS\System32\drivers\IntelPcc.sys [88256 2015-06-26] (Intel Corporation)
R2 lirsgt; C:\WINDOWS\System32\DRIVERS\lirsgt.sys [43168 2016-04-30] ()
R2 MBAMChameleon; C:\WINDOWS\system32\drivers\MBAMChameleon.sys [187320 2017-05-21] (Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\system32\drivers\farflt.sys [113592 2017-05-21] (Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\drivers\mbam.sys [43968 2017-05-21] (Malwarebytes)
R0 MBAMSwissArmy; C:\WINDOWS\System32\drivers\MBAMSwissArmy.sys [251832 2017-05-21] (Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\drivers\mwac.sys [93624 2017-05-21] (Malwarebytes)
S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nvamwu.inf_amd64_d4715679184092a8\nvlddmkm.sys [13754936 2016-09-12] (NVIDIA Corporation)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [887552 2015-07-15] (Realtek                                            )
R3 RTSPER; C:\WINDOWS\system32\DRIVERS\RtsPer.sys [751632 2015-05-14] (Realsil Semiconductor Corporation)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [165504 2016-09-05] (Samsung Electronics Co., Ltd.)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2017-05-21 14:14 - 2017-05-21 21:03 - 00113592 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2017-05-21 14:14 - 2017-05-21 21:03 - 00093624 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2017-05-21 14:14 - 2017-05-21 14:14 - 00187320 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMChameleon.sys
2017-05-21 14:13 - 2017-05-21 21:03 - 00043968 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2017-05-21 14:13 - 2017-05-21 21:02 - 00251832 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2017-05-21 14:13 - 2017-05-21 14:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2017-05-21 14:13 - 2017-05-21 14:13 - 00000000 ____D C:\ProgramData\Malwarebytes
2017-05-21 14:13 - 2017-05-21 14:13 - 00000000 ____D C:\Program Files\Malwarebytes
2017-05-21 14:13 - 2017-05-09 16:37 - 00077440 _____ C:\WINDOWS\system32\Drivers\mbae64.sys
2017-05-21 14:12 - 2017-05-21 14:12 - 63364552 _____ (Malwarebytes ) C:\Users\Pitti\Downloads\mb3-setup-consumer-3.1.2.1733-1.0.122-1.0.1976.exe
2017-05-20 16:45 - 2017-05-21 21:15 - 00000000 ____D C:\Users\Pitti\Desktop\Scan
2017-05-20 13:45 - 2017-05-20 13:46 - 00505012 _____ C:\WINDOWS\Minidump\052017-36734-01.dmp
2017-05-20 13:39 - 2017-05-20 13:40 - 00508644 _____ C:\WINDOWS\Minidump\052017-29421-01.dmp
2017-05-20 13:16 - 2017-05-20 13:17 - 00504508 _____ C:\WINDOWS\Minidump\052017-34703-01.dmp
2017-05-20 13:11 - 2017-05-20 13:12 - 00512940 _____ C:\WINDOWS\Minidump\052017-27093-01.dmp
2017-05-20 08:41 - 2017-05-21 21:15 - 00000000 ____D C:\FRST
2017-05-19 20:56 - 2017-05-19 20:56 - 00000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job
2017-05-19 20:32 - 2017-05-21 14:29 - 00001373 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-05-19 20:32 - 2017-05-21 14:29 - 00001361 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2017-05-19 20:32 - 2017-05-19 20:32 - 01130328 _____ (Google Inc.) C:\Users\Pitti\Downloads\ChromeSetup.exe
2017-05-19 20:32 - 2017-05-19 20:32 - 00003628 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2017-05-19 20:32 - 2017-05-19 20:32 - 00003504 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2017-05-14 18:31 - 2017-05-14 18:31 - 00001258 _____ C:\Users\Pitti\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Update- und Datenschutzeinstellungen.lnk
2017-05-14 18:31 - 2017-05-14 18:31 - 00000000 ____D C:\Users\Pitti\AppData\Local\UNP
2017-05-13 16:21 - 2017-05-13 16:21 - 00000000 ___HD C:\$SysReset
2017-05-13 15:34 - 2017-05-13 15:34 - 00000000 ____D C:\ProgramData\WinZip
2017-05-13 15:33 - 2017-05-13 15:34 - 00000000 ____D C:\Program Files\WinZip
2017-05-13 15:33 - 2017-05-13 15:33 - 00000000 ____D C:\Users\Pitti\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinZip 21.5
2017-05-13 15:32 - 2017-05-13 15:32 - 00000000 ____D C:\WINDOWS\CD95F661A5C444F5A6AAECDD91C2410F.TMP
2017-05-13 15:31 - 2017-05-13 17:06 - 00000000 ____D C:\Users\Pitti\AppData\Roaming\Nico Mak Computing
2017-05-13 15:19 - 2017-05-13 15:19 - 00000465 _____ C:\Users\Pitti\Downloads\SPug
2017-05-13 14:40 - 2017-05-13 14:40 - 00000000 ____D C:\Users\Pitti\AppData\Local\ElevatedDiagnostics
2017-05-13 14:39 - 2017-05-13 14:39 - 00003256 _____ C:\WINDOWS\System32\Tasks\{C4A9F1C2-B0D8-4A93-8B94-4D7396F9BCA3}
2017-05-13 14:24 - 2017-05-13 14:24 - 00000026 _____ C:\WINDOWS\Zone.Identifier
2017-05-13 13:55 - 2017-05-21 14:23 - 00000000 ____D C:\ProgramData\0cba1143376c450fbb3a89392df868d0
2017-05-12 20:18 - 2017-05-12 20:18 - 00000000 ____D C:\Users\Pitti\AppData\Roaming\Google
2017-05-12 17:09 - 2017-05-12 17:10 - 00000000 ____D C:\Program Files\UNP
2017-05-12 17:09 - 2017-05-12 17:09 - 00000000 ____D C:\WINDOWS\system32\UNP
2017-05-12 15:36 - 2017-05-21 14:23 - 00000000 ____D C:\Users\Pitti\AppData\Roaming\ServerTest
2017-05-12 15:32 - 2017-05-12 15:32 - 00000000 ____D C:\Users\Pitti\AppData\Local\CrashRpt
2017-05-12 15:24 - 2017-05-12 15:32 - 00000000 ____D C:\Users\Pitti\AppData\Local\navi
2017-05-10 16:09 - 2017-05-10 16:09 - 00051628 _____ C:\WINDOWS\uninstaller.dat
2017-05-10 14:35 - 2017-04-28 02:56 - 02048488 _____ C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2017-05-10 14:35 - 2017-04-28 02:48 - 00263472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Storage.ApplicationData.dll
2017-05-10 14:35 - 2017-04-28 02:46 - 05722320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2017-05-10 14:35 - 2017-04-28 02:46 - 01504056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2017-05-10 14:35 - 2017-04-28 02:46 - 01431232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2017-05-10 14:35 - 2017-04-28 02:45 - 02263832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2017-05-10 14:35 - 2017-04-28 02:45 - 00975744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll
2017-05-10 14:35 - 2017-04-28 02:45 - 00861024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2017-05-10 14:35 - 2017-04-28 02:45 - 00116576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudExperienceHostCommon.dll
2017-05-10 14:35 - 2017-04-28 02:43 - 00846560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll
2017-05-10 14:35 - 2017-04-28 02:40 - 06665952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2017-05-10 14:35 - 2017-04-28 02:40 - 04023008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2017-05-10 14:35 - 2017-04-28 02:40 - 01851696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2017-05-10 14:35 - 2017-04-28 02:40 - 01360456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetsrc.dll
2017-05-10 14:35 - 2017-04-28 02:40 - 01277856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll
2017-05-10 14:35 - 2017-04-28 02:40 - 01202936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2017-05-10 14:35 - 2017-04-28 02:40 - 00981888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetcore.dll
2017-05-10 14:35 - 2017-04-28 02:39 - 20967840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2017-05-10 14:35 - 2017-04-28 02:29 - 05685760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2017-05-10 14:35 - 2017-04-28 02:23 - 00095232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTimeUtil.dll
2017-05-10 14:35 - 2017-04-28 02:22 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\odbcconf.dll
2017-05-10 14:35 - 2017-04-28 02:21 - 00224256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExSMime.dll
2017-05-10 14:35 - 2017-04-28 02:20 - 00141824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Radios.dll
2017-05-10 14:35 - 2017-04-28 02:19 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDeviceRegistration.dll
2017-05-10 14:35 - 2017-04-28 02:19 - 00138240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DisplayManager.dll
2017-05-10 14:35 - 2017-04-28 02:18 - 00255488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\unimdm.tsp
2017-05-10 14:35 - 2017-04-28 02:17 - 00142336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.WiFi.dll
2017-05-10 14:35 - 2017-04-28 02:17 - 00136192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinRtTracing.dll
2017-05-10 14:35 - 2017-04-28 02:17 - 00094208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryClient.dll
2017-05-10 14:35 - 2017-04-28 02:16 - 00392192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Gaming.Input.dll
2017-05-10 14:35 - 2017-04-28 02:16 - 00374784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.LowLevel.dll
2017-05-10 14:35 - 2017-04-28 02:16 - 00315904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Gaming.XboxLive.Storage.dll
2017-05-10 14:35 - 2017-04-28 02:16 - 00184320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserMgrProxy.dll
2017-05-10 14:35 - 2017-04-28 02:16 - 00180224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
2017-05-10 14:35 - 2017-04-28 02:16 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppointmentActivation.dll
2017-05-10 14:35 - 2017-04-28 02:16 - 00113152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Lights.dll
2017-05-10 14:35 - 2017-04-28 02:15 - 00557568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll
2017-05-10 14:35 - 2017-04-28 02:15 - 00237568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SyncSettings.dll
2017-05-10 14:35 - 2017-04-28 02:15 - 00117760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AuthBroker.dll
2017-05-10 14:35 - 2017-04-28 02:15 - 00115712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Core.dll
2017-05-10 14:35 - 2017-04-28 02:14 - 00670208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.PointOfService.dll
2017-05-10 14:35 - 2017-04-28 02:14 - 00483840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.AllJoyn.dll
2017-05-10 14:35 - 2017-04-28 02:14 - 00223232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgentUserBroker.exe
2017-05-10 14:35 - 2017-04-28 02:13 - 13873664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2017-05-10 14:35 - 2017-04-28 02:13 - 01243136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.FaceAnalysis.dll
2017-05-10 14:35 - 2017-04-28 02:13 - 00562176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.SmartCards.dll
2017-05-10 14:35 - 2017-04-28 02:13 - 00426496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Wallet.dll
2017-05-10 14:35 - 2017-04-28 02:13 - 00386048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.WiFiDirect.dll
2017-05-10 14:35 - 2017-04-28 02:13 - 00332288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Bluetooth.dll
2017-05-10 14:35 - 2017-04-28 02:13 - 00325120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleacc.dll
2017-05-10 14:35 - 2017-04-28 02:13 - 00298496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2017-05-10 14:35 - 2017-04-28 02:13 - 00271360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\deviceaccess.dll
2017-05-10 14:35 - 2017-04-28 02:13 - 00218624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WwaApi.dll
2017-05-10 14:35 - 2017-04-28 02:13 - 00202752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.HumanInterfaceDevice.dll
2017-05-10 14:35 - 2017-04-28 02:13 - 00185856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Identity.Provider.dll
2017-05-10 14:35 - 2017-04-28 02:13 - 00175616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Scanners.dll
2017-05-10 14:35 - 2017-04-28 02:12 - 00498688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mbsmsapi.dll
2017-05-10 14:35 - 2017-04-28 02:12 - 00431616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\efswrt.dll
2017-05-10 14:35 - 2017-04-28 02:12 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Picker.dll
2017-05-10 14:35 - 2017-04-28 02:11 - 00747520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Ocr.dll
2017-05-10 14:35 - 2017-04-28 02:10 - 00819200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppContracts.dll
2017-05-10 14:35 - 2017-04-28 02:10 - 00314368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Usb.dll
2017-05-10 14:35 - 2017-04-28 02:10 - 00284672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.dll
2017-05-10 14:35 - 2017-04-28 02:10 - 00238080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AboveLockAppHost.dll
2017-05-10 14:35 - 2017-04-28 02:09 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2017-05-10 14:35 - 2017-04-28 02:08 - 01534464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.Printing.3D.dll
2017-05-10 14:35 - 2017-04-28 02:08 - 00653312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.AccountsControl.dll
2017-05-10 14:35 - 2017-04-28 02:08 - 00288256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CryptoWinRT.dll
2017-05-10 14:35 - 2017-04-28 02:06 - 04614656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2017-05-10 14:35 - 2017-04-28 02:06 - 02333184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmSvc.dll
2017-05-10 14:35 - 2017-04-28 02:06 - 00901120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Bluetooth.dll
2017-05-10 14:35 - 2017-04-28 02:06 - 00675840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.dll
2017-05-10 14:35 - 2017-04-28 02:05 - 03733504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_47.dll
2017-05-10 14:35 - 2017-04-28 02:05 - 00589312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Sensors.dll
2017-05-10 14:35 - 2017-04-28 02:03 - 01077760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Editing.dll
2017-05-10 14:35 - 2017-04-28 02:03 - 00355328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RTMediaFrame.dll
2017-05-10 14:35 - 2017-04-28 02:02 - 03307008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2017-05-10 14:35 - 2017-04-28 02:01 - 00795648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MiracastReceiver.dll
2017-05-10 14:35 - 2017-04-28 02:01 - 00713216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpnapps.dll
2017-05-10 14:35 - 2017-04-28 02:01 - 00343040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToDevice.dll
2017-05-10 14:35 - 2017-04-28 02:01 - 00248832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dlnashext.dll
2017-05-10 14:35 - 2017-04-28 02:01 - 00141312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dialclient.dll
2017-05-10 14:35 - 2017-04-28 02:00 - 01255936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll
2017-05-10 14:35 - 2017-04-28 01:59 - 00895488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Streaming.dll
2017-05-10 14:35 - 2017-04-28 01:59 - 00220672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToReceiver.dll
2017-05-10 14:35 - 2017-04-28 01:58 - 07468544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2017-05-10 14:35 - 2017-04-28 01:58 - 00134144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ErrorDetails.dll
2017-05-10 14:35 - 2017-04-28 01:57 - 01247232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Globalization.dll
2017-05-10 14:35 - 2017-04-28 01:57 - 01221120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Audio.dll
2017-05-10 14:35 - 2017-04-28 01:57 - 00641024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MCRecvSrc.dll
2017-05-10 14:35 - 2017-04-28 01:56 - 00400384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToManager.dll
2017-05-10 14:35 - 2017-04-28 01:56 - 00357376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Geolocation.dll
2017-05-10 14:35 - 2017-04-28 01:56 - 00103936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Devices.dll
2017-05-10 14:35 - 2017-04-28 01:55 - 01656320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Perception.dll
2017-05-10 14:35 - 2017-04-28 01:55 - 01232384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Maps.dll
2017-05-10 14:35 - 2017-04-28 01:55 - 01170944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Speech.dll
2017-05-10 14:35 - 2017-04-28 01:55 - 01004544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Input.Inking.dll
2017-05-10 14:35 - 2017-04-28 01:54 - 02646528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CertEnroll.dll
2017-05-10 14:35 - 2017-04-28 01:54 - 02483200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2017-05-10 14:35 - 2017-04-28 01:54 - 01013248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.Http.dll
2017-05-10 14:35 - 2017-04-28 01:54 - 00654336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MbaeApiPublic.dll
2017-05-10 14:35 - 2017-04-28 01:54 - 00598528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.dll
2017-05-10 14:35 - 2017-04-28 01:54 - 00566784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ShareHost.dll
2017-05-10 14:35 - 2017-04-28 01:54 - 00348160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Midi.dll
2017-05-10 14:35 - 2017-04-28 01:53 - 01170944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Phone.dll
2017-05-10 14:35 - 2017-04-28 01:53 - 00751104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.BackgroundTransfer.dll
2017-05-10 14:35 - 2017-04-28 01:53 - 00621056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll
2017-05-10 14:35 - 2017-04-28 01:52 - 03106304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstsc.exe
2017-05-10 14:35 - 2017-04-28 01:52 - 02994176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2017-05-10 14:35 - 2017-04-28 01:52 - 01600000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2017-05-10 14:35 - 2017-04-28 01:50 - 00783360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TSWorkspace.dll
2017-05-10 14:35 - 2017-04-28 01:30 - 00483840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2017-05-10 14:35 - 2017-03-04 09:57 - 00484584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2017-05-10 14:35 - 2017-03-04 08:22 - 00265728 _____ C:\WINDOWS\SysWOW64\Windows.Perception.Stub.dll
2017-05-10 14:35 - 2017-03-04 08:17 - 00529920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StructuredQuery.dll
2017-05-10 14:35 - 2017-03-04 08:16 - 00500224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.Printing.dll
2017-05-10 14:35 - 2017-03-04 08:01 - 00827904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll
2017-05-10 14:35 - 2017-03-04 08:00 - 00691200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2017-05-10 14:34 - 2017-04-28 03:28 - 00965472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReAgent.dll
2017-05-10 14:34 - 2017-04-28 02:59 - 00601712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2017-05-10 14:34 - 2017-04-28 02:58 - 01706488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2017-05-10 14:34 - 2017-04-28 02:57 - 00794928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Shell.Broker.dll
2017-05-10 14:34 - 2017-04-28 02:55 - 00088416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\scmbus.sys
2017-05-10 14:34 - 2017-04-28 02:53 - 02213760 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2017-05-10 14:34 - 2017-04-28 02:53 - 00774224 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2017-05-10 14:34 - 2017-04-28 02:53 - 00616048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kernel32.dll
2017-05-10 14:34 - 2017-04-28 02:45 - 00781144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2017-05-10 14:34 - 2017-04-28 02:45 - 00493920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2017-05-10 14:34 - 2017-04-28 02:43 - 02168288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2017-05-10 14:34 - 2017-04-28 02:43 - 01980768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2017-05-10 14:34 - 2017-04-28 02:43 - 01557224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\crypt32.dll
2017-05-10 14:34 - 2017-04-28 02:42 - 00601952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupEngine.dll
2017-05-10 14:34 - 2017-04-28 02:41 - 00361104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsmf.dll
2017-05-10 14:34 - 2017-04-28 02:40 - 07220184 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2017-05-10 14:34 - 2017-04-28 02:40 - 01860288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2017-05-10 14:34 - 2017-04-28 02:40 - 00857440 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2017-05-10 14:34 - 2017-04-28 02:40 - 00352760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MMDevAPI.dll
2017-05-10 14:34 - 2017-04-28 02:39 - 04312248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2017-05-10 14:34 - 2017-04-28 02:39 - 00962760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2017-05-10 14:34 - 2017-04-28 02:39 - 00715104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys
2017-05-10 14:34 - 2017-04-28 02:38 - 00847200 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupEngine.dll
2017-05-10 14:34 - 2017-04-28 02:38 - 00557408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2017-05-10 14:34 - 2017-04-28 02:36 - 00408600 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsmf.dll
2017-05-10 14:34 - 2017-04-28 02:36 - 00092512 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2017-05-10 14:34 - 2017-04-28 02:35 - 08170600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2017-05-10 14:34 - 2017-04-28 02:35 - 04260576 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2017-05-10 14:34 - 2017-04-28 02:35 - 01988048 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2017-05-10 14:34 - 2017-04-28 02:35 - 01702392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
2017-05-10 14:34 - 2017-04-28 02:35 - 01414208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2017-05-10 14:34 - 2017-04-28 02:35 - 01302136 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2017-05-10 14:34 - 2017-04-28 02:35 - 00596040 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2017-05-10 14:34 - 2017-04-28 02:35 - 00276832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\input.dll
2017-05-10 14:34 - 2017-04-28 02:34 - 22220856 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2017-05-10 14:34 - 2017-04-28 02:34 - 01072248 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetcore.dll
2017-05-10 14:34 - 2017-04-28 02:34 - 00443232 _____ (Microsoft Corporation) C:\WINDOWS\system32\MMDevAPI.dll
2017-05-10 14:34 - 2017-04-28 02:34 - 00244824 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2017-05-10 14:34 - 2017-04-28 02:28 - 00453536 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe
2017-05-10 14:34 - 2017-04-28 02:28 - 00387864 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpps.dll
2017-05-10 14:34 - 2017-04-28 02:23 - 01631232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Resources.dll
2017-05-10 14:34 - 2017-04-28 02:22 - 00165376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReInfo.dll
2017-05-10 14:34 - 2017-04-28 02:21 - 00027648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BthTelemetry.dll
2017-05-10 14:34 - 2017-04-28 02:20 - 00044032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\virtdisk.dll
2017-05-10 14:34 - 2017-04-28 02:18 - 00450560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastls.dll
2017-05-10 14:34 - 2017-04-28 02:18 - 00285184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.BlockedShutdown.dll
2017-05-10 14:34 - 2017-04-28 02:17 - 00328192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2017-05-10 14:34 - 2017-04-28 02:17 - 00095232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BluetoothApis.dll
2017-05-10 14:34 - 2017-04-28 02:16 - 00231936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.LockScreen.dll
2017-05-10 14:34 - 2017-04-28 02:16 - 00203776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\credprovhost.dll
2017-05-10 14:34 - 2017-04-28 02:15 - 00404992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dsreg.dll
2017-05-10 14:34 - 2017-04-28 02:15 - 00334848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastlsext.dll
2017-05-10 14:34 - 2017-04-28 02:15 - 00206336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bthprops.cpl
2017-05-10 14:34 - 2017-04-28 02:13 - 01755136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DeviceFlows.DataModel.dll
2017-05-10 14:34 - 2017-04-28 02:13 - 00506880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DevicePairing.dll
2017-05-10 14:34 - 2017-04-28 02:13 - 00206336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vaultcli.dll
2017-05-10 14:34 - 2017-04-28 02:13 - 00125952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apprepapi.dll
2017-05-10 14:34 - 2017-04-28 02:13 - 00114176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\setupugc.exe
2017-05-10 14:34 - 2017-04-28 02:12 - 00284672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apprepsync.dll
2017-05-10 14:34 - 2017-04-28 02:11 - 00846336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WebcamUi.dll
2017-05-10 14:34 - 2017-04-28 02:11 - 00075776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\updatepolicy.dll
2017-05-10 14:34 - 2017-04-28 02:10 - 00857600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EmailApis.dll
2017-05-10 14:34 - 2017-04-28 02:10 - 00816640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NaturalLanguage6.dll
2017-05-10 14:34 - 2017-04-28 02:10 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mprddm.dll
2017-05-10 14:34 - 2017-04-28 02:09 - 00525824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintDialogs.dll
2017-05-10 14:34 - 2017-04-28 02:09 - 00509440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2017-05-10 14:34 - 2017-04-28 02:09 - 00368128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\puiobj.dll
2017-05-10 14:34 - 2017-04-28 02:09 - 00352256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Enumeration.dll
2017-05-10 14:34 - 2017-04-28 02:08 - 07626752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2017-05-10 14:34 - 2017-04-28 02:08 - 01228288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usercpl.dll
2017-05-10 14:34 - 2017-04-28 02:07 - 03689984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2017-05-10 14:34 - 2017-04-28 02:07 - 00525312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LogonController.dll
2017-05-10 14:34 - 2017-04-28 02:07 - 00372736 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXTaskFactory.dll
2017-05-10 14:34 - 2017-04-28 02:07 - 00256512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\thumbcache.dll
2017-05-10 14:34 - 2017-04-28 02:05 - 00886272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2017-05-10 14:34 - 2017-04-28 02:05 - 00709120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CPFilters.dll
2017-05-10 14:34 - 2017-04-28 02:04 - 01323008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_fs.dll
2017-05-10 14:34 - 2017-04-28 02:04 - 00119808 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTimeUtil.dll
2017-05-10 14:34 - 2017-04-28 02:03 - 01137152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_health.dll
2017-05-10 14:34 - 2017-04-28 02:03 - 00318464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LocationApi.dll
2017-05-10 14:34 - 2017-04-28 02:03 - 00291328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\adsnt.dll
2017-05-10 14:34 - 2017-04-28 02:03 - 00134656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Energy.dll
2017-05-10 14:34 - 2017-04-28 02:02 - 00123904 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2017-05-10 14:34 - 2017-04-28 02:02 - 00115200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bridge.sys
2017-05-10 14:34 - 2017-04-28 02:02 - 00040448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vwifimp.sys
2017-05-10 14:34 - 2017-04-28 02:01 - 00295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\unimdm.tsp
2017-05-10 14:34 - 2017-04-28 02:01 - 00233472 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2017-05-10 14:34 - 2017-04-28 02:00 - 12349440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2017-05-10 14:34 - 2017-04-28 02:00 - 02749440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mispace.dll
2017-05-10 14:34 - 2017-04-28 02:00 - 00193536 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinRtTracing.dll
2017-05-10 14:34 - 2017-04-28 02:00 - 00149504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Core.dll
2017-05-10 14:34 - 2017-04-28 01:59 - 02154496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\storagewmi.dll
2017-05-10 14:34 - 2017-04-28 01:59 - 00467968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Gaming.XboxLive.Storage.dll
2017-05-10 14:34 - 2017-04-28 01:58 - 00546304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\uReFS.dll
2017-05-10 14:34 - 2017-04-28 01:58 - 00433664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\imapi2.dll
2017-05-10 14:34 - 2017-04-28 01:58 - 00418304 _____ C:\WINDOWS\system32\Windows.Perception.Stub.dll
2017-05-10 14:34 - 2017-04-28 01:58 - 00211968 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2017-05-10 14:34 - 2017-04-28 01:58 - 00090624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll
2017-05-10 14:34 - 2017-04-28 01:57 - 01507840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.FaceAnalysis.dll
2017-05-10 14:34 - 2017-04-28 01:57 - 00719872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_sr.dll
2017-05-10 14:34 - 2017-04-28 01:57 - 00216576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Scanners.dll
2017-05-10 14:34 - 2017-04-28 01:57 - 00089600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CameraCaptureUI.dll
2017-05-10 14:34 - 2017-04-28 01:56 - 00748544 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2017-05-10 14:34 - 2017-04-28 01:56 - 00590336 _____ (Microsoft Corporation) C:\WINDOWS\system32\efswrt.dll
2017-05-10 14:34 - 2017-04-28 01:56 - 00358912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.dll
2017-05-10 14:34 - 2017-04-28 01:56 - 00333312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsApi.dll
2017-05-10 14:34 - 2017-04-28 01:56 - 00293888 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2017-05-10 14:34 - 2017-04-28 01:56 - 00260608 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgentUserBroker.exe
2017-05-10 14:34 - 2017-04-28 01:55 - 01993216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2017-05-10 14:34 - 2017-04-28 01:55 - 01987584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2017-05-10 14:34 - 2017-04-28 01:55 - 01413632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OpcServices.dll
2017-05-10 14:34 - 2017-04-28 01:55 - 00561664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Wallet.dll
2017-05-10 14:34 - 2017-04-28 01:55 - 00307200 _____ (Microsoft Corporation) C:\WINDOWS\system32\PrintDialogs3D.dll
2017-05-10 14:34 - 2017-04-28 01:55 - 00252416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Identity.Provider.dll
2017-05-10 14:34 - 2017-04-28 01:54 - 02747904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpcore.dll
2017-05-10 14:34 - 2017-04-28 01:54 - 01883648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
2017-05-10 14:34 - 2017-04-28 01:54 - 00284160 _____ (Microsoft Corporation) C:\WINDOWS\system32\AboveLockAppHost.dll
2017-05-10 14:34 - 2017-04-28 01:53 - 06288384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2017-05-10 14:34 - 2017-04-28 01:53 - 03059200 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2017-05-10 14:34 - 2017-04-28 01:53 - 00798208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2017-05-10 14:34 - 2017-04-28 01:53 - 00671744 _____ (Microsoft Corporation) C:\WINDOWS\system32\mbsmsapi.dll
2017-05-10 14:34 - 2017-04-28 01:53 - 00579584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.UX.EapRequestHandler.dll
2017-05-10 14:34 - 2017-04-28 01:53 - 00245760 _____ (Microsoft Corporation) C:\WINDOWS\system32\WwaApi.dll
2017-05-10 14:34 - 2017-04-28 01:52 - 02008576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2017-05-10 14:34 - 2017-04-28 01:51 - 00713216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2017-05-10 14:34 - 2017-04-28 01:51 - 00458752 _____ (Microsoft Corporation) C:\WINDOWS\system32\RTMediaFrame.dll
2017-05-10 14:34 - 2017-04-28 01:51 - 00409600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys
2017-05-10 14:34 - 2017-04-28 01:50 - 03778048 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2017-05-10 14:34 - 2017-04-28 01:49 - 00864256 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnapps.dll
2017-05-10 14:34 - 2017-04-28 01:47 - 01908224 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2017-05-10 14:34 - 2017-04-28 01:47 - 01078784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.dll
2017-05-10 14:34 - 2017-04-28 01:47 - 00796672 _____ (Microsoft Corporation) C:\WINDOWS\system32\fvewiz.dll
2017-05-10 14:34 - 2017-04-28 01:47 - 00627200 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpaceControl.dll
2017-05-10 14:34 - 2017-04-28 01:45 - 01217024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Audio.dll
2017-05-10 14:34 - 2017-04-28 01:45 - 00411648 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsApi.dll
2017-05-10 14:34 - 2017-04-28 01:44 - 01366016 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2017-05-10 14:34 - 2017-04-28 01:44 - 01145344 _____ (Microsoft Corporation) C:\WINDOWS\system32\EmailApis.dll
2017-05-10 14:34 - 2017-04-28 01:44 - 00583680 _____ (Microsoft Corporation) C:\WINDOWS\system32\PrintDialogs.dll
2017-05-10 14:34 - 2017-04-28 01:44 - 00548864 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2017-05-10 14:34 - 2017-04-28 01:43 - 00963584 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebcamUi.dll
2017-05-10 14:34 - 2017-04-28 01:43 - 00646656 _____ (Microsoft Corporation) C:\WINDOWS\system32\wiaservc.dll
2017-05-10 14:34 - 2017-04-28 01:43 - 00526336 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2017-05-10 14:34 - 2017-04-28 01:43 - 00331264 _____ (Microsoft Corporation) C:\WINDOWS\system32\NgcCtnrSvc.dll
2017-05-10 14:34 - 2017-04-28 01:42 - 13441536 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2017-05-10 14:34 - 2017-04-28 01:42 - 08076288 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2017-05-10 14:34 - 2017-04-28 01:42 - 02390016 _____ (Microsoft Corporation) C:\WINDOWS\system32\smartscreen.exe
2017-05-10 14:34 - 2017-04-28 01:41 - 01080320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Ocr.dll
2017-05-10 14:34 - 2017-04-28 01:41 - 00983040 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcsvc.dll
2017-05-10 14:34 - 2017-04-28 01:41 - 00860160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mprddm.dll
2017-05-10 14:34 - 2017-04-28 01:41 - 00611328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Printing.dll
2017-05-10 14:34 - 2017-04-28 01:40 - 00816640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
2017-05-10 14:34 - 2017-04-28 01:39 - 04596224 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsrchvw.exe
2017-05-10 14:34 - 2017-04-28 01:39 - 00846336 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApiPublic.dll
2017-05-10 14:34 - 2017-04-28 01:38 - 02424320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Perception.dll
2017-05-10 14:34 - 2017-04-28 01:38 - 01359360 _____ (Microsoft Corporation) C:\WINDOWS\system32\usercpl.dll
2017-05-10 14:34 - 2017-04-28 01:38 - 00765440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Sensors.dll
2017-05-10 14:34 - 2017-04-28 01:37 - 04149248 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2017-05-10 14:34 - 2017-04-28 01:37 - 03134976 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcore.dll
2017-05-10 14:34 - 2017-04-28 01:37 - 02538496 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2017-05-10 14:34 - 2017-04-28 01:37 - 01984000 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2017-05-10 14:34 - 2017-04-28 01:37 - 01424896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Maps.dll
2017-05-10 14:34 - 2017-04-28 01:37 - 01266176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Input.Inking.dll
2017-05-10 14:34 - 2017-04-28 01:37 - 00391168 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2017-05-10 14:34 - 2017-04-28 01:36 - 01131008 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2017-05-10 14:34 - 2017-04-28 01:35 - 03299840 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstsc.exe
2017-05-10 14:34 - 2017-04-28 01:34 - 00999424 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWorkspace.dll
2017-05-10 14:34 - 2017-03-04 09:09 - 01293152 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2017-05-10 14:34 - 2017-03-04 08:27 - 00456192 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiobj.dll
2017-05-10 14:34 - 2017-03-04 08:25 - 01388544 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Cred.dll
2017-05-10 14:34 - 2017-03-04 08:23 - 00299520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataAccountApis.dll
2017-05-10 14:34 - 2017-03-04 08:19 - 01403392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Editing.dll
2017-05-10 14:34 - 2017-03-04 08:06 - 01369088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Phone.dll
2017-05-10 14:34 - 2017-03-04 08:05 - 03520512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xpsrchvw.exe
2017-05-10 14:33 - 2017-04-28 02:57 - 00603488 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContentDeliveryManager.Utilities.dll
2017-05-10 14:33 - 2017-04-28 02:56 - 01117024 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReAgent.dll
2017-05-10 14:33 - 2017-04-28 02:53 - 07784288 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2017-05-10 14:33 - 2017-04-28 02:52 - 02255712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2017-05-10 14:33 - 2017-04-28 02:49 - 02681200 _____ C:\WINDOWS\system32\CoreUIComponents.dll
2017-05-10 14:33 - 2017-04-28 02:49 - 00764392 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2017-05-10 14:33 - 2017-04-28 02:49 - 00700936 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel32.dll
2017-05-10 14:33 - 2017-04-28 02:47 - 00699744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimgapi.dll
2017-05-10 14:33 - 2017-04-28 02:47 - 00501088 _____ (Microsoft Corporation) C:\WINDOWS\system32\spwizeng.dll
2017-05-10 14:33 - 2017-04-28 02:46 - 00410464 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinSetupUI.dll
2017-05-10 14:33 - 2017-04-28 02:44 - 00062816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fsdepends.sys
2017-05-10 14:33 - 2017-04-28 02:42 - 00526176 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimserv.exe
2017-05-10 14:33 - 2017-04-28 02:42 - 00328008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Storage.ApplicationData.dll
2017-05-10 14:33 - 2017-04-28 02:40 - 02759704 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2017-05-10 14:33 - 2017-04-28 02:40 - 02187104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2017-05-10 14:33 - 2017-04-28 02:40 - 01738560 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2017-05-10 14:33 - 2017-04-28 02:40 - 01157000 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2017-05-10 14:33 - 2017-04-28 02:40 - 00578400 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2017-05-10 14:33 - 2017-04-28 02:40 - 00402784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2017-05-10 14:33 - 2017-04-28 02:40 - 00146784 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostCommon.dll
2017-05-10 14:33 - 2017-04-28 02:40 - 00026976 _____ (Microsoft Corporation) C:\WINDOWS\system32\browser_broker.exe
2017-05-10 14:33 - 2017-04-28 02:39 - 00624048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2017-05-10 14:33 - 2017-04-28 02:38 - 02915704 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2017-05-10 14:33 - 2017-04-28 02:38 - 02446704 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2017-05-10 14:33 - 2017-04-28 02:38 - 01852200 _____ (Microsoft Corporation) C:\WINDOWS\system32\crypt32.dll
2017-05-10 14:33 - 2017-04-28 02:38 - 01267512 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2017-05-10 14:33 - 2017-04-28 02:38 - 00431968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2017-05-10 14:33 - 2017-04-28 02:34 - 04674360 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2017-05-10 14:33 - 2017-04-28 02:34 - 01600624 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2017-05-10 14:33 - 2017-04-28 02:34 - 01277824 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2017-05-10 14:33 - 2017-04-28 02:34 - 00241504 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHost.dll
2017-05-10 14:33 - 2017-04-28 02:30 - 01569184 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2017-05-10 14:33 - 2017-04-28 02:30 - 00322912 _____ (Microsoft Corporation) C:\WINDOWS\system32\input.dll
2017-05-10 14:33 - 2017-04-28 02:28 - 00455520 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2017-05-10 14:33 - 2017-04-28 02:21 - 00073728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdc.ocx
2017-05-10 14:33 - 2017-04-28 02:19 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbonRes.dll
2017-05-10 14:33 - 2017-04-28 02:19 - 00081408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2017-05-10 14:33 - 2017-04-28 02:15 - 00822784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2017-05-10 14:33 - 2017-04-28 02:15 - 00126464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
2017-05-10 14:33 - 2017-04-28 02:14 - 00306688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2017-05-10 14:33 - 2017-04-28 02:14 - 00270336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2017-05-10 14:33 - 2017-04-28 02:12 - 00635904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2017-05-10 14:33 - 2017-04-28 02:12 - 00236544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2017-05-10 14:33 - 2017-04-28 02:11 - 00340480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2017-05-10 14:33 - 2017-04-28 02:10 - 07216640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2017-05-10 14:33 - 2017-04-28 02:10 - 00661504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll
2017-05-10 14:33 - 2017-04-28 02:08 - 18365440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2017-05-10 14:33 - 2017-04-28 02:06 - 22569472 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2017-05-10 14:33 - 2017-04-28 02:06 - 00691712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2017-05-10 14:33 - 2017-04-28 02:05 - 19414016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2017-05-10 14:33 - 2017-04-28 02:05 - 01631232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll
2017-05-10 14:33 - 2017-04-28 02:03 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbonRes.dll
2017-05-10 14:33 - 2017-04-28 02:03 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdc.ocx
2017-05-10 14:33 - 2017-04-28 02:03 - 00081408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\raspppoe.sys
2017-05-10 14:33 - 2017-04-28 02:03 - 00032256 _____ (Microsoft Corporation) C:\WINDOWS\system32\BthTelemetry.dll
2017-05-10 14:33 - 2017-04-28 02:03 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\odbcconf.dll
2017-05-10 14:33 - 2017-04-28 02:02 - 00019456 _____ (Microsoft Corporation) C:\WINDOWS\system32\appidcertstorecheck.exe
2017-05-10 14:33 - 2017-04-28 02:01 - 00259072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Family.SyncEngine.dll
2017-05-10 14:33 - 2017-04-28 02:01 - 00185344 _____ (Microsoft Corporation) C:\WINDOWS\system32\DisplayManager.dll
2017-05-10 14:33 - 2017-04-28 02:01 - 00156160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Family.Client.dll
2017-05-10 14:33 - 2017-04-28 02:01 - 00129536 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_ClosedCaptioning.dll
2017-05-10 14:33 - 2017-04-28 02:01 - 00090624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Printers.dll
2017-05-10 14:33 - 2017-04-28 02:01 - 00051712 _____ (Microsoft Corporation) C:\WINDOWS\system32\virtdisk.dll
2017-05-10 14:33 - 2017-04-28 02:00 - 00196096 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDeviceRegistration.dll
2017-05-10 14:33 - 2017-04-28 02:00 - 00193536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.WiFi.dll
2017-05-10 14:33 - 2017-04-28 02:00 - 00165376 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll
2017-05-10 14:33 - 2017-04-28 02:00 - 00148480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.System.Profile.RetailInfo.dll
2017-05-10 14:33 - 2017-04-28 02:00 - 00120832 _____ (Microsoft Corporation) C:\WINDOWS\system32\BluetoothApis.dll
2017-05-10 14:33 - 2017-04-28 02:00 - 00101888 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDeviceRegistration.Ngc.dll
2017-05-10 14:33 - 2017-04-28 02:00 - 00099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2017-05-10 14:33 - 2017-04-28 02:00 - 00073216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryBroker.dll
2017-05-10 14:33 - 2017-04-28 01:59 - 12187136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2017-05-10 14:33 - 2017-04-28 01:59 - 00635904 _____ (Microsoft Corporation) C:\WINDOWS\system32\FlightSettings.dll
2017-05-10 14:33 - 2017-04-28 01:59 - 00567296 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevicePairing.dll
2017-05-10 14:33 - 2017-04-28 01:59 - 00375296 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastlsext.dll
2017-05-10 14:33 - 2017-04-28 01:59 - 00186368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Radios.dll
2017-05-10 14:33 - 2017-04-28 01:59 - 00124416 _____ (Microsoft Corporation) C:\WINDOWS\system32\appidsvc.dll
2017-05-10 14:33 - 2017-04-28 01:59 - 00122880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryClient.dll
2017-05-10 14:33 - 2017-04-28 01:58 - 00547840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Gaming.Input.dll
2017-05-10 14:33 - 2017-04-28 01:58 - 00418304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.BlockedShutdown.dll
2017-05-10 14:33 - 2017-04-28 01:58 - 00360448 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpencom.dll
2017-05-10 14:33 - 2017-04-28 01:58 - 00289792 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeveloperOptionsSettingsHandlers.dll
2017-05-10 14:33 - 2017-04-28 01:58 - 00276992 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2017-05-10 14:33 - 2017-04-28 01:58 - 00231424 _____ (Microsoft Corporation) C:\WINDOWS\system32\shutdownux.dll
2017-05-10 14:33 - 2017-04-28 01:58 - 00150016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.AppDefaults.dll
2017-05-10 14:33 - 2017-04-28 01:58 - 00144896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Lights.dll
2017-05-10 14:33 - 2017-04-28 01:58 - 00130560 _____ (Microsoft Corporation) C:\WINDOWS\system32\ConsentUX.dll
2017-05-10 14:33 - 2017-04-28 01:57 - 00651264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.AllJoyn.dll
2017-05-10 14:33 - 2017-04-28 01:57 - 00568320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.LowLevel.dll
2017-05-10 14:33 - 2017-04-28 01:57 - 00505856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.WiFiDirect.dll
2017-05-10 14:33 - 2017-04-28 01:57 - 00502784 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastls.dll
2017-05-10 14:33 - 2017-04-28 01:57 - 00279552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.HumanInterfaceDevice.dll
2017-05-10 14:33 - 2017-04-28 01:57 - 00268800 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserMgrProxy.dll
2017-05-10 14:33 - 2017-04-28 01:57 - 00243712 _____ (Microsoft Corporation) C:\WINDOWS\system32\credprovhost.dll
2017-05-10 14:33 - 2017-04-28 01:57 - 00241152 _____ (Microsoft Corporation) C:\WINDOWS\system32\dafBth.dll
2017-05-10 14:33 - 2017-04-28 01:57 - 00223744 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2017-05-10 14:33 - 2017-04-28 01:57 - 00157184 _____ (Microsoft Corporation) C:\WINDOWS\system32\bthserv.dll
2017-05-10 14:33 - 2017-04-28 01:57 - 00139264 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2017-05-10 14:33 - 2017-04-28 01:57 - 00132096 _____ (Microsoft Corporation) C:\WINDOWS\system32\PrintWSDAHost.dll
2017-05-10 14:33 - 2017-04-28 01:56 - 00947712 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll
2017-05-10 14:33 - 2017-04-28 01:56 - 00912384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.SmartCards.dll
2017-05-10 14:33 - 2017-04-28 01:56 - 00692224 _____ (Microsoft Corporation) C:\WINDOWS\system32\CellularAPI.dll
2017-05-10 14:33 - 2017-04-28 01:56 - 00691200 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2017-05-10 14:33 - 2017-04-28 01:56 - 00387584 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2017-05-10 14:33 - 2017-04-28 01:56 - 00379904 _____ (Microsoft Corporation) C:\WINDOWS\system32\apprepsync.dll
2017-05-10 14:33 - 2017-04-28 01:56 - 00324608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.LockScreen.dll
2017-05-10 14:33 - 2017-04-28 01:56 - 00311296 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncSettings.dll
2017-05-10 14:33 - 2017-04-28 01:56 - 00267264 _____ (Microsoft Corporation) C:\WINDOWS\system32\vaultcli.dll
2017-05-10 14:33 - 2017-04-28 01:56 - 00147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll
2017-05-10 14:33 - 2017-04-28 01:56 - 00146432 _____ (Microsoft Corporation) C:\WINDOWS\system32\AuthBroker.dll
2017-05-10 14:33 - 2017-04-28 01:56 - 00088576 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2017-05-10 14:33 - 2017-04-28 01:55 - 06042624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2017-05-10 14:33 - 2017-04-28 01:55 - 02084352 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceFlows.DataModel.dll
2017-05-10 14:33 - 2017-04-28 01:55 - 00657920 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmans.dll
2017-05-10 14:33 - 2017-04-28 01:55 - 00431616 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpAXHolder.dll
2017-05-10 14:33 - 2017-04-28 01:55 - 00407552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2017-05-10 14:33 - 2017-04-28 01:55 - 00391168 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleacc.dll
2017-05-10 14:33 - 2017-04-28 01:55 - 00337408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Picker.dll
2017-05-10 14:33 - 2017-04-28 01:55 - 00231424 _____ (Microsoft Corporation) C:\WINDOWS\system32\bthprops.cpl
2017-05-10 14:33 - 2017-04-28 01:55 - 00176128 _____ (Microsoft Corporation) C:\WINDOWS\system32\apprepapi.dll
2017-05-10 14:33 - 2017-04-28 01:54 - 03664384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2017-05-10 14:33 - 2017-04-28 01:54 - 02027008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2017-05-10 14:33 - 2017-04-28 01:54 - 01509376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2017-05-10 14:33 - 2017-04-28 01:54 - 00949248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.PointOfService.dll
2017-05-10 14:33 - 2017-04-28 01:54 - 00472064 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Bluetooth.dll
2017-05-10 14:33 - 2017-04-28 01:54 - 00425984 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
2017-05-10 14:33 - 2017-04-28 01:54 - 00339456 _____ (Microsoft Corporation) C:\WINDOWS\system32\ConhostV2.dll
2017-05-10 14:33 - 2017-04-28 01:54 - 00329728 _____ (Microsoft Corporation) C:\WINDOWS\system32\deviceaccess.dll
2017-05-10 14:33 - 2017-04-28 01:54 - 00091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll
2017-05-10 14:33 - 2017-04-28 01:53 - 00458752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Enumeration.dll
2017-05-10 14:33 - 2017-04-28 01:53 - 00437248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Usb.dll
2017-05-10 14:33 - 2017-04-28 01:51 - 02104320 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll
2017-05-10 14:33 - 2017-04-28 01:51 - 01913856 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_fs.dll
2017-05-10 14:33 - 2017-04-28 01:51 - 01589760 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdtctm.dll
2017-05-10 14:33 - 2017-04-28 01:51 - 01584128 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_health.dll
2017-05-10 14:33 - 2017-04-28 01:51 - 00169984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Energy.dll
2017-05-10 14:33 - 2017-04-28 01:50 - 01476608 _____ (Microsoft Corporation) C:\WINDOWS\system32\RecoveryDrive.exe
2017-05-10 14:33 - 2017-04-28 01:50 - 00380416 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationApi.dll
2017-05-10 14:33 - 2017-04-28 01:50 - 00338944 _____ (Microsoft Corporation) C:\WINDOWS\system32\adsnt.dll
2017-05-10 14:33 - 2017-04-28 01:50 - 00329728 _____ (Microsoft Corporation) C:\WINDOWS\system32\fvecpl.dll
2017-05-10 14:33 - 2017-04-28 01:49 - 17198592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2017-05-10 14:33 - 2017-04-28 01:49 - 01105408 _____ (Microsoft Corporation) C:\WINDOWS\system32\MiracastReceiver.dll
2017-05-10 14:33 - 2017-04-28 01:49 - 00442368 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToDevice.dll
2017-05-10 14:33 - 2017-04-28 01:48 - 00337920 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2017-05-10 14:33 - 2017-04-28 01:48 - 00295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\dlnashext.dll
2017-05-10 14:33 - 2017-04-28 01:48 - 00187904 _____ (Microsoft Corporation) C:\WINDOWS\system32\dialclient.dll
2017-05-10 14:33 - 2017-04-28 01:47 - 09131008 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2017-05-10 14:33 - 2017-04-28 01:47 - 03290112 _____ (Microsoft Corporation) C:\WINDOWS\system32\mispace.dll
2017-05-10 14:33 - 2017-04-28 01:47 - 01790464 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationFramework.dll
2017-05-10 14:33 - 2017-04-28 01:47 - 00942080 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2017-05-10 14:33 - 2017-04-28 01:47 - 00649216 _____ (Microsoft Corporation) C:\WINDOWS\system32\vds.exe
2017-05-10 14:33 - 2017-04-28 01:46 - 02861056 _____ (Microsoft Corporation) C:\WINDOWS\system32\storagewmi.dll
2017-05-10 14:33 - 2017-04-28 01:46 - 01547264 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbengine.exe
2017-05-10 14:33 - 2017-04-28 01:46 - 01443328 _____ (Microsoft Corporation) C:\WINDOWS\system32\VSSVC.exe
2017-05-10 14:33 - 2017-04-28 01:46 - 00501248 _____ (Microsoft Corporation) C:\WINDOWS\system32\imapi2.dll
2017-05-10 14:33 - 2017-04-28 01:46 - 00374784 _____ (Microsoft Corporation) C:\WINDOWS\system32\resutils.dll
2017-05-10 14:33 - 2017-04-28 01:46 - 00279552 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToReceiver.dll
2017-05-10 14:33 - 2017-04-28 01:46 - 00049664 _____ (Microsoft Corporation) C:\WINDOWS\system32\catsrvps.dll
2017-05-10 14:33 - 2017-04-28 01:45 - 23677440 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2017-05-10 14:33 - 2017-04-28 01:45 - 00946688 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_sr.dll
2017-05-10 14:33 - 2017-04-28 01:45 - 00628736 _____ (Microsoft Corporation) C:\WINDOWS\system32\uReFS.dll
2017-05-10 14:33 - 2017-04-28 01:45 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2017-05-10 14:33 - 2017-04-28 01:45 - 00167936 _____ (Microsoft Corporation) C:\WINDOWS\system32\ErrorDetails.dll
2017-05-10 14:33 - 2017-04-28 01:45 - 00130560 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpaceAgent.exe
2017-05-10 14:33 - 2017-04-28 01:45 - 00112640 _____ (Microsoft Corporation) C:\WINDOWS\system32\CameraCaptureUI.dll
2017-05-10 14:33 - 2017-04-28 01:44 - 13091328 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2017-05-10 14:33 - 2017-04-28 01:44 - 04749824 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2017-05-10 14:33 - 2017-04-28 01:44 - 01010176 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2017-05-10 14:33 - 2017-04-28 01:44 - 00937984 _____ (Microsoft Corporation) C:\WINDOWS\system32\MCRecvSrc.dll
2017-05-10 14:33 - 2017-04-28 01:44 - 00896512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.AccountsControl.dll
2017-05-10 14:33 - 2017-04-28 01:44 - 00775168 _____ (Microsoft Corporation) C:\WINDOWS\system32\GamePanel.exe
2017-05-10 14:33 - 2017-04-28 01:44 - 00410112 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevicesFlowBroker.dll
2017-05-10 14:33 - 2017-04-28 01:44 - 00139776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Devices.dll
2017-05-10 14:33 - 2017-04-28 01:43 - 01184256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Unistore.dll
2017-05-10 14:33 - 2017-04-28 01:43 - 00634368 _____ (Microsoft Corporation) C:\WINDOWS\system32\StructuredQuery.dll
2017-05-10 14:33 - 2017-04-28 01:43 - 00600576 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptui.dll
2017-05-10 14:33 - 2017-04-28 01:43 - 00560128 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppReadiness.dll
2017-05-10 14:33 - 2017-04-28 01:43 - 00539136 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToManager.dll
2017-05-10 14:33 - 2017-04-28 01:43 - 00467968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Geolocation.dll
2017-05-10 14:33 - 2017-04-28 01:43 - 00460800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Midi.dll
2017-05-10 14:33 - 2017-04-28 01:43 - 00320512 _____ (Microsoft Corporation) C:\WINDOWS\system32\thumbcache.dll
2017-05-10 14:33 - 2017-04-28 01:42 - 08125440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2017-05-10 14:33 - 2017-04-28 01:42 - 01692160 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2017-05-10 14:33 - 2017-04-28 01:42 - 01021440 _____ (Microsoft Corporation) C:\WINDOWS\system32\usermgr.dll
2017-05-10 14:33 - 2017-04-28 01:42 - 00945664 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll
2017-05-10 14:33 - 2017-04-28 01:42 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2017-05-10 14:33 - 2017-04-28 01:41 - 01359872 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModel.dll
2017-05-10 14:33 - 2017-04-28 01:41 - 00890368 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll
2017-05-10 14:33 - 2017-04-28 01:41 - 00828416 _____ (Microsoft Corporation) C:\WINDOWS\system32\appwiz.cpl
2017-05-10 14:33 - 2017-04-28 01:41 - 00759296 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2017-05-10 14:33 - 2017-04-28 01:41 - 00650752 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2017-05-10 14:33 - 2017-04-28 01:41 - 00591360 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2017-05-10 14:33 - 2017-04-28 01:41 - 00376832 _____ (Microsoft Corporation) C:\WINDOWS\system32\CryptoWinRT.dll
2017-05-10 14:33 - 2017-04-28 01:40 - 04474368 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_47.dll
2017-05-10 14:33 - 2017-04-28 01:40 - 02914816 _____ (Microsoft Corporation) C:\WINDOWS\system32\CertEnroll.dll
2017-05-10 14:33 - 2017-04-28 01:40 - 02510848 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2017-05-10 14:33 - 2017-04-28 01:40 - 02208768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Printing.3D.dll
2017-05-10 14:33 - 2017-04-28 01:40 - 02096640 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2017-05-10 14:33 - 2017-04-28 01:40 - 01643008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.dll
2017-05-10 14:33 - 2017-04-28 01:40 - 01586176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Globalization.dll
2017-05-10 14:33 - 2017-04-28 01:40 - 01040896 _____ (Microsoft Corporation) C:\WINDOWS\system32\NaturalLanguage6.dll
2017-05-10 14:33 - 2017-04-28 01:40 - 00971264 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll
2017-05-10 14:33 - 2017-04-28 01:40 - 00913920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.dll
2017-05-10 14:33 - 2017-04-28 01:40 - 00886784 _____ (Microsoft Corporation) C:\WINDOWS\system32\CPFilters.dll
2017-05-10 14:33 - 2017-04-28 01:40 - 00770560 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2017-05-10 14:33 - 2017-04-28 01:39 - 00673792 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2017-05-10 14:33 - 2017-04-28 01:38 - 05611008 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll
2017-05-10 14:33 - 2017-04-28 01:38 - 01490432 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2017-05-10 14:33 - 2017-04-28 01:38 - 01275392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Bluetooth.dll
2017-05-10 14:33 - 2017-04-28 01:37 - 04744192 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2017-05-10 14:33 - 2017-04-28 01:37 - 02895872 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2017-05-10 14:33 - 2017-04-28 01:37 - 02316288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2017-05-10 14:33 - 2017-04-28 01:37 - 02286592 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2017-05-10 14:33 - 2017-04-28 01:37 - 02216960 _____ (Microsoft Corporation) C:\WINDOWS\system32\OpcServices.dll
2017-05-10 14:33 - 2017-04-28 01:37 - 01783296 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2017-05-10 14:33 - 2017-04-28 01:37 - 01637888 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2017-05-10 14:33 - 2017-04-28 01:37 - 00881664 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2017-05-10 14:33 - 2017-04-28 01:37 - 00875520 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2017-05-10 14:33 - 2017-04-28 01:36 - 03613184 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2017-05-10 14:33 - 2017-04-28 01:36 - 02691072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2017-05-10 14:33 - 2017-04-28 01:36 - 02478080 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2017-05-10 14:33 - 2017-04-28 01:36 - 01844224 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2017-05-10 14:33 - 2017-04-28 01:36 - 01513472 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2017-05-10 14:33 - 2017-04-28 01:36 - 01328640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.Http.dll
2017-05-10 14:33 - 2017-04-28 01:36 - 00774656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.dll
2017-05-10 14:33 - 2017-04-28 01:36 - 00735744 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2017-05-10 14:33 - 2017-04-28 01:36 - 00716800 _____ (Microsoft Corporation) C:\WINDOWS\system32\ShareHost.dll
2017-05-10 14:33 - 2017-04-28 01:35 - 01121280 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2017-05-10 14:33 - 2017-04-28 01:35 - 00924672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.BackgroundTransfer.dll
2017-05-10 14:33 - 2017-04-28 01:34 - 00439296 _____ (Microsoft Corporation) C:\WINDOWS\system32\wksprt.exe
2017-05-10 14:33 - 2017-04-28 01:34 - 00394240 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpclip.exe
2017-05-10 14:33 - 2017-04-28 01:34 - 00035328 _____ (Microsoft Corporation) C:\WINDOWS\system32\spaceman.exe
2017-05-10 14:33 - 2017-04-28 01:33 - 01817088 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.dll
2017-05-10 14:33 - 2017-03-04 08:26 - 00261632 _____ (Microsoft Corporation) C:\WINDOWS\system32\indexeddbserver.dll
2017-05-10 14:33 - 2017-03-04 08:25 - 01060352 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppContracts.dll
2017-05-10 14:33 - 2016-12-21 09:09 - 00368640 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneBackupHandler.dll
2017-05-04 18:16 - 2017-05-04 18:16 - 00004182 _____ C:\WINDOWS\System32\Tasks\{BCC45D64-0B6F-EACF-2DE6-5C519E1B3A6A}
2017-05-04 18:16 - 2017-05-04 18:16 - 00004182 _____ C:\WINDOWS\System32\Tasks\{66527076-D1F9-C7DD-F9E2-F0B84CD92CBF}
2017-05-01 15:06 - 2017-05-21 12:00 - 00003550 _____ C:\WINDOWS\System32\Tasks\ASUS Live Update1
2017-04-26 16:07 - 2017-05-18 17:56 - 00000000 ____D C:\Program Files (x86)\iolo
2017-04-26 16:07 - 2017-04-26 16:23 - 00000000 ____D C:\ProgramData\iolo
2017-04-26 16:07 - 2017-04-26 16:07 - 00074703 _____ C:\WINDOWS\SysWOW64\mfc45.dat
2017-04-26 14:51 - 2017-04-26 14:50 - 00110144 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-64.dll
2017-04-26 14:04 - 2017-04-26 14:04 - 00000000 ____D C:\Users\Pitti\AppData\LocalLow\Oracle
2017-04-22 19:26 - 2017-04-22 19:26 - 00041485 _____ C:\Users\Pitti\Downloads\Sildurs Vibrant Shaders v1.141 Lite.zip
2017-04-22 19:17 - 2017-04-22 19:18 - 00000000 ____D C:\Users\Pitti\Downloads\Hier lassen!

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2017-05-21 21:04 - 2017-02-25 13:26 - 00000165 _____ C:\Users\Pitti\AppData\Roaming\sp_data.sys
2017-05-21 21:04 - 2016-03-23 14:36 - 00000000 ____D C:\ProgramData\ASUS Smart Gesture
2017-05-21 21:03 - 2017-01-02 13:26 - 00000000 ____D C:\Program Files (x86)\Steam
2017-05-21 21:03 - 2016-10-03 11:06 - 00000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2017-05-21 21:03 - 2016-03-22 06:25 - 00000000 __SHD C:\Users\Pitti\IntelGraphicsProfiles
2017-05-21 21:02 - 2016-10-03 11:32 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-05-21 21:02 - 2016-07-16 08:04 - 00786432 _____ C:\WINDOWS\system32\config\BBI
2017-05-21 20:19 - 2016-10-03 11:03 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2017-05-21 16:31 - 2016-04-01 17:14 - 00000000 ____D C:\Users\Pitti\Documents\Word - Dokumente
2017-05-21 14:38 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\AppReadiness
2017-05-21 14:31 - 2016-10-03 11:12 - 00000000 ____D C:\Users\Pitti
2017-05-21 14:23 - 2016-05-01 16:43 - 00000000 ____D C:\ProgramData\InstallChecker
2017-05-21 12:00 - 2016-10-03 11:32 - 00003540 _____ C:\WINDOWS\System32\Tasks\ASUS Live Update2
2017-05-21 11:33 - 2017-02-25 17:22 - 00000000 ____D C:\Users\Pitti\AppData\Roaming\Origin
2017-05-21 11:32 - 2016-03-27 11:48 - 00000000 ____D C:\ProgramData\Origin
2017-05-20 16:45 - 2017-04-10 14:16 - 00000000 ____D C:\Users\Pitti\.litwrl
2017-05-20 13:45 - 2016-10-18 20:49 - 626645085 _____ C:\WINDOWS\MEMORY.DMP
2017-05-20 13:45 - 2016-10-18 20:49 - 00000000 ____D C:\WINDOWS\Minidump
2017-05-20 13:22 - 2016-07-16 13:47 - 00000000 ___HD C:\Program Files\WindowsApps
2017-05-19 20:32 - 2017-02-25 16:16 - 00000000 ____D C:\Users\Pitti\AppData\Local\Google
2017-05-19 20:32 - 2016-04-01 12:11 - 00000000 ____D C:\Program Files (x86)\Google
2017-05-18 18:04 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2017-05-18 17:58 - 2016-10-03 11:44 - 00000008 __RSH C:\Users\Pitti\ntuser.pol
2017-05-18 17:58 - 2016-05-01 16:43 - 00000008 __RSH C:\ProgramData\ntuser.pol
2017-05-18 17:56 - 2016-05-17 13:49 - 00000000 ____D C:\ProgramData\IObit
2017-05-17 16:36 - 2017-01-24 17:07 - 00000000 ____D C:\Program Files (x86)\Origin
2017-05-17 14:25 - 2016-07-16 13:45 - 00000000 ____D C:\WINDOWS\INF
2017-05-16 16:56 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\appraiser
2017-05-16 16:56 - 2016-07-16 13:36 - 00000000 ____D C:\WINDOWS\CbsTemp
2017-05-13 17:07 - 2017-04-10 13:06 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2017-05-13 16:26 - 2016-11-21 20:28 - 00000000 ____D C:\Users\Pitti\.gimp-2.8
2017-05-13 15:55 - 2016-03-22 21:32 - 00000000 ____D C:\Users\Pitti\Documents\Spiele
2017-05-13 14:52 - 2016-07-17 00:51 - 01038652 _____ C:\WINDOWS\system32\perfh007.dat
2017-05-13 14:52 - 2016-07-17 00:51 - 00241020 _____ C:\WINDOWS\system32\perfc007.dat
2017-05-13 14:52 - 2015-08-18 07:20 - 02498702 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-05-13 13:59 - 2017-02-23 15:43 - 00000000 ____D C:\Users\Default\AppData\Local\AdvinstAnalytics
2017-05-13 13:59 - 2017-02-23 15:43 - 00000000 ____D C:\Users\Default User\AppData\Local\AdvinstAnalytics
2017-05-13 09:07 - 2016-07-16 13:47 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2017-05-13 09:06 - 2015-08-18 07:29 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2017-05-12 17:18 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\rescache
2017-05-12 15:32 - 2016-10-03 11:06 - 00000000 ____D C:\Program Files\Realtek
2017-05-12 15:32 - 2016-07-16 13:47 - 00000000 __SHD C:\Program Files\Windows Sidebar
2017-05-11 18:14 - 2016-02-13 19:30 - 00000000 __RHD C:\Users\Public\AccountPictures
2017-05-11 18:11 - 2016-10-03 11:03 - 00339080 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2017-05-10 21:24 - 2016-07-16 13:47 - 00000000 ___SD C:\WINDOWS\SysWOW64\F12
2017-05-10 21:24 - 2016-07-16 13:47 - 00000000 ___SD C:\WINDOWS\system32\F12
2017-05-10 21:24 - 2016-07-16 13:47 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2017-05-10 21:24 - 2016-07-16 13:47 - 00000000 ___RD C:\Program Files\Windows Defender
2017-05-10 21:24 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2017-05-10 21:24 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\oobe
2017-05-10 21:24 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\ShellExperiences
2017-05-10 21:24 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\Provisioning
2017-05-10 21:24 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\PolicyDefinitions
2017-05-10 21:24 - 2016-07-16 13:47 - 00000000 ____D C:\Program Files\Windows Photo Viewer
2017-05-10 21:24 - 2016-07-16 13:47 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2017-05-10 21:24 - 2016-07-16 13:47 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2017-05-10 21:24 - 2016-07-16 08:04 - 00000000 ____D C:\WINDOWS\SysWOW64\Dism
2017-05-10 14:41 - 2016-04-30 12:30 - 00000000 ____D C:\WINDOWS\system32\MRT
2017-05-10 14:39 - 2016-04-30 12:30 - 156335152 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-05-10 14:09 - 2016-07-16 13:42 - 00073728 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSManMigrationPlugin.dll
2017-05-05 19:35 - 2015-12-17 07:31 - 00000000 ____D C:\ProgramData\McAfee
2017-05-05 19:30 - 2016-10-03 11:32 - 00000000 ____D C:\WINDOWS\System32\Tasks\McAfee
2017-05-05 19:30 - 2016-07-16 08:04 - 00032768 _____ C:\WINDOWS\system32\config\ELAM
2017-05-05 19:29 - 2015-10-30 08:28 - 00000000 ____D C:\Users\Default.migrated
2017-05-04 18:16 - 2017-04-13 23:32 - 00000000 ____D C:\ProgramData\{FEEFEE2F-4944-5984-A8C7-CDE4FAC6874A}
2017-05-04 18:16 - 2017-04-13 23:32 - 00000000 ____D C:\ProgramData\{F84DC8A7-4FE6-7F0C-0441-899F2FBD9651}
2017-04-29 02:59 - 2017-04-12 23:31 - 00835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2017-04-29 02:59 - 2017-04-12 23:31 - 00177656 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2017-04-28 03:01 - 2016-10-03 11:06 - 02717184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2017-04-26 14:54 - 2016-04-01 13:16 - 00000000 ____D C:\ProgramData\Oracle
2017-04-26 14:51 - 2017-04-10 18:12 - 00000000 ____D C:\Program Files\Java
2017-04-26 14:50 - 2017-04-10 18:12 - 00110144 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge-64.dll
2017-04-22 17:33 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\NDF
2017-04-22 15:20 - 2017-04-10 13:00 - 00000000 ____D C:\Users\Pitti\AppData\Roaming\.minecraft

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2017-02-25 13:26 - 2017-05-21 21:04 - 0000165 _____ () C:\Users\Pitti\AppData\Roaming\sp_data.sys
2016-10-03 11:07 - 2016-10-03 11:07 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

Einige Dateien in TEMP:
====================
2017-05-12 11:58 - 2017-05-12 11:58 - 0585370 _____ (                                                            ) C:\Users\Pitti\AppData\Local\Temp\241712c2-6a9a-481a-8f0b-fc4a49fb9424.exe
2017-04-26 14:04 - 2017-04-26 14:04 - 0739904 _____ (Oracle Corporation) C:\Users\Pitti\AppData\Local\Temp\jre-8u131-windows-au.exe
2016-02-23 12:43 - 2016-02-23 12:43 - 0120336 _____ (McAfee, Inc.) C:\Users\Pitti\AppData\Local\Temp\McCSPInstall.dll
2017-05-05 19:29 - 2016-02-23 12:43 - 0123360 _____ (McAfee Inc.) C:\Users\Pitti\AppData\Local\Temp\mccspuninstall.exe
2015-08-14 14:29 - 2015-07-29 22:08 - 0681097 _____ (SQLite Development Team) C:\Users\Pitti\AppData\Local\Temp\sqlite3.dll

==================== Bamital & volsnap ======================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert

LastRegBack: 2017-05-12 17:09

==================== Ende von FRST.txt ============================

Luckyschatz · 21.05.2017, 20:23

Und zum Schluss noch die
Addition.txt:

Code:

ATTFilter

Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 20-05-2017
durchgeführt von Pitti (21-05-2017 21:16:33)
Gestartet von C:\Users\Pitti\Desktop\Scan
Windows 10 Home Version 1607 (X64) (2016-10-03 09:37:21)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-1585193191-2329745140-1049602013-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1585193191-2329745140-1049602013-503 - Limited - Disabled)
Gast (S-1-5-21-1585193191-2329745140-1049602013-501 - Limited - Disabled)
Pitti (S-1-5-21-1585193191-2329745140-1049602013-1001 - Administrator - Enabled) => C:\Users\Pitti

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

7-Zip 16.04 (HKLM-x32\...\7-Zip) (Version: 16.04 - Igor Pavlov)
Adobe Flash Player 24 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 24.0.0.194 - Adobe Systems Incorporated)
Archeage (HKLM-x32\...\Glyph Archeage) (Version:  - Trion Worlds, Inc.)
ARK: Survival Evolved (HKLM\...\Steam App 346110) (Version:  - Studio Wildcard)
ASUS HiPost (HKLM-x32\...\{04768366-F421-4BA5-8423-B84F644B5249}) (Version: 1.0.6 - ASUS)
ASUS Live Update (HKLM-x32\...\{FA540E67-095C-4A1B-97BA-4D547DEC9AF4}) (Version: 3.4.3 - ASUS)
ASUS Smart Gesture (HKLM-x32\...\{4D3286A6-F6AB-498A-82A4-E4F040529F3D}) (Version: 4.0.12 - ASUS)
ASUS Splendid Video Enhancement Technology (HKLM-x32\...\{0969AF05-4FF6-4C00-9406-43599238DE0D}) (Version: 3.13.0004 - ASUS)
ASUS USB Charger Plus (HKLM-x32\...\{A859E3E5-C62F-4BFA-AF1D-2B95E03166AF}) (Version: 4.1.6 - ASUS)
ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0041 - ASUS)
AudioWizard (HKLM-x32\...\{57E770A2-2BAF-4CAA-BAA3-BD896E2254D3}) (Version: 1.0.0.109 - ICEpower a/s)
Avast SecureLine for Asustek (HKLM\...\{2CD3C92F-EDC5-4B02-9B0A-9C1D37C58EF5}_is1) (Version: 1.0.239.3 - AVAST Software)
Banished 1.0.4 (HKLM-x32\...\Banished_is1) (Version:  - )
Craften Terminal 4.2.3 (HKLM-x32\...\{4e7c3936-7c06-4ef0-928b-c5d92f372578}_is1) (Version: 4.2.3 - Craften.de)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Device Setup (HKLM-x32\...\{8D6B05E0-F457-408C-9D13-549334D8FAE1}) (Version: 2.0.2 - ASUSTek Computer Inc.)
Die Sims™ 3 (HKLM-x32\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}) (Version: 1.69.43.024017 - Electronic Arts Inc.)
Die Sims™ 3 Design-Garten-Accessoires (HKLM-x32\...\{117B6BF6-82C3-420C-B284-9247C8568E53}) (Version: 7.0.55 - Electronic Arts)
Die Sims™ 3 Einfach tierisch (HKLM-x32\...\{C12631C6-804D-4B32-B0DD-8A496462F106}) (Version: 10.0.96 - Electronic Arts)
Die Sims™ 3 Jahreszeiten (HKLM-x32\...\{3DE92282-CB49-434F-81BF-94E5B380E889}) (Version: 16.0.136 - Electronic Arts)
Die Sims™ 3 Late Night (HKLM-x32\...\{45057FCE-5784-48BE-8176-D9D00AF56C3C}) (Version: 6.0.81 - Electronic Arts)
Die Sims™ 3 Lebensfreude (HKLM-x32\...\{E6B88BD6-E4B2-4701-A648-B6DAC6E491CC}) (Version: 8.0.152 - Electronic Arts)
Die Sims™ 3 Luxus-Accessoires (HKLM-x32\...\{71828142-5A24-4BD0-97E7-976DA08CE6CF}) (Version: 3.0.38 - Electronic Arts)
Die Sims™ 3 Reiseabenteuer (HKLM-x32\...\{BA26FFA5-6D47-47DB-BE56-34C357B5F8CC}) (Version: 2.0.86 - Electronic Arts)
Die Sims™ 3 Supernatural (HKLM-x32\...\{B37DAFA5-717D-41F8-BDFB-3A4B68C0B3A1}) (Version: 15.0.135 - Electronic Arts)
Die Sims™ 3 Traumkarrieren (HKLM-x32\...\{910F4A29-1134-49E0-AD8B-56E4A3152BD1}) (Version: 4.0.87 - Electronic Arts)
Die Sims™ 3 Traumsuite-Accessoires (HKLM-x32\...\{08A25478-C5DD-4EA7-B168-3D687CA987FF}) (Version: 11.0.84 - Electronic Arts)
Die Sims™ 3 Wildes Studentenleben (HKLM-x32\...\{F26DE8EF-F2CF-40DC-8CDA-CC0D82D11B36}) (Version: 18.0.126 - Electronic Arts)
Die Sims™ 4 (HKLM-x32\...\{48EBEBBF-B9F8-4520-A3CF-89A730721917}) (Version: 1.29.69.1020 - Electronic Arts Inc.)
Dropbox 25 GB (HKLM-x32\...\{597A58EC-42D6-4940-8739-FB94491B013C}) (Version: 1.0.8.0 - Dropbox, Inc.)
Evernote v. 5.8.6 (HKLM-x32\...\{FEDC7C10-EF67-11E4-9B07-00505695D7B0}) (Version: 5.8.6.7519 - Evernote Corp.)
Fotogalerie (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 58.0.3029.110 - Google Inc.)
Google Update Helper (x32 Version: 1.3.33.5 - Google Inc.) Hidden
Horsez - Abenteuer auf dem Reiterhof 5 (HKLM-x32\...\Horsez - Abenteuer auf dem Reiterhof 5) (Version:  - )
Intel Collaborative Processor Performance Control (HKLM-x32\...\0E7DAF70-FB54-4B91-B192-7E771C25AEEB) (Version: 1.0.0.1018 - Intel Corporation)
Intel(R) Chipset Device Software (x32 Version: 10.1.1.7 - Intel(R) Corporation) Hidden
Intel(R) Dynamic Platform and Thermal Framework (HKLM-x32\...\{654EE65D-FAA4-4EA6-8C07-DC94E6A304D4}) (Version: 8.1.10602.174 - Intel Corporation)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.0.1162 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4549 - Intel Corporation)
Intel® Security Assist (HKLM-x32\...\{4B230374-6475-4A73-BA6E-41015E9C5013}) (Version: 1.0.0.532 - Intel Corporation)
Java 8 Update 131 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180131F0}) (Version: 8.0.1310.11 - Oracle Corporation)
Malwarebytes Version 3.1.2.1733 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.1.2.1733 - Malwarebytes)
Microsoft Office 365 - de-de (HKLM\...\O365HomePremRetail - de-de) (Version: 16.0.7967.2161 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50906.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24212 (HKLM-x32\...\{462f63a8-6347-4894-a1b3-dbfe3a4c981d}) (Version: 14.0.24212.0 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
Minecraft1.8 (HKLM-x32\...\Minecraft1.8) (Version:  - )
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
MySims™ (HKLM-x32\...\{68DC42FA-962C-4973-A306-D595D861FA1E}) (Version: 1.00.0000 - Electronic Arts)
NVIDIA Graphics Driver 353.84 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 353.84 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (x32 Version: 16.0.7967.2161 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (Version: 16.0.7967.2161 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (Version: 16.0.7967.2161 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (x32 Version: 16.0.7668.2066 - Microsoft Corporation) Hidden
Origin (HKLM-x32\...\Origin) (Version: 10.4.10.46586 - Electronic Arts, Inc.)
Planet Coaster (HKLM\...\Steam App 493340) (Version:  - Frontier Developments)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.2.703.2015 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7673 - Realtek Semiconductor Corp.)
SimCity™ (HKLM-x32\...\{F70FDE4B-8F86-4eb6-8C8E-636EC89F6419}) (Version: 4.0.98.0213 - Electronic Arts)
Sims 4 Studio (HKLM-x32\...\{870AA913-0774-4ED0-B144-BC2C0CBE4BA0}_is1) (Version: 2.7.0.4 - Sims 4 Studio)
Star Stable (HKLM-x32\...\{2B03B553-4983-4005-99C4-31DFC25B4BB9}) (Version: 1.00.0000 - Star Stable Entertainment AB)
Star Stable Online (HKLM-x32\...\{8CD50415-04B7-459E-8CBD-DA96A9CDF98E}) (Version: 1.01.0000 - Star Stable Entertainment AB)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Wildlife Park 2 - Ultimate Edition v2.1 (HKLM-x32\...\Wildlife Park 2 - Ultimate Edition_is1) (Version:  - Deep Silver)
Windows 10 Update and Privacy Settings (HKLM\...\{293F2009-0145-450B-B4AA-063D43FB368C}) (Version: 1.0.13.0 - Microsoft Corporation)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
Windows-Treiberpaket - ASUS (ATP) Mouse  (11/11/2015 1.0.0.262) (HKLM\...\A044C5901003C24E6891688653ABA1068D04A1A0) (Version: 11/11/2015 1.0.0.262 - ASUS)
WinFlash (HKLM-x32\...\{8F21291E-0444-4B1D-B9F9-4370A73E346D}) (Version: 3.0.1 - ASUS)
WinRAR 5.40 (32-Bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.40.0 - win.rar GmbH)
WPS Office for ASUS (HKLM-x32\...\Kingsoft Office) (Version: 9.1.0.4947 - Kingsoft Corp.)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-1585193191-2329745140-1049602013-1001_Classes\CLSID\{1BF42E4C-4AF4-4CFD-A1A0-CF2960B8F63E}\InprocServer32 -> C:\Users\Pitti\AppData\Local\Microsoft\OneDrive\17.3.6743.1212\amd64\FileSyncShell64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1585193191-2329745140-1049602013-1001_Classes\CLSID\{7AFDFDDB-F914-11E4-8377-6C3BE50D980C}\InprocServer32 -> C:\Users\Pitti\AppData\Local\Microsoft\OneDrive\17.3.6743.1212\amd64\FileSyncShell64.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-1585193191-2329745140-1049602013-1001_Classes\CLSID\{82CA8DE3-01AD-4CEA-9D75-BE4C51810A9E}\InprocServer32 -> C:\Users\Pitti\AppData\Local\Microsoft\OneDrive\17.3.6743.1212\amd64\FileSyncShell64.dll => Keine Datei

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {0F71139B-44DA-4814-95B3-36544058B19C} - System32\Tasks\DropboxOEM => C:\Program Files (x86)\Dropbox\DropboxOEM\DropboxOEM.exe [2015-05-29] ()
Task: {1587944A-0D4F-4F8A-92B2-FD7CE91DB24C} - System32\Tasks\OneDrive Standalone Update Task => C:\Users\Pitti\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\OneDriveStandaloneUpdater.exe 
Task: {16C0F2CB-05FF-42DC-B079-DCDC8E771142} - System32\Tasks\WpsUpdateTask_Administrator => C:\Program Files (x86)\Kingsoft\WPS Office\9.1.0.4947\wtoolex\wpsupdate.exe [2015-08-18] (Zhuhai Kingsoft Office Software Co.,Ltd)
Task: {203759B5-C328-41AD-8021-61455168A7BE} - System32\Tasks\ATK Package A22126881260 => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\SimAppExec.exe [2015-03-10] (ASUSTek Computer Inc.)
Task: {24DDAEDA-CA5D-4A8A-A76E-BD9AC365B29F} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2015-11-27] (Realtek Semiconductor)
Task: {269D86B6-44B7-4D17-9C51-A21F71DD8D08} - System32\Tasks\{C4A9F1C2-B0D8-4A93-8B94-4D7396F9BCA3} => pcalua.exe -a "C:\Program Files (x86)\YeaDesktop\unins000.exe"
Task: {26EE79E3-674C-4A81-9C34-1F4DEE1872DF} - System32\Tasks\{51C6E08E-3B3D-4EDA-B8F6-6CF22112D5D8} => pcalua.exe -a "C:\Program Files (x86)\Kingsoft\WPS Office\9.1.0.4947\utility\uninst.exe"
Task: {2B87FDF9-B9DF-4CD4-9DF1-50FBE78A69CE} - System32\Tasks\ASUS\ASUS Product Register Service => C:\Program Files (x86)\ASUS\APRP\aprp.exe [2015-05-14] (ASUSTek Computer Inc.)
Task: {316BAD79-0487-493A-A4C9-15845492FF19} - System32\Tasks\WpsNotifyTask_Pitti => C:\Program Files (x86)\Kingsoft\WPS Office\9.1.0.4947\wtoolex\wpsnotify.exe [2015-08-18] (Zhuhai Kingsoft Office Software Co.,Ltd)
Task: {3B34459A-F06D-4E22-983E-31E8CF366847} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWoW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-01-14] (Adobe Systems Incorporated)
Task: {47B485D9-1AC5-4DE9-BEE0-A56921B2021A} - System32\Tasks\WpsNotifyTask_Administrator => C:\Program Files (x86)\Kingsoft\WPS Office\9.1.0.4947\wtoolex\wpsnotify.exe [2015-08-18] (Zhuhai Kingsoft Office Software Co.,Ltd)
Task: {4B6CEF02-C18B-4F4A-A42F-9A1A31108B3D} - System32\Tasks\RtHDVBg_ListenToDevice => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2015-11-27] (Realtek Semiconductor)
Task: {6473DBEC-0C27-4517-8AF1-A585996F6B48} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2017-05-13] (Microsoft Corporation)
Task: {77658E7D-82FB-4F5C-802E-A0199130AD6B} - System32\Tasks\avast! SL Update => C:\Program Files\AVAST Software\SecureLine\SLUpdate.exe [2016-04-24] (AVAST Software)
Task: {7D892A0F-D5D5-47B7-A643-B53F532170BB} - System32\Tasks\ASUS USB Charger Plus => C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe [2015-05-25] (ASUSTek Computer Inc.)
Task: {7FBF3021-4A12-4127-9327-6D277936257B} - System32\Tasks\{66D4ADE5-9B45-0B79-04A2-3751ABDE8755} => Regsvr32.exe /s /n /i:"/rt" "C:\PROGRA~3\591e1035\7956ba2f.dll" <==== ACHTUNG
Task: {8E1A1450-46F2-4C06-AD97-BCB24762C47D} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-05-19] (Google Inc.)
Task: {8F590BA6-9712-48D9-B919-E1674A4BF022} - System32\Tasks\ASUS Live Update2 => C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe [2016-08-01] ()
Task: {8F8515CE-3E8C-444B-B17F-108576010395} - System32\Tasks\ASUS Splendid ACMON => C:\Program Files (x86)\ASUS\Splendid\ACMON.exe [2015-08-25] (ASUS)
Task: {93612440-AEC9-4AE5-8938-4F6A23DA1036} - System32\Tasks\ATK Package 36D18D69AFC3 => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\SimAppExec.exe [2015-03-10] (ASUSTek Computer Inc.)
Task: {9D4021A6-EF40-4F60-947A-1B1C6163467D} - System32\Tasks\ASUS Smart Gesture Launcher => C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLauncher.exe [2015-12-14] (AsusTek)
Task: {A3BF07E2-5C1E-437A-BDDE-F94A50DE6B11} - System32\Tasks\{BCC45D64-0B6F-EACF-2DE6-5C519E1B3A6A} => C:\ProgramData\{26AA403A-9101-F791-915D-90DE7C22D4DC}\023A4473-B591-F3D8-8332-16CCB19D71B7.exe  <==== ACHTUNG
Task: {A5A108DD-A8FF-461E-820F-A59E8F383377} - System32\Tasks\Update Checker => C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe [2016-08-01] ()
Task: {AE293DA9-8CF4-4008-931E-1A929580CAD2} - System32\Tasks\WpsUpdateTask_Pitti => C:\Program Files (x86)\Kingsoft\WPS Office\9.1.0.4947\wtoolex\wpsupdate.exe [2015-08-18] (Zhuhai Kingsoft Office Software Co.,Ltd)
Task: {B8B0C6E0-8F06-45CA-BEBF-5F77263279C5} - System32\Tasks\{860F2D22-6AC0-48ED-B6F5-6C3403AF1F30} => Chrome.exe hxxp://ui.skype.com/ui/0/7.24.85.104/de/abandoninstall?page=tsProgressBar
Task: {BB526CDD-906E-4EC2-B510-6BFECAE6A55E} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2017-05-04] (Microsoft Corporation)
Task: {BB7C439C-171B-465E-ACDA-D423FE47FC4C} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2017-05-04] (Microsoft Corporation)
Task: {BE555D2A-F976-44A8-8CA8-A11A4CA0F993} - System32\Tasks\{87E76E9E-4BB1-4726-9AC0-3E76FFCFC003} => Chrome.exe hxxp://www.skype.com/go/downloading?source=lightinstaller&amp;ver=7.23.0.105&amp;LastError=12002
Task: {BF2DD700-7AA5-409E-AEB8-81FFD5D4C48C} - System32\Tasks\{66527076-D1F9-C7DD-F9E2-F0B84CD92CBF} => C:\ProgramData\{EA4DE132-5DE6-5699-DDC3-8A4739838DA0}\DA07638A-6DAC-D421-ABCE-45A160C42F00.exe  <==== ACHTUNG
Task: {C226E8DC-E3FC-4944-8B6B-AFB76DCC37B1} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-05-19] (Google Inc.)
Task: {EEDC1261-707D-455B-B8C3-08B9E908F104} - System32\Tasks\ASUS Live Update1 => C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe [2016-08-01] ()
Task: {F49014DF-5F42-4A1E-BC9C-EF02D9B57C1E} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\WINDOWS\explorer.exe /NOUACCHECK
Task: {FC57B35C-E13C-4544-9418-D73DED9A7450} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWoW64\Macromed\Flash\FlashUtil32_24_0_0_194_pepper.exe [2017-01-14] (Adobe Systems Incorporated)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\WINDOWS\Tasks\Adobe Flash Player PPAPI Notifier.job => C:\WINDOWS\SysWoW64\Macromed\Flash\FlashUtil32_24_0_0_194_pepper.exe
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWoW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
Task: C:\WINDOWS\Tasks\WpsNotifyTask_Administrator.job => C:\Program Files (x86)\Kingsoft\WPS Office\9.1.0.4947\wtoolex\wpsnotify.exe
Task: C:\WINDOWS\Tasks\WpsNotifyTask_Pitti.job => C:\Program Files (x86)\Kingsoft\WPS Office\9.1.0.4947\wtoolex\wpsnotify.exe
Task: C:\WINDOWS\Tasks\WpsUpdateTask_Administrator.job => C:\Program Files (x86)\Kingsoft\WPS Office\9.1.0.4947\wtoolex\wpsupdate.exe
Task: C:\WINDOWS\Tasks\WpsUpdateTask_Pitti.job => C:\Program Files (x86)\Kingsoft\WPS Office\9.1.0.4947\wtoolex\wpsupdate.exe

==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

Shortcut: C:\Users\Pitti\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Minecraft\Minecraft Debugger.lnk -> C:\Users\Pitti\AppData\Roaming\.minecraft\minecraft launcher\Debug.bat ()

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2016-07-16 13:42 - 2016-07-16 13:42 - 00231424 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2017-05-10 14:33 - 2017-04-28 02:49 - 02681200 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2016-10-03 11:07 - 2016-08-01 14:54 - 00133056 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2016-02-15 22:01 - 2016-02-15 22:01 - 00031256 _____ () C:\WINDOWS\System32\us008lm.dll
2017-05-21 14:13 - 2017-05-09 16:38 - 02270672 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MwacLib.dll
2017-05-10 14:33 - 2017-04-28 02:49 - 02681200 _____ () C:\WINDOWS\SYSTEM32\CoreUIComponents.dll
2016-10-03 11:56 - 2016-10-03 11:56 - 00134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll
2017-03-16 18:20 - 2017-03-04 08:31 - 00474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll
2017-03-16 18:21 - 2017-03-04 08:12 - 09760768 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2017-03-16 18:21 - 2017-03-04 08:05 - 01401856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2017-03-16 18:21 - 2017-03-04 08:05 - 00757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll
2017-05-10 14:33 - 2017-04-28 01:36 - 01033216 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Actions.dll
2017-05-10 14:33 - 2017-04-28 01:36 - 02424320 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2017-05-10 14:33 - 2017-04-28 01:37 - 04853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2015-10-16 09:26 - 2016-11-30 22:57 - 00401888 _____ () C:\WINDOWS\system32\igfxTray.exe
2017-05-09 14:09 - 2017-05-09 14:09 - 00074752 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.15.597.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2017-05-09 14:09 - 2017-05-09 14:09 - 00201728 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.15.597.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2017-05-09 14:09 - 2017-05-09 14:10 - 43195904 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.15.597.0_x64__kzf8qxf38zg5c\SkyWrap.dll
2017-05-09 14:09 - 2017-05-09 14:09 - 02457088 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.15.597.0_x64__kzf8qxf38zg5c\skypert.dll
2017-01-24 17:07 - 2017-05-17 16:35 - 02493440 _____ () C:\Program Files (x86)\Origin\libGLESv2.dll
2015-08-25 11:40 - 2015-08-25 11:40 - 00027648 _____ () C:\Program Files (x86)\ASUS\Splendid\DetectDisplayDC.dll
2015-08-25 11:40 - 2015-08-25 11:40 - 00124928 _____ () C:\Program Files (x86)\ASUS\Splendid\CCTAdjust.dll
2015-12-17 07:13 - 2015-10-03 04:24 - 00012080 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2016-04-24 19:31 - 2016-04-24 19:31 - 38907672 _____ () C:\Program Files\AVAST Software\SecureLine\libcef.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)

AlternateDataStreams: C:\ProgramData\Reprise:wupeogjxlctlfudivq`qsp`28hfm [0]

==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)

IE trusted site: HKU\S-1-5-21-1585193191-2329745140-1049602013-1001\...\amazon.de -> hxxps://amazon.de

==================== Hosts Inhalt: ==========================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2015-07-10 13:04 - 2017-05-12 15:32 - 00001038 _____ C:\WINDOWS\system32\Drivers\etc\hosts

127.0.0.1 wepcdisplaysystem.com
127.0.0.1 wepcanalyticsystem.com
127.0.0.1 healthydownload.com
127.0.0.1 leading2download.com
127.0.0.1 dwl0.wizzlabs.com
127.0.0.1 dwl1.wizzlabs.com
127.0.0.1 wemsofts.com

==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-1585193191-2329745140-1049602013-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Pitti\Pictures\Desktop Wallpaper\New York Wallpaper.png
DNS Servers: 8.8.8.8
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

MSCONFIG\Services: ASLDRService => 2
MSCONFIG\Services: Asus WebStorage Windows Service => 2
MSCONFIG\Services: ASUSGiftBoxDekstop => 2
MSCONFIG\Services: ATKGFNEXSrv => 2
MSCONFIG\Services: BEService => 3
MSCONFIG\Services: c0aad75bcff65a6b9d3cb96f2f57af70 => 2
MSCONFIG\Services: cphs => 3
MSCONFIG\Services: esifsvc => 2
MSCONFIG\Services: gupdate => 2
MSCONFIG\Services: gupdatem => 3
MSCONFIG\Services: HomeNetSvc => 2
MSCONFIG\Services: igfxCUIService2.0.0.0 => 2
MSCONFIG\Services: Intel(R) Capability Licensing Service TCP IP Interface => 3
MSCONFIG\Services: Intel(R) Security Assist => 3
MSCONFIG\Services: isaHelperSvc => 2
MSCONFIG\Services: jhi_service => 2
MSCONFIG\Services: Kingsoft_WPS_UpdateService => 2
MSCONFIG\Services: LiveUpdateSvc => 2
MSCONFIG\Services: LMS => 2
MSCONFIG\Services: McAfee SiteAdvisor Service => 2
MSCONFIG\Services: McBootDelayStartSvc => 2
MSCONFIG\Services: mccspsvc => 2
MSCONFIG\Services: McNaiAnn => 2
MSCONFIG\Services: McODS => 3
MSCONFIG\Services: mcpltsvc => 2
MSCONFIG\Services: McProxy => 2
MSCONFIG\Services: MSK80Service => 2
MSCONFIG\Services: nvsvc => 2
MSCONFIG\Services: Origin Client Service => 3
MSCONFIG\Services: PEFService => 2
MSCONFIG\Services: RichVideo64 => 2
MSCONFIG\Services: SecureLine => 2
MSCONFIG\Services: SkypeUpdate => 2
MSCONFIG\Services: Steam Client Service => 3

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Wiederherstellungspunkte =========================

13-05-2017 14:34:22 Removed NetAdapterUpdate
16-05-2017 16:55:25 Windows Update

==================== Fehlerhafte Geräte im Gerätemanager =============


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (05/21/2017 09:11:48 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: UpdateChecker.exe, Version: 0.0.0.0, Zeitstempel: 0x576b4ce8
Name des fehlerhaften Moduls: OLEAUT32.dll, Version: 10.0.14393.1198, Zeitstempel: 0x5902888e
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0001bf84
ID des fehlerhaften Prozesses: 0x914
Startzeit der fehlerhaften Anwendung: 0x01d2d265a360de23
Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\ASUS\ASUS Live Update\UpdateChecker.exe
Pfad des fehlerhaften Moduls: C:\WINDOWS\System32\OLEAUT32.dll
Berichtskennung: ebbd3a23-1674-4082-9a27-6f4d2134f5a3
Vollständiger Name des fehlerhaften Pakets: 
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (05/21/2017 06:37:55 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-TP9DC4I)
Description: Bei der Aktivierung der App „Microsoft.LockApp_cw5n1h2txyewy!WindowsDefaultLockScreen“ ist folgender Fehler aufgetreten: -2147023170. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (05/21/2017 06:37:54 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: LockApp.exe, Version: 0.0.0.0, Zeitstempel: 0x5819bf0d
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 10.0.14393.1198, Zeitstempel: 0x5902808f
Ausnahmecode: 0x00000004
Fehleroffset: 0x0000000000033c58
ID des fehlerhaften Prozesses: 0x145c
Startzeit der fehlerhaften Anwendung: 0x01d2d25098514206
Pfad der fehlerhaften Anwendung: C:\Windows\SystemApps\Microsoft.LockApp_cw5n1h2txyewy\LockApp.exe
Pfad des fehlerhaften Moduls: C:\WINDOWS\System32\KERNELBASE.dll
Berichtskennung: 6bf9a774-a36b-4c04-bc03-f2eeb8ed33d1
Vollständiger Name des fehlerhaften Pakets: Microsoft.LockApp_10.0.14393.0_neutral__cw5n1h2txyewy
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: WindowsDefaultLockScreen

Error: (05/21/2017 06:37:22 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-TP9DC4I)
Description: Bei der Aktivierung der App „Microsoft.LockApp_cw5n1h2txyewy!WindowsDefaultLockScreen“ ist folgender Fehler aufgetreten: -2147023170. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (05/21/2017 06:37:21 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: LockApp.exe, Version: 0.0.0.0, Zeitstempel: 0x5819bf0d
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 10.0.14393.1198, Zeitstempel: 0x5902808f
Ausnahmecode: 0x00000004
Fehleroffset: 0x0000000000033c58
ID des fehlerhaften Prozesses: 0x2314
Startzeit der fehlerhaften Anwendung: 0x01d2d25084df7e1c
Pfad der fehlerhaften Anwendung: C:\Windows\SystemApps\Microsoft.LockApp_cw5n1h2txyewy\LockApp.exe
Pfad des fehlerhaften Moduls: C:\WINDOWS\System32\KERNELBASE.dll
Berichtskennung: 06adda89-818d-4754-993e-6f8469619b3a
Vollständiger Name des fehlerhaften Pakets: Microsoft.LockApp_10.0.14393.0_neutral__cw5n1h2txyewy
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: WindowsDefaultLockScreen

Error: (05/21/2017 06:36:50 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-TP9DC4I)
Description: Bei der Aktivierung der App „Microsoft.LockApp_cw5n1h2txyewy!WindowsDefaultLockScreen“ ist folgender Fehler aufgetreten: -2147023170. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (05/21/2017 06:36:49 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: LockApp.exe, Version: 0.0.0.0, Zeitstempel: 0x5819bf0d
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 10.0.14393.1198, Zeitstempel: 0x5902808f
Ausnahmecode: 0x00000004
Fehleroffset: 0x0000000000033c58
ID des fehlerhaften Prozesses: 0x890
Startzeit der fehlerhaften Anwendung: 0x01d2d250715cc39e
Pfad der fehlerhaften Anwendung: C:\Windows\SystemApps\Microsoft.LockApp_cw5n1h2txyewy\LockApp.exe
Pfad des fehlerhaften Moduls: C:\WINDOWS\System32\KERNELBASE.dll
Berichtskennung: 531defda-1e73-4868-88cc-ee65ae14c73a
Vollständiger Name des fehlerhaften Pakets: Microsoft.LockApp_10.0.14393.0_neutral__cw5n1h2txyewy
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: WindowsDefaultLockScreen

Error: (05/21/2017 06:36:17 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-TP9DC4I)
Description: Bei der Aktivierung der App „Microsoft.LockApp_cw5n1h2txyewy!WindowsDefaultLockScreen“ ist folgender Fehler aufgetreten: -2147023170. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.

Error: (05/21/2017 06:36:16 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: LockApp.exe, Version: 0.0.0.0, Zeitstempel: 0x5819bf0d
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 10.0.14393.1198, Zeitstempel: 0x5902808f
Ausnahmecode: 0x00000004
Fehleroffset: 0x0000000000033c58
ID des fehlerhaften Prozesses: 0xf04
Startzeit der fehlerhaften Anwendung: 0x01d2d2505dda50e4
Pfad der fehlerhaften Anwendung: C:\Windows\SystemApps\Microsoft.LockApp_cw5n1h2txyewy\LockApp.exe
Pfad des fehlerhaften Moduls: C:\WINDOWS\System32\KERNELBASE.dll
Berichtskennung: 2c48230d-7ff7-441b-aa28-7a3ecfad327b
Vollständiger Name des fehlerhaften Pakets: Microsoft.LockApp_10.0.14393.0_neutral__cw5n1h2txyewy
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: WindowsDefaultLockScreen

Error: (05/21/2017 06:35:44 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-TP9DC4I)
Description: Bei der Aktivierung der App „Microsoft.LockApp_cw5n1h2txyewy!WindowsDefaultLockScreen“ ist folgender Fehler aufgetreten: -2147023170. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.


Systemfehler:
=============
Error: (05/21/2017 09:03:28 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID 
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
 und der APPID 
{F72671A9-012C-4725-9D2F-2A4D32D65169}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (05/21/2017 09:03:01 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\Lokaler Dienst" (SID: S-1-5-19) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID 
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
 und der APPID 
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (05/21/2017 09:03:01 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\Lokaler Dienst" (SID: S-1-5-19) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID 
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
 und der APPID 
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (05/21/2017 09:02:11 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Windows Search" wurde aufgrund folgenden Fehlers nicht gestartet: 
Der Dienst konnte wegen einer fehlerhaften Anmeldung nicht gestartet werden.

Error: (05/21/2017 09:02:11 PM) (Source: Service Control Manager) (EventID: 7038) (User: )
Description: Der Dienst "WSearch" konnte sich nicht als "NT AUTHORITY\SYSTEM" mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden: 
Die Anforderung wird nicht unterstützt.


Vergewissern Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft Management Console (MMC).

Error: (05/21/2017 09:02:04 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID 
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 und der APPID 
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (05/21/2017 09:01:41 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Search" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (05/21/2017 09:01:40 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Presentation Foundation-Schriftartcache 3.0.0.0" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 0 Millisekunden durchgeführt: Neustart des Diensts.

Error: (05/21/2017 09:01:40 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Origin Web Helper Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (05/21/2017 09:01:40 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Microsoft Office-Klick-und-Los-Dienst" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 0 Millisekunden durchgeführt: Neustart des Diensts.


CodeIntegrity:
===================================
  Date: 2017-05-21 14:14:02.213
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.

  Date: 2017-05-21 14:14:02.169
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.

  Date: 2017-05-11 18:29:43.006
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\DriverStore\FileRepository\nvamwu.inf_amd64_d4715679184092a8\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2017-05-06 20:00:47.572
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\DriverStore\FileRepository\nvamwu.inf_amd64_d4715679184092a8\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2017-05-03 14:43:48.515
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\DriverStore\FileRepository\nvamwu.inf_amd64_d4715679184092a8\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2017-04-29 20:19:08.826
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\DriverStore\FileRepository\nvamwu.inf_amd64_d4715679184092a8\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2017-04-27 15:15:28.629
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\DriverStore\FileRepository\nvamwu.inf_amd64_d4715679184092a8\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2017-04-23 12:12:03.694
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\DriverStore\FileRepository\nvamwu.inf_amd64_d4715679184092a8\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2017-04-22 12:10:08.899
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\DriverStore\FileRepository\nvamwu.inf_amd64_d4715679184092a8\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2017-04-21 21:51:29.738
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\DriverStore\FileRepository\nvamwu.inf_amd64_d4715679184092a8\nvinitx.dll that did not meet the Custom 3 / Antimalware signing level requirements.


==================== Speicherinformationen =========================== 

Prozessor: Intel(R) Core(TM) i7-5500U CPU @ 2.40GHz
Prozentuale Nutzung des RAM: 29%
Installierter physikalischer RAM: 8062.74 MB
Verfügbarer physikalischer RAM: 5691.53 MB
Summe virtueller Speicher: 9342.74 MB
Verfügbarer virtueller Speicher: 7113.09 MB

==================== Laufwerke ================================

Drive c: (OS) (Fixed) (Total:371.85 GB) (Free:126.78 GB) NTFS ==>[System mit Startkomponenten (eingeholt von Laufwerk)]
Drive d: (DATA) (Fixed) (Total:558.91 GB) (Free:508.23 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 8C5D880B)

Partition: GPT.

==================== Ende von Addition.txt ============================

20.05.2017, 16:47	#7
M-K-D-B /// TB-Ausbilder	Ständige Werbung und NetUtils2016? Servus, ok, wir ändern die Reihenfolge. Erst MBAM ausführen, dann nochmal AdwCleaner, dann weiter wie beschrieben.

21.05.2017, 19:50	#13
M-K-D-B /// TB-Ausbilder	Ständige Werbung und NetUtils2016? Servus, auch wenn AdwCleaner nichts gefunden hat, bitte ich dich, auch auf den "Löschen"-Button zu drücken. Dann bitte nochmal MBAM zur Kontrolle und nochmal FRST zur Kontrolle. Dann sehen wir weiter.

Ständige Werbung und NetUtils2016?

Plagegeister aller Art und deren Bekämpfung: Ständige Werbung und NetUtils2016?