FRST.txt
Code:
Alles auswählen Aufklappen ATTFilter
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 18-07-2017
durchgeführt von Yoshi (Administrator) auf YOSHISISLAND (22-07-2017 15:25:29)
Gestartet von D:\Desktop
Geladene Profile: Yoshi (Verfügbare Profile: Yoshi & DefaultAppPool)
Platform: Windows 10 Pro Version 1703 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Chrome)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(AMD) C:\Windows\System32\atiesrxx.exe
(Hi-Rez Studios) C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Security\Engine\22.10.0.85\ns.exe
(Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(Electronic Arts) C:\Program Files (x86)\Origin\OriginWebHelperService.exe
(Ralink Technology, Corp.) C:\Program Files (x86)\B-LINK\Common\RaRegistry64.exe
(Ralink Technology, Corp.) C:\Program Files (x86)\B-LINK\Common\RaRegistry.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Security\Engine\22.10.0.85\ns.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.5\GoogleCrashHandler.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.19.820.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.5\GoogleCrashHandler64.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(Microsoft Corporation) C:\Windows\System32\cmd.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\cmd.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Security\Engine\22.10.0.85\conathst.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
==================== Registry (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [629152 2017-03-18] (Microsoft Corporation)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [10038304 2010-01-29] (Realtek Semiconductor)
HKLM\...\Run: [Cm106Sound] => C:\Windows\syswow64\RunDll32.exe C:\Windows\Syswow64\cm106.dll,CMICtrlWnd
HKLM\...\Run: [Chew7Hale] => C:\Windows\System32\hale.exe [2169856 2015-12-02] ()
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-11-04] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [NUSB3MON] => C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [106496 2009-11-20] (NEC Electronics Corporation)
HKLM-x32\...\Run: [Aeria Ignite] => C:\Program Files (x86)\Aeria Games\Ignite\aeriaignite.exe [1925656 2013-06-06] (Aeria Games & Entertainment)
HKLM-x32\...\Run: [Rapoo V100 Config] => C:\Program Files (x86)\Rapoo\V100\V100Config.exe [2131256 2014-03-14] (Rapoo)
HKLM-x32\...\Run: [Raptr] => C:\Program Files (x86)\Raptr\raptrstub.exe [56080 2015-11-13] (Raptr, Inc)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2017-07-12] (Oracle Corporation)
HKU\S-1-5-21-548117028-187036573-1812034417-1000\...\Run: [Akamai NetSession Interface] => C:\Users\Yoshi\AppData\Local\Akamai\netsession_win.exe [4691384 2015-09-10] (Akamai Technologies, Inc.)
HKU\S-1-5-21-548117028-187036573-1812034417-1000\...\Run: [Sony PC Companion] => C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe [457088 2015-09-23] (Sony)
HKU\S-1-5-21-548117028-187036573-1812034417-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\Bubbles.scr [804352 2017-03-18] (Microsoft Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\B-LINK Wireless Utility.lnk [2002-01-01]
ShortcutTarget: B-LINK Wireless Utility.lnk -> C:\Program Files (x86)\B-LINK\Common\RaUI.exe (SHENZHEN BILIAN ELECTRONIC CO.,LTD)
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{61ace323-9f4d-4257-8d79-ae8dba7fa9c0}: [DhcpNameServer] 192.168.43.1
Tcpip\..\Interfaces\{e00ea8c2-98ac-40d0-bc7e-bea3aa577a19}: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{e19b16b6-c2a4-473a-9463-f356f354c9b5}: [DhcpNameServer] 192.168.2.1 192.168.2.1
Internet Explorer:
==================
HKU\S-1-5-21-548117028-187036573-1812034417-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.knuddels.de/
BHO: Norton Identity Safety -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton Security\Engine\22.10.0.85\coIEPlg.dll [2017-07-14] (Symantec Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_141\bin\ssv.dll [2017-07-21] (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_141\bin\jp2ssv.dll [2017-07-21] (Oracle Corporation)
BHO-x32: Norton Identity Safety -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton Security\Engine32\22.10.0.85\coIEPlg.dll [2017-07-14] (Symantec Corporation)
BHO-x32: Norton Vulnerability Protection -> {6D53EC84-6AAE-4787-AEEE-F4628F01010C} -> C:\Program Files (x86)\Norton AntiVirus\Engine\21.7.0.11\IPS\IPSBHO.DLL => Keine Datei
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_141\bin\ssv.dll [2017-07-21] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_141\bin\jp2ssv.dll [2017-07-21] (Oracle Corporation)
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security\Engine\22.10.0.85\coIEPlg.dll [2017-07-14] (Symantec Corporation)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security\Engine32\22.10.0.85\coIEPlg.dll [2017-07-14] (Symantec Corporation)
Toolbar: HKU\S-1-5-21-548117028-187036573-1812034417-1000 -> Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security\Engine\22.10.0.85\coIEPlg.dll [2017-07-14] (Symantec Corporation)
Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - Keine Datei
Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - Keine Datei
FireFox:
========
FF ProfilePath: C:\Users\Yoshi\AppData\Roaming\Mozilla\Firefox\Profiles\ks3nnb2f.default-1456404608561 [2017-07-21]
FF Homepage: Mozilla\Firefox\Profiles\ks3nnb2f.default-1456404608561 -> hxxp://www.knuddels.de/
FF HKLM\...\Firefox\Extensions: [{C1A2A613-35F1-4FCF-B27F-2840527B6556}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NS_22.8.1.14\coFFAddon
FF Extension: (Norton Security Toolbar) - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NS_22.8.1.14\coFFAddon [2017-07-19]
FF HKLM-x32\...\Firefox\Extensions: [termtutor@termtutor.com] - C:\Program Files (x86)\Mozilla Firefox\extensions\termtutor@termtutor.com => nicht gefunden
FF HKLM-x32\...\Firefox\Extensions: [{C1A2A613-35F1-4FCF-B27F-2840527B6556}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NS_22.8.1.14\coFFAddon
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_26_0_0_137.dll [2017-07-14] ()
FF Plugin: @java.com/DTPlugin,version=11.141.2 -> C:\Program Files\Java\jre1.8.0_141\bin\dtplugin\npDeployJava1.dll [2017-07-21] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.141.2 -> C:\Program Files\Java\jre1.8.0_141\bin\plugin2\npjp2.dll [2017-07-21] (Oracle Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_26_0_0_137.dll [2017-07-14] ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google)
FF Plugin-x32: @java.com/DTPlugin,version=11.141.2 -> C:\Program Files (x86)\Java\jre1.8.0_141\bin\dtplugin\npDeployJava1.dll [2017-07-21] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.141.2 -> C:\Program Files (x86)\Java\jre1.8.0_141\bin\plugin2\npjp2.dll [2017-07-21] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3508.0205 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2013-02-05] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-07-19] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-07-19] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-04-05] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-548117028-187036573-1812034417-1000: wacom.com/WacomTabletPlugin -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [Keine Datei]
Chrome:
=======
CHR DefaultProfile: Profile 1
CHR HomePage: Profile 1 -> hxxps://web.whatsapp.com/
CHR StartupUrls: Profile 1 -> "hxxps://web.whatsapp.com/"
CHR NewTab: Profile 1 -> Not-active:"chrome-extension://ghogdjhobfepgnhlhodpnfcbicfgbjda/start/index.html"
CHR DefaultSearchURL: Profile 1 -> hxxps://nortonsafe.search.ask.com/web?q={searchTerms}&o=APN11908
CHR DefaultSearchKeyword: Profile 1 -> NortonSafe
CHR DefaultSuggestURL: Profile 1 -> hxxps://ss-sym.search.ask.com/ss?q={searchTerms}&li=ff
CHR Profile: C:\Users\Yoshi\AppData\Local\Google\Chrome\User Data\Guest Profile [2017-07-19]
CHR Profile: C:\Users\Yoshi\AppData\Local\Google\Chrome\User Data\Profile 1 [2017-07-22]
CHR Extension: (Google Präsentationen) - C:\Users\Yoshi\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-07-19]
CHR Extension: (Google Docs) - C:\Users\Yoshi\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2017-07-19]
CHR Extension: (Google Drive) - C:\Users\Yoshi\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-07-19]
CHR Extension: (YouTube) - C:\Users\Yoshi\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-07-19]
CHR Extension: (Adblock Plus) - C:\Users\Yoshi\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2017-07-19]
CHR Extension: (Norton Security Toolbar) - C:\Users\Yoshi\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\cjabmdjcfcfdmffimndhafhblfmpjdpe [2017-07-19]
CHR Extension: (Adobe Acrobat) - C:\Users\Yoshi\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2017-07-19]
CHR Extension: (Google Tabellen) - C:\Users\Yoshi\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-07-19]
CHR Extension: (Google Docs Offline) - C:\Users\Yoshi\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-07-19]
CHR Extension: (League of Legends (LoL) HD Wallpapers New Tab) - C:\Users\Yoshi\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghogdjhobfepgnhlhodpnfcbicfgbjda [2017-07-19]
CHR Extension: (Norton Safe) - C:\Users\Yoshi\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\hbmobhkkblcgdifigjglcjneplefbkmh [2017-07-19]
CHR Extension: (Norton Identity Safe) - C:\Users\Yoshi\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\iikflkcanblccfahdhdonehdalibjnif [2017-07-19]
CHR Extension: (Into The Mist) - C:\Users\Yoshi\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\mgihmkgobaljfehcadcckdggpeojaadh [2017-07-19]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Yoshi\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-07-19]
CHR Extension: (Google Mail) - C:\Users\Yoshi\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-07-19]
CHR Extension: (Chrome Media Router) - C:\Users\Yoshi\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-07-19]
CHR Profile: C:\Users\Yoshi\AppData\Local\Google\Chrome\User Data\System Profile [2017-07-19]
CHR HKLM\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] - C:\Program Files (x86)\Norton Security\Engine\22.10.0.85\Exts\Chrome.crx [2017-07-18]
CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-548117028-187036573-1812034417-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] - C:\Program Files (x86)\Norton Security\Engine\22.10.0.85\Exts\Chrome.crx [2017-07-18]
CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - hxxps://clients2.google.com/service/update2/crx
==================== Dienste (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [351944 2015-11-04] (Advanced Micro Devices, Inc.)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1404936 2016-08-20] ()
S3 EasyAntiCheat; C:\WINDOWS\SysWOW64\EasyAntiCheat.exe [409128 2017-03-02] (EasyAntiCheat Ltd)
U2 HiPatchService; C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [9728 2017-07-12] (Hi-Rez Studios) [Datei ist nicht signiert]
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2008-12-03] (Hewlett-Packard) [Datei ist nicht signiert]
S3 npggsvc; C:\WINDOWS\SysWOW64\GameMon.des [4362656 2016-02-24] (INCA Internet Co., Ltd.) [Datei ist nicht signiert]
R2 NS; C:\Program Files (x86)\Norton Security\Engine\22.10.0.85\NS.exe [326144 2017-07-15] (Symantec Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2123240 2017-03-16] (Electronic Arts)
R2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [2184688 2017-03-16] (Electronic Arts)
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2008-12-03] (Hewlett-Packard) [Datei ist nicht signiert]
R2 RalinkRegistryWriter; C:\Program Files (x86)\B-LINK\Common\RaRegistry.exe [375872 2011-03-31] (Ralink Technology, Corp.)
R2 RalinkRegistryWriter64; C:\Program Files (x86)\B-LINK\Common\RaRegistry64.exe [454208 2011-03-31] (Ralink Technology, Corp.)
S3 RaMediaServer; C:\Program Files (x86)\B-LINK\Common\RaMediaServer.exe [621632 2011-03-04] ()
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [3913064 2017-03-20] (Microsoft Corporation)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5448464 2015-03-30] (TeamViewer GmbH)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [342264 2017-03-18] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [102816 2017-03-18] (Microsoft Corporation)
===================== Treiber (Nicht auf der Ausnahmeliste) ======================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 AODDriver4.3; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [59616 2014-02-11] (Advanced Micro Devices)
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [13440 2009-08-04] ()
R3 AtiHDAudioService; C:\WINDOWS\system32\drivers\AtihdWT6.sys [102912 2015-07-21] (Advanced Micro Devices)
R1 BHDrvx64; C:\Program Files (x86)\Norton Security\NortonData\22.8.1.14\Definitions\BASHDefs\20170719.001\BHDrvx64.sys [1862816 2017-06-28] (Symantec Corporation)
R1 ccSet_NS; C:\WINDOWS\system32\drivers\NSx64\160A000.055\ccSetx64.sys [187520 2017-07-14] (Symantec Corporation)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [508032 2017-07-13] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [158336 2017-07-13] (Symantec Corporation)
R1 IDSVia64; C:\Program Files (x86)\Norton Security\NortonData\22.8.1.14\Definitions\IPSDefs\20170721.001\IDSvia64.sys [1056920 2017-07-18] (Symantec Corporation)
S3 LGJoyXlCore; C:\WINDOWS\system32\drivers\LGJoyXlCore.sys [68384 2015-06-11] (Logitech Inc.)
S3 ManyCam; C:\WINDOWS\System32\DRIVERS\mcvidrv.sys [49304 2014-12-15] (Visicom Media Inc.)
S3 mcaudrv_simple; C:\WINDOWS\System32\drivers\mcaudrv_x64.sys [35992 2014-12-15] (Visicom Media Inc.)
R3 MTsensor; C:\WINDOWS\system32\DRIVERS\ASACPI.sys [17280 2013-05-17] ()
R3 rpvm100d; C:\WINDOWS\system32\drivers\rpvm100d.sys [30976 2014-03-10] (RAPOO)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [604160 2017-03-18] (Realtek )
S3 SDFRd; C:\WINDOWS\System32\drivers\SDFRd.sys [31128 2017-03-18] ()
S3 SRTSP; C:\WINDOWS\System32\Drivers\NSx64\160A000.055\SRTSP64.SYS [810136 2017-07-14] (Symantec Corporation)
R1 SRTSPX; C:\WINDOWS\system32\drivers\NSx64\160A000.055\SRTSPX64.SYS [49304 2017-07-14] (Symantec Corporation)
R0 SymEFASI; C:\WINDOWS\System32\drivers\NSx64\160A000.055\SYMEFASI64.SYS [1868416 2017-07-14] (Symantec Corporation)
S0 SymELAM; C:\WINDOWS\System32\drivers\NSx64\160A000.055\SymELAM.sys [24608 2017-05-11] (Symantec Corporation)
R3 SymEvent; C:\WINDOWS\system32\Drivers\SYMEVENT64x86.SYS [102568 2017-07-18] (Symantec Corporation)
R1 SymIRON; C:\WINDOWS\system32\drivers\NSx64\160A000.055\Ironx64.SYS [301288 2017-07-14] (Symantec Corporation)
R1 SymNetS; C:\WINDOWS\System32\Drivers\NSx64\160A000.055\SYMNETS.SYS [566912 2017-07-14] (Symantec Corporation)
R1 VBoxUSBMon; C:\WINDOWS\system32\DRIVERS\VBoxUSBMon.sys [133248 2016-07-06] (BigNox Corporation)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44632 2017-03-18] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [294816 2017-03-18] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [121248 2017-03-18] (Microsoft Corporation)
S3 xhunter1; C:\WINDOWS\xhunter1.sys [36808 2017-01-01] (Wellbia.com Co., Ltd.)
S1 XQHDrv; C:\WINDOWS\system32\DRIVERS\XQHDrv.sys [281728 2016-07-06] (BigNox Corporation)
S1 XQHDrv; C:\Windows\SysWOW64\DRIVERS\XQHDrv.sys [281728 2016-07-06] (BigNox Corporation)
S3 XSplit_Dummy; C:\WINDOWS\System32\drivers\xspltspk.sys [26200 2014-07-02] (SplitmediaLabs Limited)
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2017-07-22 01:41 - 2017-07-22 15:14 - 00000000 ____D C:\AdwCleaner
2017-07-22 00:12 - 2017-07-22 01:21 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2017-07-22 00:12 - 2017-07-22 00:12 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2017-07-22 00:12 - 2017-07-22 00:12 - 00000000 ____D C:\ProgramData\Malwarebytes
2017-07-21 23:45 - 2017-07-21 23:45 - 00109272 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2017-07-21 22:56 - 2017-07-22 15:25 - 00000000 ____D C:\FRST
2017-07-21 19:11 - 2017-07-21 19:11 - 00000000 ____D C:\WINDOWS\System32\Tasks\Remediation
2017-07-21 19:01 - 2017-07-21 19:01 - 00110144 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge-64.dll
2017-07-21 18:53 - 2017-07-21 19:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2017-07-21 18:53 - 2017-07-21 18:53 - 00097856 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2017-07-21 18:48 - 2017-07-22 01:46 - 00000000 ____D C:\Program Files\Mozilla Firefox
2017-07-21 18:48 - 2017-07-22 01:46 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2017-07-21 18:48 - 2017-07-21 18:48 - 00001015 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2017-07-21 18:26 - 2017-07-21 18:26 - 00000000 ____D C:\Users\Yoshi\AppData\LocalLow\Temp
2017-07-21 08:12 - 2017-07-21 08:14 - 00000000 ____D C:\Users\Yoshi\Knuddels-Stapp
2017-07-19 03:40 - 2017-07-19 03:40 - 00003628 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2017-07-19 03:40 - 2017-07-19 03:40 - 00003504 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2017-07-19 03:40 - 2017-07-19 03:40 - 00002346 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-07-19 00:49 - 2017-07-22 15:17 - 00000000 ____D C:\WINDOWS\System32\Tasks\Norton Security
2017-07-19 00:35 - 2017-07-19 00:35 - 00003388 _____ C:\WINDOWS\System32\Tasks\Norton WSC Integration
2017-07-14 01:04 - 2017-07-21 06:29 - 00750840 _____ C:\WINDOWS\system32\Drivers\EasyAntiCheat.sys
2017-07-13 18:58 - 2017-06-03 11:59 - 01409048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2017-07-13 18:58 - 2017-06-03 11:59 - 00626528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2017-07-13 18:58 - 2017-06-03 11:59 - 00311200 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2017-07-13 18:58 - 2017-06-03 11:36 - 01150784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ucrtbase.dll
2017-07-13 18:58 - 2017-06-03 11:23 - 20373920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2017-07-13 18:58 - 2017-06-03 11:23 - 06760024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2017-07-13 18:58 - 2017-06-03 11:23 - 00573856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comctl32.dll
2017-07-13 18:58 - 2017-06-03 11:11 - 02958848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2017-07-13 18:58 - 2017-06-03 11:11 - 00038912 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2017-07-13 18:58 - 2017-06-03 11:09 - 00094720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTimeUtil.dll
2017-07-13 18:58 - 2017-06-03 11:07 - 00002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tzres.dll
2017-07-13 18:58 - 2017-06-03 11:05 - 20506624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2017-07-13 18:58 - 2017-06-03 11:05 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Identity.Provider.dll
2017-07-13 18:58 - 2017-06-03 11:05 - 00169984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\devicengccredprov.dll
2017-07-13 18:58 - 2017-06-03 11:03 - 19336192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2017-07-13 18:58 - 2017-06-03 11:03 - 00467456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TpmCoreProvisioning.dll
2017-07-13 18:58 - 2017-06-03 11:00 - 00358400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2017-07-13 18:58 - 2017-06-03 10:59 - 02672128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2017-07-13 18:58 - 2017-06-03 10:59 - 00636416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll
2017-07-13 18:58 - 2017-06-03 10:57 - 11870720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2017-07-13 18:58 - 2017-06-03 10:57 - 06535168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mspaint.exe
2017-07-13 18:58 - 2017-06-03 10:57 - 01248768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll
2017-07-13 18:58 - 2017-06-03 10:57 - 00797184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2017-07-13 18:58 - 2017-06-03 10:56 - 06292992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2017-07-13 18:58 - 2017-06-03 10:55 - 03656192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2017-07-13 18:58 - 2017-06-03 10:55 - 02132480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2017-07-13 18:58 - 2017-06-03 10:55 - 01019904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2017-07-13 18:58 - 2017-06-03 10:54 - 02341376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2017-07-13 18:58 - 2017-06-03 10:53 - 04559360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll
2017-07-13 18:58 - 2017-05-20 11:13 - 01333136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2017-07-13 18:58 - 2017-05-20 10:55 - 00606960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2017-07-13 18:58 - 2017-05-20 10:48 - 04469832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2017-07-13 18:58 - 2017-05-20 10:47 - 01474800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2017-07-13 18:58 - 2017-05-20 10:46 - 05821496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2017-07-13 18:58 - 2017-05-20 10:46 - 01266544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll
2017-07-13 18:58 - 2017-05-20 10:46 - 00754080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2017-07-13 18:58 - 2017-05-20 10:45 - 00349600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2017-07-13 18:58 - 2017-05-20 10:44 - 00181664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2017-07-13 18:58 - 2017-05-20 10:43 - 05802968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2017-07-13 18:58 - 2017-05-20 10:43 - 04672848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2017-07-13 18:58 - 2017-05-20 10:43 - 02424016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2017-07-13 18:58 - 2017-05-20 10:43 - 01529384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll
2017-07-13 18:58 - 2017-05-20 10:43 - 01455592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2017-07-13 18:58 - 2017-05-20 10:43 - 01120864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2017-07-13 18:58 - 2017-05-20 10:43 - 00354400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MMDevAPI.dll
2017-07-13 18:58 - 2017-05-20 10:29 - 13840384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2017-07-13 18:58 - 2017-05-20 10:29 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbonRes.dll
2017-07-13 18:58 - 2017-05-20 10:27 - 02199552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Resources.dll
2017-07-13 18:58 - 2017-05-20 10:27 - 00141824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\smartscreenps.dll
2017-07-13 18:58 - 2017-05-20 10:26 - 00059904 _____ C:\WINDOWS\SysWOW64\xboxgipsynthetic.dll
2017-07-13 18:58 - 2017-05-20 10:26 - 00025088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\odbcconf.dll
2017-07-13 18:58 - 2017-05-20 10:25 - 00826368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NPSMDesktopProvider.dll
2017-07-13 18:58 - 2017-05-20 10:25 - 00174080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.Diagnostics.dll
2017-07-13 18:58 - 2017-05-20 10:23 - 06728192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2017-07-13 18:58 - 2017-05-20 10:22 - 01292288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVPXENC.dll
2017-07-13 18:58 - 2017-05-20 10:21 - 00476672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneDriveSettingSyncProvider.dll
2017-07-13 18:58 - 2017-05-20 10:21 - 00444928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.System.Launcher.dll
2017-07-13 18:58 - 2017-05-20 10:20 - 00807424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll
2017-07-13 18:58 - 2017-05-20 10:20 - 00507392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2017-07-13 18:58 - 2017-05-20 10:20 - 00368128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgentUserBroker.exe
2017-07-13 18:58 - 2017-05-20 10:19 - 05719040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2017-07-13 18:58 - 2017-05-20 10:18 - 01450496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll
2017-07-13 18:58 - 2017-05-20 10:17 - 00952832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comdlg32.dll
2017-07-13 18:58 - 2017-05-20 10:17 - 00909312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2017-07-13 18:58 - 2017-05-20 10:17 - 00329728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
2017-07-13 18:58 - 2017-05-20 10:17 - 00050176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cldapi.dll
2017-07-13 18:58 - 2017-05-20 10:16 - 03667456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_47.dll
2017-07-13 18:58 - 2017-05-20 10:16 - 02588160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapRouter.dll
2017-07-13 18:58 - 2017-05-20 10:16 - 00899584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll
2017-07-13 18:58 - 2017-05-20 10:15 - 02088960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapGeocoder.dll
2017-07-13 18:58 - 2017-05-20 10:14 - 04417024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll
2017-07-13 18:58 - 2017-05-20 10:14 - 04056576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2017-07-13 18:58 - 2017-05-20 10:14 - 02679296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRH.dll
2017-07-13 18:58 - 2017-05-20 10:14 - 02211328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll
2017-07-13 18:58 - 2017-05-20 10:11 - 01536512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2017-07-13 18:58 - 2017-05-20 10:10 - 00332800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Midi.dll
2017-07-13 18:58 - 2017-05-20 10:10 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NPSM.dll
2017-07-13 18:58 - 2017-05-20 10:10 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll
2017-07-13 18:58 - 2017-05-20 10:08 - 00174080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RstrtMgr.dll
2017-07-13 18:57 - 2017-06-03 11:35 - 02259768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2017-07-13 18:57 - 2017-06-03 11:26 - 00266640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\capauthz.dll
2017-07-13 18:57 - 2017-06-03 11:21 - 01516448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppVEntSubsystems32.dll
2017-07-13 18:57 - 2017-06-03 11:20 - 00583160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2017-07-13 18:57 - 2017-06-03 10:58 - 05961216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2017-07-13 18:57 - 2017-06-03 10:54 - 02298368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2017-07-13 18:57 - 2017-05-20 10:44 - 00519680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2017-07-13 18:57 - 2017-05-20 10:24 - 00362496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2017-07-13 18:57 - 2017-05-20 10:22 - 00754176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MessagingDataModel2.dll
2017-07-13 18:57 - 2017-05-20 10:22 - 00394240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DictationManager.dll
2017-07-13 18:57 - 2017-05-20 10:21 - 01984000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DeviceFlows.DataModel.dll
2017-07-13 18:57 - 2017-05-20 10:20 - 00354304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActivationManager.dll
2017-07-13 18:57 - 2017-05-20 10:16 - 05225984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2017-07-13 18:57 - 2017-05-20 10:14 - 01035264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ShareHost.dll
2017-07-13 18:55 - 2017-06-03 12:10 - 00130464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tm.sys
2017-07-13 18:55 - 2017-06-03 12:09 - 01003624 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase.dll
2017-07-13 18:55 - 2017-06-03 12:07 - 00119712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tdx.sys
2017-07-13 18:55 - 2017-06-03 11:59 - 00259400 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotifyIcon.exe
2017-07-13 18:55 - 2017-06-03 11:58 - 07904784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2017-07-13 18:55 - 2017-06-03 11:55 - 02681760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2017-07-13 18:55 - 2017-06-03 11:14 - 03673088 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2017-07-13 18:55 - 2017-06-03 11:14 - 00099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\utcutil.dll
2017-07-13 18:55 - 2017-06-03 11:12 - 00119296 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTimeUtil.dll
2017-07-13 18:55 - 2017-06-03 11:11 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2017-07-13 18:55 - 2017-06-03 11:11 - 00052736 _____ (Microsoft Corporation) C:\WINDOWS\system32\musdialoghandlers.dll
2017-07-13 18:55 - 2017-06-03 11:10 - 00293376 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2017-07-13 18:55 - 2017-06-03 11:10 - 00102400 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2017-07-13 18:55 - 2017-06-03 11:09 - 00064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll
2017-07-13 18:55 - 2017-06-03 11:07 - 00721920 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2017-07-13 18:55 - 2017-06-03 11:06 - 00551936 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmCoreProvisioning.dll
2017-07-13 18:55 - 2017-06-03 11:03 - 01260544 _____ (Microsoft Corporation) C:\WINDOWS\system32\GamePanel.exe
2017-07-13 18:55 - 2017-06-03 11:00 - 03379200 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2017-07-13 18:55 - 2017-06-03 11:00 - 00933376 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2017-07-13 18:55 - 2017-06-03 10:59 - 02625024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2017-07-13 18:55 - 2017-06-03 10:59 - 02597376 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2017-07-13 18:55 - 2017-06-03 10:59 - 02056192 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2017-07-13 18:55 - 2017-06-03 10:58 - 02516480 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2017-07-13 18:55 - 2017-06-03 10:57 - 05557760 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll
2017-07-13 18:55 - 2017-05-20 09:08 - 01459728 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2017-07-13 18:55 - 2017-05-20 08:55 - 01911752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2017-07-13 18:55 - 2017-05-20 08:55 - 01506712 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2017-07-13 18:55 - 2017-05-20 08:55 - 01055648 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2017-07-13 18:55 - 2017-05-20 08:54 - 00546208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2017-07-13 18:55 - 2017-05-20 08:54 - 00144288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storahci.sys
2017-07-13 18:55 - 2017-05-20 08:53 - 00335808 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthService.exe
2017-07-13 18:55 - 2017-05-20 08:51 - 01670496 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2017-07-13 18:55 - 2017-05-20 08:10 - 00809472 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthSSO.dll
2017-07-13 18:55 - 2017-05-20 08:10 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbonRes.dll
2017-07-13 18:55 - 2017-05-20 08:10 - 00088576 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrvext.dll
2017-07-13 18:55 - 2017-05-20 08:08 - 00086016 _____ C:\WINDOWS\system32\xboxgipsynthetic.dll
2017-07-13 18:55 - 2017-05-20 08:08 - 00013312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rootmdm.sys
2017-07-13 18:55 - 2017-05-20 08:07 - 00133120 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblGameSaveExt.dll
2017-07-13 18:55 - 2017-05-20 08:07 - 00015872 _____ (Microsoft Corporation) C:\WINDOWS\system32\snmptrap.exe
2017-07-13 18:55 - 2017-05-20 08:06 - 00232448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.Diagnostics.dll
2017-07-13 18:55 - 2017-05-20 08:05 - 07931392 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2017-07-13 18:55 - 2017-05-20 08:02 - 00601088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.System.Launcher.dll
2017-07-13 18:55 - 2017-05-20 08:01 - 00409600 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2017-07-13 18:55 - 2017-05-20 08:00 - 01078272 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2017-07-13 18:55 - 2017-05-20 08:00 - 01067008 _____ (Microsoft Corporation) C:\WINDOWS\system32\XboxNetApiSvc.dll
2017-07-13 18:55 - 2017-05-20 08:00 - 00417792 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgentUserBroker.exe
2017-07-13 18:55 - 2017-05-20 07:59 - 01818624 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll
2017-07-13 18:55 - 2017-05-20 07:58 - 00374784 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2017-07-13 18:55 - 2017-05-20 07:57 - 00681984 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2017-07-13 18:55 - 2017-05-20 07:56 - 01076736 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll
2017-07-13 18:55 - 2017-05-20 07:55 - 03332096 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2017-07-13 18:55 - 2017-05-20 07:55 - 02499584 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
2017-07-13 18:55 - 2017-05-20 07:51 - 01706496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2017-07-13 18:55 - 2017-05-20 07:51 - 00148480 _____ (Microsoft Corporation) C:\WINDOWS\system32\umpo.dll
2017-07-13 18:55 - 2017-05-20 07:48 - 02438656 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.dll
2017-07-13 18:55 - 2017-05-20 07:48 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\system32\vss_ps.dll
2017-07-13 18:54 - 2017-06-03 12:15 - 01596600 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2017-07-13 18:54 - 2017-06-03 12:15 - 00750560 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2017-07-13 18:54 - 2017-06-03 12:15 - 00382368 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2017-07-13 18:54 - 2017-06-03 12:09 - 08318880 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2017-07-13 18:54 - 2017-06-03 12:08 - 02969880 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreUIComponents.dll
2017-07-13 18:54 - 2017-06-03 12:02 - 02444192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2017-07-13 18:54 - 2017-06-03 12:01 - 05477096 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneCoreUAPCommonProxyStub.dll
2017-07-13 18:54 - 2017-06-03 11:58 - 21352696 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2017-07-13 18:54 - 2017-06-03 11:58 - 00660384 _____ (Microsoft Corporation) C:\WINDOWS\system32\comctl32.dll
2017-07-13 18:54 - 2017-06-03 11:58 - 00254176 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2017-07-13 18:54 - 2017-06-03 11:57 - 00371616 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHost.dll
2017-07-13 18:54 - 2017-06-03 11:28 - 23677440 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2017-07-13 18:54 - 2017-06-03 11:14 - 00443392 _____ (Microsoft Corporation) C:\WINDOWS\system32\PerceptionSimulationExtensions.dll
2017-07-13 18:54 - 2017-06-03 11:14 - 00142848 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmredir.dll
2017-07-13 18:54 - 2017-06-03 11:14 - 00047104 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2017-07-13 18:54 - 2017-06-03 11:11 - 00002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzres.dll
2017-07-13 18:54 - 2017-06-03 11:10 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCredentialDeployment.exe
2017-07-13 18:54 - 2017-06-03 11:09 - 00271872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Identity.Provider.dll
2017-07-13 18:54 - 2017-06-03 11:09 - 00221184 _____ (Microsoft Corporation) C:\WINDOWS\system32\devicengccredprov.dll
2017-07-13 18:54 - 2017-06-03 11:07 - 23682048 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2017-07-13 18:54 - 2017-06-03 11:07 - 00778240 _____ C:\WINDOWS\system32\MBR2GPT.EXE
2017-07-13 18:54 - 2017-06-03 11:05 - 07336448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2017-07-13 18:54 - 2017-06-03 11:05 - 01878016 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2017-07-13 18:54 - 2017-06-03 11:04 - 12787200 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2017-07-13 18:54 - 2017-06-03 11:04 - 00925696 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll
2017-07-13 18:54 - 2017-06-03 11:04 - 00805888 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2017-07-13 18:54 - 2017-06-03 11:02 - 08245760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2017-07-13 18:54 - 2017-06-03 11:01 - 06726656 _____ (Microsoft Corporation) C:\WINDOWS\system32\mspaint.exe
2017-07-13 18:54 - 2017-06-03 10:59 - 04730368 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2017-07-13 18:54 - 2017-06-03 10:59 - 01293824 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2017-07-13 18:54 - 2017-06-03 10:59 - 01142784 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2017-07-13 18:54 - 2017-06-03 10:59 - 00975360 _____ (Microsoft Corporation) C:\WINDOWS\HelpPane.exe
2017-07-13 18:54 - 2017-06-03 10:58 - 02650112 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2017-07-13 18:54 - 2017-06-03 10:58 - 01888256 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2017-07-13 18:54 - 2017-06-03 10:58 - 01046016 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcsvc.dll
2017-07-13 18:54 - 2017-06-03 10:58 - 00827392 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
2017-07-13 18:54 - 2017-06-03 10:57 - 02829824 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2017-07-13 18:54 - 2017-06-03 10:57 - 01675264 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2017-07-13 18:54 - 2017-06-03 10:54 - 00794112 _____ (Microsoft Corporation) C:\WINDOWS\system32\pwcreator.exe
2017-07-13 18:54 - 2017-05-20 09:03 - 00777400 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2017-07-13 18:54 - 2017-05-20 08:59 - 00112544 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dam.sys
2017-07-13 18:54 - 2017-05-20 08:56 - 04847928 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2017-07-13 18:54 - 2017-05-20 08:56 - 00712608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2017-07-13 18:54 - 2017-05-20 08:56 - 00370928 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2017-07-13 18:54 - 2017-05-20 08:55 - 07325584 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2017-07-13 18:54 - 2017-05-20 08:55 - 00961952 _____ (Microsoft Corporation) C:\WINDOWS\system32\efscore.dll
2017-07-13 18:54 - 2017-05-20 08:53 - 00411040 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2017-07-13 18:54 - 2017-05-20 08:53 - 00363424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fastfat.sys
2017-07-13 18:54 - 2017-05-20 08:52 - 04709528 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2017-07-13 18:54 - 2017-05-20 08:52 - 01700408 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2017-07-13 18:54 - 2017-05-20 08:51 - 06551856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2017-07-13 18:54 - 2017-05-20 08:51 - 02604256 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2017-07-13 18:54 - 2017-05-20 08:51 - 01219560 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2017-07-13 18:54 - 2017-05-20 08:51 - 00406064 _____ (Microsoft Corporation) C:\WINDOWS\system32\MMDevAPI.dll
2017-07-13 18:54 - 2017-05-20 08:48 - 00387928 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpps.dll
2017-07-13 18:54 - 2017-05-20 08:10 - 00361472 _____ (Microsoft Corporation) C:\WINDOWS\system32\ConhostV2.dll
2017-07-13 18:54 - 2017-05-20 08:10 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksthunk.sys
2017-07-13 18:54 - 2017-05-20 08:09 - 17365504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2017-07-13 18:54 - 2017-05-20 08:09 - 02199552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll
2017-07-13 18:54 - 2017-05-20 08:09 - 00209408 _____ (Microsoft Corporation) C:\WINDOWS\system32\smartscreenps.dll
2017-07-13 18:54 - 2017-05-20 08:08 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\system32\odbcconf.dll
2017-07-13 18:54 - 2017-05-20 08:06 - 00866816 _____ (Microsoft Corporation) C:\WINDOWS\system32\NPSMDesktopProvider.dll
2017-07-13 18:54 - 2017-05-20 08:06 - 00192512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.SharedPC.AccountManager.dll
2017-07-13 18:54 - 2017-05-20 08:03 - 08331264 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2017-07-13 18:54 - 2017-05-20 08:03 - 00527360 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
2017-07-13 18:54 - 2017-05-20 08:03 - 00491520 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Display.dll
2017-07-13 18:54 - 2017-05-20 08:03 - 00427008 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2017-07-13 18:54 - 2017-05-20 08:01 - 02347520 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceFlows.DataModel.dll
2017-07-13 18:54 - 2017-05-20 08:01 - 00970240 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpsvc.dll
2017-07-13 18:54 - 2017-05-20 08:01 - 00590848 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2017-07-13 18:54 - 2017-05-20 08:01 - 00586240 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneDriveSettingSyncProvider.dll
2017-07-13 18:54 - 2017-05-20 08:01 - 00299520 _____ (Microsoft Corporation) C:\WINDOWS\system32\AboveLockAppHost.dll
2017-07-13 18:54 - 2017-05-20 08:00 - 00056832 _____ (Microsoft Corporation) C:\WINDOWS\system32\cldapi.dll
2017-07-13 18:54 - 2017-05-20 07:59 - 01141760 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
2017-07-13 18:54 - 2017-05-20 07:59 - 01028608 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2017-07-13 18:54 - 2017-05-20 07:59 - 00972800 _____ (Microsoft Corporation) C:\WINDOWS\system32\sysmain.dll
2017-07-13 18:54 - 2017-05-20 07:59 - 00687104 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2017-07-13 18:54 - 2017-05-20 07:58 - 03784704 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapRouter.dll
2017-07-13 18:54 - 2017-05-20 07:58 - 03135488 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapGeocoder.dll
2017-07-13 18:54 - 2017-05-20 07:58 - 01046016 _____ (Microsoft Corporation) C:\WINDOWS\system32\comdlg32.dll
2017-07-13 18:54 - 2017-05-20 07:58 - 00909824 _____ (Microsoft Corporation) C:\WINDOWS\system32\ISM.dll
2017-07-13 18:54 - 2017-05-20 07:56 - 02730496 _____ (Microsoft Corporation) C:\WINDOWS\system32\smartscreen.exe
2017-07-13 18:54 - 2017-05-20 07:55 - 04396032 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_47.dll
2017-07-13 18:54 - 2017-05-20 07:55 - 01102848 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2017-07-13 18:54 - 2017-05-20 07:54 - 04707840 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
2017-07-13 18:54 - 2017-05-20 07:54 - 04537344 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2017-07-13 18:54 - 2017-05-20 07:54 - 03803136 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll
2017-07-13 18:54 - 2017-05-20 07:54 - 02938880 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
2017-07-13 18:54 - 2017-05-20 07:52 - 00557568 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnprv.dll
2017-07-13 18:54 - 2017-05-20 07:52 - 00476160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll
2017-07-13 18:54 - 2017-05-20 07:50 - 00439808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Midi.dll
2017-07-13 18:54 - 2017-05-20 07:50 - 00159744 _____ (Microsoft Corporation) C:\WINDOWS\system32\NPSM.dll
2017-07-13 18:54 - 2017-05-20 07:47 - 00641536 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdbui.dll
2017-07-13 18:54 - 2017-05-20 07:47 - 00199680 _____ (Microsoft Corporation) C:\WINDOWS\system32\RstrtMgr.dll
2017-07-13 18:53 - 2017-06-03 12:14 - 01147296 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2017-07-13 18:53 - 2017-06-03 12:14 - 01024928 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2017-07-13 18:53 - 2017-06-03 12:07 - 00923048 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2017-07-13 18:53 - 2017-06-03 12:00 - 00872472 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipSVC.dll
2017-07-13 18:53 - 2017-06-03 12:00 - 00321376 _____ (Microsoft Corporation) C:\WINDOWS\system32\capauthz.dll
2017-07-13 18:53 - 2017-06-03 12:00 - 00219040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tpm.sys
2017-07-13 18:53 - 2017-06-03 11:56 - 02228120 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntSubsystems64.dll
2017-07-13 18:53 - 2017-06-03 11:56 - 01854880 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntVirtualization.dll
2017-07-13 18:53 - 2017-06-03 11:56 - 01693600 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVIntegration.dll
2017-07-13 18:53 - 2017-06-03 11:56 - 01458592 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntSubsystemController.dll
2017-07-13 18:53 - 2017-06-03 11:56 - 00848288 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVOrchestration.dll
2017-07-13 18:53 - 2017-06-03 11:56 - 00846752 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVClient.exe
2017-07-13 18:53 - 2017-06-03 11:56 - 00844696 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntStreamingManager.dll
2017-07-13 18:53 - 2017-06-03 11:56 - 00697760 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVCatalog.dll
2017-07-13 18:53 - 2017-06-03 11:56 - 00672672 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVPublishing.dll
2017-07-13 18:53 - 2017-06-03 11:56 - 00399264 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVScripting.dll
2017-07-13 18:53 - 2017-06-03 11:11 - 00035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BasicRender.sys
2017-07-13 18:53 - 2017-06-03 11:07 - 00197120 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcdboot.exe
2017-07-13 18:53 - 2017-06-03 11:01 - 02804736 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2017-07-13 18:53 - 2017-06-03 10:51 - 00064512 _____ (Microsoft Corporation) C:\WINDOWS\bfsvc.exe
2017-07-13 18:53 - 2017-05-20 09:08 - 00543648 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2017-07-13 18:53 - 2017-05-20 09:07 - 00287648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2017-07-13 18:53 - 2017-05-20 08:58 - 00188824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2017-07-13 18:53 - 2017-05-20 08:55 - 00211872 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2017-07-13 18:53 - 2017-05-20 08:54 - 00730016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys
2017-07-13 18:53 - 2017-05-20 08:53 - 00654976 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2017-07-13 18:53 - 2017-05-20 08:53 - 00255904 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2017-07-13 18:53 - 2017-05-20 08:07 - 00277504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\xboxgip.sys
2017-07-13 18:53 - 2017-05-20 08:05 - 00518144 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2017-07-13 18:53 - 2017-05-20 08:03 - 00892416 _____ (Microsoft Corporation) C:\WINDOWS\system32\MessagingDataModel2.dll
2017-07-13 18:53 - 2017-05-20 08:03 - 00549888 _____ (Microsoft Corporation) C:\WINDOWS\system32\DictationManager.dll
2017-07-13 18:53 - 2017-05-20 08:02 - 00616960 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowManagement.dll
2017-07-13 18:53 - 2017-05-20 08:01 - 00408064 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActivationManager.dll
2017-07-13 18:53 - 2017-05-20 08:01 - 00149504 _____ (Microsoft Corporation) C:\WINDOWS\system32\embeddedmodesvc.dll
2017-07-13 18:53 - 2017-05-20 08:00 - 00846848 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2017-07-13 18:53 - 2017-05-20 07:59 - 01468416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2017-07-13 18:53 - 2017-05-20 07:59 - 00585216 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppReadiness.dll
2017-07-13 18:53 - 2017-05-20 07:58 - 01886208 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2017-07-13 18:53 - 2017-05-20 07:54 - 01275904 _____ (Microsoft Corporation) C:\WINDOWS\system32\ShareHost.dll
2017-07-13 18:53 - 2017-05-20 07:52 - 01356800 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2017-07-13 18:53 - 2017-05-20 07:52 - 00624640 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2017-07-13 15:16 - 2017-07-13 15:16 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2017-07-13 14:28 - 2017-07-13 14:28 - 00000000 ____D C:\WINDOWS\System32\Tasks\S-1-5-21-548117028-187036573-1812034417-1000
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2017-07-22 15:09 - 2017-05-03 15:09 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-07-22 15:09 - 2016-01-15 16:59 - 00000000 ____D C:\Program Files (x86)\Hi-Rez Studios
2017-07-22 15:08 - 2017-03-18 13:40 - 01048576 _____ C:\WINDOWS\system32\config\BBI
2017-07-22 15:02 - 2015-12-03 15:08 - 00000000 ____D C:\Users\Yoshi\AppData\Local\Spotify
2017-07-22 15:00 - 2017-05-03 14:49 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2017-07-22 13:09 - 2015-12-03 15:07 - 00000000 ____D C:\Users\Yoshi\AppData\Roaming\Spotify
2017-07-22 11:40 - 2017-05-09 17:44 - 00004162 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{EBA0C5BB-E7A8-406A-A2B9-F6FED5062148}
2017-07-22 01:45 - 2016-03-31 01:29 - 00000000 ____D C:\Program Files (x86)\Amazon
2017-07-22 01:45 - 2014-09-29 12:29 - 00000000 ____D C:\Users\Yoshi\AppData\Roaming\Yahoo!
2017-07-22 01:32 - 2014-09-07 10:53 - 00000000 ____D C:\Users\Yoshi\AppData\Roaming\Skype
2017-07-22 00:02 - 2014-09-13 21:15 - 00000000 ____D C:\Users\Yoshi\AppData\Roaming\TS3Client
2017-07-21 22:52 - 2017-03-18 23:03 - 00000000 ___HD C:\Program Files\WindowsApps
2017-07-21 22:52 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\AppReadiness
2017-07-21 19:42 - 2017-01-21 20:28 - 00000000 ____D C:\Users\Yoshi\AppData\LocalLow\Mozilla
2017-07-21 19:00 - 2015-01-13 12:11 - 00000000 ____D C:\Program Files\Java
2017-07-21 18:54 - 2014-09-07 02:39 - 00000000 ____D C:\ProgramData\Oracle
2017-07-21 18:53 - 2015-01-13 11:58 - 00000000 ____D C:\Program Files (x86)\Java
2017-07-21 18:42 - 2017-01-21 19:36 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2017-07-21 18:13 - 2017-03-18 13:40 - 00032768 _____ C:\WINDOWS\system32\config\ELAM
2017-07-21 18:08 - 2017-05-03 14:54 - 00000000 ____D C:\Users\Yoshi
2017-07-21 15:18 - 2014-09-16 23:47 - 00000000 ____D C:\Users\Yoshi\AppData\Local\CrashDumps
2017-07-21 10:02 - 2016-05-11 12:33 - 00000000 ____D C:\Users\Yoshi\AppData\Local\NPE
2017-07-21 09:14 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\NDF
2017-07-21 08:13 - 2016-10-25 04:12 - 00002253 _____ C:\Users\Yoshi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Knuddels.lnk
2017-07-21 06:57 - 2014-09-07 12:46 - 00000000 ____D C:\Program Files (x86)\osu!
2017-07-21 06:30 - 2014-09-07 11:00 - 00000000 ____D C:\Program Files (x86)\Steam
2017-07-20 04:56 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\Cursors
2017-07-19 08:28 - 2017-03-18 23:01 - 00000000 ____D C:\WINDOWS\INF
2017-07-19 06:42 - 2015-06-13 01:52 - 00000000 ____D C:\Program Files\Common Files\AV
2017-07-19 06:38 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\rescache
2017-07-19 04:28 - 2002-01-01 02:56 - 00000000 ____D C:\Users\Yoshi\AppData\Local\ElevatedDiagnostics
2017-07-19 03:40 - 2014-09-07 02:02 - 00000000 ____D C:\Program Files (x86)\Google
2017-07-19 02:49 - 2014-09-14 10:58 - 00000000 ____D C:\ProgramData\Norton
2017-07-19 00:35 - 2017-01-21 18:47 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Security
2017-07-19 00:35 - 2017-01-21 18:47 - 00000000 ____D C:\WINDOWS\system32\Drivers\NSx64
2017-07-18 16:07 - 2017-01-21 18:53 - 00102568 _____ (Symantec Corporation) C:\WINDOWS\system32\Drivers\SYMEVENT64x86.SYS
2017-07-18 16:07 - 2017-01-21 18:53 - 00008309 _____ C:\WINDOWS\system32\Drivers\SYMEVENT64x86.CAT
2017-07-17 19:31 - 2015-12-02 17:21 - 00000000 __RHD C:\Users\Public\AccountPictures
2017-07-17 19:22 - 2017-05-03 14:49 - 00256256 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2017-07-17 11:49 - 2017-03-18 23:03 - 00000000 ___SD C:\WINDOWS\SysWOW64\F12
2017-07-17 11:49 - 2017-03-18 23:03 - 00000000 ___SD C:\WINDOWS\system32\F12
2017-07-17 11:49 - 2017-03-18 23:03 - 00000000 ___RD C:\Program Files\Windows Defender
2017-07-17 11:49 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2017-07-17 11:49 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\oobe
2017-07-17 11:49 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\appraiser
2017-07-17 11:49 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\ShellExperiences
2017-07-17 11:49 - 2017-03-18 23:03 - 00000000 ____D C:\Program Files\Windows Photo Viewer
2017-07-17 11:49 - 2017-03-18 23:03 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2017-07-16 18:22 - 2017-03-18 22:51 - 00000000 ____D C:\WINDOWS\CbsTemp
2017-07-15 21:08 - 2016-09-08 23:26 - 00000000 ____D C:\Users\Yoshi\AppData\Local\Discord
2017-07-15 21:08 - 2016-08-21 19:20 - 00000000 ____D C:\Users\Yoshi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Hammer & Chisel, Inc
2017-07-15 21:08 - 2016-08-21 19:12 - 00000000 ____D C:\Users\Yoshi\AppData\Roaming\discord
2017-07-15 01:52 - 2017-05-11 11:35 - 00004600 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player PPAPI Notifier
2017-07-15 01:52 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\SysWOW64\Macromed
2017-07-15 01:52 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\Macromed
2017-07-14 01:05 - 2016-01-15 17:00 - 00000000 ____D C:\ProgramData\Hi-Rez Studios
2017-07-13 19:17 - 2014-09-09 15:24 - 00000000 ____D C:\WINDOWS\system32\MRT
2017-07-13 19:13 - 2014-09-09 15:24 - 135225752 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-07-13 17:55 - 2015-04-19 04:59 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2017-07-13 17:54 - 2017-05-03 15:39 - 00003284 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task v2
2017-07-13 17:54 - 2015-12-02 17:25 - 00002437 _____ C:\Users\Yoshi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2017-07-13 17:54 - 2015-12-02 17:25 - 00000000 ___RD C:\Users\Yoshi\OneDrive
2017-07-13 17:45 - 2017-05-03 14:53 - 02456980 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-07-13 17:45 - 2017-03-20 06:41 - 01084772 _____ C:\WINDOWS\system32\perfh007.dat
2017-07-13 17:45 - 2017-03-20 06:41 - 00254102 _____ C:\WINDOWS\system32\perfc007.dat
2017-07-13 15:16 - 2014-09-07 10:53 - 00000000 ___RD C:\Program Files (x86)\Skype
2017-07-13 15:16 - 2014-09-07 10:53 - 00000000 ____D C:\ProgramData\Skype
2017-07-12 17:31 - 2017-03-02 21:55 - 00000000 ____D C:\Users\Yoshi\AppData\Local\Ori and the Blind Forest DE
2017-06-30 16:47 - 2017-03-18 23:06 - 00835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2017-06-30 16:47 - 2017-03-18 23:06 - 00177656 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2015-01-18 07:15 - 2015-01-18 07:17 - 0000096 _____ () C:\Users\Yoshi\AppData\Roaming\Camdata.ini
2015-01-18 07:15 - 2015-01-18 07:17 - 0000408 _____ () C:\Users\Yoshi\AppData\Roaming\CamLayout.ini
2015-01-18 07:15 - 2015-01-18 07:17 - 0000408 _____ () C:\Users\Yoshi\AppData\Roaming\CamShapes.ini
2015-01-18 07:15 - 2015-01-18 07:17 - 0004534 _____ () C:\Users\Yoshi\AppData\Roaming\CamStudio.cfg
2002-01-01 02:47 - 2002-01-01 02:47 - 1956892 _____ () C:\Users\Yoshi\AppData\Roaming\UserTile.png
2015-01-18 07:12 - 2015-01-18 07:15 - 0000096 _____ () C:\Users\Yoshi\AppData\Roaming\version2.xml
2016-02-27 13:58 - 2016-02-27 13:58 - 0002137 _____ () C:\Users\Yoshi\AppData\Local\recently-used.xbel
2014-09-29 12:22 - 2014-11-03 08:17 - 0014957 _____ () C:\ProgramData\hpzinstall.log
==================== Bamital & volsnap ======================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2017-07-19 06:14
==================== Ende von FRST.txt ============================
22.07.2017, 14:35
Baum-Darstellung