Ich setzte das Notebook zweimal zurück, das zweite Mal aus dem gleichen / selben Grund wie beim ersten Mal (der Rechner zeigte wohl als Grund des nicht startens: "autochk not existing, skipping AUTOCHECK" - https://www.trojaner-board.de/186882-autochk-exe-schadsoftware.html), momentan läuft der Rechner wieder.
Habe gestern mit Adwarecleaner von
Malwarebytes einige ungewünschte Software entfernt.
Ausgangsgrund für diesen Thread aber: https://www.trojaner-board.de/186875-welche-programme-sollte-man-oft-laufen-lassen-um-jegliche-art-schadsoftware-erkennen.html#post1670187
Code:
Alles auswählen Aufklappen ATTFilter
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 25-09-2017 01
durchgeführt von Acer (Administrator) auf LAPTOP-3HCESL2G (26-09-2017 22:01:49)
Gestartet von I:\Downloads
Geladene Profile: Acer (Verfügbare Profile: Acer)
Platform: Windows 10 Home Version 1703 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: "C:\Lw C\PortableApps\PortableApps\FirefoxPortable\App\Firefox64\firefox.exe" -osint -url "%1")
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(SUPERAntiSpyware.com) C:\Lw C\Programme\SUPERAntiSpyware\SASCore64.exe
(Windows (R) Win 7 DDK provider) C:\Windows\System32\AdminService.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(Paramount Software UK Ltd) C:\Program Files\Macrium\Common\MacriumService.exe
(Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDTouch.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
() C:\Windows\System32\igfxTray.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\QASvc.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\QALSvc.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\QAAgent.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\QALockHandler.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\QAAdminAgent.exe
(AIMP DevTeam) C:\Lw C\Programme\Aimp\AIMP.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD Utilities\WDDriveUtilitiesHelper.exe
() C:\Lw C\Programme\ArsClip\ArsClip.exe
() C:\Lw C\Programme\Everything\Everything.exe
() C:\Lw C\Programme\Everything\Everything.exe
() C:\Lw C\LiberKey\Apps\Everything\App\Everything\x64\Everything.exe
() C:\Lw C\LiberKey\Apps\Everything\App\Everything\x64\Everything.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
(Skwire Empire) C:\Lw C\Programme\sWeather\sWeather.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerTray.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe
(WildTangent) C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Acer) C:\Program Files (x86)\Acer\Acer Portal\AcerPortal.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe
(Acer Cloud Technology) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe
() C:\Program Files (x86)\Acer\Care Center\ACCStd.exe
(Marek Jasinski) C:\Lw C\LiberKey\Apps\FreeCommander\App\FreeCommander\FreeCommander.exe
() C:\Program Files\EqualizerAPO\config\Peace.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerButton_NB.exe
(acer) C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe
(www.FreeFileSync.org) C:\Lw C\Programme\FreeFileSync\FreeFileSync.exe
(www.FreeFileSync.org) C:\Lw C\Programme\FreeFileSync\Bin\FreeFileSync_x64.exe
(Don HO don.h@free.fr) C:\Lw C\PortableApps\PortableApps\Notepad++Portable\App\Notepad++\notepad++.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
(Bartels Media GmbH) C:\Lw C\Programme\PhraseExpress\phraseexpress.exe
() C:\Lw C\LiberKey\Apps\Ditto\App\Ditto\x64\Ditto.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe
(www.FreeFileSync.org) C:\Lw C\Programme\FreeFileSync\FreeFileSync.exe
(www.FreeFileSync.org) C:\Lw C\Programme\FreeFileSync\Bin\FreeFileSync_x64.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\syswow64\SndVol.exe
(Highresolution Enterprises) C:\Lw C\Programme\XMouseButtonControl\64bit (x64)\XMouseButtonControl.exe
(QuestSoft) C:\Lw C\Programme\Sprache - Englisch\QTranslate\QTranslate.exe
(PortableApps.com) C:\Lw C\PortableApps\PortableApps\FirefoxPortable\FirefoxPortable.exe
(Oracle Corporation) C:\Program Files (x86)\Java2\bin\javaw.exe
(PortableApps.com) C:\Lw C\Programme\RainlendarPro\RainlendarProPortable.exe
() C:\Lw C\Programme\RainlendarPro\App\Rainlendar64\Rainlendar2.exe
(Scrivener HQ Pty Ltd.) C:\Lw C\Programme\Scrivener\Scrivener.exe
() C:\Lw C\Programme\Cherrytree\bin\cherrytree.exe
() C:\Lw C\Programme\Cherrytree\bin\dbus-daemon.exe
(PortableApps.com) C:\Lw C\PortableApps\PortableApps\PortableApps.com\PortableAppsPlatform.exe
(PortableApps.com) C:\Lw C\PortableApps\PortableApps\SpybotPortable\SpybotPortable.exe
(Safer-Networking Ltd.) C:\Lw C\PortableApps\PortableApps\SpybotPortable\App\Spybot\SDWelcome.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.19.856.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(Microsoft Corporation) C:\Windows\System32\InstallAgent.exe
(Microsoft Corporation) C:\Windows\System32\InstallAgentUserBroker.exe
(ShareX Team) C:\Lw C\Programme\ShareX\ShareX.exe
(Safer-Networking Ltd.) C:\Lw C\PortableApps\PortableApps\SpybotPortable\App\Spybot\SDRootAlyzer.exe
(Microsoft Corporation) C:\Windows\System32\Taskmgr.exe
(PortableApps.com) C:\Lw C\PortableApps\PortableApps\ThunderbirdPortable\ThunderbirdPortable.exe
(Mozilla Corporation) C:\Lw C\PortableApps\PortableApps\ThunderbirdPortable\App\Thunderbird\thunderbird.exe
(Oracle Corporation) C:\Program Files (x86)\Java2\bin\java.exe
() C:\Lw C\Programme\Sprache - Englisch\QuickDic\QuickDic.exe
(Safer-Networking Ltd.) C:\Lw C\PortableApps\PortableApps\SpybotPortable\App\Spybot\SDPrepPos.exe
(Microsoft Corporation) C:\Windows\System32\RecoveryDrive.exe
(Microsoft Corporation) C:\Windows\System32\vds.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(PortableApps.com) C:\Lw C\PortableApps\PortableApps\FirefoxPortable\FirefoxPortable.exe
(Mozilla Corporation) C:\Lw C\PortableApps\PortableApps\FirefoxPortable\App\Firefox64\firefox.exe
(AppWork GmbH) C:\Lw C\Programme\jDownloader 2 - zippy\JDownloader2.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
==================== Registry (Nicht auf der Ausnahmeliste) ===========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [629152 2017-03-18] (Microsoft Corporation)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [3351248 2015-09-10] (ELAN Microelectronics Corp.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [14040792 2015-07-07] (Realtek Semiconductor)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2017-07-21] (Oracle Corporation)
HKLM-x32\...\Run: [DriveUtilitiesHelper] => C:\Program Files (x86)\Western Digital\WD Utilities\WDDriveUtilitiesHelper.exe [2307472 2017-06-30] (Western Digital Technologies, Inc.)
HKU\S-1-5-21-2633882361-2691834456-3919945701-1001\...\Run: [SUPERAntiSpyware] => C:\Lw C\Programme\SUPERAntiSpyware\SUPERAntiSpyware.exe [7964064 2017-08-17] (SUPERAntiSpyware)
HKU\S-1-5-21-2633882361-2691834456-3919945701-1001\...\Run: [Task Till Dawn] => C:\Lw C\Programme\Task Till Dawn\Task Till Dawn.exe [4262257 2017-07-25] (Oliver Matuschin)
Startup: C:\Users\Acer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ArsClip.exe - Verknüpfung.lnk [2017-07-16]
ShortcutTarget: ArsClip.exe - Verknüpfung.lnk -> C:\Lw C\Programme\ArsClip\ArsClip.exe ()
Startup: C:\Users\Acer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\AutorunsDisabled [2017-09-21] ()
Startup: C:\Users\Acer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Everything.exe - Film- und Serienlisten.lnk [2017-08-23]
ShortcutTarget: Everything.exe - Film- und Serienlisten.lnk -> C:\Lw C\Programme\Everything\Everything.exe ()
Startup: C:\Users\Acer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Everything.exe - Verknüpfung.lnk [2017-08-23]
ShortcutTarget: Everything.exe - Verknüpfung.lnk -> C:\Lw C\LiberKey\Apps\Everything\App\Everything\x64\Everything.exe ()
Startup: C:\Users\Acer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\QTranslate.exe - Verknüpfung.lnk [2017-08-23]
ShortcutTarget: QTranslate.exe - Verknüpfung.lnk -> C:\Lw C\Programme\Sprache - Englisch\QTranslate\QTranslate.exe (QuestSoft)
Startup: C:\Users\Acer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ShareX.lnk [2017-03-24]
ShortcutTarget: ShareX.lnk -> C:\Lw C\Programme\ShareX\ShareX.exe (ShareX Team)
Startup: C:\Users\Acer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\sWeather.lnk [2016-04-04]
ShortcutTarget: sWeather.lnk -> C:\Lw C\Programme\sWeather\sWeather.exe (Skwire Empire)
Startup: C:\Users\Acer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\XMouseButtonControl.exe - Verknüpfung.lnk [2017-07-11]
ShortcutTarget: XMouseButtonControl.exe - Verknüpfung.lnk -> C:\Lw C\Programme\XMouseButtonControl\64bit (x64)\XMouseButtonControl.exe (Highresolution Enterprises)
GroupPolicy: Beschränkung <==== ACHTUNG
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Hosts: Hosts Datei wurde nicht im Standardordner gefunden
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{8f4735e8-d30b-453d-87af-d26ae5341fdc}: [DhcpNameServer] 40.31.1.55
Tcpip\..\Interfaces\{ea4d4100-31d9-4320-8daa-4d4792956ba8}: [DhcpNameServer] 192.168.1.1
Internet Explorer:
==================
HKU\S-1-5-21-2633882361-2691834456-3919945701-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://acer15.msn.com/?pc=ACTE
HKU\S-1-5-21-2633882361-2691834456-3919945701-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer15.msn.com/?pc=ACTE
SearchScopes: HKU\S-1-5-21-2633882361-2691834456-3919945701-1001 -> DefaultScope {715F8B10-E4A8-401F-A82B-7789336983AA} URL =
SearchScopes: HKU\S-1-5-21-2633882361-2691834456-3919945701-1001 -> {4D47EB80-5AEB-4282-8128-D87EEE1DD9B0} URL =
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java2\bin\ssv.dll [2017-09-25] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java2\bin\jp2ssv.dll [2017-09-25] (Oracle Corporation)
FireFox:
========
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-10-20] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-10-20] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-10-20] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-10-20] (Foxit Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.68 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-04-21] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2015-04-21] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.144.2 -> C:\Program Files (x86)\Java2\bin\dtplugin\npDeployJava1.dll [2017-09-25] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.144.2 -> C:\Program Files (x86)\Java2\bin\plugin2\npjp2.dll [2017-09-25] (Oracle Corporation)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2014-11-15] ()
==================== Dienste (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 !SASCORE; C:\Lw C\Programme\SUPERAntiSpyware\SASCORE64.EXE [173472 2017-01-31] (SUPERAntiSpyware.com)
R2 CCDMonitorService; C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe [2267352 2016-08-30] (Acer Incorporated)
R3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [2573568 2015-05-14] (Acer Incorporated)
R2 ETDService; C:\Program Files\Elantech\ETDService.exe [145624 2015-09-10] (ELAN Microelectronics Corp.)
R2 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [373312 2015-04-14] (WildTangent)
R2 igfxCUIService2.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [382456 2017-02-01] (Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [881152 2015-05-22] (Intel(R) Corporation)
R3 Intel(R) Security Assist; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe [335872 2015-05-19] (Intel Corporation) [Datei ist nicht signiert]
S2 isaHelperSvc; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe [7680 2015-05-19] () [Datei ist nicht signiert]
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [223008 2015-06-24] (Intel Corporation)
R2 MacriumService; C:\Program Files\Macrium\Common\MacriumService.exe [3894760 2017-06-26] (Paramount Software UK Ltd)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6058960 2017-08-07] (Malwarebytes)
R3 QALSvc; C:\Program Files\Acer\Acer Quick Access\QALSvc.exe [401248 2015-09-04] (Acer Incorporated)
R3 QASvc; C:\Program Files\Acer\Acer Quick Access\QASvc.exe [453984 2015-09-04] (Acer Incorporated)
R3 UEIPSvc; C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe [247040 2015-05-27] (acer)
R2 WDDriveService; C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe [331632 2017-06-30] (Western Digital Technologies, Inc.)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [342264 2017-03-18] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [102816 2017-07-11] (Microsoft Corporation)
===================== Treiber (Nicht auf der Ausnahmeliste) ======================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
S3 ETDI2C; C:\WINDOWS\System32\drivers\ETDI2C.sys [175152 2015-06-09] (ELAN Microelectronic Corp.)
S3 iaLPSS_GPIO; C:\WINDOWS\System32\drivers\iaLPSS_GPIO.sys [35832 2014-06-03] (Intel Corporation)
S3 iaLPSS_I2C; C:\WINDOWS\System32\drivers\iaLPSS_I2C.sys [132360 2015-06-15] (Intel Corporation)
S3 iaLPSS_SPI; C:\WINDOWS\System32\drivers\iaLPSS_SPI.sys [100856 2014-06-03] (Intel Corporation)
S3 iaLPSS_UART2; C:\WINDOWS\System32\drivers\iaLPSS_UART2.sys [143864 2014-06-03] (Intel Corporation)
S3 IUFileFilter; C:\Lw C\Programme\IObit Uninstaller Pro\App\uninstaller\drivers\win10_amd64\IUFileFilter.sys [39904 2017-09-21] (IObit.com)
S3 IURegProcessFilter; C:\Lw C\Programme\IObit Uninstaller Pro\App\uninstaller\drivers\win10_amd64\IURegProcessFilter.sys [45024 2017-09-21] (IObit.com)
R3 LMDriver; C:\WINDOWS\System32\drivers\LMDriver.sys [21344 2015-09-04] (Acer Incorporated)
R0 MBAMSwissArmy; C:\WINDOWS\System32\drivers\MBAMSwissArmy.sys [253888 2017-09-26] (Malwarebytes)
R1 MpKsla4c802e5; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{3E032127-BEC2-41B1-BD66-98436E5A8768}\MpKsla4c802e5.sys [44928 2017-09-26] (Microsoft Corporation)
S3 MWAC; C:\WINDOWS\system32\drivers\ [0 ] () <==== ACHTUNG (Null Byte Datei/Ordner)
S3 MWAC; C:\WINDOWS\SysWOW64\drivers\ [0 ] () <==== ACHTUNG (Null Byte Datei/Ordner)
R3 RadioShim; C:\WINDOWS\System32\drivers\RadioShim.sys [14688 2015-09-04] (Acer Incorporated)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [895256 2015-06-05] (Realtek )
R3 RTSUER; C:\WINDOWS\system32\Drivers\RtsUer.sys [416472 2016-05-17] (Realsil Semiconductor Corporation)
R1 SASDIFSV; C:\Lw C\Programme\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Lw C\Programme\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
S3 SDFRd; C:\WINDOWS\System32\drivers\SDFRd.sys [31128 2017-03-18] ()
S3 SIVDriver; C:\WINDOWS\system32\Drivers\SIVX64.sys [181392 2017-09-14] (Ray Hinchliffe)
S0 WdBoot; C:\WINDOWS\System32\drivers\WdBoot.sys [44632 2017-03-18] (Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\WdFilter.sys [294816 2017-03-18] (Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [121248 2017-03-18] (Microsoft Corporation)
R1 ZAM; C:\WINDOWS\System32\drivers\zam64.sys [203680 2017-09-26] (Zemana Ltd.)
R1 ZAM_Guard; C:\WINDOWS\System32\drivers\zamguard64.sys [203680 2017-09-26] (Zemana Ltd.)
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2017-09-26 22:01 - 2017-09-26 22:01 - 000000000 ____D C:\FRST
2017-09-26 18:20 - 2017-09-26 18:20 - 000000000 ____D C:\Users\Acer\AppData\Local\Thunderbird
2017-09-26 15:53 - 2017-09-26 15:53 - 000000000 ___HD C:\$Windows.~WS
2017-09-26 14:44 - 2017-09-26 14:44 - 000000000 ____D C:\Users\Acer\AppData\Roaming\Skype
2017-09-26 14:42 - 2017-09-26 15:31 - 000000000 ____D C:\BootBiff
2017-09-26 13:22 - 2017-09-26 13:22 - 000000000 ____D C:\Users\Acer\AppData\Roaming\MyImgur
2017-09-26 13:02 - 2017-09-26 13:02 - 000000000 ____D C:\Users\Acer\AppData\Roaming\CareCenter
2017-09-26 12:39 - 2017-09-26 12:39 - 000000000 ____D C:\Users\Acer\AppData\Roaming\Acer Incorporated
2017-09-26 11:53 - 2017-09-26 20:05 - 000000000 ____D C:\Program Files\Emsisoft Anti-Malware
2017-09-26 11:15 - 2017-09-26 22:01 - 000124613 _____ C:\WINDOWS\ZAM.krnl.trace
2017-09-26 11:15 - 2017-09-26 22:01 - 000110312 _____ C:\WINDOWS\ZAM_Guard.krnl.trace
2017-09-26 11:15 - 2017-09-26 11:15 - 000203680 _____ (Zemana Ltd.) C:\WINDOWS\system32\Drivers\zamguard64.sys
2017-09-26 11:15 - 2017-09-26 11:15 - 000203680 _____ (Zemana Ltd.) C:\WINDOWS\system32\Drivers\zam64.sys
2017-09-26 11:15 - 2017-09-26 11:15 - 000000000 ____D C:\Users\Acer\AppData\Local\Zemana
2017-09-26 11:07 - 2017-09-26 11:44 - 000000000 ____D C:\ProgramData\Spybot - Search & Destroy
2017-09-26 11:07 - 2017-09-26 11:07 - 000000000 ____D C:\Users\Acer\Documents\ProcAlyzer Dumps
2017-09-26 09:57 - 2017-09-26 09:57 - 000002014 _____ C:\Users\Acer\Desktop\Reflect.lnk
2017-09-26 09:50 - 2017-09-26 15:54 - 000000306 __RSH C:\ProgramData\ntuser.pol
2017-09-26 09:47 - 2017-09-26 18:20 - 000000000 ____D C:\ESD
2017-09-26 09:28 - 2017-09-14 09:05 - 000181392 _____ (Ray Hinchliffe) C:\WINDOWS\system32\Drivers\SIVX64.sys
2017-09-26 07:25 - 2017-09-26 08:08 - 000000000 ____D C:\Users\Acer\AppData\Roaming\XnView
2017-09-26 00:33 - 2017-09-26 00:32 - 000544424 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2017-09-25 22:44 - 2017-09-25 23:17 - 000000000 ____D C:\Users\Acer\AppData\Roaming\IObit
2017-09-25 22:33 - 2017-09-25 23:17 - 000000000 ____D C:\ProgramData\ProductData
2017-09-25 22:33 - 2017-09-25 22:33 - 000000000 ____D C:\ProgramData\IObit
2017-09-25 20:31 - 2017-09-26 10:15 - 000000000 ____D C:\Users\Acer\AppData\Roaming\Task Till Dawn
2017-09-25 19:40 - 2017-09-25 19:40 - 000001198 _____ C:\Users\Public\Desktop\WD Drive Utilities.lnk
2017-09-25 19:40 - 2017-09-25 19:40 - 000000000 ____D C:\ProgramData\Western Digital
2017-09-25 19:40 - 2017-09-25 19:40 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WD Discovery
2017-09-25 19:40 - 2017-09-25 19:40 - 000000000 ____D C:\Program Files (x86)\Western Digital
2017-09-25 18:41 - 2017-09-26 18:20 - 000000000 ____D C:\Users\Acer\AppData\Roaming\Thunderbird
2017-09-25 18:41 - 2017-09-26 18:20 - 000000000 ____D C:\Users\Acer\AppData\Roaming\Mozilla
2017-09-25 18:31 - 2017-09-25 18:35 - 000000000 ____D C:\WINDOWS\system32\MRT
2017-09-25 18:31 - 2017-09-25 18:31 - 138202976 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-09-25 15:54 - 2017-09-26 20:06 - 000000000 ____D C:\Users\Acer\AppData\Local\CrashDumps
2017-09-25 15:50 - 2017-09-25 15:50 - 000000000 ____D C:\Users\Acer\AppData\Roaming\Foxit Software
2017-09-25 15:43 - 2017-09-25 15:43 - 000000000 ____D C:\Users\Acer\AppData\Roaming\AVAST Software
2017-09-25 15:19 - 2017-09-25 15:19 - 000003376 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2633882361-2691834456-3919945701-1001
2017-09-25 15:14 - 2017-09-26 20:09 - 000253888 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2017-09-25 15:14 - 2017-09-25 15:14 - 000001920 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2017-09-25 15:14 - 2017-09-25 15:14 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2017-09-25 15:14 - 2017-09-25 15:14 - 000000000 ____D C:\ProgramData\Malwarebytes
2017-09-25 15:14 - 2017-09-25 15:14 - 000000000 ____D C:\Program Files\Malwarebytes
2017-09-25 15:14 - 2017-08-24 11:27 - 000077440 _____ C:\WINDOWS\system32\Drivers\mbae64.sys
2017-09-25 15:07 - 2017-09-25 15:07 - 000001952 _____ C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
2017-09-25 15:07 - 2017-09-25 15:07 - 000000000 ____D C:\Users\Acer\AppData\Roaming\SUPERAntiSpyware.com
2017-09-25 15:07 - 2017-09-25 15:07 - 000000000 ____D C:\ProgramData\SUPERAntiSpyware.com
2017-09-25 15:07 - 2017-09-25 15:07 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
2017-09-25 15:04 - 2017-09-25 15:04 - 000097856 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2017-09-25 15:04 - 2017-09-25 15:04 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2017-09-25 15:04 - 2017-09-25 15:04 - 000000000 ____D C:\Program Files (x86)\Java2
2017-09-25 14:51 - 2017-09-25 15:35 - 000000000 ____D C:\Users\Acer\AppData\Roaming\cherrytree
2017-09-25 14:48 - 2017-09-25 14:48 - 000000893 _____ C:\Users\Acer\AppData\Local\recently-used.xbel
2017-09-25 14:43 - 2017-09-25 14:44 - 000001883 _____ C:\Users\Acer\Desktop\Peace.lnk
2017-09-25 14:43 - 2017-09-25 14:43 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Peace
2017-09-25 14:39 - 2017-09-25 14:39 - 000000000 ____D C:\Users\Acer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Equalizer APO 1.2
2017-09-25 14:39 - 2017-09-25 14:39 - 000000000 ____D C:\Program Files\EqualizerAPO
2017-09-25 14:28 - 2017-09-25 14:28 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kodi
2017-09-25 14:28 - 2017-09-25 14:28 - 000000000 ____D C:\Program Files (x86)\Kodi
2017-09-25 14:19 - 2017-09-25 14:21 - 000000000 ____D C:\Users\Acer\AppData\Roaming\cherrytree - alt
2017-09-25 14:16 - 2017-09-25 15:35 - 000000000 ____D C:\Users\Acer\AppData\Roaming\FreeFileSync
2017-09-25 14:13 - 2017-09-25 14:13 - 000000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2017-09-25 14:08 - 2017-09-25 15:41 - 000000000 ____D C:\Program Files (x86)\Java
2017-09-25 14:08 - 2017-09-25 15:14 - 000000000 ____D C:\ProgramData\Oracle
2017-09-25 14:08 - 2017-09-25 14:08 - 000000000 ____D C:\Users\Acer\AppData\Roaming\Sun
2017-09-25 13:15 - 2017-09-25 13:15 - 000002014 _____ C:\Users\Public\Desktop\Reflect.lnk
2017-09-25 13:15 - 2017-09-25 13:15 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Macrium
2017-09-25 13:15 - 2017-09-25 13:15 - 000000000 ____D C:\Program Files\Macrium
2017-09-25 13:03 - 2017-09-25 13:03 - 000012288 _____ C:\Sparplan.pow - neu
2017-09-25 12:55 - 2017-09-26 08:22 - 000000000 ____D C:\Windows.old 2 - 2. Zurücksetzen
2017-09-25 12:55 - 2017-09-25 12:55 - 000000000 ____D C:\WINDOWS\InfusedApps
2017-09-25 12:54 - 2017-09-25 12:54 - 000008192 _____ C:\WINDOWS\system32\config\userdiff
2017-09-25 12:54 - 2017-09-25 12:54 - 000000000 ____D C:\WINDOWS\SysWOW64\sda
2017-09-25 12:54 - 2017-09-25 11:59 - 000000000 ____D C:\Program Files\Elantech
2017-09-25 12:54 - 2017-09-25 11:58 - 000000000 ____D C:\WINDOWS\ServiceProfiles
2017-09-25 12:53 - 2017-09-25 12:53 - 000000000 ____D C:\WINDOWS\Setup
2017-09-25 12:52 - 2017-09-26 00:30 - 000819248 _____ C:\WINDOWS\system32\perfh007.dat
2017-09-25 12:52 - 2017-09-26 00:30 - 000167340 _____ C:\WINDOWS\system32\perfc007.dat
2017-09-25 12:52 - 2017-09-26 00:20 - 000000000 ____D C:\WINDOWS\system32\de
2017-09-25 12:52 - 2017-09-25 12:52 - 000306166 _____ C:\WINDOWS\system32\perfi007.dat
2017-09-25 12:52 - 2017-09-25 12:52 - 000040520 _____ C:\WINDOWS\system32\perfd007.dat
2017-09-25 12:52 - 2017-09-25 12:52 - 000000000 ____D C:\WINDOWS\SysWOW64\XPSViewer
2017-09-25 12:52 - 2017-09-25 12:52 - 000000000 ____D C:\WINDOWS\SysWOW64\winrm
2017-09-25 12:52 - 2017-09-25 12:52 - 000000000 ____D C:\WINDOWS\SysWOW64\WCN
2017-09-25 12:52 - 2017-09-25 12:52 - 000000000 ____D C:\WINDOWS\SysWOW64\sysprep
2017-09-25 12:52 - 2017-09-25 12:52 - 000000000 ____D C:\WINDOWS\SysWOW64\slmgr
2017-09-25 12:52 - 2017-09-25 12:52 - 000000000 ____D C:\WINDOWS\SysWOW64\Printing_Admin_Scripts
2017-09-25 12:52 - 2017-09-25 12:52 - 000000000 ____D C:\WINDOWS\SysWOW64\de
2017-09-25 12:52 - 2017-09-25 12:52 - 000000000 ____D C:\WINDOWS\SysWOW64\0409
2017-09-25 12:52 - 2017-09-25 12:52 - 000000000 ____D C:\WINDOWS\system32\winrm
2017-09-25 12:52 - 2017-09-25 12:52 - 000000000 ____D C:\WINDOWS\system32\WCN
2017-09-25 12:52 - 2017-09-25 12:52 - 000000000 ____D C:\WINDOWS\system32\slmgr
2017-09-25 12:52 - 2017-09-25 12:52 - 000000000 ____D C:\WINDOWS\system32\Printing_Admin_Scripts
2017-09-25 12:52 - 2017-09-25 12:52 - 000000000 ____D C:\WINDOWS\system32\0409
2017-09-25 12:52 - 2017-09-25 12:52 - 000000000 ____D C:\WINDOWS\DigitalLocker
2017-09-25 12:52 - 2017-09-25 12:52 - 000000000 ____D C:\Program Files\Reference Assemblies
2017-09-25 12:52 - 2017-09-25 12:52 - 000000000 ____D C:\Program Files\MSBuild
2017-09-25 12:52 - 2017-09-25 12:52 - 000000000 ____D C:\Program Files (x86)\Reference Assemblies
2017-09-25 12:52 - 2017-09-25 12:52 - 000000000 ____D C:\Program Files (x86)\MSBuild
2017-09-25 12:52 - 2017-09-25 12:02 - 000000000 ____D C:\WINDOWS\OCR
2017-09-25 12:51 - 2017-09-02 17:15 - 000835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2017-09-25 12:51 - 2017-09-02 17:15 - 000177656 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2017-09-25 12:50 - 2017-09-25 12:55 - 000028672 _____ C:\WINDOWS\system32\config\BCD-Template
2017-09-25 12:50 - 2017-09-25 12:48 - 000230400 _____ (Microsoft Corporation) C:\WINDOWS\system32\msclmd.dll
2017-09-25 12:50 - 2017-09-25 12:48 - 000215943 _____ C:\WINDOWS\SysWOW64\dssec.dat
2017-09-25 12:50 - 2017-09-25 12:48 - 000215943 _____ C:\WINDOWS\system32\dssec.dat
2017-09-25 12:50 - 2017-09-25 12:48 - 000207872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msclmd.dll
2017-09-25 12:50 - 2017-09-25 12:48 - 000015940 _____ C:\WINDOWS\system32\OEMDefaultAssociations.xml
2017-09-25 12:50 - 2017-09-25 12:48 - 000004096 _____ C:\WINDOWS\system32\config\VSMIDK
2017-09-25 12:50 - 2017-09-25 12:48 - 000003683 _____ C:\WINDOWS\system32\Drivers\etc\lmhosts.sam
2017-09-25 12:50 - 2017-09-25 12:48 - 000000858 _____ C:\WINDOWS\system32\DefaultQuestions.json
2017-09-25 12:50 - 2017-09-25 12:48 - 000000741 _____ C:\WINDOWS\SysWOW64\NOISE.DAT
2017-09-25 12:50 - 2017-09-25 12:48 - 000000741 _____ C:\WINDOWS\system32\NOISE.DAT
2017-09-25 12:49 - 2017-09-26 19:27 - 000000000 ____D C:\WINDOWS\INF
2017-09-25 12:49 - 2017-09-26 14:13 - 000000000 ____D C:\WINDOWS\system32\config\systemprofile
2017-09-25 12:49 - 2017-09-26 12:18 - 000000000 ___HD C:\Program Files\WindowsApps
2017-09-25 12:49 - 2017-09-26 12:18 - 000000000 ____D C:\WINDOWS\AppReadiness
2017-09-25 12:49 - 2017-09-26 09:50 - 000000000 ___HD C:\WINDOWS\system32\GroupPolicy
2017-09-25 12:49 - 2017-09-26 09:50 - 000000000 ____D C:\WINDOWS\SysWOW64\GroupPolicy
2017-09-25 12:49 - 2017-09-26 03:12 - 000000000 ____D C:\WINDOWS\appcompat
2017-09-25 12:49 - 2017-09-26 00:24 - 000000000 ___RD C:\Program Files (x86)
2017-09-25 12:49 - 2017-09-26 00:20 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2017-09-25 12:49 - 2017-09-26 00:20 - 000000000 ___SD C:\WINDOWS\system32\F12
2017-09-25 12:49 - 2017-09-26 00:20 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2017-09-25 12:49 - 2017-09-26 00:20 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2017-09-25 12:49 - 2017-09-26 00:20 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2017-09-25 12:49 - 2017-09-26 00:20 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2017-09-25 12:49 - 2017-09-26 00:20 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2017-09-25 12:49 - 2017-09-26 00:20 - 000000000 ____D C:\WINDOWS\system32\setup
2017-09-25 12:49 - 2017-09-26 00:20 - 000000000 ____D C:\WINDOWS\system32\oobe
2017-09-25 12:49 - 2017-09-26 00:20 - 000000000 ____D C:\WINDOWS\system32\migwiz
2017-09-25 12:49 - 2017-09-26 00:20 - 000000000 ____D C:\WINDOWS\system32\Dism
2017-09-25 12:49 - 2017-09-26 00:20 - 000000000 ____D C:\WINDOWS\system32\config\TxR
2017-09-25 12:49 - 2017-09-26 00:19 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2017-09-25 12:49 - 2017-09-26 00:19 - 000000000 ____D C:\WINDOWS\system32\appraiser
2017-09-25 12:49 - 2017-09-26 00:19 - 000000000 ____D C:\WINDOWS\ShellExperiences
2017-09-25 12:49 - 2017-09-26 00:19 - 000000000 ____D C:\WINDOWS\Provisioning
2017-09-25 12:49 - 2017-09-26 00:19 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2017-09-25 12:49 - 2017-09-26 00:19 - 000000000 ____D C:\Program Files\Windows Defender
2017-09-25 12:49 - 2017-09-26 00:19 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2017-09-25 12:49 - 2017-09-26 00:19 - 000000000 ____D C:\Program Files (x86)\Windows Defender
2017-09-25 12:49 - 2017-09-25 22:40 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2017-09-25 12:49 - 2017-09-25 22:31 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2017-09-25 12:49 - 2017-09-25 12:52 - 000000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs
2017-09-25 12:49 - 2017-09-25 12:52 - 000000000 ___SD C:\WINDOWS\system32\dsc
2017-09-25 12:49 - 2017-09-25 12:52 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2017-09-25 12:49 - 2017-09-25 12:52 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2017-09-25 12:49 - 2017-09-25 12:52 - 000000000 ____D C:\WINDOWS\SysWOW64\MUI
2017-09-25 12:49 - 2017-09-25 12:52 - 000000000 ____D C:\WINDOWS\SysWOW64\Com
2017-09-25 12:49 - 2017-09-25 12:52 - 000000000 ____D C:\WINDOWS\SystemApps
2017-09-25 12:49 - 2017-09-25 12:52 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2017-09-25 12:49 - 2017-09-25 12:52 - 000000000 ____D C:\WINDOWS\system32\MUI
2017-09-25 12:49 - 2017-09-25 12:52 - 000000000 ____D C:\WINDOWS\system32\Com
2017-09-25 12:49 - 2017-09-25 12:52 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2017-09-25 12:49 - 2017-09-25 12:52 - 000000000 ____D C:\WINDOWS\IME
2017-09-25 12:49 - 2017-09-25 12:52 - 000000000 ____D C:\WINDOWS\Help
2017-09-25 12:49 - 2017-09-25 12:52 - 000000000 ____D C:\Program Files\Common Files\System
2017-09-25 12:49 - 2017-09-25 12:50 - 000000000 ___SD C:\WINDOWS\SysWOW64\Nui
2017-09-25 12:49 - 2017-09-25 12:50 - 000000000 ___SD C:\WINDOWS\system32\Nui
2017-09-25 12:49 - 2017-09-25 12:50 - 000000000 ___RD C:\WINDOWS\Offline Web Pages
2017-09-25 12:49 - 2017-09-25 12:50 - 000000000 ____D C:\WINDOWS\SysWOW64\migwiz
2017-09-25 12:49 - 2017-09-25 12:50 - 000000000 ____D C:\WINDOWS\SysWOW64\MailContactsCalendarSync
2017-09-25 12:49 - 2017-09-25 12:50 - 000000000 ____D C:\WINDOWS\SysWOW64\icsxml
2017-09-25 12:49 - 2017-09-25 12:50 - 000000000 ____D C:\WINDOWS\SysWOW64\downlevel
2017-09-25 12:49 - 2017-09-25 12:50 - 000000000 ____D C:\WINDOWS\SysWOW64\Bthprops
2017-09-25 12:49 - 2017-09-25 12:50 - 000000000 ____D C:\WINDOWS\SysWOW64\AdvancedInstallers
2017-09-25 12:49 - 2017-09-25 12:50 - 000000000 ____D C:\WINDOWS\system32\SecureBootUpdates
2017-09-25 12:49 - 2017-09-25 12:50 - 000000000 ____D C:\WINDOWS\system32\MsDtc
2017-09-25 12:49 - 2017-09-25 12:50 - 000000000 ____D C:\WINDOWS\system32\MailContactsCalendarSync
2017-09-25 12:49 - 2017-09-25 12:50 - 000000000 ____D C:\WINDOWS\system32\icsxml
2017-09-25 12:49 - 2017-09-25 12:50 - 000000000 ____D C:\WINDOWS\system32\ias
2017-09-25 12:49 - 2017-09-25 12:50 - 000000000 ____D C:\WINDOWS\system32\downlevel
2017-09-25 12:49 - 2017-09-25 12:50 - 000000000 ____D C:\WINDOWS\system32\DDFs
2017-09-25 12:49 - 2017-09-25 12:50 - 000000000 ____D C:\WINDOWS\system32\Bthprops
2017-09-25 12:49 - 2017-09-25 12:50 - 000000000 ____D C:\WINDOWS\system32\AdvancedInstallers
2017-09-25 12:49 - 2017-09-25 12:49 - 000000000 __SHD C:\Program Files\Windows Sidebar
2017-09-25 12:49 - 2017-09-25 12:49 - 000000000 __SHD C:\Program Files (x86)\Windows Sidebar
2017-09-25 12:49 - 2017-09-25 12:49 - 000000000 __RSD C:\WINDOWS\Media
2017-09-25 12:49 - 2017-09-25 12:49 - 000000000 ___SD C:\WINDOWS\SysWOW64\Configuration
2017-09-25 12:49 - 2017-09-25 12:49 - 000000000 ___SD C:\WINDOWS\system32\Configuration
2017-09-25 12:49 - 2017-09-25 12:49 - 000000000 ___SD C:\WINDOWS\Downloaded Program Files
2017-09-25 12:49 - 2017-09-25 12:49 - 000000000 ____D C:\WINDOWS\Web
2017-09-25 12:49 - 2017-09-25 12:49 - 000000000 ____D C:\WINDOWS\Vss
2017-09-25 12:49 - 2017-09-25 12:49 - 000000000 ____D C:\WINDOWS\tracing
2017-09-25 12:49 - 2017-09-25 12:49 - 000000000 ____D C:\WINDOWS\TAPI
2017-09-25 12:49 - 2017-09-25 12:49 - 000000000 ____D C:\WINDOWS\SysWOW64\SMI
2017-09-25 12:49 - 2017-09-25 12:49 - 000000000 ____D C:\WINDOWS\SysWOW64\ras
2017-09-25 12:49 - 2017-09-25 12:49 - 000000000 ____D C:\WINDOWS\SysWOW64\NDF
2017-09-25 12:49 - 2017-09-25 12:49 - 000000000 ____D C:\WINDOWS\SysWOW64\MsDtc
2017-09-25 12:49 - 2017-09-25 12:49 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2017-09-25 12:49 - 2017-09-25 12:49 - 000000000 ____D C:\WINDOWS\SysWOW64\Ipmi
2017-09-25 12:49 - 2017-09-25 12:49 - 000000000 ____D C:\WINDOWS\SysWOW64\InputMethod
2017-09-25 12:49 - 2017-09-25 12:49 - 000000000 ____D C:\WINDOWS\SysWOW64\inetsrv
2017-09-25 12:49 - 2017-09-25 12:49 - 000000000 ____D C:\WINDOWS\SysWOW64\IME
2017-09-25 12:49 - 2017-09-25 12:49 - 000000000 ____D C:\WINDOWS\SysWOW64\GroupPolicyUsers
2017-09-25 12:49 - 2017-09-25 12:49 - 000000000 ____D C:\WINDOWS\SysWOW64\FxsTmp
2017-09-25 12:49 - 2017-09-25 12:49 - 000000000 ____D C:\WINDOWS\SysWOW64\AppLocker
2017-09-25 12:49 - 2017-09-25 12:49 - 000000000 ____D C:\WINDOWS\SystemResources
2017-09-25 12:49 - 2017-09-25 12:49 - 000000000 ____D C:\WINDOWS\system32\winevt
2017-09-25 12:49 - 2017-09-25 12:49 - 000000000 ____D C:\WINDOWS\system32\ras
2017-09-25 12:49 - 2017-09-25 12:49 - 000000000 ____D C:\WINDOWS\system32\ProximityToast
2017-09-25 12:49 - 2017-09-25 12:49 - 000000000 ____D C:\WINDOWS\system32\PointOfService
2017-09-25 12:49 - 2017-09-25 12:49 - 000000000 ____D C:\WINDOWS\system32\NDF
2017-09-25 12:49 - 2017-09-25 12:49 - 000000000 ____D C:\WINDOWS\system32\Macromed
2017-09-25 12:49 - 2017-09-25 12:49 - 000000000 ____D C:\WINDOWS\system32\Ipmi
2017-09-25 12:49 - 2017-09-25 12:49 - 000000000 ____D C:\WINDOWS\system32\InputMethod
2017-09-25 12:49 - 2017-09-25 12:49 - 000000000 ____D C:\WINDOWS\system32\inetsrv
2017-09-25 12:49 - 2017-09-25 12:49 - 000000000 ____D C:\WINDOWS\system32\IME
2017-09-25 12:49 - 2017-09-25 12:49 - 000000000 ____D C:\WINDOWS\system32\Hydrogen
2017-09-25 12:49 - 2017-09-25 12:49 - 000000000 ____D C:\WINDOWS\system32\GroupPolicyUsers
2017-09-25 12:49 - 2017-09-25 12:49 - 000000000 ____D C:\WINDOWS\system32\FxsTmp
2017-09-25 12:49 - 2017-09-25 12:49 - 000000000 ____D C:\WINDOWS\system32\config\RegBack
2017-09-25 12:49 - 2017-09-25 12:49 - 000000000 ____D C:\WINDOWS\system32\config\Journal
2017-09-25 12:49 - 2017-09-25 12:49 - 000000000 ____D C:\WINDOWS\system32\AppLocker
2017-09-25 12:49 - 2017-09-25 12:49 - 000000000 ____D C:\WINDOWS\System
2017-09-25 12:49 - 2017-09-25 12:49 - 000000000 ____D C:\WINDOWS\SKB
2017-09-25 12:49 - 2017-09-25 12:49 - 000000000 ____D C:\WINDOWS\security
2017-09-25 12:49 - 2017-09-25 12:49 - 000000000 ____D C:\WINDOWS\schemas
2017-09-25 12:49 - 2017-09-25 12:49 - 000000000 ____D C:\WINDOWS\SchCache
2017-09-25 12:49 - 2017-09-25 12:49 - 000000000 ____D C:\WINDOWS\Resources
2017-09-25 12:49 - 2017-09-25 12:49 - 000000000 ____D C:\WINDOWS\PLA
2017-09-25 12:49 - 2017-09-25 12:49 - 000000000 ____D C:\WINDOWS\Performance
2017-09-25 12:49 - 2017-09-25 12:49 - 000000000 ____D C:\WINDOWS\ModemLogs
2017-09-25 12:49 - 2017-09-25 12:49 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2017-09-25 12:49 - 2017-09-25 12:49 - 000000000 ____D C:\WINDOWS\L2Schemas
2017-09-25 12:49 - 2017-09-25 12:49 - 000000000 ____D C:\WINDOWS\InputMethod
2017-09-25 12:49 - 2017-09-25 12:49 - 000000000 ____D C:\WINDOWS\Globalization
2017-09-25 12:49 - 2017-09-25 12:49 - 000000000 ____D C:\WINDOWS\GameBarPresenceWriter
2017-09-25 12:49 - 2017-09-25 12:49 - 000000000 ____D C:\WINDOWS\Cursors
2017-09-25 12:49 - 2017-09-25 12:49 - 000000000 ____D C:\WINDOWS\Branding
2017-09-25 12:49 - 2017-09-25 12:49 - 000000000 ____D C:\WINDOWS\bcastdvr
2017-09-25 12:49 - 2017-09-25 12:49 - 000000000 ____D C:\WINDOWS\addins
2017-09-25 12:49 - 2017-09-25 12:49 - 000000000 ____D C:\Program Files\Windows Security
2017-09-25 12:49 - 2017-09-25 12:49 - 000000000 ____D C:\Program Files\Windows Portable Devices
2017-09-25 12:49 - 2017-09-25 12:49 - 000000000 ____D C:\Program Files\Windows Multimedia Platform
2017-09-25 12:49 - 2017-09-25 12:49 - 000000000 ____D C:\Program Files\Common Files\Services
2017-09-25 12:49 - 2017-09-25 12:49 - 000000000 ____D C:\Program Files (x86)\Windows Portable Devices
2017-09-25 12:49 - 2017-09-25 12:49 - 000000000 ____D C:\Program Files (x86)\Windows NT
2017-09-25 12:49 - 2017-09-25 12:49 - 000000000 ____D C:\Program Files (x86)\Windows Multimedia Platform
2017-09-25 12:49 - 2017-09-25 12:10 - 000000000 ____D C:\WINDOWS\rescache
2017-09-25 12:49 - 2017-09-25 12:09 - 000000000 ____D C:\Program Files\Windows NT
2017-09-25 12:49 - 2017-09-25 12:08 - 000000000 ____D C:\WINDOWS\Registration
2017-09-25 12:49 - 2017-09-25 12:07 - 000000000 ____D C:\WINDOWS\system32\WinBioDatabase
2017-09-25 12:49 - 2017-09-25 12:06 - 000000000 __RHD C:\Users\Public\Libraries
2017-09-25 12:49 - 2017-09-25 12:02 - 000000000 ____D C:\WINDOWS\system32\spool
2017-09-25 12:49 - 2017-09-25 12:02 - 000000000 ____D C:\ProgramData\USOPrivate
2017-09-25 12:49 - 2017-09-25 12:01 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2017-09-25 12:49 - 2017-09-25 12:00 - 000000000 ___RD C:\WINDOWS\PrintDialog
2017-09-25 12:49 - 2017-09-25 12:00 - 000000000 ___RD C:\WINDOWS\MiracastView
2017-09-25 12:49 - 2017-09-25 12:00 - 000000000 ____D C:\WINDOWS\system32\Sysprep
2017-09-25 12:49 - 2017-09-25 11:59 - 000000000 ____D C:\WINDOWS\HoloShell
2017-09-25 12:46 - 2017-09-26 00:20 - 074448896 _____ C:\WINDOWS\system32\config\SOFTWARE
2017-09-25 12:46 - 2017-09-26 00:20 - 041156608 _____ C:\WINDOWS\system32\config\SYSTEM
2017-09-25 12:46 - 2017-09-26 00:20 - 033554432 _____ C:\WINDOWS\system32\config\BBI
2017-09-25 12:46 - 2017-09-26 00:20 - 001572864 _____ C:\WINDOWS\system32\config\DEFAULT
2017-09-25 12:46 - 2017-09-26 00:20 - 000028672 _____ C:\WINDOWS\system32\config\SECURITY
2017-09-25 12:46 - 2017-09-25 22:31 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2017-09-25 12:46 - 2017-09-25 18:31 - 000000000 ____D C:\WINDOWS\CbsTemp
2017-09-25 12:46 - 2017-09-25 13:50 - 000000000 ____D C:\ProgramData\Macrium
2017-09-25 12:46 - 2017-09-25 12:55 - 000024576 _____ C:\WINDOWS\system32\config\SAM
2017-09-25 12:46 - 2017-09-25 12:52 - 000000000 ____D C:\WINDOWS\servicing
2017-09-25 12:46 - 2017-09-25 12:49 - 000000000 ____D C:\WINDOWS\system32\SMI
2017-09-25 12:45 - 2017-09-26 18:20 - 000000000 ____D C:\WINDOWS\Panther
2017-09-25 12:45 - 2017-09-25 12:10 - 000000000 ____D C:\$Windows.~BT
2017-09-25 12:44 - 2017-09-25 12:55 - 000000000 ___HD C:\$SysReset
2017-09-25 12:36 - 2017-09-25 12:36 - 000000000 ____D C:\Users\Acer\AppData\Local\DBG
2017-09-25 12:29 - 2017-09-25 12:29 - 000000000 ____D C:\Users\Acer\AppData\Local\MicrosoftEdge
2017-09-25 12:27 - 2017-09-25 12:27 - 000000000 ____D C:\Users\Acer\AppData\Local\Comms
2017-09-25 12:25 - 2017-09-25 12:25 - 000000000 ____D C:\ProgramData\Synaptics
2017-09-25 12:17 - 2017-09-26 09:15 - 000000000 ____D C:\Users\Acer\AppData\Local\Mozilla
2017-09-25 12:16 - 2017-09-25 12:16 - 000000000 ____D C:\Users\Acer\AppData\Local\Notepad++
2017-09-25 12:15 - 2017-09-25 15:47 - 000003508 _____ C:\WINDOWS\System32\Tasks\BacKGroundAgent
2017-09-25 12:13 - 2017-09-25 12:27 - 000000000 ____D C:\Users\Acer\AppData\Local\CareCenter
2017-09-25 12:12 - 2017-09-25 15:19 - 000002392 _____ C:\Users\Acer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2017-09-25 12:12 - 2017-09-25 12:12 - 000000000 ____D C:\Users\Acer\AppData\Roaming\Macromedia
2017-09-25 12:11 - 2017-09-25 15:44 - 000000000 ____D C:\Users\Acer\AppData\Local\clear.fi
2017-09-25 12:11 - 2017-09-25 12:11 - 000000000 ____D C:\Users\Acer\AppData\Roaming\Highresolution Enterprises
2017-09-25 12:10 - 2017-09-25 13:21 - 000000000 ____D C:\Users\Acer\AppData\Local\Packages
2017-09-25 12:10 - 2017-09-25 13:19 - 000000000 ____D C:\Users\Acer\AppData\Local\Publishers
2017-09-25 12:10 - 2017-09-25 12:12 - 000000000 ____D C:\Users\Acer\AppData\Local\AOP SDK
2017-09-25 12:10 - 2017-09-25 12:10 - 000000020 ___SH C:\Users\Acer\ntuser.ini
2017-09-25 12:10 - 2017-09-25 12:10 - 000000000 ____D C:\WINDOWS\oem
2017-09-25 12:10 - 2017-09-25 12:10 - 000000000 ____D C:\Users\Acer\AppData\Roaming\Adobe
2017-09-25 12:10 - 2017-09-25 12:10 - 000000000 ____D C:\Users\Acer\AppData\Local\VirtualStore
2017-09-25 12:10 - 2017-09-25 12:10 - 000000000 ____D C:\Users\Acer\AppData\Local\TileDataLayer
2017-09-25 12:10 - 2017-09-25 12:10 - 000000000 ____D C:\Users\Acer\AppData\Local\ConnectedDevicesPlatform
2017-09-25 12:09 - 2017-09-25 12:09 - 000000000 _SHDL C:\Users\Default\AppData\Local\Verlauf
2017-09-25 12:09 - 2017-09-25 12:09 - 000000000 _SHDL C:\Users\Default\AppData\Local\Anwendungsdaten
2017-09-25 12:09 - 2017-09-25 12:09 - 000000000 _SHDL C:\Users\Default User\AppData\Local\Verlauf
2017-09-25 12:09 - 2017-09-25 12:09 - 000000000 _SHDL C:\Users\Default User\AppData\Local\Anwendungsdaten
2017-09-25 12:09 - 2017-09-25 12:09 - 000000000 _SHDL C:\Users\Default User
2017-09-25 12:09 - 2017-09-25 12:09 - 000000000 _SHDL C:\Users\All Users
2017-09-25 12:09 - 2017-09-25 12:09 - 000000000 _SHDL C:\ProgramData\Vorlagen
2017-09-25 12:09 - 2017-09-25 12:09 - 000000000 _SHDL C:\ProgramData\Startmenü
2017-09-25 12:09 - 2017-09-25 12:09 - 000000000 _SHDL C:\ProgramData\Microsoft\Windows\Start Menu\Programme
2017-09-25 12:09 - 2017-09-25 12:09 - 000000000 _SHDL C:\ProgramData\Dokumente
2017-09-25 12:09 - 2017-09-25 12:09 - 000000000 _SHDL C:\ProgramData\Anwendungsdaten
2017-09-25 12:09 - 2017-09-25 12:09 - 000000000 _SHDL C:\Program Files\Gemeinsame Dateien
2017-09-25 12:06 - 2017-09-26 00:28 - 000003004 _____ C:\WINDOWS\System32\Tasks\FUB
2017-09-25 12:06 - 2017-09-26 00:27 - 000005404 _____ C:\WINDOWS\System32\Tasks\Software Update Application
2017-09-25 12:06 - 2017-09-26 00:27 - 000003778 _____ C:\WINDOWS\System32\Tasks\ACC
2017-09-25 12:06 - 2017-09-26 00:27 - 000003060 _____ C:\WINDOWS\System32\Tasks\ACCBackgroundApplication
2017-09-25 12:06 - 2017-09-26 00:24 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-09-25 12:06 - 2017-09-25 15:47 - 000003388 _____ C:\WINDOWS\System32\Tasks\AcerCloud
2017-09-25 12:06 - 2017-09-25 12:06 - 000022960 _____ C:\WINDOWS\system32\emptyregdb.dat
2017-09-25 12:06 - 2017-09-25 12:06 - 000003852 _____ C:\WINDOWS\System32\Tasks\ACCAgent
2017-09-25 12:06 - 2017-09-25 12:06 - 000002706 _____ C:\WINDOWS\System32\Tasks\UbtFrameworkService
2017-09-25 12:06 - 2017-09-25 12:06 - 000002264 _____ C:\WINDOWS\System32\Tasks\Power Button
2017-09-25 12:06 - 2017-09-25 12:06 - 000002222 _____ C:\WINDOWS\System32\Tasks\Power Management
2017-09-25 12:06 - 2017-09-25 12:06 - 000002180 _____ C:\WINDOWS\System32\Tasks\Quick Access
2017-09-25 12:06 - 2017-09-25 12:06 - 000002074 _____ C:\WINDOWS\System32\Tasks\FUBTrackingByPLD
2017-09-25 12:03 - 2017-09-26 10:31 - 000000000 ____D C:\Users\Acer
2017-09-25 12:03 - 2017-09-25 12:03 - 000001576 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2017-09-25 12:03 - 2017-09-25 12:03 - 000000000 _SHDL C:\Users\Acer\Vorlagen
2017-09-25 12:03 - 2017-09-25 12:03 - 000000000 _SHDL C:\Users\Acer\Startmenü
2017-09-25 12:03 - 2017-09-25 12:03 - 000000000 _SHDL C:\Users\Acer\Netzwerkumgebung
2017-09-25 12:03 - 2017-09-25 12:03 - 000000000 _SHDL C:\Users\Acer\Lokale Einstellungen
2017-09-25 12:03 - 2017-09-25 12:03 - 000000000 _SHDL C:\Users\Acer\Eigene Dateien
2017-09-25 12:03 - 2017-09-25 12:03 - 000000000 _SHDL C:\Users\Acer\Druckumgebung
2017-09-25 12:03 - 2017-09-25 12:03 - 000000000 _SHDL C:\Users\Acer\Documents\Eigene Videos
2017-09-25 12:03 - 2017-09-25 12:03 - 000000000 _SHDL C:\Users\Acer\Documents\Eigene Musik
2017-09-25 12:03 - 2017-09-25 12:03 - 000000000 _SHDL C:\Users\Acer\Documents\Eigene Bilder
2017-09-25 12:03 - 2017-09-25 12:03 - 000000000 _SHDL C:\Users\Acer\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2017-09-25 12:03 - 2017-09-25 12:03 - 000000000 _SHDL C:\Users\Acer\AppData\Local\Verlauf
2017-09-25 12:03 - 2017-09-25 12:03 - 000000000 _SHDL C:\Users\Acer\AppData\Local\Anwendungsdaten
2017-09-25 12:03 - 2017-09-25 12:03 - 000000000 _SHDL C:\Users\Acer\Anwendungsdaten
2017-09-25 12:01 - 2017-09-25 12:01 - 000000000 ____D C:\WINDOWS\system32\config\bbimigrate
2017-09-25 11:59 - 2017-09-26 00:25 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2017-09-25 11:59 - 2017-09-25 12:01 - 000000000 ____D C:\Program Files\Intel
2017-09-25 11:59 - 2017-09-25 11:59 - 032931716 _____ C:\WINDOWS\system32\Drivers\rtkhdasetting.zip
2017-09-25 11:59 - 2017-09-25 11:59 - 000000200 _____ C:\WINDOWS\system32\{EC94D02F-D200-4428-9531-05AF7F9799CB}.bat
2017-09-25 11:59 - 2017-09-25 11:59 - 000000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_ETD_01011.Wdf
2017-09-25 11:59 - 2017-09-25 11:59 - 000000000 ____H C:\ProgramData\DP45977C.lfl
2017-09-25 11:59 - 2017-09-25 11:59 - 000000000 ____D C:\WINDOWS\SysWOW64\RTCOM
2017-09-25 11:59 - 2017-09-25 11:59 - 000000000 ____D C:\WINDOWS\system32\DAX2
2017-09-25 11:59 - 2017-09-25 11:59 - 000000000 ____D C:\Program Files\Realtek
2017-09-25 11:59 - 2017-09-25 11:59 - 000000000 ____D C:\Program Files\Common Files\Atheros
2017-09-25 11:59 - 2017-09-25 11:59 - 000000000 _____ C:\WINDOWS\system32\GfxValDisplayLog.bin
2017-09-25 11:59 - 2017-03-18 22:56 - 002233344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2017-09-25 11:59 - 2017-02-01 02:01 - 000112664 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.DLL
2017-09-25 11:59 - 2017-02-01 02:01 - 000108568 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.DLL
2017-09-25 11:58 - 2017-09-26 06:33 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2017-09-25 11:58 - 2017-09-26 00:24 - 000217984 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2017-09-22 20:45 - 2015-05-03 08:31 - 000012288 _____ C:\Sparplan.pow Biffs
2017-09-22 11:01 - 2017-09-24 12:05 - 000000000 ____D C:\Users\Acer\Documents\Reflect
2017-09-21 16:12 - 2017-09-21 16:17 - 000000000 ____D C:\Users\Acer\Documents\Peace back up
2017-09-21 14:31 - 2017-09-21 14:31 - 000001341 _____ C:\Users\Acer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HD Audio-Manager.lnk
2017-09-21 14:27 - 2017-09-25 12:08 - 000008404 _____ C:\Users\Acer\Desktop\Entfernte Apps.html
2017-09-21 14:22 - 2015-03-21 02:28 - 000002343 _____ C:\Users\Acer\Desktop\App Explorer (1).lnk
2017-09-16 17:34 - 2017-09-05 07:30 - 000287648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2017-09-16 17:34 - 2017-09-05 07:12 - 001409048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2017-09-16 17:34 - 2017-09-05 07:12 - 000627080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2017-09-16 17:34 - 2017-09-05 06:53 - 001839872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2017-09-16 17:34 - 2017-09-05 06:52 - 002259760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2017-09-16 17:34 - 2017-09-05 06:46 - 004471888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2017-09-16 17:34 - 2017-09-05 06:45 - 005821496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2017-09-16 17:34 - 2017-09-05 06:45 - 002476712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10warp.dll
2017-09-16 17:34 - 2017-09-05 06:45 - 002166808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2017-09-16 17:34 - 2017-09-05 06:45 - 000750496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2017-09-16 17:34 - 2017-09-05 06:45 - 000085784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredentialUIBroker.exe
2017-09-16 17:34 - 2017-09-05 06:43 - 000611096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2017-09-16 17:34 - 2017-09-05 06:43 - 000359560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Faultrep.dll
2017-09-16 17:34 - 2017-09-05 06:43 - 000280480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFault.exe
2017-09-16 17:34 - 2017-09-05 06:43 - 000169376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wermgr.exe
2017-09-16 17:34 - 2017-09-05 06:42 - 002330520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2017-09-16 17:34 - 2017-09-05 06:42 - 000519680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2017-09-16 17:34 - 2017-09-05 06:42 - 000182688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2017-09-16 17:34 - 2017-09-05 06:41 - 020373408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2017-09-16 17:34 - 2017-09-05 06:41 - 006761560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2017-09-16 17:34 - 2017-09-05 06:41 - 004671832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2017-09-16 17:34 - 2017-09-05 06:37 - 000583160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2017-09-16 17:34 - 2017-09-05 06:26 - 002953216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2017-09-16 17:34 - 2017-09-05 06:26 - 000404480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werui.dll
2017-09-16 17:34 - 2017-09-05 06:25 - 013844480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2017-09-16 17:34 - 2017-09-05 06:25 - 000154624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWWIN.EXE
2017-09-16 17:34 - 2017-09-05 06:24 - 002199552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Resources.dll
2017-09-16 17:34 - 2017-09-05 06:23 - 000025088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\odbcconf.dll
2017-09-16 17:34 - 2017-09-05 06:22 - 000079872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
2017-09-16 17:34 - 2017-09-05 06:21 - 006728704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2017-09-16 17:34 - 2017-09-05 06:20 - 000370176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2017-09-16 17:34 - 2017-09-05 06:19 - 000364032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2017-09-16 17:34 - 2017-09-05 06:18 - 000471040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TpmCoreProvisioning.dll
2017-09-16 17:34 - 2017-09-05 06:16 - 005961728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2017-09-16 17:34 - 2017-09-05 06:16 - 000357888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActivationManager.dll
2017-09-16 17:34 - 2017-09-05 06:15 - 001248768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll
2017-09-16 17:34 - 2017-09-05 06:15 - 000657408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netlogon.dll
2017-09-16 17:34 - 2017-09-05 06:15 - 000636416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll
2017-09-16 17:34 - 2017-09-05 06:15 - 000430592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2017-09-16 17:34 - 2017-09-05 06:14 - 000754176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2017-09-16 17:34 - 2017-09-05 06:14 - 000590336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PCPKsp.dll
2017-09-16 17:34 - 2017-09-05 06:13 - 007598080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2017-09-16 17:34 - 2017-09-05 06:13 - 000050176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cldapi.dll
2017-09-16 17:34 - 2017-09-05 06:12 - 005225984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2017-09-16 17:34 - 2017-09-05 06:12 - 002859520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2017-09-16 17:34 - 2017-09-05 06:12 - 000899584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll
2017-09-16 17:34 - 2017-09-05 06:11 - 003667456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_47.dll
2017-09-16 17:34 - 2017-09-05 06:11 - 001355264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OpcServices.dll
2017-09-16 17:34 - 2017-09-05 06:11 - 001060352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsPrint.dll
2017-09-16 17:34 - 2017-09-05 06:11 - 001019904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2017-09-16 17:34 - 2017-09-05 06:11 - 000787456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2017-09-16 17:34 - 2017-09-05 06:10 - 004559360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll
2017-09-16 17:34 - 2017-09-05 06:10 - 001627136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2017-09-16 17:34 - 2017-09-05 06:10 - 000761344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasapi32.dll
2017-09-16 17:34 - 2017-09-05 06:06 - 000089088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll
2017-09-16 17:34 - 2017-09-05 06:04 - 000175616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RstrtMgr.dll
2017-09-16 17:34 - 2017-09-05 06:04 - 000057856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offreg.dll
2017-09-16 17:33 - 2017-09-05 07:31 - 001147296 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2017-09-16 17:33 - 2017-09-05 07:31 - 001024928 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2017-09-16 17:33 - 2017-09-05 07:31 - 000821664 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.exe
2017-09-16 17:33 - 2017-09-05 07:31 - 000750560 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2017-09-16 17:33 - 2017-09-05 07:27 - 002399728 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2017-09-16 17:33 - 2017-09-05 07:27 - 000136096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecdd.sys
2017-09-16 17:33 - 2017-09-05 07:26 - 008319904 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2017-09-16 17:33 - 2017-09-05 07:26 - 001930840 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2017-09-16 17:33 - 2017-09-05 07:25 - 002969880 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreUIComponents.dll
2017-09-16 17:33 - 2017-09-05 07:25 - 000159648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\partmgr.sys
2017-09-16 17:33 - 2017-09-05 07:24 - 000923040 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2017-09-16 17:33 - 2017-09-05 07:24 - 000519584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netio.sys
2017-09-16 17:33 - 2017-09-05 07:23 - 001242528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2017-09-16 17:33 - 2017-09-05 07:21 - 000189344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2017-09-16 17:33 - 2017-09-05 07:20 - 001057824 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2017-09-16 17:33 - 2017-09-05 07:19 - 004848960 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2017-09-16 17:33 - 2017-09-05 07:19 - 002443168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2017-09-16 17:33 - 2017-09-05 07:18 - 007326128 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2017-09-16 17:33 - 2017-09-05 07:18 - 005477096 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneCoreUAPCommonProxyStub.dll
2017-09-16 17:33 - 2017-09-05 07:18 - 002972552 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10warp.dll
2017-09-16 17:33 - 2017-09-05 07:18 - 002647224 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2017-09-16 17:33 - 2017-09-05 07:18 - 000820128 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2017-09-16 17:33 - 2017-09-05 07:18 - 000212384 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2017-09-16 17:33 - 2017-09-05 07:17 - 000316320 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFault.exe
2017-09-16 17:33 - 2017-09-05 07:16 - 000872472 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipSVC.dll
2017-09-16 17:33 - 2017-09-05 07:16 - 000724200 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2017-09-16 17:33 - 2017-09-05 07:16 - 000715168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fvevol.sys
2017-09-16 17:33 - 2017-09-05 07:16 - 000546208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2017-09-16 17:33 - 2017-09-05 07:16 - 000410168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Faultrep.dll
2017-09-16 17:33 - 2017-09-05 07:16 - 000228256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2017-09-16 17:33 - 2017-09-05 07:16 - 000182688 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe
2017-09-16 17:33 - 2017-09-05 07:15 - 003116184 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2017-09-16 17:33 - 2017-09-05 07:15 - 000654976 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2017-09-16 17:33 - 2017-09-05 07:15 - 000257440 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2017-09-16 17:33 - 2017-09-05 07:14 - 021352656 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2017-09-16 17:33 - 2017-09-05 07:14 - 007907344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2017-09-16 17:33 - 2017-09-05 07:14 - 004708504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2017-09-16 17:33 - 2017-09-05 07:14 - 001146176 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfds.dll
2017-09-16 17:33 - 2017-09-05 07:14 - 000958664 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll
2017-09-16 17:33 - 2017-09-05 07:14 - 000254176 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2017-09-16 17:33 - 2017-09-05 07:14 - 000094624 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2017-09-16 17:33 - 2017-09-05 07:12 - 001292880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2017-09-16 17:33 - 2017-09-05 07:12 - 000081176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32u.dll
2017-09-16 17:33 - 2017-09-05 07:11 - 002675104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2017-09-16 17:33 - 2017-09-05 07:11 - 000610720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afd.sys
2017-09-16 17:33 - 2017-09-05 07:11 - 000387936 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpps.dll
2017-09-16 17:33 - 2017-09-05 06:53 - 001620880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2017-09-16 17:33 - 2017-09-05 06:50 - 004330920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\setupapi.dll
2017-09-16 17:33 - 2017-09-05 06:45 - 023679488 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2017-09-16 17:33 - 2017-09-05 06:44 - 000569264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SHCore.dll
2017-09-16 17:33 - 2017-09-05 06:43 - 000042456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tbs.dll
2017-09-16 17:33 - 2017-09-05 06:42 - 000703056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll
2017-09-16 17:33 - 2017-09-05 06:42 - 000291904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wevtapi.dll
2017-09-16 17:33 - 2017-09-05 06:41 - 001106904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfds.dll
2017-09-16 17:33 - 2017-09-05 06:41 - 001013912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvproc.dll
2017-09-16 17:33 - 2017-09-05 06:40 - 000052768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\appidapi.dll
2017-09-16 17:33 - 2017-09-05 06:31 - 003668992 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2017-09-16 17:33 - 2017-09-05 06:30 - 001275904 _____ (Microsoft Corporation) C:\WINDOWS\system32\werconcpl.dll
2017-09-16 17:33 - 2017-09-05 06:30 - 000463360 _____ (Microsoft Corporation) C:\WINDOWS\system32\werui.dll
2017-09-16 17:33 - 2017-09-05 06:30 - 000184320 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWWIN.EXE
2017-09-16 17:33 - 2017-09-05 06:30 - 000093184 _____ (Microsoft Corporation) C:\WINDOWS\system32\wercplsupport.dll
2017-09-16 17:33 - 2017-09-05 06:30 - 000089088 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrvext.dll
2017-09-16 17:33 - 2017-09-05 06:30 - 000077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsqmcons.exe
2017-09-16 17:33 - 2017-09-05 06:29 - 000037376 _____ (Microsoft Corporation) C:\WINDOWS\system32\SEMgrPS.dll
2017-09-16 17:33 - 2017-09-05 06:28 - 017371136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2017-09-16 17:33 - 2017-09-05 06:28 - 002199552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll
2017-09-16 17:33 - 2017-09-05 06:28 - 000071680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbser.sys
2017-09-16 17:33 - 2017-09-05 06:28 - 000039424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\buttonconverter.sys
2017-09-16 17:33 - 2017-09-05 06:27 - 007931392 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2017-09-16 17:33 - 2017-09-05 06:27 - 000128000 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2017-09-16 17:33 - 2017-09-05 06:27 - 000104960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\UcmCx.sys
2017-09-16 17:33 - 2017-09-05 06:27 - 000095232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2017-09-16 17:33 - 2017-09-05 06:27 - 000090112 _____ (Microsoft Corporation) C:\WINDOWS\system32\datamarketsvc.dll
2017-09-16 17:33 - 2017-09-05 06:27 - 000029696 _____ (Microsoft Corporation) C:\WINDOWS\system32\odbcconf.dll
2017-09-16 17:33 - 2017-09-05 06:26 - 000113152 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhosdeployment.dll
2017-09-16 17:33 - 2017-09-05 06:26 - 000107008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidbth.sys
2017-09-16 17:33 - 2017-09-05 06:26 - 000084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll
2017-09-16 17:33 - 2017-09-05 06:26 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntprint.exe
2017-09-16 17:33 - 2017-09-05 06:26 - 000022016 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnpinst.exe
2017-09-16 17:33 - 2017-09-05 06:25 - 001448960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2017-09-16 17:33 - 2017-09-05 06:25 - 000293376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32k.sys
2017-09-16 17:33 - 2017-09-05 06:25 - 000043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmTasks.dll
2017-09-16 17:33 - 2017-09-05 06:25 - 000043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nsiproxy.sys
2017-09-16 17:33 - 2017-09-05 06:24 - 000457728 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2017-09-16 17:33 - 2017-09-05 06:24 - 000353280 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntprint.dll
2017-09-16 17:33 - 2017-09-05 06:24 - 000334336 _____ (Microsoft Corporation) C:\WINDOWS\system32\wc_storage.dll
2017-09-16 17:33 - 2017-09-05 06:24 - 000182272 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcrecovery.dll
2017-09-16 17:33 - 2017-09-05 06:24 - 000096256 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2017-09-16 17:33 - 2017-09-05 06:23 - 020509184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2017-09-16 17:33 - 2017-09-05 06:23 - 000433664 _____ (Microsoft Corporation) C:\WINDOWS\system32\msIso.dll
2017-09-16 17:33 - 2017-09-05 06:23 - 000305152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netbt.sys
2017-09-16 17:33 - 2017-09-05 06:23 - 000140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2017-09-16 17:33 - 2017-09-05 06:23 - 000107008 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcpopkeysrv.dll
2017-09-16 17:33 - 2017-09-05 06:22 - 023684608 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2017-09-16 17:33 - 2017-09-05 06:22 - 000742912 _____ (Microsoft Corporation) C:\WINDOWS\system32\nshwfp.dll
2017-09-16 17:33 - 2017-09-05 06:22 - 000640512 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngccredprov.dll
2017-09-16 17:33 - 2017-09-05 06:22 - 000556032 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmCoreProvisioning.dll
2017-09-16 17:33 - 2017-09-05 06:22 - 000477696 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasplap.dll
2017-09-16 17:33 - 2017-09-05 06:22 - 000458752 _____ (Microsoft Corporation) C:\WINDOWS\system32\NgcCtnr.dll
2017-09-16 17:33 - 2017-09-05 06:22 - 000388096 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2017-09-16 17:33 - 2017-09-05 06:22 - 000327168 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinBioDataModel.dll
2017-09-16 17:33 - 2017-09-05 06:22 - 000274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2017-09-16 17:33 - 2017-09-05 06:22 - 000225792 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2017-09-16 17:33 - 2017-09-05 06:22 - 000173568 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetpp.dll
2017-09-16 17:33 - 2017-09-05 06:22 - 000165888 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll
2017-09-16 17:33 - 2017-09-05 06:21 - 001178624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Vpn.dll
2017-09-16 17:33 - 2017-09-05 06:21 - 001051136 _____ (Microsoft Corporation) C:\WINDOWS\system32\nettrace.dll
2017-09-16 17:33 - 2017-09-05 06:21 - 000946688 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasgcw.dll
2017-09-16 17:33 - 2017-09-05 06:21 - 000422400 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpAXHolder.dll
2017-09-16 17:33 - 2017-09-05 06:21 - 000408576 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptngc.dll
2017-09-16 17:33 - 2017-09-05 06:21 - 000312320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Phoneutil.dll
2017-09-16 17:33 - 2017-09-05 06:21 - 000123904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srpapi.dll
2017-09-16 17:33 - 2017-09-05 06:21 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll
2017-09-16 17:33 - 2017-09-05 06:21 - 000062464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntprint.exe
2017-09-16 17:33 - 2017-09-05 06:20 - 007337472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2017-09-16 17:33 - 2017-09-05 06:20 - 001878016 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2017-09-16 17:33 - 2017-09-05 06:20 - 000805888 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2017-09-16 17:33 - 2017-09-05 06:20 - 000546816 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2017-09-16 17:33 - 2017-09-05 06:20 - 000412160 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActivationManager.dll
2017-09-16 17:33 - 2017-09-05 06:20 - 000282112 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsrslvr.dll
2017-09-16 17:33 - 2017-09-05 06:20 - 000229888 _____ (Microsoft Corporation) C:\WINDOWS\system32\SIHClient.exe
2017-09-16 17:33 - 2017-09-05 06:19 - 019336192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2017-09-16 17:33 - 2017-09-05 06:19 - 001085440 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll
2017-09-16 17:33 - 2017-09-05 06:19 - 001028608 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2017-09-16 17:33 - 2017-09-05 06:19 - 000772096 _____ (Microsoft Corporation) C:\WINDOWS\system32\PCPKsp.dll
2017-09-16 17:33 - 2017-09-05 06:19 - 000311296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntprint.dll
2017-09-16 17:33 - 2017-09-05 06:19 - 000181760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authz.dll
2017-09-16 17:33 - 2017-09-05 06:19 - 000134656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dinput.dll
2017-09-16 17:33 - 2017-09-05 06:19 - 000124928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
2017-09-16 17:33 - 2017-09-05 06:19 - 000080384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2017-09-16 17:33 - 2017-09-05 06:18 - 012801536 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2017-09-16 17:33 - 2017-09-05 06:18 - 004175872 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll
2017-09-16 17:33 - 2017-09-05 06:18 - 002078720 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2017-09-16 17:33 - 2017-09-05 06:18 - 000922112 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2017-09-16 17:33 - 2017-09-05 06:18 - 000921600 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasdlg.dll
2017-09-16 17:33 - 2017-09-05 06:18 - 000874496 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmans.dll
2017-09-16 17:33 - 2017-09-05 06:18 - 000864256 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll
2017-09-16 17:33 - 2017-09-05 06:18 - 000832000 _____ (Microsoft Corporation) C:\WINDOWS\system32\printfilterpipelinesvc.exe
2017-09-16 17:33 - 2017-09-05 06:18 - 000803328 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2017-09-16 17:33 - 2017-09-05 06:18 - 000752640 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2017-09-16 17:33 - 2017-09-05 06:18 - 000524288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ngccredprov.dll
2017-09-16 17:33 - 2017-09-05 06:18 - 000491520 _____ (Microsoft Corporation) C:\WINDOWS\system32\NgcCtnrSvc.dll
2017-09-16 17:33 - 2017-09-05 06:18 - 000452608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasplap.dll
2017-09-16 17:33 - 2017-09-05 06:18 - 000339968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2017-09-16 17:33 - 2017-09-05 06:18 - 000266240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2017-09-16 17:33 - 2017-09-05 06:18 - 000257024 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2017-09-16 17:33 - 2017-09-05 06:18 - 000176640 _____ (Microsoft Corporation) C:\WINDOWS\system32\wersvc.dll
2017-09-16 17:33 - 2017-09-05 06:18 - 000175104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dinput8.dll
2017-09-16 17:33 - 2017-09-05 06:18 - 000100352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasman.dll
2017-09-16 17:33 - 2017-09-05 06:18 - 000056832 _____ (Microsoft Corporation) C:\WINDOWS\system32\cldapi.dll
2017-09-16 17:33 - 2017-09-05 06:17 - 008213504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2017-09-16 17:33 - 2017-09-05 06:17 - 008207872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2017-09-16 17:33 - 2017-09-05 06:17 - 002765824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Shell.UnifiedTile.CuratedTileCollections.dll
2017-09-16 17:33 - 2017-09-05 06:17 - 001886208 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2017-09-16 17:33 - 2017-09-05 06:17 - 001397760 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2017-09-16 17:33 - 2017-09-05 06:17 - 000918528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.Vpn.dll
2017-09-16 17:33 - 2017-09-05 06:17 - 000852480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasgcw.dll
2017-09-16 17:33 - 2017-09-05 06:17 - 000757760 _____ (Microsoft Corporation) C:\WINDOWS\system32\spoolsv.exe
2017-09-16 17:33 - 2017-09-05 06:17 - 000586240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nshwfp.dll
2017-09-16 17:33 - 2017-09-05 06:17 - 000307712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cryptngc.dll
2017-09-16 17:33 - 2017-09-05 06:16 - 002805248 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2017-09-16 17:33 - 2017-09-05 06:16 - 000844288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasdlg.dll
2017-09-16 17:33 - 2017-09-05 06:16 - 000563200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdh.dll
2017-09-16 17:33 - 2017-09-05 06:16 - 000358400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2017-09-16 17:33 - 2017-09-05 06:16 - 000257024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Phoneutil.dll
2017-09-16 17:33 - 2017-09-05 06:15 - 004730368 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2017-09-16 17:33 - 2017-09-05 06:15 - 004396032 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_47.dll
2017-09-16 17:33 - 2017-09-05 06:15 - 003307008 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2017-09-16 17:33 - 2017-09-05 06:15 - 003059200 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2017-09-16 17:33 - 2017-09-05 06:15 - 002503680 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
2017-09-16 17:33 - 2017-09-05 06:15 - 002055680 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2017-09-16 17:33 - 2017-09-05 06:15 - 001143296 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2017-09-16 17:33 - 2017-09-05 06:15 - 001077248 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll
2017-09-16 17:33 - 2017-09-05 06:15 - 000706560 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2017-09-16 17:33 - 2017-09-05 06:15 - 000664576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2017-09-16 17:33 - 2017-09-05 06:15 - 000232960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2017-09-16 17:33 - 2017-09-05 06:15 - 000223744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shdocvw.dll
2017-09-16 17:33 - 2017-09-05 06:14 - 011887104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2017-09-16 17:33 - 2017-09-05 06:14 - 005557760 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll
2017-09-16 17:33 - 2017-09-05 06:14 - 002516480 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2017-09-16 17:33 - 2017-09-05 06:14 - 002445824 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2017-09-16 17:33 - 2017-09-05 06:14 - 002177024 _____ (Microsoft Corporation) C:\WINDOWS\system32\OpcServices.dll
2017-09-16 17:33 - 2017-09-05 06:14 - 002006528 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationFramework.dll
2017-09-16 17:33 - 2017-09-05 06:14 - 001657344 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsPrint.dll
2017-09-16 17:33 - 2017-09-05 06:14 - 001583616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2017-09-16 17:33 - 2017-09-05 06:14 - 001046016 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcsvc.dll
2017-09-16 17:33 - 2017-09-05 06:14 - 000986624 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2017-09-16 17:33 - 2017-09-05 06:14 - 000827904 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
2017-09-16 17:33 - 2017-09-05 06:14 - 000810496 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasapi32.dll
2017-09-16 17:33 - 2017-09-05 06:14 - 000476160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dsreg.dll
2017-09-16 17:33 - 2017-09-05 06:13 - 002009600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2017-09-16 17:33 - 2017-09-05 06:13 - 001802752 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2017-09-16 17:33 - 2017-09-05 06:13 - 000407040 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2017-09-16 17:33 - 2017-09-05 06:12 - 006265856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2017-09-16 17:33 - 2017-09-05 06:11 - 003654656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2017-09-16 17:33 - 2017-09-05 06:11 - 001463296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2017-09-16 17:33 - 2017-09-05 06:10 - 000431616 _____ (Microsoft Corporation) C:\WINDOWS\system32\BthHFSrv.dll
2017-09-16 17:33 - 2017-09-05 06:07 - 000201728 _____ (Microsoft Corporation) C:\WINDOWS\system32\RstrtMgr.dll
2017-09-16 17:33 - 2017-09-05 06:07 - 000061952 _____ (Microsoft Corporation) C:\WINDOWS\system32\vss_ps.dll
2017-09-16 17:33 - 2017-09-05 06:06 - 000221696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wisp.dll
2017-09-16 17:33 - 2017-09-05 06:06 - 000078848 _____ (Microsoft Corporation) C:\WINDOWS\system32\offreg.dll
2017-09-16 17:33 - 2017-09-01 07:55 - 000031932 _____ C:\WINDOWS\system32\edgehtmlpluginpolicy.bin
2017-09-16 17:32 - 2017-09-05 07:31 - 001596592 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2017-09-16 17:32 - 2017-09-05 07:31 - 001346112 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2017-09-16 17:32 - 2017-09-05 07:31 - 000115792 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32u.dll
2017-09-16 17:32 - 2017-09-05 07:23 - 004462120 _____ (Microsoft Corporation) C:\WINDOWS\system32\setupapi.dll
2017-09-16 17:32 - 2017-09-05 07:18 - 001668344 _____ (Microsoft Corporation) C:\WINDOWS\system32\propsys.dll
2017-09-16 17:32 - 2017-09-05 07:18 - 000685512 _____ (Microsoft Corporation) C:\WINDOWS\system32\SHCore.dll
2017-09-16 17:32 - 2017-09-05 07:16 - 001320344 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpx.dll
2017-09-16 17:32 - 2017-09-05 07:16 - 000049720 _____ (Microsoft Corporation) C:\WINDOWS\system32\tbs.dll
2017-09-16 17:32 - 2017-09-05 07:15 - 000871448 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
2017-09-16 17:32 - 2017-09-05 07:15 - 000381824 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtapi.dll
2017-09-16 17:32 - 2017-09-05 07:13 - 001619816 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2017-09-16 17:32 - 2017-09-05 07:13 - 000064680 _____ (Microsoft Corporation) C:\WINDOWS\system32\appidapi.dll
2017-09-16 17:32 - 2017-09-05 06:30 - 001639936 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2017-09-16 17:32 - 2017-09-05 06:30 - 000584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbonRes.dll
2017-09-16 17:32 - 2017-09-05 06:30 - 000447488 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2017-09-16 17:32 - 2017-09-05 06:27 - 000133632 _____ (Microsoft Corporation) C:\WINDOWS\system32\CfgSPCellular.dll
2017-09-16 17:32 - 2017-09-05 06:27 - 000131584 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseAPNCsp.dll
2017-09-16 17:32 - 2017-09-05 06:27 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
2017-09-16 17:32 - 2017-09-05 06:26 - 000499712 _____ (Microsoft Corporation) C:\WINDOWS\system32\nltest.exe
2017-09-16 17:32 - 2017-09-05 06:26 - 000156160 _____ (Microsoft Corporation) C:\WINDOWS\system32\csplte.dll
2017-09-16 17:32 - 2017-09-05 06:26 - 000142848 _____ (Microsoft Corporation) C:\WINDOWS\system32\srpapi.dll
2017-09-16 17:32 - 2017-09-05 06:26 - 000124928 _____ (Microsoft Corporation) C:\WINDOWS\system32\httpprxm.dll
2017-09-16 17:32 - 2017-09-05 06:25 - 000584192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbonRes.dll
2017-09-16 17:32 - 2017-09-05 06:25 - 000527872 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2017-09-16 17:32 - 2017-09-05 06:25 - 000064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll
2017-09-16 17:32 - 2017-09-05 06:24 - 000385536 _____ (Microsoft Corporation) C:\WINDOWS\system32\tpmvsc.dll
2017-09-16 17:32 - 2017-09-05 06:24 - 000274432 _____ (Microsoft Corporation) C:\WINDOWS\system32\authz.dll
2017-09-16 17:32 - 2017-09-05 06:24 - 000160768 _____ (Microsoft Corporation) C:\WINDOWS\system32\dinput.dll
2017-09-16 17:32 - 2017-09-05 06:24 - 000109056 _____ (Microsoft Corporation) C:\WINDOWS\system32\dab.dll
2017-09-16 17:32 - 2017-09-05 06:23 - 000739840 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneProviders.dll
2017-09-16 17:32 - 2017-09-05 06:23 - 000450048 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcdedit.exe
2017-09-16 17:32 - 2017-09-05 06:23 - 000138752 _____ (Microsoft Corporation) C:\WINDOWS\system32\appinfo.dll
2017-09-16 17:32 - 2017-09-05 06:23 - 000128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasman.dll
2017-09-16 17:32 - 2017-09-05 06:22 - 000527360 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
2017-09-16 17:32 - 2017-09-05 06:22 - 000413184 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2017-09-16 17:32 - 2017-09-05 06:22 - 000329728 _____ (Microsoft Corporation) C:\WINDOWS\system32\RasMediaManager.dll
2017-09-16 17:32 - 2017-09-05 06:22 - 000213504 _____ (Microsoft Corporation) C:\WINDOWS\system32\dinput8.dll
2017-09-16 17:32 - 2017-09-05 06:21 - 000773120 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneService.dll
2017-09-16 17:32 - 2017-09-05 06:21 - 000691712 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdh.dll
2017-09-16 17:32 - 2017-09-05 06:20 - 000925696 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll
2017-09-16 17:32 - 2017-09-05 06:19 - 001260544 _____ (Microsoft Corporation) C:\WINDOWS\system32\GamePanel.exe
2017-09-16 17:32 - 2017-09-05 06:19 - 000996864 _____ (Microsoft Corporation) C:\WINDOWS\system32\iphlpsvc.dll
2017-09-16 17:32 - 2017-09-05 06:19 - 000772096 _____ (Microsoft Corporation) C:\WINDOWS\system32\netlogon.dll
2017-09-16 17:32 - 2017-09-05 06:19 - 000243712 _____ (Microsoft Corporation) C:\WINDOWS\system32\shdocvw.dll
2017-09-16 17:32 - 2017-09-05 06:18 - 000564736 _____ (Microsoft Corporation) C:\WINDOWS\system32\dsreg.dll
2017-09-16 17:32 - 2017-09-05 06:16 - 002680320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.CloudStore.dll
2017-09-16 17:32 - 2017-09-05 06:16 - 000440320 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.immersiveshell.serviceprovider.dll
2017-09-16 17:32 - 2017-09-05 06:16 - 000397312 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascustom.dll
2017-09-16 17:32 - 2017-09-05 06:15 - 001736704 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll
2017-09-16 17:32 - 2017-09-05 06:15 - 001460224 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2017-09-16 17:32 - 2017-09-05 06:15 - 001293824 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2017-09-16 17:32 - 2017-09-05 06:12 - 002153984 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll
2017-09-16 17:32 - 2017-09-05 06:11 - 000254976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys
2017-09-16 17:32 - 2017-09-05 06:09 - 000268288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wisp.dll
2017-09-08 10:53 - 2017-09-08 10:53 - 000000000 ____D C:\Users\Acer\.rainlendar2
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2017-09-26 18:51 - 2016-07-16 18:55 - 000000000 ____D C:\Users\Acer\.mediathek3
2017-09-26 18:20 - 2016-11-16 16:51 - 000000000 ____D C:\Users\Acer\AppData\LocalLow\Mozilla
2017-09-26 09:55 - 2016-02-15 11:59 - 000000000 ____D C:\Lw C
2017-09-26 08:22 - 2015-10-24 19:24 - 000000000 ____D C:\ProgramData\Intel
2017-09-26 08:22 - 2015-08-31 12:52 - 000000000 ____D C:\ProgramData\McAfee
2017-09-26 08:22 - 2015-08-31 12:50 - 000000000 ____D C:\ProgramData\WildTangent
2017-09-26 01:02 - 2016-11-02 10:29 - 000000000 ____D C:\xampp-cz
2017-09-26 01:02 - 2016-10-27 23:15 - 000000000 ____D C:\xampp
2017-09-26 00:30 - 2015-08-31 13:01 - 001882062 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-09-26 00:27 - 2015-08-31 12:50 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acer
2017-09-26 00:25 - 2015-12-25 19:58 - 000000000 __SHD C:\Users\Acer\IntelGraphicsProfiles
2017-09-26 00:25 - 2015-08-31 12:49 - 000000000 __RHD C:\Users\Public\AccountPictures
2017-09-25 19:40 - 2015-10-24 19:25 - 000000000 ____D C:\ProgramData\Package Cache
2017-09-25 15:47 - 2015-08-31 13:43 - 000000000 ___HD C:\OEM
2017-09-25 15:47 - 2015-08-31 12:50 - 000000000 ____D C:\ProgramData\OEM
2017-09-25 15:45 - 2015-08-31 12:50 - 000000000 ____D C:\ProgramData\Acer
2017-09-25 15:41 - 2015-10-24 19:48 - 000000000 ____D C:\Program Files (x86)\Amazon
2017-09-25 15:19 - 2015-12-25 20:00 - 000000000 ___RD C:\Users\Acer\OneDrive
2017-09-25 12:48 - 2017-03-18 22:56 - 000066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthmodem.sys
2017-09-25 12:07 - 2016-06-23 12:38 - 000000000 ____D C:\Users\Acer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ember Media Manager BETA
2017-09-25 12:06 - 2015-07-10 13:04 - 000000000 ____D C:\WINDOWS\system32\Tasks_Migrated
2017-09-25 12:02 - 2015-10-25 04:56 - 000000000 ____D C:\WINDOWS\NAPP_Dism_Log
2017-09-25 12:02 - 2015-10-24 19:51 - 000000000 ____D C:\Users\Public\Foxit Software
2017-09-25 12:02 - 2015-10-24 19:51 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Foxit PhantomPDF
2017-09-25 12:02 - 2015-10-24 19:50 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink PowerDVD 12
2017-09-25 12:02 - 2015-10-24 19:50 - 000000000 ____D C:\Users\Public\CyberLink
2017-09-25 12:02 - 2015-10-24 19:50 - 000000000 ____D C:\ProgramData\CyberLink
2017-09-25 12:02 - 2015-10-24 19:50 - 000000000 ____D C:\ProgramData\CLSK
2017-09-25 12:02 - 2015-10-24 19:49 - 000000000 ____D C:\ProgramData\Temp
2017-09-25 12:02 - 2015-10-24 19:49 - 000000000 ____D C:\ProgramData\install_clap
2017-09-25 12:02 - 2015-10-24 19:33 - 000000000 ____D C:\Program Files (x86)\Qualcomm Atheros
2017-09-25 12:02 - 2015-10-24 19:31 - 000000000 ____D C:\Program Files (x86)\Realtek
2017-09-25 12:02 - 2015-08-31 12:51 - 000000000 ____D C:\ProgramData\Mozilla
2017-09-25 12:02 - 2015-08-31 12:51 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2017-09-25 12:02 - 2015-08-31 12:51 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2017-09-25 12:02 - 2015-08-31 12:50 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2017-09-25 12:02 - 2015-08-31 12:50 - 000000000 ____D C:\Program Files (x86)\WildTangent Games
2017-09-25 12:02 - 2015-08-31 12:50 - 000000000 ____D C:\Program Files (x86)\WildGames
2017-09-25 12:02 - 2015-07-10 14:22 - 000000000 ____D C:\ProgramData\USOShared
2017-09-25 12:02 - 2015-07-10 13:04 - 000000000 ___RD C:\WINDOWS\PurchaseDialog
2017-09-25 12:02 - 2015-07-10 13:04 - 000000000 ___RD C:\WINDOWS\DesktopTileResources
2017-09-25 12:01 - 2015-10-24 19:50 - 000000000 ____D C:\Program Files (x86)\Foxit PhantomPDF
2017-09-25 12:01 - 2015-10-24 19:50 - 000000000 ____D C:\Program Files (x86)\CyberLink
2017-09-25 12:01 - 2015-10-24 19:33 - 000000000 ____D C:\Program Files\Common Files\QCA_Bluetooth
2017-09-25 12:01 - 2015-10-24 19:31 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2017-09-25 12:01 - 2015-10-24 19:26 - 000000000 ____D C:\Program Files (x86)\Intel
2017-09-25 12:01 - 2015-08-31 12:52 - 000000000 ____D C:\Program Files\Acer
2017-09-25 12:01 - 2015-08-31 12:50 - 000000000 ____D C:\Program Files (x86)\Acer
2017-09-25 12:01 - 2015-07-10 15:14 - 000000000 ____D C:\Program Files\Windows Journal
2017-09-20 21:13 - 2017-05-04 15:25 - 000000886 _____ C:\Users\Acer\Desktop\EMDB.lnk
2017-09-20 09:46 - 2016-11-17 22:53 - 000000000 ____D C:\Users\Acer\Documents\Custom Office Templates
2017-09-02 10:05 - 2016-11-18 15:16 - 000000000 ____D C:\Users\Acer\Scrivener ScratchPad
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2017-09-25 14:48 - 2017-09-25 14:48 - 000000893 _____ () C:\Users\Acer\AppData\Local\recently-used.xbel
2017-09-25 11:59 - 2017-09-25 11:59 - 000000000 ____H () C:\ProgramData\DP45977C.lfl
==================== Bamital & volsnap ======================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2017-09-25 11:58
==================== Ende von FRST.txt ============================
26.09.2017, 21:18
Baum-Darstellung