Trojaner-Board
Seite 1 von 3 1 23
100 Beiträge dieses Themas auf einer Seite anzeigen

Trojaner-Board (https://www.trojaner-board.de/)
-   Log-Analyse und Auswertung (https://www.trojaner-board.de/log-analyse-auswertung/)
-   -   Google Chrome Erweiterung installieren nicht möglich: "Download interrupted", "Netzwerkfehler" (https://www.trojaner-board.de/181000-google-chrome-erweiterung-installieren-moeglich-download-interrupted-netzwerkfehler.html)

gert83 08.08.2016 13:55
Google Chrome Erweiterung installieren nicht möglich: "Download interrupted", "Netzwerkfehler"
 
Liste der Anhänge anzeigen (Anzahl: 2)
Ich hatte (habe?) Probleme mit Trotux und danach reichlich Probleme bei meinem Browser Chrome. Nachdem ich Malwarebytes laufen ließ, (56 Fehler), (und Neustart) konnte ich noch immer keine Extensions für Chrome installieren, "Netzwerkfehler". Ich habe jetzt nochmals Malwarebytes laufen lassen: 2x PUP.Optional.Trotux

Allerbesten Dank im Voraus
Gert

PS: Frst.txt geteilt, war zu groß

cosinus 08.08.2016 14:59
Logs bitte nicht anhängen, notfalls splitten und über mehrere Postings verteilt posten

Lesestoff:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR oder 7Z-Archiv zu packen erschwert mir massiv die Arbeit.
Auch wenn die Logs für einen Beitrag zu groß sein sollten, bitte ich dich die Logs direkt und notfalls über mehrere Beiträge verteilt zu posten.
Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
  • Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
  • Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
  • Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
  • Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.
http://www.trojaner-board.de/picture...&pictureid=307

gert83 08.08.2016 16:35
Tut mir leid ...
Nochmals:

Ich hatte (habe?) Probleme mit Trotux und danach reichlich Probleme bei meinem Browser Chrome. Nachdem ich Malwarebytes laufen ließ, (56 Fehler), (und Neustart) konnte ich noch immer keine Extensions für Chrome installieren, "Netzwerkfehler". Ich habe jetzt nochmals Malwarebytes laufen lassen: 2x PUP.Optional.Trotux

Allerbesten Dank im Voraus
Gert

Addition.txt:
Code:
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 03-08-2016
durchgeführt von Gert (2016-08-08 11:55:46)
Gestartet von D:\Downloads
Windows 10 Home Version 1511 (X64) (2015-12-22 02:59:37)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-786549325-3828416840-1361333200-500 - Administrator - Disabled) => C:\Users\Administrator
DefaultAccount (S-1-5-21-786549325-3828416840-1361333200-503 - Limited - Disabled)
Gast (S-1-5-21-786549325-3828416840-1361333200-501 - Limited - Disabled)
Gert (S-1-5-21-786549325-3828416840-1361333200-1001 - Administrator - Enabled) => C:\Users\Gert
HomeGroupUser$ (S-1-5-21-786549325-3828416840-1361333200-1003 - Limited - Enabled)

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Avast Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.017.20053 - Adobe Systems Incorporated)
Application Insights Tools for Visual Studio 2015 (x32 Version: 3.3 - Microsoft Corporation) Hidden
Ashampoo AppLauncher (Medion) v.1.0.0 (HKLM-x32\...\Ashampoo AppLauncher (Medion)_is1) (Version: 1.0.0 - Ashampoo GmbH & Co. KG)
Autochartist MT4 plugin for Activ Trades (HKLM-x32\...\Autochartist MT4 plugin for Activ Trades) (Version: 70 - Autochartist)
Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 12.2.2276 - AVAST Software)
Azure AD Authentication Connected Service (x32 Version: 14.0.23107 - Microsoft Corporation) Hidden
AzureTools.Notifications (x32 Version: 2.7.30611.1601 - Microsoft Corporation) Hidden
Blend for Visual Studio SDK for .NET 4.5 (x32 Version: 3.0.40218.0 - Microsoft Corporation) Hidden
Books Downloader version 1.0.0.1 (HKLM-x32\...\Books Downloader_is1) (Version: 1.0.0.1 - WorldOfBooks) <==== ACHTUNG
CamStudio 2.7.3 (HKLM\...\{04B83666-3A62-452B-85D3-70F8117F2329}_is1) (Version: 2.7.3 - CamStudio Open Source)
CamStudio Lossless Codec v1.5 (HKLM-x32\...\camcodec) (Version: 1.5 - CamStudio)
Chromium (HKU\S-1-5-21-786549325-3828416840-1361333200-1001\...\Chromium) (Version: 45.0.2406.0 - Chromium)
Cisco WebEx Meetings (HKU\S-1-5-21-786549325-3828416840-1361333200-1001\...\ActiveTouchMeetingClient) (Version:  - Cisco WebEx LLC)
Citrix Online Launcher (HKLM-x32\...\{DB014C85-A264-4BCA-A66F-6DD1FCF8EC36}) (Version: 1.0.335 - Citrix)
ClipMagic 4.1 (HKLM-x32\...\ClipMagic_3.1) (Version: 4.1 - MJT Net Ltd)
CyberLink Home Cinema 10 (HKLM-x32\...\InstallShield_{8F14AA37-5193-4A14-BD5B-BDF9B361AEF7}) (Version: 10.0 - CyberLink Corp.)
CyberLink PhotoDirector 5 (Version: 5.0.5724.0 - CyberLink Corp.) Hidden
CyberLink PowerDirector 11 (Version: 11.0.0.4426 - CyberLink Corp.) Hidden
CyberLink PowerRecover (HKLM-x32\...\InstallShield_{44B2A0AB-412E-4F8C-B058-D1E8AECCDFF5}) (Version: 5.7.0.3617 - CyberLink Corp.)
CyberLink PowerRecover (Version: 5.7.0.3617 - CyberLink Corp.) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Desktopicon Amazon.com (HKLM\...\DesktopIconAmazon) (Version: 1.0.1 - )
Devenv-Ressourcen für Microsoft Visual Studio 2015 (x32 Version: 14.0.23107 - Microsoft Corporation) Hidden
Dotfuscator and Analytics Community Edition 5.18.1 (x32 Version: 5.18.1.2898 - PreEmptive Solutions) Hidden
Dotfuscator and Analytics Community Edition Language Pack 5.18.1 de-DE (x32 Version: 5.18.1.2898 - PreEmptive Solutions) Hidden
Driver Booster 3.5 (HKLM-x32\...\Driver Booster_is1) (Version: 3.5 - IObit)
Dropbox (HKLM-x32\...\Dropbox) (Version: 7.4.30 - Dropbox, Inc.)
Dropbox Update Helper (x32 Version: 1.3.27.35 - Dropbox, Inc.) Hidden
Entity Framework 6.1.3 Tools  for Visual Studio 2015 (HKLM-x32\...\{1A8A9739-BAD7-491F-B5B9-A79A2B965422}) (Version: 14.0.40302.0 - Microsoft Corporation)
Erforderliche Komponenten für SSDT  (HKLM-x32\...\{2466E484-9D86-416B-9C88-AA533F15AF1C}) (Version: 12.0.2000.8 - Microsoft Corporation)
e-Saver version 3.4.1 (HKLM-x32\...\{C97CA73D-E96B-4B42-830E-D0F7BD780FB8}_is1) (Version: 3.4.1 - AOC)
Fotogalerie (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Fotogalerija (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Fotogalleri (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Fotogalleriet (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Fotoğraf Galerisi (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Fotótár (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
FreeOCR v5.4 (HKLM-x32\...\freeocr_is1) (Version:  - )
FX Choice - MetaTrader 4 (HKLM-x32\...\FX Choice - MetaTrader 4) (Version: 4.00 - MetaQuotes Software Corp.)
FX Choice MetaTrader 5 (HKLM\...\FX Choice MetaTrader 5) (Version: 5.00 - MetaQuotes Software Corp.)
Galeria de Fotografias (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Galería de fotos (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Galeria fotografii (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Galerie de photos (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Gemeinsam genutzte Microsoft Azure-Komponenten für Visual Studio 2015 Sprachpaket (DEU) - v1.5 (x32 Version: 1.5.30619.1602 - Microsoft Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 51.0.2704.103 - Google Inc.)
Google Update Helper (x32 Version: 1.3.31.5 - Google Inc.) Hidden
GoToMeeting 7.20.0.5174 (HKU\S-1-5-21-786549325-3828416840-1361333200-1001\...\GoToMeeting) (Version: 7.20.0.5174 - CitrixOnline)
HEXelon MAX 6.07 (HKLM-x32\...\HEXelon MAX_is1) (Version: 6.07 - Jerzy Znamirowski)
IIS 10.0 Express (HKLM\...\{5984D8DA-C1AF-4284-9C88-D7150425B315}) (Version: 10.0.1734 - Microsoft Corporation)
IIS Express Application Compatibility Database for x64 (HKLM\...\{08274920-8908-45c2-9258-8ad67ff77b09}.sdb) (Version:  - )
IIS Express Application Compatibility Database for x86 (HKLM\...\{ad846bae-d44b-4722-abad-f7420e08bcd9}.sdb) (Version:  - )
i-Menu version 4.3.1 (HKLM-x32\...\{0121C0BD-363C-4B1D-8B64-FE7681A37D0A}_is1) (Version: 4.3.1 - AOC)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.14.1724 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.9.0.1001 - Intel Corporation)
iRoot (HKLM-x32\...\{1295E43F-382A-4CB2-9E0F-079C0D7401BB}_is1) (Version: 1.8.6.20013 - SING)
Java 8 Update 101 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180101F0}) (Version: 8.0.1010.13 - Oracle Corporation)
Java 8 Update 77 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218077F0}) (Version: 8.0.770.3 - Oracle Corporation)
Java 8 Update 91 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218091F0}) (Version: 8.0.910.14 - Oracle Corporation)
Kalkules 1.9.6.25 (HKLM-x32\...\{6541EA45-0665-4485-ABAA-417BC83AC92F}_is1) (Version:  - Jardo)
McAfee WebAdvisor (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 4.0.233 - McAfee, Inc.)
MetaTrader - ActivTrades (HKLM-x32\...\MetaTrader - ActivTrades) (Version: 4.00 - MetaQuotes Software Corp.)
MetaTrader - ActivTrades (HKLM-x32\...\MetaTrader - ActivTradesDemoPC) (Version: 4.00 - MetaQuotes Software Corp.)
MetaTrader - London Capital Group Ltd. (HKLM-x32\...\MetaTrader - London Capital Group Ltd.Demo) (Version: 4.00 - MetaQuotes Software Corp.)
MetaTrader 4 (HKLM-x32\...\MetaTrader  QT-Demo) (Version: 4.00 - MetaQuotes Software Corp.)
MetaTrader 4 (HKLM-x32\...\MetaTrader 4) (Version: 4.00 - MetaQuotes Software Corp.)
MetaTrader 5 - ActivTrades (HKLM\...\MetaTrader 5 - ActivTrades) (Version: 5.00 - MetaQuotes Software Corp.)
MetaTrader 5 - ActivTrades (HKLM\...\MetaTrader 5 - ActivTradesLive) (Version: 5.00 - MetaQuotes Software Corp.)
MetaTrader 5 - ActivTrades (HKLM\...\MetaTrader 5 - Live ActivTrades) (Version: 5.00 - MetaQuotes Software Corp.)
Microsoft .NET Framework 4.5 Multi-Targeting Pack (HKLM-x32\...\{56E962F0-4FB0-3C67-88DB-9EAA6EEFC493}) (Version: 4.5.50710 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (HKLM-x32\...\{6A0C6700-EA93-372C-8871-DCCF13D160A4}) (Version: 4.5.50932 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 SDK (Deutsch) (HKLM-x32\...\{CBD7095F-7211-43FD-9FE7-FB08D753AF79}) (Version: 4.5.51641 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 SDK (HKLM-x32\...\{19A5926D-66E1-46FC-854D-163AA10A52D3}) (Version: 4.5.51641 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 Multi-Targeting Pack (HKLM-x32\...\{B941AFB4-8851-33A1-9E72-0C33D463C41C}) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.6 SDK (Deutsch) (HKLM-x32\...\{EE8BD24B-75E1-4BBF-86B9-91FE16ADE71C}) (Version: 4.6.00081 - Microsoft Corporation)
Microsoft .NET Framework 4.6 SDK (HKLM-x32\...\{B5915D37-0637-4A26-A3AA-C5DC9F856370}) (Version: 4.6.00081 - Microsoft Corporation)
Microsoft .NET Framework 4.6 Targeting Pack (HKLM-x32\...\{2CC6A4A7-AAC2-46C9-9DBB-3727B5954F65}) (Version: 4.6.00081 - Microsoft Corporation)
Microsoft .NET Version Manager (x64) 1.0.0-beta5 (HKLM\...\{c5a4aba3-1aba-3ef8-b2d5-c3fa37f59738}) (Version: 1.0.10609.0 - Microsoft Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Help Viewer 2.2 (HKLM-x32\...\Microsoft Help Viewer 2.2) (Version: 2.2.23107 - Microsoft Corporation)
Microsoft Help Viewer 2.2 Sprachpaket - DEU (HKLM-x32\...\Microsoft Help Viewer 2.2 Sprachpaket - DEU) (Version: 2.2.23107 - Microsoft Corporation)
Microsoft Office 365 - de-de (HKLM\...\O365HomePremRetail - de-de) (Version: 15.0.4841.1002 - Microsoft Corporation)
Microsoft OneNote 2013 - de-de (HKLM\...\OneNoteFreeRetail - de-de) (Version: 15.0.4841.1002 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server 2012 Command Line Utilities  (HKLM\...\{F09DEB00-9F41-4BC9-BA81-9F131B12B3D5}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Native Client  (HKLM\...\{8E4BA1E5-54E8-41F0-919B-CD875B83CFCE}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server Compact 4.0 SP1 x64 DEU  (HKLM\...\{98225B15-ECF5-4645-B5AC-F8C5E869A5D5}) (Version: 4.0.8876.1 - Microsoft Corporation)
Microsoft SQL Server Data Tools - DEU (14.0.50616.0) (HKLM-x32\...\{FA604873-01A0-4834-AF87-418534E465BB}) (Version: 14.0.50616.0 - Microsoft Corporation)
Microsoft SQL Server*2014 Management Objects  (HKLM-x32\...\{4F4CB3E2-9D2F-465A-854B-8276B02F4E7D}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server*2014 Management Objects (x64) (HKLM\...\{03CB711D-679E-46ED-851B-C568418CF914}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server*2014 Transact-SQL ScriptDom  (HKLM\...\{F2A2DB39-2C5A-4764-AA0F-5AB112663FFA}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server*2014 T-SQL Language Service  (HKLM-x32\...\{06BE8B71-46C6-434B-869E-85C58EF3120A}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4048 (HKLM\...\{91415F19-4C22-3609-A105-92ED3522D83C}) (Version: 9.0.30729.4048 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4048 (HKLM-x32\...\{5B1F2843-B379-3FF2-B0D3-64DD143ED53A}) (Version: 9.0.30729.4048 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{9634d50a-0c4d-4f52-8a9f-894a2baae370}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{307a22b8-8353-4c5e-b67b-2404c5734558}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{90ffcee5-8608-4e94-8c18-a4feb4f83fb8}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{4fcf070a-daac-45e9-a8b0-6850941f7ed8}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23026 (HKLM-x32\...\{e46eca4f-393b-40df-9f49-076faf788d83}) (Version: 14.0.23026.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23026 (HKLM-x32\...\{74d0e5db-b326-4dae-a6b2-445b9de1836e}) (Version: 14.0.23026.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio Community 2015 (HKLM-x32\...\{5c2b89b0-08cc-492f-b086-21e4d6ae7be4}) (Version: 14.0.23107.10 - Microsoft Corporation)
Microsoft Web Deploy 3.6 (HKLM\...\{ED4CC1E5-043E-4157-8452-B5E533FE2BA1}) (Version: 3.1238.1955 - Microsoft Corporation)
Microsoft-System-CLR-Typen für SQL Server 2014 (HKLM\...\{63967E7E-5D53-42FA-A7B2-DC50FB0F976F}) (Version: 12.0.2402.11 - Microsoft Corporation)
Microsoft-System-CLR-Typen für SQL Server 2014 (HKLM-x32\...\{2ADB6B9D-83C6-494E-B8AE-E815956A4670}) (Version: 12.0.2402.11 - Microsoft Corporation)
Mit C# erstellte geräteübergreifende Hybrid-Apps - Vorlagen - DEU (x32 Version: 14.0.23107 - Microsoft Corporation) Hidden
Moffsoft FreeCalc (HKLM-x32\...\MoffFreeCalc_is1) (Version: 1.1 - Moffsoft)
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 48.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 48.0 (x86 de)) (Version: 48.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 45.2.0.6025 - Mozilla)
Mozilla Thunderbird 45.2.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 45.2.0 (x86 de)) (Version: 45.2.0 - Mozilla)
MyPhoneExplorer (HKLM-x32\...\MPE) (Version: 1.8.6 - F.J. Wechselberger)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.8.3 - Notepad++ Team)
Nuance PaperPort 14 (HKLM-x32\...\{C5C4D031-D616-49E7-BCD4-E99CF5872EB0}) (Version: 14.0.0000 - Nuance Communications, Inc.)
Nuance PDF Create 7 (HKLM\...\{CD7A262C-287E-41DD-A0F7-733856252C6B}) (Version: 7.10.2364 - Nuance Communications, Inc)
Nuance PDF Create 7 (HKLM-x32\...\{CD7A262C-287E-41DD-A0F7-733856252C6B}) (Version: 7.10.2364 - Nuance Communications, Inc)
Nuance PDF Viewer Plus (HKLM-x32\...\{042A6F10-F770-4886-A502-B795DCF2D3B5}) (Version: 7.10.3211 - Nuance Communications, Inc)
NVIDIA 3D Vision Controller-Treiber 352.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 352.65 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 359.00 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 359.00 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.7.4.10 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.7.4.10 - NVIDIA Corporation)
NVIDIA Grafiktreiber 359.00 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 359.00 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.34.4 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.4 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4841.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4841.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4841.1002 - Microsoft Corporation) Hidden
Old Calculator for Windows 10 (HKLM-x32\...\OldCalcForWin10) (Version: 1.0 - hxxp://winaero.com)
OpenOffice 4.1.1 (HKLM-x32\...\{ACD0FFF9-6B35-43C1-82DB-9FF6990E8602}) (Version: 4.11.9775 - Apache Software Foundation)
Opera Stable 39.0.2256.48 (HKLM-x32\...\Opera 39.0.2256.48) (Version: 39.0.2256.48 - Opera Software)
Paket zur Festlegung von Zielversionen für Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM-x32\...\{D5409B11-EF28-37A1-AE7A-6051A5BAD923}) (Version: 4.5.50932 - Microsoft Corporation)
Paket zur Festlegung von Zielversionen für Microsoft .NET Framework 4.5.1 RC für Windows Store-Apps (Deutsch) (x32 Version: 4.5.21005 - Microsoft Corporation) Hidden
Paket zur Festlegung von Zielversionen für Microsoft .NET Framework 4.5.2 (Deutsch) (HKLM-x32\...\{3F514FDC-F0F2-3B99-86D6-F7B3A2679B39}) (Version: 4.5.51209 - Microsoft Corporation)
Paket zur Festlegung von Zielversionen für Microsoft .NET Framework 4.6 (Deutsch) (HKLM-x32\...\{7227EFF8-BC26-44D4-B91D-969A82DBDF4A}) (Version: 4.6.00081 - Microsoft Corporation)
PaperPort Anywhere 1.1.4269.39023 powered by OfficeDrop (HKLM\...\{52357C6C-FE7F-4E8C-B045-EDE5146A1F9C}) (Version: 1.1.4269.39023 - OfficeDrop)
PaperPort Image Printer 64-bit (HKLM\...\{715CAACC-579B-4831-A5F4-A83A8DE3EFE2}) (Version: 14.00.0001 - Nuance Communications, Inc.)
PaperScan Free Edition (HKLM-x32\...\{41D1AD50-4276-4DAF-8AAB-5D97D75E47B3}) (Version: 1.5.5 - ORPALIS)
Podstawowe programy Windows Live (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
PreEmptive Analytics Client German Language Pack (x32 Version: 1.2.5134.1 - PreEmptive Solutions) Hidden
PreEmptive Analytics Visual Studio Components (x32 Version: 1.2.5134.1 - PreEmptive Solutions) Hidden
Python Tools 2.2 for Visual Studio 2015 (HKLM-x32\...\{DE3F045F-57D5-4DAF-A479-DB759047966B}) (Version: 2.2.30718.00 - Microsoft Corporation)
Raccolta foto (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.20.815.2013 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7535 - Realtek Semiconductor Corp.)
Roslyn Language Services - x86 (x32 Version: 14.0.23107 - Microsoft Corporation) Hidden
SafeZone Stable 1.51.2220.47 (x32 Version: 1.51.2220.47 - Avast Software) Hidden
Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.6.3.15075.2 - Samsung Electronics Co., Ltd.)
Samsung Kies (x32 Version: 2.6.3.15075.2 - Samsung Electronics Co., Ltd.) Hidden
Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.55.0 - Samsung Electronics Co., Ltd.)
Scansoft PDF Create (x32 Version:  - ) Hidden
Screen+ version Screen+ 1.2.1 (HKLM\...\Screen+_is1) (Version: Screen+ 1.2.1 - AOC)
SHIELD Streaming (Version: 4.1.0240 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.7.4.10 - NVIDIA Corporation) Hidden
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 8.3.0.9150 - Microsoft Corporation)
Skype™ 7.26 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.26.101 - Skype Technologies S.A.)
SmartOrder 2 (HKLM-x32\...\{7B4050B6-ACDA-458E-AA58-8E9EF8CE3B0D}) (Version: 2.00.0000 - ActivTrades)
SmartOrder2 (HKU\S-1-5-21-786549325-3828416840-1361333200-1001\...\824ffa957de8cbda) (Version: 2.0.0.64 - ActivTrades Plc)
SpeedCrunch 0.11 (HKLM-x32\...\SpeedCrunch_is1) (Version:  - SpeedCrunch)
Team Explorer for Microsoft Visual Studio 2015 (x32 Version: 14.0.23102 - Microsoft Corporation) Hidden
TeamViewer 10 (HKLM-x32\...\TeamViewer) (Version: 10.0.47484 - TeamViewer)
Test Tools for Microsoft Visual Studio 2015 (x32 Version: 14.0.23107 - Microsoft Corporation) Hidden
Trader Workstation (HKU\S-1-5-21-786549325-3828416840-1361333200-1001\...\5889-6375-8446-2021) (Version: latest (957.3f) 20160803 10:07:54 - Interactive Brokers LLC)
trotux - Uninstall (HKLM-x32\...\{116C7371-2252-4876-AF8C-2DD4A346677A}) (Version:  - ) <==== ACHTUNG
TypeScript Power Tool (x32 Version: 1.5.3.0 - Microsoft Corporation) Hidden
TypeScript Tools for Microsoft Visual Studio 2015 (x32 Version: 1.5.3.0 - Microsoft Corporation) Hidden
TypeScript Tools for Microsoft Visual Studio 2015 1.5.3.0 (HKLM-x32\...\{7f54b430-3428-4775-aeae-531e46185ec6}) (Version: 1.5.23115.0 - Microsoft Corporation)
Universal CRT Extension SDK (x32 Version: 10.0.10150 - Microsoft Corporation) Hidden
Universal CRT Headers Libraries and Sources (x32 Version: 10.0.10150 - Microsoft Corporation) Hidden
Universal CRT Redistributable (x32 Version: 10.0.10150 - Microsoft Corporation) Hidden
Universal CRT Tools x64 (Version: 10.0.10150 - Microsoft Corporation) Hidden
Universal CRT Tools x86 (x32 Version: 10.0.10150 - Microsoft Corporation) Hidden
Update for  (KB2504637) (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}.KB2504637) (Version: 1 - Microsoft Corporation)
Valokuvavalikoima (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
VLC media player (HKLM\...\VLC media player) (Version: 2.2.4 - VideoLAN)
WCF Data Services 5.6.4 DEU Language Pack (x32 Version: 5.6.62175.4 - Microsoft Corporation) Hidden
WCF Data Services 5.6.4 Runtime (x32 Version: 5.6.62175.4 - Microsoft Corporation) Hidden
WCF Data Services Tools for Microsoft Visual Studio 2015 (x32 Version: 5.6.62175.4 - Microsoft Corporation) Hidden
WCF Data Services Tools for Microsoft Visual Studio 2015 DEU Language Pack (x32 Version: 5.6.62175.4 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
WinPcap 4.1.3 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2980 - Riverbed Technology, Inc.)
WinRAR 5.31 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.31.0 - win.rar GmbH)
Wireshark 1.12.7 (64-bit) (HKLM-x32\...\Wireshark) (Version: 1.12.7 - The Wireshark developer community, hxxp://www.wireshark.org)
Yahoo Search Set (HKLM-x32\...\Yahoo! SearchSet) (Version:  - Yahoo Inc.)
Συλλογή φωτογραφιών (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-786549325-3828416840-1361333200-1001_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\Gert\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\FileCoAuth.exe (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-786549325-3828416840-1361333200-1001_Classes\CLSID\{84B5A313-CD5D-4904-8BA2-AFDC81C1B309}\InprocServer32 -> C:\Users\Gert\AppData\Local\Citrix\GoToMeeting\5174\G2MOutlookAddin64.dll (Citrix Online, a division of Citrix Systems, Inc.)

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {02D442EF-173A-42D0-A65E-331BB1BB6A59} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-05-21] (Google Inc.)
Task: {18A0AF1D-4611-4D3B-8B4F-00B6400C1214} - System32\Tasks\Driver Booster Scheduler => C:\Program Files (x86)\IObit\Driver Booster\Scheduler.exe [2016-07-28] (IObit)
Task: {1F6D72B1-4341-4AA4-BB85-3844E0631FF6} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2016-06-14] (Microsoft Corporation)
Task: {246380EB-8E3E-493E-BC48-FA8A1B69ACD1} - System32\Tasks\Driver Booster SkipUAC (Gert) => C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe [2016-07-28] (IObit)
Task: {2E5DA384-DA64-42E1-A333-E9F043E94FCE} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2016-07-13] (Microsoft Corporation)
Task: {32C849FE-B7FF-43C6-A305-CBBD90372487} - System32\Tasks\avastBCLRestart_chrome.exe => Chrome.exe
Task: {3F7070CC-3319-45E9-BC4B-7046531EFC83} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-05-21] (Google Inc.)
Task: {40078ADC-474C-49DB-B8AB-4660A2784746} - System32\Tasks\G2MUpdateTask-S-1-5-21-786549325-3828416840-1361333200-1001 => C:\Users\Gert\AppData\Local\Citrix\GoToMeeting\5174\g2mupdate.exe [2016-07-03] (Citrix Online, a division of Citrix Systems, Inc.)
Task: {42950795-0B49-498E-8646-54FF717E9370} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx86\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe [2016-06-14] (Microsoft Corporation)
Task: {45028766-F62D-42A2-A58C-776892C2E4A3} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Keine Datei <==== ACHTUNG
Task: {52C97040-C402-4AAF-B802-0388B0410C3A} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG
Task: {5638C73A-9FBC-495B-A0B2-12493DFACA12} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Keine Datei <==== ACHTUNG
Task: {5CA3A75A-1773-47DF-A8FF-F8AEED6A23E0} - System32\Tasks\PDVDServ12 Task => C:\Program Files (x86)\CyberLink\PowerDVD12\PDVD12Serv.exe [2014-11-04] (CyberLink Corp.)
Task: {63A9C8CE-68E8-41FD-AFE6-539D3B860FCF} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2015-08-21] (Dropbox, Inc.)
Task: {69A59633-A9FC-4517-AB8F-5C43E68F0CE8} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine Datei <==== ACHTUNG
Task: {6B9BC558-6B22-461C-BEAF-8B6AE00CBCC8} - System32\Tasks\Microsoft\Windows\Application Experience\RenewalService => C:\ProgramData\RenewalService\Renewal.exe [2016-07-09] ()
Task: {6C5094CA-1BAB-4697-9503-B0A6895B92CB} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2016-06-14] (Microsoft Corporation)
Task: {886EDD44-6275-441E-AE0B-D2E17B1299E9} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Keine Datei <==== ACHTUNG
Task: {8BB7F7F0-0D42-4CDF-8F9C-9CFD2AF252E7} - System32\Tasks\G2MUploadTask-S-1-5-21-786549325-3828416840-1361333200-1001 => C:\Users\Gert\AppData\Local\Citrix\GoToMeeting\5174\g2mupload.exe [2016-07-03] (Citrix Online, a division of Citrix Systems, Inc.)
Task: {8DA51E2C-0866-436D-9CA6-21C8DA5A60BA} - System32\Tasks\b2929b72a96a471893ecaa9c51368bae => C:\Program Files (x86)\dkx3EB2\4v83EE1.bat [2016-08-07] ()
Task: {963E48CD-D8FC-4785-93C2-7FC6292DBE02} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei <==== ACHTUNG
Task: {A01F177D-FBCE-47D1-9659-BE4E4B182BA1} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Keine Datei <==== ACHTUNG
Task: {A3A4CAC5-A305-4846-8448-B5D3C9246AFD} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Keine Datei <==== ACHTUNG
Task: {B0045424-C03F-4EF5-8BEB-6CDD7101F984} - System32\Tasks\avast! Emergency Update => D:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2016-08-08] (AVAST Software)
Task: {BA6F1E57-7D82-46E3-8D5A-06E860EB9388} - System32\Tasks\SafeZone scheduled Autoupdate 1452960773 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe [2016-07-25] (Avast Software)
Task: {C189D7D0-35FD-4E74-B4F8-F3B135492FDD} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> Keine Datei <==== ACHTUNG
Task: {D0AC9D16-3CF1-4BFC-929D-ED0DF0657043} - System32\Tasks\Opera scheduled Autoupdate 1465454234 => C:\Program Files (x86)\Opera\launcher.exe [2016-08-03] (Opera Software)
Task: {D46F9378-60EC-4924-854D-5A63E95E9D52} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG
Task: {D59E0B2E-EA9F-479F-B9D1-DB59809B7314} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Keine Datei <==== ACHTUNG
Task: {DC1967DD-7EA7-4555-B7BD-0114B7B255C5} - System32\Tasks\Anaqeght Builder => C:\Program Files (x86)\Ckhile\Anqbuilderchr.exe [2016-08-07] ()
Task: {F59DFEA1-34A0-406D-8ED0-A7575DA68DFF} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-06-25] (Adobe Systems Incorporated)
Task: {F5E306E1-AAEE-48E6-ACB7-94ADCAA45C62} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2015-08-21] (Dropbox, Inc.)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\G2MUpdateTask-S-1-5-21-786549325-3828416840-1361333200-1001.job => C:\Users\Gert\AppData\Local\Citrix\GoToMeeting\5174\g2mupdate.exe
Task: C:\WINDOWS\Tasks\G2MUploadTask-S-1-5-21-786549325-3828416840-1361333200-1001.job => C:\Users\Gert\AppData\Local\Citrix\GoToMeeting\5174\g2mupload.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

ShortcutWithArgument: C:\Users\Gert\Desktop\Google Notizen – Notizen & Listen.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) ->  --profile-directory=Default --app-id=hmjkmjkepdijhoojdojkdfohbdgmmhki
ShortcutWithArgument: C:\Users\Gert\Desktop\Hofer - yesss!.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://www.yesss.at
ShortcutWithArgument: C:\Users\Gert\Desktop\Hofer Reisen.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://www.hofer-reisen.at/business/ers?WT.z_src=main
ShortcutWithArgument: C:\Users\Gert\Desktop\Hofer Startseite.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://www.hofer.at
ShortcutWithArgument: C:\Users\Gert\Desktop\Profil 1 - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 1"
ShortcutWithArgument: C:\Users\Gert\Desktop\Standardprofil - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 2"
ShortcutWithArgument: C:\Users\Gert\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome-Apps\DeviceOnline UPnP_DLNA MC.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) ->  --profile-directory=Default --app-id=ecedelmnmfbcnhomndfjadaeldibhdog
ShortcutWithArgument: C:\Users\Gert\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome-Apps\Google Notizen – Notizen & Listen.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) ->  --profile-directory=Default --app-id=hmjkmjkepdijhoojdojkdfohbdgmmhki
ShortcutWithArgument: C:\Users\Gert\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome-Apps\PDF Viewer.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) ->  --profile-directory=Default --app-id=jccchjobcggajhnmckffhcahkkbioifn
ShortcutWithArgument: C:\Users\Gert\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Notizen – Notizen & Listen.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) ->  --profile-directory=Default --app-id=hmjkmjkepdijhoojdojkdfohbdgmmhki
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MEDIONhome.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://www.medion.com
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Welcome.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://www.aldi.com
ShortcutWithArgument: C:\Users\Public\Desktop\eBay.at.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://rover.ebay.com/rover/1/5221-154549-44482-8/4

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2015-10-30 09:18 - 2015-10-30 09:18 - 00185856 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2015-12-22 04:47 - 2015-11-14 08:20 - 00116528 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2014-04-16 12:22 - 2014-04-16 10:22 - 00029184 _____ () C:\WINDOWS\System32\usp02l.dll
2015-06-18 18:39 - 2016-05-24 09:51 - 00116416 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2015-03-30 13:26 - 2013-03-06 15:42 - 00389896 _____ () C:\Program Files\CyberLink\Shared files\RichVideo64.exe
2016-07-13 13:16 - 2016-07-01 06:48 - 02656408 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2016-07-13 13:16 - 2016-07-01 06:48 - 02656408 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2016-06-29 18:11 - 2016-06-29 18:11 - 00959168 _____ () C:\Users\Gert\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64\ClientTelemetry.dll
2016-04-19 15:15 - 2016-04-19 15:15 - 00144384 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe
2015-12-22 04:44 - 2015-12-22 04:44 - 00093696 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\Windows.UI.Shell.SharedUtilities.dll
2016-07-13 13:17 - 2016-07-01 05:48 - 00472064 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2016-07-13 13:16 - 2016-07-01 05:27 - 07992832 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2016-07-13 13:16 - 2016-07-01 05:21 - 00591360 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-07-13 13:16 - 2016-07-01 05:22 - 02483200 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2016-07-13 13:16 - 2016-07-01 05:24 - 04089856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2016-08-08 10:58 - 2016-08-08 10:58 - 00169064 _____ () D:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2016-08-07 12:23 - 2016-08-07 12:23 - 03012096 _____ () D:\Program Files\AVAST Software\Avast\defs\16080700\algo.dll
2016-08-08 10:58 - 2016-08-08 10:58 - 00482928 _____ () D:\Program Files\AVAST Software\Avast\ffl2.dll
2015-11-21 10:50 - 2015-11-12 20:39 - 00012080 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2016-04-19 15:15 - 2016-04-19 15:15 - 00141312 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeBackgroundTasks.dll
2016-04-19 15:15 - 2016-04-19 15:15 - 22284800 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkyWrap.dll
2016-04-19 15:15 - 2016-04-19 15:15 - 02941440 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\MessagingNativeCore.dll
2016-04-19 15:15 - 2016-04-19 15:15 - 00583168 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\MessagingEntityExtractionProxy.dll
2016-04-19 15:15 - 2016-04-19 15:15 - 01300992 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\MessagingNativeBase.dll
2015-07-09 07:32 - 2016-02-23 10:10 - 00325824 _____ () C:\Program Files\Microsoft Office 15\root\office15\AppVIsvStream32.dll
2016-07-02 18:44 - 2016-07-02 18:44 - 48936448 _____ () D:\Program Files\AVAST Software\Avast\libcef.dll
2015-12-14 19:05 - 2016-06-30 04:25 - 00035792 _____ () C:\Program Files (x86)\Dropbox\Client\_multiprocessing.pyd
2016-08-06 14:06 - 2016-06-30 04:25 - 00145864 _____ () C:\Program Files (x86)\Dropbox\Client\pyexpat.pyd
2016-08-06 14:06 - 2016-06-30 04:26 - 00019408 _____ () C:\Program Files (x86)\Dropbox\Client\faulthandler.pyd
2016-08-06 14:06 - 2016-06-30 04:25 - 00116688 _____ () C:\Program Files (x86)\Dropbox\Client\pywintypes27.dll
2015-12-14 19:05 - 2016-06-30 04:25 - 00100296 _____ () C:\Program Files (x86)\Dropbox\Client\_ctypes.pyd
2015-12-14 19:05 - 2016-06-30 04:25 - 00018888 _____ () C:\Program Files (x86)\Dropbox\Client\select.pyd
2015-12-14 19:05 - 2016-08-01 23:27 - 00019760 _____ () C:\Program Files (x86)\Dropbox\Client\tornado.speedups.pyd
2015-12-14 19:05 - 2016-06-30 04:25 - 00694224 _____ () C:\Program Files (x86)\Dropbox\Client\unicodedata.pyd
2016-08-06 14:06 - 2016-08-01 23:26 - 00020816 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._constant_time.pyd
2015-12-14 19:05 - 2016-06-30 04:26 - 00123856 _____ () C:\Program Files (x86)\Dropbox\Client\_cffi_backend.pyd
2016-08-06 14:06 - 2016-08-01 23:26 - 01682760 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._openssl.pyd
2016-08-06 14:06 - 2016-08-01 23:26 - 00020808 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._padding.pyd
2016-08-06 14:06 - 2016-08-01 23:27 - 00021312 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.crt.compiled._winffi_crt.pyd
2016-08-06 14:06 - 2016-08-01 23:27 - 00052024 _____ () C:\Program Files (x86)\Dropbox\Client\psutil._psutil_windows.pyd
2016-08-06 14:06 - 2016-08-01 23:27 - 00038696 _____ () C:\Program Files (x86)\Dropbox\Client\fastpath.pyd
2015-12-14 19:05 - 2016-06-30 04:27 - 00105928 _____ () C:\Program Files (x86)\Dropbox\Client\win32api.pyd
2016-08-06 14:06 - 2016-06-30 04:25 - 00392144 _____ () C:\Program Files (x86)\Dropbox\Client\pythoncom27.dll
2016-08-06 14:06 - 2016-06-30 04:27 - 00020936 _____ () C:\Program Files (x86)\Dropbox\Client\mmapfile.pyd
2015-12-14 19:05 - 2016-06-30 04:27 - 00024528 _____ () C:\Program Files (x86)\Dropbox\Client\win32event.pyd
2015-12-14 19:05 - 2016-06-30 04:27 - 00114640 _____ () C:\Program Files (x86)\Dropbox\Client\win32security.pyd
2015-12-14 19:05 - 2016-08-01 23:27 - 00381752 _____ () C:\Program Files (x86)\Dropbox\Client\win32com.shell.shell.pyd
2015-12-14 19:05 - 2016-06-30 04:27 - 00124880 _____ () C:\Program Files (x86)\Dropbox\Client\win32file.pyd
2016-08-06 14:06 - 2016-08-01 23:27 - 00025424 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.kernel32.compiled._winffi_kernel32.pyd
2015-12-14 19:05 - 2016-06-30 04:27 - 00024016 _____ () C:\Program Files (x86)\Dropbox\Client\win32clipboard.pyd
2015-12-14 19:05 - 2016-06-30 04:27 - 00175560 _____ () C:\Program Files (x86)\Dropbox\Client\win32gui.pyd
2015-12-14 19:05 - 2016-06-30 04:27 - 00030160 _____ () C:\Program Files (x86)\Dropbox\Client\win32pipe.pyd
2015-12-14 19:05 - 2016-06-30 04:27 - 00043472 _____ () C:\Program Files (x86)\Dropbox\Client\win32process.pyd
2015-12-14 19:05 - 2016-06-30 04:27 - 00048592 _____ () C:\Program Files (x86)\Dropbox\Client\win32service.pyd
2016-08-06 14:06 - 2016-08-01 23:27 - 00026456 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox.infinite.win.compiled._driverinstallation.pyd
2015-12-14 19:05 - 2016-06-30 04:27 - 00057808 _____ () C:\Program Files (x86)\Dropbox\Client\win32evtlog.pyd
2015-12-14 19:05 - 2016-06-30 04:27 - 00024016 _____ () C:\Program Files (x86)\Dropbox\Client\win32profile.pyd
2016-08-06 14:06 - 2016-08-01 23:26 - 00246592 _____ () C:\Program Files (x86)\Dropbox\Client\breakpad.client.windows.handler.pyd
2015-12-14 19:05 - 2016-06-30 04:27 - 00028616 _____ () C:\Program Files (x86)\Dropbox\Client\win32ts.pyd
2016-02-19 09:05 - 2016-08-01 23:27 - 00020800 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.iphlpapi._winffi_iphlpapi.pyd
2016-02-19 09:05 - 2016-08-01 23:27 - 00019776 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.winerror._winffi_winerror.pyd
2016-02-19 09:05 - 2016-08-01 23:27 - 00020800 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.wininet._winffi_wininet.pyd
2015-12-14 19:05 - 2016-06-30 04:25 - 00144848 _____ () C:\Program Files (x86)\Dropbox\Client\_elementtree.pyd
2016-08-06 14:06 - 2016-06-30 04:26 - 00241104 _____ () C:\Program Files (x86)\Dropbox\Client\_jpegtran.pyd
2016-08-06 14:06 - 2016-08-01 23:26 - 00020280 _____ () C:\Program Files (x86)\Dropbox\Client\cpuid.compiled._cpuid.pyd
2015-12-14 19:05 - 2016-08-01 23:27 - 00023376 _____ () C:\Program Files (x86)\Dropbox\Client\winscreenshot.compiled._CaptureScreenshot.pyd
2015-12-14 19:05 - 2016-06-30 04:27 - 00350152 _____ () C:\Program Files (x86)\Dropbox\Client\winxpgui.pyd
2016-02-19 09:05 - 2016-08-01 23:27 - 00022352 _____ () C:\Program Files (x86)\Dropbox\Client\winverifysignature.compiled._VerifySignature.pyd
2016-08-06 14:06 - 2016-08-01 23:27 - 00024392 _____ () C:\Program Files (x86)\Dropbox\Client\librsyncffi.compiled._librsyncffi.pyd
2016-08-06 14:06 - 2016-06-30 04:28 - 00036296 _____ () C:\Program Files (x86)\Dropbox\Client\librsync.dll
2016-08-06 14:06 - 2016-08-01 23:27 - 00031568 _____ () C:\Program Files (x86)\Dropbox\Client\enterprise_data.compiled._enterprise_data.pyd
2016-08-06 14:06 - 2016-08-01 23:17 - 00293392 _____ () C:\Program Files (x86)\Dropbox\Client\EnterpriseDataAdapter.dll
2016-08-06 14:06 - 2016-08-01 23:27 - 00084280 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_sqlite_ext.DLL
2016-08-06 14:06 - 2016-08-01 23:27 - 01826096 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtCore.pyd
2015-12-14 19:05 - 2016-06-30 04:26 - 00083912 _____ () C:\Program Files (x86)\Dropbox\Client\sip.pyd
2016-08-06 14:06 - 2016-08-01 23:27 - 03929392 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWidgets.pyd
2016-08-06 14:06 - 2016-08-01 23:27 - 01972016 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtGui.pyd
2016-08-06 14:06 - 2016-08-01 23:27 - 00531248 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtNetwork.pyd
2016-08-06 14:06 - 2016-08-01 23:27 - 00132912 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKit.pyd
2016-08-06 14:06 - 2016-08-01 23:27 - 00224056 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKitWidgets.pyd
2016-08-06 14:06 - 2016-08-01 23:27 - 00207672 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtPrintSupport.pyd
2016-08-06 14:06 - 2016-08-01 23:27 - 00020288 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.user32._winffi_user32.pyd
2016-04-16 08:38 - 2016-08-01 23:27 - 00037192 _____ () C:\Program Files (x86)\Dropbox\Client\windisplaytoast.compiled._DisplayToast.pyd
2015-12-14 19:05 - 2016-06-30 04:27 - 00060880 _____ () C:\Program Files (x86)\Dropbox\Client\win32print.pyd
2016-08-06 14:06 - 2016-08-01 23:27 - 00024904 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.winhttp.compiled._winffi_winhttp.pyd
2016-08-06 14:06 - 2016-08-01 23:27 - 00546096 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQuick.pyd
2016-08-06 14:06 - 2016-08-01 23:27 - 00357680 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQml.pyd
2016-08-06 14:06 - 2016-08-01 23:27 - 00168248 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebEngineWidgets.pyd
2016-08-06 14:06 - 2016-08-01 23:27 - 00042808 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebChannel.pyd
2016-06-20 15:45 - 2016-06-15 11:15 - 01745560 _____ () C:\Program Files (x86)\Google\Chrome\Application\51.0.2704.103\libglesv2.dll
2016-06-20 15:45 - 2016-06-15 11:15 - 00091288 _____ () C:\Program Files (x86)\Google\Chrome\Application\51.0.2704.103\libegl.dll
2015-03-30 11:05 - 2014-07-02 11:20 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2016-07-13 04:49 - 2016-07-06 18:01 - 17602240 _____ () C:\Users\Gert\AppData\Local\Google\Chrome\User Data\PepperFlash\22.0.0.209\pepflashplayer.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)


==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)


==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2013-08-22 15:25 - 2016-08-07 11:48 - 00000856 ____A C:\WINDOWS\system32\Drivers\etc\hosts

127.0.0.1 clients2.google.com

==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-786549325-3828416840-1361333200-1001\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\web\wallpaper\Windows\img0.jpg
DNS Servers: 10.0.0.138
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKLM\...\StartupApproved\Run32: => "KiesTrayAgent"
HKU\S-1-5-21-786549325-3828416840-1361333200-1001\...\StartupApproved\Run: => "Skype"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{BD7EF9EE-C208-452A-B64E-976DE2A01E79}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{776BEA55-1ACE-462D-ADF2-25199604AD8A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{72726043-6124-4856-B0EF-0D94E46F2975}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{C18E62CC-72E3-4BA3-8825-7559E94F5DA7}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{5673F4F5-76A4-4B42-9845-8100C3A1B993}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{DD89C6AD-0D88-44AE-A88E-C11F334F4544}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{430F60AD-26CB-423E-BA3F-402D31AB4C62}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{2B4AEFDB-EFAC-47C5-8A28-B5F3BF6B8D36}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{EB4E9C85-9545-45E1-A2F0-90CD3ED5444C}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{EF164B4A-D028-4C18-9DAD-AD05371418D3}] => (Allow) C:\Program Files\MetaTrader 5 - ActivTrades\metatester64.exe
FirewallRules: [UDP Query User{20C1C31D-16C9-4C93-A1D4-ACD41849E56E}C:\program files (x86)\skype\phone\skype.exe] => (Block) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [TCP Query User{B1AA4987-5E59-45AB-B6AA-40642B0B4796}C:\program files (x86)\skype\phone\skype.exe] => (Block) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{96D760D9-F5BA-432F-9B01-2C9717E4FD3A}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [TCP Query User{11A1DDA1-E5D2-4AC6-80BD-D4067F601C33}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{BD628FA6-8DC4-48FC-B043-D7129C540A7D}C:\program files (x86)\metatrader - activtrades\terminal.exe] => (Allow) C:\program files (x86)\metatrader - activtrades\terminal.exe
FirewallRules: [TCP Query User{7B0290AD-EA22-4878-86E9-5773883EB82F}C:\program files (x86)\metatrader - activtrades\terminal.exe] => (Allow) C:\program files (x86)\metatrader - activtrades\terminal.exe
FirewallRules: [{FA51E67D-507C-4CCD-90BA-89AC2A6F8588}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{ADEB4460-7E4F-46A3-8008-58B4CF70731C}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{EA920F8F-70DD-4F0C-ABA4-42DF47F01E63}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{696A5B67-8E20-4912-ADCE-0719B8DA8ABE}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [UDP Query User{3637885C-9F4F-4D06-B63F-02BEAFA1F29D}C:\program files (x86)\metatrader - activtrades\terminal.exe] => (Allow) C:\program files (x86)\metatrader - activtrades\terminal.exe
FirewallRules: [TCP Query User{D39FAABE-F201-4B7F-8800-3241951BB07B}C:\program files (x86)\metatrader - activtrades\terminal.exe] => (Allow) C:\program files (x86)\metatrader - activtrades\terminal.exe
FirewallRules: [UDP Query User{7683C440-E32A-4876-9A57-F3A24B2546E4}D:\program files (x86)\myphoneexplorer\myphoneexplorer.exe] => (Allow) D:\program files (x86)\myphoneexplorer\myphoneexplorer.exe
FirewallRules: [TCP Query User{1867BBB0-FCE5-4118-B0A1-BAA2095FA88A}D:\program files (x86)\myphoneexplorer\myphoneexplorer.exe] => (Allow) D:\program files (x86)\myphoneexplorer\myphoneexplorer.exe
FirewallRules: [UDP Query User{59A4E706-68B5-40DD-95F2-A80906233D66}C:\users\gert\appdata\local\logmein rescue applet\lmir0001.tmp\lmi_rescue.exe] => (Allow) C:\users\gert\appdata\local\logmein rescue applet\lmir0001.tmp\lmi_rescue.exe
FirewallRules: [TCP Query User{08660CC5-24F8-4531-8561-6D452EF5CCA7}C:\users\gert\appdata\local\logmein rescue applet\lmir0001.tmp\lmi_rescue.exe] => (Allow) C:\users\gert\appdata\local\logmein rescue applet\lmir0001.tmp\lmi_rescue.exe
FirewallRules: [{096DFC34-12BD-434C-AD70-F47D88536B8C}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{9DE07622-811F-4EA1-BC55-60F955CB6752}] => (Allow) LPort=2869
FirewallRules: [{3EBD42D7-5C51-425C-B78C-10AD1560FE28}] => (Allow) LPort=1900
FirewallRules: [{9498DBBD-AAF0-403F-9F63-2FC7116A9E22}] => (Allow) C:\Program Files\CyberLink\PowerDirector11\PDR10.EXE
FirewallRules: [{9B7818CF-6CD6-4493-A95B-05D8D255CE59}] => (Allow) C:\Users\Gert\AppData\Local\Chromium\Application\chrome.exe
FirewallRules: [{271E7290-4867-4307-9EC0-960EA7C1B3FC}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{5F2DF261-F751-424C-A53D-87AF6F1BC5A9}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{4C527049-A6A4-494E-81D1-C846906AA8A2}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\outlook.exe
FirewallRules: [{CA2E7379-E9F4-4F05-8470-273309272383}] => (Allow) C:\Users\Gert\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
FirewallRules: [{650D7B57-BE91-4331-9230-3772E8A467C2}] => (Allow) C:\Users\Gert\AppData\Local\Microsoft\OneDrive\OneDrive.exe
FirewallRules: [UDP Query User{4795D04E-6097-4F00-ACC0-9581BC1F4A4D}D:\program files (x86)\skype\phone\skype.exe] => (Allow) D:\program files (x86)\skype\phone\skype.exe
FirewallRules: [TCP Query User{7CD7E720-E170-4B5E-A4EC-2DAFB4D978CC}D:\program files (x86)\myphoneexplorer\myphoneexplorer.exe] => (Allow) D:\program files (x86)\myphoneexplorer\myphoneexplorer.exe
FirewallRules: [UDP Query User{49C350EA-09FC-42E9-8C83-35E96EA20864}D:\program files (x86)\myphoneexplorer\myphoneexplorer.exe] => (Allow) D:\program files (x86)\myphoneexplorer\myphoneexplorer.exe
FirewallRules: [{CB0E9E29-2440-454F-BE5C-6BADD5DB4C3B}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{47ACB9DB-2FE2-4FCA-A537-2D1154E7945D}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{3279867F-89BE-4C06-9DD7-BF58DA5E93B3}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{B328C500-AC5C-4FDC-89DB-B8E27E0C0DC2}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [TCP Query User{9E002255-0760-4272-9B9B-247610CF9000}D:\program files (x86)\skype\phone\skype.exe] => (Block) D:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{24F5EFE0-1E1A-4067-80C6-7260AC9005B1}D:\program files (x86)\skype\phone\skype.exe] => (Block) D:\program files (x86)\skype\phone\skype.exe
FirewallRules: [{33E4E1FE-5EE0-4B7C-B11F-DB162353A542}] => (Allow) D:\Programme (x86)\Microsoft Visual Studio 14.0\Common7\IDE\devenv.exe
FirewallRules: [{A08F13BA-B656-4C7F-BD76-84F8F1FDFAB4}] => (Allow) D:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
FirewallRules: [{0AAD0090-D5B3-4716-AFFE-929F50ECA141}] => (Allow) D:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
FirewallRules: [{873BFA34-01E3-4C69-9F63-03D1A5336D04}] => (Allow) D:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
FirewallRules: [{7A832B69-8158-4600-AC10-14A981C17E67}] => (Allow) D:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
FirewallRules: [{BC193ADB-9FF5-45C4-806E-A059AB5F90CA}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{F9E9A573-7E85-461E-810B-9070B9CEAB3B}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe

==================== Wiederherstellungspunkte =========================

ACHTUNG: Systemwiederherstellung ist deaktiviert

==================== Fehlerhafte Geräte im Gerätemanager =============


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (08/08/2016 10:55:35 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: IEXPLORE.EXE, Version: 11.0.10586.494, Zeitstempel: 0x5775e39f
Name des fehlerhaften Moduls: IEFRAME.dll, Version: 11.0.10586.494, Zeitstempel: 0x5775e197
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000a7516
ID des fehlerhaften Prozesses: 0x2b6c
Startzeit der fehlerhaften Anwendung: 0xIEXPLORE.EXE0
Pfad der fehlerhaften Anwendung: IEXPLORE.EXE1
Pfad des fehlerhaften Moduls: IEXPLORE.EXE2
Berichtskennung: IEXPLORE.EXE3
Vollständiger Name des fehlerhaften Pakets: IEXPLORE.EXE4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: IEXPLORE.EXE5

Error: (08/07/2016 08:21:31 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm chrome.exe, Version 51.0.2704.103 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Systemsteuerung "Sicherheit und Wartung", um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 24f0

Startzeit: 01d1f0d8490cbcf4

Beendigungszeit: 4294967295

Anwendungspfad: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

Berichts-ID: c118e534-5ccb-11e6-82e1-448a5b922752

Vollständiger Name des fehlerhaften Pakets:

Auf das fehlerhafte Paket bezogene Anwendungs-ID:

Error: (08/07/2016 12:49:12 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "PDR.X,type="win32",version="1.0.0.0"1".
Die abhängige Assemblierung "PDR.X,type="win32",version="1.0.0.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (08/07/2016 12:49:12 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "PDR.X,type="win32",version="1.0.0.0"1".
Die abhängige Assemblierung "PDR.X,type="win32",version="1.0.0.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (08/07/2016 12:49:12 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="arm",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Die abhängige Assemblierung "Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="arm",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (08/07/2016 11:49:53 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "PDR.X,type="win32",version="1.0.0.0"1".
Die abhängige Assemblierung "PDR.X,type="win32",version="1.0.0.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (08/07/2016 11:49:53 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "PDR.X,type="win32",version="1.0.0.0"1".
Die abhängige Assemblierung "PDR.X,type="win32",version="1.0.0.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (08/07/2016 11:49:53 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="arm",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Die abhängige Assemblierung "Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="arm",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (08/04/2016 09:19:03 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "PDR.X,type="win32",version="1.0.0.0"1".
Die abhängige Assemblierung "PDR.X,type="win32",version="1.0.0.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (08/04/2016 09:19:03 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "PDR.X,type="win32",version="1.0.0.0"1".
Die abhängige Assemblierung "PDR.X,type="win32",version="1.0.0.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".


Systemfehler:
=============
Error: (08/08/2016 11:33:47 AM) (Source: DCOM) (EventID: 10016) (User: Haupt-PC)
Description: ComputerstandardLokalAktivierung{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}Haupt-PCGertS-1-5-21-786549325-3828416840-1361333200-1001LocalHost (unter Verwendung von LRPC)Microsoft.Windows.Cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewyS-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742

Error: (08/08/2016 11:33:47 AM) (Source: DCOM) (EventID: 10016) (User: Haupt-PC)
Description: ComputerstandardLokalAktivierung{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}Haupt-PCGertS-1-5-21-786549325-3828416840-1361333200-1001LocalHost (unter Verwendung von LRPC)Microsoft.Windows.Cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewyS-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742

Error: (08/08/2016 11:33:47 AM) (Source: DCOM) (EventID: 10016) (User: Haupt-PC)
Description: ComputerstandardLokalAktivierung{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}Haupt-PCGertS-1-5-21-786549325-3828416840-1361333200-1001LocalHost (unter Verwendung von LRPC)Microsoft.Windows.Cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewyS-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742

Error: (08/08/2016 11:33:47 AM) (Source: DCOM) (EventID: 10016) (User: Haupt-PC)
Description: ComputerstandardLokalAktivierung{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}Haupt-PCGertS-1-5-21-786549325-3828416840-1361333200-1001LocalHost (unter Verwendung von LRPC)Microsoft.Windows.Cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewyS-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742

Error: (08/08/2016 11:33:09 AM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10000) (User: NT-AUTORITÄT)
Description: Das WLAN-Erweiterungsmodul konnte nicht gestartet werden.

Modulpfad: C:\WINDOWS\system32\Rtlihvs.dll
Fehlercode: 126

Error: (08/08/2016 11:32:23 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Synchronisierungshost_3c36e" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (08/08/2016 11:32:23 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalAktivierung{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (08/08/2016 11:18:33 AM) (Source: DCOM) (EventID: 10016) (User: Haupt-PC)
Description: ComputerstandardLokalAktivierung{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}Haupt-PCGertS-1-5-21-786549325-3828416840-1361333200-1001LocalHost (unter Verwendung von LRPC)Microsoft.Windows.Cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewyS-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742

Error: (08/08/2016 11:18:33 AM) (Source: DCOM) (EventID: 10016) (User: Haupt-PC)
Description: ComputerstandardLokalAktivierung{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}Haupt-PCGertS-1-5-21-786549325-3828416840-1361333200-1001LocalHost (unter Verwendung von LRPC)Microsoft.Windows.Cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewyS-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742

Error: (08/08/2016 11:18:33 AM) (Source: DCOM) (EventID: 10016) (User: Haupt-PC)
Description: ComputerstandardLokalAktivierung{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}Haupt-PCGertS-1-5-21-786549325-3828416840-1361333200-1001LocalHost (unter Verwendung von LRPC)Microsoft.Windows.Cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewyS-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742


CodeIntegrity:
===================================
  Date: 2016-07-15 15:55:40.043
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-07-14 18:38:27.853
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-07-14 03:45:38.744
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-06-22 10:36:12.479
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-06-20 15:05:52.302
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-06-16 17:19:23.484
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-05-15 10:07:54.934
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-05-12 03:32:08.582
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-05-11 09:05:59.834
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-04-14 13:45:30.401
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.


==================== Speicherinformationen ===========================

Prozessor: Intel(R) Core(TM) i7-4790 CPU @ 3.60GHz
Prozentuale Nutzung des RAM: 40%
Installierter physikalischer RAM: 8148.29 MB
Verfügbarer physikalischer RAM: 4840.9 MB
Summe virtueller Speicher: 21972.29 MB
Verfügbarer virtueller Speicher: 18248.37 MB

==================== Laufwerke ================================

Drive c: (Boot) (Fixed) (Total:117.09 GB) (Free:51.33 GB) NTFS
Drive d: (Data) (Fixed) (Total:871 GB) (Free:820.77 GB) NTFS
Drive e: (Recover) (Fixed) (Total:60.51 GB) (Free:42.61 GB) NTFS
Drive g: (User Guide) (CDROM) (Total:0.13 GB) (Free:0 GB) CDFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (Size: 119.2 GB) (Disk ID: 0DF9E840)

Partition: GPT.

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 0DF9E827)
Partition 1: (Not Active) - (Size=871 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=60.5 GB) - (Type=07 NTFS)

==================== Ende von Addition.txt ============================
malwarebytes.txt:
Code:
Malwarebytes Anti-Malware
www.malwarebytes.org

Suchlaufdatum: 08.08.2016
Suchlaufzeit: 12:04
Protokolldatei: malwarebytes.txt
Administrator: Ja

Version: 2.2.1.1043
Malware-Datenbank: v2016.08.08.03
Rootkit-Datenbank: v2016.05.27.01
Lizenz: Testversion
Malware-Schutz: Aktiviert
Schutz vor bösartigen Websites: Aktiviert
Selbstschutz: Deaktiviert

Betriebssystem: Windows 10
CPU: x64
Dateisystem: NTFS
Benutzer: Gert

Suchlauftyp: Bedrohungssuchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 423985
Abgelaufene Zeit: 6 Min., 12 Sek.

Speicher: Aktiviert
Start: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(keine bösartigen Elemente erkannt)

Module: 0
(keine bösartigen Elemente erkannt)

Registrierungsschlüssel: 13
PUP.Optional.HohoSearch, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\Anqbuilderrts.exe, , [c8db14343c5ea78fa4a06f7707faf60a],
PUP.Optional.Elex, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{8DA51E2C-0866-436D-9CA6-21C8DA5A60BA}, , [e2c1cc7c23771d19d6ead8e79e66b749],
PUP.Optional.Elex, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{DC1967DD-7EA7-4555-B7BD-0114B7B255C5}, , [990a5cec1e7cea4c4d61298bb1535aa6],
PUP.Optional.Elex, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\Anaqeght Builder, , [6e353d0b66342c0a545d288c7a8a27d9],
PUP.Optional.Elex, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\b2929b72a96a471893ecaa9c51368bae, , [6241fe4a88120135aa18ab149470946c],
PUP.Optional.Trotux, HKLM\SOFTWARE\MOZILLA\FIREFOX\{EB52F1AB-3C2B-424F-9794-833C687025CF}, , [e6bda5a36e2cc472747522a7d82a35cb],
PUP.Optional.Trotux, HKLM\SOFTWARE\WOW6432NODE\trotuxSoftware, , [069d22264b4f95a156948a3f3fc3e818],
PUP.Optional.Trotux, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{116C7371-2252-4876-AF8C-2DD4A346677A}, , [7d26d4745e3c58de0ddbfecb06fcf010],
PUP.Optional.Trotux, HKLM\SOFTWARE\WOW6432NODE\MOZILLA\FIREFOX\{EB52F1AB-3C2B-424F-9794-833C687025CF}, , [f2b19aae45556ec8c722d1f8c73b20e0],
PUP.Optional.WinYahoo, HKU\S-1-5-21-786549325-3828416840-1361333200-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{2F012B0F-76DD-4863-9C7A-4F2471A727E7}, , [772ca2a635654ee81573f2d25fa49d63],
PUP.Optional.Trotux, HKU\S-1-5-21-786549325-3828416840-1361333200-1001\SOFTWARE\MOZILLA\FIREFOX\{EB52F1AB-3C2B-424F-9794-833C687025CF}, , [1d8604442476b383a1468f3ad9297b85],
PUP.Optional.ProductSetup, HKU\S-1-5-21-786549325-3828416840-1361333200-1001\SOFTWARE\PRODUCTSETUP, , [c4dfe464aceeae8835cd7a371de6c13f],
PUP.Optional.Yontoo, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{52357C6C-FE7F-4E8C-B045-EDE5146A1F9C}, , [a003cf7935659e98c9cc883cf50dd030],

Registrierungswerte: 18
PUP.Optional.Elex, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{8DA51E2C-0866-436D-9CA6-21C8DA5A60BA}|Path, \b2929b72a96a471893ecaa9c51368bae, , [e2c1cc7c23771d19d6ead8e79e66b749]
PUP.Optional.Elex, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{DC1967DD-7EA7-4555-B7BD-0114B7B255C5}|Path, \Anaqeght Builder, , [990a5cec1e7cea4c4d61298bb1535aa6]
PUP.Optional.Trotux, HKLM\SOFTWARE\MOZILLA\FIREFOX\{EB52F1AB-3C2B-424F-9794-833C687025CF}|hp, hxxp://www.trotux.com/?z=215e1a2351816c83959d3f8gdz3mdefwft6w2m2qcq&from=fss&uid=SAMSUNGXMZ7LF128HCHP-00000_S28UNSAG405697&type=hp&mode=ffsengext, , [e6bda5a36e2cc472747522a7d82a35cb]
PUP.Optional.Trotux, HKLM\SOFTWARE\MOZILLA\FIREFOX\{EB52F1AB-3C2B-424F-9794-833C687025CF}|tab, hxxp://www.trotux.com/?z=215e1a2351816c83959d3f8gdz3mdefwft6w2m2qcq&from=fss&uid=SAMSUNGXMZ7LF128HCHP-00000_S28UNSAG405697&type=hp&mode=ffsengext, , [dcc7ed5b3169a1958a5fdaefec16c838]
PUP.Optional.Trotux, HKLM\SOFTWARE\MOZILLA\FIREFOX\{EB52F1AB-3C2B-424F-9794-833C687025CF}|sp, hxxp://www.trotux.com/search/?q={searchTerms}&z=215e1a2351816c83959d3f8gdz3mdefwft6w2m2qcq&from=fss&uid=SAMSUNGXMZ7LF128HCHP-00000_S28UNSAG405697&type=sp, , [8f1448004555e74f6485e9e0966c43bd]
PUP.Optional.Trotux, HKLM\SOFTWARE\MOZILLA\FIREFOX\{EB52F1AB-3C2B-424F-9794-833C687025CF}|surl, hxxp://www.trotux.com/search/?&z=215e1a2351816c83959d3f8gdz3mdefwft6w2m2qcq&from=fss&uid=SAMSUNGXMZ7LF128HCHP-00000_S28UNSAG405697&type=sp&q=, , [099ac583bedce551da0f8049fc06728e]
PUP.Optional.Trotux, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{116C7371-2252-4876-AF8C-2DD4A346677A}|DisplayName, trotux - Uninstall, , [7d26d4745e3c58de0ddbfecb06fcf010]
PUP.Optional.Trotux, HKLM\SOFTWARE\WOW6432NODE\MOZILLA\FIREFOX\{EB52F1AB-3C2B-424F-9794-833C687025CF}|hp, hxxp://www.trotux.com/?z=215e1a2351816c83959d3f8gdz3mdefwft6w2m2qcq&from=fss&uid=SAMSUNGXMZ7LF128HCHP-00000_S28UNSAG405697&type=hp&mode=ffsengext, , [f2b19aae45556ec8c722d1f8c73b20e0]
PUP.Optional.Trotux, HKLM\SOFTWARE\WOW6432NODE\MOZILLA\FIREFOX\{EB52F1AB-3C2B-424F-9794-833C687025CF}|tab, hxxp://www.trotux.com/?z=215e1a2351816c83959d3f8gdz3mdefwft6w2m2qcq&from=fss&uid=SAMSUNGXMZ7LF128HCHP-00000_S28UNSAG405697&type=hp&mode=ffsengext, , [158e014717836cca29c0f1d8fc06a45c]
PUP.Optional.Trotux, HKLM\SOFTWARE\WOW6432NODE\MOZILLA\FIREFOX\{EB52F1AB-3C2B-424F-9794-833C687025CF}|sp, hxxp://www.trotux.com/search/?q={searchTerms}&z=215e1a2351816c83959d3f8gdz3mdefwft6w2m2qcq&from=fss&uid=SAMSUNGXMZ7LF128HCHP-00000_S28UNSAG405697&type=sp, , [3f64c286a4f6d264bf2adfea11f1b848]
PUP.Optional.Trotux, HKLM\SOFTWARE\WOW6432NODE\MOZILLA\FIREFOX\{EB52F1AB-3C2B-424F-9794-833C687025CF}|surl, hxxp://www.trotux.com/search/?&z=215e1a2351816c83959d3f8gdz3mdefwft6w2m2qcq&from=fss&uid=SAMSUNGXMZ7LF128HCHP-00000_S28UNSAG405697&type=sp&q=, , [0e95da6e4654d5619950795033cf02fe]
PUP.Optional.WinYahoo, HKU\S-1-5-21-786549325-3828416840-1361333200-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{2F012B0F-76DD-4863-9C7A-4F2471A727E7}|URL, hxxp://at.yhs4.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wncy_frg01_15_21&param1=1&param2=fD4%26bDIE%26ccDat%26paDWincy%26cdD2XzuyEtN2Y1L1QzuyByE0D0AtAzztBzzyDyDzy0DyByE0DyEtN0D0Tzu0StCtBtAyBtN1L2XzutAtFtCtDtFtCtDtFtDtN1L1CzutN1L1G1B1V1N2Y1L1Qzu2StA0CyEyDzzyEtD0DtGtB0B0CyDtG0Ezy0E0BtGtBtC0C0BtGtA0A0F0E0FtByB0BtC0F0CyD2QtN1M1F1B2Z1V1N2Y1L1Qzu2Szy0AtB0A0FtA0DyDtG0EyCtDzytGyEyB0FzytGzzyCtA0CtG0EyCtBzz0BzzyDzytA0CyC0C2QtN0A0LzutB%26crD578552964%26aDwncy_frg01_15_21%26osDWindows 8.1&p={searchTerms}, [772ca2a635654ee81573f2d25fa49d63], %5
PUP.Optional.WinYahoo, HKU\S-1-5-21-786549325-3828416840-1361333200-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{2F012B0F-76DD-4863-9C7A-4F2471A727E7}|TopResultURLFallback, hxxp://at.yhs4.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wncy_frg01_15_21&param1=1&param2=fD4%26bDIE%26ccDat%26paDWincy%26cdD2XzuyEtN2Y1L1QzuyByE0D0AtAzztBzzyDyDzy0DyByE0DyEtN0D0Tzu0StCtBtAyBtN1L2XzutAtFtCtDtFtCtDtFtDtN1L1CzutN1L1G1B1V1N2Y1L1Qzu2StA0CyEyDzzyEtD0DtGtB0B0CyDtG0Ezy0E0BtGtBtC0C0BtGtA0A0F0E0FtByB0BtC0F0CyD2QtN1M1F1B2Z1V1N2Y1L1Qzu2Szy0AtB0A0FtA0DyDtG0EyCtDzytGyEyB0FzytGzzyCtA0CtG0EyCtBzz0BzzyDzytA0CyC0C2QtN0A0LzutB%26crD578552964%26aDwncy_frg01_15_21%26osDWindows 8.1&p={searchTerms}, [4e55d177bcde290d89ff9e26d52eec14], %5
PUP.Optional.Trotux, HKU\S-1-5-21-786549325-3828416840-1361333200-1001\SOFTWARE\MOZILLA\FIREFOX\{EB52F1AB-3C2B-424F-9794-833C687025CF}|hp, hxxp://www.trotux.com/?z=215e1a2351816c83959d3f8gdz3mdefwft6w2m2qcq&from=fss&uid=SAMSUNGXMZ7LF128HCHP-00000_S28UNSAG405697&type=hp&mode=ffsengext, , [1d8604442476b383a1468f3ad9297b85]
PUP.Optional.Trotux, HKU\S-1-5-21-786549325-3828416840-1361333200-1001\SOFTWARE\MOZILLA\FIREFOX\{EB52F1AB-3C2B-424F-9794-833C687025CF}|tab, hxxp://www.trotux.com/?z=215e1a2351816c83959d3f8gdz3mdefwft6w2m2qcq&from=fss&uid=SAMSUNGXMZ7LF128HCHP-00000_S28UNSAG405697&type=hp&mode=ffsengext, , [a5fe9aaea0fa5adc6582f8d10101c739]
PUP.Optional.Trotux, HKU\S-1-5-21-786549325-3828416840-1361333200-1001\SOFTWARE\MOZILLA\FIREFOX\{EB52F1AB-3C2B-424F-9794-833C687025CF}|sp, hxxp://www.trotux.com/search/?q={searchTerms}&z=215e1a2351816c83959d3f8gdz3mdefwft6w2m2qcq&from=fss&uid=SAMSUNGXMZ7LF128HCHP-00000_S28UNSAG405697&type=sp, , [3a69d078a1f91125a93e0bbec63c936d]
PUP.Optional.Trotux, HKU\S-1-5-21-786549325-3828416840-1361333200-1001\SOFTWARE\MOZILLA\FIREFOX\{EB52F1AB-3C2B-424F-9794-833C687025CF}|surl, hxxp://www.trotux.com/search/?&z=215e1a2351816c83959d3f8gdz3mdefwft6w2m2qcq&from=fss&uid=SAMSUNGXMZ7LF128HCHP-00000_S28UNSAG405697&type=sp&q=, , [c5de4bfd7723b77ff9ee5c6daf535da3]
PUP.Optional.ProductSetup, HKU\S-1-5-21-786549325-3828416840-1361333200-1001\SOFTWARE\PRODUCTSETUP|tb, 0D2Y1I1B1P2Y, , [c4dfe464aceeae8835cd7a371de6c13f]

Registrierungsdaten: 0
(keine bösartigen Elemente erkannt)

Ordner: 3
PUP.Optional.Yontoo, C:\ProgramData\Tarma Installer, , [a003cf7935659e98c9cc883cf50dd030],
PUP.Optional.Yontoo, C:\ProgramData\Tarma Installer\{52357C6C-FE7F-4E8C-B045-EDE5146A1F9C}, , [a003cf7935659e98c9cc883cf50dd030],
PUP.Optional.Yontoo, C:\ProgramData\Tarma Installer\{52357C6C-FE7F-4E8C-B045-EDE5146A1F9C}\F380D8650A5EE752, , [a003cf7935659e98c9cc883cf50dd030],

Dateien: 20
PUP.Optional.HohoSearch, C:\Program Files (x86)\Ckhile\Anqbuilderrts.exe, , [c8db14343c5ea78fa4a06f7707faf60a],
PUP.Optional.HohoSearch, C:\Program Files (x86)\Ckhile\Anqbuilderchr.exe, , [c0e363e5029867cfd173c91dec15e917],
Adware.ProxyAgent, C:\Users\Gert\AppData\Local\Temp\inst_1.exe, , [891a2127fb9f0d2968d8e6d17c88f20e],
PUP.Optional.InstallCore, C:\Users\Gert\Downloads\CamStudioCodec_1.5_Setup.exe, , [5a499aae603a64d2e32c200cef1258a8],
PUP.Optional.WinYahoo, C:\Users\Gert\AppData\LocalLow\Microsoft\Internet Explorer\Services\Wincy.ico, , [7c275fe9336703330ec513b0798afe02],
PUP.Optional.GsearchFinder, C:\Users\Gert\AppData\Roaming\Profiles\ae3c7fls.default\extensions\@90B817C8-8A5C-413B-9DDD-B2C61ED6E79A.xpi, , [5d4692b64d4da2943e7bb944778c4fb1],
PUP.Optional.GsearchFinder, C:\Users\Gert\AppData\Roaming\Profiles\aroweriedreiratqeseied\extensions\@90B817C8-8A5C-413B-9DDD-B2C61ED6E79A.xpi, , [3a697cccedadc2741d9c09f42ad99d63],
PUP.Optional.GoodGame, C:\Users\Gert\Desktop\Goodgame Empire.lnk, , [416258f05842c86e9185f5092dd6c838],
PUP.Optional.Elex.SHHKRST, C:\Users\Gert\AppData\Local\Microsoft\Windows\INetCookies\verger.dll, , [faa91d2b861451e58e52b7fc659ffd03],
PUP.Optional.Elex, C:\Windows\System32\Tasks\Anaqeght Builder, , [139094b417830f278c272f85c04425db],
PUP.Optional.Elex, C:\Windows\System32\Tasks\b2929b72a96a471893ecaa9c51368bae, , [b4efb791dfbb34022b9b09b65ea6fe02],
PUP.Optional.Yontoo, C:\ProgramData\Tarma Installer\{52357C6C-FE7F-4E8C-B045-EDE5146A1F9C}\Setup.dat, , [a003cf7935659e98c9cc883cf50dd030],
PUP.Optional.Yontoo, C:\ProgramData\Tarma Installer\{52357C6C-FE7F-4E8C-B045-EDE5146A1F9C}\Setup.exe, , [a003cf7935659e98c9cc883cf50dd030],
PUP.Optional.Yontoo, C:\ProgramData\Tarma Installer\{52357C6C-FE7F-4E8C-B045-EDE5146A1F9C}\Setup.ico, , [a003cf7935659e98c9cc883cf50dd030],
PUP.Optional.Yontoo, C:\ProgramData\Tarma Installer\{52357C6C-FE7F-4E8C-B045-EDE5146A1F9C}\TsuDll.dll, , [a003cf7935659e98c9cc883cf50dd030],
PUP.Optional.Yontoo, C:\ProgramData\Tarma Installer\{52357C6C-FE7F-4E8C-B045-EDE5146A1F9C}\_Setup.dll, , [a003cf7935659e98c9cc883cf50dd030],
PUP.Optional.Trotux, C:\Users\Gert\AppData\Roaming\Profiles\ae3c7fls.default\prefs.js, Gut: (), Schlecht: (user_pref("browser.search.searchengine.hp", "hxxp://www.trotux.com/?z=215e1a2351816c83959d3f8gdz3mdefwft6w2m2qcq&from=fss&uid=SAMSUNGXMZ7LF128HCHP-00000_S28UNSAG405697&type=hp");), ,[b6ed2f19ddbdbc7a48c92a8022e29f61]
PUP.Optional.Trotux, C:\Users\Gert\AppData\Roaming\Profiles\ae3c7fls.default\prefs.js, Gut: (), Schlecht: (s running,
* the changes will be overwritten when the application exits.
*
* To make a manual change to preferences, you can visit the URL about:config
*/

user_pref("accessibility.typeaheadfind"), ,[fba81632c1d97db9070ae1c905ff18e8]
PUP.Optional.Trotux, C:\Users\Gert\AppData\Roaming\Profiles\ae3c7fls.default\prefs.js, Gut: (), Schlecht: (ces, you can visit the URL about:config
*/

user_pref("accessibility.typeaheadfind", true);
user_pref("app.update.auto", false);
user_pref("app.update.enabled", false);
user_pref("app.update.lastU), ,[148fd5737e1c5fd7729f812952b254ac]
PUP.Optional.Trotux, C:\Users\Gert\AppData\Roaming\Profiles\ae3c7fls.default\searchplugins\kva7hnzu.xml, , [2e7596b214860f2737dcd7d328dc14ec],

Physische Sektoren: 0
(keine bösartigen Elemente erkannt)


(end)

gert83 08.08.2016 16:39
Tut mir leid ...
Nochmals:

Ich hatte (habe?) Probleme mit Trotux und danach reichlich Probleme bei meinem Browser Chrome. Nachdem ich Malwarebytes laufen ließ, (56 Fehler), (und Neustart) konnte ich noch immer keine Extensions für Chrome installieren, "Netzwerkfehler". Ich habe jetzt nochmals Malwarebytes laufen lassen: 2x PUP.Optional.Trotux

Allerbesten Dank im Voraus
Gert

FRST_1.txt:
Code:
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 03-08-2016
durchgeführt von Gert (Administrator) auf HAUPT-PC (08-08-2016 11:55:22)
Gestartet von D:\Downloads
Geladene Profile: Gert (Verfügbare Profile: Gert & Administrator)
Platform: Windows 10 Home Version 1511 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Chrome)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(AVAST Software) D:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\mcsacore.exe
() C:\Program Files\CyberLink\Shared files\RichVideo64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Nuance Communications, Inc.) D:\Program Files (x86)\nuance\PaperPort\PDFProFiltSrvPP.exe
(DEVGURU Co., LTD.) D:\Program Files (x86)\Kies\USB Drivers\25_escape\conn\ss_conn_service.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
() C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.31.5\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.31.5\GoogleCrashHandler64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Jerzy Znamirowski) D:\Program Files (x86)\HEXelon MAX 6\hexelon.exe
(Microsoft Corporation) C:\Windows\System32\StikyNot.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\office15\onenotem.exe
(AVAST Software) D:\Program Files\AVAST Software\Avast\AvastUI.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\PDF Viewer Plus\PdfPro7Hook.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Nuance Communications, Inc.) D:\Program Files (x86)\nuance\PDFCreate\PdfCreate7Hook.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD12\PDVD12Serv.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13885696 2015-06-24] (Realtek Semiconductor)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2013-11-21] (Intel Corporation)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2757424 2015-11-12] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => "C:\WINDOWS\system32\rundll32.exe" C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM-x32\...\Run: [CLMLServer_For_P2G8] => C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [110344 2014-11-04] (CyberLink)
HKLM-x32\...\Run: [CLVirtualDrive] => C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe [492808 2014-11-04] (CyberLink Corp.)
HKLM-x32\...\Run: [AvastUI.exe] => D:\Program Files\AVAST Software\Avast\AvastUI.exe [9071752 2016-08-08] (AVAST Software)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [23546672 2016-08-01] (Dropbox, Inc.)
HKLM-x32\...\Run: [KiesTrayAgent] => D:\Program Files (x86)\Kies\Kies\KiesTrayAgent.exe [311616 2015-07-27] (Samsung Electronics Co., Ltd.)
HKLM-x32\...\Run: [PDFProHook] => C:\Program Files (x86)\Nuance\PDF Viewer Plus\pdfpro7hook.exe [1775464 2011-10-24] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [PDFCreHook] => D:\Program Files (x86)\nuance\PDFCreate\pdfcreate7hook.exe [1771368 2011-10-24] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [PDF7 Registry Controller] => D:\Program Files (x86)\nuance\PDFCreate\RegistryController.exe [140136 2011-06-28] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [598552 2016-06-22] (Oracle Corporation)
HKLM\...\Policies\Explorer: [ConfirmFileDelete] 1
HKLM\...\Policies\Explorer: [EnableShellExecuteHooks] 1
HKU\S-1-5-21-786549325-3828416840-1361333200-1001\...\Run: [HEXelon MAX] => D:\Program Files (x86)\HEXelon MAX 6\hexelon.exe [2816512 2007-06-28] (Jerzy Znamirowski)
HKU\S-1-5-21-786549325-3828416840-1361333200-1001\...\Run: [RESTART_STICKY_NOTES] => C:\Windows\System32\StikyNot.exe [465920 2016-07-01] (Microsoft Corporation)
HKU\S-1-5-21-786549325-3828416840-1361333200-1001\...\Policies\Explorer: [NoInternetOpenWith] 1
HKU\S-1-5-21-786549325-3828416840-1361333200-1001\...\MountPoints2: {c0417766-f248-11e4-8275-806e6f6e6963} - "G:\auto.exe"
ShellExecuteHooks:  - {6710C780-E20E-4C49-A87D-321850ED3D7C} - C:\Users\Gert\AppData\Local\Microsoft\Windows\INetCookies\verger.dll [366080 2016-08-07] ()
ShellIconOverlayIdentifiers: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.38.dll [2016-08-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.38.dll [2016-08-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.38.dll [2016-08-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.38.dll [2016-08-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.38.dll [2016-08-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.38.dll [2016-08-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.38.dll [2016-08-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.38.dll [2016-08-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => D:\Program Files\AVAST Software\Avast\ashShA64.dll [2016-08-08] (AVAST Software)
ShellIconOverlayIdentifiers-x32: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.38.dll [2016-08-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.38.dll [2016-08-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.38.dll [2016-08-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.38.dll [2016-08-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.38.dll [2016-08-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.38.dll [2016-08-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.38.dll [2016-08-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.38.dll [2016-08-01] (Dropbox, Inc.)
Startup: C:\Users\Gert\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\An OneNote senden.lnk [2016-07-26]
ShortcutTarget: An OneNote senden.lnk -> C:\Program Files\Microsoft Office 15\root\office15\onenotem.exe (Microsoft Corporation)
Startup: C:\Users\Gert\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Autochartist MT4 plugin - Auto Update.lnk [2015-09-22]
ShortcutTarget: Autochartist MT4 plugin - Auto Update.lnk -> C:\Users\Gert\AppData\Roaming\MetaQuotes\Terminal\50CA3DFB510CC5A8F28B48D1BF2A5702\MQL4\AutochartistPlugin_AutoUpdaterActivTrades.exe (Keine Datei)

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Hosts: 127.0.0.1 clients2.google.com
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{6f5f746e-18f7-4f7f-bb03-ab5bcb66ea76}: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{7ccc1c37-a256-4412-810d-4079bfcb4ea9}: [DhcpNameServer] 10.0.0.138

Internet Explorer:
==================
HKU\S-1-5-21-786549325-3828416840-1361333200-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo13.msn.com/?pc=LCJB
SearchScopes: HKLM -> {2f23ab71-4ac6-41f2-a955-ea576e553146} URL =
SearchScopes: HKU\S-1-5-21-786549325-3828416840-1361333200-1001 -> {2F012B0F-76DD-4863-9C7A-4F2471A727E7} URL = hxxp://at.yhs4.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wncy_frg01_15_21&param1=1&param2=f%3D4%26b%3DIE%26cc%3Dat%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1QzuyByE0D0AtAzztBzzyDyDzy0DyByE0DyEtN0D0Tzu0StCtBtAyBtN1L2XzutAtFtCtDtFtCtDtFtDtN1L1CzutN1L1G1B1V1N2Y1L1Qzu2StA0CyEyDzzyEtD0DtGtB0B0CyDtG0Ezy0E0BtGtBtC0C0BtGtA0A0F0E0FtByB0BtC0F0CyD2QtN1M1F1B2Z1V1N2Y1L1Qzu2Szy0AtB0A0FtA0DyDtG0EyCtDzytGyEyB0FzytGzzyCtA0CtG0EyCtBzz0BzzyDzytA0CyC0C2QtN0A0LzutB%26cr%3D578552964%26a%3Dwncy_frg01_15_21%26os%3DWindows 8.1&p={searchTerms}
SearchScopes: HKU\S-1-5-21-786549325-3828416840-1361333200-1001 -> {9F979916-81B7-4FD4-832D-BF2E6C5C5AD6} URL = hxxps://at.search.yahoo.com/search?fr=mcafee&type=C014AT1140D20150521&p={searchTerms}
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2016-06-14] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2016-06-14] (Microsoft Corporation)
BHO-x32: PlusIEEventHelper Class -> {551A852F-39A6-44A7-9C13-AFBEC9185A9D} -> C:\Program Files (x86)\Nuance\PDF Viewer Plus\Bin\PlusIEContextMenu.dll [2011-06-30] (Zeon Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\ssv.dll [2016-08-07] (Oracle Corporation)
BHO-x32: ZeonIEEventHelper Class -> {DA986D7D-CCAF-47B2-84FE-BFA1549BEBF9} -> D:\Program Files (x86)\nuance\PDFCreate\Bin\ZeonIEFavClient.dll [2011-03-26] (Zeon Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\jp2ssv.dll [2016-08-07] (Oracle Corporation)
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2016-07-29] (McAfee, Inc.)
Handler-x32: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2016-07-29] (McAfee, Inc.)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2016-04-20] (Microsoft Corporation)
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2016-07-29] (McAfee, Inc.)
Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2016-07-29] (McAfee, Inc.)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2016-05-25] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-05-25] (Microsoft Corporation)

FireFox:
========
FF ProfilePath: C:\Users\Gert\AppData\Roaming\Profiles\ae3c7fls.default
FF NewTab: about:newtab
FF DefaultSearchEngine: Google
FF SearchEngineOrder.1: Google
FF SelectedSearchEngine: Google
FF Homepage: hxxps://www.google.com/?bcutc=sp-006
FF DefaultSearchUrl: hxxps://www.google.com/search?bcutc=sp-006
FF Keyword.URL: hxxps://www.google.com/search?bcutc=sp-006
FF Plugin: @videolan.org/vlc,version=2.2.1 -> D:\Program Files\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.3 -> D:\Program Files\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.4 -> D:\Program Files\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2014-07-02] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2014-07-02] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.101.2 -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\dtplugin\npDeployJava1.dll [2016-08-07] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.101.2 -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\plugin2\npjp2.dll [2016-08-07] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2015-06-18] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-11-14] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-11-14] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-29] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-29] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-06-30] (Adobe Systems Inc.)
FF Plugin-x32: ZEON/PDF,version=2.0 -> C:\Program Files (x86)\Nuance\PDF Viewer Plus\bin\nppdf.dll [2011-02-16] (Zeon Corporation)
FF Plugin HKU\S-1-5-21-786549325-3828416840-1361333200-1001: @citrixonline.com/appdetectorplugin -> C:\Users\Gert\AppData\Local\Citrix\Plugins\104\npappdetector.dll [2015-05-21] (Citrix Online)
FF Plugin ProgramFiles/Appdata: C:\Users\Gert\AppData\Roaming\mozilla\plugins\npatgpc.dll [2016-03-09] (Cisco WebEx LLC)
FF SearchPlugin: C:\Users\Gert\AppData\Roaming\Mozilla\Firefox\Profiles\hmzgfq0t.default\searchplugins\google-avast.xml [2016-08-08]
FF SearchPlugin: C:\Users\Gert\AppData\Roaming\Mozilla\Firefox\Profiles\hmzgfq0t.default\searchplugins\McSiteAdvisor.xml [2016-02-04]
FF SearchPlugin: C:\Users\Gert\AppData\Roaming\Profiles\ae3c7fls.default\searchplugins\google-avast.xml [2016-08-08]
FF SearchPlugin: C:\Users\Gert\AppData\Roaming\Profiles\ae3c7fls.default\searchplugins\kva7hnzu.xml [2016-08-07]
FF SearchPlugin: C:\Users\Gert\AppData\Roaming\Profiles\ae3c7fls.default\searchplugins\McSiteAdvisor.xml [2016-02-04]
FF Extension: Tradesignal Online Chart - C:\Users\Gert\AppData\Roaming\Mozilla\Firefox\Profiles\hmzgfq0t.default\Extensions\{1acd747e-8470-11db-96a9-00e08161165f} [2015-12-07] [ist nicht signiert]
FF Extension: GsearchFinder - C:\Users\Gert\AppData\Roaming\Profiles\ae3c7fls.default\Extensions\@90B817C8-8A5C-413B-9DDD-B2C61ED6E79A.xpi [2016-08-07]
FF Extension: Tradesignal Online Chart - C:\Users\Gert\AppData\Roaming\Profiles\ae3c7fls.default\Extensions\{1acd747e-8470-11db-96a9-00e08161165f} [2016-08-07] [ist nicht signiert]
FF Extension: Skype - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2016-05-25]
FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi
FF Extension: McAfee WebAdvisor - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi [2016-08-08]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - D:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - D:\Program Files\AVAST Software\Avast\WebRep\FF [2016-08-08]
FF HKLM\...\Firefox\Extensions: [sp@avast.com] - D:\Program Files\AVAST Software\Avast\SafePrice\FF
FF Extension: Avast SafePrice - D:\Program Files\AVAST Software\Avast\SafePrice\FF [2016-08-08]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - D:\Program Files\AVAST Software\Avast\WebRep\FF
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi
FF HKLM-x32\...\Firefox\Extensions: [sp@avast.com] - D:\Program Files\AVAST Software\Avast\SafePrice\FF

Chrome:
=======
CHR StartupUrls: Profile 2 -> "","hxxp://www.google.com/","hxxp://at.yhs4.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wncy_frg01_15_21&param1=1&param2=f%3D7%26b%3DChrome%26cc%3Dat%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1QzuyByE0D0AtAzztBzzyDyDzy0DyByE0DyEtN0D0Tzu0StCtBtAyBtN1L2XzutAtFtCtDtFtCtDtFtDtN1L1CzutN1L1G1B1V1N2Y1L1Qzu2StA0CyEyDzzyEtD0DtGtB0B0CyDtG0Ezy0E0BtGtBtC0C0BtGtA0A0F0E0FtByB0BtC0F0CyD2QtN1M1F1B2Z1V1N2Y1L1Qzu2Szy0AtB0A0FtA0DyDtG0EyCtDzytGyEyB0FzytGzzyCtA0CtG0EyCtBzz0BzzyDzytA0CyC0C2QtN0A0LzutB%26cr%3D578552964%26a%3Dwncy_frg01_15_21%26os%3DWindows%208.1","hxxp://www.trotux.com/?z=215e1a2351816c83959d3f8gdz3mdefwft6w2m2qcq&from=fss&uid=SAMSUNGXMZ7LF128HCHP-00000_S28UNSAG405697&type=hp"
CHR Profile: C:\Users\Gert\AppData\Local\Google\Chrome\User Data\Profile 1
CHR Extension: (Docs) - C:\Users\Gert\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2016-08-08]
CHR Extension: (Google Drive) - C:\Users\Gert\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-08-08]
CHR Extension: (YouTube) - C:\Users\Gert\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-08-08]
CHR Extension: (Google Mail) - C:\Users\Gert\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-08-08]
CHR Profile: C:\Users\Gert\AppData\Local\Google\Chrome\User Data\Profile 2
CHR Extension: (Google Drive) - C:\Users\Gert\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-08-08]
CHR Extension: (YouTube) - C:\Users\Gert\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-08-08]
CHR Extension: (Google Mail) - C:\Users\Gert\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-08-08]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [2016-06-02]
CHR HKLM-x32\...\Chrome\Extension: [daanglpcpkjjlkhcbladppjphglbigam] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - D:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx <nicht gefunden>
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [2016-06-02]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - D:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx <nicht gefunden>
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2016-05-25]
CHR HKLM-x32\...\Chrome\Extension: [npdicihegicnhaangkdmcgbjceoemeoo] - hxxps://clients2.google.com/service/update2/crx

Opera:
=======
OPR Extension: (Fast search v3.5) - C:\Users\Gert\AppData\Roaming\Opera Software\Opera Stable\Extensions\leenkjhmbcgekojlkimcbodmniopgfnp [2016-08-07]

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S2 Anqbuilderrts.exe; C:\Program Files (x86)\Ckhile\Anqbuilderrts.exe [378384 2016-08-07] ()
R2 avast! Antivirus; D:\Program Files\AVAST Software\Avast\AvastSvc.exe [197640 2016-08-08] (AVAST Software)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1364096 2016-05-25] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1687680 2016-05-25] (Microsoft Corporation)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [3189488 2016-07-02] (Microsoft Corporation)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [136048 2015-08-21] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [136048 2015-08-21] (Dropbox, Inc.)
S3 fussvc; C:\Program Files (x86)\Windows Kits\8.1\App Certification Kit\fussvc.exe [142336 2014-02-20] (Microsoft Corporation) [Datei ist nicht signiert]
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1156400 2015-11-12] (NVIDIA Corporation)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-11-21] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [733696 2013-05-11] (Intel(R) Corporation) [Datei ist nicht signiert]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-11] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2014-07-02] (Intel Corporation)
R2 McAfee SiteAdvisor Service; C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe [158952 2016-07-29] (McAfee, Inc.)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1872688 2015-11-12] (NVIDIA Corporation)
R3 NvStreamNetworkSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [8133424 2015-11-12] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [5915440 2015-11-12] (NVIDIA Corporation)
R2 PDFProFiltSrvPP; D:\Program Files (x86)\nuance\PaperPort\PDFProFiltSrvPP.exe [138600 2011-09-21] (Nuance Communications, Inc.)
R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [389896 2013-03-06] ()
S3 rpcapd; C:\Program Files (x86)\WinPcap\rpcapd.exe [118520 2013-03-01] (Riverbed Technology, Inc.)
R2 ss_conn_service; D:\Program Files (x86)\Kies\USB Drivers\25_escape\conn\ss_conn_service.exe [743688 2015-05-21] (DEVGURU Co., LTD.)
S3 Te.Service; C:\Program Files (x86)\Windows Kits\8.1\Testing\Runtimes\TAEF\Wex.Services.exe [119808 2013-08-22] (Microsoft Corporation) [Datei ist nicht signiert]
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5702416 2015-09-11] (TeamViewer GmbH)
S3 VSStandardCollectorService140; D:\Programme (x86)\Microsoft Visual Studio 14.0\Team Tools\DiagnosticsHub\Collector\StandardCollector.Service.exe [52968 2015-07-07] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2015-10-30] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2016-07-01] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [37656 2016-08-08] (AVAST Software)
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [37144 2016-08-08] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [108816 2016-08-08] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [103064 2016-08-08] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [74544 2016-08-08] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [968536 2016-08-08] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [513496 2016-08-08] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [163416 2016-08-08] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [292704 2016-08-08] (AVAST Software)
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [91912 2013-11-12] (CyberLink)
S3 dg_ssudbus; C:\Windows\system32\DRIVERS\ssudbus.sys [129152 2016-04-25] (Samsung Electronics Co., Ltd.)
R2 ei2c; C:\windows\system32\drivers\ei2c.sys [20784 2015-06-23] (Nicomsoft Ltd.)
R1 HWiNFO32; C:\WINDOWS\SysWOW64\drivers\HWiNFO64A.SYS [27552 2016-08-07] (REALiX(tm))
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2014-07-02] (Intel Corporation)
S0 mfeelamk; C:\Windows\System32\drivers\mfeelamk.sys [80160 2015-02-13] (McAfee, Inc.)
R3 mfesapsn; C:\Program Files (x86)\McAfee\SiteAdvisor\x64\mfesapsn.sys [46240 2016-06-06] (McAfee, Inc.)
R2 mi2c; C:\windows\system32\drivers\mi2c.sys [20784 2015-06-24] (Nicomsoft Ltd.)
R2 NPF; C:\Windows\System32\drivers\npf.sys [36600 2013-03-01] (Riverbed Technology, Inc.)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19760 2015-11-12] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [50472 2015-08-11] (NVIDIA Corporation)
R3 RtlWlanu; C:\Windows\System32\drivers\rtwlanu.sys [3870464 2015-10-01] (Realtek Semiconductor Corporation                          )
R3 SensorsSimulatorDriver; C:\Windows\system32\DRIVERS\WUDFRd.sys [216064 2015-10-30] (Microsoft Corporation)
S3 ssudmdm; C:\Windows\system32\DRIVERS\ssudmdm.sys [221824 2016-04-25] (Samsung Electronics Co., Ltd.)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation)

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-08-08 11:54 - 2016-08-08 11:55 - 00000000 ___DC C:\FRST
2016-08-08 11:10 - 2016-08-08 11:18 - 00002470 _____ C:\Users\Gert\Desktop\Standardprofil - Chrome.lnk
2016-08-08 11:10 - 2016-08-08 11:10 - 00002470 _____ C:\Users\Gert\Desktop\Profil 1 - Chrome.lnk
2016-08-08 10:58 - 2016-08-08 10:58 - 00391496 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2016-08-08 10:58 - 2016-08-08 10:58 - 00053208 _____ (AVAST Software) C:\WINDOWS\avastSS.scr
2016-08-07 20:50 - 2016-08-07 20:50 - 00009000 _____ C:\WINDOWS\System32\Tasks\Anaqeght Builder
2016-08-07 20:50 - 2016-08-07 20:50 - 00003458 _____ C:\WINDOWS\System32\Tasks\b2929b72a96a471893ecaa9c51368bae
2016-08-07 20:50 - 2016-08-07 20:50 - 00000000 ___HD C:\Program Files (x86)\dkx3EB2
2016-08-07 20:49 - 2016-08-08 10:55 - 00000000 ____D C:\Program Files (x86)\Ckhile
2016-08-07 20:49 - 2016-08-07 20:50 - 00000000 ____D C:\Users\Gert\AppData\Local\thocertioncoohpyfaterle
2016-08-07 20:49 - 2016-08-07 20:49 - 00000000 ____D C:\Users\Gert\AppData\Local\Video4you
2016-08-07 11:48 - 2016-08-08 11:36 - 00003008 _____ C:\WINDOWS\System32\Tasks\Driver Booster SkipUAC (Gert)
2016-08-07 11:48 - 2016-08-07 20:49 - 00000000 ____D C:\ProgramData\RenewalService
2016-08-07 11:48 - 2016-08-07 11:48 - 00027552 _____ (REALiX(tm)) C:\WINDOWS\SysWOW64\Drivers\HWiNFO64A.SYS
2016-08-07 11:48 - 2016-08-07 11:48 - 00003366 _____ C:\WINDOWS\System32\Tasks\Driver Booster Scheduler
2016-08-07 11:48 - 2016-08-07 11:48 - 00002243 _____ C:\Users\Public\Desktop\Driver Booster 3.lnk
2016-08-07 11:48 - 2016-08-07 11:48 - 00001040 _____ C:\Users\Gert\Desktop\Play Travian.lnk
2016-08-07 11:48 - 2016-08-07 11:48 - 00000000 ____D C:\WINDOWS\IObit
2016-08-07 11:48 - 2016-08-07 11:48 - 00000000 ____D C:\Users\Gert\AppData\Roaming\IObit
2016-08-07 11:48 - 2016-08-07 11:48 - 00000000 ____D C:\Users\Gert\AppData\LocalLow\IObit
2016-08-07 11:48 - 2016-08-07 11:48 - 00000000 ____D C:\ProgramData\ProductData
2016-08-07 11:48 - 2016-08-07 11:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WorldOfBooks
2016-08-07 11:48 - 2016-08-07 11:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Booster 3
2016-08-07 11:48 - 2016-08-07 11:48 - 00000000 ____D C:\ProgramData\IObit
2016-08-07 11:48 - 2016-08-07 11:48 - 00000000 ____D C:\Program Files (x86)\WorldOfBooks
2016-08-07 11:48 - 2016-08-07 11:48 - 00000000 ____D C:\Program Files (x86)\IObit
2016-08-06 14:06 - 2016-08-06 14:06 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2016-08-01 16:39 - 2016-08-01 16:39 - 00941919 _____ C:\Users\Gert\Documents\notiz-rtfx.pdf
2016-08-01 12:08 - 2016-08-01 12:08 - 00062966 _____ C:\Users\Gert\Desktop\Weekly Options Countdown invoice.pdf
2016-07-29 09:35 - 2016-07-29 09:35 - 00000807 _____ C:\Users\Gert\Desktop\DeviceOnline.lnk
2016-07-29 09:35 - 2016-07-29 09:35 - 00000000 ____D C:\Users\Gert\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DeviceOnline
2016-07-29 09:35 - 2016-07-29 09:35 - 00000000 ____D C:\Users\Gert\AppData\Roaming\DeviceOnline
2016-07-27 07:43 - 2016-07-27 07:44 - 00939735 _____ C:\Users\Gert\Documents\notiz-rtf.pdf
2016-07-26 11:42 - 2016-07-26 11:42 - 01832174 _____ C:\Users\Gert\Desktop\20110810-das_ende_des_geldes.pdf
2016-07-15 10:31 - 2016-07-15 10:31 - 00062649 _____ C:\Users\Gert\Desktop\Bernie Schae�궈ers Wealthbuilder-LifeTime.pdf
2016-07-14 10:39 - 2016-07-15 10:21 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2016-07-13 13:18 - 2016-07-01 06:34 - 01322248 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2016-07-13 13:18 - 2016-07-01 06:25 - 02773096 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll
2016-07-13 13:18 - 2016-07-01 05:56 - 22379520 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2016-07-13 13:18 - 2016-07-01 05:47 - 24610304 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-07-13 13:18 - 2016-07-01 05:41 - 00605184 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2016-07-13 13:18 - 2016-07-01 05:39 - 13018112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2016-07-13 13:18 - 2016-07-01 05:37 - 00059904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MosStorage.dll
2016-07-13 13:18 - 2016-07-01 05:36 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapsBtSvc.dll
2016-07-13 13:18 - 2016-07-01 05:29 - 05503488 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll
2016-07-13 13:18 - 2016-07-01 05:26 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JpMapControl.dll
2016-07-13 13:17 - 2016-07-01 07:30 - 00587456 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2016-07-13 13:17 - 2016-07-01 07:30 - 00284352 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2016-07-13 13:17 - 2016-07-01 06:50 - 00037232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wldp.dll
2016-07-13 13:17 - 2016-07-01 06:49 - 07469408 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2016-07-13 13:17 - 2016-07-01 06:49 - 00337336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Storage.ApplicationData.dll
2016-07-13 13:17 - 2016-07-01 06:48 - 01238584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Taskmgr.exe
2016-07-13 13:17 - 2016-07-01 06:43 - 03449168 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSService.dll
2016-07-13 13:17 - 2016-07-01 06:38 - 01862008 _____ C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2016-07-13 13:17 - 2016-07-01 06:35 - 01554152 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpmde.dll
2016-07-13 13:17 - 2016-07-01 06:35 - 01552104 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2016-07-13 13:17 - 2016-07-01 06:35 - 01299504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetsrc.dll
2016-07-13 13:17 - 2016-07-01 06:35 - 01092464 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2016-07-13 13:17 - 2016-07-01 06:35 - 00847656 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2016-07-13 13:17 - 2016-07-01 06:35 - 00586208 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2016-07-13 13:17 - 2016-07-01 06:35 - 00498960 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFCaptureEngine.dll
2016-07-13 13:17 - 2016-07-01 06:35 - 00331616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2016-07-13 13:17 - 2016-07-01 06:35 - 00035656 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfpmp.exe
2016-07-13 13:17 - 2016-07-01 06:34 - 03675512 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2016-07-13 13:17 - 2016-07-01 06:34 - 00808288 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2016-07-13 13:17 - 2016-07-01 06:33 - 04515256 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2016-07-13 13:17 - 2016-07-01 06:33 - 01750440 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcMon.exe
2016-07-13 13:17 - 2016-07-01 06:33 - 00730352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Shell.Broker.dll
2016-07-13 13:17 - 2016-07-01 06:33 - 00725776 _____ (Microsoft Corporation) C:\WINDOWS\system32\SHCore.dll
2016-07-13 13:17 - 2016-07-01 06:33 - 00566104 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2016-07-13 13:17 - 2016-07-01 06:33 - 00374008 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2016-07-13 13:17 - 2016-07-01 06:33 - 00303216 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppHost.exe
2016-07-13 13:17 - 2016-07-01 06:32 - 01603224 _____ (Microsoft Corporation) C:\WINDOWS\system32\propsys.dll
2016-07-13 13:17 - 2016-07-01 06:32 - 01540224 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2016-07-13 13:17 - 2016-07-01 06:32 - 01128104 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipUp.exe
2016-07-13 13:17 - 2016-07-01 06:32 - 00692136 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppwinob.dll
2016-07-13 13:17 - 2016-07-01 06:32 - 00106928 _____ (Microsoft Corporation) C:\WINDOWS\system32\phoneactivate.exe
2016-07-13 13:17 - 2016-07-01 06:31 - 01848584 _____ (Microsoft Corporation) C:\WINDOWS\system32\crypt32.dll
2016-07-13 13:17 - 2016-07-01 06:31 - 00604928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2016-07-13 13:17 - 2016-07-01 06:31 - 00161632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2016-07-13 13:17 - 2016-07-01 06:25 - 02145032 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d9.dll
2016-07-13 13:17 - 2016-07-01 06:25 - 01987936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2016-07-13 13:17 - 2016-07-01 06:25 - 00648256 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2016-07-13 13:17 - 2016-07-01 06:25 - 00577376 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2016-07-13 13:17 - 2016-07-01 06:25 - 00393568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2016-07-13 13:17 - 2016-07-01 06:24 - 00911648 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcomp.dll
2016-07-13 13:17 - 2016-07-01 06:23 - 01349640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll
2016-07-13 13:17 - 2016-07-01 06:21 - 02921880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2016-07-13 13:17 - 2016-07-01 06:21 - 00703840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2016-07-13 13:17 - 2016-07-01 06:21 - 00376536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.MediaControl.dll
2016-07-13 13:17 - 2016-07-01 06:20 - 00503600 _____ (Microsoft Corporation) C:\WINDOWS\system32\DMRServer.dll
2016-07-13 13:17 - 2016-07-01 06:20 - 00465760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2016-07-13 13:17 - 2016-07-01 06:20 - 00388896 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpps.dll
2016-07-13 13:17 - 2016-07-01 06:20 - 00254656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppHost.exe
2016-07-13 13:17 - 2016-07-01 06:19 - 05240960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2016-07-13 13:17 - 2016-07-01 06:19 - 04074160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2016-07-13 13:17 - 2016-07-01 06:19 - 01355336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\propsys.dll
2016-07-13 13:17 - 2016-07-01 06:18 - 00064584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Clipc.dll
2016-07-13 13:17 - 2016-07-01 06:12 - 01866104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d9.dll
2016-07-13 13:17 - 2016-07-01 06:11 - 01522160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2016-07-13 13:17 - 2016-07-01 06:03 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsCSP.dll
2016-07-13 13:17 - 2016-07-01 06:00 - 00957952 _____ (Microsoft Corporation) C:\WINDOWS\system32\IKEEXT.DLL
2016-07-13 13:17 - 2016-07-01 05:59 - 00066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosHostClient.dll
2016-07-13 13:17 - 2016-07-01 05:58 - 00824320 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll
2016-07-13 13:17 - 2016-07-01 05:57 - 00089600 _____ (Microsoft Corporation) C:\WINDOWS\system32\NFCProvisioningPlugin.dll
2016-07-13 13:17 - 2016-07-01 05:57 - 00059392 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpreference.exe
2016-07-13 13:17 - 2016-07-01 05:56 - 00044032 _____ (Microsoft Corporation) C:\WINDOWS\system32\musdialoghandlers.dll
2016-07-13 13:17 - 2016-07-01 05:55 - 00028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\mapsupdatetask.dll
2016-07-13 13:17 - 2016-07-01 05:54 - 00120320 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsBtSvc.dll
2016-07-13 13:17 - 2016-07-01 05:54 - 00074752 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosStorage.dll
2016-07-13 13:17 - 2016-07-01 05:53 - 00192000 _____ (Microsoft Corporation) C:\WINDOWS\system32\provisioningcsp.dll
2016-07-13 13:17 - 2016-07-01 05:53 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryClient.dll
2016-07-13 13:17 - 2016-07-01 05:53 - 00059904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryBroker.dll
2016-07-13 13:17 - 2016-07-01 05:52 - 00218624 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll
2016-07-13 13:17 - 2016-07-01 05:52 - 00185856 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10_1.dll
2016-07-13 13:17 - 2016-07-01 05:52 - 00072704 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshost.dll
2016-07-13 13:17 - 2016-07-01 05:52 - 00047616 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmTasks.dll
2016-07-13 13:17 - 2016-07-01 05:50 - 11545088 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2016-07-13 13:17 - 2016-07-01 05:50 - 00349184 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntprint.dll
2016-07-13 13:17 - 2016-07-01 05:50 - 00270848 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshostcore.dll
2016-07-13 13:17 - 2016-07-01 05:50 - 00090624 _____ (Microsoft Corporation) C:\WINDOWS\system32\FingerprintEnrollment.dll
2016-07-13 13:17 - 2016-07-01 05:50 - 00069120 _____ (Microsoft Corporation) C:\WINDOWS\system32\WPDShServiceObj.dll
2016-07-13 13:17 - 2016-07-01 05:49 - 00290816 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2016-07-13 13:17 - 2016-07-01 05:49 - 00253440 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Maps.dll
2016-07-13 13:17 - 2016-07-01 05:49 - 00167936 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetpp.dll
2016-07-13 13:17 - 2016-07-01 05:49 - 00110080 _____ (Microsoft Corporation) C:\WINDOWS\system32\IdCtrls.dll
2016-07-13 13:17 - 2016-07-01 05:48 - 06572032 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanmm.dll
2016-07-13 13:17 - 2016-07-01 05:48 - 00642048 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2016-07-13 13:17 - 2016-07-01 05:48 - 00530432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nwifi.sys
2016-07-13 13:17 - 2016-07-01 05:48 - 00373248 _____ (Microsoft Corporation) C:\WINDOWS\system32\WmpDui.dll
2016-07-13 13:17 - 2016-07-01 05:48 - 00198144 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll
2016-07-13 13:17 - 2016-07-01 05:47 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2016-07-13 13:17 - 2016-07-01 05:47 - 00450048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Bluetooth.dll
2016-07-13 13:17 - 2016-07-01 05:47 - 00394752 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPhoto.dll
2016-07-13 13:17 - 2016-07-01 05:47 - 00394240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Search.ProtocolHandler.MAPI2.dll
2016-07-13 13:17 - 2016-07-01 05:47 - 00315392 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
2016-07-13 13:17 - 2016-07-01 05:47 - 00296960 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2016-07-13 13:17 - 2016-07-01 05:47 - 00287744 _____ (Microsoft Corporation) C:\WINDOWS\system32\apprepapi.dll
2016-07-13 13:17 - 2016-07-01 05:47 - 00287232 _____ (Microsoft Corporation) C:\WINDOWS\system32\provhandlers.dll
2016-07-13 13:17 - 2016-07-01 05:47 - 00237056 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkDesktopSettings.dll
2016-07-13 13:17 - 2016-07-01 05:47 - 00188416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.PicturePassword.dll
2016-07-13 13:17 - 2016-07-01 05:47 - 00182784 _____ (Microsoft Corporation) C:\WINDOWS\system32\shutdownux.dll
2016-07-13 13:17 - 2016-07-01 05:47 - 00168960 _____ (Microsoft Corporation) C:\WINDOWS\system32\provops.dll
2016-07-13 13:17 - 2016-07-01 05:46 - 00714240 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll
2016-07-13 13:17 - 2016-07-01 05:46 - 00510464 _____ (Microsoft Corporation) C:\WINDOWS\system32\WlanMediaManager.dll
2016-07-13 13:17 - 2016-07-01 05:46 - 00475648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.BlockedShutdown.dll
2016-07-13 13:17 - 2016-07-01 05:46 - 00469504 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhsettingsprovider.dll
2016-07-13 13:17 - 2016-07-01 05:46 - 00460800 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapConfiguration.dll
2016-07-13 13:17 - 2016-07-01 05:46 - 00458752 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToDevice.dll
2016-07-13 13:17 - 2016-07-01 05:46 - 00412672 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanui.dll
2016-07-13 13:17 - 2016-07-01 05:46 - 00342016 _____ (Microsoft Corporation) C:\WINDOWS\system32\APHostService.dll
2016-07-13 13:17 - 2016-07-01 05:46 - 00287744 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpsvc.dll
2016-07-13 13:17 - 2016-07-01 05:46 - 00279040 _____ (Microsoft Corporation) C:\WINDOWS\system32\ListSvc.dll
2016-07-13 13:17 - 2016-07-01 05:46 - 00258560 _____ (Microsoft Corporation) C:\WINDOWS\system32\credprovs.dll
2016-07-13 13:17 - 2016-07-01 05:45 - 00619520 _____ (Microsoft Corporation) C:\WINDOWS\system32\efswrt.dll
2016-07-13 13:17 - 2016-07-01 05:45 - 00576000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.UX.EapRequestHandler.dll
2016-07-13 13:17 - 2016-07-01 05:45 - 00492544 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_StorageSense.dll
2016-07-13 13:17 - 2016-07-01 05:45 - 00440320 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhcfg.dll
2016-07-13 13:17 - 2016-07-01 05:45 - 00414720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.BioFeedback.dll
2016-07-13 13:17 - 2016-07-01 05:45 - 00392192 _____ (Microsoft Corporation) C:\WINDOWS\system32\zipfldr.dll
2016-07-13 13:17 - 2016-07-01 05:45 - 00387072 _____ (Microsoft Corporation) C:\WINDOWS\system32\qdvd.dll
2016-07-13 13:17 - 2016-07-01 05:45 - 00317440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Cortana.OneCore.dll
2016-07-13 13:17 - 2016-07-01 05:45 - 00316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\msieftp.dll
2016-07-13 13:17 - 2016-07-01 05:45 - 00315392 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXTaskFactory.dll
2016-07-13 13:17 - 2016-07-01 05:45 - 00305152 _____ (Microsoft Corporation) C:\WINDOWS\system32\edputil.dll
2016-07-13 13:17 - 2016-07-01 05:44 - 07977472 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2016-07-13 13:17 - 2016-07-01 05:44 - 00492544 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.UserAccountsHandlers.dll
2016-07-13 13:17 - 2016-07-01 05:44 - 00484352 _____ (Microsoft Corporation) C:\WINDOWS\system32\DataSenseHandlers.dll
2016-07-13 13:17 - 2016-07-01 05:44 - 00451584 _____ (Microsoft Corporation) C:\WINDOWS\system32\werui.dll
2016-07-13 13:17 - 2016-07-01 05:44 - 00448000 _____ (Microsoft Corporation) C:\WINDOWS\system32\winipcfile.dll
2016-07-13 13:17 - 2016-07-01 05:44 - 00364032 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneBackupHandler.dll
2016-07-13 13:17 - 2016-07-01 05:44 - 00283648 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToReceiver.dll
2016-07-13 13:17 - 2016-07-01 05:44 - 00276480 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecsExt.dll
2016-07-13 13:17 - 2016-07-01 05:44 - 00247296 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssphtb.dll
2016-07-13 13:17 - 2016-07-01 05:43 - 01294336 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcnwiz.dll
2016-07-13 13:17 - 2016-07-01 05:43 - 01056256 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpMapControl.dll
2016-07-13 13:17 - 2016-07-01 05:43 - 00992256 _____ (Microsoft Corporation) C:\WINDOWS\system32\sbe.dll
2016-07-13 13:17 - 2016-07-01 05:43 - 00941568 _____ (Microsoft Corporation) C:\WINDOWS\system32\MiracastReceiver.dll
2016-07-13 13:17 - 2016-07-01 05:43 - 00892416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.SmartCards.dll
2016-07-13 13:17 - 2016-07-01 05:43 - 00853504 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
2016-07-13 13:17 - 2016-07-01 05:43 - 00708608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2016-07-13 13:17 - 2016-07-01 05:43 - 00674304 _____ (Microsoft Corporation) C:\WINDOWS\system32\mbsmsapi.dll
2016-07-13 13:17 - 2016-07-01 05:43 - 00656896 _____ (Microsoft Corporation) C:\WINDOWS\system32\sud.dll
2016-07-13 13:17 - 2016-07-01 05:43 - 00564224 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevicePairing.dll
2016-07-13 13:17 - 2016-07-01 05:43 - 00556032 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll
2016-07-13 13:17 - 2016-07-01 05:43 - 00529408 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll
2016-07-13 13:17 - 2016-07-01 05:43 - 00519680 _____ (Microsoft Corporation) C:\WINDOWS\system32\WLanConn.dll
2016-07-13 13:17 - 2016-07-01 05:43 - 00465920 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanconn.dll
2016-07-13 13:17 - 2016-07-01 05:43 - 00334848 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2016-07-13 13:17 - 2016-07-01 05:43 - 00183808 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSSync.dll
2016-07-13 13:17 - 2016-07-01 05:42 - 14252544 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2016-07-13 13:17 - 2016-07-01 05:42 - 02125312 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Bluetooth.dll
2016-07-13 13:17 - 2016-07-01 05:42 - 02088960 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpdshext.dll
2016-07-13 13:17 - 2016-07-01 05:42 - 02012672 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmsipc.dll
2016-07-13 13:17 - 2016-07-01 05:42 - 01716736 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRHInproc.dll
2016-07-13 13:17 - 2016-07-01 05:42 - 01434112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Editing.dll
2016-07-13 13:17 - 2016-07-01 05:42 - 01240064 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10.dll
2016-07-13 13:17 - 2016-07-01 05:42 - 00988160 _____ (Microsoft Corporation) C:\WINDOWS\system32\NMAA.dll
2016-07-13 13:17 - 2016-07-01 05:42 - 00965632 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2016-07-13 13:17 - 2016-07-01 05:42 - 00828928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.AccountsControl.dll
2016-07-13 13:17 - 2016-07-01 05:42 - 00697344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.OnlineId.dll
2016-07-13 13:17 - 2016-07-01 05:42 - 00538112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Cortana.Desktop.dll
2016-07-13 13:17 - 2016-07-01 05:42 - 00515072 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneDriveSettingSyncProvider.dll
2016-07-13 13:17 - 2016-07-01 05:42 - 00480768 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppBroker.dll
2016-07-13 13:17 - 2016-07-01 05:42 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2016-07-13 13:17 - 2016-07-01 05:41 - 02127360 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2016-07-13 13:17 - 2016-07-01 05:41 - 01387520 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2016-07-13 13:17 - 2016-07-01 05:41 - 01159168 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplicationFrame.dll
2016-07-13 13:17 - 2016-07-01 05:41 - 01054208 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2016-07-13 13:17 - 2016-07-01 05:41 - 00990208 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModel.dll
2016-07-13 13:17 - 2016-07-01 05:41 - 00939520 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlCore.dll
2016-07-13 13:17 - 2016-07-01 05:41 - 00814080 _____ (Microsoft Corporation) C:\WINDOWS\system32\appwiz.cpl
2016-07-13 13:17 - 2016-07-01 05:41 - 00784384 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2016-07-13 13:17 - 2016-07-01 05:41 - 00697856 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToManager.dll
2016-07-13 13:17 - 2016-07-01 05:41 - 00599040 _____ (Microsoft Corporation) C:\WINDOWS\system32\duser.dll
2016-07-13 13:17 - 2016-07-01 05:41 - 00587776 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2016-07-13 13:17 - 2016-07-01 05:41 - 00572928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll
2016-07-13 13:17 - 2016-07-01 05:41 - 00050176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MosHostClient.dll
2016-07-13 13:17 - 2016-07-01 05:40 - 02731008 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameux.dll
2016-07-13 13:17 - 2016-07-01 05:40 - 02103296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Printing.3D.dll
2016-07-13 13:17 - 2016-07-01 05:40 - 01902592 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2016-07-13 13:17 - 2016-07-01 05:40 - 01575936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.dll
2016-07-13 13:17 - 2016-07-01 05:40 - 00938496 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2016-07-13 13:17 - 2016-07-01 05:40 - 00896512 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApiPublic.dll
2016-07-13 13:17 - 2016-07-01 05:40 - 00853504 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2016-07-13 13:17 - 2016-07-01 05:40 - 00841728 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
2016-07-13 13:17 - 2016-07-01 05:40 - 00775168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Display.dll
2016-07-13 13:17 - 2016-07-01 05:40 - 00529920 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2016-07-13 13:17 - 2016-07-01 05:40 - 00496640 _____ (Microsoft Corporation) C:\WINDOWS\system32\webio.dll
2016-07-13 13:17 - 2016-07-01 05:39 - 01752576 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2016-07-13 13:17 - 2016-07-01 05:39 - 01717248 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2016-07-13 13:17 - 2016-07-01 05:39 - 01211904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Cred.dll
2016-07-13 13:17 - 2016-07-01 05:39 - 00381952 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2016-07-13 13:17 - 2016-07-01 05:39 - 00243712 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingMonitor.dll
2016-07-13 13:17 - 2016-07-01 05:38 - 06312448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
2016-07-13 13:17 - 2016-07-01 05:38 - 04456448 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_47.dll
2016-07-13 13:17 - 2016-07-01 05:38 - 01671168 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2016-07-13 13:17 - 2016-07-01 05:38 - 01443840 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagperf.dll
2016-07-13 13:17 - 2016-07-01 05:38 - 01063936 _____ (Microsoft Corporation) C:\WINDOWS\system32\comdlg32.dll
2016-07-13 13:17 - 2016-07-01 05:38 - 00961536 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSShared.dll
2016-07-13 13:17 - 2016-07-01 05:38 - 00821760 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2016-07-13 13:17 - 2016-07-01 05:38 - 00549888 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFolder.dll
2016-07-13 13:17 - 2016-07-01 05:38 - 00012288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\IconCodecService.dll
2016-07-13 13:17 - 2016-07-01 05:37 - 01073152 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2016-07-13 13:17 - 2016-07-01 05:37 - 01051648 _____ (Microsoft Corporation) C:\WINDOWS\system32\MsSpellCheckingFacility.dll
2016-07-13 13:17 - 2016-07-01 05:37 - 00865792 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2016-07-13 13:17 - 2016-07-01 05:37 - 00638976 _____ (Microsoft Corporation) C:\WINDOWS\system32\ShareHost.dll
2016-07-13 13:17 - 2016-07-01 05:36 - 03415040 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncCenter.dll
2016-07-13 13:17 - 2016-07-01 05:36 - 01141248 _____ (Microsoft Corporation) C:\WINDOWS\system32\winipcsecproc.dll
2016-07-13 13:17 - 2016-07-01 05:36 - 00701952 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.dll
2016-07-13 13:17 - 2016-07-01 05:35 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msscntrs.dll
2016-07-13 13:17 - 2016-07-01 05:34 - 09919488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2016-07-13 13:17 - 2016-07-01 05:34 - 03994624 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2016-07-13 13:17 - 2016-07-01 05:34 - 03428864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2016-07-13 13:17 - 2016-07-01 05:34 - 00636928 _____ (Microsoft Corporation) C:\WINDOWS\system32\hgcpl.dll
2016-07-13 13:17 - 2016-07-01 05:34 - 00070656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppCapture.dll
2016-07-13 13:17 - 2016-07-01 05:33 - 07200256 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2016-07-13 13:17 - 2016-07-01 05:33 - 06973952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2016-07-13 13:17 - 2016-07-01 05:33 - 06675968 _____ (Microsoft Corporation) C:\WINDOWS\system32\mspaint.exe
2016-07-13 13:17 - 2016-07-01 05:33 - 02285568 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebSync.dll
2016-07-13 13:17 - 2016-07-01 05:33 - 00309760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntprint.dll
2016-07-13 13:17 - 2016-07-01 05:33 - 00057344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WPDShServiceObj.dll
2016-07-13 13:17 - 2016-07-01 05:32 - 02582016 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2016-07-13 13:17 - 2016-07-01 05:32 - 02563584 _____ (Microsoft Corporation) C:\WINDOWS\system32\themecpl.dll
2016-07-13 13:17 - 2016-07-01 05:32 - 00268800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2016-07-13 13:17 - 2016-07-01 05:31 - 19347968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
FRST_2.txt:
Code:
2016-07-13 13:17 - 2016-07-01 05:31 - 01797120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2016-07-13 13:17 - 2016-07-01 05:31 - 00994816 _____ (Microsoft Corporation) C:\WINDOWS\HelpPane.exe
2016-07-13 13:17 - 2016-07-01 05:31 - 00870400 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2016-07-13 13:17 - 2016-07-01 05:31 - 00465920 _____ (Microsoft Corporation) C:\WINDOWS\system32\StikyNot.exe
2016-07-13 13:17 - 2016-07-01 05:30 - 13385728 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2016-07-13 13:17 - 2016-07-01 05:30 - 03585536 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll
2016-07-13 13:17 - 2016-07-01 05:30 - 02635776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2016-07-13 13:17 - 2016-07-01 05:30 - 02066432 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2016-07-13 13:17 - 2016-07-01 05:30 - 00849920 _____ (Microsoft Corporation) C:\WINDOWS\system32\samsrv.dll
2016-07-13 13:17 - 2016-07-01 05:30 - 00546816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActionCenterCPL.dll
2016-07-13 13:17 - 2016-07-01 05:30 - 00339968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMPhoto.dll
2016-07-13 13:17 - 2016-07-01 05:30 - 00334336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcastdvr.exe
2016-07-13 13:17 - 2016-07-01 05:30 - 00292864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dot3ui.dll
2016-07-13 13:17 - 2016-07-01 05:30 - 00282624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Search.ProtocolHandler.MAPI2.dll
2016-07-13 13:17 - 2016-07-01 05:29 - 03589632 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2016-07-13 13:17 - 2016-07-01 05:29 - 03355136 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll
2016-07-13 13:17 - 2016-07-01 05:29 - 02609664 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2016-07-13 13:17 - 2016-07-01 05:29 - 02352128 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2016-07-13 13:17 - 2016-07-01 05:29 - 02168320 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2016-07-13 13:17 - 2016-07-01 05:29 - 00541184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GamePanel.exe
2016-07-13 13:17 - 2016-07-01 05:29 - 00368128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanui.dll
2016-07-13 13:17 - 2016-07-01 05:29 - 00349696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapConfiguration.dll
2016-07-13 13:17 - 2016-07-01 05:29 - 00254976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Picker.dll
2016-07-13 13:17 - 2016-07-01 05:28 - 03577344 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2016-07-13 13:17 - 2016-07-01 05:28 - 02912256 _____ (Microsoft Corporation) C:\WINDOWS\system32\CertEnroll.dll
2016-07-13 13:17 - 2016-07-01 05:28 - 02876928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wpc.dll
2016-07-13 13:17 - 2016-07-01 05:28 - 00578048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wiaaut.dll
2016-07-13 13:17 - 2016-07-01 05:28 - 00197120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netplwiz.dll
2016-07-13 13:17 - 2016-07-01 05:28 - 00119296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssph.dll
2016-07-13 13:17 - 2016-07-01 05:27 - 01946112 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2016-07-13 13:17 - 2016-07-01 05:27 - 01729024 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2016-07-13 13:17 - 2016-07-01 05:27 - 00846336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasgcw.dll
2016-07-13 13:17 - 2016-07-01 05:27 - 00629760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sud.dll
2016-07-13 13:17 - 2016-07-01 05:27 - 00613376 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSync.dll
2016-07-13 13:17 - 2016-07-01 05:27 - 00559616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.SmartCards.dll
2016-07-13 13:17 - 2016-07-01 05:27 - 00496128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2016-07-13 13:17 - 2016-07-01 05:27 - 00282624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
2016-07-13 13:17 - 2016-07-01 05:27 - 00250880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2016-07-13 13:17 - 2016-07-01 05:27 - 00244736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssphtb.dll
2016-07-13 13:17 - 2016-07-01 05:27 - 00216576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToReceiver.dll
2016-07-13 13:17 - 2016-07-01 05:27 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcsps.dll
2016-07-13 13:17 - 2016-07-01 05:26 - 18674176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2016-07-13 13:17 - 2016-07-01 05:26 - 07832576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2016-07-13 13:17 - 2016-07-01 05:26 - 04895232 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2016-07-13 13:17 - 2016-07-01 05:26 - 03026944 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2016-07-13 13:17 - 2016-07-01 05:26 - 02597888 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2016-07-13 13:17 - 2016-07-01 05:26 - 01755648 _____ (Microsoft Corporation) C:\WINDOWS\system32\dui70.dll
2016-07-13 13:17 - 2016-07-01 05:26 - 01171456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netcenter.dll
2016-07-13 13:17 - 2016-07-01 05:26 - 00779264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sbe.dll
2016-07-13 13:17 - 2016-07-01 05:26 - 00489984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mbsmsapi.dll
2016-07-13 13:17 - 2016-07-01 05:26 - 00372224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppBroker.dll
2016-07-13 13:17 - 2016-07-01 05:26 - 00348672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredProvDataModel.dll
2016-07-13 13:17 - 2016-07-01 05:26 - 00298496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.dll
2016-07-13 13:17 - 2016-07-01 05:25 - 02745856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepository.dll
2016-07-13 13:17 - 2016-07-01 05:25 - 02050048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2016-07-13 13:17 - 2016-07-01 05:25 - 01121792 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2016-07-13 13:17 - 2016-07-01 05:25 - 01117184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Speech.dll
2016-07-13 13:17 - 2016-07-01 05:25 - 01097216 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2016-07-13 13:17 - 2016-07-01 05:25 - 00984576 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2016-07-13 13:17 - 2016-07-01 05:25 - 00784896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NMAA.dll
2016-07-13 13:17 - 2016-07-01 05:25 - 00738816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\appwiz.cpl
2016-07-13 13:17 - 2016-07-01 05:25 - 00736768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SmartcardCredentialProvider.dll
2016-07-13 13:17 - 2016-07-01 05:25 - 00711680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapControlCore.dll
2016-07-13 13:17 - 2016-07-01 05:25 - 00687616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2016-07-13 13:17 - 2016-07-01 05:25 - 00523776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.OnlineId.dll
2016-07-13 13:17 - 2016-07-01 05:25 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2016-07-13 13:17 - 2016-07-01 05:24 - 12586496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2016-07-13 13:17 - 2016-07-01 05:24 - 01588224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2016-07-13 13:17 - 2016-07-01 05:24 - 01487872 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpeechPal.dll
2016-07-13 13:17 - 2016-07-01 05:24 - 01467392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2016-07-13 13:17 - 2016-07-01 05:24 - 01448960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.Printing.3D.dll
2016-07-13 13:17 - 2016-07-01 05:24 - 01390080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll
2016-07-13 13:17 - 2016-07-01 05:24 - 00673280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MbaeApiPublic.dll
2016-07-13 13:17 - 2016-07-01 05:24 - 00468992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.Printing.dll
2016-07-13 13:17 - 2016-07-01 05:24 - 00405504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webio.dll
2016-07-13 13:17 - 2016-07-01 05:23 - 03695104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_47.dll
2016-07-13 13:17 - 2016-07-01 05:23 - 03301376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SyncCenter.dll
2016-07-13 13:17 - 2016-07-01 05:23 - 02578432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gameux.dll
2016-07-13 13:17 - 2016-07-01 05:23 - 01526272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2016-07-13 13:17 - 2016-07-01 05:23 - 01036288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.dll
2016-07-13 13:17 - 2016-07-01 05:23 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Cred.dll
2016-07-13 13:17 - 2016-07-01 05:23 - 00760320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2016-07-13 13:17 - 2016-07-01 05:23 - 00667648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll
2016-07-13 13:17 - 2016-07-01 05:23 - 00489984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ShareHost.dll
2016-07-13 13:17 - 2016-07-01 05:22 - 06295552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll
2016-07-13 13:17 - 2016-07-01 05:22 - 03053568 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcore.dll
2016-07-13 13:17 - 2016-07-01 05:22 - 00965120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comdlg32.dll
2016-07-13 13:17 - 2016-07-01 05:22 - 00639488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2016-07-13 13:17 - 2016-07-01 05:21 - 04078080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll
2016-07-13 13:17 - 2016-07-01 05:21 - 00980480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winipcsecproc.dll
2016-07-13 13:17 - 2016-07-01 05:21 - 00341504 _____ (Microsoft Corporation) C:\WINDOWS\system32\RADCUI.dll
2016-07-13 13:17 - 2016-07-01 05:20 - 12128256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2016-07-13 13:17 - 2016-07-01 05:19 - 01987072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2016-07-13 13:17 - 2016-07-01 05:19 - 01582080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2016-07-13 13:17 - 2016-07-01 05:19 - 00581632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.dll
2016-07-13 13:17 - 2016-07-01 05:19 - 00503296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSync.dll
2016-07-13 13:17 - 2016-07-01 05:18 - 05205504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2016-07-13 13:17 - 2016-07-01 05:18 - 03663360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2016-07-13 13:17 - 2016-07-01 05:17 - 05323776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2016-07-13 13:17 - 2016-07-01 05:17 - 02155008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2016-07-13 13:17 - 2016-07-01 05:16 - 02771968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2016-07-13 13:17 - 2016-07-01 05:16 - 01984000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2016-07-13 13:17 - 2016-07-01 05:15 - 04413440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll
2016-07-13 13:17 - 2016-07-01 05:15 - 02604032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CertEnroll.dll
2016-07-13 13:17 - 2016-07-01 05:15 - 02217984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Wpc.dll
2016-07-13 13:17 - 2016-07-01 05:15 - 02102272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xpsservices.dll
2016-07-13 13:17 - 2016-07-01 05:15 - 01799680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
2016-07-13 13:17 - 2016-07-01 05:15 - 00574976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hgcpl.dll
2016-07-13 13:17 - 2016-07-01 05:15 - 00573440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserLanguagesCpl.dll
2016-07-13 13:17 - 2016-07-01 05:14 - 05660672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2016-07-13 13:17 - 2016-07-01 05:14 - 02680320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll
2016-07-13 13:17 - 2016-07-01 05:13 - 06740992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2016-07-13 13:17 - 2016-07-01 05:13 - 02519552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\themecpl.dll
2016-07-13 13:17 - 2016-07-01 05:13 - 01249280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usercpl.dll
2016-07-13 13:17 - 2016-07-01 05:12 - 00339456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certcli.dll
2016-07-13 13:17 - 2016-07-01 05:11 - 00754176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2016-07-13 13:17 - 2016-07-01 05:09 - 02632192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpcore.dll
2016-07-13 13:17 - 2016-07-01 05:08 - 01976832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpdshext.dll
2016-07-13 13:17 - 2016-07-01 05:08 - 00517632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToManager.dll
2016-07-13 13:17 - 2016-02-09 06:25 - 00304752 _____ (Microsoft Corporation) C:\WINDOWS\system32\systemreset.exe
2016-07-13 13:16 - 2016-07-01 07:30 - 01505984 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2016-07-13 13:16 - 2016-07-01 07:30 - 01223872 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2016-07-13 13:16 - 2016-07-01 07:30 - 00559808 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2016-07-13 13:16 - 2016-07-01 07:30 - 00310464 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2016-07-13 13:16 - 2016-07-01 07:30 - 00092352 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2016-07-13 13:16 - 2016-07-01 07:30 - 00050368 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2016-07-13 13:16 - 2016-07-01 06:49 - 01997328 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2016-07-13 13:16 - 2016-07-01 06:49 - 01317640 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2016-07-13 13:16 - 2016-07-01 06:49 - 01141504 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2016-07-13 13:16 - 2016-07-01 06:49 - 01030416 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2016-07-13 13:16 - 2016-07-01 06:49 - 00874968 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2016-07-13 13:16 - 2016-07-01 06:49 - 00277856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2016-07-13 13:16 - 2016-07-01 06:48 - 02656408 _____ C:\WINDOWS\system32\CoreUIComponents.dll
2016-07-13 13:16 - 2016-07-01 06:45 - 01613664 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2016-07-13 13:16 - 2016-07-01 06:43 - 00026408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2016-07-13 13:16 - 2016-07-01 06:39 - 01557776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2016-07-13 13:16 - 2016-07-01 06:38 - 01083656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Taskmgr.exe
2016-07-13 13:16 - 2016-07-01 06:38 - 00256192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Storage.ApplicationData.dll
2016-07-13 13:16 - 2016-07-01 06:38 - 00032552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wldp.dll
2016-07-13 13:16 - 2016-07-01 06:33 - 22561256 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2016-07-13 13:16 - 2016-07-01 06:32 - 06605544 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2016-07-13 13:16 - 2016-07-01 06:32 - 06536256 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2016-07-13 13:16 - 2016-07-01 06:32 - 01040800 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2016-07-13 13:16 - 2016-07-01 06:32 - 00625000 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipSVC.dll
2016-07-13 13:16 - 2016-07-01 06:32 - 00078040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Clipc.dll
2016-07-13 13:16 - 2016-07-01 06:24 - 01776768 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2016-07-13 13:16 - 2016-07-01 06:23 - 01118208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetsrc.dll
2016-07-13 13:16 - 2016-07-01 06:23 - 00925576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2016-07-13 13:16 - 2016-07-01 06:23 - 00709176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2016-07-13 13:16 - 2016-07-01 06:23 - 00511320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf.dll
2016-07-13 13:16 - 2016-07-01 06:23 - 00451936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFCaptureEngine.dll
2016-07-13 13:16 - 2016-07-01 06:23 - 00032040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfpmp.exe
2016-07-13 13:16 - 2016-07-01 06:21 - 28851224 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecsRaw.dll
2016-07-13 13:16 - 2016-07-01 06:21 - 02403168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2016-07-13 13:16 - 2016-07-01 06:21 - 00957608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2016-07-13 13:16 - 2016-07-01 06:20 - 21123320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2016-07-13 13:16 - 2016-07-01 06:19 - 00836760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll
2016-07-13 13:16 - 2016-07-01 06:19 - 00569752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SHCore.dll
2016-07-13 13:16 - 2016-07-01 06:17 - 01536600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\crypt32.dll
2016-07-13 13:16 - 2016-07-01 06:12 - 02186864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll
2016-07-13 13:16 - 2016-07-01 06:11 - 00521152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2016-07-13 13:16 - 2016-07-01 06:10 - 00675064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dcomp.dll
2016-07-13 13:16 - 2016-07-01 06:07 - 28083144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecsRaw.dll
2016-07-13 13:16 - 2016-07-01 06:03 - 00084480 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2016-07-13 13:16 - 2016-07-01 05:58 - 00045056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Speech.Pal.dll
2016-07-13 13:16 - 2016-07-01 05:56 - 00172032 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2016-07-13 13:16 - 2016-07-01 05:55 - 00584704 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbonRes.dll
2016-07-13 13:16 - 2016-07-01 05:55 - 00071168 _____ (Microsoft Corporation) C:\WINDOWS\system32\LegacyNetUX.dll
2016-07-13 13:16 - 2016-07-01 05:55 - 00014848 _____ (Microsoft Corporation) C:\WINDOWS\system32\IconCodecService.dll
2016-07-13 13:16 - 2016-07-01 05:54 - 00072192 _____ (Microsoft Corporation) C:\WINDOWS\system32\eappprxy.dll
2016-07-13 13:16 - 2016-07-01 05:53 - 01567744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Globalization.dll
2016-07-13 13:16 - 2016-07-01 05:52 - 16985088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2016-07-13 13:16 - 2016-07-01 05:52 - 00091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2016-07-13 13:16 - 2016-07-01 05:52 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzautoupdate.dll
2016-07-13 13:16 - 2016-07-01 05:52 - 00057344 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2016-07-13 13:16 - 2016-07-01 05:52 - 00040960 _____ (Microsoft Corporation) C:\WINDOWS\system32\msscntrs.dll
2016-07-13 13:16 - 2016-07-01 05:51 - 00285184 _____ (Microsoft Corporation) C:\WINDOWS\system32\oemlicense.dll
2016-07-13 13:16 - 2016-07-01 05:51 - 00086528 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppCapture.dll
2016-07-13 13:16 - 2016-07-01 05:51 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Shell.Search.UriHandler.dll
2016-07-13 13:16 - 2016-07-01 05:50 - 00407552 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2016-07-13 13:16 - 2016-07-01 05:50 - 00379392 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2016-07-13 13:16 - 2016-07-01 05:50 - 00193024 _____ (Microsoft Corporation) C:\WINDOWS\system32\SimCfg.dll
2016-07-13 13:16 - 2016-07-01 05:50 - 00150528 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdrsvc.dll
2016-07-13 13:16 - 2016-07-01 05:50 - 00129536 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdshext.dll
2016-07-13 13:16 - 2016-07-01 05:50 - 00113152 _____ (Microsoft Corporation) C:\WINDOWS\system32\eappgnui.dll
2016-07-13 13:16 - 2016-07-01 05:49 - 00206848 _____ (Microsoft Corporation) C:\WINDOWS\system32\LegacyNetUXHost.exe
2016-07-13 13:16 - 2016-07-01 05:48 - 00381952 _____ (Microsoft Corporation) C:\WINDOWS\system32\apprepsync.dll
2016-07-13 13:16 - 2016-07-01 05:48 - 00308736 _____ (Microsoft Corporation) C:\WINDOWS\system32\eapphost.dll
2016-07-13 13:16 - 2016-07-01 05:48 - 00252928 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhengine.dll
2016-07-13 13:16 - 2016-07-01 05:48 - 00233984 _____ (Microsoft Corporation) C:\WINDOWS\system32\schtasks.exe
2016-07-13 13:16 - 2016-07-01 05:48 - 00200192 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUDFPlatform.dll
2016-07-13 13:16 - 2016-07-01 05:48 - 00160768 _____ (Microsoft Corporation) C:\WINDOWS\system32\SimAuth.dll
2016-07-13 13:16 - 2016-07-01 05:47 - 00414720 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.exe
2016-07-13 13:16 - 2016-07-01 05:47 - 00333312 _____ (Microsoft Corporation) C:\WINDOWS\system32\eapp3hst.dll
2016-07-13 13:16 - 2016-07-01 05:47 - 00319488 _____ (Microsoft Corporation) C:\WINDOWS\system32\dot3ui.dll
2016-07-13 13:16 - 2016-07-01 05:47 - 00318976 _____ (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll
2016-07-13 13:16 - 2016-07-01 05:47 - 00314368 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseAppMgmtSvc.dll
2016-07-13 13:16 - 2016-07-01 05:47 - 00274432 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmdskmgr.dll
2016-07-13 13:16 - 2016-07-01 05:47 - 00174592 _____ (Microsoft Corporation) C:\WINDOWS\system32\easwrt.dll
2016-07-13 13:16 - 2016-07-01 05:46 - 00715776 _____ (Microsoft Corporation) C:\WINDOWS\system32\GamePanel.exe
2016-07-13 13:16 - 2016-07-01 05:46 - 00565760 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActionCenterCPL.dll
2016-07-13 13:16 - 2016-07-01 05:46 - 00522240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.WiFiDirect.dll
2016-07-13 13:16 - 2016-07-01 05:46 - 00368640 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack_win.dll
2016-07-13 13:16 - 2016-07-01 05:46 - 00341504 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmicmiplugin.dll
2016-07-13 13:16 - 2016-07-01 05:46 - 00254464 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExecModelClient.dll
2016-07-13 13:16 - 2016-07-01 05:46 - 00185344 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSClient.dll
2016-07-13 13:16 - 2016-07-01 05:45 - 00344064 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Picker.dll
2016-07-13 13:16 - 2016-07-01 05:45 - 00270336 _____ (Microsoft Corporation) C:\WINDOWS\system32\netplwiz.dll
2016-07-13 13:16 - 2016-07-01 05:45 - 00224256 _____ (Microsoft Corporation) C:\WINDOWS\system32\PackageStateRoaming.dll
2016-07-13 13:16 - 2016-07-01 05:45 - 00203776 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFilterHost.exe
2016-07-13 13:16 - 2016-07-01 05:45 - 00147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssph.dll
2016-07-13 13:16 - 2016-07-01 05:45 - 00088576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll
2016-07-13 13:16 - 2016-07-01 05:44 - 01814528 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnidui.dll
2016-07-13 13:16 - 2016-07-01 05:44 - 00677376 _____ (Microsoft Corporation) C:\WINDOWS\system32\wiaaut.dll
2016-07-13 13:16 - 2016-07-01 05:44 - 00504832 _____ (Microsoft Corporation) C:\WINDOWS\system32\dlnashext.dll
2016-07-13 13:16 - 2016-07-01 05:44 - 00330240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2016-07-13 13:16 - 2016-07-01 05:43 - 01216512 _____ (Microsoft Corporation) C:\WINDOWS\system32\netcenter.dll
2016-07-13 13:16 - 2016-07-01 05:43 - 01048576 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebcamUi.dll
2016-07-13 13:16 - 2016-07-01 05:43 - 00947200 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasgcw.dll
2016-07-13 13:16 - 2016-07-01 05:43 - 00589824 _____ (Microsoft Corporation) C:\WINDOWS\system32\PrintDialogs.dll
2016-07-13 13:16 - 2016-07-01 05:43 - 00440320 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredProvDataModel.dll
2016-07-13 13:16 - 2016-07-01 05:43 - 00356864 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActivationManager.dll
2016-07-13 13:16 - 2016-07-01 05:43 - 00352256 _____ (Microsoft Corporation) C:\WINDOWS\system32\eappcfg.dll
2016-07-13 13:16 - 2016-07-01 05:42 - 00859136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2016-07-13 13:16 - 2016-07-01 05:42 - 00651776 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserLanguagesCpl.dll
2016-07-13 13:16 - 2016-07-01 05:42 - 00585728 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieui.dll
2016-07-13 13:16 - 2016-07-01 05:42 - 00504320 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppReadiness.dll
2016-07-13 13:16 - 2016-07-01 05:42 - 00429056 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskcomp.dll
2016-07-13 13:16 - 2016-07-01 05:42 - 00368128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.dll
2016-07-13 13:16 - 2016-07-01 05:42 - 00286720 _____ (Microsoft Corporation) C:\WINDOWS\system32\deviceaccess.dll
2016-07-13 13:16 - 2016-07-01 05:41 - 01847808 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPDMC.exe
2016-07-13 13:16 - 2016-07-01 05:41 - 01037824 _____ (Microsoft Corporation) C:\WINDOWS\system32\SmartcardCredentialProvider.dll
2016-07-13 13:16 - 2016-07-01 05:41 - 01001472 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2016-07-13 13:16 - 2016-07-01 05:41 - 00870400 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2016-07-13 13:16 - 2016-07-01 05:41 - 00817152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Storage.Search.dll
2016-07-13 13:16 - 2016-07-01 05:41 - 00299520 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskeng.exe
2016-07-13 13:16 - 2016-07-01 05:40 - 02050560 _____ (Microsoft Corporation) C:\WINDOWS\system32\PrintDialogs3D.dll
2016-07-13 13:16 - 2016-07-01 05:40 - 00673280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
2016-07-13 13:16 - 2016-07-01 05:40 - 00596480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Printing.dll
2016-07-13 13:16 - 2016-07-01 05:40 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Speech.Pal.dll
2016-07-13 13:16 - 2016-07-01 05:39 - 01872896 _____ (Microsoft Corporation) C:\WINDOWS\system32\workfolderssvc.dll
2016-07-13 13:16 - 2016-07-01 05:39 - 00268288 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2016-07-13 13:16 - 2016-07-01 05:39 - 00236032 _____ (Microsoft Corporation) C:\WINDOWS\system32\licensingdiag.exe
2016-07-13 13:16 - 2016-07-01 05:38 - 01291776 _____ (Microsoft Corporation) C:\WINDOWS\system32\werconcpl.dll
2016-07-13 13:16 - 2016-07-01 05:37 - 00584704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbonRes.dll
2016-07-13 13:16 - 2016-07-01 05:37 - 00055808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eappprxy.dll
2016-07-13 13:16 - 2016-07-01 05:36 - 02445312 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2016-07-13 13:16 - 2016-07-01 05:36 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryClient.dll
2016-07-13 13:16 - 2016-07-01 05:36 - 00048128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryBroker.dll
2016-07-13 13:16 - 2016-07-01 05:34 - 04170240 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbon.dll
2016-07-13 13:16 - 2016-07-01 05:34 - 00838144 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll
2016-07-13 13:16 - 2016-07-01 05:34 - 00205312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oemlicense.dll
2016-07-13 13:16 - 2016-07-01 05:34 - 00040960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Shell.Search.UriHandler.dll
2016-07-13 13:16 - 2016-07-01 05:32 - 02800128 _____ (Microsoft Corporation) C:\WINDOWS\system32\netshell.dll
2016-07-13 13:16 - 2016-07-01 05:32 - 00583680 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhotoScreensaver.scr
2016-07-13 13:16 - 2016-07-01 05:32 - 00157696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SimCfg.dll
2016-07-13 13:16 - 2016-07-01 05:32 - 00096256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eappgnui.dll
2016-07-13 13:16 - 2016-07-01 05:32 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\IdCtrls.dll
2016-07-13 13:16 - 2016-07-01 05:31 - 01385472 _____ (Microsoft Corporation) C:\WINDOWS\system32\usercpl.dll
2016-07-13 13:16 - 2016-07-01 05:31 - 00900608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.BackgroundTransfer.dll
2016-07-13 13:16 - 2016-07-01 05:31 - 00882688 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntshrui.dll
2016-07-13 13:16 - 2016-07-01 05:31 - 00290304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WmpDui.dll
2016-07-13 13:16 - 2016-07-01 05:31 - 00260096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apprepsync.dll
2016-07-13 13:16 - 2016-07-01 05:31 - 00238592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eapphost.dll
2016-07-13 13:16 - 2016-07-01 05:31 - 00186880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schtasks.exe
2016-07-13 13:16 - 2016-07-01 05:31 - 00129024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SimAuth.dll
2016-07-13 13:16 - 2016-07-01 05:30 - 02902528 _____ (Microsoft Corporation) C:\WINDOWS\system32\themeui.dll
2016-07-13 13:16 - 2016-07-01 05:30 - 01213440 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdengin2.dll
2016-07-13 13:16 - 2016-07-01 05:30 - 00733184 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasapi32.dll
2016-07-13 13:16 - 2016-07-01 05:30 - 00248320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eapp3hst.dll
2016-07-13 13:16 - 2016-07-01 05:30 - 00217600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmdskmgr.dll
2016-07-13 13:16 - 2016-07-01 05:30 - 00190464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apprepapi.dll
2016-07-13 13:16 - 2016-07-01 05:30 - 00151552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSClient.dll
2016-07-13 13:16 - 2016-07-01 05:30 - 00123392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ProximityCommon.dll
2016-07-13 13:16 - 2016-07-01 05:29 - 05123072 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll
2016-07-13 13:16 - 2016-07-01 05:29 - 04646912 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsrchvw.exe
2016-07-13 13:16 - 2016-07-01 05:29 - 00569856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\qdvd.dll
2016-07-13 13:16 - 2016-07-01 05:29 - 00386560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.WiFiDirect.dll
2016-07-13 13:16 - 2016-07-01 05:29 - 00315904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.BlockedShutdown.dll
2016-07-13 13:16 - 2016-07-01 05:29 - 00220672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\credprovs.dll
2016-07-13 13:16 - 2016-07-01 05:29 - 00193536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExecModelClient.dll
2016-07-13 13:16 - 2016-07-01 05:28 - 03046400 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsservices.dll
2016-07-13 13:16 - 2016-07-01 05:28 - 00442880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\efswrt.dll
2016-07-13 13:16 - 2016-07-01 05:28 - 00442368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dlnashext.dll
2016-07-13 13:16 - 2016-07-01 05:28 - 00347648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\zipfldr.dll
2016-07-13 13:16 - 2016-07-01 05:28 - 00283136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.BioFeedback.dll
2016-07-13 13:16 - 2016-07-01 05:28 - 00282624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msieftp.dll
2016-07-13 13:16 - 2016-07-01 05:28 - 00279040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edputil.dll
2016-07-13 13:16 - 2016-07-01 05:28 - 00238592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecsExt.dll
2016-07-13 13:16 - 2016-07-01 05:27 - 07533568 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2016-07-13 13:16 - 2016-07-01 05:27 - 04827136 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
2016-07-13 13:16 - 2016-07-01 05:27 - 02444800 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll
2016-07-13 13:16 - 2016-07-01 05:27 - 02280448 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2016-07-13 13:16 - 2016-07-01 05:27 - 01226752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wcnwiz.dll
2016-07-13 13:16 - 2016-07-01 05:27 - 00519168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintDialogs.dll
2016-07-13 13:16 - 2016-07-01 05:27 - 00330752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winipcfile.dll
2016-07-13 13:16 - 2016-07-01 05:27 - 00284160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eappcfg.dll
2016-07-13 13:16 - 2016-07-01 05:26 - 01445888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRHInproc.dll
2016-07-13 13:16 - 2016-07-01 05:26 - 01063936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Editing.dll
2016-07-13 13:16 - 2016-07-01 05:26 - 00585216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.AccountsControl.dll
2016-07-13 13:16 - 2016-07-01 05:26 - 00502272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DevicePairing.dll
2016-07-13 13:16 - 2016-07-01 05:26 - 00413696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WLanConn.dll
2016-07-13 13:16 - 2016-07-01 05:26 - 00400896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneDriveSettingSyncProvider.dll
2016-07-13 13:16 - 2016-07-01 05:26 - 00153088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSSync.dll
2016-07-13 13:16 - 2016-07-01 05:25 - 04775424 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2016-07-13 13:16 - 2016-07-01 05:25 - 01508352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmsipc.dll
2016-07-13 13:16 - 2016-07-01 05:25 - 01228800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Globalization.dll
2016-07-13 13:16 - 2016-07-01 05:25 - 00799744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRH.dll
2016-07-13 13:16 - 2016-07-01 05:25 - 00645632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Storage.Search.dll
2016-07-13 13:16 - 2016-07-01 05:25 - 00502784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2016-07-13 13:16 - 2016-07-01 05:25 - 00482816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\duser.dll
2016-07-13 13:16 - 2016-07-01 05:25 - 00477184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieui.dll
2016-07-13 13:16 - 2016-07-01 05:25 - 00356352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\taskcomp.dll
2016-07-13 13:16 - 2016-07-01 05:25 - 00240640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\taskeng.exe
2016-07-13 13:16 - 2016-07-01 05:24 - 04404736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll
2016-07-13 13:16 - 2016-07-01 05:24 - 04171264 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2016-07-13 13:16 - 2016-07-01 05:24 - 01497088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMPDMC.exe
2016-07-13 13:16 - 2016-07-01 05:24 - 00434688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LogonController.dll
2016-07-13 13:16 - 2016-07-01 05:23 - 00805888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSShared.dll
2016-07-13 13:16 - 2016-07-01 05:23 - 00460800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFolder.dll
2016-07-13 13:16 - 2016-07-01 05:23 - 00459776 _____ (Microsoft Corporation) C:\WINDOWS\system32\certcli.dll
2016-07-13 13:16 - 2016-07-01 05:23 - 00207872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\licensingdiag.exe
2016-07-13 13:16 - 2016-07-01 05:23 - 00184832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingMonitor.dll
2016-07-13 13:16 - 2016-07-01 05:21 - 01087488 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2016-07-13 13:16 - 2016-07-01 05:21 - 00321536 _____ (Microsoft Corporation) C:\WINDOWS\system32\GlobCollationHost.dll
2016-07-13 13:16 - 2016-07-01 05:20 - 03555840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xpsrchvw.exe
2016-07-13 13:16 - 2016-07-01 05:20 - 02798080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2016-07-13 13:16 - 2016-07-01 05:20 - 00777728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MsSpellCheckingFacility.dll
2016-07-13 13:16 - 2016-07-01 05:19 - 06471168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mspaint.exe
2016-07-13 13:16 - 2016-07-01 05:19 - 00736768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Display.dll
2016-07-13 13:16 - 2016-07-01 05:18 - 01448960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dui70.dll
2016-07-13 13:16 - 2016-07-01 05:18 - 00683008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.BackgroundTransfer.dll
2016-07-13 13:16 - 2016-07-01 05:16 - 02062336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2016-07-13 13:16 - 2016-07-01 05:15 - 03459584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbon.dll
2016-07-13 13:16 - 2016-07-01 05:15 - 02679808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netshell.dll
2016-07-13 13:16 - 2016-07-01 05:15 - 02501632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2016-07-13 13:16 - 2016-07-01 05:15 - 01626112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2016-07-13 13:16 - 2016-07-01 05:14 - 04759040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2016-07-13 13:16 - 2016-07-01 05:14 - 01498624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2016-07-13 13:16 - 2016-07-01 05:14 - 00802816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntshrui.dll
2016-07-13 13:16 - 2016-07-01 05:13 - 02849792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\themeui.dll
2016-07-13 13:16 - 2016-07-01 05:13 - 02000896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll
2016-07-13 13:16 - 2016-07-01 05:13 - 00835072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Streaming.dll
2016-07-13 13:16 - 2016-07-01 05:12 - 02179584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepository.dll
2016-07-13 13:16 - 2016-07-01 05:08 - 00879616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WebcamUi.dll
2016-07-13 13:16 - 2016-07-01 05:08 - 00199680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GlobCollationHost.dll
2016-07-13 13:16 - 2016-06-28 13:20 - 00219136 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2016-07-11 13:49 - 2016-07-11 13:49 - 00365504 _____ C:\Users\Gert\Desktop\hba137.pdf
2016-07-09 15:33 - 2016-07-13 07:12 - 00935046 _____ C:\Users\Gert\Documents\notiz-rtf-7.pdf

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-08-08 11:49 - 2015-05-21 11:58 - 00001136 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2016-08-08 11:39 - 2015-12-22 04:48 - 02006668 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-08-08 11:39 - 2015-10-30 20:35 - 00853548 _____ C:\WINDOWS\system32\perfh007.dat
2016-08-08 11:39 - 2015-10-30 20:35 - 00188272 _____ C:\WINDOWS\system32\perfc007.dat
2016-08-08 11:39 - 2015-10-30 09:21 - 00000000 ____D C:\WINDOWS\INF
2016-08-08 11:33 - 2015-12-22 04:57 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-08-08 11:33 - 2015-12-22 04:47 - 00000000 ____D C:\ProgramData\NVIDIA
2016-08-08 11:33 - 2015-08-21 19:11 - 00000000 ___RD C:\Users\Gert\Dropbox
2016-08-08 11:33 - 2015-08-21 18:59 - 00001224 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job
2016-08-08 11:33 - 2015-05-21 11:58 - 00001132 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2016-08-08 11:32 - 2015-10-30 08:28 - 00524288 ___SH C:\WINDOWS\system32\config\BBI
2016-08-08 11:29 - 2015-05-21 15:11 - 00000574 _____ C:\WINDOWS\Tasks\G2MUpdateTask-S-1-5-21-786549325-3828416840-1361333200-1001.job
2016-08-08 11:04 - 2015-08-21 18:59 - 00001228 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job
2016-08-08 10:59 - 2016-01-16 18:12 - 00004028 _____ C:\WINDOWS\System32\Tasks\SafeZone scheduled Autoupdate 1452960773
2016-08-08 10:59 - 2016-01-16 18:12 - 00001092 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast SafeZone Browser.lnk
2016-08-08 10:59 - 2015-10-30 08:28 - 00032768 ___SH C:\WINDOWS\system32\config\ELAM
2016-08-08 10:58 - 2016-01-16 18:10 - 00037144 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
2016-08-08 10:58 - 2015-07-04 09:08 - 00968536 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2016-08-08 10:58 - 2015-07-04 09:08 - 00513496 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2016-08-08 10:58 - 2015-07-04 09:08 - 00292704 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswvmm.sys.147064670068705
2016-08-08 10:58 - 2015-07-04 09:08 - 00292704 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswvmm.sys.147064670057804
2016-08-08 10:58 - 2015-07-04 09:08 - 00292704 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswvmm.sys
2016-08-08 10:58 - 2015-07-04 09:08 - 00163416 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2016-08-08 10:58 - 2015-07-04 09:08 - 00108816 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2016-08-08 10:58 - 2015-07-04 09:08 - 00103064 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2016-08-08 10:58 - 2015-07-04 09:08 - 00074544 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2016-08-08 10:58 - 2015-07-04 09:08 - 00037656 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHwid.sys
2016-08-08 10:58 - 2015-07-04 09:08 - 00004004 _____ C:\WINDOWS\System32\Tasks\avast! Emergency Update
2016-08-08 10:55 - 2015-10-30 09:24 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2016-08-08 10:55 - 2015-08-21 18:59 - 00000000 ____D C:\Program Files (x86)\Dropbox
2016-08-08 10:55 - 2015-06-18 18:39 - 00000000 ____D C:\Program Files\Microsoft Office 15
2016-08-08 10:55 - 2015-03-31 15:06 - 00000000 ____D C:\Program Files (x86)\McAfee
2016-08-08 10:09 - 2016-06-09 07:06 - 00001008 _____ C:\Users\Gert\Desktop\Start Tor Browser.lnk
2016-08-08 10:09 - 2015-06-02 07:15 - 00001151 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2016-08-08 10:09 - 2015-06-02 07:15 - 00001151 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2016-08-08 10:09 - 2015-05-31 12:18 - 00000670 _____ C:\WINDOWS\Tasks\G2MUploadTask-S-1-5-21-786549325-3828416840-1361333200-1001.job
2016-08-08 09:51 - 2015-05-21 11:51 - 00004154 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{5F4290AD-2EC7-4B3B-A113-DAFA20E23291}
2016-08-07 19:22 - 2015-05-22 17:23 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2016-08-07 19:19 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-08-07 11:49 - 2015-05-21 11:42 - 00000000 ____D C:\Users\Gert\AppData\Roaming\Adobe
2016-08-07 11:47 - 2015-06-17 15:09 - 00000000 ____D C:\Users\Gert\AppData\Roaming\CyberLink
2016-08-07 11:37 - 2015-05-21 12:05 - 00000000 ____D C:\Users\Gert\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome-Apps
2016-08-07 11:32 - 2015-11-17 20:36 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-08-07 11:32 - 2015-08-28 19:00 - 00000000 ____D C:\Users\Gert\.oracle_jre_usage
2016-08-07 11:32 - 2015-06-15 19:04 - 00097856 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2016-08-07 11:32 - 2015-06-15 19:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2016-08-07 11:31 - 2015-06-15 19:03 - 00000000 ____D C:\Program Files (x86)\Java
2016-08-07 10:11 - 2015-09-21 19:55 - 00000000 ___DC C:\Jts
2016-08-06 14:01 - 2015-10-30 09:24 - 00000000 ___HD C:\Program Files\WindowsApps
2016-08-05 12:34 - 2016-06-09 08:37 - 00003978 _____ C:\WINDOWS\System32\Tasks\Opera scheduled Autoupdate 1465454234
2016-08-05 12:34 - 2016-06-09 08:37 - 00001124 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk
2016-08-05 12:34 - 2016-06-09 08:37 - 00000000 ____D C:\Program Files (x86)\Opera
2016-08-04 10:25 - 2016-03-05 11:23 - 05121264 _____ (Interactive Brokers LLC) C:\Users\Gert\Downloads\tws-latest-windows-x64.exe
2016-08-04 10:25 - 2015-11-27 19:56 - 00001443 _____ C:\Users\Gert\Desktop\Trader Workstation.lnk
2016-08-04 10:25 - 2015-11-27 19:56 - 00000000 ____D C:\Users\Gert\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Trader Workstation
2016-08-03 07:53 - 2015-05-22 10:48 - 00004537 _____ C:\Users\Gert\AppData\Roaming\CamStudio.cfg
2016-08-03 07:53 - 2015-05-22 10:48 - 00000408 _____ C:\Users\Gert\AppData\Roaming\CamShapes.ini
2016-08-03 07:53 - 2015-05-22 10:48 - 00000408 _____ C:\Users\Gert\AppData\Roaming\CamLayout.ini
2016-08-03 07:53 - 2015-05-22 10:48 - 00000124 _____ C:\Users\Gert\AppData\Roaming\Camdata.ini
2016-08-02 18:51 - 2015-05-22 09:16 - 00000000 ____D C:\Users\Gert\AppData\Roaming\Skype
2016-08-02 18:32 - 2015-05-21 17:56 - 00000000 ____D C:\Users\Gert\AppData\Roaming\vlc
2016-08-02 18:30 - 2015-06-02 15:13 - 00000000 ____D C:\Users\Gert\Documents\My CamStudio Videos
2016-08-02 18:30 - 2015-05-22 10:01 - 00000000 ____D C:\Users\Gert\Documents\My CamStudio Temp Files
2016-08-02 18:10 - 2015-05-22 09:55 - 00000096 _____ C:\Users\Gert\AppData\Roaming\version2.xml
2016-08-02 17:57 - 2015-05-25 18:44 - 00048640 ___SH C:\Users\Gert\Documents\Thumbs.db
2016-08-01 16:41 - 2014-04-22 09:43 - 02615934 _____ C:\Users\Gert\Documents\notiz-rtf.odt
2016-08-01 14:16 - 2015-05-22 18:12 - 00000000 ____D C:\Users\Gert\AppData\Roaming\MyPhoneExplorer
2016-07-29 09:44 - 2015-05-21 11:58 - 00004194 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2016-07-29 09:44 - 2015-05-21 11:58 - 00003962 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2016-07-27 17:27 - 2015-10-12 13:34 - 00000000 ___RD C:\Program Files (x86)\Skype
2016-07-25 18:53 - 2015-07-05 22:58 - 00146944 ___SH C:\Users\Gert\Desktop\Thumbs.db
2016-07-25 18:52 - 2015-12-22 04:48 - 00000000 ____D C:\Users\Gert
2016-07-23 12:43 - 2015-05-21 12:17 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-07-20 21:06 - 2015-05-21 11:42 - 00000000 ____D C:\Users\Gert\AppData\Local\Packages
2016-07-17 17:17 - 2015-05-22 17:23 - 00004562 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2016-07-17 08:14 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\rescache
2016-07-16 22:55 - 2015-05-21 17:54 - 00000796 _____ C:\Users\Public\Desktop\VLC media player.lnk
2016-07-14 18:39 - 2016-04-11 12:14 - 00001041 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2016-07-14 18:39 - 2016-04-11 12:14 - 00001041 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Free Antivirus.lnk
2016-07-14 18:38 - 2015-05-21 11:18 - 00000000 __RHD C:\Users\Public\AccountPictures
2016-07-14 18:37 - 2015-10-30 20:44 - 00000000 ____D C:\Program Files\Windows Journal
2016-07-14 18:37 - 2015-10-30 09:24 - 00000000 ___RD C:\WINDOWS\PrintDialog
2016-07-14 18:37 - 2015-10-30 09:24 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2016-07-14 18:37 - 2015-10-30 09:24 - 00000000 ___RD C:\WINDOWS\DevicesFlow
2016-07-14 18:37 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\oobe
2016-07-14 18:37 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\appraiser
2016-07-14 18:37 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\Provisioning
2016-07-14 18:37 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\PolicyDefinitions
2016-07-14 18:37 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\bcastdvr
2016-07-14 18:37 - 2015-10-30 09:24 - 00000000 ____D C:\Program Files\Windows Photo Viewer
2016-07-14 18:37 - 2015-10-30 09:24 - 00000000 ____D C:\Program Files\Windows Defender
2016-07-14 18:37 - 2015-10-30 09:24 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2016-07-14 18:37 - 2015-10-30 09:24 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2016-07-13 16:19 - 2015-05-26 10:11 - 00000000 ___DC C:\FreeOCR
2016-07-13 13:33 - 2015-10-30 09:11 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-07-13 13:33 - 2015-05-22 16:59 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-07-13 13:27 - 2015-03-10 11:41 - 144749672 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2016-06-09 09:30 - 2016-06-09 09:30 - 0000037 ___SH () C:\Users\Gert\AppData\Roaming\9961660784cc2937229a742.95731288
2015-05-22 10:48 - 2016-08-03 07:53 - 0000124 _____ () C:\Users\Gert\AppData\Roaming\Camdata.ini
2015-05-22 10:48 - 2016-08-03 07:53 - 0000408 _____ () C:\Users\Gert\AppData\Roaming\CamLayout.ini
2015-05-22 10:48 - 2016-08-03 07:53 - 0000408 _____ () C:\Users\Gert\AppData\Roaming\CamShapes.ini
2015-05-22 10:48 - 2016-08-03 07:53 - 0004537 _____ () C:\Users\Gert\AppData\Roaming\CamStudio.cfg
2015-05-22 09:55 - 2016-08-02 18:10 - 0000096 _____ () C:\Users\Gert\AppData\Roaming\version2.xml
2015-06-28 13:54 - 2015-07-01 07:54 - 0000097 _____ () C:\Users\Gert\AppData\Roaming\WB.CFG
2015-05-30 20:05 - 2015-05-30 20:05 - 0186706 _____ () C:\Users\Gert\AppData\Local\Excal32.dat
2015-10-23 14:46 - 2015-10-23 14:46 - 0000017 _____ () C:\Users\Gert\AppData\Local\resmon.resmoncfg
2015-12-22 04:47 - 2015-12-22 04:47 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2015-05-21 17:36 - 2015-05-21 17:36 - 0004872 _____ () C:\ProgramData\vczcspay.tpu

Einige Dateien in TEMP:
====================
C:\Users\Gert\AppData\Local\Temp\501.tmp.exe
C:\Users\Gert\AppData\Local\Temp\92456f05-ad84-4cf0-86e9-33ed4ca3ddf1.exe
C:\Users\Gert\AppData\Local\Temp\BooksDownloader.exe
C:\Users\Gert\AppData\Local\Temp\DriverBoosterSetup.exe
C:\Users\Gert\AppData\Local\Temp\inst_1.exe


==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2016-07-31 05:20

==================== Ende von FRST.txt ============================

cosinus 08.08.2016 20:40
Malwarebytes Anti-Rootkit (MBAR)

Downloade dir bitte Malwarebytes Anti-Rootkit Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
  • Starte bitte die mbar.exe.
  • Folge den Anweisungen auf deinem Bildschirm gemäß Anleitung zu Malwarebytes Anti-Rootkit
  • Aktualisiere unbedingt die Datenbank und erlaube dem Tool, dein System zu scannen.
  • Klicke auf den CleanUp Button und erlaube den Neustart.
  • Während dem Neustart wird MBAR die gefundenen Objekte entfernen, also bleib geduldig.
  • Nach dem Neustart starte die mbar.exe erneut.
  • Sollte nochmal was gefunden werden, wiederhole den CleanUp Prozess.
Das Tool wird im erstellten Ordner eine Logfile ( mbar-log-<Jahr-Monat-Tag>.txt ) erzeugen. Bitte poste diese hier.

Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers



Lesestoff:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR oder 7Z-Archiv zu packen erschwert mir massiv die Arbeit.
Auch wenn die Logs für einen Beitrag zu groß sein sollten, bitte ich dich die Logs direkt und notfalls über mehrere Beiträge verteilt zu posten.
Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
  • Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
  • Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
  • Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
  • Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.
http://www.trojaner-board.de/picture...&pictureid=307

gert83 09.08.2016 07:33
mbar- Logfiles
 
mbar-log-2016-08-09 (07-43-22).txt:
Code:
Malwarebytes Anti-Rootkit BETA 1.9.3.1001
www.malwarebytes.org

Database version:
  main:    v2016.08.09.02
  rootkit: v2016.05.27.01

Windows 10 x64 NTFS
Internet Explorer 11.494.10586.0
Gert :: HAUPT-PC [administrator]

09.08.2016 07:43:22
mbar-log-2016-08-09 (07-43-22).txt

Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled:
Objects scanned: 441274
Time elapsed: 8 minute(s), 47 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

Physical Sectors Detected: 0
(No malicious items detected)

(end)
mbar-log-2016-08-09 (07-59-57).txt:
Code:
Malwarebytes Anti-Rootkit BETA 1.9.3.1001
www.malwarebytes.org

Database version:
  main:    v2016.08.09.02
  rootkit: v2016.05.27.01

Windows 10 x64 NTFS
Internet Explorer 11.494.10586.0
Gert :: HAUPT-PC [administrator]

09.08.2016 07:59:57
mbar-log-2016-08-09 (07-59-57).txt

Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled:
Objects scanned: 441283
Time elapsed: 8 minute(s), 51 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

Physical Sectors Detected: 0
(No malicious items detected)

(end)

cosinus 09.08.2016 08:15
Adware/Junkware/Toolbars entfernen

Alte Versionen von adwCleaner und falls vorhanden JRT vorher löschen, danach neu runterladen auf den Desktop!
Virenscanner jetzt vor dem Einsatz dieser Tools bitte komplett deaktivieren!

1. Schritt: adwCleaner

Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).




2. Schritt: JRT - Junkware Removal Tool

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.


gert83 09.08.2016 17:01
AdwCleaner[C1].txt:
Code:
# AdwCleaner v5.201 - Bericht erstellt am 09/08/2016 um 17:45:25
# Aktualisiert am 30/06/2016 von ToolsLib
# Datenbank : 2016-08-08.3 [Server]
# Betriebssystem : Windows 10 Home  (X64)
# Benutzername : Gert - HAUPT-PC
# Gestartet von : C:\Users\Gert\Desktop\AdwCleaner_5.201.exe
# Option : Löschen
# Unterstützung : https://toolslib.net/forum

***** [ Dienste ] *****


***** [ Ordner ] *****

[-] Ordner gelöscht : C:\ProgramData\RenewalService
[-] Ordner gelöscht : C:\Program Files (x86)\Yahoo!\yset
[-] Ordner gelöscht : C:\Users\Gert\AppData\Local\YSearchUtil
[-] Ordner gelöscht : C:\Users\Gert\AppData\Roaming\Opera Software\Opera Stable\Extensions\leenkjhmbcgekojlkimcbodmniopgfnp
[-] Ordner gelöscht : C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\npdicihegicnhaangkdmcgbjceoemeoo

***** [ Dateien ] *****

[-] Datei gelöscht : C:\Users\Gert\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Goodgame Empire.lnk
[-] Datei gelöscht : C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_artikel.de.softonic.com_0.localstorage
[-] Datei gelöscht : C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_artikel.de.softonic.com_0.localstorage-journal

***** [ DLLs ] *****


***** [ WMI ] *****


***** [ Verknüpfungen ] *****


***** [ Aufgabenplanung ] *****

[-] Geplante Aufgabe gelöscht : Microsoft\Windows\Application Experience\RenewalService

***** [ Registrierungsdatenbank ] *****

[-] Schlüssel gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\npdicihegicnhaangkdmcgbjceoemeoo
[-] Schlüssel gelöscht : HKCU\Software\OCS
[-] Schlüssel gelöscht : HKLM\SOFTWARE\{E6276374-DE18-4AA5-A365-9016A2F98A2D}
[-] Schlüssel gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Yahoo! SearchSet
[-] Schlüssel gelöscht : [x64] HKLM\SOFTWARE\Tarma Installer
[-] Schlüssel gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\DesktopIconAmazon

***** [ Internetbrowser ] *****

[-] [C:\Users\Gert\AppData\Roaming\Profiles\ae3c7fls.default\prefs.js] gelöscht : user_pref("browser.search.searchengine.uid", "SAMSUNGXMZ7LF128HCHP-00000_S28UNSAG405697");
[-] [C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] gelöscht : npdicihegicnhaangkdmcgbjceoemeoo

*************************

:: "Tracing" Schlüssel gelöscht
:: Proxy Einstellungen zurückgesetzt
:: Winsock Einstellungen zurückgesetzt
:: Internet Explorer Richtlinien gelöscht
:: Chrome Richtlinien gelöscht

*************************

C:\AdwCleaner\AdwCleaner[C1].txt - [2692 Bytes] - [09/08/2016 17:45:25]
C:\AdwCleaner\AdwCleaner[S1].txt - [2629 Bytes] - [09/08/2016 17:35:16]
C:\AdwCleaner\AdwCleaner[S2].txt - [2702 Bytes] - [09/08/2016 17:43:45]

########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [2911 Bytes] ##########
JRT.txt:

Code:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.0.7 (07.03.2016)
Operating System: Windows 10 Home x64
Ran by Gert (Administrator) on 09.08.2016 at 17:55:47.42
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




File System: 9

Successfully deleted: C:\ProgramData\iobit\driver booster (Folder)
Successfully deleted: C:\ProgramData\productdata (Folder)
Successfully deleted: C:\Users\Gert\AppData\Roaming\iobit\driver booster (Folder)
Successfully deleted: C:\WINDOWS\system32\Tasks\Driver Booster Scheduler (Task)
Successfully deleted: C:\WINDOWS\system32\Tasks\Driver Booster SkipUAC (Gert) (Task)
Successfully deleted: C:\WINDOWS\wininit.ini (File)
Successfully deleted: C:\Program Files (x86)\iobit\driver booster (Folder)
Successfully deleted: C:\WINDOWS\prefetch\DRIVERBOOSTER.EXE-96C4BAB3.pf (File)
Successfully deleted: C:\WINDOWS\prefetch\FREEOCR.EXE-BD1C700E.pf (File)



Registry: 0





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 09.08.2016 at 17:56:34.59
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

cosinus 09.08.2016 21:08
Dann zeig mal frische FRST Logs. Haken setzen bei addition.txt dann auf Untersuchen klicken

http://www.trojaner-board.de/picture...&pictureid=611

gert83 09.08.2016 22:32
FRST.txt:
Code:
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 09-08-2016 01
durchgeführt von Gert (Administrator) auf HAUPT-PC (09-08-2016 23:24:20)
Gestartet von D:\Downloads
Geladene Profile: Gert (Verfügbare Profile: Gert & Administrator)
Platform: Windows 10 Home Version 1511 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Chrome)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(McAfee, Inc.) C:\Program Files (x86)\McAfee\SiteAdvisor\mcsacore.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
() C:\Program Files\CyberLink\Shared files\RichVideo64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(DEVGURU Co., LTD.) D:\Program Files (x86)\Kies\USB Drivers\25_escape\conn\ss_conn_service.exe
(Nuance Communications, Inc.) D:\Program Files (x86)\nuance\PaperPort\PDFProFiltSrvPP.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
() C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.31.5\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.31.5\GoogleCrashHandler64.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(AVAST Software) D:\Program Files\AVAST Software\Avast\AvastUI.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Interactive Brokers LLC) C:\Jts\tws.exe
(Microsoft Corporation) C:\Windows\System32\StikyNot.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
() C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1605.1582.0_x64__8wekyb3d8bbwe\Calculator.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\office15\onenotem.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\office15\onenote.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13885696 2015-06-24] (Realtek Semiconductor)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2013-11-21] (Intel Corporation)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2757424 2015-11-12] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => "C:\WINDOWS\system32\rundll32.exe" C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM-x32\...\Run: [CLMLServer_For_P2G8] => C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [110344 2014-11-04] (CyberLink)
HKLM-x32\...\Run: [CLVirtualDrive] => C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe [492808 2014-11-04] (CyberLink Corp.)
HKLM-x32\...\Run: [AvastUI.exe] => D:\Program Files\AVAST Software\Avast\AvastUI.exe [9071752 2016-08-08] (AVAST Software)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [23546672 2016-08-01] (Dropbox, Inc.)
HKLM-x32\...\Run: [KiesTrayAgent] => D:\Program Files (x86)\Kies\Kies\KiesTrayAgent.exe [311616 2015-07-27] (Samsung Electronics Co., Ltd.)
HKLM-x32\...\Run: [PDFProHook] => C:\Program Files (x86)\Nuance\PDF Viewer Plus\pdfpro7hook.exe [1775464 2011-10-24] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [PDFCreHook] => D:\Program Files (x86)\nuance\PDFCreate\pdfcreate7hook.exe [1771368 2011-10-24] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [PDF7 Registry Controller] => D:\Program Files (x86)\nuance\PDFCreate\RegistryController.exe [140136 2011-06-28] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [598552 2016-06-22] (Oracle Corporation)
HKLM\...\Policies\Explorer: [ConfirmFileDelete] 1
HKU\S-1-5-21-786549325-3828416840-1361333200-1001\...\Run: [HEXelon MAX] => D:\Program Files (x86)\HEXelon MAX 6\hexelon.exe [2816512 2007-06-28] (Jerzy Znamirowski)
HKU\S-1-5-21-786549325-3828416840-1361333200-1001\...\Run: [RESTART_STICKY_NOTES] => C:\WINDOWS\system32\StikyNot.exe [465920 2016-07-01] (Microsoft Corporation)
HKU\S-1-5-21-786549325-3828416840-1361333200-1001\...\Policies\Explorer: [NoInternetOpenWith] 1
HKU\S-1-5-21-786549325-3828416840-1361333200-1001\...\MountPoints2: {c0417766-f248-11e4-8275-806e6f6e6963} - "G:\auto.exe"
ShellExecuteHooks:  - {6710C780-E20E-4C49-A87D-321850ED3D7C} - C:\Users\Gert\AppData\Local\Microsoft\Windows\INetCookies\verger.dll Keine Datei [ ]
ShellIconOverlayIdentifiers: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.38.dll [2016-08-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.38.dll [2016-08-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.38.dll [2016-08-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.38.dll [2016-08-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.38.dll [2016-08-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.38.dll [2016-08-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.38.dll [2016-08-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.38.dll [2016-08-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => D:\Program Files\AVAST Software\Avast\ashShA64.dll [2016-08-08] (AVAST Software)
ShellIconOverlayIdentifiers-x32: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.38.dll [2016-08-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.38.dll [2016-08-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.38.dll [2016-08-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.38.dll [2016-08-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.38.dll [2016-08-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.38.dll [2016-08-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.38.dll [2016-08-01] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.38.dll [2016-08-01] (Dropbox, Inc.)
Startup: C:\Users\Gert\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\An OneNote senden.lnk [2016-08-09]
ShortcutTarget: An OneNote senden.lnk -> C:\Program Files\Microsoft Office 15\root\office15\onenotem.exe (Microsoft Corporation)
Startup: C:\Users\Gert\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Autochartist MT4 plugin - Auto Update.lnk [2015-09-22]
ShortcutTarget: Autochartist MT4 plugin - Auto Update.lnk -> C:\Users\Gert\AppData\Roaming\MetaQuotes\Terminal\50CA3DFB510CC5A8F28B48D1BF2A5702\MQL4\AutochartistPlugin_AutoUpdaterActivTrades.exe (Keine Datei)

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Hosts: 127.0.0.1 clients2.google.com
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{6f5f746e-18f7-4f7f-bb03-ab5bcb66ea76}: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{7ccc1c37-a256-4412-810d-4079bfcb4ea9}: [DhcpNameServer] 10.0.0.138

Internet Explorer:
==================
HKU\S-1-5-21-786549325-3828416840-1361333200-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo13.msn.com/?pc=LCJB
SearchScopes: HKLM -> {2f23ab71-4ac6-41f2-a955-ea576e553146} URL =
SearchScopes: HKU\S-1-5-21-786549325-3828416840-1361333200-1001 -> {9F979916-81B7-4FD4-832D-BF2E6C5C5AD6} URL = hxxps://at.search.yahoo.com/search?fr=mcafee&type=C014AT1140D20150521&p={searchTerms}
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2016-06-14] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2016-06-14] (Microsoft Corporation)
BHO-x32: PlusIEEventHelper Class -> {551A852F-39A6-44A7-9C13-AFBEC9185A9D} -> C:\Program Files (x86)\Nuance\PDF Viewer Plus\Bin\PlusIEContextMenu.dll [2011-06-30] (Zeon Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\ssv.dll [2016-08-07] (Oracle Corporation)
BHO-x32: ZeonIEEventHelper Class -> {DA986D7D-CCAF-47B2-84FE-BFA1549BEBF9} -> D:\Program Files (x86)\nuance\PDFCreate\Bin\ZeonIEFavClient.dll [2011-03-26] (Zeon Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\jp2ssv.dll [2016-08-07] (Oracle Corporation)
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2016-07-29] (McAfee, Inc.)
Handler-x32: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2016-07-29] (McAfee, Inc.)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2016-04-20] (Microsoft Corporation)
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll [2016-07-29] (McAfee, Inc.)
Handler-x32: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll [2016-07-29] (McAfee, Inc.)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2016-05-25] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-05-25] (Microsoft Corporation)

FireFox:
========
FF ProfilePath: C:\Users\Gert\AppData\Roaming\Profiles\ae3c7fls.default
FF NewTab: about:newtab
FF DefaultSearchEngine: Google
FF SearchEngineOrder.1: Google
FF SelectedSearchEngine: Google
FF Homepage: hxxps://www.google.com/?bcutc=sp-006
FF DefaultSearchUrl: hxxps://www.google.com/search?bcutc=sp-006
FF Keyword.URL: hxxps://www.google.com/search?bcutc=sp-006
FF Plugin: @videolan.org/vlc,version=2.2.1 -> D:\Program Files\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.3 -> D:\Program Files\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.4 -> D:\Program Files\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2014-07-02] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2014-07-02] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.101.2 -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\dtplugin\npDeployJava1.dll [2016-08-07] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.101.2 -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\plugin2\npjp2.dll [2016-08-07] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2015-06-18] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-11-14] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-11-14] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-29] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-29] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-06-30] (Adobe Systems Inc.)
FF Plugin-x32: ZEON/PDF,version=2.0 -> C:\Program Files (x86)\Nuance\PDF Viewer Plus\bin\nppdf.dll [2011-02-16] (Zeon Corporation)
FF Plugin HKU\S-1-5-21-786549325-3828416840-1361333200-1001: @citrixonline.com/appdetectorplugin -> C:\Users\Gert\AppData\Local\Citrix\Plugins\104\npappdetector.dll [2015-05-21] (Citrix Online)
FF Plugin ProgramFiles/Appdata: C:\Users\Gert\AppData\Roaming\mozilla\plugins\npatgpc.dll [2016-03-09] (Cisco WebEx LLC)
FF SearchPlugin: C:\Users\Gert\AppData\Roaming\Mozilla\Firefox\Profiles\hmzgfq0t.default\searchplugins\google-avast.xml [2016-08-08]
FF SearchPlugin: C:\Users\Gert\AppData\Roaming\Mozilla\Firefox\Profiles\hmzgfq0t.default\searchplugins\McSiteAdvisor.xml [2016-02-04]
FF SearchPlugin: C:\Users\Gert\AppData\Roaming\Profiles\ae3c7fls.default\searchplugins\google-avast.xml [2016-08-08]
FF SearchPlugin: C:\Users\Gert\AppData\Roaming\Profiles\ae3c7fls.default\searchplugins\McSiteAdvisor.xml [2016-02-04]
FF Extension: Tradesignal Online Chart - C:\Users\Gert\AppData\Roaming\Mozilla\Firefox\Profiles\hmzgfq0t.default\Extensions\{1acd747e-8470-11db-96a9-00e08161165f} [2015-12-07] [ist nicht signiert]
FF Extension: Tradesignal Online Chart - C:\Users\Gert\AppData\Roaming\Profiles\ae3c7fls.default\Extensions\{1acd747e-8470-11db-96a9-00e08161165f} [2016-08-07] [ist nicht signiert]
FF Extension: Skype - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2016-05-25]
FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi
FF Extension: McAfee WebAdvisor - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi [2016-08-08]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - D:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - D:\Program Files\AVAST Software\Avast\WebRep\FF [2016-08-08]
FF HKLM\...\Firefox\Extensions: [sp@avast.com] - D:\Program Files\AVAST Software\Avast\SafePrice\FF
FF Extension: Avast SafePrice - D:\Program Files\AVAST Software\Avast\SafePrice\FF [2016-08-08]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - D:\Program Files\AVAST Software\Avast\WebRep\FF
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor\saffplg.xpi
FF HKLM-x32\...\Firefox\Extensions: [sp@avast.com] - D:\Program Files\AVAST Software\Avast\SafePrice\FF

Chrome:
=======
CHR StartupUrls: Profile 2 -> "","hxxp://www.google.com/","hxxp://at.yhs4.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wncy_frg01_15_21&param1=1&param2=f%3D7%26b%3DChrome%26cc%3Dat%26pa%3DWincy%26cd%3D2XzuyEtN2Y1L1QzuyByE0D0AtAzztBzzyDyDzy0DyByE0DyEtN0D0Tzu0StCtBtAyBtN1L2XzutAtFtCtDtFtCtDtFtDtN1L1CzutN1L1G1B1V1N2Y1L1Qzu2StA0CyEyDzzyEtD0DtGtB0B0CyDtG0Ezy0E0BtGtBtC0C0BtGtA0A0F0E0FtByB0BtC0F0CyD2QtN1M1F1B2Z1V1N2Y1L1Qzu2Szy0AtB0A0FtA0DyDtG0EyCtDzytGyEyB0FzytGzzyCtA0CtG0EyCtBzz0BzzyDzytA0CyC0C2QtN0A0LzutB%26cr%3D578552964%26a%3Dwncy_frg01_15_21%26os%3DWindows%208.1","hxxp://www.trotux.com/?z=215e1a2351816c83959d3f8gdz3mdefwft6w2m2qcq&from=fss&uid=SAMSUNGXMZ7LF128HCHP-00000_S28UNSAG405697&type=hp"
CHR Profile: C:\Users\Gert\AppData\Local\Google\Chrome\User Data\Profile 1
CHR Extension: (Docs) - C:\Users\Gert\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2016-08-08]
CHR Extension: (Google Drive) - C:\Users\Gert\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-08-08]
CHR Extension: (YouTube) - C:\Users\Gert\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-08-08]
CHR Extension: (Google Mail) - C:\Users\Gert\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-08-08]
CHR Profile: C:\Users\Gert\AppData\Local\Google\Chrome\User Data\Profile 2
CHR Extension: (Google Drive) - C:\Users\Gert\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-08-08]
CHR Extension: (YouTube) - C:\Users\Gert\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-08-08]
CHR Extension: (Google Mail) - C:\Users\Gert\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-08-08]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [2016-06-02]
CHR HKLM-x32\...\Chrome\Extension: [daanglpcpkjjlkhcbladppjphglbigam] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - D:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx <nicht gefunden>
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [2016-06-02]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - D:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx <nicht gefunden>
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2016-05-25]

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S2 avast! Antivirus; D:\Program Files\AVAST Software\Avast\AvastSvc.exe [197640 2016-08-08] (AVAST Software)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1364096 2016-05-25] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1687680 2016-05-25] (Microsoft Corporation)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [3189488 2016-07-02] (Microsoft Corporation)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [136048 2015-08-21] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [136048 2015-08-21] (Dropbox, Inc.)
S3 fussvc; C:\Program Files (x86)\Windows Kits\8.1\App Certification Kit\fussvc.exe [142336 2014-02-20] (Microsoft Corporation) [Datei ist nicht signiert]
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1156400 2015-11-12] (NVIDIA Corporation)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-11-21] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [733696 2013-05-11] (Intel(R) Corporation) [Datei ist nicht signiert]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-11] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2014-07-02] (Intel Corporation)
S2 MBAMScheduler; D:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1514464 2016-03-10] (Malwarebytes)
S2 MBAMService; D:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1136608 2016-03-10] (Malwarebytes)
R2 McAfee SiteAdvisor Service; C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe [158952 2016-07-29] (McAfee, Inc.)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1872688 2015-11-12] (NVIDIA Corporation)
R3 NvStreamNetworkSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [8133424 2015-11-12] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [5915440 2015-11-12] (NVIDIA Corporation)
R2 PDFProFiltSrvPP; D:\Program Files (x86)\nuance\PaperPort\PDFProFiltSrvPP.exe [138600 2011-09-21] (Nuance Communications, Inc.)
R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [389896 2013-03-06] ()
S3 rpcapd; C:\Program Files (x86)\WinPcap\rpcapd.exe [118520 2013-03-01] (Riverbed Technology, Inc.)
R2 ss_conn_service; D:\Program Files (x86)\Kies\USB Drivers\25_escape\conn\ss_conn_service.exe [743688 2015-05-21] (DEVGURU Co., LTD.)
S3 Te.Service; C:\Program Files (x86)\Windows Kits\8.1\Testing\Runtimes\TAEF\Wex.Services.exe [119808 2013-08-22] (Microsoft Corporation) [Datei ist nicht signiert]
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5702416 2015-09-11] (TeamViewer GmbH)
S3 VSStandardCollectorService140; D:\Programme (x86)\Microsoft Visual Studio 14.0\Team Tools\DiagnosticsHub\Collector\StandardCollector.Service.exe [52968 2015-07-07] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2015-10-30] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2016-07-01] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [37656 2016-08-08] (AVAST Software)
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [37144 2016-08-08] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [108816 2016-08-08] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [103064 2016-08-08] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [74544 2016-08-08] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [968536 2016-08-08] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [513496 2016-08-08] (AVAST Software)
S2 aswStm; C:\Windows\system32\drivers\aswStm.sys [163416 2016-08-08] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [292704 2016-08-08] (AVAST Software)
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [91912 2013-11-12] (CyberLink)
S3 dg_ssudbus; C:\Windows\system32\DRIVERS\ssudbus.sys [129152 2016-04-25] (Samsung Electronics Co., Ltd.)
R2 ei2c; C:\windows\system32\drivers\ei2c.sys [20784 2015-06-23] (Nicomsoft Ltd.)
R1 HWiNFO32; C:\WINDOWS\SysWOW64\drivers\HWiNFO64A.SYS [27552 2016-08-07] (REALiX(tm))
S3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [27008 2016-03-10] (Malwarebytes)
S3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [65408 2016-03-10] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2014-07-02] (Intel Corporation)
S0 mfeelamk; C:\Windows\System32\drivers\mfeelamk.sys [80160 2015-02-13] (McAfee, Inc.)
R3 mfesapsn; C:\Program Files (x86)\McAfee\SiteAdvisor\x64\mfesapsn.sys [46240 2016-06-06] (McAfee, Inc.)
R2 mi2c; C:\windows\system32\drivers\mi2c.sys [20784 2015-06-24] (Nicomsoft Ltd.)
R2 NPF; C:\Windows\System32\drivers\npf.sys [36600 2013-03-01] (Riverbed Technology, Inc.)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19760 2015-11-12] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [50472 2015-08-11] (NVIDIA Corporation)
R3 RtlWlanu; C:\Windows\System32\drivers\rtwlanu.sys [3870464 2015-10-01] (Realtek Semiconductor Corporation                          )
R3 SensorsSimulatorDriver; C:\Windows\system32\DRIVERS\WUDFRd.sys [216064 2015-10-30] (Microsoft Corporation)
S3 ssudmdm; C:\Windows\system32\DRIVERS\ssudmdm.sys [221824 2016-04-25] (Samsung Electronics Co., Ltd.)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation)

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-08-09 17:56 - 2016-08-09 17:56 - 00001213 _____ C:\Users\Gert\Desktop\JRT.txt
2016-08-09 17:54 - 2016-08-09 17:55 - 01610560 _____ (Malwarebytes) C:\Users\Gert\Desktop\JRT.exe
2016-08-09 17:32 - 2016-08-09 17:45 - 00000000 ___DC C:\AdwCleaner
2016-08-09 17:27 - 2016-08-09 17:32 - 03712064 _____ C:\Users\Gert\Desktop\AdwCleaner_5.201.exe
2016-08-09 07:43 - 2016-08-09 08:26 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2016-08-09 07:41 - 2016-08-09 08:26 - 00000000 ____D C:\Users\Gert\Desktop\mbar
2016-08-08 12:02 - 2016-08-09 17:46 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2016-08-08 12:02 - 2016-08-09 07:59 - 00109272 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2016-08-08 12:02 - 2016-08-08 12:02 - 00000852 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2016-08-08 12:02 - 2016-08-08 12:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2016-08-08 12:02 - 2016-08-08 12:02 - 00000000 ____D C:\ProgramData\Malwarebytes
2016-08-08 12:02 - 2016-03-10 14:09 - 00065408 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2016-08-08 12:02 - 2016-03-10 14:08 - 00027008 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2016-08-08 11:54 - 2016-08-09 23:24 - 00000000 ___DC C:\FRST
2016-08-08 11:10 - 2016-08-08 11:18 - 00002470 _____ C:\Users\Gert\Desktop\Standardprofil - Chrome.lnk
2016-08-08 11:10 - 2016-08-08 11:10 - 00002470 _____ C:\Users\Gert\Desktop\Profil 1 - Chrome.lnk
2016-08-08 10:58 - 2016-08-08 10:58 - 00391496 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2016-08-08 10:58 - 2016-08-08 10:58 - 00053208 _____ (AVAST Software) C:\WINDOWS\avastSS.scr
2016-08-07 20:50 - 2016-08-07 20:50 - 00000000 ___HD C:\Program Files (x86)\dkx3EB2
2016-08-07 20:49 - 2016-08-08 12:13 - 00000000 ____D C:\Program Files (x86)\Ckhile
2016-08-07 20:49 - 2016-08-07 20:50 - 00000000 ____D C:\Users\Gert\AppData\Local\thocertioncoohpyfaterle
2016-08-07 20:49 - 2016-08-07 20:49 - 00000000 ____D C:\Users\Gert\AppData\Local\Video4you
2016-08-07 11:48 - 2016-08-09 17:56 - 00000000 ____D C:\Users\Gert\AppData\Roaming\IObit
2016-08-07 11:48 - 2016-08-09 17:56 - 00000000 ____D C:\ProgramData\IObit
2016-08-07 11:48 - 2016-08-09 17:56 - 00000000 ____D C:\Program Files (x86)\IObit
2016-08-07 11:48 - 2016-08-07 11:48 - 00027552 _____ (REALiX(tm)) C:\WINDOWS\SysWOW64\Drivers\HWiNFO64A.SYS
2016-08-07 11:48 - 2016-08-07 11:48 - 00002243 _____ C:\Users\Public\Desktop\Driver Booster 3.lnk
2016-08-07 11:48 - 2016-08-07 11:48 - 00001040 _____ C:\Users\Gert\Desktop\Play Travian.lnk
2016-08-07 11:48 - 2016-08-07 11:48 - 00000000 ____D C:\WINDOWS\IObit
2016-08-07 11:48 - 2016-08-07 11:48 - 00000000 ____D C:\Users\Gert\AppData\LocalLow\IObit
2016-08-07 11:48 - 2016-08-07 11:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WorldOfBooks
2016-08-07 11:48 - 2016-08-07 11:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Booster 3
2016-08-07 11:48 - 2016-08-07 11:48 - 00000000 ____D C:\Program Files (x86)\WorldOfBooks
2016-08-06 14:06 - 2016-08-06 14:06 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2016-08-01 16:39 - 2016-08-01 16:39 - 00941919 _____ C:\Users\Gert\Documents\notiz-rtfx.pdf
2016-08-01 12:08 - 2016-08-01 12:08 - 00062966 _____ C:\Users\Gert\Desktop\Weekly Options Countdown invoice.pdf
2016-07-29 09:35 - 2016-07-29 09:35 - 00000807 _____ C:\Users\Gert\Desktop\DeviceOnline.lnk
2016-07-29 09:35 - 2016-07-29 09:35 - 00000000 ____D C:\Users\Gert\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DeviceOnline
2016-07-29 09:35 - 2016-07-29 09:35 - 00000000 ____D C:\Users\Gert\AppData\Roaming\DeviceOnline
2016-07-27 07:43 - 2016-07-27 07:44 - 00939735 _____ C:\Users\Gert\Documents\notiz-rtf.pdf
2016-07-26 11:42 - 2016-07-26 11:42 - 01832174 _____ C:\Users\Gert\Desktop\20110810-das_ende_des_geldes.pdf
2016-07-15 10:31 - 2016-07-15 10:31 - 00062649 _____ C:\Users\Gert\Desktop\Bernie Schae�궈ers Wealthbuilder-LifeTime.pdf
2016-07-14 10:39 - 2016-07-15 10:21 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2016-07-13 13:18 - 2016-07-01 06:34 - 01322248 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2016-07-13 13:18 - 2016-07-01 06:25 - 02773096 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll
2016-07-13 13:18 - 2016-07-01 05:56 - 22379520 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2016-07-13 13:18 - 2016-07-01 05:47 - 24610304 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-07-13 13:18 - 2016-07-01 05:41 - 00605184 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2016-07-13 13:18 - 2016-07-01 05:39 - 13018112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2016-07-13 13:18 - 2016-07-01 05:37 - 00059904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MosStorage.dll
2016-07-13 13:18 - 2016-07-01 05:36 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapsBtSvc.dll
2016-07-13 13:18 - 2016-07-01 05:29 - 05503488 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll
2016-07-13 13:18 - 2016-07-01 05:26 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JpMapControl.dll
2016-07-13 13:17 - 2016-07-01 07:30 - 00587456 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2016-07-13 13:17 - 2016-07-01 07:30 - 00284352 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2016-07-13 13:17 - 2016-07-01 06:50 - 00037232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wldp.dll
2016-07-13 13:17 - 2016-07-01 06:49 - 07469408 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2016-07-13 13:17 - 2016-07-01 06:49 - 00337336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Storage.ApplicationData.dll
2016-07-13 13:17 - 2016-07-01 06:48 - 01238584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Taskmgr.exe
2016-07-13 13:17 - 2016-07-01 06:43 - 03449168 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSService.dll
2016-07-13 13:17 - 2016-07-01 06:38 - 01862008 _____ C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2016-07-13 13:17 - 2016-07-01 06:35 - 01554152 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpmde.dll
2016-07-13 13:17 - 2016-07-01 06:35 - 01552104 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2016-07-13 13:17 - 2016-07-01 06:35 - 01299504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetsrc.dll
2016-07-13 13:17 - 2016-07-01 06:35 - 01092464 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2016-07-13 13:17 - 2016-07-01 06:35 - 00847656 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2016-07-13 13:17 - 2016-07-01 06:35 - 00586208 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2016-07-13 13:17 - 2016-07-01 06:35 - 00498960 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFCaptureEngine.dll
2016-07-13 13:17 - 2016-07-01 06:35 - 00331616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2016-07-13 13:17 - 2016-07-01 06:35 - 00035656 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfpmp.exe
2016-07-13 13:17 - 2016-07-01 06:34 - 03675512 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2016-07-13 13:17 - 2016-07-01 06:34 - 00808288 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2016-07-13 13:17 - 2016-07-01 06:33 - 04515256 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2016-07-13 13:17 - 2016-07-01 06:33 - 01750440 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcMon.exe
2016-07-13 13:17 - 2016-07-01 06:33 - 00730352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Shell.Broker.dll
2016-07-13 13:17 - 2016-07-01 06:33 - 00725776 _____ (Microsoft Corporation) C:\WINDOWS\system32\SHCore.dll
2016-07-13 13:17 - 2016-07-01 06:33 - 00566104 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2016-07-13 13:17 - 2016-07-01 06:33 - 00374008 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2016-07-13 13:17 - 2016-07-01 06:33 - 00303216 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppHost.exe
2016-07-13 13:17 - 2016-07-01 06:32 - 01603224 _____ (Microsoft Corporation) C:\WINDOWS\system32\propsys.dll
2016-07-13 13:17 - 2016-07-01 06:32 - 01540224 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2016-07-13 13:17 - 2016-07-01 06:32 - 01128104 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipUp.exe
2016-07-13 13:17 - 2016-07-01 06:32 - 00692136 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppwinob.dll
2016-07-13 13:17 - 2016-07-01 06:32 - 00106928 _____ (Microsoft Corporation) C:\WINDOWS\system32\phoneactivate.exe
2016-07-13 13:17 - 2016-07-01 06:31 - 01848584 _____ (Microsoft Corporation) C:\WINDOWS\system32\crypt32.dll
2016-07-13 13:17 - 2016-07-01 06:31 - 00604928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2016-07-13 13:17 - 2016-07-01 06:31 - 00161632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2016-07-13 13:17 - 2016-07-01 06:25 - 02145032 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d9.dll
2016-07-13 13:17 - 2016-07-01 06:25 - 01987936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2016-07-13 13:17 - 2016-07-01 06:25 - 00648256 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2016-07-13 13:17 - 2016-07-01 06:25 - 00577376 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2016-07-13 13:17 - 2016-07-01 06:25 - 00393568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2016-07-13 13:17 - 2016-07-01 06:24 - 00911648 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcomp.dll
2016-07-13 13:17 - 2016-07-01 06:23 - 01349640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll
2016-07-13 13:17 - 2016-07-01 06:21 - 02921880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2016-07-13 13:17 - 2016-07-01 06:21 - 00703840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2016-07-13 13:17 - 2016-07-01 06:21 - 00376536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.MediaControl.dll
2016-07-13 13:17 - 2016-07-01 06:20 - 00503600 _____ (Microsoft Corporation) C:\WINDOWS\system32\DMRServer.dll
2016-07-13 13:17 - 2016-07-01 06:20 - 00465760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2016-07-13 13:17 - 2016-07-01 06:20 - 00388896 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpps.dll
2016-07-13 13:17 - 2016-07-01 06:20 - 00254656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppHost.exe
2016-07-13 13:17 - 2016-07-01 06:19 - 05240960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2016-07-13 13:17 - 2016-07-01 06:19 - 04074160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2016-07-13 13:17 - 2016-07-01 06:19 - 01355336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\propsys.dll
2016-07-13 13:17 - 2016-07-01 06:18 - 00064584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Clipc.dll
2016-07-13 13:17 - 2016-07-01 06:12 - 01866104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d9.dll
2016-07-13 13:17 - 2016-07-01 06:11 - 01522160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2016-07-13 13:17 - 2016-07-01 06:03 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsCSP.dll
2016-07-13 13:17 - 2016-07-01 06:00 - 00957952 _____ (Microsoft Corporation) C:\WINDOWS\system32\IKEEXT.DLL
2016-07-13 13:17 - 2016-07-01 05:59 - 00066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosHostClient.dll
2016-07-13 13:17 - 2016-07-01 05:58 - 00824320 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll
2016-07-13 13:17 - 2016-07-01 05:57 - 00089600 _____ (Microsoft Corporation) C:\WINDOWS\system32\NFCProvisioningPlugin.dll
2016-07-13 13:17 - 2016-07-01 05:57 - 00059392 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpreference.exe
2016-07-13 13:17 - 2016-07-01 05:56 - 00044032 _____ (Microsoft Corporation) C:\WINDOWS\system32\musdialoghandlers.dll
2016-07-13 13:17 - 2016-07-01 05:55 - 00028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\mapsupdatetask.dll
2016-07-13 13:17 - 2016-07-01 05:54 - 00120320 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsBtSvc.dll
2016-07-13 13:17 - 2016-07-01 05:54 - 00074752 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosStorage.dll
2016-07-13 13:17 - 2016-07-01 05:53 - 00192000 _____ (Microsoft Corporation) C:\WINDOWS\system32\provisioningcsp.dll
2016-07-13 13:17 - 2016-07-01 05:53 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryClient.dll
2016-07-13 13:17 - 2016-07-01 05:53 - 00059904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryBroker.dll
2016-07-13 13:17 - 2016-07-01 05:52 - 00218624 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll
2016-07-13 13:17 - 2016-07-01 05:52 - 00185856 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10_1.dll
2016-07-13 13:17 - 2016-07-01 05:52 - 00072704 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshost.dll
2016-07-13 13:17 - 2016-07-01 05:52 - 00047616 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmTasks.dll
2016-07-13 13:17 - 2016-07-01 05:50 - 11545088 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2016-07-13 13:17 - 2016-07-01 05:50 - 00349184 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntprint.dll
2016-07-13 13:17 - 2016-07-01 05:50 - 00270848 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshostcore.dll
2016-07-13 13:17 - 2016-07-01 05:50 - 00090624 _____ (Microsoft Corporation) C:\WINDOWS\system32\FingerprintEnrollment.dll
2016-07-13 13:17 - 2016-07-01 05:50 - 00069120 _____ (Microsoft Corporation) C:\WINDOWS\system32\WPDShServiceObj.dll
2016-07-13 13:17 - 2016-07-01 05:49 - 00290816 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2016-07-13 13:17 - 2016-07-01 05:49 - 00253440 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Maps.dll
2016-07-13 13:17 - 2016-07-01 05:49 - 00167936 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetpp.dll
2016-07-13 13:17 - 2016-07-01 05:49 - 00110080 _____ (Microsoft Corporation) C:\WINDOWS\system32\IdCtrls.dll
2016-07-13 13:17 - 2016-07-01 05:48 - 06572032 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanmm.dll
2016-07-13 13:17 - 2016-07-01 05:48 - 00642048 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2016-07-13 13:17 - 2016-07-01 05:48 - 00530432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nwifi.sys
2016-07-13 13:17 - 2016-07-01 05:48 - 00373248 _____ (Microsoft Corporation) C:\WINDOWS\system32\WmpDui.dll
2016-07-13 13:17 - 2016-07-01 05:48 - 00198144 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll
2016-07-13 13:17 - 2016-07-01 05:47 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2016-07-13 13:17 - 2016-07-01 05:47 - 00450048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Bluetooth.dll
2016-07-13 13:17 - 2016-07-01 05:47 - 00394752 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPhoto.dll
2016-07-13 13:17 - 2016-07-01 05:47 - 00394240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Search.ProtocolHandler.MAPI2.dll
2016-07-13 13:17 - 2016-07-01 05:47 - 00315392 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
2016-07-13 13:17 - 2016-07-01 05:47 - 00296960 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2016-07-13 13:17 - 2016-07-01 05:47 - 00287744 _____ (Microsoft Corporation) C:\WINDOWS\system32\apprepapi.dll
2016-07-13 13:17 - 2016-07-01 05:47 - 00287232 _____ (Microsoft Corporation) C:\WINDOWS\system32\provhandlers.dll
2016-07-13 13:17 - 2016-07-01 05:47 - 00237056 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkDesktopSettings.dll
2016-07-13 13:17 - 2016-07-01 05:47 - 00188416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.PicturePassword.dll
2016-07-13 13:17 - 2016-07-01 05:47 - 00182784 _____ (Microsoft Corporation) C:\WINDOWS\system32\shutdownux.dll
2016-07-13 13:17 - 2016-07-01 05:47 - 00168960 _____ (Microsoft Corporation) C:\WINDOWS\system32\provops.dll
2016-07-13 13:17 - 2016-07-01 05:46 - 00714240 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll
2016-07-13 13:17 - 2016-07-01 05:46 - 00510464 _____ (Microsoft Corporation) C:\WINDOWS\system32\WlanMediaManager.dll
2016-07-13 13:17 - 2016-07-01 05:46 - 00475648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.BlockedShutdown.dll
2016-07-13 13:17 - 2016-07-01 05:46 - 00469504 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhsettingsprovider.dll
2016-07-13 13:17 - 2016-07-01 05:46 - 00460800 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapConfiguration.dll
2016-07-13 13:17 - 2016-07-01 05:46 - 00458752 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToDevice.dll
2016-07-13 13:17 - 2016-07-01 05:46 - 00412672 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanui.dll
2016-07-13 13:17 - 2016-07-01 05:46 - 00342016 _____ (Microsoft Corporation) C:\WINDOWS\system32\APHostService.dll
2016-07-13 13:17 - 2016-07-01 05:46 - 00287744 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpsvc.dll
2016-07-13 13:17 - 2016-07-01 05:46 - 00279040 _____ (Microsoft Corporation) C:\WINDOWS\system32\ListSvc.dll
2016-07-13 13:17 - 2016-07-01 05:46 - 00258560 _____ (Microsoft Corporation) C:\WINDOWS\system32\credprovs.dll
2016-07-13 13:17 - 2016-07-01 05:45 - 00619520 _____ (Microsoft Corporation) C:\WINDOWS\system32\efswrt.dll
2016-07-13 13:17 - 2016-07-01 05:45 - 00576000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.UX.EapRequestHandler.dll
2016-07-13 13:17 - 2016-07-01 05:45 - 00492544 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_StorageSense.dll
2016-07-13 13:17 - 2016-07-01 05:45 - 00440320 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhcfg.dll
2016-07-13 13:17 - 2016-07-01 05:45 - 00414720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.BioFeedback.dll
2016-07-13 13:17 - 2016-07-01 05:45 - 00392192 _____ (Microsoft Corporation) C:\WINDOWS\system32\zipfldr.dll
2016-07-13 13:17 - 2016-07-01 05:45 - 00387072 _____ (Microsoft Corporation) C:\WINDOWS\system32\qdvd.dll
2016-07-13 13:17 - 2016-07-01 05:45 - 00317440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Cortana.OneCore.dll
2016-07-13 13:17 - 2016-07-01 05:45 - 00316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\msieftp.dll
2016-07-13 13:17 - 2016-07-01 05:45 - 00315392 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXTaskFactory.dll
2016-07-13 13:17 - 2016-07-01 05:45 - 00305152 _____ (Microsoft Corporation) C:\WINDOWS\system32\edputil.dll
2016-07-13 13:17 - 2016-07-01 05:44 - 07977472 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2016-07-13 13:17 - 2016-07-01 05:44 - 00492544 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.UserAccountsHandlers.dll
2016-07-13 13:17 - 2016-07-01 05:44 - 00484352 _____ (Microsoft Corporation) C:\WINDOWS\system32\DataSenseHandlers.dll
2016-07-13 13:17 - 2016-07-01 05:44 - 00451584 _____ (Microsoft Corporation) C:\WINDOWS\system32\werui.dll
2016-07-13 13:17 - 2016-07-01 05:44 - 00448000 _____ (Microsoft Corporation) C:\WINDOWS\system32\winipcfile.dll
2016-07-13 13:17 - 2016-07-01 05:44 - 00364032 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneBackupHandler.dll
2016-07-13 13:17 - 2016-07-01 05:44 - 00283648 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToReceiver.dll
2016-07-13 13:17 - 2016-07-01 05:44 - 00276480 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecsExt.dll
2016-07-13 13:17 - 2016-07-01 05:44 - 00247296 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssphtb.dll
2016-07-13 13:17 - 2016-07-01 05:43 - 01294336 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcnwiz.dll
2016-07-13 13:17 - 2016-07-01 05:43 - 01056256 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpMapControl.dll
2016-07-13 13:17 - 2016-07-01 05:43 - 00992256 _____ (Microsoft Corporation) C:\WINDOWS\system32\sbe.dll
2016-07-13 13:17 - 2016-07-01 05:43 - 00941568 _____ (Microsoft Corporation) C:\WINDOWS\system32\MiracastReceiver.dll
2016-07-13 13:17 - 2016-07-01 05:43 - 00892416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.SmartCards.dll
2016-07-13 13:17 - 2016-07-01 05:43 - 00853504 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
2016-07-13 13:17 - 2016-07-01 05:43 - 00708608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2016-07-13 13:17 - 2016-07-01 05:43 - 00674304 _____ (Microsoft Corporation) C:\WINDOWS\system32\mbsmsapi.dll
2016-07-13 13:17 - 2016-07-01 05:43 - 00656896 _____ (Microsoft Corporation) C:\WINDOWS\system32\sud.dll
2016-07-13 13:17 - 2016-07-01 05:43 - 00564224 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevicePairing.dll
2016-07-13 13:17 - 2016-07-01 05:43 - 00556032 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll
2016-07-13 13:17 - 2016-07-01 05:43 - 00529408 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll
2016-07-13 13:17 - 2016-07-01 05:43 - 00519680 _____ (Microsoft Corporation) C:\WINDOWS\system32\WLanConn.dll
2016-07-13 13:17 - 2016-07-01 05:43 - 00465920 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanconn.dll
2016-07-13 13:17 - 2016-07-01 05:43 - 00334848 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2016-07-13 13:17 - 2016-07-01 05:43 - 00183808 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSSync.dll
2016-07-13 13:17 - 2016-07-01 05:42 - 14252544 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2016-07-13 13:17 - 2016-07-01 05:42 - 02125312 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Bluetooth.dll
2016-07-13 13:17 - 2016-07-01 05:42 - 02088960 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpdshext.dll
2016-07-13 13:17 - 2016-07-01 05:42 - 02012672 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmsipc.dll
2016-07-13 13:17 - 2016-07-01 05:42 - 01716736 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRHInproc.dll
2016-07-13 13:17 - 2016-07-01 05:42 - 01434112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Editing.dll
2016-07-13 13:17 - 2016-07-01 05:42 - 01240064 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10.dll
2016-07-13 13:17 - 2016-07-01 05:42 - 00988160 _____ (Microsoft Corporation) C:\WINDOWS\system32\NMAA.dll
2016-07-13 13:17 - 2016-07-01 05:42 - 00965632 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2016-07-13 13:17 - 2016-07-01 05:42 - 00828928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.AccountsControl.dll
2016-07-13 13:17 - 2016-07-01 05:42 - 00697344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.OnlineId.dll
2016-07-13 13:17 - 2016-07-01 05:42 - 00538112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Cortana.Desktop.dll
2016-07-13 13:17 - 2016-07-01 05:42 - 00515072 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneDriveSettingSyncProvider.dll
2016-07-13 13:17 - 2016-07-01 05:42 - 00480768 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppBroker.dll
2016-07-13 13:17 - 2016-07-01 05:42 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2016-07-13 13:17 - 2016-07-01 05:41 - 02127360 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2016-07-13 13:17 - 2016-07-01 05:41 - 01387520 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2016-07-13 13:17 - 2016-07-01 05:41 - 01159168 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplicationFrame.dll
2016-07-13 13:17 - 2016-07-01 05:41 - 01054208 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2016-07-13 13:17 - 2016-07-01 05:41 - 00990208 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModel.dll
2016-07-13 13:17 - 2016-07-01 05:41 - 00939520 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlCore.dll
2016-07-13 13:17 - 2016-07-01 05:41 - 00814080 _____ (Microsoft Corporation) C:\WINDOWS\system32\appwiz.cpl
2016-07-13 13:17 - 2016-07-01 05:41 - 00784384 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2016-07-13 13:17 - 2016-07-01 05:41 - 00697856 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToManager.dll
2016-07-13 13:17 - 2016-07-01 05:41 - 00599040 _____ (Microsoft Corporation) C:\WINDOWS\system32\duser.dll
2016-07-13 13:17 - 2016-07-01 05:41 - 00587776 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2016-07-13 13:17 - 2016-07-01 05:41 - 00572928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll
2016-07-13 13:17 - 2016-07-01 05:41 - 00050176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MosHostClient.dll
2016-07-13 13:17 - 2016-07-01 05:40 - 02731008 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameux.dll
2016-07-13 13:17 - 2016-07-01 05:40 - 02103296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Printing.3D.dll
2016-07-13 13:17 - 2016-07-01 05:40 - 01902592 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2016-07-13 13:17 - 2016-07-01 05:40 - 01575936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.dll
2016-07-13 13:17 - 2016-07-01 05:40 - 00938496 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2016-07-13 13:17 - 2016-07-01 05:40 - 00896512 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApiPublic.dll
2016-07-13 13:17 - 2016-07-01 05:40 - 00853504 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2016-07-13 13:17 - 2016-07-01 05:40 - 00841728 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
2016-07-13 13:17 - 2016-07-01 05:40 - 00775168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Display.dll
2016-07-13 13:17 - 2016-07-01 05:40 - 00529920 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2016-07-13 13:17 - 2016-07-01 05:40 - 00496640 _____ (Microsoft Corporation) C:\WINDOWS\system32\webio.dll
2016-07-13 13:17 - 2016-07-01 05:39 - 01752576 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2016-07-13 13:17 - 2016-07-01 05:39 - 01717248 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2016-07-13 13:17 - 2016-07-01 05:39 - 01211904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Cred.dll
2016-07-13 13:17 - 2016-07-01 05:39 - 00381952 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2016-07-13 13:17 - 2016-07-01 05:39 - 00243712 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingMonitor.dll
2016-07-13 13:17 - 2016-07-01 05:38 - 06312448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
2016-07-13 13:17 - 2016-07-01 05:38 - 04456448 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_47.dll
2016-07-13 13:17 - 2016-07-01 05:38 - 01671168 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2016-07-13 13:17 - 2016-07-01 05:38 - 01443840 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagperf.dll
2016-07-13 13:17 - 2016-07-01 05:38 - 01063936 _____ (Microsoft Corporation) C:\WINDOWS\system32\comdlg32.dll
2016-07-13 13:17 - 2016-07-01 05:38 - 00961536 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSShared.dll
2016-07-13 13:17 - 2016-07-01 05:38 - 00821760 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2016-07-13 13:17 - 2016-07-01 05:38 - 00549888 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFolder.dll
2016-07-13 13:17 - 2016-07-01 05:38 - 00012288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\IconCodecService.dll
2016-07-13 13:17 - 2016-07-01 05:37 - 01073152 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2016-07-13 13:17 - 2016-07-01 05:37 - 01051648 _____ (Microsoft Corporation) C:\WINDOWS\system32\MsSpellCheckingFacility.dll
2016-07-13 13:17 - 2016-07-01 05:37 - 00865792 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2016-07-13 13:17 - 2016-07-01 05:37 - 00638976 _____ (Microsoft Corporation) C:\WINDOWS\system32\ShareHost.dll
2016-07-13 13:17 - 2016-07-01 05:36 - 03415040 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncCenter.dll
2016-07-13 13:17 - 2016-07-01 05:36 - 01141248 _____ (Microsoft Corporation) C:\WINDOWS\system32\winipcsecproc.dll
2016-07-13 13:17 - 2016-07-01 05:36 - 00701952 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.dll
2016-07-13 13:17 - 2016-07-01 05:35 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msscntrs.dll
2016-07-13 13:17 - 2016-07-01 05:34 - 09919488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2016-07-13 13:17 - 2016-07-01 05:34 - 03994624 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2016-07-13 13:17 - 2016-07-01 05:34 - 03428864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2016-07-13 13:17 - 2016-07-01 05:34 - 00636928 _____ (Microsoft Corporation) C:\WINDOWS\system32\hgcpl.dll
2016-07-13 13:17 - 2016-07-01 05:34 - 00070656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppCapture.dll
2016-07-13 13:17 - 2016-07-01 05:33 - 07200256 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2016-07-13 13:17 - 2016-07-01 05:33 - 06973952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2016-07-13 13:17 - 2016-07-01 05:33 - 06675968 _____ (Microsoft Corporation) C:\WINDOWS\system32\mspaint.exe
2016-07-13 13:17 - 2016-07-01 05:33 - 02285568 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebSync.dll
2016-07-13 13:17 - 2016-07-01 05:33 - 00309760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntprint.dll
2016-07-13 13:17 - 2016-07-01 05:33 - 00057344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WPDShServiceObj.dll
2016-07-13 13:17 - 2016-07-01 05:32 - 02582016 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2016-07-13 13:17 - 2016-07-01 05:32 - 02563584 _____ (Microsoft Corporation) C:\WINDOWS\system32\themecpl.dll
2016-07-13 13:17 - 2016-07-01 05:32 - 00268800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2016-07-13 13:17 - 2016-07-01 05:31 - 19347968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2016-07-13 13:17 - 2016-07-01 05:31 - 01797120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2016-07-13 13:17 - 2016-07-01 05:31 - 00994816 _____ (Microsoft Corporation) C:\WINDOWS\HelpPane.exe
2016-07-13 13:17 - 2016-07-01 05:31 - 00870400 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2016-07-13 13:17 - 2016-07-01 05:31 - 00465920 _____ (Microsoft Corporation) C:\WINDOWS\system32\StikyNot.exe
2016-07-13 13:17 - 2016-07-01 05:30 - 13385728 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2016-07-13 13:17 - 2016-07-01 05:30 - 03585536 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll
2016-07-13 13:17 - 2016-07-01 05:30 - 02635776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2016-07-13 13:17 - 2016-07-01 05:30 - 02066432 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2016-07-13 13:17 - 2016-07-01 05:30 - 00849920 _____ (Microsoft Corporation) C:\WINDOWS\system32\samsrv.dll
2016-07-13 13:17 - 2016-07-01 05:30 - 00546816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActionCenterCPL.dll
2016-07-13 13:17 - 2016-07-01 05:30 - 00339968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMPhoto.dll
2016-07-13 13:17 - 2016-07-01 05:30 - 00334336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcastdvr.exe
2016-07-13 13:17 - 2016-07-01 05:30 - 00292864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dot3ui.dll
2016-07-13 13:17 - 2016-07-01 05:30 - 00282624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Search.ProtocolHandler.MAPI2.dll
2016-07-13 13:17 - 2016-07-01 05:29 - 03589632 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2016-07-13 13:17 - 2016-07-01 05:29 - 03355136 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll
2016-07-13 13:17 - 2016-07-01 05:29 - 02609664 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2016-07-13 13:17 - 2016-07-01 05:29 - 02352128 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2016-07-13 13:17 - 2016-07-01 05:29 - 02168320 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2016-07-13 13:17 - 2016-07-01 05:29 - 00541184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GamePanel.exe
2016-07-13 13:17 - 2016-07-01 05:29 - 00368128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanui.dll
2016-07-13 13:17 - 2016-07-01 05:29 - 00349696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapConfiguration.dll
2016-07-13 13:17 - 2016-07-01 05:29 - 00254976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Picker.dll
2016-07-13 13:17 - 2016-07-01 05:28 - 03577344 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2016-07-13 13:17 - 2016-07-01 05:28 - 02912256 _____ (Microsoft Corporation) C:\WINDOWS\system32\CertEnroll.dll
2016-07-13 13:17 - 2016-07-01 05:28 - 02876928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wpc.dll
2016-07-13 13:17 - 2016-07-01 05:28 - 00578048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wiaaut.dll
2016-07-13 13:17 - 2016-07-01 05:28 - 00197120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netplwiz.dll
2016-07-13 13:17 - 2016-07-01 05:28 - 00119296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssph.dll
2016-07-13 13:17 - 2016-07-01 05:27 - 01946112 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2016-07-13 13:17 - 2016-07-01 05:27 - 01729024 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2016-07-13 13:17 - 2016-07-01 05:27 - 00846336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasgcw.dll
2016-07-13 13:17 - 2016-07-01 05:27 - 00629760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sud.dll
2016-07-13 13:17 - 2016-07-01 05:27 - 00613376 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSync.dll
2016-07-13 13:17 - 2016-07-01 05:27 - 00559616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.SmartCards.dll
2016-07-13 13:17 - 2016-07-01 05:27 - 00496128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2016-07-13 13:17 - 2016-07-01 05:27 - 00282624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
2016-07-13 13:17 - 2016-07-01 05:27 - 00250880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2016-07-13 13:17 - 2016-07-01 05:27 - 00244736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssphtb.dll
2016-07-13 13:17 - 2016-07-01 05:27 - 00216576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToReceiver.dll
2016-07-13 13:17 - 2016-07-01 05:27 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcsps.dll
2016-07-13 13:17 - 2016-07-01 05:26 - 18674176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2016-07-13 13:17 - 2016-07-01 05:26 - 07832576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2016-07-13 13:17 - 2016-07-01 05:26 - 04895232 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2016-07-13 13:17 - 2016-07-01 05:26 - 03026944 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2016-07-13 13:17 - 2016-07-01 05:26 - 02597888 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2016-07-13 13:17 - 2016-07-01 05:26 - 01755648 _____ (Microsoft Corporation) C:\WINDOWS\system32\dui70.dll
2016-07-13 13:17 - 2016-07-01 05:26 - 01171456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netcenter.dll
2016-07-13 13:17 - 2016-07-01 05:26 - 00779264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sbe.dll
2016-07-13 13:17 - 2016-07-01 05:26 - 00489984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mbsmsapi.dll
2016-07-13 13:17 - 2016-07-01 05:26 - 00372224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppBroker.dll
2016-07-13 13:17 - 2016-07-01 05:26 - 00348672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredProvDataModel.dll
2016-07-13 13:17 - 2016-07-01 05:26 - 00298496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.dll
2016-07-13 13:17 - 2016-07-01 05:25 - 02745856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepository.dll
2016-07-13 13:17 - 2016-07-01 05:25 - 02050048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2016-07-13 13:17 - 2016-07-01 05:25 - 01121792 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2016-07-13 13:17 - 2016-07-01 05:25 - 01117184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Speech.dll
2016-07-13 13:17 - 2016-07-01 05:25 - 01097216 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2016-07-13 13:17 - 2016-07-01 05:25 - 00984576 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2016-07-13 13:17 - 2016-07-01 05:25 - 00784896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NMAA.dll
2016-07-13 13:17 - 2016-07-01 05:25 - 00738816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\appwiz.cpl
2016-07-13 13:17 - 2016-07-01 05:25 - 00736768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SmartcardCredentialProvider.dll
2016-07-13 13:17 - 2016-07-01 05:25 - 00711680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapControlCore.dll
2016-07-13 13:17 - 2016-07-01 05:25 - 00687616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2016-07-13 13:17 - 2016-07-01 05:25 - 00523776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.OnlineId.dll
2016-07-13 13:17 - 2016-07-01 05:25 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2016-07-13 13:17 - 2016-07-01 05:24 - 12586496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2016-07-13 13:17 - 2016-07-01 05:24 - 01588224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2016-07-13 13:17 - 2016-07-01 05:24 - 01487872 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpeechPal.dll
2016-07-13 13:17 - 2016-07-01 05:24 - 01467392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2016-07-13 13:17 - 2016-07-01 05:24 - 01448960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.Printing.3D.dll
2016-07-13 13:17 - 2016-07-01 05:24 - 01390080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll
2016-07-13 13:17 - 2016-07-01 05:24 - 00673280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MbaeApiPublic.dll
2016-07-13 13:17 - 2016-07-01 05:24 - 00468992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.Printing.dll
2016-07-13 13:17 - 2016-07-01 05:24 - 00405504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webio.dll
2016-07-13 13:17 - 2016-07-01 05:23 - 03695104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_47.dll
2016-07-13 13:17 - 2016-07-01 05:23 - 03301376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SyncCenter.dll
2016-07-13 13:17 - 2016-07-01 05:23 - 02578432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gameux.dll
2016-07-13 13:17 - 2016-07-01 05:23 - 01526272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2016-07-13 13:17 - 2016-07-01 05:23 - 01036288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.dll
2016-07-13 13:17 - 2016-07-01 05:23 - 00764928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Cred.dll
2016-07-13 13:17 - 2016-07-01 05:23 - 00760320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2016-07-13 13:17 - 2016-07-01 05:23 - 00667648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll
2016-07-13 13:17 - 2016-07-01 05:23 - 00489984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ShareHost.dll
2016-07-13 13:17 - 2016-07-01 05:22 - 06295552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll
2016-07-13 13:17 - 2016-07-01 05:22 - 03053568 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcore.dll
2016-07-13 13:17 - 2016-07-01 05:22 - 00965120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comdlg32.dll
2016-07-13 13:17 - 2016-07-01 05:22 - 00639488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2016-07-13 13:17 - 2016-07-01 05:21 - 04078080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll
2016-07-13 13:17 - 2016-07-01 05:21 - 00980480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winipcsecproc.dll
2016-07-13 13:17 - 2016-07-01 05:21 - 00341504 _____ (Microsoft Corporation) C:\WINDOWS\system32\RADCUI.dll
2016-07-13 13:17 - 2016-07-01 05:20 - 12128256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2016-07-13 13:17 - 2016-07-01 05:19 - 01987072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2016-07-13 13:17 - 2016-07-01 05:19 - 01582080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2016-07-13 13:17 - 2016-07-01 05:19 - 00581632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.dll
2016-07-13 13:17 - 2016-07-01 05:19 - 00503296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSync.dll
2016-07-13 13:17 - 2016-07-01 05:18 - 05205504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2016-07-13 13:17 - 2016-07-01 05:18 - 03663360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2016-07-13 13:17 - 2016-07-01 05:17 - 05323776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2016-07-13 13:17 - 2016-07-01 05:17 - 02155008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2016-07-13 13:17 - 2016-07-01 05:16 - 02771968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2016-07-13 13:17 - 2016-07-01 05:16 - 01984000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2016-07-13 13:17 - 2016-07-01 05:15 - 04413440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll
2016-07-13 13:17 - 2016-07-01 05:15 - 02604032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CertEnroll.dll
2016-07-13 13:17 - 2016-07-01 05:15 - 02217984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Wpc.dll
2016-07-13 13:17 - 2016-07-01 05:15 - 02102272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xpsservices.dll
2016-07-13 13:17 - 2016-07-01 05:15 - 01799680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
2016-07-13 13:17 - 2016-07-01 05:15 - 00574976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hgcpl.dll
2016-07-13 13:17 - 2016-07-01 05:15 - 00573440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserLanguagesCpl.dll
2016-07-13 13:17 - 2016-07-01 05:14 - 05660672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2016-07-13 13:17 - 2016-07-01 05:14 - 02680320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll
2016-07-13 13:17 - 2016-07-01 05:13 - 06740992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2016-07-13 13:17 - 2016-07-01 05:13 - 02519552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\themecpl.dll
2016-07-13 13:17 - 2016-07-01 05:13 - 01249280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usercpl.dll
2016-07-13 13:17 - 2016-07-01 05:12 - 00339456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certcli.dll
2016-07-13 13:17 - 2016-07-01 05:11 - 00754176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2016-07-13 13:17 - 2016-07-01 05:09 - 02632192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpcore.dll
2016-07-13 13:17 - 2016-07-01 05:08 - 01976832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpdshext.dll
2016-07-13 13:17 - 2016-07-01 05:08 - 00517632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToManager.dll
2016-07-13 13:17 - 2016-02-09 06:25 - 00304752 _____ (Microsoft Corporation) C:\WINDOWS\system32\systemreset.exe
2016-07-13 13:16 - 2016-07-01 07:30 - 01505984 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2016-07-13 13:16 - 2016-07-01 07:30 - 01223872 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2016-07-13 13:16 - 2016-07-01 07:30 - 00559808 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2016-07-13 13:16 - 2016-07-01 07:30 - 00310464 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2016-07-13 13:16 - 2016-07-01 07:30 - 00092352 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2016-07-13 13:16 - 2016-07-01 07:30 - 00050368 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2016-07-13 13:16 - 2016-07-01 06:49 - 01997328 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2016-07-13 13:16 - 2016-07-01 06:49 - 01317640 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2016-07-13 13:16 - 2016-07-01 06:49 - 01141504 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2016-07-13 13:16 - 2016-07-01 06:49 - 01030416 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2016-07-13 13:16 - 2016-07-01 06:49 - 00874968 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2016-07-13 13:16 - 2016-07-01 06:49 - 00277856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2016-07-13 13:16 - 2016-07-01 06:48 - 02656408 _____ C:\WINDOWS\system32\CoreUIComponents.dll
2016-07-13 13:16 - 2016-07-01 06:45 - 01613664 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2016-07-13 13:16 - 2016-07-01 06:43 - 00026408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2016-07-13 13:16 - 2016-07-01 06:39 - 01557776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2016-07-13 13:16 - 2016-07-01 06:38 - 01083656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Taskmgr.exe
2016-07-13 13:16 - 2016-07-01 06:38 - 00256192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Storage.ApplicationData.dll
2016-07-13 13:16 - 2016-07-01 06:38 - 00032552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wldp.dll
2016-07-13 13:16 - 2016-07-01 06:33 - 22561256 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2016-07-13 13:16 - 2016-07-01 06:32 - 06605544 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2016-07-13 13:16 - 2016-07-01 06:32 - 06536256 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2016-07-13 13:16 - 2016-07-01 06:32 - 01040800 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2016-07-13 13:16 - 2016-07-01 06:32 - 00625000 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipSVC.dll
2016-07-13 13:16 - 2016-07-01 06:32 - 00078040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Clipc.dll
2016-07-13 13:16 - 2016-07-01 06:24 - 01776768 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2016-07-13 13:16 - 2016-07-01 06:23 - 01118208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetsrc.dll
2016-07-13 13:16 - 2016-07-01 06:23 - 00925576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2016-07-13 13:16 - 2016-07-01 06:23 - 00709176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2016-07-13 13:16 - 2016-07-01 06:23 - 00511320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf.dll
2016-07-13 13:16 - 2016-07-01 06:23 - 00451936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFCaptureEngine.dll
2016-07-13 13:16 - 2016-07-01 06:23 - 00032040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfpmp.exe
2016-07-13 13:16 - 2016-07-01 06:21 - 28851224 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecsRaw.dll
2016-07-13 13:16 - 2016-07-01 06:21 - 02403168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2016-07-13 13:16 - 2016-07-01 06:21 - 00957608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2016-07-13 13:16 - 2016-07-01 06:20 - 21123320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2016-07-13 13:16 - 2016-07-01 06:19 - 00836760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll
2016-07-13 13:16 - 2016-07-01 06:19 - 00569752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SHCore.dll
2016-07-13 13:16 - 2016-07-01 06:17 - 01536600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\crypt32.dll
2016-07-13 13:16 - 2016-07-01 06:12 - 02186864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll
2016-07-13 13:16 - 2016-07-01 06:11 - 00521152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2016-07-13 13:16 - 2016-07-01 06:10 - 00675064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dcomp.dll
2016-07-13 13:16 - 2016-07-01 06:07 - 28083144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecsRaw.dll
2016-07-13 13:16 - 2016-07-01 06:03 - 00084480 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2016-07-13 13:16 - 2016-07-01 05:58 - 00045056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Speech.Pal.dll
2016-07-13 13:16 - 2016-07-01 05:56 - 00172032 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2016-07-13 13:16 - 2016-07-01 05:55 - 00584704 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbonRes.dll
2016-07-13 13:16 - 2016-07-01 05:55 - 00071168 _____ (Microsoft Corporation) C:\WINDOWS\system32\LegacyNetUX.dll
2016-07-13 13:16 - 2016-07-01 05:55 - 00014848 _____ (Microsoft Corporation) C:\WINDOWS\system32\IconCodecService.dll
2016-07-13 13:16 - 2016-07-01 05:54 - 00072192 _____ (Microsoft Corporation) C:\WINDOWS\system32\eappprxy.dll
2016-07-13 13:16 - 2016-07-01 05:53 - 01567744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Globalization.dll
2016-07-13 13:16 - 2016-07-01 05:52 - 16985088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2016-07-13 13:16 - 2016-07-01 05:52 - 00091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2016-07-13 13:16 - 2016-07-01 05:52 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzautoupdate.dll
2016-07-13 13:16 - 2016-07-01 05:52 - 00057344 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2016-07-13 13:16 - 2016-07-01 05:52 - 00040960 _____ (Microsoft Corporation) C:\WINDOWS\system32\msscntrs.dll
2016-07-13 13:16 - 2016-07-01 05:51 - 00285184 _____ (Microsoft Corporation) C:\WINDOWS\system32\oemlicense.dll
2016-07-13 13:16 - 2016-07-01 05:51 - 00086528 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppCapture.dll
2016-07-13 13:16 - 2016-07-01 05:51 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Shell.Search.UriHandler.dll
2016-07-13 13:16 - 2016-07-01 05:50 - 00407552 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2016-07-13 13:16 - 2016-07-01 05:50 - 00379392 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2016-07-13 13:16 - 2016-07-01 05:50 - 00193024 _____ (Microsoft Corporation) C:\WINDOWS\system32\SimCfg.dll
2016-07-13 13:16 - 2016-07-01 05:50 - 00150528 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdrsvc.dll
2016-07-13 13:16 - 2016-07-01 05:50 - 00129536 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdshext.dll
2016-07-13 13:16 - 2016-07-01 05:50 - 00113152 _____ (Microsoft Corporation) C:\WINDOWS\system32\eappgnui.dll
2016-07-13 13:16 - 2016-07-01 05:49 - 00206848 _____ (Microsoft Corporation) C:\WINDOWS\system32\LegacyNetUXHost.exe
2016-07-13 13:16 - 2016-07-01 05:48 - 00381952 _____ (Microsoft Corporation) C:\WINDOWS\system32\apprepsync.dll
2016-07-13 13:16 - 2016-07-01 05:48 - 00308736 _____ (Microsoft Corporation) C:\WINDOWS\system32\eapphost.dll
2016-07-13 13:16 - 2016-07-01 05:48 - 00252928 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhengine.dll
2016-07-13 13:16 - 2016-07-01 05:48 - 00233984 _____ (Microsoft Corporation) C:\WINDOWS\system32\schtasks.exe
2016-07-13 13:16 - 2016-07-01 05:48 - 00200192 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUDFPlatform.dll
2016-07-13 13:16 - 2016-07-01 05:48 - 00160768 _____ (Microsoft Corporation) C:\WINDOWS\system32\SimAuth.dll
2016-07-13 13:16 - 2016-07-01 05:47 - 00414720 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.exe
2016-07-13 13:16 - 2016-07-01 05:47 - 00333312 _____ (Microsoft Corporation) C:\WINDOWS\system32\eapp3hst.dll
2016-07-13 13:16 - 2016-07-01 05:47 - 00319488 _____ (Microsoft Corporation) C:\WINDOWS\system32\dot3ui.dll
2016-07-13 13:16 - 2016-07-01 05:47 - 00318976 _____ (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll
2016-07-13 13:16 - 2016-07-01 05:47 - 00314368 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseAppMgmtSvc.dll
2016-07-13 13:16 - 2016-07-01 05:47 - 00274432 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmdskmgr.dll
2016-07-13 13:16 - 2016-07-01 05:47 - 00174592 _____ (Microsoft Corporation) C:\WINDOWS\system32\easwrt.dll
2016-07-13 13:16 - 2016-07-01 05:46 - 00715776 _____ (Microsoft Corporation) C:\WINDOWS\system32\GamePanel.exe
2016-07-13 13:16 - 2016-07-01 05:46 - 00565760 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActionCenterCPL.dll
2016-07-13 13:16 - 2016-07-01 05:46 - 00522240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.WiFiDirect.dll
2016-07-13 13:16 - 2016-07-01 05:46 - 00368640 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack_win.dll
2016-07-13 13:16 - 2016-07-01 05:46 - 00341504 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmicmiplugin.dll
2016-07-13 13:16 - 2016-07-01 05:46 - 00254464 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExecModelClient.dll
2016-07-13 13:16 - 2016-07-01 05:46 - 00185344 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSClient.dll
2016-07-13 13:16 - 2016-07-01 05:45 - 00344064 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Picker.dll
2016-07-13 13:16 - 2016-07-01 05:45 - 00270336 _____ (Microsoft Corporation) C:\WINDOWS\system32\netplwiz.dll
2016-07-13 13:16 - 2016-07-01 05:45 - 00224256 _____ (Microsoft Corporation) C:\WINDOWS\system32\PackageStateRoaming.dll
2016-07-13 13:16 - 2016-07-01 05:45 - 00203776 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFilterHost.exe
2016-07-13 13:16 - 2016-07-01 05:45 - 00147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssph.dll
2016-07-13 13:16 - 2016-07-01 05:45 - 00088576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll
2016-07-13 13:16 - 2016-07-01 05:44 - 01814528 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnidui.dll
2016-07-13 13:16 - 2016-07-01 05:44 - 00677376 _____ (Microsoft Corporation) C:\WINDOWS\system32\wiaaut.dll
2016-07-13 13:16 - 2016-07-01 05:44 - 00504832 _____ (Microsoft Corporation) C:\WINDOWS\system32\dlnashext.dll
2016-07-13 13:16 - 2016-07-01 05:44 - 00330240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2016-07-13 13:16 - 2016-07-01 05:43 - 01216512 _____ (Microsoft Corporation) C:\WINDOWS\system32\netcenter.dll
2016-07-13 13:16 - 2016-07-01 05:43 - 01048576 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebcamUi.dll
2016-07-13 13:16 - 2016-07-01 05:43 - 00947200 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasgcw.dll
2016-07-13 13:16 - 2016-07-01 05:43 - 00589824 _____ (Microsoft Corporation) C:\WINDOWS\system32\PrintDialogs.dll
2016-07-13 13:16 - 2016-07-01 05:43 - 00440320 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredProvDataModel.dll
2016-07-13 13:16 - 2016-07-01 05:43 - 00356864 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActivationManager.dll
2016-07-13 13:16 - 2016-07-01 05:43 - 00352256 _____ (Microsoft Corporation) C:\WINDOWS\system32\eappcfg.dll
2016-07-13 13:16 - 2016-07-01 05:42 - 00859136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2016-07-13 13:16 - 2016-07-01 05:42 - 00651776 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserLanguagesCpl.dll
2016-07-13 13:16 - 2016-07-01 05:42 - 00585728 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieui.dll
2016-07-13 13:16 - 2016-07-01 05:42 - 00504320 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppReadiness.dll
2016-07-13 13:16 - 2016-07-01 05:42 - 00429056 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskcomp.dll
2016-07-13 13:16 - 2016-07-01 05:42 - 00368128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.dll
2016-07-13 13:16 - 2016-07-01 05:42 - 00286720 _____ (Microsoft Corporation) C:\WINDOWS\system32\deviceaccess.dll
2016-07-13 13:16 - 2016-07-01 05:41 - 01847808 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPDMC.exe
2016-07-13 13:16 - 2016-07-01 05:41 - 01037824 _____ (Microsoft Corporation) C:\WINDOWS\system32\SmartcardCredentialProvider.dll
2016-07-13 13:16 - 2016-07-01 05:41 - 01001472 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2016-07-13 13:16 - 2016-07-01 05:41 - 00870400 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2016-07-13 13:16 - 2016-07-01 05:41 - 00817152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Storage.Search.dll
2016-07-13 13:16 - 2016-07-01 05:41 - 00299520 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskeng.exe
2016-07-13 13:16 - 2016-07-01 05:40 - 02050560 _____ (Microsoft Corporation) C:\WINDOWS\system32\PrintDialogs3D.dll
2016-07-13 13:16 - 2016-07-01 05:40 - 00673280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
2016-07-13 13:16 - 2016-07-01 05:40 - 00596480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Printing.dll
2016-07-13 13:16 - 2016-07-01 05:40 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Speech.Pal.dll
2016-07-13 13:16 - 2016-07-01 05:39 - 01872896 _____ (Microsoft Corporation) C:\WINDOWS\system32\workfolderssvc.dll
2016-07-13 13:16 - 2016-07-01 05:39 - 00268288 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2016-07-13 13:16 - 2016-07-01 05:39 - 00236032 _____ (Microsoft Corporation) C:\WINDOWS\system32\licensingdiag.exe
2016-07-13 13:16 - 2016-07-01 05:38 - 01291776 _____ (Microsoft Corporation) C:\WINDOWS\system32\werconcpl.dll
2016-07-13 13:16 - 2016-07-01 05:37 - 00584704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbonRes.dll
2016-07-13 13:16 - 2016-07-01 05:37 - 00055808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eappprxy.dll
2016-07-13 13:16 - 2016-07-01 05:36 - 02445312 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2016-07-13 13:16 - 2016-07-01 05:36 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryClient.dll
2016-07-13 13:16 - 2016-07-01 05:36 - 00048128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryBroker.dll
2016-07-13 13:16 - 2016-07-01 05:34 - 04170240 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbon.dll
2016-07-13 13:16 - 2016-07-01 05:34 - 00838144 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll
2016-07-13 13:16 - 2016-07-01 05:34 - 00205312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oemlicense.dll
2016-07-13 13:16 - 2016-07-01 05:34 - 00040960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Shell.Search.UriHandler.dll
2016-07-13 13:16 - 2016-07-01 05:32 - 02800128 _____ (Microsoft Corporation) C:\WINDOWS\system32\netshell.dll
2016-07-13 13:16 - 2016-07-01 05:32 - 00583680 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhotoScreensaver.scr
2016-07-13 13:16 - 2016-07-01 05:32 - 00157696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SimCfg.dll
2016-07-13 13:16 - 2016-07-01 05:32 - 00096256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eappgnui.dll
2016-07-13 13:16 - 2016-07-01 05:32 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\IdCtrls.dll
2016-07-13 13:16 - 2016-07-01 05:31 - 01385472 _____ (Microsoft Corporation) C:\WINDOWS\system32\usercpl.dll
2016-07-13 13:16 - 2016-07-01 05:31 - 00900608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.BackgroundTransfer.dll
2016-07-13 13:16 - 2016-07-01 05:31 - 00882688 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntshrui.dll
2016-07-13 13:16 - 2016-07-01 05:31 - 00290304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WmpDui.dll
2016-07-13 13:16 - 2016-07-01 05:31 - 00260096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apprepsync.dll
2016-07-13 13:16 - 2016-07-01 05:31 - 00238592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eapphost.dll
2016-07-13 13:16 - 2016-07-01 05:31 - 00186880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schtasks.exe
2016-07-13 13:16 - 2016-07-01 05:31 - 00129024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SimAuth.dll
2016-07-13 13:16 - 2016-07-01 05:30 - 02902528 _____ (Microsoft Corporation) C:\WINDOWS\system32\themeui.dll
2016-07-13 13:16 - 2016-07-01 05:30 - 01213440 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdengin2.dll
2016-07-13 13:16 - 2016-07-01 05:30 - 00733184 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasapi32.dll
2016-07-13 13:16 - 2016-07-01 05:30 - 00248320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eapp3hst.dll
2016-07-13 13:16 - 2016-07-01 05:30 - 00217600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmdskmgr.dll
2016-07-13 13:16 - 2016-07-01 05:30 - 00190464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apprepapi.dll
2016-07-13 13:16 - 2016-07-01 05:30 - 00151552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSClient.dll
2016-07-13 13:16 - 2016-07-01 05:30 - 00123392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ProximityCommon.dll
2016-07-13 13:16 - 2016-07-01 05:29 - 05123072 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll
2016-07-13 13:16 - 2016-07-01 05:29 - 04646912 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsrchvw.exe
2016-07-13 13:16 - 2016-07-01 05:29 - 00569856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\qdvd.dll
2016-07-13 13:16 - 2016-07-01 05:29 - 00386560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.WiFiDirect.dll
2016-07-13 13:16 - 2016-07-01 05:29 - 00315904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.BlockedShutdown.dll
2016-07-13 13:16 - 2016-07-01 05:29 - 00220672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\credprovs.dll
2016-07-13 13:16 - 2016-07-01 05:29 - 00193536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExecModelClient.dll
2016-07-13 13:16 - 2016-07-01 05:28 - 03046400 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsservices.dll
2016-07-13 13:16 - 2016-07-01 05:28 - 00442880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\efswrt.dll
2016-07-13 13:16 - 2016-07-01 05:28 - 00442368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dlnashext.dll
2016-07-13 13:16 - 2016-07-01 05:28 - 00347648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\zipfldr.dll
2016-07-13 13:16 - 2016-07-01 05:28 - 00283136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.BioFeedback.dll
2016-07-13 13:16 - 2016-07-01 05:28 - 00282624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msieftp.dll
2016-07-13 13:16 - 2016-07-01 05:28 - 00279040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edputil.dll
2016-07-13 13:16 - 2016-07-01 05:28 - 00238592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecsExt.dll
2016-07-13 13:16 - 2016-07-01 05:27 - 07533568 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2016-07-13 13:16 - 2016-07-01 05:27 - 04827136 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
2016-07-13 13:16 - 2016-07-01 05:27 - 02444800 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll
2016-07-13 13:16 - 2016-07-01 05:27 - 02280448 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2016-07-13 13:16 - 2016-07-01 05:27 - 01226752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wcnwiz.dll
2016-07-13 13:16 - 2016-07-01 05:27 - 00519168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintDialogs.dll
2016-07-13 13:16 - 2016-07-01 05:27 - 00330752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winipcfile.dll
2016-07-13 13:16 - 2016-07-01 05:27 - 00284160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eappcfg.dll
2016-07-13 13:16 - 2016-07-01 05:26 - 01445888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRHInproc.dll
2016-07-13 13:16 - 2016-07-01 05:26 - 01063936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Editing.dll
2016-07-13 13:16 - 2016-07-01 05:26 - 00585216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.AccountsControl.dll
2016-07-13 13:16 - 2016-07-01 05:26 - 00502272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DevicePairing.dll
2016-07-13 13:16 - 2016-07-01 05:26 - 00413696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WLanConn.dll
2016-07-13 13:16 - 2016-07-01 05:26 - 00400896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneDriveSettingSyncProvider.dll
2016-07-13 13:16 - 2016-07-01 05:26 - 00153088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSSync.dll
2016-07-13 13:16 - 2016-07-01 05:25 - 04775424 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2016-07-13 13:16 - 2016-07-01 05:25 - 01508352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmsipc.dll
2016-07-13 13:16 - 2016-07-01 05:25 - 01228800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Globalization.dll
2016-07-13 13:16 - 2016-07-01 05:25 - 00799744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRH.dll
2016-07-13 13:16 - 2016-07-01 05:25 - 00645632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Storage.Search.dll
2016-07-13 13:16 - 2016-07-01 05:25 - 00502784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2016-07-13 13:16 - 2016-07-01 05:25 - 00482816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\duser.dll
2016-07-13 13:16 - 2016-07-01 05:25 - 00477184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieui.dll
2016-07-13 13:16 - 2016-07-01 05:25 - 00356352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\taskcomp.dll
2016-07-13 13:16 - 2016-07-01 05:25 - 00240640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\taskeng.exe
2016-07-13 13:16 - 2016-07-01 05:24 - 04404736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll
2016-07-13 13:16 - 2016-07-01 05:24 - 04171264 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2016-07-13 13:16 - 2016-07-01 05:24 - 01497088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMPDMC.exe
2016-07-13 13:16 - 2016-07-01 05:24 - 00434688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LogonController.dll
2016-07-13 13:16 - 2016-07-01 05:23 - 00805888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSShared.dll
2016-07-13 13:16 - 2016-07-01 05:23 - 00460800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFolder.dll
2016-07-13 13:16 - 2016-07-01 05:23 - 00459776 _____ (Microsoft Corporation) C:\WINDOWS\system32\certcli.dll
2016-07-13 13:16 - 2016-07-01 05:23 - 00207872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\licensingdiag.exe
2016-07-13 13:16 - 2016-07-01 05:23 - 00184832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingMonitor.dll
2016-07-13 13:16 - 2016-07-01 05:21 - 01087488 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2016-07-13 13:16 - 2016-07-01 05:21 - 00321536 _____ (Microsoft Corporation) C:\WINDOWS\system32\GlobCollationHost.dll
2016-07-13 13:16 - 2016-07-01 05:20 - 03555840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xpsrchvw.exe
2016-07-13 13:16 - 2016-07-01 05:20 - 02798080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2016-07-13 13:16 - 2016-07-01 05:20 - 00777728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MsSpellCheckingFacility.dll
2016-07-13 13:16 - 2016-07-01 05:19 - 06471168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mspaint.exe
2016-07-13 13:16 - 2016-07-01 05:19 - 00736768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Display.dll
2016-07-13 13:16 - 2016-07-01 05:18 - 01448960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dui70.dll
2016-07-13 13:16 - 2016-07-01 05:18 - 00683008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.BackgroundTransfer.dll
2016-07-13 13:16 - 2016-07-01 05:16 - 02062336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2016-07-13 13:16 - 2016-07-01 05:15 - 03459584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbon.dll
2016-07-13 13:16 - 2016-07-01 05:15 - 02679808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netshell.dll
2016-07-13 13:16 - 2016-07-01 05:15 - 02501632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2016-07-13 13:16 - 2016-07-01 05:15 - 01626112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2016-07-13 13:16 - 2016-07-01 05:14 - 04759040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2016-07-13 13:16 - 2016-07-01 05:14 - 01498624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2016-07-13 13:16 - 2016-07-01 05:14 - 00802816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntshrui.dll
2016-07-13 13:16 - 2016-07-01 05:13 - 02849792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\themeui.dll
2016-07-13 13:16 - 2016-07-01 05:13 - 02000896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll
2016-07-13 13:16 - 2016-07-01 05:13 - 00835072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Streaming.dll
2016-07-13 13:16 - 2016-07-01 05:12 - 02179584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepository.dll
2016-07-13 13:16 - 2016-07-01 05:08 - 00879616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WebcamUi.dll
2016-07-13 13:16 - 2016-07-01 05:08 - 00199680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GlobCollationHost.dll
2016-07-13 13:16 - 2016-06-28 13:20 - 00219136 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2016-07-11 13:49 - 2016-07-11 13:49 - 00365504 _____ C:\Users\Gert\Desktop\hba137.pdf

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-08-09 23:04 - 2015-08-21 18:59 - 00001228 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job
2016-08-09 23:00 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\SecureBootUpdates
2016-08-09 23:00 - 2015-10-30 09:11 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-08-09 23:00 - 2015-05-22 16:59 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-08-09 22:57 - 2015-03-10 11:41 - 147640136 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-08-09 22:49 - 2015-05-21 11:58 - 00001136 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2016-08-09 19:29 - 2015-05-21 15:11 - 00000574 _____ C:\WINDOWS\Tasks\G2MUpdateTask-S-1-5-21-786549325-3828416840-1361333200-1001.job
2016-08-09 19:04 - 2015-08-21 18:59 - 00001224 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job
2016-08-09 18:09 - 2015-05-31 12:18 - 00000670 _____ C:\WINDOWS\Tasks\G2MUploadTask-S-1-5-21-786549325-3828416840-1361333200-1001.job
2016-08-09 18:08 - 2015-09-21 19:55 - 00000000 ___DC C:\Jts
2016-08-09 17:53 - 2015-12-22 04:48 - 02006668 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-08-09 17:53 - 2015-10-30 20:35 - 00853548 _____ C:\WINDOWS\system32\perfh007.dat
2016-08-09 17:53 - 2015-10-30 20:35 - 00188272 _____ C:\WINDOWS\system32\perfc007.dat
2016-08-09 17:53 - 2015-10-30 09:21 - 00000000 ____D C:\WINDOWS\INF
2016-08-09 17:47 - 2015-08-21 19:11 - 00000000 ___RD C:\Users\Gert\Dropbox
2016-08-09 17:46 - 2015-12-22 04:57 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-08-09 17:46 - 2015-12-22 04:47 - 00000000 ____D C:\ProgramData\NVIDIA
2016-08-09 17:46 - 2015-10-30 08:28 - 00524288 ___SH C:\WINDOWS\system32\config\BBI
2016-08-09 17:46 - 2015-05-21 11:58 - 00001132 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2016-08-09 17:45 - 2015-06-15 19:06 - 00000000 ____D C:\Program Files (x86)\Yahoo!
2016-08-09 17:26 - 2015-05-21 11:51 - 00004154 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{5F4290AD-2EC7-4B3B-A113-DAFA20E23291}
2016-08-09 07:52 - 2015-05-21 11:59 - 00002268 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-08-09 07:52 - 2015-05-21 11:59 - 00002256 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-08-08 12:13 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\tracing
2016-08-08 10:59 - 2016-01-16 18:12 - 00004028 _____ C:\WINDOWS\System32\Tasks\SafeZone scheduled Autoupdate 1452960773
2016-08-08 10:59 - 2016-01-16 18:12 - 00001092 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast SafeZone Browser.lnk
2016-08-08 10:59 - 2015-10-30 08:28 - 00032768 ___SH C:\WINDOWS\system32\config\ELAM
2016-08-08 10:58 - 2016-01-16 18:10 - 00037144 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
2016-08-08 10:58 - 2015-07-04 09:08 - 00968536 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2016-08-08 10:58 - 2015-07-04 09:08 - 00513496 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2016-08-08 10:58 - 2015-07-04 09:08 - 00292704 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswvmm.sys.147064670068705
2016-08-08 10:58 - 2015-07-04 09:08 - 00292704 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswvmm.sys.147064670057804
2016-08-08 10:58 - 2015-07-04 09:08 - 00292704 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswvmm.sys
2016-08-08 10:58 - 2015-07-04 09:08 - 00163416 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2016-08-08 10:58 - 2015-07-04 09:08 - 00108816 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2016-08-08 10:58 - 2015-07-04 09:08 - 00103064 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2016-08-08 10:58 - 2015-07-04 09:08 - 00074544 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2016-08-08 10:58 - 2015-07-04 09:08 - 00037656 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHwid.sys
2016-08-08 10:58 - 2015-07-04 09:08 - 00004004 _____ C:\WINDOWS\System32\Tasks\avast! Emergency Update
2016-08-08 10:55 - 2015-10-30 09:24 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2016-08-08 10:55 - 2015-08-21 18:59 - 00000000 ____D C:\Program Files (x86)\Dropbox
2016-08-08 10:55 - 2015-06-18 18:39 - 00000000 ____D C:\Program Files\Microsoft Office 15
2016-08-08 10:55 - 2015-03-31 15:06 - 00000000 ____D C:\Program Files (x86)\McAfee
2016-08-08 10:09 - 2016-06-09 07:06 - 00001008 _____ C:\Users\Gert\Desktop\Start Tor Browser.lnk
2016-08-08 10:09 - 2015-06-02 07:15 - 00001151 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2016-08-08 10:09 - 2015-06-02 07:15 - 00001151 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2016-08-07 19:22 - 2015-05-22 17:23 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2016-08-07 19:19 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-08-07 11:49 - 2015-05-21 11:42 - 00000000 ____D C:\Users\Gert\AppData\Roaming\Adobe
2016-08-07 11:47 - 2015-06-17 15:09 - 00000000 ____D C:\Users\Gert\AppData\Roaming\CyberLink
2016-08-07 11:37 - 2015-05-21 12:05 - 00000000 ____D C:\Users\Gert\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome-Apps
2016-08-07 11:32 - 2015-11-17 20:36 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-08-07 11:32 - 2015-08-28 19:00 - 00000000 ____D C:\Users\Gert\.oracle_jre_usage
2016-08-07 11:32 - 2015-06-15 19:04 - 00097856 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2016-08-07 11:32 - 2015-06-15 19:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2016-08-07 11:31 - 2015-06-15 19:03 - 00000000 ____D C:\Program Files (x86)\Java
2016-08-06 14:01 - 2015-10-30 09:24 - 00000000 ___HD C:\Program Files\WindowsApps
2016-08-05 12:34 - 2016-06-09 08:37 - 00003978 _____ C:\WINDOWS\System32\Tasks\Opera scheduled Autoupdate 1465454234
2016-08-05 12:34 - 2016-06-09 08:37 - 00001124 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk
2016-08-05 12:34 - 2016-06-09 08:37 - 00000000 ____D C:\Program Files (x86)\Opera
2016-08-04 10:25 - 2016-03-05 11:23 - 05121264 _____ (Interactive Brokers LLC) C:\Users\Gert\Downloads\tws-latest-windows-x64.exe
2016-08-04 10:25 - 2015-11-27 19:56 - 00001443 _____ C:\Users\Gert\Desktop\Trader Workstation.lnk
2016-08-04 10:25 - 2015-11-27 19:56 - 00000000 ____D C:\Users\Gert\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Trader Workstation
2016-08-03 07:53 - 2015-05-22 10:48 - 00004537 _____ C:\Users\Gert\AppData\Roaming\CamStudio.cfg
2016-08-03 07:53 - 2015-05-22 10:48 - 00000408 _____ C:\Users\Gert\AppData\Roaming\CamShapes.ini
2016-08-03 07:53 - 2015-05-22 10:48 - 00000408 _____ C:\Users\Gert\AppData\Roaming\CamLayout.ini
2016-08-03 07:53 - 2015-05-22 10:48 - 00000124 _____ C:\Users\Gert\AppData\Roaming\Camdata.ini
2016-08-02 18:51 - 2015-05-22 09:16 - 00000000 ____D C:\Users\Gert\AppData\Roaming\Skype
2016-08-02 18:32 - 2015-05-21 17:56 - 00000000 ____D C:\Users\Gert\AppData\Roaming\vlc
2016-08-02 18:30 - 2015-06-02 15:13 - 00000000 ____D C:\Users\Gert\Documents\My CamStudio Videos
2016-08-02 18:30 - 2015-05-22 10:01 - 00000000 ____D C:\Users\Gert\Documents\My CamStudio Temp Files
2016-08-02 18:10 - 2015-05-22 09:55 - 00000096 _____ C:\Users\Gert\AppData\Roaming\version2.xml
2016-08-02 17:57 - 2015-05-25 18:44 - 00048640 ___SH C:\Users\Gert\Documents\Thumbs.db
2016-08-01 16:41 - 2014-04-22 09:43 - 02615934 _____ C:\Users\Gert\Documents\notiz-rtf.odt
2016-08-01 14:16 - 2015-05-22 18:12 - 00000000 ____D C:\Users\Gert\AppData\Roaming\MyPhoneExplorer
2016-07-29 09:44 - 2015-05-21 11:58 - 00004194 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2016-07-29 09:44 - 2015-05-21 11:58 - 00003962 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2016-07-27 17:27 - 2015-10-12 13:34 - 00000000 ___RD C:\Program Files (x86)\Skype
2016-07-27 17:27 - 2015-05-22 09:16 - 00000000 ____D C:\ProgramData\Skype
2016-07-25 18:53 - 2015-07-05 22:58 - 00146944 ___SH C:\Users\Gert\Desktop\Thumbs.db
2016-07-25 18:52 - 2015-12-22 04:48 - 00000000 ____D C:\Users\Gert
2016-07-23 12:43 - 2015-05-21 12:17 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-07-20 21:06 - 2015-05-21 11:42 - 00000000 ____D C:\Users\Gert\AppData\Local\Packages
2016-07-17 17:17 - 2015-05-22 17:23 - 00004562 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2016-07-17 08:14 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\rescache
2016-07-16 22:55 - 2015-05-21 17:54 - 00000796 _____ C:\Users\Public\Desktop\VLC media player.lnk
2016-07-14 18:39 - 2016-04-11 12:14 - 00001041 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2016-07-14 18:39 - 2016-04-11 12:14 - 00001041 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Free Antivirus.lnk
2016-07-14 18:38 - 2015-05-21 11:18 - 00000000 __RHD C:\Users\Public\AccountPictures
2016-07-14 18:37 - 2015-10-30 20:44 - 00000000 ____D C:\Program Files\Windows Journal
2016-07-14 18:37 - 2015-10-30 09:24 - 00000000 ___RD C:\WINDOWS\PrintDialog
2016-07-14 18:37 - 2015-10-30 09:24 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2016-07-14 18:37 - 2015-10-30 09:24 - 00000000 ___RD C:\WINDOWS\DevicesFlow
2016-07-14 18:37 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\oobe
2016-07-14 18:37 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\system32\appraiser
2016-07-14 18:37 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\Provisioning
2016-07-14 18:37 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\PolicyDefinitions
2016-07-14 18:37 - 2015-10-30 09:24 - 00000000 ____D C:\WINDOWS\bcastdvr
2016-07-14 18:37 - 2015-10-30 09:24 - 00000000 ____D C:\Program Files\Windows Photo Viewer
2016-07-14 18:37 - 2015-10-30 09:24 - 00000000 ____D C:\Program Files\Windows Defender
2016-07-14 18:37 - 2015-10-30 09:24 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2016-07-14 18:37 - 2015-10-30 09:24 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2016-07-13 16:19 - 2015-05-26 10:11 - 00000000 ___DC C:\FreeOCR
2016-07-13 07:12 - 2016-07-09 15:33 - 00935046 _____ C:\Users\Gert\Documents\notiz-rtf-7.pdf

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2016-06-09 09:30 - 2016-06-09 09:30 - 0000037 ___SH () C:\Users\Gert\AppData\Roaming\9961660784cc2937229a742.95731288
2015-05-22 10:48 - 2016-08-03 07:53 - 0000124 _____ () C:\Users\Gert\AppData\Roaming\Camdata.ini
2015-05-22 10:48 - 2016-08-03 07:53 - 0000408 _____ () C:\Users\Gert\AppData\Roaming\CamLayout.ini
2015-05-22 10:48 - 2016-08-03 07:53 - 0000408 _____ () C:\Users\Gert\AppData\Roaming\CamShapes.ini
2015-05-22 10:48 - 2016-08-03 07:53 - 0004537 _____ () C:\Users\Gert\AppData\Roaming\CamStudio.cfg
2015-05-22 09:55 - 2016-08-02 18:10 - 0000096 _____ () C:\Users\Gert\AppData\Roaming\version2.xml
2015-06-28 13:54 - 2015-07-01 07:54 - 0000097 _____ () C:\Users\Gert\AppData\Roaming\WB.CFG
2015-05-30 20:05 - 2015-05-30 20:05 - 0186706 _____ () C:\Users\Gert\AppData\Local\Excal32.dat
2015-10-23 14:46 - 2015-10-23 14:46 - 0000017 _____ () C:\Users\Gert\AppData\Local\resmon.resmoncfg
2015-12-22 04:47 - 2015-12-22 04:47 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2015-05-21 17:36 - 2015-05-21 17:36 - 0004872 _____ () C:\ProgramData\vczcspay.tpu

Einige Dateien in TEMP:
====================
C:\Users\Gert\AppData\Local\Temp\501.tmp.exe
C:\Users\Gert\AppData\Local\Temp\92456f05-ad84-4cf0-86e9-33ed4ca3ddf1.exe
C:\Users\Gert\AppData\Local\Temp\BooksDownloader.exe
C:\Users\Gert\AppData\Local\Temp\DriverBoosterSetup.exe
C:\Users\Gert\AppData\Local\Temp\libeay32.dll
C:\Users\Gert\AppData\Local\Temp\msvcr120.dll
C:\Users\Gert\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2016-07-31 05:20

==================== Ende von FRST.txt ============================

gert83 09.08.2016 22:34
Addition.txt:
Code:
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 09-08-2016 01
durchgeführt von Gert (2016-08-09 23:24:41)
Gestartet von D:\Downloads
Windows 10 Home Version 1511 (X64) (2015-12-22 02:59:37)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-786549325-3828416840-1361333200-500 - Administrator - Disabled) => C:\Users\Administrator
DefaultAccount (S-1-5-21-786549325-3828416840-1361333200-503 - Limited - Disabled)
Gast (S-1-5-21-786549325-3828416840-1361333200-501 - Limited - Disabled)
Gert (S-1-5-21-786549325-3828416840-1361333200-1001 - Administrator - Enabled) => C:\Users\Gert
HomeGroupUser$ (S-1-5-21-786549325-3828416840-1361333200-1003 - Limited - Enabled)

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Avast Antivirus (Disabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Disabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.017.20053 - Adobe Systems Incorporated)
Application Insights Tools for Visual Studio 2015 (x32 Version: 3.3 - Microsoft Corporation) Hidden
Ashampoo AppLauncher (Medion) v.1.0.0 (HKLM-x32\...\Ashampoo AppLauncher (Medion)_is1) (Version: 1.0.0 - Ashampoo GmbH & Co. KG)
Autochartist MT4 plugin for Activ Trades (HKLM-x32\...\Autochartist MT4 plugin for Activ Trades) (Version: 70 - Autochartist)
Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 12.2.2276 - AVAST Software)
Azure AD Authentication Connected Service (x32 Version: 14.0.23107 - Microsoft Corporation) Hidden
AzureTools.Notifications (x32 Version: 2.7.30611.1601 - Microsoft Corporation) Hidden
Blend for Visual Studio SDK for .NET 4.5 (x32 Version: 3.0.40218.0 - Microsoft Corporation) Hidden
Books Downloader version 1.0.0.1 (HKLM-x32\...\Books Downloader_is1) (Version: 1.0.0.1 - WorldOfBooks) <==== ACHTUNG
CamStudio 2.7.3 (HKLM\...\{04B83666-3A62-452B-85D3-70F8117F2329}_is1) (Version: 2.7.3 - CamStudio Open Source)
CamStudio Lossless Codec v1.5 (HKLM-x32\...\camcodec) (Version: 1.5 - CamStudio)
Chromium (HKU\S-1-5-21-786549325-3828416840-1361333200-1001\...\Chromium) (Version: 45.0.2406.0 - Chromium)
Cisco WebEx Meetings (HKU\S-1-5-21-786549325-3828416840-1361333200-1001\...\ActiveTouchMeetingClient) (Version:  - Cisco WebEx LLC)
Citrix Online Launcher (HKLM-x32\...\{DB014C85-A264-4BCA-A66F-6DD1FCF8EC36}) (Version: 1.0.335 - Citrix)
ClipMagic 4.1 (HKLM-x32\...\ClipMagic_3.1) (Version: 4.1 - MJT Net Ltd)
CyberLink Home Cinema 10 (HKLM-x32\...\InstallShield_{8F14AA37-5193-4A14-BD5B-BDF9B361AEF7}) (Version: 10.0 - CyberLink Corp.)
CyberLink PhotoDirector 5 (Version: 5.0.5724.0 - CyberLink Corp.) Hidden
CyberLink PowerDirector 11 (Version: 11.0.0.4426 - CyberLink Corp.) Hidden
CyberLink PowerRecover (HKLM-x32\...\InstallShield_{44B2A0AB-412E-4F8C-B058-D1E8AECCDFF5}) (Version: 5.7.0.3617 - CyberLink Corp.)
CyberLink PowerRecover (Version: 5.7.0.3617 - CyberLink Corp.) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Devenv-Ressourcen für Microsoft Visual Studio 2015 (x32 Version: 14.0.23107 - Microsoft Corporation) Hidden
Dotfuscator and Analytics Community Edition 5.18.1 (x32 Version: 5.18.1.2898 - PreEmptive Solutions) Hidden
Dotfuscator and Analytics Community Edition Language Pack 5.18.1 de-DE (x32 Version: 5.18.1.2898 - PreEmptive Solutions) Hidden
Driver Booster 3.5 (HKLM-x32\...\Driver Booster_is1) (Version: 3.5 - IObit)
Dropbox (HKLM-x32\...\Dropbox) (Version: 7.4.30 - Dropbox, Inc.)
Dropbox Update Helper (x32 Version: 1.3.27.35 - Dropbox, Inc.) Hidden
Entity Framework 6.1.3 Tools  for Visual Studio 2015 (HKLM-x32\...\{1A8A9739-BAD7-491F-B5B9-A79A2B965422}) (Version: 14.0.40302.0 - Microsoft Corporation)
Erforderliche Komponenten für SSDT  (HKLM-x32\...\{2466E484-9D86-416B-9C88-AA533F15AF1C}) (Version: 12.0.2000.8 - Microsoft Corporation)
e-Saver version 3.4.1 (HKLM-x32\...\{C97CA73D-E96B-4B42-830E-D0F7BD780FB8}_is1) (Version: 3.4.1 - AOC)
Fotogalerie (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Fotogalerija (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Fotogalleri (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Fotogalleriet (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Fotoğraf Galerisi (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Fotótár (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
FreeOCR v5.4 (HKLM-x32\...\freeocr_is1) (Version:  - )
FX Choice - MetaTrader 4 (HKLM-x32\...\FX Choice - MetaTrader 4) (Version: 4.00 - MetaQuotes Software Corp.)
FX Choice MetaTrader 5 (HKLM\...\FX Choice MetaTrader 5) (Version: 5.00 - MetaQuotes Software Corp.)
Galeria de Fotografias (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Galería de fotos (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Galeria fotografii (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Galerie de photos (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Gemeinsam genutzte Microsoft Azure-Komponenten für Visual Studio 2015 Sprachpaket (DEU) - v1.5 (x32 Version: 1.5.30619.1602 - Microsoft Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 52.0.2743.116 - Google Inc.)
Google Update Helper (x32 Version: 1.3.31.5 - Google Inc.) Hidden
GoToMeeting 7.20.0.5174 (HKU\S-1-5-21-786549325-3828416840-1361333200-1001\...\GoToMeeting) (Version: 7.20.0.5174 - CitrixOnline)
HEXelon MAX 6.07 (HKLM-x32\...\HEXelon MAX_is1) (Version: 6.07 - Jerzy Znamirowski)
IIS 10.0 Express (HKLM\...\{5984D8DA-C1AF-4284-9C88-D7150425B315}) (Version: 10.0.1734 - Microsoft Corporation)
IIS Express Application Compatibility Database for x64 (HKLM\...\{08274920-8908-45c2-9258-8ad67ff77b09}.sdb) (Version:  - )
IIS Express Application Compatibility Database for x86 (HKLM\...\{ad846bae-d44b-4722-abad-f7420e08bcd9}.sdb) (Version:  - )
i-Menu version 4.3.1 (HKLM-x32\...\{0121C0BD-363C-4B1D-8B64-FE7681A37D0A}_is1) (Version: 4.3.1 - AOC)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.14.1724 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.9.0.1001 - Intel Corporation)
iRoot (HKLM-x32\...\{1295E43F-382A-4CB2-9E0F-079C0D7401BB}_is1) (Version: 1.8.6.20013 - SING)
Java 8 Update 101 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180101F0}) (Version: 8.0.1010.13 - Oracle Corporation)
Java 8 Update 77 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218077F0}) (Version: 8.0.770.3 - Oracle Corporation)
Java 8 Update 91 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218091F0}) (Version: 8.0.910.14 - Oracle Corporation)
Kalkules 1.9.6.25 (HKLM-x32\...\{6541EA45-0665-4485-ABAA-417BC83AC92F}_is1) (Version:  - Jardo)
Malwarebytes Anti-Malware Version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
McAfee WebAdvisor (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 4.0.233 - McAfee, Inc.)
MetaTrader - ActivTrades (HKLM-x32\...\MetaTrader - ActivTrades) (Version: 4.00 - MetaQuotes Software Corp.)
MetaTrader - ActivTrades (HKLM-x32\...\MetaTrader - ActivTradesDemoPC) (Version: 4.00 - MetaQuotes Software Corp.)
MetaTrader - London Capital Group Ltd. (HKLM-x32\...\MetaTrader - London Capital Group Ltd.Demo) (Version: 4.00 - MetaQuotes Software Corp.)
MetaTrader 4 (HKLM-x32\...\MetaTrader  QT-Demo) (Version: 4.00 - MetaQuotes Software Corp.)
MetaTrader 4 (HKLM-x32\...\MetaTrader 4) (Version: 4.00 - MetaQuotes Software Corp.)
MetaTrader 5 - ActivTrades (HKLM\...\MetaTrader 5 - ActivTrades) (Version: 5.00 - MetaQuotes Software Corp.)
MetaTrader 5 - ActivTrades (HKLM\...\MetaTrader 5 - ActivTradesLive) (Version: 5.00 - MetaQuotes Software Corp.)
MetaTrader 5 - ActivTrades (HKLM\...\MetaTrader 5 - Live ActivTrades) (Version: 5.00 - MetaQuotes Software Corp.)
Microsoft .NET Framework 4.5 Multi-Targeting Pack (HKLM-x32\...\{56E962F0-4FB0-3C67-88DB-9EAA6EEFC493}) (Version: 4.5.50710 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (HKLM-x32\...\{6A0C6700-EA93-372C-8871-DCCF13D160A4}) (Version: 4.5.50932 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 SDK (Deutsch) (HKLM-x32\...\{CBD7095F-7211-43FD-9FE7-FB08D753AF79}) (Version: 4.5.51641 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 SDK (HKLM-x32\...\{19A5926D-66E1-46FC-854D-163AA10A52D3}) (Version: 4.5.51641 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 Multi-Targeting Pack (HKLM-x32\...\{B941AFB4-8851-33A1-9E72-0C33D463C41C}) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.6 SDK (Deutsch) (HKLM-x32\...\{EE8BD24B-75E1-4BBF-86B9-91FE16ADE71C}) (Version: 4.6.00081 - Microsoft Corporation)
Microsoft .NET Framework 4.6 SDK (HKLM-x32\...\{B5915D37-0637-4A26-A3AA-C5DC9F856370}) (Version: 4.6.00081 - Microsoft Corporation)
Microsoft .NET Framework 4.6 Targeting Pack (HKLM-x32\...\{2CC6A4A7-AAC2-46C9-9DBB-3727B5954F65}) (Version: 4.6.00081 - Microsoft Corporation)
Microsoft .NET Version Manager (x64) 1.0.0-beta5 (HKLM\...\{c5a4aba3-1aba-3ef8-b2d5-c3fa37f59738}) (Version: 1.0.10609.0 - Microsoft Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Help Viewer 2.2 (HKLM-x32\...\Microsoft Help Viewer 2.2) (Version: 2.2.23107 - Microsoft Corporation)
Microsoft Help Viewer 2.2 Sprachpaket - DEU (HKLM-x32\...\Microsoft Help Viewer 2.2 Sprachpaket - DEU) (Version: 2.2.23107 - Microsoft Corporation)
Microsoft Office 365 - de-de (HKLM\...\O365HomePremRetail - de-de) (Version: 15.0.4841.1002 - Microsoft Corporation)
Microsoft OneNote 2013 - de-de (HKLM\...\OneNoteFreeRetail - de-de) (Version: 15.0.4841.1002 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server 2012 Command Line Utilities  (HKLM\...\{F09DEB00-9F41-4BC9-BA81-9F131B12B3D5}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Native Client  (HKLM\...\{8E4BA1E5-54E8-41F0-919B-CD875B83CFCE}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server Compact 4.0 SP1 x64 DEU  (HKLM\...\{98225B15-ECF5-4645-B5AC-F8C5E869A5D5}) (Version: 4.0.8876.1 - Microsoft Corporation)
Microsoft SQL Server Data Tools - DEU (14.0.50616.0) (HKLM-x32\...\{FA604873-01A0-4834-AF87-418534E465BB}) (Version: 14.0.50616.0 - Microsoft Corporation)
Microsoft SQL Server*2014 Management Objects  (HKLM-x32\...\{4F4CB3E2-9D2F-465A-854B-8276B02F4E7D}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server*2014 Management Objects (x64) (HKLM\...\{03CB711D-679E-46ED-851B-C568418CF914}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server*2014 Transact-SQL ScriptDom  (HKLM\...\{F2A2DB39-2C5A-4764-AA0F-5AB112663FFA}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft SQL Server*2014 T-SQL Language Service  (HKLM-x32\...\{06BE8B71-46C6-434B-869E-85C58EF3120A}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4048 (HKLM\...\{91415F19-4C22-3609-A105-92ED3522D83C}) (Version: 9.0.30729.4048 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4048 (HKLM-x32\...\{5B1F2843-B379-3FF2-B0D3-64DD143ED53A}) (Version: 9.0.30729.4048 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{9634d50a-0c4d-4f52-8a9f-894a2baae370}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{307a22b8-8353-4c5e-b67b-2404c5734558}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{90ffcee5-8608-4e94-8c18-a4feb4f83fb8}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{4fcf070a-daac-45e9-a8b0-6850941f7ed8}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23026 (HKLM-x32\...\{e46eca4f-393b-40df-9f49-076faf788d83}) (Version: 14.0.23026.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23026 (HKLM-x32\...\{74d0e5db-b326-4dae-a6b2-445b9de1836e}) (Version: 14.0.23026.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio Community 2015 (HKLM-x32\...\{5c2b89b0-08cc-492f-b086-21e4d6ae7be4}) (Version: 14.0.23107.10 - Microsoft Corporation)
Microsoft Web Deploy 3.6 (HKLM\...\{ED4CC1E5-043E-4157-8452-B5E533FE2BA1}) (Version: 3.1238.1955 - Microsoft Corporation)
Microsoft-System-CLR-Typen für SQL Server 2014 (HKLM\...\{63967E7E-5D53-42FA-A7B2-DC50FB0F976F}) (Version: 12.0.2402.11 - Microsoft Corporation)
Microsoft-System-CLR-Typen für SQL Server 2014 (HKLM-x32\...\{2ADB6B9D-83C6-494E-B8AE-E815956A4670}) (Version: 12.0.2402.11 - Microsoft Corporation)
Mit C# erstellte geräteübergreifende Hybrid-Apps - Vorlagen - DEU (x32 Version: 14.0.23107 - Microsoft Corporation) Hidden
Moffsoft FreeCalc (HKLM-x32\...\MoffFreeCalc_is1) (Version: 1.1 - Moffsoft)
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 48.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 48.0 (x86 de)) (Version: 48.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 45.2.0.6025 - Mozilla)
Mozilla Thunderbird 45.2.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 45.2.0 (x86 de)) (Version: 45.2.0 - Mozilla)
MyPhoneExplorer (HKLM-x32\...\MPE) (Version: 1.8.6 - F.J. Wechselberger)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.8.3 - Notepad++ Team)
Nuance PaperPort 14 (HKLM-x32\...\{C5C4D031-D616-49E7-BCD4-E99CF5872EB0}) (Version: 14.0.0000 - Nuance Communications, Inc.)
Nuance PDF Create 7 (HKLM\...\{CD7A262C-287E-41DD-A0F7-733856252C6B}) (Version: 7.10.2364 - Nuance Communications, Inc)
Nuance PDF Create 7 (HKLM-x32\...\{CD7A262C-287E-41DD-A0F7-733856252C6B}) (Version: 7.10.2364 - Nuance Communications, Inc)
Nuance PDF Viewer Plus (HKLM-x32\...\{042A6F10-F770-4886-A502-B795DCF2D3B5}) (Version: 7.10.3211 - Nuance Communications, Inc)
NVIDIA 3D Vision Controller-Treiber 352.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 352.65 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 359.00 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 359.00 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.7.4.10 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.7.4.10 - NVIDIA Corporation)
NVIDIA Grafiktreiber 359.00 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 359.00 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.34.4 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.4 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4841.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4841.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4841.1002 - Microsoft Corporation) Hidden
Old Calculator for Windows 10 (HKLM-x32\...\OldCalcForWin10) (Version: 1.0 - hxxp://winaero.com)
OpenOffice 4.1.1 (HKLM-x32\...\{ACD0FFF9-6B35-43C1-82DB-9FF6990E8602}) (Version: 4.11.9775 - Apache Software Foundation)
Opera Stable 39.0.2256.48 (HKLM-x32\...\Opera 39.0.2256.48) (Version: 39.0.2256.48 - Opera Software)
Paket zur Festlegung von Zielversionen für Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM-x32\...\{D5409B11-EF28-37A1-AE7A-6051A5BAD923}) (Version: 4.5.50932 - Microsoft Corporation)
Paket zur Festlegung von Zielversionen für Microsoft .NET Framework 4.5.1 RC für Windows Store-Apps (Deutsch) (x32 Version: 4.5.21005 - Microsoft Corporation) Hidden
Paket zur Festlegung von Zielversionen für Microsoft .NET Framework 4.5.2 (Deutsch) (HKLM-x32\...\{3F514FDC-F0F2-3B99-86D6-F7B3A2679B39}) (Version: 4.5.51209 - Microsoft Corporation)
Paket zur Festlegung von Zielversionen für Microsoft .NET Framework 4.6 (Deutsch) (HKLM-x32\...\{7227EFF8-BC26-44D4-B91D-969A82DBDF4A}) (Version: 4.6.00081 - Microsoft Corporation)
PaperPort Image Printer 64-bit (HKLM\...\{715CAACC-579B-4831-A5F4-A83A8DE3EFE2}) (Version: 14.00.0001 - Nuance Communications, Inc.)
PaperScan Free Edition (HKLM-x32\...\{41D1AD50-4276-4DAF-8AAB-5D97D75E47B3}) (Version: 1.5.5 - ORPALIS)
Podstawowe programy Windows Live (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
PreEmptive Analytics Client German Language Pack (x32 Version: 1.2.5134.1 - PreEmptive Solutions) Hidden
PreEmptive Analytics Visual Studio Components (x32 Version: 1.2.5134.1 - PreEmptive Solutions) Hidden
Python Tools 2.2 for Visual Studio 2015 (HKLM-x32\...\{DE3F045F-57D5-4DAF-A479-DB759047966B}) (Version: 2.2.30718.00 - Microsoft Corporation)
Raccolta foto (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.20.815.2013 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7535 - Realtek Semiconductor Corp.)
Roslyn Language Services - x86 (x32 Version: 14.0.23107 - Microsoft Corporation) Hidden
SafeZone Stable 1.51.2220.47 (x32 Version: 1.51.2220.47 - Avast Software) Hidden
Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.6.3.15075.2 - Samsung Electronics Co., Ltd.)
Samsung Kies (x32 Version: 2.6.3.15075.2 - Samsung Electronics Co., Ltd.) Hidden
Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.55.0 - Samsung Electronics Co., Ltd.)
Scansoft PDF Create (x32 Version:  - ) Hidden
Screen+ version Screen+ 1.2.1 (HKLM\...\Screen+_is1) (Version: Screen+ 1.2.1 - AOC)
SHIELD Streaming (Version: 4.1.0240 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.7.4.10 - NVIDIA Corporation) Hidden
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 8.3.0.9150 - Microsoft Corporation)
Skype™ 7.26 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.26.101 - Skype Technologies S.A.)
SmartOrder 2 (HKLM-x32\...\{7B4050B6-ACDA-458E-AA58-8E9EF8CE3B0D}) (Version: 2.00.0000 - ActivTrades)
SmartOrder2 (HKU\S-1-5-21-786549325-3828416840-1361333200-1001\...\824ffa957de8cbda) (Version: 2.0.0.64 - ActivTrades Plc)
SpeedCrunch 0.11 (HKLM-x32\...\SpeedCrunch_is1) (Version:  - SpeedCrunch)
Team Explorer for Microsoft Visual Studio 2015 (x32 Version: 14.0.23102 - Microsoft Corporation) Hidden
TeamViewer 10 (HKLM-x32\...\TeamViewer) (Version: 10.0.47484 - TeamViewer)
Test Tools for Microsoft Visual Studio 2015 (x32 Version: 14.0.23107 - Microsoft Corporation) Hidden
Trader Workstation (HKU\S-1-5-21-786549325-3828416840-1361333200-1001\...\5889-6375-8446-2021) (Version: latest (957.3f) 20160803 10:07:54 - Interactive Brokers LLC)
TypeScript Power Tool (x32 Version: 1.5.3.0 - Microsoft Corporation) Hidden
TypeScript Tools for Microsoft Visual Studio 2015 (x32 Version: 1.5.3.0 - Microsoft Corporation) Hidden
TypeScript Tools for Microsoft Visual Studio 2015 1.5.3.0 (HKLM-x32\...\{7f54b430-3428-4775-aeae-531e46185ec6}) (Version: 1.5.23115.0 - Microsoft Corporation)
Universal CRT Extension SDK (x32 Version: 10.0.10150 - Microsoft Corporation) Hidden
Universal CRT Headers Libraries and Sources (x32 Version: 10.0.10150 - Microsoft Corporation) Hidden
Universal CRT Redistributable (x32 Version: 10.0.10150 - Microsoft Corporation) Hidden
Universal CRT Tools x64 (Version: 10.0.10150 - Microsoft Corporation) Hidden
Universal CRT Tools x86 (x32 Version: 10.0.10150 - Microsoft Corporation) Hidden
Update for  (KB2504637) (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}.KB2504637) (Version: 1 - Microsoft Corporation)
Valokuvavalikoima (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
VLC media player (HKLM\...\VLC media player) (Version: 2.2.4 - VideoLAN)
WCF Data Services 5.6.4 DEU Language Pack (x32 Version: 5.6.62175.4 - Microsoft Corporation) Hidden
WCF Data Services 5.6.4 Runtime (x32 Version: 5.6.62175.4 - Microsoft Corporation) Hidden
WCF Data Services Tools for Microsoft Visual Studio 2015 (x32 Version: 5.6.62175.4 - Microsoft Corporation) Hidden
WCF Data Services Tools for Microsoft Visual Studio 2015 DEU Language Pack (x32 Version: 5.6.62175.4 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
WinPcap 4.1.3 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2980 - Riverbed Technology, Inc.)
WinRAR 5.31 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.31.0 - win.rar GmbH)
Wireshark 1.12.7 (64-bit) (HKLM-x32\...\Wireshark) (Version: 1.12.7 - The Wireshark developer community, hxxp://www.wireshark.org)
Συλλογή φωτογραφιών (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-786549325-3828416840-1361333200-1001_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\Gert\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\FileCoAuth.exe (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-786549325-3828416840-1361333200-1001_Classes\CLSID\{84B5A313-CD5D-4904-8BA2-AFDC81C1B309}\InprocServer32 -> C:\Users\Gert\AppData\Local\Citrix\GoToMeeting\5174\G2MOutlookAddin64.dll (Citrix Online, a division of Citrix Systems, Inc.)

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {02D442EF-173A-42D0-A65E-331BB1BB6A59} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-05-21] (Google Inc.)
Task: {1F6D72B1-4341-4AA4-BB85-3844E0631FF6} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2016-06-14] (Microsoft Corporation)
Task: {2E5DA384-DA64-42E1-A333-E9F043E94FCE} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2016-08-09] (Microsoft Corporation)
Task: {32C849FE-B7FF-43C6-A305-CBBD90372487} - System32\Tasks\avastBCLRestart_chrome.exe => Chrome.exe
Task: {3F7070CC-3319-45E9-BC4B-7046531EFC83} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-05-21] (Google Inc.)
Task: {40078ADC-474C-49DB-B8AB-4660A2784746} - System32\Tasks\G2MUpdateTask-S-1-5-21-786549325-3828416840-1361333200-1001 => C:\Users\Gert\AppData\Local\Citrix\GoToMeeting\5174\g2mupdate.exe [2016-07-03] (Citrix Online, a division of Citrix Systems, Inc.)
Task: {42950795-0B49-498E-8646-54FF717E9370} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx86\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe [2016-06-14] (Microsoft Corporation)
Task: {45028766-F62D-42A2-A58C-776892C2E4A3} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Keine Datei <==== ACHTUNG
Task: {52C97040-C402-4AAF-B802-0388B0410C3A} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG
Task: {5638C73A-9FBC-495B-A0B2-12493DFACA12} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Keine Datei <==== ACHTUNG
Task: {5CA3A75A-1773-47DF-A8FF-F8AEED6A23E0} - System32\Tasks\PDVDServ12 Task => C:\Program Files (x86)\CyberLink\PowerDVD12\PDVD12Serv.exe [2014-11-04] (CyberLink Corp.)
Task: {63A9C8CE-68E8-41FD-AFE6-539D3B860FCF} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2015-08-21] (Dropbox, Inc.)
Task: {69A59633-A9FC-4517-AB8F-5C43E68F0CE8} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine Datei <==== ACHTUNG
Task: {6C5094CA-1BAB-4697-9503-B0A6895B92CB} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2016-06-14] (Microsoft Corporation)
Task: {886EDD44-6275-441E-AE0B-D2E17B1299E9} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Keine Datei <==== ACHTUNG
Task: {8BB7F7F0-0D42-4CDF-8F9C-9CFD2AF252E7} - System32\Tasks\G2MUploadTask-S-1-5-21-786549325-3828416840-1361333200-1001 => C:\Users\Gert\AppData\Local\Citrix\GoToMeeting\5174\g2mupload.exe [2016-07-03] (Citrix Online, a division of Citrix Systems, Inc.)
Task: {963E48CD-D8FC-4785-93C2-7FC6292DBE02} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei <==== ACHTUNG
Task: {A01F177D-FBCE-47D1-9659-BE4E4B182BA1} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Keine Datei <==== ACHTUNG
Task: {A3A4CAC5-A305-4846-8448-B5D3C9246AFD} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Keine Datei <==== ACHTUNG
Task: {B0045424-C03F-4EF5-8BEB-6CDD7101F984} - System32\Tasks\avast! Emergency Update => D:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2016-08-08] (AVAST Software)
Task: {BA6F1E57-7D82-46E3-8D5A-06E860EB9388} - System32\Tasks\SafeZone scheduled Autoupdate 1452960773 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe [2016-07-25] (Avast Software)
Task: {C189D7D0-35FD-4E74-B4F8-F3B135492FDD} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> Keine Datei <==== ACHTUNG
Task: {D0AC9D16-3CF1-4BFC-929D-ED0DF0657043} - System32\Tasks\Opera scheduled Autoupdate 1465454234 => C:\Program Files (x86)\Opera\launcher.exe [2016-08-03] (Opera Software)
Task: {D46F9378-60EC-4924-854D-5A63E95E9D52} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG
Task: {D59E0B2E-EA9F-479F-B9D1-DB59809B7314} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Keine Datei <==== ACHTUNG
Task: {F59DFEA1-34A0-406D-8ED0-A7575DA68DFF} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-06-25] (Adobe Systems Incorporated)
Task: {F5E306E1-AAEE-48E6-ACB7-94ADCAA45C62} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2015-08-21] (Dropbox, Inc.)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\G2MUpdateTask-S-1-5-21-786549325-3828416840-1361333200-1001.job => C:\Users\Gert\AppData\Local\Citrix\GoToMeeting\5174\g2mupdate.exe
Task: C:\WINDOWS\Tasks\G2MUploadTask-S-1-5-21-786549325-3828416840-1361333200-1001.job => C:\Users\Gert\AppData\Local\Citrix\GoToMeeting\5174\g2mupload.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

ShortcutWithArgument: C:\Users\Gert\Desktop\Google Notizen – Notizen & Listen.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) ->  --profile-directory=Default --app-id=hmjkmjkepdijhoojdojkdfohbdgmmhki
ShortcutWithArgument: C:\Users\Gert\Desktop\Hofer - yesss!.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://www.yesss.at
ShortcutWithArgument: C:\Users\Gert\Desktop\Hofer Reisen.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://www.hofer-reisen.at/business/ers?WT.z_src=main
ShortcutWithArgument: C:\Users\Gert\Desktop\Hofer Startseite.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://www.hofer.at
ShortcutWithArgument: C:\Users\Gert\Desktop\Profil 1 - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 1"
ShortcutWithArgument: C:\Users\Gert\Desktop\Standardprofil - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 2"
ShortcutWithArgument: C:\Users\Gert\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome-Apps\DeviceOnline UPnP_DLNA MC.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) ->  --profile-directory=Default --app-id=ecedelmnmfbcnhomndfjadaeldibhdog
ShortcutWithArgument: C:\Users\Gert\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome-Apps\Google Notizen – Notizen & Listen.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) ->  --profile-directory=Default --app-id=hmjkmjkepdijhoojdojkdfohbdgmmhki
ShortcutWithArgument: C:\Users\Gert\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome-Apps\PDF Viewer.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) ->  --profile-directory=Default --app-id=jccchjobcggajhnmckffhcahkkbioifn
ShortcutWithArgument: C:\Users\Gert\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Notizen – Notizen & Listen.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) ->  --profile-directory=Default --app-id=hmjkmjkepdijhoojdojkdfohbdgmmhki
ShortcutWithArgument: C:\Users\Gert\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Standardprofil - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 2"
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MEDIONhome.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://www.medion.com
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Welcome.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://www.aldi.com
ShortcutWithArgument: C:\Users\Public\Desktop\eBay.at.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) -> hxxp://rover.ebay.com/rover/1/5221-154549-44482-8/4

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2015-10-30 09:18 - 2015-10-30 09:18 - 00185856 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2014-04-16 12:22 - 2014-04-16 10:22 - 00029184 _____ () C:\WINDOWS\System32\usp02l.dll
2015-06-18 18:39 - 2016-05-24 09:51 - 00116416 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2015-03-30 13:26 - 2013-03-06 15:42 - 00389896 _____ () C:\Program Files\CyberLink\Shared files\RichVideo64.exe
2016-07-13 13:16 - 2016-07-01 06:48 - 02656408 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2016-07-13 13:16 - 2016-07-01 06:48 - 02656408 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2016-06-29 18:11 - 2016-06-29 18:11 - 00959168 _____ () C:\Users\Gert\AppData\Local\Microsoft\OneDrive\17.3.6390.0509\amd64\ClientTelemetry.dll
2015-04-15 22:13 - 2015-04-15 22:13 - 00222720 _____ () D:\Program Files (x86)\Notepad++\NppShell_06.dll
2016-04-19 15:15 - 2016-04-19 15:15 - 00144384 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe
2015-12-22 04:44 - 2015-12-22 04:44 - 00093696 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\Windows.UI.Shell.SharedUtilities.dll
2016-07-13 13:17 - 2016-07-01 05:48 - 00472064 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2016-07-13 13:16 - 2016-07-01 05:27 - 07992832 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2016-07-13 13:16 - 2016-07-01 05:21 - 00591360 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-07-13 13:16 - 2016-07-01 05:22 - 02483200 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2016-07-13 13:16 - 2016-07-01 05:24 - 04089856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2015-11-27 19:56 - 2016-08-03 14:21 - 00155136 ____C () C:\Jts\.install4j\i4jinst.dll
2016-06-28 11:25 - 2016-06-28 11:25 - 03790336 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1605.1582.0_x64__8wekyb3d8bbwe\Calculator.exe
2015-12-18 13:00 - 2015-12-18 13:00 - 00258560 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1605.1582.0_x64__8wekyb3d8bbwe\StoreRatingPromotion.dll
2016-04-19 15:15 - 2016-04-19 15:15 - 00141312 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeBackgroundTasks.dll
2016-04-19 15:15 - 2016-04-19 15:15 - 22284800 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkyWrap.dll
2016-04-19 15:15 - 2016-04-19 15:15 - 02941440 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\MessagingNativeCore.dll
2016-04-19 15:15 - 2016-04-19 15:15 - 00583168 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\MessagingEntityExtractionProxy.dll
2016-04-19 15:15 - 2016-04-19 15:15 - 01300992 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\MessagingNativeBase.dll
2016-07-02 18:44 - 2016-07-02 18:44 - 48936448 _____ () D:\Program Files\AVAST Software\Avast\libcef.dll
2016-08-08 10:58 - 2016-08-08 10:58 - 00169064 _____ () D:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2016-08-08 10:58 - 2016-08-08 10:58 - 00482928 _____ () D:\Program Files\AVAST Software\Avast\ffl2.dll
2015-03-30 11:05 - 2014-07-02 11:20 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2015-11-21 10:50 - 2015-11-12 20:39 - 00012080 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2016-08-09 07:52 - 2016-08-03 02:24 - 01771336 _____ () C:\Program Files (x86)\Google\Chrome\Application\52.0.2743.116\libglesv2.dll
2016-08-09 07:52 - 2016-08-03 02:23 - 00094024 _____ () C:\Program Files (x86)\Google\Chrome\Application\52.0.2743.116\libegl.dll
2016-07-28 21:46 - 2016-07-28 21:46 - 22393528 _____ () C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.dll
2016-05-03 16:41 - 2016-05-03 16:41 - 00322232 _____ () C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\sqlite.dll
2016-06-30 13:55 - 2016-06-30 13:55 - 46476472 _____ () C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\libcef.dll
2016-08-09 07:51 - 2016-08-03 01:54 - 17602240 _____ () C:\Program Files (x86)\Google\Chrome\Application\52.0.2743.116\PepperFlash\pepflashplayer.dll
2015-07-09 07:32 - 2016-02-23 10:10 - 00325824 _____ () C:\Program Files\Microsoft Office 15\root\office15\AppVIsvStream32.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)


==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)


==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2013-08-22 15:25 - 2016-08-07 11:48 - 00000856 ____A C:\WINDOWS\system32\Drivers\etc\hosts

127.0.0.1 clients2.google.com

==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-786549325-3828416840-1361333200-1001\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\web\wallpaper\Windows\img0.jpg
DNS Servers: 10.0.0.138
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKLM\...\StartupApproved\Run32: => "KiesTrayAgent"
HKU\S-1-5-21-786549325-3828416840-1361333200-1001\...\StartupApproved\Run: => "Skype"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{BD7EF9EE-C208-452A-B64E-976DE2A01E79}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{776BEA55-1ACE-462D-ADF2-25199604AD8A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{72726043-6124-4856-B0EF-0D94E46F2975}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{C18E62CC-72E3-4BA3-8825-7559E94F5DA7}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{5673F4F5-76A4-4B42-9845-8100C3A1B993}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{DD89C6AD-0D88-44AE-A88E-C11F334F4544}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{430F60AD-26CB-423E-BA3F-402D31AB4C62}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{2B4AEFDB-EFAC-47C5-8A28-B5F3BF6B8D36}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{EB4E9C85-9545-45E1-A2F0-90CD3ED5444C}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{EF164B4A-D028-4C18-9DAD-AD05371418D3}] => (Allow) C:\Program Files\MetaTrader 5 - ActivTrades\metatester64.exe
FirewallRules: [UDP Query User{20C1C31D-16C9-4C93-A1D4-ACD41849E56E}C:\program files (x86)\skype\phone\skype.exe] => (Block) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [TCP Query User{B1AA4987-5E59-45AB-B6AA-40642B0B4796}C:\program files (x86)\skype\phone\skype.exe] => (Block) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{96D760D9-F5BA-432F-9B01-2C9717E4FD3A}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [TCP Query User{11A1DDA1-E5D2-4AC6-80BD-D4067F601C33}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{BD628FA6-8DC4-48FC-B043-D7129C540A7D}C:\program files (x86)\metatrader - activtrades\terminal.exe] => (Allow) C:\program files (x86)\metatrader - activtrades\terminal.exe
FirewallRules: [TCP Query User{7B0290AD-EA22-4878-86E9-5773883EB82F}C:\program files (x86)\metatrader - activtrades\terminal.exe] => (Allow) C:\program files (x86)\metatrader - activtrades\terminal.exe
FirewallRules: [{FA51E67D-507C-4CCD-90BA-89AC2A6F8588}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{ADEB4460-7E4F-46A3-8008-58B4CF70731C}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{EA920F8F-70DD-4F0C-ABA4-42DF47F01E63}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{696A5B67-8E20-4912-ADCE-0719B8DA8ABE}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [UDP Query User{3637885C-9F4F-4D06-B63F-02BEAFA1F29D}C:\program files (x86)\metatrader - activtrades\terminal.exe] => (Allow) C:\program files (x86)\metatrader - activtrades\terminal.exe
FirewallRules: [TCP Query User{D39FAABE-F201-4B7F-8800-3241951BB07B}C:\program files (x86)\metatrader - activtrades\terminal.exe] => (Allow) C:\program files (x86)\metatrader - activtrades\terminal.exe
FirewallRules: [UDP Query User{7683C440-E32A-4876-9A57-F3A24B2546E4}D:\program files (x86)\myphoneexplorer\myphoneexplorer.exe] => (Allow) D:\program files (x86)\myphoneexplorer\myphoneexplorer.exe
FirewallRules: [TCP Query User{1867BBB0-FCE5-4118-B0A1-BAA2095FA88A}D:\program files (x86)\myphoneexplorer\myphoneexplorer.exe] => (Allow) D:\program files (x86)\myphoneexplorer\myphoneexplorer.exe
FirewallRules: [UDP Query User{59A4E706-68B5-40DD-95F2-A80906233D66}C:\users\gert\appdata\local\logmein rescue applet\lmir0001.tmp\lmi_rescue.exe] => (Allow) C:\users\gert\appdata\local\logmein rescue applet\lmir0001.tmp\lmi_rescue.exe
FirewallRules: [TCP Query User{08660CC5-24F8-4531-8561-6D452EF5CCA7}C:\users\gert\appdata\local\logmein rescue applet\lmir0001.tmp\lmi_rescue.exe] => (Allow) C:\users\gert\appdata\local\logmein rescue applet\lmir0001.tmp\lmi_rescue.exe
FirewallRules: [{096DFC34-12BD-434C-AD70-F47D88536B8C}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{9DE07622-811F-4EA1-BC55-60F955CB6752}] => (Allow) LPort=2869
FirewallRules: [{3EBD42D7-5C51-425C-B78C-10AD1560FE28}] => (Allow) LPort=1900
FirewallRules: [{9498DBBD-AAF0-403F-9F63-2FC7116A9E22}] => (Allow) C:\Program Files\CyberLink\PowerDirector11\PDR10.EXE
FirewallRules: [{9B7818CF-6CD6-4493-A95B-05D8D255CE59}] => (Allow) C:\Users\Gert\AppData\Local\Chromium\Application\chrome.exe
FirewallRules: [{271E7290-4867-4307-9EC0-960EA7C1B3FC}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{5F2DF261-F751-424C-A53D-87AF6F1BC5A9}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{4C527049-A6A4-494E-81D1-C846906AA8A2}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\outlook.exe
FirewallRules: [{CA2E7379-E9F4-4F05-8470-273309272383}] => (Allow) C:\Users\Gert\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
FirewallRules: [{650D7B57-BE91-4331-9230-3772E8A467C2}] => (Allow) C:\Users\Gert\AppData\Local\Microsoft\OneDrive\OneDrive.exe
FirewallRules: [UDP Query User{4795D04E-6097-4F00-ACC0-9581BC1F4A4D}D:\program files (x86)\skype\phone\skype.exe] => (Allow) D:\program files (x86)\skype\phone\skype.exe
FirewallRules: [TCP Query User{7CD7E720-E170-4B5E-A4EC-2DAFB4D978CC}D:\program files (x86)\myphoneexplorer\myphoneexplorer.exe] => (Allow) D:\program files (x86)\myphoneexplorer\myphoneexplorer.exe
FirewallRules: [UDP Query User{49C350EA-09FC-42E9-8C83-35E96EA20864}D:\program files (x86)\myphoneexplorer\myphoneexplorer.exe] => (Allow) D:\program files (x86)\myphoneexplorer\myphoneexplorer.exe
FirewallRules: [{CB0E9E29-2440-454F-BE5C-6BADD5DB4C3B}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{47ACB9DB-2FE2-4FCA-A537-2D1154E7945D}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{3279867F-89BE-4C06-9DD7-BF58DA5E93B3}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{B328C500-AC5C-4FDC-89DB-B8E27E0C0DC2}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [TCP Query User{9E002255-0760-4272-9B9B-247610CF9000}D:\program files (x86)\skype\phone\skype.exe] => (Block) D:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{24F5EFE0-1E1A-4067-80C6-7260AC9005B1}D:\program files (x86)\skype\phone\skype.exe] => (Block) D:\program files (x86)\skype\phone\skype.exe
FirewallRules: [{33E4E1FE-5EE0-4B7C-B11F-DB162353A542}] => (Allow) D:\Programme (x86)\Microsoft Visual Studio 14.0\Common7\IDE\devenv.exe
FirewallRules: [{A08F13BA-B656-4C7F-BD76-84F8F1FDFAB4}] => (Allow) D:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
FirewallRules: [{0AAD0090-D5B3-4716-AFFE-929F50ECA141}] => (Allow) D:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
FirewallRules: [{873BFA34-01E3-4C69-9F63-03D1A5336D04}] => (Allow) D:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
FirewallRules: [{7A832B69-8158-4600-AC10-14A981C17E67}] => (Allow) D:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
FirewallRules: [{F9E9A573-7E85-461E-810B-9070B9CEAB3B}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
FirewallRules: [{D3ED7781-FC6F-467B-8828-FF31239C4CC1}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Wiederherstellungspunkte =========================

ACHTUNG: Systemwiederherstellung ist deaktiviert

==================== Fehlerhafte Geräte im Gerätemanager =============


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (08/09/2016 08:14:10 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "PDR.X,type="win32",version="1.0.0.0"1".
Die abhängige Assemblierung "PDR.X,type="win32",version="1.0.0.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (08/09/2016 08:14:10 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "PDR.X,type="win32",version="1.0.0.0"1".
Die abhängige Assemblierung "PDR.X,type="win32",version="1.0.0.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (08/09/2016 08:14:09 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="arm",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Die abhängige Assemblierung "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="arm",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (08/08/2016 07:48:28 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: BITSC:\Windows\System32\bitsperf.dll8

Error: (08/08/2016 03:12:58 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "PDR.X,type="win32",version="1.0.0.0"1".
Die abhängige Assemblierung "PDR.X,type="win32",version="1.0.0.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (08/08/2016 03:12:58 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "PDR.X,type="win32",version="1.0.0.0"1".
Die abhängige Assemblierung "PDR.X,type="win32",version="1.0.0.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (08/08/2016 03:12:57 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="arm",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Die abhängige Assemblierung "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="arm",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (08/08/2016 03:11:40 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "PDR.X,type="win32",version="1.0.0.0"1".
Die abhängige Assemblierung "PDR.X,type="win32",version="1.0.0.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (08/08/2016 03:11:40 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "PDR.X,type="win32",version="1.0.0.0"1".
Die abhängige Assemblierung "PDR.X,type="win32",version="1.0.0.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".

Error: (08/08/2016 03:11:39 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="arm",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Die abhängige Assemblierung "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="arm",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".


Systemfehler:
=============
Error: (08/09/2016 07:46:00 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalAktivierung{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (08/09/2016 06:59:58 PM) (Source: DCOM) (EventID: 10016) (User: Haupt-PC)
Description: ComputerstandardLokalAktivierung{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}Haupt-PCGertS-1-5-21-786549325-3828416840-1361333200-1001LocalHost (unter Verwendung von LRPC)Microsoft.Windows.Cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewyS-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742

Error: (08/09/2016 06:59:58 PM) (Source: DCOM) (EventID: 10016) (User: Haupt-PC)
Description: ComputerstandardLokalAktivierung{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}Haupt-PCGertS-1-5-21-786549325-3828416840-1361333200-1001LocalHost (unter Verwendung von LRPC)Microsoft.Windows.Cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewyS-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742

Error: (08/09/2016 05:57:00 PM) (Source: DCOM) (EventID: 10016) (User: Haupt-PC)
Description: ComputerstandardLokalAktivierung{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}Haupt-PCGertS-1-5-21-786549325-3828416840-1361333200-1001LocalHost (unter Verwendung von LRPC)Microsoft.Windows.Cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewyS-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742

Error: (08/09/2016 05:57:00 PM) (Source: DCOM) (EventID: 10016) (User: Haupt-PC)
Description: ComputerstandardLokalAktivierung{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}Haupt-PCGertS-1-5-21-786549325-3828416840-1361333200-1001LocalHost (unter Verwendung von LRPC)Microsoft.Windows.Cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewyS-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742

Error: (08/09/2016 05:57:00 PM) (Source: DCOM) (EventID: 10016) (User: Haupt-PC)
Description: ComputerstandardLokalAktivierung{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}Haupt-PCGertS-1-5-21-786549325-3828416840-1361333200-1001LocalHost (unter Verwendung von LRPC)Microsoft.Windows.Cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewyS-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742

Error: (08/09/2016 05:57:00 PM) (Source: DCOM) (EventID: 10016) (User: Haupt-PC)
Description: ComputerstandardLokalAktivierung{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}Haupt-PCGertS-1-5-21-786549325-3828416840-1361333200-1001LocalHost (unter Verwendung von LRPC)Microsoft.Windows.Cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewyS-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742

Error: (08/09/2016 05:55:57 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "NVIDIA Display Driver Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (08/09/2016 05:51:43 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: AnwendungsspezifischLokalAktivierung{D63B10C5-BB46-4990-A94F-E40B9D520160}{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}NT-AUTORITÄTSYSTEMS-1-5-18LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (08/09/2016 05:47:24 PM) (Source: DCOM) (EventID: 10016) (User: Haupt-PC)
Description: ComputerstandardLokalAktivierung{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}Haupt-PCGertS-1-5-21-786549325-3828416840-1361333200-1001LocalHost (unter Verwendung von LRPC)Microsoft.Windows.Cortana_1.6.1.52_neutral_neutral_cw5n1h2txyewyS-1-15-2-1861897761-1695161497-2927542615-642690995-327840285-2659745135-2630312742


CodeIntegrity:
===================================
  Date: 2016-07-15 15:55:40.043
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-07-14 18:38:27.853
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-07-14 03:45:38.744
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-06-22 10:36:12.479
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-06-20 15:05:52.302
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-06-16 17:19:23.484
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-05-15 10:07:54.934
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-05-12 03:32:08.582
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-05-11 09:05:59.834
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.

  Date: 2016-04-14 13:45:30.401
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\efswrt.dll because the set of per-page image hashes could not be found on the system.


==================== Speicherinformationen ===========================

Prozessor: Intel(R) Core(TM) i7-4790 CPU @ 3.60GHz
Prozentuale Nutzung des RAM: 65%
Installierter physikalischer RAM: 8148.29 MB
Verfügbarer physikalischer RAM: 2786.4 MB
Summe virtueller Speicher: 21972.29 MB
Verfügbarer virtueller Speicher: 14569.52 MB

==================== Laufwerke ================================

Drive c: (Boot) (Fixed) (Total:117.09 GB) (Free:50.88 GB) NTFS
Drive d: (Data) (Fixed) (Total:871 GB) (Free:820.7 GB) NTFS
Drive e: (Recover) (Fixed) (Total:60.51 GB) (Free:42.61 GB) NTFS
Drive g: (User Guide) (CDROM) (Total:0.13 GB) (Free:0 GB) CDFS
Drive h: () (Fixed) (Total:0.09 GB) (Free:0.04 GB) FAT32

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (Size: 119.2 GB) (Disk ID: 0DF9E840)

Partition: GPT.

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 0DF9E827)
Partition 1: (Not Active) - (Size=871 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=60.5 GB) - (Type=07 NTFS)

==================== Ende von Addition.txt ============================

cosinus 09.08.2016 23:10
FRST-Fix

Virenscanner jetzt bitte komplett deaktivieren, damit sichergestellt ist, dass der Fix sauber durchläuft!

Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:
C:\Program Files (x86)\dkx3EB2
C:\Program Files (x86)\Ckhile
C:\Users\Gert\AppData\Local\thocertioncoohpyfaterle
C:\Users\Gert\AppData\Roaming\9961660784cc2937229a742.95731288
C:\ProgramData\vczcspay.tpu
Books Downloader version 1.0.0.1 (HKLM-x32\...\Books Downloader_is1) (Version: 1.0.0.1 - WorldOfBooks) <==== ACHTUNG
Task: {45028766-F62D-42A2-A58C-776892C2E4A3} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Keine Datei <==== ACHTUNG
Task: {52C97040-C402-4AAF-B802-0388B0410C3A} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG
Task: {5638C73A-9FBC-495B-A0B2-12493DFACA12} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Keine Datei <==== ACHTUNG
Task: {69A59633-A9FC-4517-AB8F-5C43E68F0CE8} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine Datei <==== ACHTUNG
Task: {886EDD44-6275-441E-AE0B-D2E17B1299E9} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Keine Datei <==== ACHTUNG
Task: {963E48CD-D8FC-4785-93C2-7FC6292DBE02} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei <==== ACHTUNG
Task: {A01F177D-FBCE-47D1-9659-BE4E4B182BA1} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Keine Datei <==== ACHTUNG
Task: {A3A4CAC5-A305-4846-8448-B5D3C9246AFD} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Keine Datei <==== ACHTUNG
Task: {C189D7D0-35FD-4E74-B4F8-F3B135492FDD} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> Keine Datei <==== ACHTUNG
Task: {D46F9378-60EC-4924-854D-5A63E95E9D52} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG
Task: {D59E0B2E-EA9F-479F-B9D1-DB59809B7314} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Keine Datei <==== ACHTUNG
emptytemp:

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
  • Starte nun FRST erneut und klicke den Entfernen Button.
  • Das Tool erstellt eine Fixlog.txt.
  • Poste mir deren Inhalt.


gert83 10.08.2016 08:26
Fixlog.txt:
Code:
Entferungsergebnis von Farbar Recovery Scan Tool (x64) Version: 09-08-2016 01
durchgeführt von Gert (2016-08-10 09:15:54) Run:1
Gestartet von D:\Downloads
Geladene Profile: Gert (Verfügbare Profile: Gert & Administrator)
Start-Modus: Normal
==============================================

fixlist Inhalt:
*****************
C:\Program Files (x86)\dkx3EB2
C:\Program Files (x86)\Ckhile
C:\Users\Gert\AppData\Local\thocertioncoohpyfaterle
C:\Users\Gert\AppData\Roaming\9961660784cc2937229a742.95731288
C:\ProgramData\vczcspay.tpu
Books Downloader version 1.0.0.1 (HKLM-x32\...\Books Downloader_is1) (Version: 1.0.0.1 - WorldOfBooks) <==== ACHTUNG
Task: {45028766-F62D-42A2-A58C-776892C2E4A3} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Keine Datei <==== ACHTUNG
Task: {52C97040-C402-4AAF-B802-0388B0410C3A} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG
Task: {5638C73A-9FBC-495B-A0B2-12493DFACA12} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Keine Datei <==== ACHTUNG
Task: {69A59633-A9FC-4517-AB8F-5C43E68F0CE8} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine Datei <==== ACHTUNG
Task: {886EDD44-6275-441E-AE0B-D2E17B1299E9} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Keine Datei <==== ACHTUNG
Task: {963E48CD-D8FC-4785-93C2-7FC6292DBE02} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei <==== ACHTUNG
Task: {A01F177D-FBCE-47D1-9659-BE4E4B182BA1} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Keine Datei <==== ACHTUNG
Task: {A3A4CAC5-A305-4846-8448-B5D3C9246AFD} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Keine Datei <==== ACHTUNG
Task: {C189D7D0-35FD-4E74-B4F8-F3B135492FDD} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> Keine Datei <==== ACHTUNG
Task: {D46F9378-60EC-4924-854D-5A63E95E9D52} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG
Task: {D59E0B2E-EA9F-479F-B9D1-DB59809B7314} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Keine Datei <==== ACHTUNG
emptytemp:
       
*****************

C:\Program Files (x86)\dkx3EB2 => erfolgreich verschoben
C:\Program Files (x86)\Ckhile => erfolgreich verschoben
C:\Users\Gert\AppData\Local\thocertioncoohpyfaterle => erfolgreich verschoben
C:\Users\Gert\AppData\Roaming\9961660784cc2937229a742.95731288 => erfolgreich verschoben
C:\ProgramData\vczcspay.tpu => erfolgreich verschoben
Books Downloader version 1.0.0.1 (HKLM-x32\...\Books Downloader_is1) (Version: 1.0.0.1 - WorldOfBooks) <==== ACHTUNG => Fehler: Kein automatisierter Fix für diesen Eintrag gefunden.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{45028766-F62D-42A2-A58C-776892C2E4A3}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{45028766-F62D-42A2-A58C-776892C2E4A3}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Logon-5d" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{52C97040-C402-4AAF-B802-0388B0410C3A}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{52C97040-C402-4AAF-B802-0388B0410C3A}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfig" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{5638C73A-9FBC-495B-A0B2-12493DFACA12}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5638C73A-9FBC-495B-A0B2-12493DFACA12}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{69A59633-A9FC-4517-AB8F-5C43E68F0CE8}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{69A59633-A9FC-4517-AB8F-5C43E68F0CE8}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{886EDD44-6275-441E-AE0B-D2E17B1299E9}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{886EDD44-6275-441E-AE0B-D2E17B1299E9}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{963E48CD-D8FC-4785-93C2-7FC6292DBE02}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{963E48CD-D8FC-4785-93C2-7FC6292DBE02}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxcontent" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{A01F177D-FBCE-47D1-9659-BE4E4B182BA1}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A01F177D-FBCE-47D1-9659-BE4E4B182BA1}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{A3A4CAC5-A305-4846-8448-B5D3C9246AFD}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A3A4CAC5-A305-4846-8448-B5D3C9246AFD}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{C189D7D0-35FD-4E74-B4F8-F3B135492FDD}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C189D7D0-35FD-4E74-B4F8-F3B135492FDD}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{D46F9378-60EC-4924-854D-5A63E95E9D52}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D46F9378-60EC-4924-854D-5A63E95E9D52}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\launchtrayprocess" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{D59E0B2E-EA9F-479F-B9D1-DB59809B7314}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D59E0B2E-EA9F-479F-B9D1-DB59809B7314}" => Schlüssel erfolgreich entfernt
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Time-5d" => Schlüssel erfolgreich entfernt

=========== EmptyTemp: ==========

BITS transfer queue => 38296 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 10592525 B
Java, Flash, Steam htmlcache => 1098 B
Windows/system/drivers => 186252428 B
Edge => 4376845 B
Chrome => 482344228 B
Firefox => 114163864 B
Opera => 34508928 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 180908 B
NetworkService => 2648 B
Gert => 189718310 B
Administrator => 78836 B

RecycleBin => 544459740 B
EmptyTemp: => 1.5 GB temporäre Dateien entfernt.

================================


Das System musste neu gestartet werden.

==== Ende von Fixlog 09:16:22 ====

cosinus 10.08.2016 08:43
Okay, dann Kontrollscans mit (1) MBAM, (2) ESET und (3) SecurityCheck bitte:


1. Schritt: MBAM

Downloade Dir bitte Malwarebytes Anti-Malware
  • Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
  • Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
  • Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.




2. Schritt: ESET

ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset




3. Schritt: SecurityCheck

Downloade Dir bitte SecurityCheck und:

  • Speichere es auf dem Desktop.
  • Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
  • Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.
Poste den Inhalt bitte hier.

gert83 10.08.2016 18:02
mbam.txt:
Code:
Malwarebytes Anti-Malware
www.malwarebytes.org

Suchlaufdatum: 10.08.2016
Suchlaufzeit: 16:42
Protokolldatei: Malwarebytes Logfile.txt
Administrator: Ja

Version: 2.2.1.1043
Malware-Datenbank: v2016.08.10.09
Rootkit-Datenbank: v2016.08.09.01
Lizenz: Testversion
Malware-Schutz: Aktiviert
Schutz vor bösartigen Websites: Aktiviert
Selbstschutz: Deaktiviert

Betriebssystem: Windows 10
CPU: x64
Dateisystem: NTFS
Benutzer: Gert

Suchlauftyp: Bedrohungssuchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 423141
Abgelaufene Zeit: 6 Min., 8 Sek.

Speicher: Aktiviert
Start: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(keine bösartigen Elemente erkannt)

Module: 0
(keine bösartigen Elemente erkannt)

Registrierungsschlüssel: 0
(keine bösartigen Elemente erkannt)

Registrierungswerte: 0
(keine bösartigen Elemente erkannt)

Registrierungsdaten: 0
(keine bösartigen Elemente erkannt)

Ordner: 0
(keine bösartigen Elemente erkannt)

Dateien: 0
(keine bösartigen Elemente erkannt)

Physische Sektoren: 0
(keine bösartigen Elemente erkannt)


(end)
ESET log.txt:

Code:
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=27bdf44369da3d499cf3e752cc98a4ee
# end=init
# utc_time=2016-08-10 03:22:41
# local_time=2016-08-10 05:22:41 (+0100, Mitteleuropäische Sommerzeit)
# country="Austria"
# osver=6.2.9200 NT
Update Init
Update Download
Update Finalize
Updated modules version: 30384
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=27bdf44369da3d499cf3e752cc98a4ee
# end=updated
# utc_time=2016-08-10 03:27:17
# local_time=2016-08-10 05:27:17 (+0100, Mitteleuropäische Sommerzeit)
# country="Austria"
# osver=6.2.9200 NT
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7777
# api_version=3.1.1
# EOSSerial=27bdf44369da3d499cf3e752cc98a4ee
# engine=30384
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2016-08-10 04:24:45
# local_time=2016-08-10 06:24:45 (+0100, Mitteleuropäische Sommerzeit)
# country="Austria"
# lang=1031
# osver=6.2.9200 NT
# compatibility_mode_1='avast! Antivirus'
# compatibility_mode=788 16777213 83 85 32254 34852562 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776574 100 94 2332050 33088340 0 0
# scanned=357145
# found=16
# cleaned=0
# scan_time=3447
sh=3E3B146A1B8A0716300FE4AB2DA21B77BA18514E ft=1 fh=ac0efcc0bfc50c4b vn="Variante von Win32/Obfuscated.NHJ Trojaner" ac=I fn="C:\FRST\Quarantine\C\Program Files (x86)\Ckhile\Cligosplg.dll"
sh=B3F0A291481AAF768DEE006194BBAE8D0DB1C8AA ft=1 fh=c21153a93af23ce4 vn="Variante von Win32/Obfuscated.NHD Trojaner" ac=I fn="C:\FRST\Quarantine\C\Program Files (x86)\dkx3EB2\q0k3EC1.dll"
sh=E87CA28D5C418D7C56CB975018E153E2D8432753 ft=0 fh=0000000000000000 vn="Variante von Android/Spy.Agent.BK Trojaner" ac=I fn="C:\Users\Gert\AppData\Roaming\mgyun\VRoot\AppCool.apk"
sh=62984B68567A21D3604F2E685E3D5902C4CBAFAF ft=1 fh=5f18adcce76b9d3c vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Gert\Downloads\CamStudio - CHIP-Installer.exe"
sh=24C4EA99B4078D7F764743E4FEA2D5A963DC3BE0 ft=1 fh=f5a2b8ea7f58f564 vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Gert\Downloads\Kalkules - CHIP-Installer.exe"
sh=8DA3FF72E049D83EA50BE2FD20CC5C093CBA76A6 ft=1 fh=accbdd2deea60bfa vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Gert\Downloads\Skype - CHIP-Installer.exe"
sh=340C5F84AB925F1BA899D8D8C57957F46C0C1D94 ft=1 fh=5ebd436da1ef2058 vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Gert\Downloads\VLC media player 64 Bit - CHIP-Installer.exe"
sh=7B7D8E9C5F5B61E7231A324B128E9FA6C3F57BE9 ft=0 fh=0000000000000000 vn="Mehrere Bedrohungen" ac=I fn="D:\Downloads\iroot_1861.zip"
sh=9651CB2294B58AE5A53BEDDA9F4BEAFF9CA76F59 ft=1 fh=5ee3ed997563df5d vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="D:\Downloads\Malwarebytes Anti Malware Malware Scanner - CHIP-Installer.exe"
sh=08383D9925179CF63C1B85BD02430B40149C404B ft=1 fh=aaf5676f0a518063 vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="D:\Downloads\Old Calculator for Windows 10 - CHIP-Installer (1).exe"
sh=1904988668C2B5F279AFC9A2D2A81C32F76370DC ft=1 fh=8b1787348c98603a vn="Variante von Win32/DownloadGuide.D evtl. unerwünschte Anwendung" ac=I fn="D:\Downloads\oldcalcwin10_winaero.com_869_CB-DL-Manager.exe"
sh=6899EE2E7E0F1BA38613828CB8A91B3BBAC5FDCA ft=1 fh=bac95e4a2d3167f8 vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="D:\Downloads\Samsung Android USB Composite Device Treiber - CHIP-Installer.exe"
sh=338980BF87DCBF30D9A32522C805D6BF36050B01 ft=1 fh=d451ba8a27863dba vn="Variante von Win32/DownloadSponsor.C evtl. unerwünschte Anwendung" ac=I fn="D:\Downloads\Samsung Kies - CHIP-Installer.exe"
sh=1D3EA510E457C63F84DAE96D765027353B54F8E4 ft=1 fh=02c046778f31238e vn="Mehrere Bedrohungen" ac=I fn="D:\Downloads\iroot_1861\iRoot_1.8.6.20013_cid1005_7337.exe"
sh=20A00A8C1269B4FADE1811316A03AEF11B2DCB8A ft=0 fh=0000000000000000 vn="Variante von Android/Spy.Agent.BK Trojaner" ac=I fn="D:\Program Files (x86)\iRoot\AppCool.apk"
sh=EB405934F6F6A07A50F9802C18BB14C021AA6C71 ft=0 fh=0000000000000000 vn="Variante von Android/Spy.Agent.GR Trojaner" ac=I fn="D:\Program Files (x86)\iRoot\Old-Superuser.apk"
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=27bdf44369da3d499cf3e752cc98a4ee
# end=init
# utc_time=2016-08-10 04:44:23
# local_time=2016-08-10 06:44:23 (+0100, Mitteleuropäische Sommerzeit)
# country="Austria"
# osver=6.2.9200 NT
Update Init
Update Download
esets_scanner_update returned -1 esets_gle=53251
Update Finalize
Updated modules version: 30384
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=27bdf44369da3d499cf3e752cc98a4ee
# end=updated
# utc_time=2016-08-10 04:48:45
# local_time=2016-08-10 06:48:45 (+0100, Mitteleuropäische Sommerzeit)
# country="Austria"
# osver=6.2.9200 NT
checkup.txt:
Code:
Results of screen317's Security Check version 1.009 
  x64 (UAC is enabled) 
 Internet Explorer 11 
``````````````Antivirus/Firewall Check:``````````````
Windows Defender 
Avast Antivirus   
 Antivirus out of date! 
`````````Anti-malware/Other Utilities Check:`````````
 Microsoft VisualStudio JavaScript Project System
 Java 8 Update 101 
 Java 8 Update 77 
 Java 8 Update 91 
 Microsoft VisualStudio JavaScript Language Service
 Java version 32-bit out of Date!
 Mozilla Firefox (48.0)
 Mozilla Thunderbird (45.2.0)
 Google Chrome (51.0.2704.103)
 Google Chrome (52.0.2743.116)
 Google Chrome (SetupMetrics...)
````````Process Check: objlist.exe by Laurent```````` 
 Malwarebytes Anti-Malware mbamservice.exe 
 Malwarebytes Anti-Malware mbam.exe 
 ESET ESET Online Scanner OnlineScannerApp.exe 
 ESET ESET Online Scanner OnlineCmdLineScanner.exe 
 Malwarebytes Anti-Malware mbamscheduler.exe 
 AVAST Software Avast AvastUI.exe 
`````````````````System Health check`````````````````
 Total Fragmentation on Drive C:  %
````````````````````End of Log``````````````````````


Alle Zeitangaben in WEZ +1. Es ist jetzt 11:33 Uhr.
Seite 1 von 3 1 23
100 Beiträge dieses Themas auf einer Seite anzeigen

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22