1.Datei: Fixlog Code:
Entferungsergebnis von Farbar Recovery Scan Tool (x86) Version: 15-03-2017
durchgeführt von Klaus (22-03-2017 14:45:34) Run:1
Gestartet von C:\Users\Klaus\Desktop
Geladene Profile: Klaus (Verfügbare Profile: Klaus)
Start-Modus: Normal
==============================================
fixlist Inhalt:
*****************
start
CloseProcesses:
BHO: MSS+ Identifier -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> C:\Program Files\McAfee Security Scan\3.8.141\McAfeeMSS_IE.dll => Keine Datei
BHO: Kein Name -> {27B4851A-3207-45A2-B947-BE8AFE6163AB} -> Keine Datei
BHO: Kein Name -> {5C255C8A-E604-49b4-9D64-90988571CECB} -> Keine Datei
FF Plugin: @mcafee.com/McAfeeMssPlugin -> C:\Program Files\McAfee Security Scan\3.8.141\npMcAfeeMss.dll [Keine Datei]
S2 0184281489596451mcinstcleanup; C:\WINDOWS\TEMP\018428~1.EXE -cleanup -nolog [X]
IE trusted site: HKU\S-1-5-21-1016556084-3091970497-507946437-1001\...\mcafee.com -> hxxp://mcafee.com
IE trusted site: HKU\S-1-5-21-1016556084-3091970497-507946437-1001\...\mcafee.com -> hxxps://mcafee.com
FirewallRules: [{C41D2E4C-6D4E-4C94-9611-87C41D68675B}] => (Allow) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
FirewallRules: [{5999E9F2-6AE6-4BC0-86E4-7E10AAD0DC8F}] => (Allow) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
FirewallRules: [{75DDA7C9-2A15-4812-8BCF-7E14E996FAFC}] => (Allow) C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
FirewallRules: [{13238EAF-06BC-4D40-813A-275523D3FD8F}] => (Allow) C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe
FirewallRules: [{D252D2AE-D295-44FA-8EEE-72D2CCC6193A}] => (Allow) C:\Program Files\Common Files\Mcafee\MNA\McNaSvc.exe
C:\Users\Klaus\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\MCAFEE~2.EXE.log
C:\Windows\Prefetch\MCAFEE*.*
C:\Users\Klaus\AppData\Roaming\McAfee
C:\Windows\Microsoft.NET\assembly\GAC_32\McAfee.CSP.ClientAPI
DeleteKey: HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\InternetRegistry\McAfee
DeleteKey: HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-1016556084-3091970497-507946437-1001\Software\McAfee
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0E8A89AD-95D7-40EB-8D9D-083EF7066A01}
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{cc6f4d12-8575-4cff-9455-cf5774aeb13b}
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{4E53C1ED-9601-4715-99E7-A9657D8F5953}
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{66F54008-1EE3-43A7-95FD-C0D821EE1EFF}
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{CAE5E39D-46A2-4954-B96F-5075B0BE9836}
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2EBE1406-BE0E-44E6-AE10-247A0C5AEDCF}
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\McAfee Trust
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{27B4851A-3207-45A2-B947-BE8AFE6163AB}
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\5B4A54916B379ED4993A5062B1F7ED0D
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\McAfee Security Scan
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{1945A4B5-73B6-4DE9-99A3-05261B7FDED0}
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@mcafee.com/McAfeeMssPlugin
DeleteKey: HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@mcafee.com/MVT
EmptyTemp:
end
*****************
Prozesse erfolgreich geschlossen.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0E8A89AD-95D7-40EB-8D9D-083EF7066A01} => Schlüssel erfolgreich entfernt
HKCR\CLSID\{0E8A89AD-95D7-40EB-8D9D-083EF7066A01} => Schlüssel nicht gefunden.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{27B4851A-3207-45A2-B947-BE8AFE6163AB} => Schlüssel erfolgreich entfernt
HKCR\CLSID\{27B4851A-3207-45A2-B947-BE8AFE6163AB} => Schlüssel nicht gefunden.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB} => Schlüssel erfolgreich entfernt
HKCR\CLSID\{5C255C8A-E604-49b4-9D64-90988571CECB} => Schlüssel nicht gefunden.
HKLM\Software\MozillaPlugins\@mcafee.com/McAfeeMssPlugin => Schlüssel erfolgreich entfernt
HKLM\System\CurrentControlSet\Services\0184281489596451mcinstcleanup => Schlüssel erfolgreich entfernt
0184281489596451mcinstcleanup => service erfolgreich entfernt
HKU\S-1-5-21-1016556084-3091970497-507946437-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\mcafee.com => Schlüssel erfolgreich entfernt
HKU\S-1-5-21-1016556084-3091970497-507946437-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\mcafee.com => Schlüssel nicht gefunden.
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{C41D2E4C-6D4E-4C94-9611-87C41D68675B} => Wert erfolgreich entfernt
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{5999E9F2-6AE6-4BC0-86E4-7E10AAD0DC8F} => Wert erfolgreich entfernt
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{75DDA7C9-2A15-4812-8BCF-7E14E996FAFC} => Wert erfolgreich entfernt
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{13238EAF-06BC-4D40-813A-275523D3FD8F} => Wert erfolgreich entfernt
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{D252D2AE-D295-44FA-8EEE-72D2CCC6193A} => Wert erfolgreich entfernt
C:\Users\Klaus\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\MCAFEE~2.EXE.log => erfolgreich verschoben
=========== "C:\Windows\Prefetch\MCAFEE*.*" ==========
C:\Windows\Prefetch\MCAFEE CONSUMER PRODUCT REMOV-0BB7DA7F.pf => erfolgreich verschoben
C:\Windows\Prefetch\MCAFEE.TRUEKEY.SERVICE.EXE-FF6D78D3.pf => erfolgreich verschoben
C:\Windows\Prefetch\MCAFEE.TRUEKEY.SERVICEHELPER.-2E3CCB1B.pf => erfolgreich verschoben
C:\Windows\Prefetch\MCAFEE.YAP.TKUPDMGR.EXE-6E8EDDE9.pf => erfolgreich verschoben
C:\Windows\Prefetch\MCAFEE~2.EXE-8BDEB7F0.pf => erfolgreich verschoben
========= Ende -> "C:\Windows\Prefetch\MCAFEE*.*" ========
C:\Users\Klaus\AppData\Roaming\McAfee => erfolgreich verschoben
C:\Windows\Microsoft.NET\assembly\GAC_32\McAfee.CSP.ClientAPI => erfolgreich verschoben
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\InternetRegistry\McAfee => Schlüssel erfolgreich entfernt
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-1016556084-3091970497-507946437-1001\Software\McAfee => Schlüssel erfolgreich entfernt
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0E8A89AD-95D7-40EB-8D9D-083EF7066A01} => Schlüssel erfolgreich entfernt
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{cc6f4d12-8575-4cff-9455-cf5774aeb13b} => Schlüssel erfolgreich entfernt
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{4E53C1ED-9601-4715-99E7-A9657D8F5953} => Schlüssel erfolgreich entfernt
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{66F54008-1EE3-43A7-95FD-C0D821EE1EFF} => Schlüssel erfolgreich entfernt
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{CAE5E39D-46A2-4954-B96F-5075B0BE9836} => Schlüssel erfolgreich entfernt
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2EBE1406-BE0E-44E6-AE10-247A0C5AEDCF} => Schlüssel erfolgreich entfernt
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates\McAfee Trust => Schlüssel erfolgreich entfernt
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{27B4851A-3207-45A2-B947-BE8AFE6163AB} => Schlüssel nicht gefunden.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\5B4A54916B379ED4993A5062B1F7ED0D => Schlüssel erfolgreich entfernt
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\McAfee Security Scan => Schlüssel nicht gefunden.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{1945A4B5-73B6-4DE9-99A3-05261B7FDED0} => Schlüssel erfolgreich entfernt
HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@mcafee.com/McAfeeMssPlugin => Schlüssel nicht gefunden.
HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@mcafee.com/MVT => Schlüssel erfolgreich entfernt
=========== EmptyTemp: ==========
BITS transfer queue => 5550932 B
DOMStoree, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 249152962 B
Java, Flash, Steam htmlcache => 303 B
Windows/system/drivers => 251634678 B
Edge => 2149414 B
Chrome => 8541862 B
Firefox => 47559806 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Default => 72396 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 128 B
LocalService => 66880 B
NetworkService => 787831 B
Klaus => 679487321 B
RecycleBin => 3932150420 B
EmptyTemp: => 4.8 GB temporäre Dateien entfernt.
================================
Das System musste neu gestartet werden.
==== Ende vom Fixlog 14:48:03 ==== 2.Datei:Systemlook Code:
SystemLook 30.07.11 by jpshortstuff
Log created at 15:01 on 22/03/2017 by Klaus
Administrator - Elevation successful
========== filefind ==========
Searching for "*McAfee*"
C:\FRST\Quarantine\C\Users\Klaus\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\MCAFEE~2.EXE.log.xBAD --a---- 1064 bytes [21:34 01/02/2017] [19:39 16/03/2017] 5FBB7E3F9DACB0189EB06496FCF3F76E
C:\FRST\Quarantine\C\Windows\Microsoft.NET\assembly\GAC_32\McAfee.CSP.ClientAPI\v4.0_1.3.336.0__a63667ab4267742d\McAfee.CSP.ClientAPI.dll --a---- 12664 bytes [09:48 14/10/2016] [09:48 14/10/2016] 44FB47F80120E396C1A160FE225B09FA
C:\FRST\Quarantine\C\Windows\Prefetch\MCAFEE CONSUMER PRODUCT REMOV-0BB7DA7F.pf.xBAD --a---- 9890 bytes [15:46 18/03/2017] [15:46 18/03/2017] D467113746F8761125BF1E83DDB71ECE
C:\FRST\Quarantine\C\Windows\Prefetch\MCAFEE.TRUEKEY.SERVICE.EXE-FF6D78D3.pf.xBAD --a---- 45694 bytes [19:38 16/03/2017] [19:38 16/03/2017] 8E24F1FB49ECB408839279BC46C4ACD8
C:\FRST\Quarantine\C\Windows\Prefetch\MCAFEE.TRUEKEY.SERVICEHELPER.-2E3CCB1B.pf.xBAD --a---- 5293 bytes [19:36 16/03/2017] [19:36 16/03/2017] D4E007ECCEB19CCAC139CC456FC532BF
C:\FRST\Quarantine\C\Windows\Prefetch\MCAFEE.YAP.TKUPDMGR.EXE-6E8EDDE9.pf.xBAD --a---- 7071 bytes [19:36 16/03/2017] [19:36 16/03/2017] 3BD046F50C01AFDEC1C1E191F21DDFC7
C:\FRST\Quarantine\C\Windows\Prefetch\MCAFEE~2.EXE-8BDEB7F0.pf.xBAD --a---- 6910 bytes [19:38 16/03/2017] [19:38 16/03/2017] C6D9BFEF815295E6C4C3A9420F026798
C:\Users\Klaus\Downloads\McAfee Consumer Product Removal Tool - CHIP-Installer.exe --a---- 1496584 bytes [15:45 18/03/2017] [15:46 18/03/2017] EEA39371BF05E311B146F914F2AD52FC
C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\Mcafee.TrueKey.InstallerService.exe.log --a---- 2096 bytes [10:38 30/01/2017] [10:38 30/01/2017] 569BFC0D1A09B9BA51D7FA047208049D
C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\McAfee.TrueKey.Service.exe.log --a---- 4891 bytes [21:33 01/02/2017] [15:10 18/03/2017] BD8A91BA1AD538E3D003CEE93BE495E9
========== folderfind ==========
Searching for "*McAfee*"
C:\FRST\Quarantine\C\Users\Klaus\AppData\Roaming\McAfee d------ [19:51 19/03/2010]
C:\FRST\Quarantine\C\Windows\Microsoft.NET\assembly\GAC_32\McAfee.CSP.ClientAPI d------ [09:48 14/10/2016]
========== regfind ==========
Searching for "McAfee"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\LowRegistry\Audio\PolicyConfig\PropertyStore\629b1277_0]
@="{0.0.0.00000000}.{6c74cf87-3d82-4e09-a1e3-142ee3afdc68}|\Device\HarddiskVolume3\Program Files\McAfee\MSC\mcupdui.exe%b{00000000-0000-0000-0000-000000000000}"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\LowRegistry\Audio\PolicyConfig\PropertyStore\70303b06_0]
@="{0.0.0.00000000}.{6c74cf87-3d82-4e09-a1e3-142ee3afdc68}|\Device\HarddiskVolume3\PROGRA~1\McAfee\MSC\mcupdui.exe%b{00000000-0000-0000-0000-000000000000}"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\LowRegistry\Audio\PolicyConfig\PropertyStore\8470cbf8_0]
@="{0.0.0.00000000}.{6c74cf87-3d82-4e09-a1e3-142ee3afdc68}|\Device\HarddiskVolume3\Program Files\McAfee.com\Agent\mcagent.exe%b{00000000-0000-0000-0000-000000000000}"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\LowRegistry\Audio\PolicyConfig\PropertyStore\b62fc6b2_0]
@="{0.0.0.00000000}.{1a4ddf1b-76ab-4615-93e5-d3f4599ad24b}|\Device\HarddiskVolume3\Program Files\McAfee\MSC\mchlp32.exe%b{00000000-0000-0000-0000-000000000000}"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\LowRegistry\Audio\PolicyConfig\PropertyStore\f7226fa1_0]
@="{0.0.0.00000000}.{1a4ddf1b-76ab-4615-93e5-d3f4599ad24b}|\Device\HarddiskVolume3\PROGRA~1\McAfee\MSC\mchlp32.exe%b{00000000-0000-0000-0000-000000000000}"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{36667B61-113B-4D4A-9655-2D5EEBF56FC0}]
"FaviconURL"="hxxp://sadownload.mcafee.com/products/SA/Win/favicon.ico"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{36667B61-113B-4D4A-9655-2D5EEBF56FC0}]
"URL"="https://de.search.yahoo.com/search?fr=mcafee&type=C011DE532D20140110&p={searchTerms}"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{DCA67887-DB28-490D-B4B0-BE2669C80B30}]
"FaviconURL"="hxxp://sadownload.mcafee.com/products/SA/Win/favicon.ico"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{DCA67887-DB28-490D-B4B0-BE2669C80B30}]
"URL"="https://de.search.yahoo.com/search?fr=mcafee&type=B011DE532D20140110&p={searchTerms}"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{DCA67887-DB28-490D-B4B0-BE2669C80B30}]
"FaviconPath"="C:\Program Files\McAfee\SiteAdvisor\Scripts\favicon.ico"
[HKEY_CURRENT_USER\Software\Microsoft\Office\12.0\Common\Internet]
"UseRWHlinkNavigation"="http://www.trojaner-board.de/184851-...new-post.html"
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.com/search?q=mcafee&form=WNSGPH&qs=AS&cvid=3d23e1f30b1040d5a9d22f144e9857aa&pq=Mc&cc=DE&setlang=de-DE&nclid=FE9C2656DBED2E56A8D0C50628EEED79&ts=1489841062563&nclidts=1489841062&tsms=563]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Search\RecentApps\{5D4F72AA-E5F4-4DE1-870B-A5067DC7C2F5}\RecentItems\{6F6B9BBE-2136-47D2-933A-4223B122F059}]
"Path"="microsoft-edge:https://www.bing.com/search?q=mcafee&form=WNSGPH&qs=AS&cvid=3d23e1f30b1040d5a9d22f144e9857aa&pq=Mc&cc=DE&setlang=de-DE&nclid=FE9C2656DBED2E56A8D0C50628EEED79&ts=1489841062563&nclidts=1489841062&tsms=563"
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Search\RecentApps\{5D4F72AA-E5F4-4DE1-870B-A5067DC7C2F5}\RecentItems\{6F6B9BBE-2136-47D2-933A-4223B122F059}]
"DisplayName"="microsoft-edge:https://www.bing.com/search?q=mcafee&form=WNSGPH&qs=AS&cvid=3d23e1f30b1040d5a9d22f144e9857aa&pq=Mc&cc=DE&setlang=de-DE&nclid=FE9C2656DBED2E56A8D0C50628EEED79&ts=1489841062563&nclidts=1489841062&tsms=563"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\5B4A54916B379ED4993A5062B1F7ED0D\SourceList]
"LastUsedSource"="n;1;C:\Program Files\McAfee\Temp\qxz3C83\"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\5B4A54916B379ED4993A5062B1F7ED0D\SourceList\Net]
"1"="C:\Program Files\McAfee\Temp\qxz3C83\"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\Program Files\McAfee\"="1"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders]
"C:\ProgramData\McAfee\Supportability\"="1"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\User Agent\Post Platform]
"McAfee"=""
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Lsa]
"Notification Packages"="scecli C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\EventLog\Application\AVLogEvent]
"EventMessageFile"="C:\Program Files\Common Files\McAfee\AMCore\AVEvent.dll"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\EventLog\System\cfwids.sys]
"EventMessageFile"="C:\Program Files\Common Files\McAfee\SystemCore\"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\EventLog\System\mfeapfk.sys]
"EventMessageFile"="C:\Program Files\Common Files\McAfee\SystemCore\"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\EventLog\System\mfeavfk.sys]
"EventMessageFile"="C:\Program Files\Common Files\McAfee\SystemCore\"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\EventLog\System\mfebopk.sys]
"EventMessageFile"="C:\Program Files\Common Files\McAfee\SystemCore\"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\EventLog\System\mfefirek.sys]
"EventMessageFile"="C:\Program Files\Common Files\McAfee\SystemCore\"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\EventLog\System\mfenlfk.sys]
"EventMessageFile"="C:\Program Files\Common Files\McAfee\SystemCore\"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\EventLog\System\mferkdet.sys]
"EventMessageFile"="C:\Program Files\Common Files\McAfee\SystemCore\"
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\InstallerService]
"ImagePath"="C:\Program Files\TrueKey\Mcafee.TrueKey.InstallerService.exe -originalversion 4.4.127.0"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"Notification Packages"="scecli C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\EventLog\Application\AVLogEvent]
"EventMessageFile"="C:\Program Files\Common Files\McAfee\AMCore\AVEvent.dll"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\EventLog\System\cfwids.sys]
"EventMessageFile"="C:\Program Files\Common Files\McAfee\SystemCore\"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\EventLog\System\mfeapfk.sys]
"EventMessageFile"="C:\Program Files\Common Files\McAfee\SystemCore\"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\EventLog\System\mfeavfk.sys]
"EventMessageFile"="C:\Program Files\Common Files\McAfee\SystemCore\"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\EventLog\System\mfebopk.sys]
"EventMessageFile"="C:\Program Files\Common Files\McAfee\SystemCore\"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\EventLog\System\mfefirek.sys]
"EventMessageFile"="C:\Program Files\Common Files\McAfee\SystemCore\"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\EventLog\System\mfenlfk.sys]
"EventMessageFile"="C:\Program Files\Common Files\McAfee\SystemCore\"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\EventLog\System\mferkdet.sys]
"EventMessageFile"="C:\Program Files\Common Files\McAfee\SystemCore\"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\InstallerService]
"ImagePath"="C:\Program Files\TrueKey\Mcafee.TrueKey.InstallerService.exe -originalversion 4.4.127.0"
[HKEY_USERS\S-1-5-21-1016556084-3091970497-507946437-1001\Software\Microsoft\Internet Explorer\LowRegistry\Audio\PolicyConfig\PropertyStore\629b1277_0]
@="{0.0.0.00000000}.{6c74cf87-3d82-4e09-a1e3-142ee3afdc68}|\Device\HarddiskVolume3\Program Files\McAfee\MSC\mcupdui.exe%b{00000000-0000-0000-0000-000000000000}"
[HKEY_USERS\S-1-5-21-1016556084-3091970497-507946437-1001\Software\Microsoft\Internet Explorer\LowRegistry\Audio\PolicyConfig\PropertyStore\70303b06_0]
@="{0.0.0.00000000}.{6c74cf87-3d82-4e09-a1e3-142ee3afdc68}|\Device\HarddiskVolume3\PROGRA~1\McAfee\MSC\mcupdui.exe%b{00000000-0000-0000-0000-000000000000}"
[HKEY_USERS\S-1-5-21-1016556084-3091970497-507946437-1001\Software\Microsoft\Internet Explorer\LowRegistry\Audio\PolicyConfig\PropertyStore\8470cbf8_0]
@="{0.0.0.00000000}.{6c74cf87-3d82-4e09-a1e3-142ee3afdc68}|\Device\HarddiskVolume3\Program Files\McAfee.com\Agent\mcagent.exe%b{00000000-0000-0000-0000-000000000000}"
[HKEY_USERS\S-1-5-21-1016556084-3091970497-507946437-1001\Software\Microsoft\Internet Explorer\LowRegistry\Audio\PolicyConfig\PropertyStore\b62fc6b2_0]
@="{0.0.0.00000000}.{1a4ddf1b-76ab-4615-93e5-d3f4599ad24b}|\Device\HarddiskVolume3\Program Files\McAfee\MSC\mchlp32.exe%b{00000000-0000-0000-0000-000000000000}"
[HKEY_USERS\S-1-5-21-1016556084-3091970497-507946437-1001\Software\Microsoft\Internet Explorer\LowRegistry\Audio\PolicyConfig\PropertyStore\f7226fa1_0]
@="{0.0.0.00000000}.{1a4ddf1b-76ab-4615-93e5-d3f4599ad24b}|\Device\HarddiskVolume3\PROGRA~1\McAfee\MSC\mchlp32.exe%b{00000000-0000-0000-0000-000000000000}"
[HKEY_USERS\S-1-5-21-1016556084-3091970497-507946437-1001\Software\Microsoft\Internet Explorer\SearchScopes\{36667B61-113B-4D4A-9655-2D5EEBF56FC0}]
"FaviconURL"="hxxp://sadownload.mcafee.com/products/SA/Win/favicon.ico"
[HKEY_USERS\S-1-5-21-1016556084-3091970497-507946437-1001\Software\Microsoft\Internet Explorer\SearchScopes\{36667B61-113B-4D4A-9655-2D5EEBF56FC0}]
"URL"="https://de.search.yahoo.com/search?fr=mcafee&type=C011DE532D20140110&p={searchTerms}"
[HKEY_USERS\S-1-5-21-1016556084-3091970497-507946437-1001\Software\Microsoft\Internet Explorer\SearchScopes\{DCA67887-DB28-490D-B4B0-BE2669C80B30}]
"FaviconURL"="hxxp://sadownload.mcafee.com/products/SA/Win/favicon.ico"
[HKEY_USERS\S-1-5-21-1016556084-3091970497-507946437-1001\Software\Microsoft\Internet Explorer\SearchScopes\{DCA67887-DB28-490D-B4B0-BE2669C80B30}]
"URL"="https://de.search.yahoo.com/search?fr=mcafee&type=B011DE532D20140110&p={searchTerms}"
[HKEY_USERS\S-1-5-21-1016556084-3091970497-507946437-1001\Software\Microsoft\Internet Explorer\SearchScopes\{DCA67887-DB28-490D-B4B0-BE2669C80B30}]
"FaviconPath"="C:\Program Files\McAfee\SiteAdvisor\Scripts\favicon.ico"
[HKEY_USERS\S-1-5-21-1016556084-3091970497-507946437-1001\Software\Microsoft\Office\12.0\Common\Internet]
"UseRWHlinkNavigation"="http://www.trojaner-board.de/184851-...new-post.html"
[HKEY_USERS\S-1-5-21-1016556084-3091970497-507946437-1001\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.com/search?q=mcafee&form=WNSGPH&qs=AS&cvid=3d23e1f30b1040d5a9d22f144e9857aa&pq=Mc&cc=DE&setlang=de-DE&nclid=FE9C2656DBED2E56A8D0C50628EEED79&ts=1489841062563&nclidts=1489841062&tsms=563]
[HKEY_USERS\S-1-5-21-1016556084-3091970497-507946437-1001\Software\Microsoft\Windows\CurrentVersion\Search\RecentApps\{5D4F72AA-E5F4-4DE1-870B-A5067DC7C2F5}\RecentItems\{6F6B9BBE-2136-47D2-933A-4223B122F059}]
"Path"="microsoft-edge:https://www.bing.com/search?q=mcafee&form=WNSGPH&qs=AS&cvid=3d23e1f30b1040d5a9d22f144e9857aa&pq=Mc&cc=DE&setlang=de-DE&nclid=FE9C2656DBED2E56A8D0C50628EEED79&ts=1489841062563&nclidts=1489841062&tsms=563"
[HKEY_USERS\S-1-5-21-1016556084-3091970497-507946437-1001\Software\Microsoft\Windows\CurrentVersion\Search\RecentApps\{5D4F72AA-E5F4-4DE1-870B-A5067DC7C2F5}\RecentItems\{6F6B9BBE-2136-47D2-933A-4223B122F059}]
"DisplayName"="microsoft-edge:https://www.bing.com/search?q=mcafee&form=WNSGPH&qs=AS&cvid=3d23e1f30b1040d5a9d22f144e9857aa&pq=Mc&cc=DE&setlang=de-DE&nclid=FE9C2656DBED2E56A8D0C50628EEED79&ts=1489841062563&nclidts=1489841062&tsms=563"
Searching for " "
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WSMAN\Plugin\Microsoft.PowerShell]
"ConfigXML"=" <PlugInConfiguration xmlns="hxxp://schemas.microsoft.com/wbem/wsman/1/config/PluginConfiguration" Name="microsoft.powershell" Filename="%windir%\system32\pwrshplugin.dll" SDKVersion="2" XmlRenderingType="text" Enabled="true" > <InitializationParameters> <Param Name="PSVersion" Value="5.1"/> </InitializationParameters> <Resources> <Resource ResourceUri="hxxp://schemas.microsoft.com/powershell/microsoft.powershell" SupportsOptions="true" ExactMatch="true"> <Security xmlns="hxxp://schemas.microsoft.com/wbem/wsman/1/config/PluginConfiguration" Uri="hxxp://schemas.microsoft.com/powershell/microsoft.powershell" ExactMatch="true" Sddl="O:NSG:BAD:P(A;;GA;;;BA)(A;;GA;;;IU)(A;;GA;;;RM)S:P(AU;FA;GA;;;WD)(AU;SA;GXGW;;;WD)"/> <Capability Type="Shell"/>
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WSMAN\Plugin\Microsoft.PowerShell.Workflow]
"ConfigXML"=" <PlugInConfiguration xmlns="hxxp://schemas.microsoft.com/wbem/wsman/1/config/PluginConfiguration" Name="microsoft.powershell.workflow" Filename="%windir%\system32\pwrshplugin.dll" SDKVersion="2" XmlRenderingType="text" UseSharedProcess="true" ProcessIdleTimeoutSec="1209600" RunAsUser="" RunAsPassword="" AutoRestart="false" Enabled="true" > <InitializationParameters> <Param Name="PSVersion" Value="5.1"/> <Param Name="AssemblyName" Value="Microsoft.PowerShell.Workflow.ServiceCore, Version=3.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35, processorArchitecture=MSIL"/> <Param Name="PSSessionConfigurationTypeName" Value="Microsoft.PowerShell.Workflow.PSWorkflowSessionConfiguration"/> <Param Name="SessionConfigurationData" Value="
-= EOF =- 3.Datei:FRST Editor Code:
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x86) Version: 15-03-2017
durchgeführt von Klaus (Administrator) auf KLAUS-PC (22-03-2017 15:07:07)
Gestartet von C:\Users\Klaus\Desktop
Geladene Profile: Klaus (Verfügbare Profile: Klaus)
Platform: Microsoft Windows 10 Home Version 1607 (X86) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(DATEV eG) C:\DATEV\PROGRAMM\B0001442\PSNTServ.exe
(Chip Digital GmbH) C:\Program Files\Chip Digital GmbH\chip1click\chip 1-click installer.exe
() C:\Program Files\CyberLink\Shared files\RichVideo.exe
() C:\Windows\System32\PSIService.exe
() C:\Windows\System32\Rezip.exe
(Sony Corporation) C:\Program Files\Sony\PMB\PMBDeviceInfoProvider.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\TeamViewer_Service.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(SAMSUNG Electronics) C:\Program Files\Samsung\Samsung Support Center\SSCKbdHk.exe
(Samsung Electronics Co., Ltd.) C:\Program Files\Samsung\EasySpeedUpManager\EasySpeedUpManager.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\TeamViewer.exe
(Samsung Electronics Co., Ltd.) C:\Program Files\Samsung\Easy Display Manager\dmhkcore.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.12.112.0_x86__kzf8qxf38zg5c\SkypeHost.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\tv_w32.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Sony Corporation) C:\Program Files\Sony\PMB\PMBVolumeWatcher.exe
(Nuance Communications, Inc.) C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe
(Brother Industries, Ltd.) C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe
(Brother Industries, Ltd.) C:\Program Files\Brother\ControlCenter3\BrccMCtl.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Geek Software GmbH) C:\Program Files\PDF24\pdf24.exe
(1und1 Mail und Media GmbH) C:\Program Files\WEB.DE MailCheck\IE\WEB.DE_MailCheck_Broker.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Google Inc.) C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
(Dropbox, Inc.) C:\Users\Klaus\AppData\Local\Dropbox\Update\DropboxUpdate.exe
(© 2015 Microsoft Corporation) C:\Users\Klaus\AppData\Local\Microsoft\BingSvc\BingSvc.exe
(Skype Technologies S.A.) C:\Program Files\Skype\Phone\Skype.exe
(Dropbox, Inc.) C:\Users\Klaus\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Dropbox, Inc.) C:\Users\Klaus\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jucheck.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
==================== Registry (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [12214528 2015-06-24] (Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1541416 2009-07-15] (Synaptics Incorporated)
HKLM\...\Run: [UCam_Menu] => C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe [218408 2009-02-25] (CyberLink Corp.)
HKLM\...\Run: [TrayServer] => C:\Program Files\MAGIX\Filme_auf_DVD_9_Download-Version\TrayServer.exe [90112 2008-01-17] (MAGIX AG)
HKLM\...\Run: [PMBVolumeWatcher] => C:\Program Files\Sony\PMB\PMBVolumeWatcher.exe [599328 2010-03-24] (Sony Corporation)
HKLM\...\Run: [SSBkgdUpdate] => C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe [210472 2006-10-25] (Nuance Communications, Inc.)
HKLM\...\Run: [PaperPort PTD] => C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe [29984 2008-07-09] (Nuance Communications, Inc.)
HKLM\...\Run: [IndexSearch] => C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe [46368 2008-07-09] (Nuance Communications, Inc.)
HKLM\...\Run: [PPort11reminder] => "C:\Program Files\ScanSoft\PaperPort\Ereg\Ereg.exe" -r "C:\ProgramData\ScanSoft\PaperPort\11\Config\Ereg\Ereg.ini"
HKLM\...\Run: [BrMfcWnd] => C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe [1159168 2009-05-26] (Brother Industries, Ltd.)
HKLM\...\Run: [ControlCenter3] => C:\Program Files\Brother\ControlCenter3\brctrcen.exe [114688 2008-12-24] (Brother Industries, Ltd.)
HKLM\...\Run: [QuickTime Task] => C:\Program Files\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [594992 2016-01-29] (Oracle Corporation)
HKLM\...\Run: [PDFPrint] => C:\Program Files\PDF24\pdf24.exe [210432 2016-07-05] (Geek Software GmbH)
HKLM\...\Run: [MailCheck IE Broker] => C:\Program Files\WEB.DE MailCheck\IE\WEB.DE_MailCheck_Broker.exe [2356080 2016-07-21] (1und1 Mail und Media GmbH)
HKLM\...\Run: [WindowsDefender] => C:\Program Files\Windows Defender\MSASCuiL.exe [483840 2016-07-16] (Microsoft Corporation)
Winlogon\Notify\SDWinLogon: SDWinLogon.dll [X]
HKU\S-1-5-21-1016556084-3091970497-507946437-1001\...\Run: [swg] => C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2009-09-16] (Google Inc.)
HKU\S-1-5-21-1016556084-3091970497-507946437-1001\...\Run: [Dropbox Update] => C:\Users\Klaus\AppData\Local\Dropbox\Update\DropboxUpdate.exe [143144 2016-11-09] (Dropbox, Inc.)
HKU\S-1-5-21-1016556084-3091970497-507946437-1001\...\Run: [BingSvc] => C:\Users\Klaus\AppData\Local\Microsoft\BingSvc\BingSvc.exe [144008 2016-07-12] (© 2015 Microsoft Corporation)
HKU\S-1-5-21-1016556084-3091970497-507946437-1001\...\Run: [Skype] => C:\Program Files\Skype\Phone\Skype.exe [27230168 2016-11-15] (Skype Technologies S.A.)
HKU\S-1-5-21-1016556084-3091970497-507946437-1001\...\Run: [GarminExpressTrayApp] => C:\Program Files\Garmin\Express Tray\ExpressTray.exe [1407912 2017-01-16] (Garmin Ltd. or its subsidiaries)
HKU\S-1-5-18\...\Run: [GarminExpressTrayApp] => C:\Program Files\Garmin\Express Tray\ExpressTray.exe [1407912 2017-01-16] (Garmin Ltd. or its subsidiaries)
Lsa: [Notification Packages] scecli C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Klaus\AppData\Roaming\Dropbox\bin\DropboxExt.14.0.dll [2017-03-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Klaus\AppData\Roaming\Dropbox\bin\DropboxExt.14.0.dll [2017-03-06] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Klaus\AppData\Roaming\Dropbox\bin\DropboxExt.14.0.dll [2017-03-06] (Dropbox, Inc.)
Startup: C:\Users\Klaus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk [2017-03-10]
ShortcutTarget: Dropbox.lnk -> C:\Users\Klaus\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{282c3c11-bd40-49ce-a090-a878048b4175}: [DhcpNameServer] 192.168.178.1
Internet Explorer:
==================
HKU\S-1-5-21-1016556084-3091970497-507946437-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=SK2M&ocid=SK2MDHP&osmkt=de-de
HKU\S-1-5-21-1016556084-3091970497-507946437-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=smsn&bmod=smsn
HKU\S-1-5-21-1016556084-3091970497-507946437-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.google.de/
SearchScopes: HKLM -> DefaultScope {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7SMSN
SearchScopes: HKLM -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7SMSN
SearchScopes: HKU\S-1-5-21-1016556084-3091970497-507946437-1001 -> DefaultScope {36667B61-113B-4D4A-9655-2D5EEBF56FC0} URL = hxxps://de.search.yahoo.com/search?fr=mcafee&type=C011DE532D20140110&p={searchTerms}
SearchScopes: HKU\S-1-5-21-1016556084-3091970497-507946437-1001 -> {3188016B-9C61-4D96-A3F0-26240792A64F} URL = hxxp://go.gmx.de/tb/ie_searchplugin/?q={searchTerms}&enc=UTF-8
SearchScopes: HKU\S-1-5-21-1016556084-3091970497-507946437-1001 -> {36667B61-113B-4D4A-9655-2D5EEBF56FC0} URL = hxxps://de.search.yahoo.com/search?fr=mcafee&type=C011DE532D20140110&p={searchTerms}
SearchScopes: HKU\S-1-5-21-1016556084-3091970497-507946437-1001 -> {55E10C83-66E2-4DF3-8C6D-F1FCA32463AE} URL = hxxp://go.web.de/tb/ie_searchplugin/?q={searchTerms}&enc=UTF-8
SearchScopes: HKU\S-1-5-21-1016556084-3091970497-507946437-1001 -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.bing.com/search?FORM=SK2MDF&PC=SK2M&q={searchTerms}&src=IE-SearchBox
SearchScopes: HKU\S-1-5-21-1016556084-3091970497-507946437-1001 -> {8739C06C-4C0E-4EC0-BE0C-E7BCB362BEFF} URL = hxxp://go.1und1.de/tb/ie_searchplugin/?q={searchTerms}&enc=UTF-8
SearchScopes: HKU\S-1-5-21-1016556084-3091970497-507946437-1001 -> {942EC6E8-747D-448C-9B55-23B6147D7F60} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7SMSN_de___DE363
SearchScopes: HKU\S-1-5-21-1016556084-3091970497-507946437-1001 -> {B3C47B51-F87A-43DF-B84E-70B7324A9378} URL = hxxp://go.mail.com/tb/en-us/ie_searchplugin/?q={searchTerms}&enc=UTF-8
SearchScopes: HKU\S-1-5-21-1016556084-3091970497-507946437-1001 -> {DCA67887-DB28-490D-B4B0-BE2669C80B30} URL = hxxps://de.search.yahoo.com/search?fr=mcafee&type=B011DE532D20140110&p={searchTerms}
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_73\bin\ssv.dll [2016-02-08] (Oracle Corporation)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2010-01-18] (Google Inc.)
BHO: Google Toolbar Notifier BHO -> {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} -> C:\Program Files\Google\GoogleToolbarNotifier\5.6.5612.1312\swg.dll [2010-10-08] (Google Inc.)
BHO: WEB.DE MailCheck BHO -> {BF42D4A8-016E-4fcd-B1EB-837659FD77C6} -> C:\Program Files\WEB.DE MailCheck\IE\WEB.DE_MailCheck.dll [2016-07-21] (1und1 Mail und Media GmbH)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_73\bin\jp2ssv.dll [2016-02-08] (Oracle Corporation)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2010-01-18] (Google Inc.)
Toolbar: HKU\S-1-5-21-1016556084-3091970497-507946437-1001 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2010-01-18] (Google Inc.)
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll [2009-02-26] (Microsoft Corporation)
Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll [2009-07-26] (Microsoft Corporation)
Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll [2009-07-26] (Microsoft Corporation)
Handler: webde - {8FAF0273-9CA8-4efc-9536-1E35E254D5CD} - C:\Program Files\WEB.DE MailCheck\IE\WEB.DE_MailCheck.dll [2016-07-21] (1und1 Mail und Media GmbH)
FireFox:
========
FF ProfilePath: C:\Users\Klaus\AppData\Roaming\Mozilla\Firefox\Profiles\fx8m4482.default [2017-03-22]
FF SearchEngineOrder.1: Mozilla\Firefox\Profiles\fx8m4482.default -> Sichere Suche
FF SearchEngineOrder.3: Mozilla\Firefox\Profiles\fx8m4482.default -> Bing
FF SelectedSearchEngine: Mozilla\Firefox\Profiles\fx8m4482.default -> Bing
FF Homepage: Mozilla\Firefox\Profiles\fx8m4482.default -> hxxps://www.google.de/?gws_rd=ssl
FF Keyword.URL: Mozilla\Firefox\Profiles\fx8m4482.default -> hxxp://www.bing.com/search?FORM=SK2MDF&PC=SK2M&q=
FF Extension: (Bing Search) - C:\Users\Klaus\AppData\Roaming\Mozilla\Firefox\Profiles\fx8m4482.default\Extensions\bingsearch.full@microsoft.com.xpi [2015-11-29]
FF Extension: (WEB.DE MailCheck) - C:\Users\Klaus\AppData\Roaming\Mozilla\Firefox\Profiles\fx8m4482.default\Extensions\mailcheck@web.de [2016-11-23]
FF Extension: (McAfee WebAdvisor) - C:\Users\Klaus\AppData\Roaming\Mozilla\Firefox\Profiles\fx8m4482.default\Extensions\{4ED1F68A-5463-4931-9384-8FFF5ED91D92}.xpi [2015-08-04] [ist nicht signiert]
FF Extension: (Adblock Plus) - C:\Users\Klaus\AppData\Roaming\Mozilla\Firefox\Profiles\fx8m4482.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-11-24]
FF SearchPlugin: C:\Users\Klaus\AppData\Roaming\Mozilla\Firefox\Profiles\fx8m4482.default\searchplugins\bing-.xml [2015-11-29]
FF SearchPlugin: C:\Users\Klaus\AppData\Roaming\Mozilla\Firefox\Profiles\fx8m4482.default\searchplugins\yahoo-ysp.xml [2015-11-30]
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\McSiteAdvisor.xml [2015-08-20]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_24_0_0_194.dll [2017-01-30] ()
FF Plugin: @adobe.com/ShockwavePlayer -> C:\windows\system32\Adobe\Director\np32dsw_1200112.dll [2013-02-18] (Adobe Systems, Inc.)
FF Plugin: @Apple.com/iTunes,version=1.0 -> C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll [Keine Datei]
FF Plugin: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2011-07-19] (Foxit Corporation)
FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google)
FF Plugin: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files\Google\Picasa3\npPicasa3.dll [2014-01-06] (Google, Inc.)
FF Plugin: @java.com/DTPlugin,version=11.73.2 -> C:\Program Files\Java\jre1.8.0_73\bin\dtplugin\npDeployJava1.dll [2016-02-08] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.73.2 -> C:\Program Files\Java\jre1.8.0_73\bin\plugin2\npjp2.dll [2016-02-08] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50905.0\npctrl.dll [2017-02-10] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files\Microsoft\Office Live\npOLW.dll [2010-04-26] (Microsoft Corp.)
FF Plugin: @microsoft.com/WLPG,version=14.0.8081.0709 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2009-07-10] (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.23.9\npGoogleUpdate3.dll [Keine Datei]
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.23.9\npGoogleUpdate3.dll [Keine Datei]
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-12-23] (Adobe Systems Inc.)
Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\Klaus\AppData\Local\Google\Chrome\User Data\Default [2017-03-22]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Klaus\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2016-11-07]
CHR Extension: (Skype) - C:\Users\Klaus\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2017-03-08]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Klaus\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-02-08]
CHR HKLM\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - hxxps://clients2.google.com/service/update2/crx
==================== Dienste (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 chip1click; C:\Program Files\Chip Digital GmbH\chip1click\chip 1-click installer.exe [91136 2016-10-27] (Chip Digital GmbH) [Datei ist nicht signiert]
S3 DATEV Update-Service; C:\DATEV\PROGRAMM\INSTALL\DvInesASDSvc.Exe [147040 2009-12-03] (DATEV eG) [Datei ist nicht signiert]
R2 DatevPrintService; C:\DATEV\PROGRAMM\B0001442\PSNTSERV.EXE [77312 2008-11-24] (DATEV eG) [Datei ist nicht signiert]
S2 Garmin Device Interaction Service; C:\Program Files\Garmin\Device Interaction Service\GarminService.exe [1039376 2017-01-16] (Garmin Ltd. or its subsidiaries)
R2 ProtexisLicensing; C:\windows\system32\PSIService.exe [174656 2006-11-02] () [Datei ist nicht signiert]
R2 Rezip; C:\windows\SYSTEM32\Rezip.exe [311296 2009-03-05] () [Datei ist nicht signiert]
R2 RichVideo; C:\Program Files\CyberLink\Shared files\RichVideo.exe [247152 2009-07-07] ()
R2 TeamViewer; C:\Program Files\TeamViewer\TeamViewer_Service.exe [5702416 2015-09-11] (TeamViewer GmbH)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [271496 2016-07-16] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [84920 2017-03-04] (Microsoft Corporation)
S2 InstallerService; C:\Program Files\TrueKey\Mcafee.TrueKey.InstallerService.exe -originalversion 4.4.127.0 [X]
===================== Treiber (Nicht auf der Ausnahmeliste) ======================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [108032 2016-04-24] (Samsung Electronics Co., Ltd.)
R2 KMDFMEMIO; C:\WINDOWS\System32\DRIVERS\kmdfmemio.sys [13312 2007-06-01] (SAMSUNG ELECTRONICS CO., LTD.)
S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [62976 2016-07-16] ()
R3 rtl819xp; C:\WINDOWS\System32\drivers\rtl819xp.sys [552448 2016-07-16] (Realtek Semiconductor Corporation )
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [199936 2016-04-24] (Samsung Electronics Co., Ltd.)
R1 StarPortLite; C:\WINDOWS\System32\drivers\StarPortLite.sys [95592 2009-03-02] (Rocket Division Software)
R3 VMC326; C:\WINDOWS\System32\Drivers\VMC326.sys [237696 2009-08-10] (Vimicro Corporation)
S0 WdBoot; C:\WINDOWS\System32\drivers\WdBoot.sys [37912 2016-07-16] (Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\WdFilter.sys [244576 2016-07-16] (Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [100192 2016-07-16] (Microsoft Corporation)
R3 yukonw8; C:\WINDOWS\System32\drivers\yk63x86.sys [242688 2016-07-16] (Marvell)
U3 idsvc; kein ImagePath
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2017-03-22 15:07 - 2017-03-22 15:07 - 00020535 _____ C:\Users\Klaus\Desktop\FRST.txt
2017-03-22 15:01 - 2017-03-22 15:04 - 00031904 _____ C:\Users\Klaus\Desktop\SystemLook.txt
2017-03-22 14:59 - 2017-03-22 15:00 - 00139264 _____ C:\Users\Klaus\Desktop\SystemLook.exe
2017-03-22 14:45 - 2017-03-22 14:48 - 00009213 _____ C:\Users\Klaus\Desktop\Fixlog.txt
2017-03-22 09:32 - 2017-03-22 09:32 - 00000000 ___HD C:\OneDriveTemp
2017-03-21 11:33 - 2017-03-22 15:07 - 00000000 ____D C:\FRST
2017-03-21 11:31 - 2017-03-21 11:32 - 01766912 _____ (Farbar) C:\Users\Klaus\Desktop\FRST.exe
2017-03-21 10:58 - 2017-03-21 10:59 - 04031440 _____ C:\Users\Klaus\Downloads\AdwCleaner_6.044(1).exe
2017-03-21 10:56 - 2017-03-21 10:57 - 04031440 _____ C:\Users\Klaus\Desktop\AdwCleaner_6.044.exe
2017-03-20 18:31 - 2017-03-20 18:35 - 00047608 _____ C:\Users\Klaus\Downloads\SystemLook.txt
2017-03-18 16:48 - 2017-03-18 16:48 - 00000000 ____D C:\Users\Klaus\AppData\Local\Downloaded Installations
2017-03-18 16:48 - 2017-03-18 16:48 - 00000000 ____D C:\Program Files\Chip Digital GmbH
2017-03-18 16:45 - 2017-03-18 16:46 - 01496584 _____ C:\Users\Klaus\Downloads\McAfee Consumer Product Removal Tool - CHIP-Installer.exe
2017-03-18 16:25 - 2017-03-18 16:36 - 00000000 ____D C:\WINDOWS\Microsoft Antimalware
2017-03-18 16:03 - 2017-03-18 16:04 - 08681136 _____ (McAfee, Inc.) C:\Users\Klaus\Downloads\MCPR.exe
2017-03-18 09:15 - 2017-03-18 16:12 - 00000000 ____D C:\Program Files\Mozilla Firefox
2017-03-16 17:36 - 2017-03-16 17:36 - 00002233 _____ C:\Users\Public\Desktop\tax 2017.lnk
2017-03-16 17:36 - 2017-03-16 17:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\tax 2017
2017-03-15 17:51 - 2017-03-15 17:50 - 00095050 _____ C:\Users\Klaus\Documents\01-LorenzMaroldtMitte-Tour.gpx
2017-03-15 08:22 - 2017-03-04 08:57 - 01339744 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2017-03-15 08:22 - 2017-03-04 08:57 - 00980320 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2017-03-15 08:22 - 2017-03-04 08:57 - 00513888 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2017-03-15 08:22 - 2017-03-04 08:57 - 00450912 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2017-03-15 08:22 - 2017-03-04 08:57 - 00279392 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2017-03-15 08:22 - 2017-03-04 08:57 - 00229720 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcntel.dll
2017-03-15 08:22 - 2017-03-04 08:57 - 00192352 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2017-03-15 08:22 - 2017-03-04 08:57 - 00113504 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2017-03-15 08:22 - 2017-03-04 08:57 - 00073056 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2017-03-15 08:22 - 2017-03-04 08:57 - 00031584 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2017-03-15 08:22 - 2017-03-04 08:40 - 00965472 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReAgent.dll
2017-03-15 08:22 - 2017-03-04 08:09 - 00890984 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2017-03-15 08:22 - 2017-03-04 08:09 - 00320144 _____ (Microsoft Corporation) C:\WINDOWS\system32\systemreset.exe
2017-03-15 08:22 - 2017-03-04 08:08 - 01725136 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2017-03-15 08:22 - 2017-03-04 08:08 - 00036704 _____ (Microsoft Corporation) C:\WINDOWS\system32\SysResetErr.exe
2017-03-15 08:22 - 2017-03-04 07:59 - 00869728 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2017-03-15 08:22 - 2017-03-04 07:59 - 00274272 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinSetupUI.dll
2017-03-15 08:22 - 2017-03-04 07:57 - 00581672 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2017-03-15 08:22 - 2017-03-04 07:54 - 02277288 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll
2017-03-15 08:22 - 2017-03-04 07:54 - 00524776 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2017-03-15 08:22 - 2017-03-04 07:53 - 05722320 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2017-03-15 08:22 - 2017-03-04 07:53 - 00313568 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanapi.dll
2017-03-15 08:22 - 2017-03-04 07:51 - 01980768 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2017-03-15 08:22 - 2017-03-04 07:51 - 00523784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2017-03-15 08:22 - 2017-03-04 07:51 - 00399712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2017-03-15 08:22 - 2017-03-04 07:51 - 00186720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2017-03-15 08:22 - 2017-03-04 07:50 - 00846560 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2017-03-15 08:22 - 2017-03-04 07:50 - 00355680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2017-03-15 08:22 - 2017-03-04 07:47 - 06667528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2017-03-15 08:22 - 2017-03-04 07:46 - 04312248 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2017-03-15 08:22 - 2017-03-04 07:45 - 00117280 _____ (Microsoft Corporation) C:\WINDOWS\system32\AuthHost.exe
2017-03-15 08:22 - 2017-03-04 07:42 - 01411616 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2017-03-15 08:22 - 2017-03-04 07:42 - 01260784 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2017-03-15 08:22 - 2017-03-04 07:31 - 00027648 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsUpdateElevatedInstaller.exe
2017-03-15 08:22 - 2017-03-04 07:30 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchWinApp.exe
2017-03-15 08:22 - 2017-03-04 07:28 - 00045568 _____ (Microsoft Corporation) C:\WINDOWS\system32\BluetoothDesktopHandlers.dll
2017-03-15 08:22 - 2017-03-04 07:28 - 00041984 _____ (Microsoft Corporation) C:\WINDOWS\system32\musdialoghandlers.dll
2017-03-15 08:22 - 2017-03-04 07:26 - 00430080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nwifi.sys
2017-03-15 08:22 - 2017-03-04 07:26 - 00119296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Family.Client.dll
2017-03-15 08:22 - 2017-03-04 07:26 - 00038912 _____ (Microsoft Corporation) C:\WINDOWS\system32\wfdprov.dll
2017-03-15 08:22 - 2017-03-04 07:25 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\system32\BrowserSettingSync.dll
2017-03-15 08:22 - 2017-03-04 07:24 - 00395264 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansec.dll
2017-03-15 08:22 - 2017-03-04 07:24 - 00186880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Family.SyncEngine.dll
2017-03-15 08:22 - 2017-03-04 07:24 - 00129024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.SerialCommunication.dll
2017-03-15 08:22 - 2017-03-04 07:22 - 01299968 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVPXENC.dll
2017-03-15 08:22 - 2017-03-04 07:22 - 00774144 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll
2017-03-15 08:22 - 2017-03-04 07:22 - 00414208 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2017-03-15 08:22 - 2017-03-04 07:22 - 00271872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.SmartCards.Phone.dll
2017-03-15 08:22 - 2017-03-04 07:22 - 00265728 _____ C:\WINDOWS\system32\Windows.Perception.Stub.dll
2017-03-15 08:22 - 2017-03-04 07:22 - 00231424 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudBackupSettings.dll
2017-03-15 08:22 - 2017-03-04 07:22 - 00230912 _____ (Microsoft Corporation) C:\WINDOWS\system32\icm32.dll
2017-03-15 08:22 - 2017-03-04 07:22 - 00216576 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeveloperOptionsSettingsHandlers.dll
2017-03-15 08:22 - 2017-03-04 07:22 - 00113152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dfsc.sys
2017-03-15 08:22 - 2017-03-04 07:21 - 01243136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.FaceAnalysis.dll
2017-03-15 08:22 - 2017-03-04 07:21 - 00631296 _____ (Microsoft Corporation) C:\WINDOWS\system32\main.cpl
2017-03-15 08:22 - 2017-03-04 07:21 - 00389632 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2017-03-15 08:22 - 2017-03-04 07:20 - 00632832 _____ (Microsoft Corporation) C:\WINDOWS\system32\sud.dll
2017-03-15 08:22 - 2017-03-04 07:20 - 00518656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdiWiFi.sys
2017-03-15 08:22 - 2017-03-04 07:20 - 00506880 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevicePairing.dll
2017-03-15 08:22 - 2017-03-04 07:20 - 00368128 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanui.dll
2017-03-15 08:22 - 2017-03-04 07:19 - 00498688 _____ (Microsoft Corporation) C:\WINDOWS\system32\mbsmsapi.dll
2017-03-15 08:22 - 2017-03-04 07:19 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Picker.dll
2017-03-15 08:22 - 2017-03-04 07:18 - 00896512 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontext.dll
2017-03-15 08:22 - 2017-03-04 07:18 - 00387072 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.UserAccountsHandlers.dll
2017-03-15 08:22 - 2017-03-04 07:17 - 01110016 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModel.dll
2017-03-15 08:22 - 2017-03-04 07:16 - 00994304 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplicationFrame.dll
2017-03-15 08:22 - 2017-03-04 07:16 - 00760832 _____ (Microsoft Corporation) C:\WINDOWS\system32\appwiz.cpl
2017-03-15 08:22 - 2017-03-04 07:16 - 00636928 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
2017-03-15 08:22 - 2017-03-04 07:16 - 00623616 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2017-03-15 08:22 - 2017-03-04 07:16 - 00526336 _____ (Microsoft Corporation) C:\WINDOWS\system32\mscms.dll
2017-03-15 08:22 - 2017-03-04 07:15 - 00313856 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2017-03-15 08:22 - 2017-03-04 07:13 - 07626752 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2017-03-15 08:22 - 2017-03-04 07:13 - 06474752 _____ (Microsoft Corporation) C:\WINDOWS\system32\mspaint.exe
2017-03-15 08:22 - 2017-03-04 07:13 - 03733504 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_47.dll
2017-03-15 08:22 - 2017-03-04 07:13 - 02458112 _____ (Microsoft Corporation) C:\WINDOWS\system32\themecpl.dll
2017-03-15 08:22 - 2017-03-04 07:13 - 01104896 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpeechPal.dll
2017-03-15 08:22 - 2017-03-04 07:12 - 00589312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Sensors.dll
2017-03-15 08:22 - 2017-03-04 07:11 - 00355328 _____ (Microsoft Corporation) C:\WINDOWS\system32\RTMediaFrame.dll
2017-03-15 08:22 - 2017-03-04 07:10 - 00300544 _____ (Microsoft Corporation) C:\WINDOWS\regedit.exe
2017-03-15 08:22 - 2017-03-04 07:10 - 00144384 _____ (Microsoft Corporation) C:\WINDOWS\system32\RelPost.exe
2017-03-15 08:22 - 2017-03-04 07:09 - 00945664 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2017-03-15 08:22 - 2017-03-04 07:09 - 00795648 _____ (Microsoft Corporation) C:\WINDOWS\system32\MiracastReceiver.dll
2017-03-15 08:22 - 2017-03-04 07:09 - 00570368 _____ (Microsoft Corporation) C:\WINDOWS\system32\clusapi.dll
2017-03-15 08:22 - 2017-03-04 07:09 - 00192000 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhengine.dll
2017-03-15 08:22 - 2017-03-04 07:09 - 00123904 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProximityCommon.dll
2017-03-15 08:22 - 2017-03-04 07:08 - 12349952 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2017-03-15 08:22 - 2017-03-04 07:08 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhcfg.dll
2017-03-15 08:22 - 2017-03-04 07:07 - 02748928 _____ (Microsoft Corporation) C:\WINDOWS\system32\mispace.dll
2017-03-15 08:22 - 2017-03-04 07:07 - 02643456 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2017-03-15 08:22 - 2017-03-04 07:07 - 01255936 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2017-03-15 08:22 - 2017-03-04 07:07 - 00582656 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpaceControl.dll
2017-03-15 08:22 - 2017-03-04 07:07 - 00551424 _____ (Microsoft Corporation) C:\WINDOWS\system32\vds.exe
2017-03-15 08:22 - 2017-03-04 07:07 - 00495104 _____ (Microsoft Corporation) C:\WINDOWS\system32\BootMenuUX.dll
2017-03-15 08:22 - 2017-03-04 07:07 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhtask.dll
2017-03-15 08:22 - 2017-03-04 07:06 - 03774464 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2017-03-15 08:22 - 2017-03-04 07:06 - 02153984 _____ (Microsoft Corporation) C:\WINDOWS\system32\storagewmi.dll
2017-03-15 08:22 - 2017-03-04 07:06 - 01017856 _____ (Microsoft Corporation) C:\WINDOWS\system32\VSSVC.exe
2017-03-15 08:22 - 2017-03-04 07:05 - 01133568 _____ (Microsoft Corporation) C:\WINDOWS\system32\vssapi.dll
2017-03-15 08:22 - 2017-03-04 07:05 - 00339968 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhsettingsprovider.dll
2017-03-15 08:22 - 2017-03-04 07:05 - 00298496 _____ (Microsoft Corporation) C:\WINDOWS\system32\resutils.dll
2017-03-15 08:22 - 2017-03-04 07:05 - 00113152 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpaceAgent.exe
2017-03-15 08:22 - 2017-03-04 07:04 - 01136128 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2017-03-15 08:22 - 2017-03-04 07:04 - 00640000 _____ (Microsoft Corporation) C:\WINDOWS\system32\MCRecvSrc.dll
2017-03-15 08:22 - 2017-03-04 07:02 - 04423680 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
2017-03-15 08:22 - 2017-03-04 07:02 - 02484736 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameux.dll
2017-03-15 08:22 - 2017-03-04 07:02 - 01997824 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2017-03-15 08:22 - 2017-03-04 07:02 - 01170944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.dll
2017-03-15 08:22 - 2017-03-04 07:02 - 00580608 _____ (Microsoft Corporation) C:\WINDOWS\system32\hgcpl.dll
2017-03-15 08:22 - 2017-03-04 07:01 - 01988096 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2017-03-15 08:22 - 2017-03-04 07:01 - 01556992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2017-03-15 08:22 - 2017-03-04 07:01 - 00773120 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2017-03-15 08:22 - 2017-03-04 07:01 - 00560640 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserLanguagesCpl.dll
2017-03-15 08:22 - 2017-03-04 07:01 - 00422400 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.dll
2017-03-15 08:22 - 2017-03-04 07:00 - 04557824 _____ (Microsoft) C:\WINDOWS\system32\dbgeng.dll
2017-03-15 08:22 - 2017-03-04 07:00 - 02996736 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2017-03-15 08:22 - 2017-03-04 07:00 - 02003968 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2017-03-15 08:22 - 2017-03-04 07:00 - 01524224 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2017-03-15 08:22 - 2017-03-04 07:00 - 01121280 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2017-03-15 08:22 - 2017-03-04 07:00 - 00798208 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2017-03-15 08:22 - 2017-03-04 07:00 - 00654336 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApiPublic.dll
2017-03-15 08:22 - 2017-03-04 06:57 - 01438720 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.dll
2017-03-15 08:22 - 2017-03-04 06:57 - 00449024 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmCoreProvisioning.dll
2017-03-15 08:21 - 2017-03-04 08:57 - 00484584 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2017-03-15 08:21 - 2017-03-04 08:57 - 00315744 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2017-03-15 08:21 - 2017-03-04 08:46 - 00448864 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContentDeliveryManager.Utilities.dll
2017-03-15 08:21 - 2017-03-04 08:09 - 02206496 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2017-03-15 08:21 - 2017-03-04 08:09 - 01969912 _____ (Microsoft Corporation) C:\WINDOWS\system32\hevcdecoder.dll
2017-03-15 08:21 - 2017-03-04 08:09 - 00783552 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2017-03-15 08:21 - 2017-03-04 08:09 - 00092000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys
2017-03-15 08:21 - 2017-03-04 08:07 - 01073816 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2017-03-15 08:21 - 2017-03-04 08:07 - 00945760 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2017-03-15 08:21 - 2017-03-04 08:06 - 01956704 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2017-03-15 08:21 - 2017-03-04 08:06 - 00341336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Classpnp.sys
2017-03-15 08:21 - 2017-03-04 08:06 - 00106336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\partmgr.sys
2017-03-15 08:21 - 2017-03-04 08:04 - 02048496 _____ C:\WINDOWS\system32\CoreUIComponents.dll
2017-03-15 08:21 - 2017-03-04 08:03 - 00583136 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2017-03-15 08:21 - 2017-03-04 08:02 - 00950112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2017-03-15 08:21 - 2017-03-04 07:59 - 00055136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dam.sys
2017-03-15 08:21 - 2017-03-04 07:56 - 00248992 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanager.dll
2017-03-15 08:21 - 2017-03-04 07:54 - 01897824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2017-03-15 08:21 - 2017-03-04 07:53 - 02256080 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2017-03-15 08:21 - 2017-03-04 07:53 - 00975744 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2017-03-15 08:21 - 2017-03-04 07:53 - 00551264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2017-03-15 08:21 - 2017-03-04 07:53 - 00493912 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2017-03-15 08:21 - 2017-03-04 07:52 - 00272720 _____ (Microsoft Corporation) C:\WINDOWS\system32\wintrust.dll
2017-03-15 08:21 - 2017-03-04 07:51 - 00576408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2017-03-15 08:21 - 2017-03-04 07:51 - 00458592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2017-03-15 08:21 - 2017-03-04 07:51 - 00454496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2017-03-15 08:21 - 2017-03-04 07:50 - 00100704 _____ (Microsoft Corporation) C:\WINDOWS\system32\icfupgd.dll
2017-03-15 08:21 - 2017-03-04 07:47 - 20969928 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2017-03-15 08:21 - 2017-03-04 07:47 - 01557808 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2017-03-15 08:21 - 2017-03-04 07:47 - 00530480 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2017-03-15 08:21 - 2017-03-04 07:47 - 00432336 _____ (Microsoft Corporation) C:\WINDOWS\system32\DMRServer.dll
2017-03-15 08:21 - 2017-03-04 07:47 - 00374448 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFPlay.dll
2017-03-15 08:21 - 2017-03-04 07:47 - 00352760 _____ (Microsoft Corporation) C:\WINDOWS\system32\MMDevAPI.dll
2017-03-15 08:21 - 2017-03-04 07:47 - 00034088 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompPkgSup.dll
2017-03-15 08:21 - 2017-03-04 07:46 - 01384704 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2017-03-15 08:21 - 2017-03-04 07:46 - 01224104 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcMon.exe
2017-03-15 08:21 - 2017-03-04 07:46 - 00321792 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppHost.exe
2017-03-15 08:21 - 2017-03-04 07:46 - 00198496 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHost.dll
2017-03-15 08:21 - 2017-03-04 07:46 - 00125792 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostBroker.dll
2017-03-15 08:21 - 2017-03-04 07:45 - 00173408 _____ (Microsoft Corporation) C:\WINDOWS\system32\basecsp.dll
2017-03-15 08:21 - 2017-03-04 07:45 - 00112120 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpapi.dll
2017-03-15 08:21 - 2017-03-04 07:45 - 00093984 _____ (Microsoft Corporation) C:\WINDOWS\system32\phoneactivate.exe
2017-03-15 08:21 - 2017-03-04 07:42 - 00545944 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2017-03-15 08:21 - 2017-03-04 07:42 - 00276832 _____ (Microsoft Corporation) C:\WINDOWS\system32\input.dll
2017-03-15 08:21 - 2017-03-04 07:36 - 05685760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2017-03-15 08:21 - 2017-03-04 07:30 - 00095232 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTimeUtil.dll
2017-03-15 08:21 - 2017-03-04 07:30 - 00051712 _____ (Microsoft Corporation) C:\WINDOWS\system32\usoapi.dll
2017-03-15 08:21 - 2017-03-04 07:30 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\odbcconf.dll
2017-03-15 08:21 - 2017-03-04 07:29 - 00112640 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssitlb.dll
2017-03-15 08:21 - 2017-03-04 07:29 - 00091648 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctfp.dll
2017-03-15 08:21 - 2017-03-04 07:29 - 00075264 _____ (Microsoft Corporation) C:\WINDOWS\system32\DuCsps.dll
2017-03-15 08:21 - 2017-03-04 07:28 - 00216576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\xboxgip.sys
2017-03-15 08:21 - 2017-03-04 07:27 - 00192512 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2017-03-15 08:21 - 2017-03-04 07:27 - 00123392 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcertinst.exe
2017-03-15 08:21 - 2017-03-04 07:27 - 00108544 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblGameSaveExt.dll
2017-03-15 08:21 - 2017-03-04 07:27 - 00055296 _____ (Microsoft Corporation) C:\WINDOWS\system32\findnetprinters.dll
2017-03-15 08:21 - 2017-03-04 07:27 - 00045056 _____ (Microsoft Corporation) C:\WINDOWS\system32\ddrawex.dll
2017-03-15 08:21 - 2017-03-04 07:26 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbonRes.dll
2017-03-15 08:21 - 2017-03-04 07:26 - 00215040 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_WorkAccess.dll
2017-03-15 08:21 - 2017-03-04 07:26 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDeviceRegistration.dll
2017-03-15 08:21 - 2017-03-04 07:26 - 00073216 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2017-03-15 08:21 - 2017-03-04 07:25 - 00519680 _____ (Microsoft Corporation) C:\WINDOWS\system32\vpnike.dll
2017-03-15 08:21 - 2017-03-04 07:25 - 00251904 _____ (Microsoft Corporation) C:\WINDOWS\system32\mscandui.dll
2017-03-15 08:21 - 2017-03-04 07:25 - 00175104 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiapi.dll
2017-03-15 08:21 - 2017-03-04 07:25 - 00073216 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzautoupdate.dll
2017-03-15 08:21 - 2017-03-04 07:25 - 00057344 _____ (Microsoft Corporation) C:\WINDOWS\system32\WPDShServiceObj.dll
2017-03-15 08:21 - 2017-03-04 07:25 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\tbauth.dll
2017-03-15 08:21 - 2017-03-04 07:24 - 00328192 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2017-03-15 08:21 - 2017-03-04 07:24 - 00223232 _____ (Microsoft Corporation) C:\WINDOWS\system32\scksp.dll
2017-03-15 08:21 - 2017-03-04 07:24 - 00093184 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctfui.dll
2017-03-15 08:21 - 2017-03-04 07:24 - 00088576 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDeviceRegistration.Ngc.dll
2017-03-15 08:21 - 2017-03-04 07:24 - 00022016 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBrokerCookies.exe
2017-03-15 08:21 - 2017-03-04 07:23 - 00374784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.LowLevel.dll
2017-03-15 08:21 - 2017-03-04 07:23 - 00315904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Gaming.XboxLive.Storage.dll
2017-03-15 08:21 - 2017-03-04 07:23 - 00291840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Search.ProtocolHandler.MAPI2.dll
2017-03-15 08:21 - 2017-03-04 07:23 - 00231936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.LockScreen.dll
2017-03-15 08:21 - 2017-03-04 07:23 - 00184320 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserMgrProxy.dll
2017-03-15 08:21 - 2017-03-04 07:23 - 00172032 _____ (Microsoft Corporation) C:\WINDOWS\system32\netiohlp.dll
2017-03-15 08:21 - 2017-03-04 07:23 - 00102912 _____ (Microsoft Corporation) C:\WINDOWS\system32\appinfo.dll
2017-03-15 08:21 - 2017-03-04 07:22 - 00237568 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncSettings.dll
2017-03-15 08:21 - 2017-03-04 07:22 - 00183296 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFilterHost.exe
2017-03-15 08:21 - 2017-03-04 07:22 - 00117760 _____ (Microsoft Corporation) C:\WINDOWS\system32\AuthBroker.dll
2017-03-15 08:21 - 2017-03-04 07:22 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\DafPrintProvider.dll
2017-03-15 08:21 - 2017-03-04 07:21 - 00670208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.PointOfService.dll
2017-03-15 08:21 - 2017-03-04 07:21 - 00579072 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblAuthManager.dll
2017-03-15 08:21 - 2017-03-04 07:21 - 00483840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.AllJoyn.dll
2017-03-15 08:21 - 2017-03-04 07:21 - 00445952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.UX.EapRequestHandler.dll
2017-03-15 08:21 - 2017-03-04 07:21 - 00196608 _____ (Microsoft Corporation) C:\WINDOWS\system32\tapi32.dll
2017-03-15 08:21 - 2017-03-04 07:20 - 00562176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.SmartCards.dll
2017-03-15 08:21 - 2017-03-04 07:20 - 00534528 _____ (Microsoft Corporation) C:\WINDOWS\system32\PCPTpm12.dll
2017-03-15 08:21 - 2017-03-04 07:20 - 00426496 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneDriveSettingSyncProvider.dll
2017-03-15 08:21 - 2017-03-04 07:20 - 00424960 _____ (Microsoft Corporation) C:\WINDOWS\system32\msutb.dll
2017-03-15 08:21 - 2017-03-04 07:20 - 00386048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.WiFiDirect.dll
2017-03-15 08:21 - 2017-03-04 07:20 - 00325120 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleacc.dll
2017-03-15 08:21 - 2017-03-04 07:20 - 00322560 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpAXHolder.dll
2017-03-15 08:21 - 2017-03-04 07:20 - 00284672 _____ (Microsoft Corporation) C:\WINDOWS\system32\apprepsync.dll
2017-03-15 08:21 - 2017-03-04 07:20 - 00206336 _____ (Microsoft Corporation) C:\WINDOWS\system32\vaultcli.dll
2017-03-15 08:21 - 2017-03-04 07:20 - 00175616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Scanners.dll
2017-03-15 08:21 - 2017-03-04 07:20 - 00161792 _____ (Microsoft Corporation) C:\WINDOWS\system32\certprop.dll
2017-03-15 08:21 - 2017-03-04 07:20 - 00125952 _____ (Microsoft Corporation) C:\WINDOWS\system32\apprepapi.dll
2017-03-15 08:21 - 2017-03-04 07:19 - 00790528 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2017-03-15 08:21 - 2017-03-04 07:19 - 00714752 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssvp.dll
2017-03-15 08:21 - 2017-03-04 07:19 - 00704512 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblGameSave.dll
2017-03-15 08:21 - 2017-03-04 07:19 - 00414208 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2017-03-15 08:21 - 2017-03-04 07:19 - 00390656 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredProvDataModel.dll
2017-03-15 08:21 - 2017-03-04 07:19 - 00318464 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFolder.dll
2017-03-15 08:21 - 2017-03-04 07:19 - 00277504 _____ (Microsoft Corporation) C:\WINDOWS\system32\icsvcext.dll
2017-03-15 08:21 - 2017-03-04 07:19 - 00273920 _____ (Microsoft Corporation) C:\WINDOWS\system32\PrintDialogs3D.dll
2017-03-15 08:21 - 2017-03-04 07:19 - 00214528 _____ (Microsoft Corporation) C:\WINDOWS\system32\ubpm.dll
2017-03-15 08:21 - 2017-03-04 07:18 - 01378304 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2017-03-15 08:21 - 2017-03-04 07:18 - 00828928 _____ (Microsoft Corporation) C:\WINDOWS\system32\XboxNetApiSvc.dll
2017-03-15 08:21 - 2017-03-04 07:18 - 00819200 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppContracts.dll
2017-03-15 08:21 - 2017-03-04 07:18 - 00548352 _____ (Microsoft Corporation) C:\WINDOWS\system32\ddraw.dll
2017-03-15 08:21 - 2017-03-04 07:18 - 00525824 _____ (Microsoft Corporation) C:\WINDOWS\system32\PrintDialogs.dll
2017-03-15 08:21 - 2017-03-04 07:18 - 00517632 _____ (Microsoft Corporation) C:\WINDOWS\system32\FlightSettings.dll
2017-03-15 08:21 - 2017-03-04 07:18 - 00284672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.dll
2017-03-15 08:21 - 2017-03-04 07:18 - 00254464 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssphtb.dll
2017-03-15 08:21 - 2017-03-04 07:18 - 00140800 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssph.dll
2017-03-15 08:21 - 2017-03-04 07:18 - 00074752 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll
2017-03-15 08:21 - 2017-03-04 07:17 - 00827392 _____ (Microsoft Corporation) C:\WINDOWS\system32\iphlpsvc.dll
2017-03-15 08:21 - 2017-03-04 07:17 - 00482304 _____ (Microsoft Corporation) C:\WINDOWS\system32\ipnathlp.dll
2017-03-15 08:21 - 2017-03-04 07:17 - 00425472 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2017-03-15 08:21 - 2017-03-04 07:17 - 00297472 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2017-03-15 08:21 - 2017-03-04 07:17 - 00256512 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2017-03-15 08:21 - 2017-03-04 07:17 - 00218112 _____ (Microsoft Corporation) C:\WINDOWS\system32\sharemediacpl.dll
2017-03-15 08:21 - 2017-03-04 07:16 - 01456640 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2017-03-15 08:21 - 2017-03-04 07:16 - 01013248 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2017-03-15 08:21 - 2017-03-04 07:16 - 00858112 _____ (Microsoft Corporation) C:\WINDOWS\system32\EmailApis.dll
2017-03-15 08:21 - 2017-03-04 07:16 - 00846336 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebcamUi.dll
2017-03-15 08:21 - 2017-03-04 07:16 - 00816640 _____ (Microsoft Corporation) C:\WINDOWS\system32\NaturalLanguage6.dll
2017-03-15 08:21 - 2017-03-04 07:16 - 00711680 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2017-03-15 08:21 - 2017-03-04 07:16 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2017-03-15 08:21 - 2017-03-04 07:16 - 00565248 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2017-03-15 08:21 - 2017-03-04 07:16 - 00561664 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmans.dll
2017-03-15 08:21 - 2017-03-04 07:16 - 00473600 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2017-03-15 08:21 - 2017-03-04 07:16 - 00368128 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiobj.dll
2017-03-15 08:21 - 2017-03-04 07:16 - 00288256 _____ (Microsoft Corporation) C:\WINDOWS\system32\CryptoWinRT.dll
2017-03-15 08:21 - 2017-03-04 07:16 - 00242688 _____ (Microsoft Corporation) C:\WINDOWS\system32\NgcCtnrSvc.dll
2017-03-15 08:21 - 2017-03-04 07:15 - 00336384 _____ (Microsoft Corporation) C:\WINDOWS\system32\azroleui.dll
2017-03-15 08:21 - 2017-03-04 07:14 - 01534464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Printing.3D.dll
2017-03-15 08:21 - 2017-03-04 07:14 - 00236032 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmWmiPl.dll
2017-03-15 08:21 - 2017-03-04 07:14 - 00151552 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXApplicabilityBlob.dll
2017-03-15 08:21 - 2017-03-04 07:13 - 01228288 _____ (Microsoft Corporation) C:\WINDOWS\system32\usercpl.dll
2017-03-15 08:21 - 2017-03-04 07:13 - 01056768 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll
2017-03-15 08:21 - 2017-03-04 07:13 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppointmentApis.dll
2017-03-15 08:21 - 2017-03-04 07:13 - 00653312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.AccountsControl.dll
2017-03-15 08:21 - 2017-03-04 07:13 - 00608768 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
2017-03-15 08:21 - 2017-03-04 07:12 - 01842688 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnidui.dll
2017-03-15 08:21 - 2017-03-04 07:12 - 00884224 _____ (Microsoft Corporation) C:\WINDOWS\HelpPane.exe
2017-03-15 08:21 - 2017-03-04 07:12 - 00818176 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2017-03-15 08:21 - 2017-03-04 07:12 - 00700416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Storage.Search.dll
2017-03-15 08:21 - 2017-03-04 07:11 - 01320448 _____ (Microsoft Corporation) C:\WINDOWS\system32\comsvcs.dll
2017-03-15 08:21 - 2017-03-04 07:11 - 01284096 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdtctm.dll
2017-03-15 08:21 - 2017-03-04 07:11 - 00343552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys
2017-03-15 08:21 - 2017-03-04 07:10 - 01098752 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpsvc.dll
2017-03-15 08:21 - 2017-03-04 07:10 - 00471552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.BackgroundMediaPlayback.dll
2017-03-15 08:21 - 2017-03-04 07:09 - 00343040 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToDevice.dll
2017-03-15 08:21 - 2017-03-04 07:08 - 00713216 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnapps.dll
2017-03-15 08:21 - 2017-03-04 07:07 - 01406976 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationFramework.dll
2017-03-15 08:21 - 2017-03-04 07:07 - 00895488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.dll
2017-03-15 08:21 - 2017-03-04 07:07 - 00085504 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpninprc.dll
2017-03-15 08:21 - 2017-03-04 07:06 - 06109184 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2017-03-15 08:21 - 2017-03-04 07:06 - 05380608 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2017-03-15 08:21 - 2017-03-04 07:06 - 03198464 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
2017-03-15 08:21 - 2017-03-04 07:06 - 01382400 _____ (Microsoft Corporation) C:\WINDOWS\system32\workfolderssvc.dll
2017-03-15 08:21 - 2017-03-04 07:06 - 00090624 _____ (Microsoft Corporation) C:\WINDOWS\system32\olepro32.dll
2017-03-15 08:21 - 2017-03-04 07:05 - 07468544 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2017-03-15 08:21 - 2017-03-04 07:05 - 03520512 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsrchvw.exe
2017-03-15 08:21 - 2017-03-04 07:05 - 00194560 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkFoldersShell.dll
2017-03-15 08:21 - 2017-03-04 07:05 - 00089600 _____ (Microsoft Corporation) C:\WINDOWS\system32\CameraCaptureUI.dll
2017-03-15 08:21 - 2017-03-04 07:05 - 00086016 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkFoldersGPExt.dll
2017-03-15 08:21 - 2017-03-04 07:03 - 02363904 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapRouter.dll
2017-03-15 08:21 - 2017-03-04 07:03 - 02109952 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapGeocoder.dll
2017-03-15 08:21 - 2017-03-04 07:03 - 00400384 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToManager.dll
2017-03-15 08:21 - 2017-03-04 07:03 - 00359936 _____ (Microsoft Corporation) C:\WINDOWS\system32\mtxclu.dll
2017-03-15 08:21 - 2017-03-04 07:02 - 02740224 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll
2017-03-15 08:21 - 2017-03-04 07:02 - 01949696 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2017-03-15 08:21 - 2017-03-04 07:02 - 01485824 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2017-03-15 08:21 - 2017-03-04 07:02 - 01155072 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVP9DEC.dll
2017-03-15 08:21 - 2017-03-04 07:02 - 01004544 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Input.Inking.dll
2017-03-15 08:21 - 2017-03-04 07:02 - 00707072 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
2017-03-15 08:21 - 2017-03-04 07:01 - 03478528 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbon.dll
2017-03-15 08:21 - 2017-03-04 07:01 - 02646528 _____ (Microsoft Corporation) C:\WINDOWS\system32\CertEnroll.dll
2017-03-15 08:21 - 2017-03-04 07:01 - 01993216 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2017-03-15 08:21 - 2017-03-04 07:01 - 01656320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Perception.dll
2017-03-15 08:21 - 2017-03-04 07:01 - 01595904 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2017-03-15 08:21 - 2017-03-04 07:01 - 01571840 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2017-03-15 08:21 - 2017-03-04 07:01 - 01564160 _____ (Microsoft Corporation) C:\WINDOWS\system32\quartz.dll
2017-03-15 08:21 - 2017-03-04 07:01 - 01493504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wpc.dll
2017-03-15 08:21 - 2017-03-04 07:01 - 01293312 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPDMC.exe
2017-03-15 08:21 - 2017-03-04 07:01 - 00941568 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2017-03-15 08:21 - 2017-03-04 07:01 - 00827904 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll
2017-03-15 08:21 - 2017-03-04 07:01 - 00666624 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkfoldersControl.dll
2017-03-15 08:21 - 2017-03-04 07:01 - 00620544 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
2017-03-15 08:21 - 2017-03-04 07:01 - 00566784 _____ (Microsoft Corporation) C:\WINDOWS\system32\ShareHost.dll
2017-03-15 08:21 - 2017-03-04 07:01 - 00094208 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkFolders.exe
2017-03-15 08:21 - 2017-03-04 07:00 - 02483200 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2017-03-15 08:21 - 2017-03-04 07:00 - 01888256 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2017-03-15 08:21 - 2017-03-04 07:00 - 01235968 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2017-03-15 08:21 - 2017-03-04 07:00 - 00862208 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2017-03-15 08:21 - 2017-03-04 07:00 - 00711680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
2017-03-15 08:21 - 2017-03-04 07:00 - 00691200 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2017-03-15 08:21 - 2017-03-04 07:00 - 00529408 _____ (Microsoft Corporation) C:\WINDOWS\system32\spoolsv.exe
2017-03-15 08:21 - 2017-03-04 06:59 - 01252352 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataService.dll
2017-03-15 08:21 - 2017-03-04 06:57 - 03106304 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstsc.exe
2017-03-15 08:21 - 2017-03-04 06:57 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\system32\spaceman.exe
2017-03-15 08:21 - 2016-07-16 02:45 - 00014848 _____ (Microsoft Corporation) C:\WINDOWS\system32\CspCellularSettings.dll
2017-03-15 08:21 - 2016-07-16 02:43 - 00102912 _____ (Microsoft Corporation) C:\WINDOWS\system32\CfgSPCellular.dll
2017-03-15 08:21 - 2016-07-16 02:43 - 00100352 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseAPNCsp.dll
2017-03-15 08:20 - 2017-03-04 08:44 - 00685440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Shell.Broker.dll
2017-03-15 08:20 - 2017-03-04 08:41 - 00078176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\IPMIDrv.sys
2017-03-15 08:20 - 2017-03-04 08:09 - 00497416 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll
2017-03-15 08:20 - 2017-03-04 08:08 - 05999968 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2017-03-15 08:20 - 2017-03-04 08:04 - 01362512 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpmde.dll
2017-03-15 08:20 - 2017-03-04 08:02 - 00184416 _____ (Microsoft Corporation) C:\WINDOWS\system32\IPHLPAPI.DLL
2017-03-15 08:20 - 2017-03-04 08:02 - 00095584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tdx.sys
2017-03-15 08:20 - 2017-03-04 07:56 - 00263472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Storage.ApplicationData.dll
2017-03-15 08:20 - 2017-03-04 07:54 - 00290272 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2017-03-15 08:20 - 2017-03-04 07:53 - 01431232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2017-03-15 08:20 - 2017-03-04 07:53 - 00861024 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2017-03-15 08:20 - 2017-03-04 07:53 - 00781152 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2017-03-15 08:20 - 2017-03-04 07:53 - 00342880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2017-03-15 08:20 - 2017-03-04 07:52 - 00111968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storahci.sys
2017-03-15 08:20 - 2017-03-04 07:51 - 00086360 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvsocket.sys
2017-03-15 08:20 - 2017-03-04 07:51 - 00060768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmbkmcl.sys
2017-03-15 08:20 - 2017-03-04 07:47 - 04023000 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2017-03-15 08:20 - 2017-03-04 07:47 - 01853224 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2017-03-15 08:20 - 2017-03-04 07:47 - 01360456 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetsrc.dll
2017-03-15 08:20 - 2017-03-04 07:47 - 01344448 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsrcsnk.dll
2017-03-15 08:20 - 2017-03-04 07:47 - 01277856 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
2017-03-15 08:20 - 2017-03-04 07:47 - 01202384 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2017-03-15 08:20 - 2017-03-04 07:47 - 01123912 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2017-03-15 08:20 - 2017-03-04 07:47 - 00981376 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetcore.dll
2017-03-15 08:20 - 2017-03-04 07:47 - 00976184 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfds.dll
2017-03-15 08:20 - 2017-03-04 07:47 - 00952416 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2017-03-15 08:20 - 2017-03-04 07:40 - 01967968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2017-03-15 08:20 - 2017-03-04 07:40 - 00306800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.MediaControl.dll
2017-03-15 08:20 - 2017-03-04 07:34 - 00281088 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXTaskFactory.dll
2017-03-15 08:20 - 2017-03-04 07:30 - 01631232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll
2017-03-15 08:20 - 2017-03-04 07:29 - 00039424 _____ (Microsoft Corporation) C:\WINDOWS\system32\XInputUap.dll
2017-03-15 08:20 - 2017-03-04 07:29 - 00020992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mskssrv.sys
2017-03-15 08:20 - 2017-03-04 07:28 - 00224256 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExSMime.dll
2017-03-15 08:20 - 2017-03-04 07:27 - 00275968 _____ (Microsoft Corporation) C:\WINDOWS\system32\accountaccessor.dll
2017-03-15 08:20 - 2017-03-04 07:27 - 00141824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Radios.dll
2017-03-15 08:20 - 2017-03-04 07:27 - 00100864 _____ (Microsoft Corporation) C:\WINDOWS\system32\MediaFoundation.DefaultPerceptionProvider.dll
2017-03-15 08:20 - 2017-03-04 07:26 - 00177664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.Diagnostics.dll
2017-03-15 08:20 - 2017-03-04 07:26 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\system32\BcastDVRHelper.dll
2017-03-15 08:20 - 2017-03-04 07:26 - 00147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\VCardParser.dll
2017-03-15 08:20 - 2017-03-04 07:26 - 00138240 _____ (Microsoft Corporation) C:\WINDOWS\system32\DisplayManager.dll
2017-03-15 08:20 - 2017-03-04 07:26 - 00123904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.HostName.dll
2017-03-15 08:20 - 2017-03-04 07:26 - 00065024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Gaming.UI.GameBar.dll
2017-03-15 08:20 - 2017-03-04 07:26 - 00047104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Shell.Search.UriHandler.dll
2017-03-15 08:20 - 2017-03-04 07:26 - 00025600 _____ (Microsoft Corporation) C:\WINDOWS\system32\netiougc.exe
2017-03-15 08:20 - 2017-03-04 07:25 - 00255488 _____ (Microsoft Corporation) C:\WINDOWS\system32\unimdm.tsp
2017-03-15 08:20 - 2017-03-04 07:25 - 00167936 _____ (Microsoft Corporation) C:\WINDOWS\system32\PimIndexMaintenance.dll
2017-03-15 08:20 - 2017-03-04 07:25 - 00152064 _____ (Microsoft Corporation) C:\WINDOWS\system32\MCCSEngineShared.dll
2017-03-15 08:20 - 2017-03-04 07:25 - 00136192 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinRtTracing.dll
2017-03-15 08:20 - 2017-03-04 07:25 - 00097792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.System.SystemManagement.dll
2017-03-15 08:20 - 2017-03-04 07:25 - 00063488 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshost.dll
2017-03-15 08:20 - 2017-03-04 07:24 - 00330752 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
2017-03-15 08:20 - 2017-03-04 07:24 - 00142336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.WiFi.dll
2017-03-15 08:20 - 2017-03-04 07:24 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.ServiceDiscovery.Dnssd.dll
2017-03-15 08:20 - 2017-03-04 07:24 - 00040448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpipreg.sys
2017-03-15 08:20 - 2017-03-04 07:23 - 00531456 _____ (Microsoft Corporation) C:\WINDOWS\system32\iprtrmgr.dll
2017-03-15 08:20 - 2017-03-04 07:23 - 00506368 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.exe
2017-03-15 08:20 - 2017-03-04 07:23 - 00392192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Gaming.Input.dll
2017-03-15 08:20 - 2017-03-04 07:23 - 00334848 _____ (Microsoft Corporation) C:\WINDOWS\system32\DavSyncProvider.dll
2017-03-15 08:20 - 2017-03-04 07:23 - 00299520 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataAccountApis.dll
2017-03-15 08:20 - 2017-03-04 07:23 - 00242688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Dxpserver.exe
2017-03-15 08:20 - 2017-03-04 07:23 - 00193024 _____ (Microsoft Corporation) C:\WINDOWS\system32\shutdownux.dll
2017-03-15 08:20 - 2017-03-04 07:23 - 00186880 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Flights.dll
2017-03-15 08:20 - 2017-03-04 07:22 - 06534656 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanmm.dll
2017-03-15 08:20 - 2017-03-04 07:22 - 00822784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2017-03-15 08:20 - 2017-03-04 07:22 - 00392704 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanconn.dll
2017-03-15 08:20 - 2017-03-04 07:22 - 00332288 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapConfiguration.dll
2017-03-15 08:20 - 2017-03-04 07:22 - 00212992 _____ (Microsoft Corporation) C:\WINDOWS\system32\cemapi.dll
2017-03-15 08:20 - 2017-03-04 07:22 - 00115712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Core.dll
2017-03-15 08:20 - 2017-03-04 07:21 - 00609280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Import.dll
2017-03-15 08:20 - 2017-03-04 07:21 - 00575488 _____ (Microsoft Corporation) C:\WINDOWS\system32\nshwfp.dll
2017-03-15 08:20 - 2017-03-04 07:21 - 00298496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2017-03-15 08:20 - 2017-03-04 07:21 - 00185856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Identity.Provider.dll
2017-03-15 08:20 - 2017-03-04 07:20 - 13873664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2017-03-15 08:20 - 2017-03-04 07:20 - 00426496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Wallet.dll
2017-03-15 08:20 - 2017-03-04 07:20 - 00332800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Cortana.Desktop.dll
2017-03-15 08:20 - 2017-03-04 07:20 - 00301568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ks.sys
2017-03-15 08:20 - 2017-03-04 07:20 - 00271360 _____ (Microsoft Corporation) C:\WINDOWS\system32\deviceaccess.dll
2017-03-15 08:20 - 2017-03-04 07:20 - 00218624 _____ (Microsoft Corporation) C:\WINDOWS\system32\WwaApi.dll
2017-03-15 08:20 - 2017-03-04 07:19 - 00635904 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2017-03-15 08:20 - 2017-03-04 07:19 - 00615936 _____ (Microsoft Corporation) C:\WINDOWS\system32\internetmail.dll
2017-03-15 08:20 - 2017-03-04 07:19 - 00431616 _____ (Microsoft Corporation) C:\WINDOWS\system32\efswrt.dll
2017-03-15 08:20 - 2017-03-04 07:19 - 00226816 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore6.dll
2017-03-15 08:20 - 2017-03-04 07:19 - 00203264 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsrslvr.dll
2017-03-15 08:20 - 2017-03-04 07:19 - 00181760 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcpipcfg.dll
2017-03-15 08:20 - 2017-03-04 07:19 - 00147968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Cortana.OneCore.dll
2017-03-15 08:20 - 2017-03-04 07:18 - 01231360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcnwiz.dll
2017-03-15 08:20 - 2017-03-04 07:18 - 00747520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Ocr.dll
2017-03-15 08:20 - 2017-03-04 07:18 - 00567808 _____ (Microsoft Corporation) C:\WINDOWS\system32\ChatApis.dll
2017-03-15 08:20 - 2017-03-04 07:18 - 00493056 _____ (Microsoft Corporation) C:\WINDOWS\system32\WlanMediaManager.dll
2017-03-15 08:20 - 2017-03-04 07:18 - 00314368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Usb.dll
2017-03-15 08:20 - 2017-03-04 07:18 - 00253952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2017-03-15 08:20 - 2017-03-04 07:18 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\system32\indexeddbserver.dll
2017-03-15 08:20 - 2017-03-04 07:17 - 02318848 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll
2017-03-15 08:20 - 2017-03-04 07:17 - 00661504 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll
2017-03-15 08:20 - 2017-03-04 07:17 - 00570368 _____ (Microsoft Corporation) C:\WINDOWS\system32\PrintRenderAPIHost.DLL
2017-03-15 08:20 - 2017-03-04 07:17 - 00529920 _____ (Microsoft Corporation) C:\WINDOWS\system32\StructuredQuery.dll
2017-03-15 08:20 - 2017-03-04 07:17 - 00427008 _____ (Microsoft Corporation) C:\WINDOWS\system32\DXP.dll
2017-03-15 08:20 - 2017-03-04 07:17 - 00238080 _____ (Microsoft Corporation) C:\WINDOWS\system32\AboveLockAppHost.dll
2017-03-15 08:20 - 2017-03-04 07:16 - 00968704 _____ (Microsoft Corporation) C:\WINDOWS\system32\Unistore.dll
2017-03-15 08:20 - 2017-03-04 07:16 - 00850432 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasgcw.dll
2017-03-15 08:20 - 2017-03-04 07:16 - 00762880 _____ (Microsoft Corporation) C:\WINDOWS\system32\mprddm.dll
2017-03-15 08:20 - 2017-03-04 07:16 - 00500224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Printing.dll
2017-03-15 08:20 - 2017-03-04 07:16 - 00465920 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppBroker.dll
2017-03-15 08:20 - 2017-03-04 07:16 - 00298496 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascustom.dll
2017-03-15 08:20 - 2017-03-04 07:15 - 18362368 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2017-03-15 08:20 - 2017-03-04 07:15 - 00509440 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2017-03-15 08:20 - 2017-03-04 07:13 - 19411968 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2017-03-15 08:20 - 2017-03-04 07:13 - 04613120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2017-03-15 08:20 - 2017-03-04 07:13 - 01003520 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqqm.dll
2017-03-15 08:20 - 2017-03-04 07:13 - 00699904 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll
2017-03-15 08:20 - 2017-03-04 07:13 - 00675840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.dll
2017-03-15 08:20 - 2017-03-04 07:13 - 00497152 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2017-03-15 08:20 - 2017-03-04 07:13 - 00296960 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2017-03-15 08:20 - 2017-03-04 07:13 - 00256512 _____ (Microsoft Corporation) C:\WINDOWS\system32\thumbcache.dll
2017-03-15 08:20 - 2017-03-04 07:12 - 00901120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Bluetooth.dll
2017-03-15 08:20 - 2017-03-04 07:12 - 00894976 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorDataService.exe
2017-03-15 08:20 - 2017-03-04 07:12 - 00886272 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2017-03-15 08:20 - 2017-03-04 07:12 - 00884224 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2017-03-15 08:20 - 2017-03-04 07:12 - 00395264 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll
2017-03-15 08:20 - 2017-03-04 07:12 - 00144896 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceEnroller.exe
2017-03-15 08:20 - 2017-03-04 07:11 - 01357312 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSPhotography.dll
2017-03-15 08:20 - 2017-03-04 07:11 - 01323008 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_fs.dll
2017-03-15 08:20 - 2017-03-04 07:11 - 01137152 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_health.dll
2017-03-15 08:20 - 2017-03-04 07:11 - 00729600 _____ (Microsoft Corporation) C:\WINDOWS\system32\TabletPC.cpl
2017-03-15 08:20 - 2017-03-04 07:11 - 00073728 _____ (Microsoft Corporation) C:\WINDOWS\system32\tabcal.exe
2017-03-15 08:20 - 2017-03-04 07:10 - 03307008 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2017-03-15 08:20 - 2017-03-04 07:10 - 01077760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Editing.dll
2017-03-15 08:20 - 2017-03-04 07:10 - 00259584 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdtcuiu.dll
2017-03-15 08:20 - 2017-03-04 07:10 - 00151552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Tabbtn.dll
2017-03-15 08:20 - 2017-03-04 07:07 - 12178944 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2017-03-15 08:20 - 2017-03-04 07:07 - 00545280 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmkvsrcsnk.dll
2017-03-15 08:20 - 2017-03-04 07:06 - 00220672 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToReceiver.dll
2017-03-15 08:20 - 2017-03-04 07:05 - 01221120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Audio.dll
2017-03-15 08:20 - 2017-03-04 07:05 - 00134144 _____ (Microsoft Corporation) C:\WINDOWS\system32\ErrorDetails.dll
2017-03-15 08:20 - 2017-03-04 07:04 - 00719872 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_sr.dll
2017-03-15 08:20 - 2017-03-04 07:03 - 06044672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2017-03-15 08:20 - 2017-03-04 07:03 - 03666432 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2017-03-15 08:20 - 2017-03-04 07:03 - 01247232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Globalization.dll
2017-03-15 08:20 - 2017-03-04 07:03 - 00409600 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVSENCD.DLL
2017-03-15 08:20 - 2017-03-04 07:03 - 00049664 _____ (Microsoft Corporation) C:\WINDOWS\system32\MultiDigiMon.exe
2017-03-15 08:20 - 2017-03-04 07:02 - 02138112 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
2017-03-15 08:20 - 2017-03-04 07:02 - 01709056 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActiveSyncProvider.dll
2017-03-15 08:20 - 2017-03-04 07:01 - 02682880 _____ (Microsoft Corporation) C:\WINDOWS\system32\netshell.dll
2017-03-15 08:20 - 2017-03-04 07:01 - 01232384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Maps.dll
2017-03-15 08:20 - 2017-03-04 07:01 - 01154560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Pimstore.dll
2017-03-15 08:20 - 2017-03-04 07:01 - 01013248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.Http.dll
2017-03-15 08:20 - 2017-03-04 07:00 - 02026496 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2017-03-15 08:20 - 2017-03-04 07:00 - 01883648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2017-03-15 08:20 - 2017-03-04 07:00 - 01170944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Phone.dll
2017-03-15 08:20 - 2017-03-04 07:00 - 00850944 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContactApis.dll
2017-03-15 08:20 - 2017-03-04 07:00 - 00751104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.BackgroundTransfer.dll
2017-03-15 08:20 - 2017-03-04 07:00 - 00598528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.dll
2017-03-15 08:20 - 2017-03-04 07:00 - 00348160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Midi.dll
2017-03-15 08:20 - 2017-03-04 06:59 - 00353280 _____ (Microsoft Corporation) C:\WINDOWS\system32\TextInputFramework.dll
2017-03-15 08:20 - 2017-03-04 06:59 - 00206848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll
2017-03-15 08:20 - 2017-03-04 06:57 - 00783360 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWorkspace.dll
2017-03-15 08:20 - 2017-03-04 06:57 - 00375296 _____ (Microsoft Corporation) C:\WINDOWS\system32\wksprt.exe
2017-03-15 08:20 - 2017-03-04 06:57 - 00299008 _____ (Microsoft Corporation) C:\WINDOWS\system32\RADCUI.dll
2017-03-15 08:20 - 2017-02-22 03:03 - 00448285 _____ C:\WINDOWS\system32\ApnDatabase.xml
2017-03-15 08:19 - 2016-05-29 19:38 - 08886976 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneDriveSetup.exe
2017-03-10 11:33 - 2017-03-10 11:33 - 00000000 ____D C:\Users\Klaus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2017-03-22 15:08 - 2015-06-18 19:01 - 00000000 ____D C:\Users\Klaus\AppData\Local\Dropbox
2017-03-22 14:56 - 2016-10-14 10:42 - 01955762 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-03-22 14:56 - 2016-07-16 18:27 - 00701738 _____ C:\WINDOWS\system32\perfh007.dat
2017-03-22 14:56 - 2016-07-16 18:27 - 00158614 _____ C:\WINDOWS\system32\perfc007.dat
2017-03-22 14:55 - 2016-10-14 10:43 - 00000000 ____D C:\Users\Klaus
2017-03-22 14:52 - 2016-11-18 22:19 - 00000000 ____D C:\Users\Klaus\AppData\LocalLow\Mozilla
2017-03-22 14:52 - 2016-07-16 09:29 - 00000000 ____D C:\WINDOWS\AppReadiness
2017-03-22 14:51 - 2015-08-26 08:37 - 00000000 ___RD C:\Users\Klaus\OneDrive
2017-03-22 14:51 - 2012-06-04 18:28 - 00000000 ___RD C:\Users\Klaus\Dropbox
2017-03-22 14:51 - 2010-01-20 17:12 - 00000000 ____D C:\Users\Klaus\AppData\Roaming\Skype
2017-03-22 14:49 - 2016-10-14 11:08 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-03-22 14:48 - 2016-07-16 03:22 - 03670016 _____ C:\WINDOWS\system32\config\BBI
2017-03-22 14:46 - 2016-04-27 11:18 - 00000000 ____D C:\Users\Klaus\AppData\LocalLow\Temp
2017-03-22 13:46 - 2016-10-14 10:37 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2017-03-21 11:21 - 2015-03-09 18:47 - 00000000 ____D C:\Program Files\TeamViewer
2017-03-21 11:20 - 2014-04-12 12:25 - 00000000 ____D C:\AdwCleaner
2017-03-21 11:19 - 2016-05-23 09:13 - 00000000 ____D C:\Program Files\iolo
2017-03-21 11:19 - 2015-11-30 16:17 - 00000000 ____D C:\Program Files\Yahoo!
2017-03-21 10:32 - 2016-07-16 09:29 - 00000000 ___HD C:\Program Files\WindowsApps
2017-03-18 16:12 - 2013-12-22 14:21 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2017-03-18 16:08 - 2016-07-16 09:28 - 00000000 ____D C:\WINDOWS\INF
2017-03-18 16:07 - 2016-10-14 10:46 - 00000000 ____D C:\WINDOWS\system32\config\bbimigrate
2017-03-18 16:07 - 2016-07-16 09:29 - 00000000 ____D C:\WINDOWS\system32\config\Journal
2017-03-17 19:59 - 2016-07-16 09:29 - 00000000 ____D C:\WINDOWS\system32\appraiser
2017-03-17 19:59 - 2016-07-16 09:19 - 00000000 ____D C:\WINDOWS\CbsTemp
2017-03-16 19:04 - 2016-07-16 09:29 - 00000000 ____D C:\WINDOWS\rescache
2017-03-16 17:55 - 2014-03-01 12:30 - 00000000 ____D C:\Users\Klaus\Documents\tax
2017-03-16 17:38 - 2014-03-01 11:56 - 00000000 ____D C:\ProgramData\Buhl Data Service GmbH
2017-03-16 17:36 - 2014-03-01 12:04 - 00000000 ____D C:\Users\Klaus\AppData\Local\Buhl
2017-03-16 17:32 - 2014-03-01 12:00 - 00000000 ____D C:\Program Files\Buhl finance
2017-03-16 17:32 - 2009-09-16 22:48 - 00000000 ___HD C:\Program Files\InstallShield Installation Information
2017-03-16 17:30 - 2014-05-20 09:20 - 00000000 ____D C:\ProgramData\Package Cache
2017-03-15 17:46 - 2015-08-26 08:30 - 00000000 __RHD C:\Users\Public\AccountPictures
2017-03-15 17:42 - 2016-10-14 10:36 - 00380912 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2017-03-15 17:42 - 2010-01-18 17:06 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2017-03-15 17:40 - 2016-07-16 09:29 - 00000000 ____D C:\WINDOWS\system32\setup
2017-03-15 17:40 - 2016-07-16 09:29 - 00000000 ____D C:\WINDOWS\system32\oobe
2017-03-15 17:39 - 2016-07-16 09:29 - 00000000 ___RD C:\WINDOWS\PrintDialog
2017-03-15 17:39 - 2016-07-16 09:29 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2017-03-15 17:39 - 2016-07-16 09:29 - 00000000 ___RD C:\Program Files\Windows Defender
2017-03-15 17:39 - 2016-07-16 09:29 - 00000000 ____D C:\WINDOWS\ShellExperiences
2017-03-15 17:39 - 2016-07-16 09:29 - 00000000 ____D C:\WINDOWS\bcastdvr
2017-03-15 17:39 - 2016-07-16 09:29 - 00000000 ____D C:\Program Files\Windows Photo Viewer
2017-03-15 09:33 - 2013-08-14 17:12 - 00000000 ____D C:\WINDOWS\system32\MRT
2017-03-15 09:28 - 2010-03-20 09:45 - 135706696 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-03-15 09:17 - 2010-11-18 18:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2017-03-13 13:05 - 2012-06-17 15:52 - 00000425 _____ C:\WINDOWS\BRWMARK.INI
2017-03-13 13:05 - 2012-06-17 15:52 - 00000027 _____ C:\WINDOWS\BRPP2KA.INI
2017-03-10 11:33 - 2012-06-04 18:27 - 00000000 ____D C:\Users\Klaus\AppData\Roaming\Dropbox
2017-03-10 06:17 - 2016-07-16 09:31 - 00835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe
2017-03-10 06:17 - 2016-07-16 09:31 - 00177656 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl
2017-03-05 10:43 - 2012-04-10 17:21 - 00000884 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2017-02-28 10:46 - 2010-03-19 20:59 - 00407720 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2017-02-23 19:43 - 2015-10-31 12:36 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2014-03-06 15:16 - 2009-08-06 13:43 - 0006733 _____ () C:\Users\Klaus\AppData\Roaming\abspann_datev_idea.gif
2014-03-06 15:16 - 2008-06-02 10:57 - 0000291 _____ () C:\Users\Klaus\AppData\Roaming\lastscreen.html
2014-03-06 15:16 - 2009-08-13 14:32 - 0000105 _____ () C:\Users\Klaus\AppData\Roaming\lastscreen.ikf
2010-06-10 19:08 - 2013-08-16 08:19 - 0040960 _____ () C:\Users\Klaus\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-03-06 15:16 - 2014-03-06 18:07 - 0004672 _____ () C:\Users\Klaus\AppData\Local\EmptySettings.xml
2013-02-13 12:01 - 2013-02-13 12:01 - 0004096 ____H () C:\Users\Klaus\AppData\Local\keyfile3.drm
2016-10-14 10:39 - 2016-10-14 10:39 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2010-01-20 17:17 - 2010-01-20 17:17 - 0000056 ____H () C:\ProgramData\ezsidmv.dat
2010-01-18 16:50 - 2009-08-17 06:54 - 0131368 _____ () C:\ProgramData\FullRemove.exe
2009-09-16 23:05 - 2009-09-16 23:05 - 0000109 _____ () C:\ProgramData\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}.log
2009-09-16 23:03 - 2009-09-16 23:03 - 0000106 _____ () C:\ProgramData\{2BF2E31F-B8BB-40A7-B650-98D28E0F7D47}.log
2009-09-16 23:00 - 2009-09-16 23:00 - 0000105 _____ () C:\ProgramData\{40BF1E83-20EB-11D8-97C5-0009C5020658}.log
2009-09-16 23:04 - 2009-09-16 23:04 - 0000110 _____ () C:\ProgramData\{B7A0CE06-068E-11D6-97FD-0050BACBF861}.log
2009-09-16 22:59 - 2009-09-16 22:59 - 0000107 _____ () C:\ProgramData\{C59C179C-668D-49A9-B6EA-0121CCFC1243}.log
2009-09-16 23:01 - 2009-09-16 23:03 - 0000110 _____ () C:\ProgramData\{CB099890-1D5F-11D5-9EA9-0050BAE317E1}.log
==================== Bamital & volsnap ======================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2017-03-16 18:01
==================== Ende vom FRST.txt ============================ |