Trojaner-Board
Seite 1 von 2 1 2
100 Beiträge dieses Themas auf einer Seite anzeigen

Trojaner-Board (https://www.trojaner-board.de/)
-   Plagegeister aller Art und deren Bekämpfung (https://www.trojaner-board.de/plagegeister-aller-art-deren-bekaempfung/)
-   -   Internet öffnet ständig neue Fenster (https://www.trojaner-board.de/184620-internet-oeffnet-staendig-neue-fenster.html)

Reen96 03.03.2017 21:14
Internet öffnet ständig neue Fenster
 
Hallo liebe Trojanerhelfer,

ich habe das Problem, dass sich, wenn ich im Internet surfe, ständig neue Fenster in eigenen Tabs öffnen. Die Themen dieser Fenster sind völlig verschieden (Werbung, Windows Repair, Gewinne und vieles mehr).
Ich habe schon lange gebraucht bis hier her zu kommen und den Beitrag zu schreiben, da sich immer nur andere Fenster öffnen.
Was kann ich tun?
Wo versteckt sich der Virus?

Mit freundlichen Grüßen
Reen96

M-K-D-B 03.03.2017 21:42
:hallo:


Mein Name ist Matthias und ich werde dir bei der Bereinigung deines Computers helfen.


Bitte beachte folgende Hinweise:
  • Falls wir Hinweise auf illegal erworbene Software finden, werden wir den Support unterbrechen bis jegliche Art von illegaler Software vom Rechner entfernt wurde.
  • Lies dir die Anleitungen sorgfältig durch. Solltest du Probleme haben, stoppe mit deiner Bearbeitung und beschreibe mir dein Problem so gut es geht.
  • Solltest du mir nicht innerhalb von 3 Tagen antworten, gehe ich davon aus, dass du keine Hilfe mehr benötigst. Dann lösche ich dein Thema aus meinem Abo. Solltest du einmal länger abwesend sein, so gib mir bitte Bescheid!
  • Während der Bereinigung bitte nichts installieren oder deinstallieren, außer ich bitte dich darum!
  • Bitte beachten: Download bei filepony.de: So ladet Ihr unsere Tools richtig!
  • Alle zu verwendenen Programme sind auf dem Desktop abzuspeichern und von dort als Administrator zu starten!
  • Einige Programme, die wir hier verwenden, können unter Umständen von deinem Antiviren- oder Anti-Malwareprogramm fälschlicherweise als Bedrohung eingestuft werden. Die Sicherheitsprogramme können aufgrund eines bestimmten Programmverhaltens nicht zwischen "gut" oder "böse" unterscheiden und schlagen Alarm. Dabei handelt es sich um Fehlalarme, welche du getrost ignorieren kannst. Gegebenenfalls musst du deine Sicherheitssoftware vor der Ausführung eines Programms deaktivieren, damit unsere Bereinigungsvorgänge nicht beeinträchtigt werden.



Bitte arbeite alle Schritte in der vorgegebenen Reihefolge nacheinander ab und poste alle Logdateien in CODE-Tags:
So funktioniert es:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert deinem Helfer massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu groß für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
  • Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
  • Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
  • Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
  • Klicke aauf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.
http://www.trojaner-board.de/picture...&pictureid=307

Danke für deine Mitarbeit!




Zur ersten Analyse bitte FRST und TDSS-Killer ausführen:


Schritt 1
Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)






Schritt 2
Downloade dir bitte TDSSKiller TDSSKiller.exe und speichere diese Datei auf dem Desktop
  • Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
  • Drücke Start Scan
  • Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
    TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
    Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt
Poste den Inhalt bitte in jedem Fall hier in deinen Thread.







Bitte poste mit deiner nächsten Antwort
  • die Logdatei von TDSS-Killer,
  • die beiden neuen Logdateien von FRST.

Reen96 03.03.2017 22:16
Vielen Dank!
Hier TDSS-Killer:
Code:
22:00:13.0481 0x29d8  TDSS rootkit removing tool 3.1.0.12 Nov  7 2016 07:10:01
22:00:13.0481 0x29d8  UEFI system
22:00:16.0997 0x29d8  ============================================================
22:00:16.0997 0x29d8  Current date / time: 2017/03/03 22:00:16.0997
22:00:16.0997 0x29d8  SystemInfo:
22:00:16.0997 0x29d8 
22:00:16.0997 0x29d8  OS Version: 10.0.14393 ServicePack: 0.0
22:00:16.0997 0x29d8  Product type: Workstation
22:00:16.0997 0x29d8  ComputerName: DESKTOP-A10S929
22:00:16.0997 0x29d8  UserName: Baby
22:00:16.0997 0x29d8  Windows directory: C:\WINDOWS
22:00:16.0997 0x29d8  System windows directory: C:\WINDOWS
22:00:16.0997 0x29d8  Running under WOW64
22:00:16.0997 0x29d8  Processor architecture: Intel x64
22:00:16.0997 0x29d8  Number of processors: 4
22:00:16.0997 0x29d8  Page size: 0x1000
22:00:16.0997 0x29d8  Boot type: Normal boot
22:00:16.0997 0x29d8  CodeIntegrityOptions = 0x00000001
22:00:16.0997 0x29d8  ============================================================
22:00:17.0309 0x29d8  KLMD registered as C:\WINDOWS\system32\drivers\56145642.sys
22:00:17.0309 0x29d8  KLMD ARK init status: drvProperties = 0xFFF00, osBuild = 14393.693, osProperties = 0x19
22:00:18.0137 0x29d8  System UUID: {DC30BCFC-A93E-F47D-9442-E72F04A99A9B}
22:00:20.0997 0x29d8  Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 ( 465.76 Gb ), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
22:00:21.0012 0x29d8  ============================================================
22:00:21.0012 0x29d8  \Device\Harddisk0\DR0:
22:00:21.0012 0x29d8  GPT partitions:
22:00:21.0012 0x29d8  \Device\Harddisk0\DR0\Partition1: GPT, TypeGUID: {C12A7328-F81F-11D2-BA4B-00A0C93EC93B}, UniqueGUID: {9E1C85E6-2EDD-4BFC-902D-3BCCA502EDBA}, Name: EFI system partition, StartLBA 0x800, BlocksNum 0x82000
22:00:21.0012 0x29d8  \Device\Harddisk0\DR0\Partition2: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {6E7470DD-3887-4817-A1E3-E530E565EA89}, Name: Microsoft reserved partition, StartLBA 0x82800, BlocksNum 0x8000
22:00:21.0012 0x29d8  \Device\Harddisk0\DR0\Partition3: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {C00315AD-91CA-4933-8C82-EB6D9D2B0C5A}, Name: Basic data partition, StartLBA 0x8A800, BlocksNum 0x3543C800
22:00:21.0012 0x29d8  \Device\Harddisk0\DR0\Partition4: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {14D36E42-9256-4AF9-908B-AEDD97483DD9}, Name: Basic data partition, StartLBA 0x354C7000, BlocksNum 0x3200000
22:00:21.0012 0x29d8  \Device\Harddisk0\DR0\Partition5: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {C6018A70-B47F-488E-AA70-EF06BB5A7D63}, Name: Basic data partition, StartLBA 0x386C7000, BlocksNum 0x1F4000
22:00:21.0012 0x29d8  \Device\Harddisk0\DR0\Partition6: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {98E3C13B-FA5E-4ECD-BA7F-2FEC526715E2}, Name: Basic data partition, StartLBA 0x388BB000, BlocksNum 0x18D7000
22:00:21.0012 0x29d8  \Device\Harddisk0\DR0\Partition7: GPT, TypeGUID: {BFBFAFE7-A34F-448A-9A5B-6213EB736C22}, UniqueGUID: {6954EAEC-6A48-4090-84B2-43FD22522BAC}, Name: Basic data partition, StartLBA 0x3A192000, BlocksNum 0x1F4000
22:00:21.0012 0x29d8  MBR partitions:
22:00:21.0012 0x29d8  ============================================================
22:00:21.0012 0x29d8  C: <-> \Device\Harddisk0\DR0\Partition3
22:00:21.0028 0x29d8  D: <-> \Device\Harddisk0\DR0\Partition4
22:00:21.0028 0x29d8  ============================================================
22:00:21.0028 0x29d8  Initialize success
22:00:21.0028 0x29d8  ============================================================
22:00:22.0794 0x1884  ============================================================
22:00:22.0794 0x1884  Scan started
22:00:22.0794 0x1884  Mode: Manual;
22:00:22.0794 0x1884  ============================================================
22:00:22.0794 0x1884  KSN ping started
22:00:22.0997 0x1884  KSN ping finished: true
22:00:24.0544 0x1884  ================ Scan system memory ========================
22:00:24.0544 0x1884  System memory - ok
22:00:24.0544 0x1884  ================ Scan services =============================
22:00:24.0731 0x1884  1394ohci - ok
22:00:24.0747 0x1884  3ware - ok
22:00:24.0778 0x1884  ACPI - ok
22:00:24.0794 0x1884  AcpiDev - ok
22:00:24.0825 0x1884  acpiex - ok
22:00:24.0841 0x1884  acpipagr - ok
22:00:24.0872 0x1884  AcpiPmi - ok
22:00:24.0888 0x1884  acpitime - ok
22:00:24.0919 0x1884  [ E13DE7CD2B62254DD4FF658B7798A37D, 9FCCC90DEF6BE83F8C41D4552D235A7BB5534954D2E7CB7B1C336A31FCCAB3AD ] ACPIVPC        C:\WINDOWS\System32\drivers\AcpiVpc.sys
22:00:24.0919 0x1884  ACPIVPC - ok
22:00:24.0981 0x1884  ADP80XX - ok
22:00:25.0013 0x1884  AFD - ok
22:00:25.0059 0x1884  ahcache - ok
22:00:25.0075 0x1884  AJRouter - ok
22:00:25.0106 0x1884  ALG - ok
22:00:25.0138 0x1884  AmdK8 - ok
22:00:25.0153 0x1884  AmdPPM - ok
22:00:25.0185 0x1884  amdsata - ok
22:00:25.0216 0x1884  amdsbs - ok
22:00:25.0231 0x1884  amdxata - ok
22:00:25.0247 0x1884  AppID - ok
22:00:25.0278 0x1884  AppIDSvc - ok
22:00:25.0294 0x1884  Appinfo - ok
22:00:25.0325 0x1884  applockerfltr - ok
22:00:25.0356 0x1884  AppReadiness - ok
22:00:25.0388 0x1884  AppXSvc - ok
22:00:25.0419 0x1884  arcsas - ok
22:00:25.0434 0x1884  AsyncMac - ok
22:00:25.0466 0x1884  atapi - ok
22:00:25.0497 0x1884  AudioEndpointBuilder - ok
22:00:25.0513 0x1884  Audiosrv - ok
22:00:25.0575 0x1884  [ 03B45C52179E8DAE51A0F685C30D06D6, E06F066B4BFE5344BBF5749B9B8B8CFBA0C02920FD2B9C73BDDA7E34F1785DA7 ] AVP17.0.0      C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\avp.exe
22:00:25.0591 0x1884  AVP17.0.0 - ok
22:00:25.0622 0x1884  AxInstSV - ok
22:00:25.0638 0x1884  b06bdrv - ok
22:00:25.0669 0x1884  BasicDisplay - ok
22:00:25.0684 0x1884  BasicRender - ok
22:00:25.0731 0x1884  bcmfn - ok
22:00:25.0763 0x1884  bcmfn2 - ok
22:00:25.0778 0x1884  BDESVC - ok
22:00:25.0809 0x1884  Beep - ok
22:00:25.0825 0x1884  BFE - ok
22:00:25.0856 0x1884  BITS - ok
22:00:25.0888 0x1884  bowser - ok
22:00:25.0919 0x1884  BrokerInfrastructure - ok
22:00:25.0950 0x1884  Browser - ok
22:00:25.0966 0x1884  BthAvrcpTg - ok
22:00:25.0997 0x1884  BthEnum - ok
22:00:26.0013 0x1884  BthHFEnum - ok
22:00:26.0044 0x1884  bthhfhid - ok
22:00:26.0059 0x1884  BthHFSrv - ok
22:00:26.0091 0x1884  BthLEEnum - ok
22:00:26.0122 0x1884  BTHMODEM - ok
22:00:26.0138 0x1884  BthPan - ok
22:00:26.0169 0x1884  BTHPORT - ok
22:00:26.0184 0x1884  bthserv - ok
22:00:26.0216 0x1884  BTHUSB - ok
22:00:26.0247 0x1884  buttonconverter - ok
22:00:26.0263 0x1884  CapImg - ok
22:00:26.0356 0x1884  [ C267A09490883B77E7678DCF38E3B723, 8FD7858B5BA84CF3640E250DE2448E383E6233BE6F3E92FDB702DB82111A9AF0 ] CCSDK          C:\Program Files (x86)\Lenovo\CCSDK\CCSDK.exe
22:00:26.0434 0x1884  CCSDK - ok
22:00:26.0450 0x1884  cdfs - ok
22:00:26.0481 0x1884  CDPSvc - ok
22:00:26.0497 0x1884  CDPUserSvc - ok
22:00:26.0559 0x1884  cdrom - ok
22:00:26.0575 0x1884  CertPropSvc - ok
22:00:26.0622 0x1884  [ 3CA560EE2846FCC7A212ECC0A30AA24B, AF23987DA4F9EC2BC524C787F30BE49C34A3F9716E32046F510766E1F3A08A9A ] cfwids          C:\WINDOWS\system32\drivers\cfwids.sys
22:00:26.0622 0x1884  cfwids - ok
22:00:26.0653 0x1884  cht4iscsi - ok
22:00:26.0684 0x1884  cht4vbd - ok
22:00:26.0700 0x1884  circlass - ok
22:00:26.0731 0x1884  CLFS - ok
22:00:27.0122 0x1884  [ CB6AC02C92BBA30187EA4591D771660E, B3BB15DC814F131672D864CAAD1537933EE83C9029DF143E5E105077EA4D7F30 ] ClickToRunSvc  C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe
22:00:27.0466 0x1884  ClickToRunSvc - ok
22:00:27.0513 0x1884  ClipSVC - ok
22:00:27.0544 0x1884  clreg - ok
22:00:27.0622 0x1884  CmBatt - ok
22:00:27.0669 0x1884  [ B29A764A1E76473CD9D64C9438705C19, CD0497EB84DE60E1E491CA495AF981A8DFC4949BB373C1978CAF1BCF4321D30E ] cm_km          C:\WINDOWS\system32\DRIVERS\cm_km.sys
22:00:27.0700 0x1884  cm_km - ok
22:00:27.0731 0x1884  CNG - ok
22:00:27.0747 0x1884  cnghwassist - ok
22:00:27.0856 0x1884  CompositeBus - ok
22:00:27.0888 0x1884  COMSysApp - ok
22:00:27.0919 0x1884  condrv - ok
22:00:27.0950 0x1884  CoreMessagingRegistrar - ok
22:00:28.0060 0x1884  [ AA4C3229C6C1765D996F43F43FE4FBED, E0D341E63DB6F3E7F8BFB09D3D643009F345380BF94736576595A6DDD37A5E03 ] cphs            C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
22:00:28.0106 0x1884  cphs - ok
22:00:28.0138 0x1884  CryptSvc - ok
22:00:28.0169 0x1884  dam - ok
22:00:28.0216 0x1884  DcomLaunch - ok
22:00:28.0247 0x1884  DcpSvc - ok
22:00:28.0294 0x1884  defragsvc - ok
22:00:28.0310 0x1884  DeviceAssociationService - ok
22:00:28.0341 0x1884  DeviceInstall - ok
22:00:28.0372 0x1884  DevQueryBroker - ok
22:00:28.0403 0x1884  Dfsc - ok
22:00:28.0435 0x1884  [ 9593475FBC857A05D93BFF4FA7323C2B, D2A958AF5EFDC6136A6ABB7F8D5FE1F84C967E79BEA96C5BE3661A0145DEB907 ] dg_ssudbus      C:\WINDOWS\system32\DRIVERS\ssudbus.sys
22:00:28.0466 0x1884  dg_ssudbus - ok
22:00:28.0481 0x1884  Dhcp - ok
22:00:28.0513 0x1884  diagnosticshub.standardcollector.service - ok
22:00:28.0528 0x1884  DiagTrack - ok
22:00:28.0560 0x1884  disk - ok
22:00:28.0591 0x1884  DmEnrollmentSvc - ok
22:00:28.0606 0x1884  dmvsc - ok
22:00:28.0638 0x1884  dmwappushservice - ok
22:00:28.0669 0x1884  Dnscache - ok
22:00:28.0700 0x1884  dot3svc - ok
22:00:28.0731 0x1884  DPS - ok
22:00:28.0763 0x1884  drmkaud - ok
22:00:28.0778 0x1884  DsmSvc - ok
22:00:28.0810 0x1884  DsSvc - ok
22:00:28.0841 0x1884  DXGKrnl - ok
22:00:28.0872 0x1884  EapHost - ok
22:00:28.0903 0x1884  ebdrv - ok
22:00:28.0935 0x1884  EFS - ok
22:00:28.0950 0x1884  EhStorClass - ok
22:00:28.0981 0x1884  EhStorTcgDrv - ok
22:00:29.0185 0x1884  [ 9DF468D8CCE3B3BD200CFB31E9EA17BB, D2700E2ACB034E8698E81526E7470E265E1F791503ED528E66ED0BB574CA6FFA ] ElfoService    C:\Program Files (x86)\ElsterFormular Update Service\bin\ElfoService.exe
22:00:29.0310 0x1884  ElfoService - ok
22:00:29.0325 0x1884  embeddedmode - ok
22:00:29.0356 0x1884  EntAppSvc - ok
22:00:29.0388 0x1884  ErrDev - ok
22:00:29.0481 0x1884  [ 4F1F28FD1E5618444B7F529C27E063C7, 1964B4B45F9FDCFE0F7F3C7121D96081A13EAA6E6DFE39FA9CD2D7B06091B6A6 ] ETD            C:\WINDOWS\system32\DRIVERS\ETD.sys
22:00:29.0528 0x1884  ETD - ok
22:00:29.0560 0x1884  [ CD7256F391779D5473BDED03C1537AF7, EFC5FA3AF9BE390FC5BD25D9A2969E12D5A9FF60D07C8B25C53278E16925A08D ] ETDService      C:\Program Files\Elantech\ETDService.exe
22:00:29.0575 0x1884  ETDService - ok
22:00:29.0606 0x1884  [ 7A6A9202245A8D93B771734C543FBB2D, A1B452E2F97988F128B4A6FFFC89C6F8F9FE39DD0D0C574EC3C3ACA7C4DCBE27 ] ETDSMBus        C:\WINDOWS\system32\DRIVERS\ETDSMBus.sys
22:00:29.0606 0x1884  ETDSMBus - ok
22:00:29.0638 0x1884  EventSystem - ok
22:00:29.0747 0x1884  [ 6DCB7233AAD29E43331B3ECFCC8FB8D1, A8E203BB774A4E055C871E9A28F958287A75E8BEA42496E6BA9983063CF6C539 ] EvtEng          C:\Program Files\Intel\WiFi\bin\EvtEng.exe
22:00:29.0810 0x1884  EvtEng - ok
22:00:29.0841 0x1884  exfat - ok
22:00:29.0856 0x1884  fastfat - ok
22:00:29.0888 0x1884  Fax - ok
22:00:29.0919 0x1884  fdc - ok
22:00:29.0950 0x1884  fdPHost - ok
22:00:29.0966 0x1884  FDResPub - ok
22:00:29.0997 0x1884  fhsvc - ok
22:00:30.0013 0x1884  FileCrypt - ok
22:00:30.0044 0x1884  FileInfo - ok
22:00:30.0075 0x1884  Filetrace - ok
22:00:30.0106 0x1884  flpydisk - ok
22:00:30.0122 0x1884  FltMgr - ok
22:00:30.0153 0x1884  FontCache - ok
22:00:30.0185 0x1884  FontCache3.0.0.0 - ok
22:00:30.0200 0x1884  FrameServer - ok
22:00:30.0247 0x1884  FsDepends - ok
22:00:30.0278 0x1884  Fs_Rec - ok
22:00:30.0310 0x1884  fvevol - ok
22:00:30.0481 0x1884  [ D56EE61F9B62AD677395BF003A49B4A7, A4B657AF38253F4BAE2A8BE7E9453E662BC378773A93631C0445C96267296B53 ] GDCAgent        C:\Program Files (x86)\Lenovo\GDCAgentSetupRed\GDCAgent.exe
22:00:30.0606 0x1884  GDCAgent - ok
22:00:30.0638 0x1884  gencounter - ok
22:00:30.0653 0x1884  genericusbfn - ok
22:00:30.0685 0x1884  GPIOClx0101 - ok
22:00:30.0716 0x1884  gpsvc - ok
22:00:30.0731 0x1884  GpuEnergyDrv - ok
22:00:30.0763 0x1884  HDAudBus - ok
22:00:30.0778 0x1884  HidBatt - ok
22:00:30.0810 0x1884  HidBth - ok
22:00:30.0841 0x1884  hidi2c - ok
22:00:30.0856 0x1884  hidinterrupt - ok
22:00:30.0888 0x1884  HidIr - ok
22:00:30.0919 0x1884  hidserv - ok
22:00:30.0950 0x1884  HidUsb - ok
22:00:30.0997 0x1884  [ F60E629BADC03B5BCCF8AAE022651A64, 08D3BA75F3A43843F8F13D7EEA263E46A9452FAB3B30BFD389E4B0477675CB3B ] HipShieldK      C:\WINDOWS\system32\drivers\HipShieldK.sys
22:00:31.0028 0x1884  HipShieldK - ok
22:00:31.0060 0x1884  HomeGroupListener - ok
22:00:31.0075 0x1884  HomeGroupProvider - ok
22:00:31.0106 0x1884  HpSAMD - ok
22:00:31.0138 0x1884  HTTP - ok
22:00:31.0153 0x1884  HvHost - ok
22:00:31.0185 0x1884  hvservice - ok
22:00:31.0216 0x1884  hwpolicy - ok
22:00:31.0231 0x1884  hyperkbd - ok
22:00:31.0263 0x1884  HyperVideo - ok
22:00:31.0294 0x1884  i8042prt - ok
22:00:31.0310 0x1884  iagpio - ok
22:00:31.0341 0x1884  iai2c - ok
22:00:31.0372 0x1884  iaLPSS2i_GPIO2 - ok
22:00:31.0403 0x1884  iaLPSS2i_I2C - ok
22:00:31.0419 0x1884  iaLPSSi_GPIO - ok
22:00:31.0450 0x1884  iaLPSSi_I2C - ok
22:00:31.0481 0x1884  [ 8FD3487A6AE70321404C34AC278840D8, 2BD7720A7D907F5D036982D4DA32128D427CE5110544F51F003C7693A51A29EE ] iaLPSS_GPIO    C:\WINDOWS\System32\drivers\iaLPSS_GPIO.sys
22:00:31.0497 0x1884  iaLPSS_GPIO - ok
22:00:31.0685 0x1884  [ 5F6CA62BE8ECC4D0E1F5D4D4A02B456B, F720A1F14C9053D24C5B42827E5F9578A27F3E62A6C65A3CFA068E580F02F072 ] iaStorA        C:\WINDOWS\system32\drivers\iaStorA.sys
22:00:31.0825 0x1884  iaStorA - ok
22:00:31.0841 0x1884  iaStorAV - ok
22:00:31.0872 0x1884  [ D90885430767C6152AF908D57A5159AC, A3C25AA5CDDFBBA91199F673471C64A8A4792A0F2D642F46AD54B18879A464B1 ] IAStorDataMgrSvc C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
22:00:31.0888 0x1884  IAStorDataMgrSvc - ok
22:00:31.0903 0x1884  iaStorV - ok
22:00:31.0935 0x1884  ibbus - ok
22:00:31.0966 0x1884  ibtsiva - ok
22:00:32.0028 0x1884  [ C5547F54E191D36AFD3A3654CBA65806, FC4EA1FFE2077FE17C536C0674CBC61EFDA138BC145346DA67742C15A93D9C1A ] ibtusb          C:\WINDOWS\system32\DRIVERS\ibtusb.sys
22:00:32.0044 0x1884  ibtusb - ok
22:00:32.0075 0x1884  icssvc - ok
22:00:32.0856 0x1884  [ 1E64B1ACBA54360B4BA2D6DB3C4F482E, D25B2DBBA6C82D29B080960961775726A16CB24426BFEEF18F966AD7C54801F3 ] igfx            C:\WINDOWS\system32\DRIVERS\igdkmd64.sys
22:00:33.0544 0x1884  igfx - ok
22:00:33.0638 0x1884  [ 7075C9341BBB75F7E54AAB291AB82223, 16779559625C78C0C15A030FB5EB03D18D163CD71FB703B003A25DA0E0F50BCA ] igfxCUIService2.0.0.0 C:\WINDOWS\system32\igfxCUIService.exe
22:00:33.0716 0x1884  igfxCUIService2.0.0.0 - ok
22:00:33.0731 0x1884  IKEEXT - ok
22:00:33.0763 0x1884  [ CDA315AF0F1DAA6925AA5442FA2412F4, 82E00696C65FAA715066096751560803ADFAD1765086D7806F11D6F64FAC03BB ] ImControllerService C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe
22:00:33.0778 0x1884  ImControllerService - ok
22:00:33.0794 0x1884  IndirectKmd - ok
22:00:34.0356 0x1884  [ 73D45AF87AD38A24CD9EA7834324D41C, 893BE814F4EE53CFC47AD783D88BC457CA4F23AE37BF3FAE8ED51DB815260259 ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RTKVHD64.sys
22:00:34.0825 0x1884  IntcAzAudAddService - ok
22:00:34.0935 0x1884  [ C8D2B9B619E5A1E33C0A5CA8F0870298, F61941F2B6C65BDEF17514F0D991EA11D8F3D4B959DAA47C483277C63E910733 ] IntcDAud        C:\WINDOWS\system32\DRIVERS\IntcDAud.sys
22:00:34.0997 0x1884  IntcDAud - ok
22:00:35.0138 0x1884  [ B63CF22D1AD2ABDC39D85851B2BEAA6D, 37E9043BABB5895BFD2B59AFB60C438B992C6EAA1B5FDE5B3445314343F4C406 ] Intel(R) Capability Licensing Service TCP IP Interface C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
22:00:35.0216 0x1884  Intel(R) Capability Licensing Service TCP IP Interface - ok
22:00:35.0278 0x1884  [ 8213094EA736A9C575AB0E22AD09B0BA, 12670A466B5AA37283BD4CB481D000DE3AE2A8D1BD159F67A41703A6FE5675EC ] Intel(R) Security Assist C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe
22:00:35.0310 0x1884  Intel(R) Security Assist - ok
22:00:35.0325 0x1884  intelide - ok
22:00:35.0341 0x1884  intelpep - ok
22:00:35.0372 0x1884  intelppm - ok
22:00:35.0403 0x1884  iorate - ok
22:00:35.0435 0x1884  IpFilterDriver - ok
22:00:35.0466 0x1884  iphlpsvc - ok
22:00:35.0481 0x1884  IPMIDRV - ok
22:00:35.0513 0x1884  IPNAT - ok
22:00:35.0528 0x1884  irda - ok
22:00:35.0560 0x1884  IRENUM - ok
22:00:35.0591 0x1884  irmon - ok
22:00:35.0606 0x1884  [ 1DFC3CCA51785254C5604238BB1A5467, 31451A90A91AEE14C6B24F84CB9816E5C77179D411B8B3E8547F538235BEEFB0 ] isaHelperSvc    C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe
22:00:35.0622 0x1884  isaHelperSvc - ok
22:00:35.0638 0x1884  isapnp - ok
22:00:35.0669 0x1884  iScsiPrt - ok
22:00:35.0700 0x1884  [ DE70C5C10803C700DC1CFDE2D5CF207A, 4D11DE8B986C6966B66E1D6E931A72A1E9FA8D0B5B9EF57EF3EEDD09D0BE0B4E ] jhi_service    C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
22:00:35.0731 0x1884  jhi_service - ok
22:00:35.0763 0x1884  kbdclass - ok
22:00:35.0794 0x1884  kbdhid - ok
22:00:35.0825 0x1884  kdnic - ok
22:00:35.0841 0x1884  KeyIso - ok
22:00:35.0919 0x1884  [ 97E3E8F35632EECD0ABD2DE6519A9666, ABE96FDEB1076E380D7FB4975C020B43ED4E821097EFC6AFE8C75D764167D6E8 ] kl1            C:\WINDOWS\system32\DRIVERS\kl1.sys
22:00:35.0982 0x1884  kl1 - ok
22:00:36.0013 0x1884  [ B01AD8DA034EE42D4C2282F77FDB03AE, 3FF55F3CEE4A0E5D559F04F5A639297EA0F36580720E94CF9DD56DEBF2E98F39 ] klbackupdisk    C:\WINDOWS\system32\DRIVERS\klbackupdisk.sys
22:00:36.0028 0x1884  klbackupdisk - ok
22:00:36.0060 0x1884  [ 10549B5BFD9A3DCF4FFA6287236FA959, 6BDFA335A8E3A69425CB23230660D3168CB82911ACB3AAAF85C19263511EAF51 ] klbackupflt    C:\WINDOWS\system32\DRIVERS\klbackupflt.sys
22:00:36.0075 0x1884  klbackupflt - ok
22:00:36.0091 0x1884  [ 7DAA9047F50BF5A3F8C147719FC520AF, 0740387075AF46DB1E9AEE3B12C65A06EDFE58EADB8B562C36CB1FEFF9905C26 ] kldisk          C:\WINDOWS\system32\DRIVERS\kldisk.sys
22:00:36.0107 0x1884  kldisk - ok
22:00:36.0153 0x1884  [ 5766A27C85EE813029831D125D2EFB45, BB5BAFD5A58E80C7F0B8D24121352E0386B3422FFC16B56F1D1B1C6A482AC9F0 ] klelam          C:\WINDOWS\system32\DRIVERS\klelam.sys
22:00:36.0169 0x1884  klelam - ok
22:00:36.0232 0x1884  [ 63FD545876EF4248BE3C8788D8270758, 5FF6529F8D7F94848E68142D8B2CAA446342AF95644C9223E689E303E8AB7336 ] klflt          C:\WINDOWS\system32\DRIVERS\klflt.sys
22:00:36.0247 0x1884  klflt - ok
22:00:36.0310 0x1884  [ 3524D3B8F5BEF8C01EAF7EEFFA5EAB3F, 0908A6E3E62017F7099900850D58A1B775D808F7DC0951B09781689DF3994DA2 ] klhk            C:\WINDOWS\System32\drivers\klhk.sys
22:00:36.0357 0x1884  klhk - ok
22:00:36.0435 0x1884  [ 7796EAD58D8C1A42AAB6B6CA9A3F106C, 7DA8A05A0210F63C7D120DCF0101AD895D53368C0DED23E275F2BA79239FCE28 ] klids          C:\ProgramData\Kaspersky Lab\AVP17.0.0\Bases\klids.sys
22:00:36.0450 0x1884  klids - ok
22:00:36.0575 0x1884  [ 2CE22F21119A089277B067A1B1BDC592, 7CDE229899B6344967098FB03C7C1C360CC3DC2DCC096F8AAC6CC96536FF1AE9 ] KLIF            C:\WINDOWS\system32\DRIVERS\klif.sys
22:00:36.0685 0x1884  KLIF - ok
22:00:36.0716 0x1884  [ 6357C533C30650361110DBAF59A25DF8, FA8CF6292CCBC7E23527D968E54CD773706CF091E35563B0CF9F8A1DF0B724B9 ] KLIM6          C:\WINDOWS\system32\DRIVERS\klim6.sys
22:00:36.0716 0x1884  KLIM6 - ok
22:00:36.0747 0x1884  [ 5480CC93737F48282552C84FA7EBA59B, B7D92424399B647132F6B9409FE75EAA310C984F796FC0B65BBE2EA180110968 ] klkbdflt        C:\WINDOWS\system32\DRIVERS\klkbdflt.sys
22:00:36.0763 0x1884  klkbdflt - ok
22:00:36.0778 0x1884  [ FD47C92A63B6EADEA830BFA96C06EAEE, C15C39B6FA53CBD01A2F95243845C4B706B4229F8FFB75C7128819B9CEE5B2CB ] klmouflt        C:\WINDOWS\system32\DRIVERS\klmouflt.sys
22:00:36.0794 0x1884  klmouflt - ok
22:00:36.0825 0x1884  [ 6B0C605591C892CBB683F63EA47822DC, E74C0A0501A1B4B56B417402108521F34DA6A23FCD1C05E4E524E41EBA0906FF ] klpd            C:\WINDOWS\system32\DRIVERS\klpd.sys
22:00:36.0825 0x1884  klpd - ok
22:00:36.0857 0x1884  [ 828B042A95F055648DA190DF6C7AB1B6, 0457B0EF03BCB4CC1297EB25A25C162937F456BF406EC7B1A5E9A0AA13A9BCD7 ] kltap          C:\WINDOWS\System32\drivers\kltap.sys
22:00:36.0857 0x1884  kltap - ok
22:00:36.0935 0x1884  [ 66516A704F1D378E58B85D79633C103D, 54E3EB342D2FD17CF742A8ACADCA81A553216AA289955DD176A54D6414727DA5 ] klupd_klif_arkmon C:\WINDOWS\system32\Drivers\klupd_klif_arkmon.sys
22:00:36.0950 0x1884  klupd_klif_arkmon - ok
22:00:36.0982 0x1884  [ 941727CDC11A0E1A407B602D88CD58CB, 8E290245A42E75FC532A72A850BAF5516BA7488BEF015F46CA9D215BCA0D7CE0 ] klupd_klif_kimul C:\WINDOWS\system32\Drivers\klupd_klif_kimul.sys
22:00:36.0997 0x1884  klupd_klif_kimul - ok
22:00:37.0044 0x1884  [ 55FC7F42A5AA55A265CE466227ABD0DE, AB72152F39460327D74DB693BFB36A93BC2D752653D3633BB7F439DC4B9AB081 ] klupd_klif_klark C:\WINDOWS\system32\Drivers\klupd_klif_klark.sys
22:00:37.0075 0x1884  klupd_klif_klark - ok
22:00:37.0107 0x1884  [ D7709E365C10F99DE58BB688C45358B7, C028FB885B7A4AFB98FD2B8EABF99E913F480891A9ED859FE5B4E077BDE8ACB5 ] klupd_klif_klbg C:\WINDOWS\system32\Drivers\klupd_klif_klbg.sys
22:00:37.0122 0x1884  klupd_klif_klbg - ok
22:00:37.0153 0x1884  [ 8D7E0B5D4F843D39AA1F644B2578B0EE, C4A8E569A253738AA7B7CDE8D0E987954D1DA6BE6F32D962BD458CA5275A5D76 ] klupd_klif_mark C:\WINDOWS\system32\Drivers\klupd_klif_mark.sys
22:00:37.0169 0x1884  klupd_klif_mark - ok
22:00:37.0216 0x1884  [ D7F0B46844565E2ED68AC99AF0F4263F, AB419CBC29F96703237127AC4178A5365D4CCA010BAB1BD66D100D635E6E89B8 ] klvssbrigde64  C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\x64\vssbridge64.exe
22:00:37.0216 0x1884  klvssbrigde64 - ok
22:00:37.0247 0x1884  [ 4C5305295B51BA72FC9C8CDAB32F95C3, 0E5850AC4CA14D971E7B04FED23CB2F6CEEE2796E905AADA0104677982ECD58A ] klwfp          C:\WINDOWS\system32\DRIVERS\klwfp.sys
22:00:37.0263 0x1884  klwfp - ok
22:00:37.0294 0x1884  [ EF1AFCADCA485B3846D7A8B71F87509B, C27B579742389ACD8804EC372CBA3C4FDFFB1A8AA6280AE1353BC089E8E34C76 ] Klwtp          C:\WINDOWS\system32\DRIVERS\klwtp.sys
22:00:37.0310 0x1884  Klwtp - ok
22:00:37.0357 0x1884  [ 67EFD862ACEFCB9687523832C62FA584, B3C9A36C535B706EB19E5C5437705E8C5EC71F45115A2C97E1348462EC2A3922 ] kneps          C:\WINDOWS\system32\DRIVERS\kneps.sys
22:00:37.0388 0x1884  kneps - ok
22:00:37.0450 0x1884  [ EFF5EA6088DB81C6EF6EDCDA5EE79909, 4D364B0BF012C335FA3B25BDF042D4AF672D961B9B48CB7C5BE34FCFD1D64979 ] KSDE1.0.0      C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 1.0\ksde.exe
22:00:37.0466 0x1884  KSDE1.0.0 - ok
22:00:37.0482 0x1884  KSecDD - ok
22:00:37.0528 0x1884  KSecPkg - ok
22:00:37.0544 0x1884  ksthunk - ok
22:00:37.0575 0x1884  KtmRm - ok
22:00:37.0591 0x1884  LanmanServer - ok
22:00:37.0622 0x1884  LanmanWorkstation - ok
22:00:37.0653 0x1884  lfsvc - ok
22:00:37.0685 0x1884  LicenseManager - ok
22:00:37.0716 0x1884  lltdio - ok
22:00:37.0732 0x1884  lltdsvc - ok
22:00:37.0763 0x1884  lmhosts - ok
22:00:37.0841 0x1884  [ 1CE3A27B6B0658F4242AB2DECE69704E, FB705D43554478FA438CE600DAD65C5885858ABF9FCB5D9CC6E5F7C87FD6A853 ] LMS            C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
22:00:37.0872 0x1884  LMS - ok
22:00:37.0919 0x1884  LSI_SAS - ok
22:00:37.0935 0x1884  LSI_SAS2i - ok
22:00:37.0966 0x1884  LSI_SAS3i - ok
22:00:37.0982 0x1884  LSI_SSS - ok
22:00:38.0013 0x1884  LSM - ok
22:00:38.0044 0x1884  luafv - ok
22:00:38.0060 0x1884  MapsBroker - ok
22:00:38.0278 0x1884  [ 40B02F6D4B331443CC7E879BCD87100F, ACF976DC9565A905F71EFE9A25516A0F1B128E70B961B8D8256F51474B1F78D7 ] mccspsvc        C:\Program Files\Common Files\McAfee\CSP\1.9.829.0\\McCSPServiceHost.exe
22:00:38.0450 0x1884  mccspsvc - ok
22:00:38.0482 0x1884  megasas - ok
22:00:38.0497 0x1884  megasas2i - ok
22:00:38.0528 0x1884  megasr - ok
22:00:38.0575 0x1884  [ 48F64A35BA9F2E4AC0587DDA555FF951, 77FE2BE86ADCE103F4220A641139C42B1407CF8EFFEB66F841ABF9CFC3621558 ] MEIx64          C:\WINDOWS\System32\drivers\TeeDriverW8x64.sys
22:00:38.0591 0x1884  MEIx64 - ok
22:00:38.0622 0x1884  MessagingService - ok
22:00:38.0732 0x1884  [ 22CE39824DECE03C8DEF8832F029E3ED, C036E7E28BD4B90B29AF5B389486836137DCF9AB371D9D98CB12AD06F4107015 ] mfeaack        C:\WINDOWS\system32\drivers\mfeaack.sys
22:00:38.0763 0x1884  mfeaack - ok
22:00:38.0825 0x1884  [ FB9188B17958E6DFE959D23281547605, A595D8D9A34BF390AA648883FCBAF38E96B896FAD43D97EA4F4DA791812626F2 ] mfeavfk        C:\WINDOWS\system32\drivers\mfeavfk.sys
22:00:38.0872 0x1884  mfeavfk - ok
22:00:38.0903 0x1884  [ 7257ECF649C19DCBEB3B5CFF5B9323EC, 1A0D0B2DDFD00628E891B5667143C8AFB698F21242574457E5222D7F6ACD5A61 ] mfeelamk        C:\WINDOWS\system32\drivers\mfeelamk.sys
22:00:38.0919 0x1884  mfeelamk - ok
22:00:38.0966 0x1884  [ 95A4DC60385F57418BD3361262D5F7C8, 5FAAE03B306710509E36A7B77DE9D36E4A1A38832403C29247E1A8B8C1D918B3 ] mfefire        C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe
22:00:38.0982 0x1884  mfefire - ok
22:00:39.0060 0x1884  [ A2163D325F01DA86E140C91D3560C95E, 49D94BA855746591E545A6C82690E5F0B228E43FDD5AE3940F2D62835BFD7A96 ] mfefirek        C:\WINDOWS\system32\drivers\mfefirek.sys
22:00:39.0107 0x1884  mfefirek - ok
22:00:39.0216 0x1884  [ C30A6CB5A1B908643EEE9651E94BFE92, 394CDE243A10E5AB91FF27E722E4E8E23B5AC50EEB2A8D6A7BDB37DB0A0E23FB ] mfehidk        C:\WINDOWS\system32\drivers\mfehidk.sys
22:00:39.0294 0x1884  mfehidk - ok
22:00:39.0372 0x1884  [ 8703CE0AF859D00B37254E1858E68B40, 09D27BEDA8290DB3C2FBC4CCD8AA86AA8761E9975EBEF0260CA9BB57468F4025 ] mfemms          C:\Program Files\Common Files\McAfee\SystemCore\\mfemms.exe
22:00:39.0403 0x1884  mfemms - ok
22:00:39.0482 0x1884  [ 34812CE00FAE95A6275D6B58072457F5, 23118A5E58F88AF5B8C5D4C15AEFA99C47D37A8E8C8FBF840DEEECC3C483AD8B ] mfencbdc        C:\WINDOWS\system32\DRIVERS\mfencbdc.sys
22:00:39.0528 0x1884  mfencbdc - ok
22:00:39.0560 0x1884  [ CF9D4FCA3A5C737DCF72B9F94BB0AC62, 8534DADB74EF745F50A1A148DE5CBAD573B890C604CDA08276CDE3D5C2E8788F ] mfencrk        C:\WINDOWS\system32\DRIVERS\mfencrk.sys
22:00:39.0575 0x1884  mfencrk - ok
22:00:39.0622 0x1884  [ 8DFE9C58B1509E3BBC6FD92B954204D9, 72D519AB2F5E3A335C61C1B632BB846FCD6406194EC36E965D52C1028E68FB33 ] mfevtp          C:\Windows\system32\mfevtps.exe
22:00:39.0669 0x1884  mfevtp - ok
22:00:39.0716 0x1884  [ ECDFB70AB9C0DC93E0A7AE4B0893E39F, 5021C95E01870C35A3B6A5423E8BA432B4CC2014B8C6B5FD766393A963C59C35 ] mfewfpk        C:\WINDOWS\system32\drivers\mfewfpk.sys
22:00:39.0747 0x1884  mfewfpk - ok
22:00:39.0763 0x1884  mlx4_bus - ok
22:00:39.0778 0x1884  MMCSS - ok
22:00:39.0810 0x1884  Modem - ok
22:00:39.0966 0x1884  [ DFB4BC8B5CD8C85D0BD9E608898901FB, AB3BB7FA2D23A5B7815E85F7A73E3F36E95D8FD895F76FA9936AD4C1DA1849EF ] ModuleCoreService C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe
22:00:40.0107 0x1884  ModuleCoreService - ok
22:00:40.0138 0x1884  monitor - ok
22:00:40.0153 0x1884  mouclass - ok
22:00:40.0185 0x1884  mouhid - ok
22:00:40.0200 0x1884  mountmgr - ok
22:00:40.0247 0x1884  [ ADF79A49E942C91D1FC9863CBFDD6B58, C2B2A792C4717133DCAE6297EE3F5D985B11D3C1E68A8DC23985AC6B78ACDE98 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
22:00:40.0278 0x1884  MozillaMaintenance - ok
22:00:40.0294 0x1884  mpsdrv - ok
22:00:40.0325 0x1884  MpsSvc - ok
22:00:40.0357 0x1884  MRxDAV - ok
22:00:40.0372 0x1884  mrxsmb - ok
22:00:40.0403 0x1884  mrxsmb10 - ok
22:00:40.0435 0x1884  mrxsmb20 - ok
22:00:40.0466 0x1884  MsBridge - ok
22:00:40.0497 0x1884  MSDTC - ok
22:00:40.0544 0x1884  Msfs - ok
22:00:40.0575 0x1884  msgpiowin32 - ok
22:00:40.0591 0x1884  mshidkmdf - ok
22:00:40.0622 0x1884  mshidumdf - ok
22:00:40.0638 0x1884  msisadrv - ok
22:00:40.0669 0x1884  MSiSCSI - ok
22:00:40.0700 0x1884  msiserver - ok
22:00:40.0732 0x1884  MSKSSRV - ok
22:00:40.0747 0x1884  MsLldp - ok
22:00:40.0778 0x1884  MSPCLOCK - ok
22:00:40.0810 0x1884  MSPQM - ok
22:00:40.0841 0x1884  MsRPC - ok
22:00:40.0857 0x1884  mssmbios - ok
22:00:40.0888 0x1884  MSTEE - ok
22:00:40.0903 0x1884  MTConfig - ok
22:00:40.0935 0x1884  Mup - ok
22:00:40.0966 0x1884  mvumis - ok
22:00:41.0013 0x1884  [ F1F6EE6C068CBDB80BAC43A79591F1F2, 39387A25ECFBFDD5B6A43A9A2CA2EC5703D0CCCFFE36C989B0E461B72C242D1C ] MyWiFiDHCPDNS  C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
22:00:41.0028 0x1884  MyWiFiDHCPDNS - ok
22:00:41.0060 0x1884  NativeWifiP - ok
22:00:41.0091 0x1884  NcaSvc - ok
22:00:41.0122 0x1884  NcbService - ok
22:00:41.0138 0x1884  NcdAutoSetup - ok
22:00:41.0153 0x1884  ndfltr - ok
22:00:41.0185 0x1884  NDIS - ok
22:00:41.0216 0x1884  NdisCap - ok
22:00:41.0232 0x1884  NdisImPlatform - ok
22:00:41.0263 0x1884  NdisTapi - ok
22:00:41.0278 0x1884  Ndisuio - ok
22:00:41.0294 0x1884  NdisVirtualBus - ok
22:00:41.0325 0x1884  NdisWan - ok
22:00:41.0357 0x1884  ndiswanlegacy - ok
22:00:41.0372 0x1884  ndproxy - ok
22:00:41.0403 0x1884  Ndu - ok
22:00:41.0419 0x1884  NetAdapterCx - ok
22:00:41.0450 0x1884  NetBIOS - ok
22:00:41.0497 0x1884  NetBT - ok
22:00:41.0513 0x1884  Netlogon - ok
22:00:41.0560 0x1884  Netman - ok
22:00:41.0575 0x1884  netprofm - ok
22:00:41.0607 0x1884  NetSetupSvc - ok
22:00:41.0638 0x1884  NetTcpPortSharing - ok
22:00:41.0763 0x1884  [ 9EE21F7D46BD2B0F128E0907BABC7D28, 158CE7A2D8FD23CDAB6DF8EF35F624DF85435D2DF273EABF128D46354E12238B ] NetUtils2016    C:\Windows\system32\drivers\NetUtils2016.sys
22:00:41.0857 0x1884  NetUtils2016 - ok
22:00:41.0888 0x1884  netvsc - ok
22:00:42.0341 0x1884  [ 93F9E44D6AA0FFDE901D53CEF389AADD, 6DBF20DD61F6BF478D3099343B23DC4F45D836192B4E3E95EF0CEAFD63799128 ] NETwNb64        C:\WINDOWS\System32\drivers\Netwbw02.sys
22:00:42.0732 0x1884  NETwNb64 - ok
22:00:43.0107 0x1884  [ 99C24A7DC1F3D4845553B4BD189274A0, 801C2A1F12E6F0D646E92C98477FCDB84C6743803CD7365B774B0F88EB650584 ] NETwNe64        C:\WINDOWS\System32\drivers\NETwew01.sys
22:00:43.0419 0x1884  NETwNe64 - ok
22:00:43.0450 0x1884  NgcCtnrSvc - ok
22:00:43.0482 0x1884  NgcSvc - ok
22:00:43.0513 0x1884  NlaSvc - ok
22:00:43.0544 0x1884  Npfs - ok
22:00:43.0560 0x1884  npsvctrig - ok
22:00:43.0591 0x1884  nsi - ok
22:00:43.0622 0x1884  nsiproxy - ok
22:00:43.0653 0x1884  NTFS - ok
22:00:43.0685 0x1884  Null - ok
22:00:43.0716 0x1884  nvraid - ok
22:00:43.0747 0x1884  nvstor - ok
22:00:43.0841 0x1884  [ 6EECE59EA8BF0FDA859E8D5962081EF2, 8F5A6F648269DBA616DAB1E34940CCE6BE25D0B8EB4C0BFB380FA626EF13A11F ] ogmservice      C:\Program Files (x86)\Online Games Manager\ogmservice.exe
22:00:43.0888 0x1884  ogmservice - ok
22:00:43.0919 0x1884  OneSyncSvc - ok
22:00:43.0982 0x1884  [ 5C12E1436BD6CC9ED022CA5335D4F1A0, CE323DE98A4328B348193B10867E16C840224559F391213590629360EFB5F33D ] ose            C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
22:00:43.0997 0x1884  ose - ok
22:00:44.0028 0x1884  p2pimsvc - ok
22:00:44.0044 0x1884  p2psvc - ok
22:00:44.0076 0x1884  Parport - ok
22:00:44.0107 0x1884  partmgr - ok
22:00:44.0138 0x1884  PcaSvc - ok
22:00:44.0154 0x1884  pci - ok
22:00:44.0185 0x1884  pciide - ok
22:00:44.0216 0x1884  pcmcia - ok
22:00:44.0247 0x1884  pcw - ok
22:00:44.0279 0x1884  pdc - ok
22:00:44.0310 0x1884  PEAUTH - ok
22:00:44.0435 0x1884  [ EDD4C63050ED1821B4C92D06FFD7180B, 33C6B54147771C813CD78CEF66C0A76CA50D9F1D13D41E6764310BF8C0D8D89D ] PEFService      C:\Program Files\Common Files\Intel Security\PEF\CORE\PEFService.exe
22:00:44.0513 0x1884  PEFService - ok
22:00:44.0544 0x1884  percsas2i - ok
22:00:44.0575 0x1884  percsas3i - ok
22:00:44.0685 0x1884  PerfHost - ok
22:00:44.0747 0x1884  PhoneSvc - ok
22:00:44.0779 0x1884  PimIndexMaintenanceSvc - ok
22:00:44.0825 0x1884  pla - ok
22:00:44.0841 0x1884  PlugPlay - ok
22:00:44.0872 0x1884  PNRPAutoReg - ok
22:00:44.0904 0x1884  PNRPsvc - ok
22:00:44.0935 0x1884  PolicyAgent - ok
22:00:44.0982 0x1884  Power - ok
22:00:45.0013 0x1884  PptpMiniport - ok
22:00:45.0044 0x1884  PrintNotify - ok
22:00:45.0075 0x1884  Processor - ok
22:00:45.0107 0x1884  ProfSvc - ok
22:00:45.0138 0x1884  Psched - ok
22:00:45.0169 0x1884  QWAVE - ok
22:00:45.0200 0x1884  QWAVEdrv - ok
22:00:45.0232 0x1884  RasAcd - ok
22:00:45.0263 0x1884  RasAgileVpn - ok
22:00:45.0294 0x1884  RasAuto - ok
22:00:45.0325 0x1884  Rasl2tp - ok
22:00:45.0357 0x1884  RasMan - ok
22:00:45.0388 0x1884  RasPppoe - ok
22:00:45.0419 0x1884  RasSstp - ok
22:00:45.0450 0x1884  rdbss - ok
22:00:45.0497 0x1884  rdpbus - ok
22:00:45.0529 0x1884  RDPDR - ok
22:00:45.0575 0x1884  RdpVideoMiniport - ok
22:00:45.0607 0x1884  rdyboost - ok
22:00:45.0638 0x1884  ReFSv1 - ok
22:00:45.0685 0x1884  [ B91EE7363FDC2B0CB1C5E6190B46F7DC, 650EE0262F2EE242D99A5BE013A64F76CA3537274C0B9313F9BD7741ACF38017 ] RegSrvc        C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
22:00:45.0700 0x1884  RegSrvc - ok
22:00:45.0747 0x1884  RemoteAccess - ok
22:00:45.0779 0x1884  RemoteRegistry - ok
22:00:45.0810 0x1884  RetailDemo - ok
22:00:45.0841 0x1884  RFCOMM - ok
22:00:45.0857 0x1884  RmSvc - ok
22:00:45.0888 0x1884  RpcEptMapper - ok
22:00:45.0919 0x1884  RpcLocator - ok
22:00:45.0950 0x1884  RpcSs - ok
22:00:45.0966 0x1884  rspndr - ok
22:00:46.0075 0x1884  [ 12A3D1530E3F67B8664EBA923A3981E4, 8670C39EB0A7C37C17D014A8917493B776DE0829B55EFED13D91B6FA7B81CA11 ] rt640x64        C:\WINDOWS\System32\drivers\rt640x64.sys
22:00:46.0169 0x1884  rt640x64 - ok
22:00:46.0482 0x1884  [ 924449B5A5A6AC96BBBED49915E40719, A72CBE9A23919911874CA66CA1B18B77F0B4BDA1C3592B60DB338F23A8FD83D6 ] rtsuvc          C:\WINDOWS\system32\DRIVERS\rtsuvc.sys
22:00:46.0763 0x1884  rtsuvc - ok
22:00:46.0794 0x1884  s3cap - ok
22:00:46.0825 0x1884  SamSs - ok
22:00:46.0857 0x1884  sbp2port - ok
22:00:46.0888 0x1884  SCardSvr - ok
22:00:46.0919 0x1884  ScDeviceEnum - ok
22:00:46.0950 0x1884  scfilter - ok
22:00:46.0966 0x1884  Schedule - ok
22:00:46.0997 0x1884  scmbus - ok
22:00:47.0029 0x1884  scmdisk0101 - ok
22:00:47.0060 0x1884  SCPolicySvc - ok
22:00:47.0075 0x1884  sdbus - ok
22:00:47.0107 0x1884  SDRSVC - ok
22:00:47.0138 0x1884  sdstor - ok
22:00:47.0169 0x1884  seclogon - ok
22:00:47.0200 0x1884  SENS - ok
22:00:47.0216 0x1884  SensorDataService - ok
22:00:47.0247 0x1884  SensorService - ok
22:00:47.0279 0x1884  SensorsHIDClassDriver - ok
22:00:47.0310 0x1884  SensrSvc - ok
22:00:47.0325 0x1884  SerCx - ok
22:00:47.0357 0x1884  SerCx2 - ok
22:00:47.0388 0x1884  Serenum - ok
22:00:47.0404 0x1884  Serial - ok
22:00:47.0435 0x1884  sermouse - ok
22:00:47.0513 0x1884  SessionEnv - ok
22:00:47.0544 0x1884  sfloppy - ok
22:00:47.0575 0x1884  SharedAccess - ok
22:00:47.0591 0x1884  ShellHWDetection - ok
22:00:47.0622 0x1884  shpamsvc - ok
22:00:47.0638 0x1884  SiSRaid2 - ok
22:00:47.0669 0x1884  SiSRaid4 - ok
22:00:47.0700 0x1884  smphost - ok
22:00:47.0732 0x1884  SmsRouter - ok
22:00:47.0779 0x1884  SNMPTRAP - ok
22:00:47.0794 0x1884  spaceport - ok
22:00:47.0825 0x1884  SpbCx - ok
22:00:47.0857 0x1884  Spooler - ok
22:00:47.0888 0x1884  sppsvc - ok
22:00:47.0919 0x1884  srv - ok
22:00:47.0950 0x1884  srv2 - ok
22:00:47.0966 0x1884  srvnet - ok
22:00:47.0997 0x1884  SSDPSRV - ok
22:00:48.0029 0x1884  SstpSvc - ok
22:00:48.0075 0x1884  [ 592FF34A2FD6C6351B8A3AA76B2C0A9E, 152B7472DE531AC45492F562DD470B2CE33F1EEF13BC78F26046AE5ABF54E32F ] ssudmdm        C:\WINDOWS\system32\DRIVERS\ssudmdm.sys
22:00:48.0091 0x1884  ssudmdm - ok
22:00:48.0122 0x1884  StateRepository - ok
22:00:48.0138 0x1884  stexstor - ok
22:00:48.0169 0x1884  stisvc - ok
22:00:48.0200 0x1884  storahci - ok
22:00:48.0232 0x1884  storflt - ok
22:00:48.0263 0x1884  stornvme - ok
22:00:48.0294 0x1884  storqosflt - ok
22:00:48.0310 0x1884  StorSvc - ok
22:00:48.0341 0x1884  storufs - ok
22:00:48.0372 0x1884  storvsc - ok
22:00:48.0404 0x1884  svsvc - ok
22:00:48.0419 0x1884  swenum - ok
22:00:48.0450 0x1884  swprv - ok
22:00:48.0482 0x1884  Synth3dVsc - ok
22:00:48.0513 0x1884  SysMain - ok
22:00:48.0544 0x1884  SystemEventsBroker - ok
22:00:48.0575 0x1884  TabletInputService - ok
22:00:48.0607 0x1884  TapiSrv - ok
22:00:48.0622 0x1884  Tcpip - ok
22:00:48.0654 0x1884  Tcpip6 - ok
22:00:48.0700 0x1884  tcpipreg - ok
22:00:48.0747 0x1884  tdx - ok
22:00:48.0763 0x1884  terminpt - ok
22:00:48.0794 0x1884  TermService - ok
22:00:48.0825 0x1884  Themes - ok
22:00:48.0857 0x1884  TieringEngineService - ok
22:00:48.0888 0x1884  tiledatamodelsvc - ok
22:00:48.0919 0x1884  TimeBrokerSvc - ok
22:00:48.0935 0x1884  TPM - ok
22:00:48.0966 0x1884  TrkWks - ok
22:00:48.0997 0x1884  TrustedInstaller - ok
22:00:49.0044 0x1884  tsusbflt - ok
22:00:49.0075 0x1884  TsUsbGD - ok
22:00:49.0107 0x1884  tunnel - ok
22:00:49.0122 0x1884  tzautoupdate - ok
22:00:49.0154 0x1884  UASPStor - ok
22:00:49.0185 0x1884  UcmCx0101 - ok
22:00:49.0216 0x1884  UcmTcpciCx0101 - ok
22:00:49.0247 0x1884  UcmUcsi - ok
22:00:49.0263 0x1884  Ucx01000 - ok
22:00:49.0294 0x1884  UdeCx - ok
22:00:49.0310 0x1884  udfs - ok
22:00:49.0341 0x1884  UEFI - ok
22:00:49.0372 0x1884  Ufx01000 - ok
22:00:49.0404 0x1884  UfxChipidea - ok
22:00:49.0435 0x1884  ufxsynopsys - ok
22:00:49.0482 0x1884  UI0Detect - ok
22:00:49.0513 0x1884  umbus - ok
22:00:49.0529 0x1884  UmPass - ok
22:00:49.0560 0x1884  UmRdpService - ok
22:00:49.0591 0x1884  UnistoreSvc - ok
22:00:49.0638 0x1884  upnphost - ok
22:00:49.0654 0x1884  UrsChipidea - ok
22:00:49.0685 0x1884  UrsCx01000 - ok
22:00:49.0716 0x1884  UrsSynopsys - ok
22:00:49.0747 0x1884  usbccgp - ok
22:00:49.0779 0x1884  usbcir - ok
22:00:49.0810 0x1884  usbehci - ok
22:00:49.0841 0x1884  usbhub - ok
22:00:49.0857 0x1884  USBHUB3 - ok
22:00:49.0888 0x1884  usbohci - ok
22:00:49.0919 0x1884  usbprint - ok
22:00:49.0950 0x1884  usbscan - ok
22:00:49.0966 0x1884  usbser - ok
22:00:49.0997 0x1884  USBSTOR - ok
22:00:50.0013 0x1884  usbuhci - ok
22:00:50.0044 0x1884  USBXHCI - ok
22:00:50.0075 0x1884  UserDataSvc - ok
22:00:50.0122 0x1884  UserManager - ok
22:00:50.0154 0x1884  UsoSvc - ok
22:00:50.0185 0x1884  VaultSvc - ok
22:00:50.0216 0x1884  vdrvroot - ok
22:00:50.0232 0x1884  vds - ok
22:00:50.0263 0x1884  VerifierExt - ok
22:00:50.0294 0x1884  vhdmp - ok
22:00:50.0325 0x1884  vhf - ok
22:00:50.0341 0x1884  vmbus - ok
22:00:50.0372 0x1884  VMBusHID - ok
22:00:50.0404 0x1884  vmgid - ok
22:00:50.0435 0x1884  vmicguestinterface - ok
22:00:50.0450 0x1884  vmicheartbeat - ok
22:00:50.0482 0x1884  vmickvpexchange - ok
22:00:50.0513 0x1884  vmicrdv - ok
22:00:50.0544 0x1884  vmicshutdown - ok
22:00:50.0575 0x1884  vmictimesync - ok
22:00:50.0607 0x1884  vmicvmsession - ok
22:00:50.0622 0x1884  vmicvss - ok
22:00:50.0654 0x1884  volmgr - ok
22:00:50.0685 0x1884  volmgrx - ok
22:00:50.0716 0x1884  volsnap - ok
22:00:50.0747 0x1884  volume - ok
22:00:50.0763 0x1884  vpci - ok
22:00:50.0794 0x1884  vsmraid - ok
22:00:50.0825 0x1884  VSS - ok
22:00:50.0857 0x1884  VSTXRAID - ok
22:00:50.0888 0x1884  vwifibus - ok
22:00:50.0919 0x1884  vwififlt - ok
22:00:50.0951 0x1884  vwifimp - ok
22:00:50.0966 0x1884  W32Time - ok
22:00:50.0997 0x1884  WacomPen - ok
22:00:51.0029 0x1884  WalletService - ok
22:00:51.0075 0x1884  wanarp - ok
22:00:51.0107 0x1884  wanarpv6 - ok
22:00:51.0138 0x1884  wbengine - ok
22:00:51.0169 0x1884  WbioSrvc - ok
22:00:51.0201 0x1884  wcifs - ok
22:00:51.0263 0x1884  Wcmsvc - ok
22:00:51.0279 0x1884  wcncsvc - ok
22:00:51.0310 0x1884  wcnfs - ok
22:00:51.0341 0x1884  WdBoot - ok
22:00:51.0357 0x1884  Wdf01000 - ok
22:00:51.0388 0x1884  WdFilter - ok
22:00:51.0419 0x1884  WdiServiceHost - ok
22:00:51.0482 0x1884  WdiSystemHost - ok
22:00:51.0529 0x1884  wdiwifi - ok
22:00:51.0560 0x1884  WdNisDrv - ok
22:00:51.0575 0x1884  WdNisSvc - ok
22:00:51.0607 0x1884  WebClient - ok
22:00:51.0638 0x1884  Wecsvc - ok
22:00:51.0669 0x1884  WEPHOSTSVC - ok
22:00:51.0700 0x1884  wercplsupport - ok
22:00:51.0747 0x1884  WerSvc - ok
22:00:51.0763 0x1884  WFPLWFS - ok
22:00:51.0794 0x1884  WiaRpc - ok
22:00:51.0825 0x1884  WIMMount - ok
22:00:51.0857 0x1884  WinDefend - ok
22:00:51.0935 0x1884  WindowsTrustedRT - ok
22:00:51.0966 0x1884  WindowsTrustedRTProxy - ok
22:00:51.0997 0x1884  WinHttpAutoProxySvc - ok
22:00:52.0029 0x1884  WinMad - ok
22:00:52.0060 0x1884  Winmgmt - ok
22:00:52.0091 0x1884  WinRM - ok
22:00:52.0154 0x1884  WINUSB - ok
22:00:52.0169 0x1884  WinVerbs - ok
22:00:52.0200 0x1884  wisvc - ok
22:00:52.0232 0x1884  WlanSvc - ok
22:00:52.0263 0x1884  wlidsvc - ok
22:00:52.0294 0x1884  WmiAcpi - ok
22:00:52.0341 0x1884  wmiApSrv - ok
22:00:52.0372 0x1884  WMPNetworkSvc - ok
22:00:52.0419 0x1884  [ 43C8D087B31C592163B33A4BDA540E40, 3A6C4E5E56931B29321DCC723585F2F0E804EF4DCDEAB2A8687F30FC3AE70E43 ] Wof            C:\WINDOWS\system32\drivers\Wof.sys
22:00:52.0451 0x1884  Wof - ok
22:00:52.0482 0x1884  workfolderssvc - ok
22:00:52.0513 0x1884  WPDBusEnum - ok
22:00:52.0544 0x1884  WpdUpFltr - ok
22:00:52.0560 0x1884  WpnService - ok
22:00:52.0591 0x1884  WpnUserService - ok
22:00:52.0638 0x1884  ws2ifsl - ok
22:00:52.0669 0x1884  wscsvc - ok
22:00:52.0700 0x1884  WSearch - ok
22:00:52.0747 0x1884  [ 72B4E9DF6456C43C42A1419B09486045, 536BA7377B5BEA7EA46864453933111DB88DB8FB689C68915ACD7261A996E61D ] wsvd            C:\WINDOWS\system32\DRIVERS\wsvd.sys
22:00:52.0763 0x1884  wsvd - ok
22:00:52.0794 0x1884  wuauserv - ok
22:00:52.0825 0x1884  WudfPf - ok
22:00:52.0857 0x1884  WUDFRd - ok
22:00:52.0888 0x1884  wudfsvc - ok
22:00:52.0904 0x1884  WUDFWpdFs - ok
22:00:52.0935 0x1884  WUDFWpdMtp - ok
22:00:52.0966 0x1884  WwanSvc - ok
22:00:53.0013 0x1884  XblAuthManager - ok
22:00:53.0044 0x1884  XblGameSave - ok
22:00:53.0076 0x1884  xboxgip - ok
22:00:53.0107 0x1884  XboxNetApiSvc - ok
22:00:53.0138 0x1884  xinputhid - ok
22:00:53.0185 0x1884  [ 1C051499D9D8952A1A2DB43A27550D0F, 330C6F21D928633424B1587BF2FFA8E418592836F6C286887745D6C851A15D51 ] ymc            C:\ProgramData\LenovoTransition\Server\x64\ymc.exe
22:00:53.0201 0x1884  ymc - ok
22:00:53.0607 0x1884  [ 65308E8DDBCA0A3D7A72E3404E194319, 93D51235D4CB50F3C73DE006843CB98B8940F92BBB84365443C9A31DEB2426A6 ] ZeroConfigService C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
22:00:53.0951 0x1884  ZeroConfigService - ok
22:00:53.0982 0x1884  ================ Scan global ===============================
22:00:54.0044 0x1884  [ Global ] - ok
22:00:54.0044 0x1884  ================ Scan MBR ==================================
22:00:54.0060 0x1884  [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk0\DR0
22:00:54.0107 0x1884  \Device\Harddisk0\DR0 - ok
22:00:54.0107 0x1884  ================ Scan VBR ==================================
22:00:54.0107 0x1884  [ FDD6257C6F01DC99E967D3AC83279FF9 ] \Device\Harddisk0\DR0\Partition1
22:00:54.0122 0x1884  \Device\Harddisk0\DR0\Partition1 - ok
22:00:54.0138 0x1884  [ 2A8D6B5E0E19D4ED5FDC24E53B4097E2 ] \Device\Harddisk0\DR0\Partition2
22:00:54.0138 0x1884  \Device\Harddisk0\DR0\Partition2 - ok
22:00:54.0154 0x1884  [ 12857D2196A20555591A3449D7583301 ] \Device\Harddisk0\DR0\Partition3
22:00:54.0169 0x1884  \Device\Harddisk0\DR0\Partition3 - ok
22:00:54.0169 0x1884  [ FCB43097861724941B019B69B3C462D4 ] \Device\Harddisk0\DR0\Partition4
22:00:54.0185 0x1884  \Device\Harddisk0\DR0\Partition4 - ok
22:00:54.0201 0x1884  [ 2F9C5DDD29EC85C8B5F73ED574143481 ] \Device\Harddisk0\DR0\Partition5
22:00:54.0216 0x1884  \Device\Harddisk0\DR0\Partition5 - ok
22:00:54.0232 0x1884  [ 488DDECCCC652DC7F4B0CF59FF7270A2 ] \Device\Harddisk0\DR0\Partition6
22:00:54.0232 0x1884  \Device\Harddisk0\DR0\Partition6 - ok
22:00:54.0247 0x1884  [ AF8FE7C55BF252B05E239D87FA128CDB ] \Device\Harddisk0\DR0\Partition7
22:00:54.0247 0x1884  \Device\Harddisk0\DR0\Partition7 - ok
22:00:54.0263 0x1884  ================ Scan generic autorun ======================
22:00:55.0951 0x1884  [ 27D32ED77BC7ABD9E87F0C3CFE99D84A, 2FF9C213022545A58EC0237E9EA234CC7B9B5347C88B42F94AD2EC08EBE6661B ] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
22:00:57.0388 0x1884  RtHDVCpl - ok
22:00:57.0622 0x1884  [ 78C48AD707AADA8E7692A5D58E7D6753, ECB5C795A637433ADD0851589B76807F2EB8E4C22392F7312F693A8806AB2782 ] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
22:00:57.0732 0x1884  RtHDVBg_Dolby - ok
22:00:57.0888 0x1884  [ 78C48AD707AADA8E7692A5D58E7D6753, ECB5C795A637433ADD0851589B76807F2EB8E4C22392F7312F693A8806AB2782 ] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
22:00:58.0013 0x1884  RtHDVBg_LENOVO_DOLBYDRAGON - ok
22:00:58.0169 0x1884  [ 78C48AD707AADA8E7692A5D58E7D6753, ECB5C795A637433ADD0851589B76807F2EB8E4C22392F7312F693A8806AB2782 ] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
22:00:58.0279 0x1884  RtHDVBg_LENOVO_MICPKEY - ok
22:00:58.0388 0x1884  [ 772123B2276B94C797659AEDC0D49943, 6ADD29D91EE5C510B2C7F788FBA034A45400EA25449C1826ABE1296553EF1CBD ] C:\Program Files\Lenovo\LenovoUtility\utility.exe
22:00:58.0451 0x1884  LenovoUtility - ok
22:00:58.0529 0x1884  [ 079511E999ACAB4B8CC08432F0363368, 05A2707AE075206E8913FE6249C0474FE350DCF61F4E8569904D7A8247F012BF ] c:\Program Files\Dolby\DDP_F3\ddpf3.exe
22:00:58.0607 0x1884  DDPF3 - ok
22:00:58.0638 0x1884  [ 03AE229AD0EC7BFDA3D2B37BA9E5799E, E22C1C0F78515595A27812459810774175100D4096D0F0E15812AD3761D1DCC9 ] C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe
22:00:58.0638 0x1884  IAStorIcon - ok
22:00:58.0747 0x1884  OneDriveSetup - ok
22:00:58.0763 0x1884  OneDriveSetup - ok
22:00:58.0935 0x1884  [ AAE92457F50F4DD74E2D502ADB9549EE, 70C8FBE410FE388D6B85334215EBE3393C16E8F8B19F5A8BA50DB6DF23196D50 ] C:\Users\Baby\AppData\Local\Microsoft\OneDrive\OneDrive.exe
22:00:59.0060 0x1884  OneDrive - ok
22:00:59.0122 0x1884  [ 88DBF6DF632CAD6B22186DA206829639, CB7FA8F321EDDFAA897E15C5ED212AFAD6469CAD88F966771FF2F824FDE50423 ] C:\Users\Baby\AppData\Roaming\OpenOffice Updater\Updater.exe
22:00:59.0154 0x1884  OpenOffice Updater - ok
22:00:59.0154 0x1884  Waiting for KSN requests completion. In queue: 9
22:01:00.0216 0x1884  AV detected via SS2: Kaspersky Total Security, C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\wmiav.exe ( 17.0.0.611 ), 0x41000 ( enabled : updated )
22:01:00.0216 0x1884  AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.10.14393.187 ), 0x60100 ( disabled : updated )
22:01:00.0232 0x1884  FW detected via SS2: Kaspersky Total Security, C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\wmiav.exe ( 17.0.0.611 ), 0x41010 ( enabled )
22:01:00.0451 0x1884  ============================================================
22:01:00.0451 0x1884  Scan finished
22:01:00.0451 0x1884  ============================================================
22:01:00.0482 0x2b68  Detected object count: 0
22:01:00.0482 0x2b68  Actual detected object count: 0
22:01:03.0966 0x2364  Deinitialize success

Reen96 03.03.2017 22:19
Hier FRST:
Code:
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 01-03-2017
durchgeführt von Baby (Administrator) auf DESKTOP-A10S929 (03-03-2017 21:57:09)
Gestartet von C:\Users\Baby\Desktop
Geladene Profile: Baby (Verfügbare Profile: Baby)
Platform: Windows 10 Home Version 1607 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Edge)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\avp.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(Intel Corporation) C:\Windows\System32\ibtsiva.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Lenovo) C:\ProgramData\LenovoTransition\Server\x64\ymc.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(RealNetworks, Inc.) C:\Program Files (x86)\Online Games Manager\ogmservice.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Intel Security, Inc.) C:\Program Files\Common Files\Intel Security\PEF\CORE\PEFService.exe
(Lenovo) C:\Program Files (x86)\Lenovo\CCSDK\CCSDK.exe
(Microsoft Corporation) C:\Windows\System32\Locator.exe
(Lenovo) C:\Program Files (x86)\Lenovo\GDCAgentSetupRed\GDCAgent.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 1.0\ksde.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\avpui.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 1.0\ksdeui.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDIntelligent.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
() C:\Windows\System32\igfxTray.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
() C:\Program Files\Lenovo\LenovoUtility\utility.exe
(Dolby Laboratories Inc.) C:\Program Files\Dolby\DDP_F3\ddpf3.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Lenovo) C:\Program Files (x86)\Lenovo\CCSDK\WinGather.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\CCSDK\CCSDKUpdateAgent.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\ImController\PluginHost\Lenovo.Modern.ImController.PluginHost.Device.exe
() C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1702.312.0_x64__8wekyb3d8bbwe\Calculator.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
() C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.214.10010.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.11.110.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(Lenovo Group Limited) C:\Program Files (x86)\Lenovo\ImController\PluginHost\Lenovo.Modern.ImController.PluginHost.SettingsApp.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
(Microsoft Corporation) C:\Windows\System32\browser_broker.exe
(Microsoft Corporation) C:\Windows\System32\InstallAgent.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\System32\DataExchangeHost.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil_ActiveX.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe

==================== Registry (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [16405744 2015-09-09] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1408752 2015-09-09] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_LENOVO_DOLBYDRAGON] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1408752 2015-09-09] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_LENOVO_MICPKEY] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1408752 2015-09-09] (Realtek Semiconductor)
HKLM\...\Run: [LenovoUtility] => C:\Program Files\Lenovo\LenovoUtility\utility.exe [791848 2016-10-19] ()
HKLM\...\Run: [DDPF3] => c:\Program Files\Dolby\DDP_F3\ddpf3.exe [746496 2014-11-03] (Dolby Laboratories Inc.)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [322472 2015-07-27] (Intel Corporation)
HKU\S-1-5-21-217730058-1440262021-2186221569-1001\...\Run: [OpenOffice Updater] => C:\Users\Baby\AppData\Roaming\OpenOffice Updater\Updater.exe [388000 2017-01-17] ()

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{0e253416-4c93-4cba-b265-67ee91b4e78f}: [DhcpNameServer] 8.8.8.8 8.8.4.4
Tcpip\..\Interfaces\{4c9f59fe-49fd-4b3d-8862-7d471cf81274}: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{e9f11131-d610-4ed4-aa54-5218b37a9faa}: [DhcpNameServer] 172.168.137.2

Internet Explorer:
==================
HKU\S-1-5-21-217730058-1440262021-2186221569-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://lenovo15.msn.com/?pc=LCTE
HKU\S-1-5-21-217730058-1440262021-2186221569-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo15.msn.com/?pc=LCTE
SearchScopes: HKU\S-1-5-21-217730058-1440262021-2186221569-1001 -> DefaultScope {7AD69B7E-3FA6-4429-B5DF-34879D0D7903} URL =
SearchScopes: HKU\S-1-5-21-217730058-1440262021-2186221569-1001 -> {7AD69B7E-3FA6-4429-B5DF-34879D0D7903} URL =
BHO: Kaspersky Protection -> {2E38825B-8815-42CF-9126-C58BC28D4591} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\x64\IEExt\ie_plugin.dll [2017-01-13] (AO Kaspersky Lab)
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2017-01-29] (Microsoft Corporation)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2017-01-29] (Microsoft Corporation)
BHO-x32: Kaspersky Protection -> {2E38825B-8815-42CF-9126-C58BC28D4591} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\IEExt\ie_plugin.dll [2017-01-13] (AO Kaspersky Lab)
Toolbar: HKLM - Kaspersky Protection Toolbar - {093F479D-712E-46CD-9E06-62E734A05F68} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\x64\IEExt\ie_plugin.dll [2017-01-13] (AO Kaspersky Lab)
Toolbar: HKLM-x32 - Kaspersky Protection Toolbar - {093F479D-712E-46CD-9E06-62E734A05F68} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\IEExt\ie_plugin.dll [2017-01-13] (AO Kaspersky Lab)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-01-29] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-01-29] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-01-29] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-01-29] (Microsoft Corporation)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\PROGRA~2\mcafee\msc\mcsniepl.dll Keine Datei

Edge:
======
Edge HomeButtonPage: HKU\S-1-5-21-217730058-1440262021-2186221569-1001 -> hxxp://www.google.de/

FireFox:
========
FF ProfilePath: C:\Users\Baby\AppData\Roaming\Mozilla\Firefox\Profiles\nqqia258.default [2017-03-03]
FF Extension: (SHA-1 deprecation staged rollout) - C:\Users\Baby\AppData\Roaming\Mozilla\Firefox\Profiles\nqqia258.default\features\{205ac0c8-04b7-4934-a6da-4a58e36a3694}\disableSHA1rollout@mozilla.org.xpi [2017-02-19]
FF HKLM\...\Firefox\Extensions: [light_plugin_F6F079488B53499DB99380A7E11A93F6@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\FFExt\light_plugin_firefox\addon.xpi
FF Extension: (Kaspersky Protection) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\FFExt\light_plugin_firefox\addon.xpi [2017-01-13]
FF HKLM-x32\...\Firefox\Extensions: [light_plugin_F6F079488B53499DB99380A7E11A93F6@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\FFExt\light_plugin_firefox\addon.xpi
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK => nicht gefunden
FF Plugin: @mcafee.com/MSC,version=10 -> c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL [Keine Datei]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.68 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-04-21] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2015-04-21] (Intel Corporation)
FF Plugin-x32: @mcafee.com/MSC,version=10 -> c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL [Keine Datei]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2017-01-29] (Microsoft Corporation)

Chrome:
=======
CHR HKLM\...\Chrome\Extension: [fhoibnponjcgjgcnfacekaijdbbplhib] - hxxps://chrome.google.com/webstore/detail/fhoibnponjcgjgcnfacekaijdbbplhib
CHR HKLM-x32\...\Chrome\Extension: [fhoibnponjcgjgcnfacekaijdbbplhib] - hxxps://chrome.google.com/webstore/detail/fhoibnponjcgjgcnfacekaijdbbplhib

==================== Dienste (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 AVP17.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\avp.exe [241544 2016-06-28] (AO Kaspersky Lab)
R2 CCSDK; C:\Program Files (x86)\Lenovo\CCSDK\CCSDK.exe [680288 2016-12-06] (Lenovo)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [3704520 2017-02-18] (Microsoft Corporation)
S3 ElfoService; C:\Program Files (x86)\ElsterFormular Update Service\bin\ElfoService.exe [1283376 2017-02-28] ()
R2 ETDService; C:\Program Files\Elantech\ETDService.exe [134888 2015-12-17] (ELAN Microelectronics Corp.)
R2 GDCAgent; C:\Program Files (x86)\Lenovo\GDCAgentSetupRed\GDCAgent.exe [1155512 2015-07-29] (Lenovo)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [18856 2015-07-27] (Intel Corporation)
R2 igfxCUIService2.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [350312 2015-08-16] (Intel Corporation)
R2 ImControllerService; C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [61768 2017-02-15] (Lenovo Group Limited)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [881152 2015-05-22] (Intel(R) Corporation)
R3 Intel(R) Security Assist; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe [335872 2015-05-19] (Intel Corporation) [Datei ist nicht signiert]
S2 isaHelperSvc; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe [7680 2015-05-19] () [Datei ist nicht signiert]
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [223520 2015-07-10] (Intel Corporation)
S3 klvssbrigde64; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\x64\vssbridge64.exe [77328 2016-06-28] (AO Kaspersky Lab)
R2 KSDE1.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 1.0\ksde.exe [241544 2016-06-28] (AO Kaspersky Lab)
S2 mccspsvc; C:\Program Files\Common Files\McAfee\CSP\1.9.829.0\\McCSPServiceHost.exe [1910000 2016-05-31] (McAfee, Inc.)
S3 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [232688 2016-04-26] (McAfee, Inc.)
R2 mfemms; C:\Program Files\Common Files\McAfee\SystemCore\\mfemms.exe [382456 2016-08-02] (McAfee, Inc.)
R2 mfevtp; C:\Windows\system32\mfevtps.exe [277744 2016-04-26] (McAfee, Inc.)
R2 ModuleCoreService; C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe [1454216 2016-09-13] (McAfee, Inc.)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [268192 2015-08-13] ()
R2 ogmservice; C:\Program Files (x86)\Online Games Manager\ogmservice.exe [582544 2016-07-13] (RealNetworks, Inc.)
R2 PEFService; C:\Program Files\Common Files\Intel Security\PEF\CORE\PEFService.exe [1045336 2016-05-25] (Intel Security, Inc.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347328 2016-07-16] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103720 2016-07-16] (Microsoft Corporation)
R2 ymc; C:\ProgramData\LenovoTransition\Server\x64\ymc.exe [38328 2015-12-02] (Lenovo)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3831712 2015-08-13] (Intel® Corporation)
R2 ibtsiva; %SystemRoot%\system32\ibtsiva [X]

===================== Treiber (Nicht auf der Ausnahmeliste) ======================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S3 cfwids; C:\WINDOWS\system32\drivers\cfwids.sys [78632 2016-08-02] (McAfee, Inc.)
R0 cm_km; C:\WINDOWS\System32\DRIVERS\cm_km.sys [238936 2016-06-10] (AO Kaspersky Lab)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131712 2016-09-05] (Samsung Electronics Co., Ltd.)
R3 ETDSMBus; C:\WINDOWS\system32\DRIVERS\ETDSMBus.sys [30808 2015-12-17] (ELAN Microelectronic Corp.)
S3 HipShieldK; C:\WINDOWS\System32\drivers\HipShieldK.sys [216704 2016-08-02] (McAfee, Inc.)
R3 iaLPSS_GPIO; C:\WINDOWS\System32\drivers\iaLPSS_GPIO.sys [46856 2015-06-15] (Intel Corporation)
R3 ibtusb; C:\WINDOWS\system32\DRIVERS\ibtusb.sys [231168 2017-01-13] (Intel Corporation)
R0 kl1; C:\WINDOWS\System32\DRIVERS\kl1.sys [554416 2016-06-02] (AO Kaspersky Lab)
R0 klbackupdisk; C:\WINDOWS\System32\DRIVERS\klbackupdisk.sys [63920 2016-06-07] (AO Kaspersky Lab)
R1 klbackupflt; C:\WINDOWS\System32\DRIVERS\klbackupflt.sys [86352 2016-06-15] (AO Kaspersky Lab)
R2 kldisk; C:\WINDOWS\system32\DRIVERS\kldisk.sys [78216 2016-05-31] (AO Kaspersky Lab)
S0 klelam; C:\WINDOWS\System32\DRIVERS\klelam.sys [28792 2016-03-31] (AO Kaspersky Lab)
R3 klflt; C:\WINDOWS\system32\DRIVERS\klflt.sys [191312 2016-06-26] (AO Kaspersky Lab)
R1 klhk; C:\WINDOWS\System32\drivers\klhk.sys [435032 2017-01-13] (AO Kaspersky Lab)
R3 klids; C:\ProgramData\Kaspersky Lab\AVP17.0.0\Bases\klids.sys [182360 2017-01-13] (AO Kaspersky Lab)
R1 KLIF; C:\WINDOWS\System32\DRIVERS\klif.sys [1019616 2017-01-13] (AO Kaspersky Lab)
R1 KLIM6; C:\WINDOWS\system32\DRIVERS\klim6.sys [57424 2017-02-14] (AO Kaspersky Lab)
R3 klkbdflt; C:\WINDOWS\system32\DRIVERS\klkbdflt.sys [52136 2016-05-19] (AO Kaspersky Lab)
R3 klmouflt; C:\WINDOWS\system32\DRIVERS\klmouflt.sys [41656 2015-06-07] (Kaspersky Lab ZAO)
R1 klpd; C:\WINDOWS\System32\DRIVERS\klpd.sys [45488 2016-05-31] (AO Kaspersky Lab)
R3 kltap; C:\WINDOWS\System32\drivers\kltap.sys [52152 2016-06-07] (The OpenVPN Project)
R0 klupd_klif_arkmon; C:\WINDOWS\System32\Drivers\klupd_klif_arkmon.sys [218920 2017-01-13] (AO Kaspersky Lab)
R3 klupd_klif_kimul; C:\WINDOWS\System32\Drivers\klupd_klif_kimul.sys [85984 2017-01-13] ()
R3 klupd_klif_klark; C:\WINDOWS\System32\Drivers\klupd_klif_klark.sys [245512 2017-01-13] (AO Kaspersky Lab)
R0 klupd_klif_klbg; C:\WINDOWS\System32\Drivers\klupd_klif_klbg.sys [104720 2017-01-13] (AO Kaspersky Lab)
R3 klupd_klif_mark; C:\WINDOWS\System32\Drivers\klupd_klif_mark.sys [164888 2017-01-13] (AO Kaspersky Lab)
R1 klwfp; C:\WINDOWS\system32\DRIVERS\klwfp.sys [85320 2016-06-18] (AO Kaspersky Lab)
R1 Klwtp; C:\WINDOWS\system32\DRIVERS\klwtp.sys [134880 2017-01-13] (AO Kaspersky Lab)
R1 kneps; C:\WINDOWS\system32\DRIVERS\kneps.sys [194480 2016-06-14] (AO Kaspersky Lab)
R3 mfeaack; C:\WINDOWS\system32\drivers\mfeaack.sys [419624 2016-08-02] (McAfee, Inc.)
R3 mfeavfk; C:\WINDOWS\System32\drivers\mfeavfk.sys [349480 2016-08-02] (McAfee, Inc.)
S0 mfeelamk; C:\WINDOWS\System32\drivers\mfeelamk.sys [83608 2016-08-02] (McAfee, Inc.)
R3 mfefirek; C:\WINDOWS\system32\drivers\mfefirek.sys [493352 2016-08-02] (McAfee, Inc.)
R0 mfehidk; C:\WINDOWS\System32\drivers\mfehidk.sys [843048 2016-08-02] (McAfee, Inc.)
R3 mfencbdc; C:\WINDOWS\System32\DRIVERS\mfencbdc.sys [519456 2016-08-01] (McAfee, Inc.)
S3 mfencrk; C:\WINDOWS\System32\DRIVERS\mfencrk.sys [100136 2016-08-01] (McAfee, Inc.)
R0 mfewfpk; C:\WINDOWS\System32\drivers\mfewfpk.sys [243496 2016-08-02] (McAfee, Inc.)
S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
U1 NetUtils2016; C:\Windows\system32\drivers\NetUtils2016.sys [909944 2017-01-30] () <==== ACHTUNG
R3 NETwNb64; C:\WINDOWS\System32\drivers\Netwbw02.sys [4103920 2015-08-23] (Intel Corporation)
S3 NETwNe64; C:\WINDOWS\System32\drivers\NETwew01.sys [3343872 2015-10-30] (Intel Corporation)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [886528 2015-05-29] (Realtek                                            )
R3 rtsuvc; C:\WINDOWS\system32\DRIVERS\rtsuvc.sys [3049176 2015-05-29] (Realtek Semiconductor Corp.)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [165504 2016-09-05] (Samsung Electronics Co., Ltd.)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)
S3 wsvd; C:\WINDOWS\system32\DRIVERS\wsvd.sys [102376 2012-06-13] ("CyberLink)

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2017-03-03 21:57 - 2017-03-03 21:58 - 00021310 _____ C:\Users\Baby\Desktop\FRST.txt
2017-03-03 21:56 - 2017-03-03 21:57 - 00000000 ____D C:\FRST
2017-03-03 21:55 - 2017-03-03 21:56 - 02423808 _____ (Farbar) C:\Users\Baby\Desktop\FRST64.exe
2017-03-03 20:59 - 2017-03-03 21:00 - 00181760 _____ C:\TDSSKiller.3.1.0.12_03.03.2017_20.59.47_log.txt
2017-03-03 20:59 - 2017-03-03 20:59 - 04747704 _____ (AO Kaspersky Lab) C:\Users\Baby\Desktop\tdsskiller.exe
2017-03-03 20:53 - 2017-03-03 20:53 - 00024402 _____ C:\Users\Baby\Desktop\ESt2014_Lüke_Sebastian.elfo
2017-03-03 20:53 - 2017-03-03 20:53 - 00010002 _____ C:\Users\Baby\Desktop\ESt2013_Lüke_Sebastian.elfo
2017-03-03 20:52 - 2017-03-03 20:52 - 00024706 _____ C:\Users\Baby\Desktop\ESt2015_Lüke_Sebastian.elfo
2017-03-03 20:52 - 2017-03-03 20:52 - 00020658 _____ C:\Users\Baby\Desktop\ESt2016_Lüke_Sebastian.elfo
2017-03-02 20:59 - 2017-03-02 20:59 - 00000000 ____D C:\WINDOWS\LastGood.Tmp
2017-03-02 20:07 - 2017-03-02 20:07 - 1134936728 _____ C:\WINDOWS\MEMORY.DMP
2017-03-02 20:07 - 2017-03-02 20:07 - 00436516 _____ C:\WINDOWS\Minidump\030217-26859-01.dmp
2017-03-02 20:07 - 2017-03-02 20:07 - 00000000 ____D C:\WINDOWS\Minidump
2017-03-02 20:00 - 2017-03-03 20:55 - 00000000 ____D C:\AdwCleaner
2017-03-02 20:00 - 2017-03-02 20:00 - 04031440 _____ C:\Users\Baby\Desktop\adwcleaner_6.044.exe
2017-03-02 19:09 - 2017-03-02 19:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ElsterFormular
2017-03-02 19:09 - 2017-03-02 19:09 - 00000000 ____D C:\Program Files (x86)\ElsterFormular Update Service
2017-03-02 16:35 - 2017-03-02 16:35 - 00000000 ___HD C:\OneDriveTemp
2017-02-28 20:03 - 2017-02-28 20:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2017-02-28 20:03 - 2017-02-28 20:03 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2017-02-28 20:03 - 2017-02-28 20:03 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2017-02-28 20:02 - 2017-02-28 20:03 - 13165792 _____ (Microsoft Corporation) C:\Users\Baby\Downloads\Silverlight_x64.exe
2017-02-26 11:13 - 2017-02-26 11:13 - 00000000 ____D C:\Users\Baby\eTeks
2017-02-26 11:03 - 2017-02-26 11:03 - 00000982 _____ C:\Users\Baby\Desktop\Sweet Home 3D.lnk
2017-02-26 11:03 - 2017-02-26 11:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eTeks Sweet Home 3D
2017-02-26 11:03 - 2017-02-26 11:03 - 00000000 ____D C:\Program Files\Sweet Home 3D
2017-02-26 11:02 - 2017-02-26 11:03 - 42772656 _____ (eTeks ) C:\Users\Baby\Downloads\SweetHome3D-5.4-windows.exe
2017-02-24 15:48 - 2017-02-24 15:48 - 00047792 _____ C:\Users\Baby\Desktop\komprimierte Steuererklaerung_ESt2015_Schneider_Nicole.pdf
2017-02-24 15:48 - 2017-02-24 15:48 - 00047477 _____ C:\Users\Baby\Desktop\komprimierte Steuererklaerung_ESt2016_Schneider_Nicole.pdf
2017-02-24 15:47 - 2017-02-24 15:47 - 00075442 _____ C:\Users\Baby\Desktop\ESt2015_Schneider_Nicole.elfo
2017-02-24 15:45 - 2017-02-24 15:45 - 00091538 _____ C:\Users\Baby\Desktop\ESt2016_Schneider_Nicole.elfo
2017-02-21 10:20 - 2017-02-21 10:20 - 00014230 _____ C:\Users\Baby\Documents\Gesamteinkommen_Elternzeit.odt
2017-02-21 09:59 - 2017-02-21 09:59 - 00051666 _____ C:\Users\Baby\Downloads\Besoldungstabellen_2017.pdf
2017-02-20 20:47 - 2017-02-20 20:47 - 00000000 ____D C:\Users\Baby\AppData\Roaming\OpenOffice
2017-02-20 20:46 - 2017-02-20 20:47 - 00013313 _____ C:\Users\Baby\Downloads\Kostenerstattung_KV_Vanessa.odt
2017-02-20 20:46 - 2017-02-20 20:46 - 00001132 _____ C:\Users\Public\Desktop\OpenOffice 4.1.3.lnk
2017-02-20 20:46 - 2017-02-20 20:46 - 00000000 ___SD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.3
2017-02-20 20:45 - 2017-02-20 20:46 - 00000000 ____D C:\Program Files (x86)\OpenOffice 4
2017-02-20 20:44 - 2017-02-21 09:04 - 00000000 ____D C:\Users\Baby\AppData\Roaming\OpenOffice Updater
2017-02-20 20:44 - 2017-02-20 20:44 - 00000000 ____D C:\Users\Baby\Desktop\OpenOffice 4.1.3 (de) Installation Files
2017-02-20 20:37 - 2017-02-20 20:43 - 171801456 _____ C:\Users\Baby\Downloads\OpenOffice_4.1.3_Win_x86_install_de(1).exe
2017-02-20 20:25 - 2017-02-20 20:32 - 171801456 _____ C:\Users\Baby\Downloads\OpenOffice_4.1.3_Win_x86_install_de.exe
2017-02-20 20:17 - 2017-02-20 20:17 - 00013313 _____ C:\Users\Baby\Downloads\Kostenerstattung_KV_Vanessa (1).odt
2017-02-19 19:23 - 2017-03-03 18:55 - 00000000 ____D C:\Users\Baby\AppData\LocalLow\Mozilla
2017-02-19 19:23 - 2017-02-19 19:29 - 00000000 ____D C:\Users\Baby\AppData\Local\Mozilla
2017-02-19 19:23 - 2017-02-19 19:23 - 00001235 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2017-02-19 19:23 - 2017-02-19 19:23 - 00001223 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2017-02-19 19:23 - 2017-02-19 19:23 - 00000000 ____D C:\Users\Baby\AppData\Roaming\Mozilla
2017-02-19 19:23 - 2017-02-19 19:23 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2017-02-19 19:22 - 2017-02-19 19:23 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2017-02-19 19:20 - 2017-02-19 19:20 - 00245600 _____ C:\Users\Baby\Downloads\Firefox Setup Stub 51.0.1.exe
2017-02-17 19:26 - 2016-12-21 08:08 - 00142848 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe
2017-02-17 19:26 - 2016-12-21 05:44 - 00120320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\poqexec.exe
2017-02-17 19:12 - 2017-02-17 19:12 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
2017-02-15 20:26 - 2017-02-15 20:26 - 00257864 _____ (Lenovo Group Limited) C:\WINDOWS\system32\iMDriverHelper.dll
2017-02-15 18:32 - 2016-12-21 08:43 - 04130440 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2017-02-15 18:32 - 2016-12-21 08:43 - 01454504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetsrc.dll
2017-02-15 18:32 - 2016-12-21 08:43 - 01071736 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetcore.dll
2017-02-15 18:32 - 2016-12-21 08:42 - 01988560 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2017-02-15 18:32 - 2016-12-21 08:42 - 01702392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
2017-02-15 18:32 - 2016-12-21 08:42 - 01300600 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2017-02-15 18:32 - 2016-12-21 08:08 - 00360448 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpencom.dll
2017-02-15 18:32 - 2016-12-21 08:06 - 06285312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2017-02-15 18:32 - 2016-12-21 07:56 - 00936960 _____ (Microsoft Corporation) C:\WINDOWS\system32\MCRecvSrc.dll
2017-02-15 18:32 - 2016-12-21 07:53 - 04474368 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_47.dll
2017-02-15 18:32 - 2016-12-21 07:51 - 08075776 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2017-02-15 18:32 - 2016-12-21 07:51 - 05611008 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll
2017-02-15 18:32 - 2016-12-21 06:09 - 00263472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Storage.ApplicationData.dll
2017-02-15 18:32 - 2016-12-21 05:41 - 00253952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.BioFeedback.dll
2017-02-15 18:32 - 2016-12-21 05:40 - 00557568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll
2017-02-15 18:32 - 2016-12-21 05:39 - 00223232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgentUserBroker.exe
2017-02-15 18:32 - 2016-12-21 05:22 - 01883648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
2017-02-15 18:32 - 2016-12-14 06:41 - 01235296 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2017-02-15 18:32 - 2016-12-14 05:48 - 01631232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll
2017-02-15 18:32 - 2016-12-14 05:44 - 00114688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netvsc.sys
2017-02-15 18:32 - 2016-12-14 05:38 - 17188864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2017-02-15 18:32 - 2016-12-14 05:38 - 00213504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.CredDialogController.dll
2017-02-15 18:32 - 2016-12-14 05:23 - 03134976 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcore.dll
2017-02-15 18:32 - 2016-12-09 11:42 - 01637728 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2017-02-15 18:32 - 2016-12-09 11:42 - 00137568 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2017-02-15 18:32 - 2016-12-09 11:29 - 02681200 _____ C:\WINDOWS\system32\CoreUIComponents.dll
2017-02-15 18:32 - 2016-12-09 11:20 - 02677544 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10warp.dll
2017-02-15 18:32 - 2016-12-09 11:18 - 01100128 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2017-02-15 18:32 - 2016-12-09 11:18 - 00989024 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2017-02-15 18:32 - 2016-12-09 11:18 - 00947552 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.efi
2017-02-15 18:32 - 2016-12-09 11:18 - 00811872 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.exe
2017-02-15 18:32 - 2016-12-09 11:01 - 00861024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2017-02-15 18:32 - 2016-12-09 10:56 - 00959112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2017-02-15 18:32 - 2016-12-09 10:52 - 01415752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2017-02-15 18:32 - 2016-12-09 10:41 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WordBreakers.dll
2017-02-15 18:32 - 2016-12-09 10:33 - 03777536 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2017-02-15 18:32 - 2016-12-09 10:18 - 02138112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll
2017-02-15 18:32 - 2016-12-09 10:16 - 00353280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TextInputFramework.dll
2017-02-15 18:32 - 2016-12-09 10:15 - 00206848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Core.TextInput.dll
2017-02-15 18:32 - 2016-12-09 10:15 - 00092672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputLocaleManager.dll
2017-02-15 18:32 - 2016-12-09 10:15 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EditBufferTestHook.dll
2017-02-15 18:32 - 2016-12-09 09:54 - 00483840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2017-02-15 18:32 - 2016-11-11 11:08 - 00142176 _____ (Microsoft Corporation) C:\WINDOWS\system32\migisol.dll
2017-02-15 18:32 - 2016-11-11 11:02 - 02828376 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll
2017-02-15 18:32 - 2016-11-11 11:01 - 00637400 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2017-02-15 18:32 - 2016-11-11 11:00 - 00219488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tpm.sys
2017-02-15 18:32 - 2016-11-11 10:57 - 01473048 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2017-02-15 18:32 - 2016-11-11 10:56 - 01062480 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2017-02-15 18:32 - 2016-11-11 10:56 - 00126568 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfaudiocnv.dll
2017-02-15 18:32 - 2016-11-11 10:51 - 00454592 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe
2017-02-15 18:32 - 2016-11-11 10:26 - 00034816 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReAgentc.exe
2017-02-15 18:32 - 2016-11-11 10:24 - 00110080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.BackgroundTransfer.BackgroundManagerPolicy.dll
2017-02-15 18:32 - 2016-11-11 10:24 - 00098304 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2017-02-15 18:32 - 2016-11-11 10:18 - 00967168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2017-02-15 18:32 - 2016-11-11 10:18 - 00278016 _____ (Microsoft Corporation) C:\WINDOWS\system32\netplwiz.dll
2017-02-15 18:32 - 2016-11-11 10:16 - 00560128 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppReadiness.dll
2017-02-15 18:32 - 2016-11-11 10:14 - 00178176 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppnp.dll
2017-02-15 18:32 - 2016-11-11 10:11 - 00870400 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmkvsrcsnk.dll
2017-02-15 18:32 - 2016-11-11 10:09 - 00164352 _____ (Microsoft Corporation) C:\WINDOWS\system32\dialserver.dll
2017-02-15 18:32 - 2016-11-11 10:07 - 01691136 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitstatic.exe
2017-02-15 18:32 - 2016-11-11 10:04 - 02800128 _____ (Microsoft Corporation) C:\WINDOWS\system32\netshell.dll
2017-02-15 18:32 - 2016-11-11 10:04 - 01359360 _____ (Microsoft Corporation) C:\WINDOWS\system32\usercpl.dll
2017-02-15 18:32 - 2016-11-11 10:03 - 02287616 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2017-02-15 18:32 - 2016-11-11 08:47 - 05722832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2017-02-15 18:32 - 2016-11-11 08:47 - 01430720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2017-02-15 18:32 - 2016-11-11 08:38 - 01263856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2017-02-15 18:32 - 2016-11-11 08:25 - 00117248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapsBtSvc.dll
2017-02-15 18:32 - 2016-11-11 08:25 - 00071168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MosStorage.dll
2017-02-15 18:32 - 2016-11-11 08:24 - 00138240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DisplayManager.dll
2017-02-15 18:32 - 2016-11-11 08:21 - 00332288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapConfiguration.dll
2017-02-15 18:32 - 2016-11-11 08:19 - 00284672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apprepsync.dll
2017-02-15 18:32 - 2016-11-11 08:19 - 00125952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apprepapi.dll
2017-02-15 18:32 - 2016-11-11 08:18 - 02333184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmSvc.dll
2017-02-15 18:32 - 2016-11-11 08:16 - 00253952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2017-02-15 18:32 - 2016-11-11 08:15 - 01357824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll
2017-02-15 18:32 - 2016-11-11 08:12 - 00259584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msdtcuiu.dll
2017-02-15 18:32 - 2016-11-11 08:10 - 06109184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll
2017-02-15 18:32 - 2016-11-11 08:09 - 05380608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2017-02-15 18:32 - 2016-11-11 08:06 - 02362880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapRouter.dll
2017-02-15 18:32 - 2016-11-11 08:06 - 02109952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapGeocoder.dll
2017-02-15 18:32 - 2016-11-11 08:04 - 00715264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapControlCore.dll
2017-02-15 18:31 - 2016-12-21 09:08 - 00245600 _____ (Microsoft Corporation) C:\WINDOWS\system32\offlinesam.dll
2017-02-15 18:31 - 2016-12-21 09:08 - 00136032 _____ (Microsoft Corporation) C:\WINDOWS\system32\ImplatSetup.dll
2017-02-15 18:31 - 2016-12-21 08:46 - 00624048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2017-02-15 18:31 - 2016-12-21 08:42 - 22224480 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2017-02-15 18:31 - 2016-12-21 08:41 - 01600632 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2017-02-15 18:31 - 2016-12-21 08:15 - 22563840 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2017-02-15 18:31 - 2016-12-21 08:05 - 00261632 _____ (Microsoft Corporation) C:\WINDOWS\system32\indexeddbserver.dll
2017-02-15 18:31 - 2016-12-21 08:01 - 09131008 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2017-02-15 18:31 - 2016-12-21 07:59 - 01908224 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2017-02-15 18:31 - 2016-12-21 07:59 - 00883712 _____ (Microsoft Corporation) C:\WINDOWS\system32\samsrv.dll
2017-02-15 18:31 - 2016-12-21 07:58 - 23678464 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2017-02-15 18:31 - 2016-12-21 07:55 - 08129536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2017-02-15 18:31 - 2016-12-21 07:55 - 04749312 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2017-02-15 18:31 - 2016-12-21 07:50 - 01490432 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2017-02-15 18:31 - 2016-12-21 06:59 - 00218976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offlinesam.dll
2017-02-15 18:31 - 2016-12-21 06:01 - 20969928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2017-02-15 18:31 - 2016-12-21 05:43 - 00285184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.BlockedShutdown.dll
2017-02-15 18:31 - 2016-12-21 05:40 - 00180224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
2017-02-15 18:31 - 2016-12-21 05:38 - 00866816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Cred.dll
2017-02-15 18:31 - 2016-12-21 05:35 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\indexeddbserver.dll
2017-02-15 18:31 - 2016-12-21 05:34 - 07626752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2017-02-15 18:31 - 2016-12-21 05:33 - 19413504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2017-02-15 18:31 - 2016-12-21 05:32 - 19417600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2017-02-15 18:31 - 2016-12-21 05:30 - 05398016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aclui.dll
2017-02-15 18:31 - 2016-12-21 05:30 - 01255936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll
2017-02-15 18:31 - 2016-12-21 05:26 - 01155072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVP9DEC.dll
2017-02-15 18:31 - 2016-12-14 06:23 - 00404832 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2017-02-15 18:31 - 2016-12-14 06:21 - 02206496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
2017-02-15 18:31 - 2016-12-14 06:17 - 00319288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64.dll
2017-02-15 18:31 - 2016-12-14 06:14 - 01694712 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2017-02-15 18:31 - 2016-12-14 06:01 - 01557808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll
2017-02-15 18:31 - 2016-12-14 05:43 - 00201728 _____ (Microsoft Corporation) C:\WINDOWS\system32\ScDeviceEnum.dll
2017-02-15 18:31 - 2016-12-14 05:42 - 00236544 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinSCard.dll
2017-02-15 18:31 - 2016-12-14 05:42 - 00167424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinSCard.dll
2017-02-15 18:31 - 2016-12-14 05:40 - 00193536 _____ (Microsoft Corporation) C:\WINDOWS\system32\certprop.dll
2017-02-15 18:31 - 2016-12-14 05:38 - 13869056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2017-02-15 18:31 - 2016-12-14 05:37 - 00090112 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll
2017-02-15 18:31 - 2016-12-14 05:36 - 00074752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\updatepolicy.dll
2017-02-15 18:31 - 2016-12-14 05:35 - 00755712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2017-02-15 18:31 - 2016-12-14 05:35 - 00600576 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptui.dll
2017-02-15 18:31 - 2016-12-14 05:35 - 00553984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cryptui.dll
2017-02-15 18:31 - 2016-12-14 05:26 - 00932864 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2017-02-15 18:31 - 2016-12-14 05:26 - 00869888 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2017-02-15 18:31 - 2016-12-14 05:24 - 01005568 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3D12.dll
2017-02-15 18:31 - 2016-12-14 05:24 - 00673792 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2017-02-15 18:31 - 2016-12-14 05:22 - 02317824 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2017-02-15 18:31 - 2016-12-14 05:22 - 01513472 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2017-02-15 18:31 - 2016-12-14 05:22 - 00391168 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2017-02-15 18:31 - 2016-12-09 11:20 - 02189664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2017-02-15 18:31 - 2016-12-09 11:20 - 00658784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2017-02-15 18:31 - 2016-12-09 11:20 - 00402272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2017-02-15 18:31 - 2016-12-09 11:19 - 00168424 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcrypt.dll
2017-02-15 18:31 - 2016-12-09 11:18 - 02913144 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2017-02-15 18:31 - 2016-12-09 11:18 - 01267512 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2017-02-15 18:31 - 2016-12-09 11:01 - 01503544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2017-02-15 18:31 - 2016-12-09 11:00 - 00106896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcrypt.dll
2017-02-15 18:31 - 2016-12-09 10:59 - 02166752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2017-02-15 18:31 - 2016-12-09 10:59 - 00846560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll
2017-02-15 18:31 - 2016-12-09 10:42 - 00227328 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll
2017-02-15 18:31 - 2016-12-09 10:41 - 00380928 _____ (Microsoft Corporation) C:\WINDOWS\system32\wincorlib.dll
2017-02-15 18:31 - 2016-12-09 10:37 - 00411136 _____ (Microsoft Corporation) C:\WINDOWS\system32\facecredentialprovider.dll
2017-02-15 18:31 - 2016-12-09 10:36 - 03059200 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2017-02-15 18:31 - 2016-12-09 10:36 - 00410112 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2017-02-15 18:31 - 2016-12-09 10:34 - 00288768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wincorlib.dll
2017-02-15 18:31 - 2016-12-09 10:25 - 00376832 _____ (Microsoft Corporation) C:\WINDOWS\system32\CryptoWinRT.dll
2017-02-15 18:31 - 2016-12-09 10:20 - 00730624 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2017-02-15 18:31 - 2016-12-09 10:18 - 00165376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mdmregistration.dll
2017-02-15 18:31 - 2016-11-11 11:15 - 00101216 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceReactivation.dll
2017-02-15 18:31 - 2016-11-11 11:14 - 00603488 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContentDeliveryManager.Utilities.dll
2017-02-15 18:31 - 2016-11-11 11:13 - 02213760 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2017-02-15 18:31 - 2016-11-11 11:13 - 00352096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fastfat.sys
2017-02-15 18:31 - 2016-11-11 11:12 - 00128352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\partmgr.sys
2017-02-15 18:31 - 2016-11-11 11:00 - 00223584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2017-02-15 18:31 - 2016-11-11 10:59 - 00433504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2017-02-15 18:31 - 2016-11-11 10:56 - 00187520 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudStorageWizard.exe
2017-02-15 18:31 - 2016-11-11 10:55 - 00882680 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditionUpgradeManagerObj.dll
2017-02-15 18:31 - 2016-11-11 10:55 - 00743224 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppwinob.dll
2017-02-15 18:31 - 2016-11-11 10:27 - 00086016 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetCfgNotifyObjectHost.exe
2017-02-15 18:31 - 2016-11-11 10:26 - 00258560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\xboxgip.sys
2017-02-15 18:31 - 2016-11-11 10:25 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\system32\BcastDVRHelper.dll
2017-02-15 18:31 - 2016-11-11 10:25 - 00073216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryBroker.dll
2017-02-15 18:31 - 2016-11-11 10:24 - 00170496 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppCapture.dll
2017-02-15 18:31 - 2016-11-11 10:24 - 00122880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryClient.dll
2017-02-15 18:31 - 2016-11-11 10:23 - 00058880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Shell.Search.UriHandler.dll
2017-02-15 18:31 - 2016-11-11 10:22 - 00489472 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupShim.dll
2017-02-15 18:31 - 2016-11-11 10:20 - 00125952 _____ (Microsoft Corporation) C:\WINDOWS\system32\setupugc.exe
2017-02-15 18:31 - 2016-11-11 10:19 - 00620544 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.exe
2017-02-15 18:31 - 2016-11-11 10:19 - 00198144 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpapisrv.dll
2017-02-15 18:31 - 2016-11-11 10:16 - 02716672 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmSvc.dll
2017-02-15 18:31 - 2016-11-11 10:16 - 01477632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsecedit.dll
2017-02-15 18:31 - 2016-11-11 10:16 - 00161792 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditionUpgradeHelper.dll
2017-02-15 18:31 - 2016-11-11 10:15 - 00032256 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSManHTTPConfig.exe
2017-02-15 18:31 - 2016-11-11 10:11 - 00096256 _____ (Microsoft Corporation) C:\WINDOWS\system32\umpoext.dll
2017-02-15 18:31 - 2016-11-11 10:06 - 00650752 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2017-02-15 18:31 - 2016-11-11 10:05 - 04136448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepository.dll
2017-02-15 18:31 - 2016-11-11 10:05 - 01779712 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2017-02-15 18:31 - 2016-11-11 10:04 - 01709056 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll
2017-02-15 18:31 - 2016-11-11 10:04 - 00909312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
2017-02-15 18:31 - 2016-11-11 10:03 - 00842240 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntshrui.dll
2017-02-15 18:31 - 2016-11-11 10:03 - 00283648 _____ (Microsoft Corporation) C:\WINDOWS\system32\wkssvc.dll
2017-02-15 18:31 - 2016-11-11 09:01 - 01969912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hevcdecoder.dll
2017-02-15 18:31 - 2016-11-11 09:00 - 01706488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2017-02-15 18:31 - 2016-11-11 08:49 - 00248480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\policymanager.dll
2017-02-15 18:31 - 2016-11-11 08:19 - 00298496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2017-02-15 18:31 - 2016-11-11 08:18 - 01336320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsecedit.dll
2017-02-15 18:31 - 2016-11-11 08:18 - 00318464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFolder.dll
2017-02-15 18:31 - 2016-11-11 08:17 - 00033280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSManHTTPConfig.exe
2017-02-15 18:31 - 2016-11-11 08:15 - 00838144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JpMapControl.dll
2017-02-15 18:31 - 2016-11-11 08:14 - 00395264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmenrollengine.dll
2017-02-15 18:31 - 2016-11-11 08:04 - 02682880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netshell.dll
2017-02-15 18:31 - 2016-11-11 08:04 - 00912896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comdlg32.dll
2017-02-15 18:31 - 2016-11-11 08:03 - 01576448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2017-02-15 18:31 - 2016-11-11 08:03 - 00772608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntshrui.dll
2017-02-15 18:31 - 2016-11-11 08:03 - 00760832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NMAA.dll
2017-02-15 18:31 - 2016-11-11 08:03 - 00565248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasapi32.dll
2017-02-15 18:31 - 2016-11-11 08:02 - 00711680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll
2017-02-15 18:30 - 2016-12-21 08:49 - 00328008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Storage.ApplicationData.dll
2017-02-15 18:30 - 2016-12-21 08:43 - 00092512 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2017-02-15 18:30 - 2016-12-21 08:14 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchWinApp.exe
2017-02-15 18:30 - 2016-12-21 08:09 - 00368640 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneBackupHandler.dll
2017-02-15 18:30 - 2016-12-21 08:08 - 00289792 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeveloperOptionsSettingsHandlers.dll
2017-02-15 18:30 - 2016-12-21 08:05 - 00425984 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
2017-02-15 18:30 - 2016-12-21 08:05 - 00049152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll
2017-02-15 18:30 - 2016-12-21 07:56 - 00947712 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVP9DEC.dll
2017-02-15 18:30 - 2016-12-21 07:53 - 06664192 _____ (Microsoft Corporation) C:\WINDOWS\system32\mspaint.exe
2017-02-15 18:30 - 2016-12-21 07:49 - 04149248 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2017-02-15 18:30 - 2016-12-21 07:47 - 01121280 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2017-02-15 18:30 - 2016-12-21 05:46 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LaunchWinApp.exe
2017-02-15 18:30 - 2016-12-21 05:41 - 00231936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.LockScreen.dll
2017-02-15 18:30 - 2016-12-21 05:40 - 00318976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpencom.dll
2017-02-15 18:30 - 2016-12-21 05:40 - 00237056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SyncSettings.dll
2017-02-15 18:30 - 2016-12-21 05:39 - 01300480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVPXENC.dll
2017-02-15 18:30 - 2016-12-21 05:25 - 07469056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2017-02-15 18:30 - 2016-12-21 05:25 - 06474752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mspaint.exe
2017-02-15 18:30 - 2016-12-21 05:24 - 06044160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2017-02-15 18:30 - 2016-12-14 06:34 - 02482280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2017-02-15 18:30 - 2016-12-14 06:01 - 00382784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AUDIOKSE.dll
2017-02-15 18:30 - 2016-12-14 06:01 - 00076984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\remoteaudioendpoint.dll
2017-02-15 18:30 - 2016-12-14 05:46 - 01631232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Resources.dll
2017-02-15 18:30 - 2016-12-14 05:42 - 00208896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.UI.Logon.ProxyStub.dll
2017-02-15 18:30 - 2016-12-14 05:40 - 00231424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudBackupSettings.dll
2017-02-15 18:30 - 2016-12-14 05:39 - 00290816 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2017-02-15 18:30 - 2016-12-14 05:36 - 00539648 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2017-02-15 18:30 - 2016-12-14 05:22 - 02748416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpcore.dll
2017-02-15 18:30 - 2016-12-09 11:28 - 00764392 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2017-02-15 18:30 - 2016-12-09 11:27 - 00172528 _____ (Microsoft Corporation) C:\WINDOWS\system32\sspicli.dll
2017-02-15 18:30 - 2016-12-09 11:20 - 01738560 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2017-02-15 18:30 - 2016-12-09 11:15 - 08168000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2017-02-15 18:30 - 2016-12-09 11:11 - 02048496 _____ C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2017-02-15 18:30 - 2016-12-09 10:57 - 06668040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2017-02-15 18:30 - 2016-12-09 10:32 - 00635904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2017-02-15 18:30 - 2016-12-09 10:31 - 03689984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2017-02-15 18:30 - 2016-12-09 10:31 - 00313856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2017-02-15 18:30 - 2016-12-09 10:28 - 01004544 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2017-02-15 18:30 - 2016-12-09 10:27 - 00981504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.OnlineId.dll
2017-02-15 18:30 - 2016-12-09 10:21 - 04746752 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2017-02-15 18:30 - 2016-12-09 10:20 - 00187392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll
2017-02-15 18:30 - 2016-12-09 10:20 - 00172544 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceEnroller.exe
2017-02-15 18:30 - 2016-12-09 10:18 - 03666432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2017-02-15 18:30 - 2016-11-11 11:14 - 02186896 _____ (Microsoft Corporation) C:\WINDOWS\system32\hevcdecoder.dll
2017-02-15 18:30 - 2016-11-11 11:13 - 01886344 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2017-02-15 18:30 - 2016-11-11 11:03 - 01069720 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2017-02-15 18:30 - 2016-11-11 11:03 - 00266544 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanager.dll
2017-02-15 18:30 - 2016-11-11 10:56 - 04673304 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2017-02-15 18:30 - 2016-11-11 10:26 - 00163840 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseModernAppMgmtCSP.dll
2017-02-15 18:30 - 2016-11-11 10:26 - 00109056 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReportingCSP.dll
2017-02-15 18:30 - 2016-11-11 10:25 - 00185344 _____ (Microsoft Corporation) C:\WINDOWS\system32\DisplayManager.dll
2017-02-15 18:30 - 2016-11-11 10:25 - 00147968 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcertinst.exe
2017-02-15 18:30 - 2016-11-11 10:25 - 00081408 _____ (Microsoft Corporation) C:\WINDOWS\system32\HttpsDataSource.dll
2017-02-15 18:30 - 2016-11-11 10:24 - 00158720 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEStoreEventHandlers.dll
2017-02-15 18:30 - 2016-11-11 10:24 - 00136192 _____ (Microsoft Corporation) C:\WINDOWS\system32\sendmail.dll
2017-02-15 18:30 - 2016-11-11 10:24 - 00107520 _____ (Microsoft Corporation) C:\WINDOWS\system32\VPNv2CSP.dll
2017-02-15 18:30 - 2016-11-11 10:23 - 00567296 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevicePairing.dll
2017-02-15 18:30 - 2016-11-11 10:23 - 00041472 _____ (Microsoft Corporation) C:\WINDOWS\system32\EAMProgressHandler.dll
2017-02-15 18:30 - 2016-11-11 10:22 - 00143360 _____ (Microsoft Corporation) C:\WINDOWS\system32\EDPCleanup.exe
2017-02-15 18:30 - 2016-11-11 10:21 - 00690688 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2017-02-15 18:30 - 2016-11-11 10:21 - 00587776 _____ (Microsoft Corporation) C:\WINDOWS\system32\vpnike.dll
2017-02-15 18:30 - 2016-11-11 10:21 - 00379392 _____ (Microsoft Corporation) C:\WINDOWS\system32\apprepsync.dll
2017-02-15 18:30 - 2016-11-11 10:20 - 00657920 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmans.dll
2017-02-15 18:30 - 2016-11-11 10:20 - 00574464 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_StorageSense.dll
2017-02-15 18:30 - 2016-11-11 10:20 - 00407552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2017-02-15 18:30 - 2016-11-11 10:20 - 00176128 _____ (Microsoft Corporation) C:\WINDOWS\system32\apprepapi.dll
2017-02-15 18:30 - 2016-11-11 10:20 - 00115200 _____ (Microsoft Corporation) C:\WINDOWS\system32\IdCtrls.dll
2017-02-15 18:30 - 2016-11-11 10:19 - 00495104 _____ (Microsoft Corporation) C:\WINDOWS\system32\DataSenseHandlers.dll
2017-02-15 18:30 - 2016-11-11 10:19 - 00389632 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActivationManager.dll
2017-02-15 18:30 - 2016-11-11 10:19 - 00388096 _____ (Microsoft Corporation) C:\WINDOWS\system32\zipfldr.dll
2017-02-15 18:30 - 2016-11-11 10:19 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseAppMgmtSvc.dll
2017-02-15 18:30 - 2016-11-11 10:18 - 02084352 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceFlows.DataModel.dll
2017-02-15 18:30 - 2016-11-11 10:14 - 02104320 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll
2017-02-15 18:30 - 2016-11-11 10:14 - 00615424 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnprv.dll
2017-02-15 18:30 - 2016-11-11 10:13 - 00396800 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2017-02-15 18:30 - 2016-11-11 10:07 - 00347648 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascustom.dll
2017-02-15 18:30 - 2016-11-11 10:06 - 03400192 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncCenter.dll
2017-02-15 18:30 - 2016-11-11 10:04 - 02611200 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameux.dll
2017-02-15 18:30 - 2016-11-11 10:04 - 00455168 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll
2017-02-15 18:30 - 2016-11-11 10:04 - 00389632 _____ (Microsoft Corporation) C:\WINDOWS\system32\stobject.dll
2017-02-15 18:30 - 2016-11-11 10:03 - 02669056 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2017-02-15 18:30 - 2016-11-11 10:03 - 00632320 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasapi32.dll
2017-02-15 18:30 - 2016-11-11 08:54 - 00122208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\migisol.dll
2017-02-15 18:30 - 2016-11-11 08:49 - 00869848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmCoreR.dll
2017-02-15 18:30 - 2016-11-11 08:42 - 00152416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RTWorkQ.dll
2017-02-15 18:30 - 2016-11-11 08:41 - 04311736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2017-02-15 18:30 - 2016-11-11 08:24 - 00047104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Shell.Search.UriHandler.dll
2017-02-15 18:30 - 2016-11-11 08:23 - 00094208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryClient.dll
2017-02-15 18:30 - 2016-11-11 08:22 - 00122880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sendmail.dll
2017-02-15 18:30 - 2016-11-11 08:21 - 00091648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.BackgroundTransfer.BackgroundManagerPolicy.dll
2017-02-15 18:30 - 2016-11-11 08:20 - 00306176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2017-02-15 18:30 - 2016-11-11 08:19 - 00506880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DevicePairing.dll
2017-02-15 18:30 - 2016-11-11 08:06 - 00400384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToManager.dll
2017-02-15 18:30 - 2016-11-11 08:05 - 03370496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepository.dll
2017-02-15 18:30 - 2016-11-11 08:04 - 00358912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\stobject.dll
2017-02-15 18:30 - 2016-11-11 08:03 - 02484736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gameux.dll
2017-02-15 18:30 - 2016-11-11 08:03 - 01556480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2017-02-15 18:29 - 2016-12-21 08:09 - 00363520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.BioFeedback.dll
2017-02-15 18:29 - 2016-12-21 08:08 - 00418304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.BlockedShutdown.dll
2017-02-15 18:29 - 2016-12-21 08:08 - 00211968 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2017-02-15 18:29 - 2016-12-21 08:07 - 00748544 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2017-02-15 18:29 - 2016-12-21 08:06 - 00310784 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncSettings.dll
2017-02-15 18:29 - 2016-12-21 08:06 - 00260608 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgentUserBroker.exe
2017-02-15 18:29 - 2016-12-21 08:06 - 00147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll
2017-02-15 18:29 - 2016-12-21 08:00 - 00440320 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhcfg.dll
2017-02-15 18:29 - 2016-12-21 07:57 - 00462336 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhsettingsprovider.dll
2017-02-15 18:29 - 2016-12-21 07:54 - 05511680 _____ (Microsoft Corporation) C:\WINDOWS\system32\aclui.dll
2017-02-15 18:29 - 2016-12-21 07:49 - 02691072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2017-02-15 18:29 - 2016-12-21 07:49 - 01062912 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2017-02-15 18:29 - 2016-12-21 06:02 - 03892864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2017-02-15 18:29 - 2016-12-21 06:02 - 01852720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2017-02-15 18:29 - 2016-12-21 06:02 - 01360464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetsrc.dll
2017-02-15 18:29 - 2016-12-21 06:02 - 01277344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll
2017-02-15 18:29 - 2016-12-21 06:02 - 01201872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2017-02-15 18:29 - 2016-12-21 06:02 - 00980832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetcore.dll
2017-02-15 18:29 - 2016-12-21 05:35 - 04612608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2017-02-15 18:29 - 2016-12-21 05:27 - 00640000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MCRecvSrc.dll
2017-02-15 18:29 - 2016-12-14 06:41 - 00590960 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2017-02-15 18:29 - 2016-12-14 06:33 - 01356864 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipUp.exe
2017-02-15 18:29 - 2016-12-14 06:19 - 00584544 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2017-02-15 18:29 - 2016-12-14 06:18 - 00715104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys
2017-02-15 18:29 - 2016-12-14 06:14 - 00418952 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2017-02-15 18:29 - 2016-12-14 06:14 - 00089416 _____ (Microsoft Corporation) C:\WINDOWS\system32\remoteaudioendpoint.dll
2017-02-15 18:29 - 2016-12-14 05:46 - 00206848 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2017-02-15 18:29 - 2016-12-14 05:42 - 00352768 _____ (Microsoft Corporation) C:\WINDOWS\system32\cloudAP.dll
2017-02-15 18:29 - 2016-12-14 05:41 - 00223744 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2017-02-15 18:29 - 2016-12-14 05:40 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll
2017-02-15 18:29 - 2016-12-14 05:39 - 00837632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbiosrvc.dll
2017-02-15 18:29 - 2016-12-14 05:39 - 00257024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.CredDialogController.dll
2017-02-15 18:29 - 2016-12-14 05:38 - 00295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudBackupSettings.dll
2017-02-15 18:29 - 2016-12-14 05:36 - 01002496 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2017-02-15 18:29 - 2016-12-14 05:35 - 00712192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2017-02-15 18:29 - 2016-12-14 05:32 - 00497152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LogonController.dll
2017-02-15 18:29 - 2016-12-14 05:25 - 02009600 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRHInproc.dll
2017-02-15 18:29 - 2016-12-14 05:23 - 01231872 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2017-02-15 18:29 - 2016-12-14 05:21 - 03616768 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2017-02-15 18:29 - 2016-12-09 11:30 - 00377184 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2017-02-15 18:29 - 2016-12-09 11:19 - 01293152 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2017-02-15 18:29 - 2016-12-09 11:14 - 01274712 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2017-02-15 18:29 - 2016-12-09 11:10 - 01572768 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2017-02-15 18:29 - 2016-12-09 11:10 - 01461200 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2017-02-15 18:29 - 2016-12-09 10:52 - 01435896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2017-02-15 18:29 - 2016-12-09 10:33 - 01589760 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdtctm.dll
2017-02-15 18:29 - 2016-12-09 10:28 - 03306496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2017-02-15 18:29 - 2016-12-09 10:27 - 13084160 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2017-02-15 18:29 - 2016-12-09 10:27 - 05114368 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
2017-02-15 18:29 - 2016-12-09 10:23 - 12177920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2017-02-15 18:29 - 2016-12-09 10:21 - 00716800 _____ (Microsoft Corporation) C:\WINDOWS\system32\ShareHost.dll
2017-02-15 18:29 - 2016-11-11 11:02 - 00360040 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2017-02-15 18:29 - 2016-11-11 11:01 - 07219672 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2017-02-15 18:29 - 2016-11-11 11:01 - 01859264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2017-02-15 18:29 - 2016-11-11 10:56 - 00163752 _____ (Microsoft Corporation) C:\WINDOWS\system32\RTWorkQ.dll
2017-02-15 18:29 - 2016-11-11 10:54 - 01418312 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2017-02-15 18:29 - 2016-11-11 10:31 - 00366080 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXTaskFactory.dll
2017-02-15 18:29 - 2016-11-11 10:27 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpremove.exe
2017-02-15 18:29 - 2016-11-11 10:24 - 00159744 _____ (Microsoft Corporation) C:\WINDOWS\system32\ACPBackgroundManagerPolicy.dll
2017-02-15 18:29 - 2016-11-11 10:23 - 00409088 _____ (Microsoft Corporation) C:\WINDOWS\system32\NgcCtnr.dll
2017-02-15 18:29 - 2016-11-11 10:20 - 00641024 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngccredprov.dll
2017-02-15 18:29 - 2016-11-11 10:20 - 00590336 _____ (Microsoft Corporation) C:\WINDOWS\system32\efswrt.dll
2017-02-15 18:29 - 2016-11-11 10:20 - 00381952 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptngc.dll
2017-02-15 18:29 - 2016-11-11 10:20 - 00339456 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpusersvc.dll
2017-02-15 18:29 - 2016-11-11 10:19 - 00411648 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpsvc.dll
2017-02-15 18:29 - 2016-11-11 10:19 - 00366080 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFolder.dll
2017-02-15 18:29 - 2016-11-11 10:19 - 00320000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2017-02-15 18:29 - 2016-11-11 10:17 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProvSysprep.dll
2017-02-15 18:29 - 2016-11-11 10:16 - 00105984 _____ (Microsoft Corporation) C:\WINDOWS\system32\RjvMDMConfig.dll
2017-02-15 18:29 - 2016-11-11 10:12 - 00870912 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdtcprx.dll
2017-02-15 18:29 - 2016-11-11 10:09 - 01366016 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2017-02-15 18:29 - 2016-11-11 10:07 - 00991232 _____ (Microsoft Corporation) C:\WINDOWS\system32\comdlg32.dll
2017-02-15 18:29 - 2016-11-11 10:06 - 00960000 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2017-02-15 18:29 - 2016-11-11 10:05 - 02852864 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll
2017-02-15 18:29 - 2016-11-11 10:04 - 00691712 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsm.dll
2017-02-15 18:29 - 2016-11-11 10:02 - 03542016 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2017-02-15 18:29 - 2016-11-11 10:02 - 01726976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2017-02-15 18:29 - 2016-11-11 08:59 - 01572768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2017-02-15 18:29 - 2016-11-11 08:42 - 01123912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2017-02-15 18:29 - 2016-11-11 08:42 - 00952416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2017-02-15 18:29 - 2016-11-11 08:42 - 00374448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFPlay.dll
2017-02-15 18:29 - 2016-11-11 08:42 - 00091936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfaudiocnv.dll
2017-02-15 18:29 - 2016-11-11 08:41 - 00157536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudStorageWizard.exe
2017-02-15 18:29 - 2016-11-11 08:24 - 00519168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ngccredprov.dll
2017-02-15 18:29 - 2016-11-11 08:24 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BcastDVRHelper.dll
2017-02-15 18:29 - 2016-11-11 08:23 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppCapture.dll
2017-02-15 18:29 - 2016-11-11 08:22 - 00505856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcastdvr.exe
2017-02-15 18:29 - 2016-11-11 08:19 - 00114176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\setupugc.exe
2017-02-15 18:29 - 2016-11-11 08:15 - 00348672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\zipfldr.dll
2017-02-15 18:29 - 2016-11-11 08:15 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cryptngc.dll
2017-02-15 18:29 - 2016-11-11 08:10 - 00746496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msdtcprx.dll
2017-02-15 18:29 - 2016-11-11 08:09 - 00545280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmkvsrcsnk.dll
2017-02-15 18:29 - 2016-11-11 08:08 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xolehlp.dll
2017-02-15 18:29 - 2016-11-11 08:06 - 00359936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mtxclu.dll
2017-02-15 18:29 - 2016-11-11 08:05 - 04423680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll
2017-02-15 18:29 - 2016-11-11 08:04 - 01992704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2017-02-15 18:28 - 2016-12-21 09:04 - 07816032 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2017-02-15 18:28 - 2016-12-21 08:42 - 00241504 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHost.dll
2017-02-15 18:28 - 2016-12-21 08:37 - 00455520 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2017-02-15 18:28 - 2016-12-21 08:08 - 01292288 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVPXENC.dll
2017-02-15 18:28 - 2016-12-21 08:08 - 00349184 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2017-02-15 18:28 - 2016-12-21 07:53 - 01692672 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2017-02-15 18:28 - 2016-12-21 07:51 - 02275840 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2017-02-15 18:28 - 2016-12-21 05:24 - 05061120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2017-02-15 18:28 - 2016-12-21 05:24 - 03733504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_47.dll
2017-02-15 18:28 - 2016-12-21 05:24 - 00886272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2017-02-15 18:28 - 2016-12-21 05:22 - 00860672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2017-02-15 18:28 - 2016-12-14 06:18 - 00335712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2017-02-15 18:28 - 2016-12-14 06:08 - 00341344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2017-02-15 18:28 - 2016-12-14 06:06 - 00509792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2017-02-15 18:28 - 2016-12-14 05:45 - 00147968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32k.sys
2017-02-15 18:28 - 2016-12-14 05:40 - 00266752 _____ (Microsoft Corporation) C:\WINDOWS\system32\ConsoleLogon.dll
2017-02-15 18:28 - 2016-12-14 05:40 - 00104448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.UI.Logon.ProxyStub.dll
2017-02-15 18:28 - 2016-12-14 05:22 - 02998272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2017-02-15 18:28 - 2016-12-14 05:22 - 00707584 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2017-02-15 18:28 - 2016-12-09 11:34 - 01051112 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2017-02-15 18:28 - 2016-12-09 11:34 - 00894096 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2017-02-15 18:28 - 2016-12-09 11:33 - 01354320 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2017-02-15 18:28 - 2016-12-09 11:33 - 01173496 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2017-02-15 18:28 - 2016-12-09 11:01 - 02323728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10warp.dll
2017-02-15 18:28 - 2016-12-09 10:51 - 00117240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sspicli.dll
2017-02-15 18:28 - 2016-12-09 10:45 - 00040448 _____ (Microsoft Corporation) C:\WINDOWS\system32\WordBreakers.dll
2017-02-15 18:28 - 2016-12-09 10:22 - 02820096 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
2017-02-15 18:28 - 2016-12-09 10:20 - 03198464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll
2017-02-15 18:28 - 2016-12-09 10:19 - 00433664 _____ (Microsoft Corporation) C:\WINDOWS\system32\TextInputFramework.dll
2017-02-15 18:28 - 2016-12-09 10:19 - 00261120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll
2017-02-15 18:28 - 2016-12-09 10:19 - 00119296 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputLocaleManager.dll
2017-02-15 18:28 - 2016-12-09 10:19 - 00085504 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditBufferTestHook.dll
2017-02-15 18:28 - 2016-12-09 10:17 - 00566784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ShareHost.dll
2017-02-15 18:28 - 2016-11-11 11:15 - 00198856 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscapi.dll
2017-02-15 18:28 - 2016-11-11 10:56 - 00424616 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFPlay.dll
2017-02-15 18:28 - 2016-11-11 10:25 - 00151040 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsBtSvc.dll
2017-02-15 18:28 - 2016-11-11 10:25 - 00089600 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosStorage.dll
2017-02-15 18:28 - 2016-11-11 10:22 - 00082944 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshost.dll
2017-02-15 18:28 - 2016-11-11 10:21 - 00313856 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshostcore.dll
2017-02-15 18:28 - 2016-11-11 10:20 - 00446976 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapConfiguration.dll
2017-02-15 18:28 - 2016-11-11 10:17 - 01220096 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscui.cpl
2017-02-15 18:28 - 2016-11-11 10:16 - 00184832 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscsvc.dll
2017-02-15 18:28 - 2016-11-11 10:15 - 00282624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb10.sys
2017-02-15 18:28 - 2016-11-11 10:14 - 07654400 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2017-02-15 18:28 - 2016-11-11 10:13 - 07812096 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2017-02-15 18:28 - 2016-11-11 10:08 - 00539136 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToManager.dll
2017-02-15 18:28 - 2016-11-11 10:07 - 03441152 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapRouter.dll
2017-02-15 18:28 - 2016-11-11 10:07 - 02953216 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapGeocoder.dll
2017-02-15 18:28 - 2016-11-11 10:07 - 02510848 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2017-02-15 18:28 - 2016-11-11 10:05 - 01031680 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
2017-02-15 18:28 - 2016-11-11 10:03 - 04708864 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
2017-02-15 18:28 - 2016-11-11 10:03 - 00905216 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlCore.dll
2017-02-15 18:28 - 2016-11-11 09:01 - 00167848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscapi.dll
2017-02-15 18:28 - 2016-11-11 08:48 - 02277248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll
2017-02-15 18:28 - 2016-11-11 08:47 - 00527880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2017-02-15 18:28 - 2016-11-11 08:26 - 00030720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReAgentc.exe
2017-02-15 18:28 - 2016-11-11 08:19 - 01755136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DeviceFlows.DataModel.dll
2017-02-15 18:28 - 2016-11-11 08:19 - 00364544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupShim.dll
2017-02-15 18:28 - 2016-11-11 08:18 - 00431616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\efswrt.dll
2017-02-15 18:28 - 2016-11-11 08:17 - 00333312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActivationManager.dll
2017-02-15 18:28 - 2016-11-11 08:06 - 01228288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usercpl.dll
2017-02-15 18:28 - 2016-11-11 08:04 - 01595392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2017-02-15 18:28 - 2016-11-11 08:03 - 02256384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2017-02-15 18:27 - 2016-12-21 08:13 - 00119808 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCsp.dll
2017-02-15 18:27 - 2016-12-21 08:12 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProvPluginEng.dll
2017-02-15 18:27 - 2016-12-21 08:10 - 00234496 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCore.dll
2017-02-15 18:27 - 2016-12-14 05:32 - 00806400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3D12.dll
2017-02-15 18:27 - 2016-11-11 10:28 - 00040960 _____ (Microsoft Corporation) C:\WINDOWS\system32\CbtBackgroundManagerPolicy.dll
2017-02-15 18:27 - 2016-11-11 10:26 - 00042496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\modem.sys
2017-02-15 18:27 - 2016-11-11 10:15 - 00159232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscinterop.dll
2017-02-15 18:27 - 2016-11-11 10:14 - 00713216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2017-02-15 18:27 - 2016-11-11 10:13 - 00306176 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdtcuiu.dll
2017-02-15 18:27 - 2016-11-11 10:07 - 01060864 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpMapControl.dll
2017-02-15 18:27 - 2016-11-11 10:02 - 00936448 _____ (Microsoft Corporation) C:\WINDOWS\system32\NMAA.dll
2017-02-15 18:27 - 2016-11-11 08:27 - 00065024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetCfgNotifyObjectHost.exe
2017-02-15 18:27 - 2016-11-11 08:18 - 01196544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscui.cpl
2017-02-15 18:27 - 2016-11-11 08:18 - 00108544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscinterop.dll
2017-02-14 17:43 - 2017-02-19 18:51 - 00000000 ____D C:\Users\Baby\AppData\Local\ConnectedDevicesPlatform
2017-02-14 17:43 - 2017-02-14 17:43 - 00000020 ___SH C:\Users\Baby\ntuser.ini
2017-02-14 17:41 - 2017-02-14 17:41 - 00000000 _SHDL C:\Users\Default\Vorlagen
2017-02-14 17:41 - 2017-02-14 17:41 - 00000000 _SHDL C:\Users\Default\Startmenü
2017-02-14 17:41 - 2017-02-14 17:41 - 00000000 _SHDL C:\Users\Default\Netzwerkumgebung
2017-02-14 17:41 - 2017-02-14 17:41 - 00000000 _SHDL C:\Users\Default\Lokale Einstellungen
2017-02-14 17:41 - 2017-02-14 17:41 - 00000000 _SHDL C:\Users\Default\Eigene Dateien
2017-02-14 17:41 - 2017-02-14 17:41 - 00000000 _SHDL C:\Users\Default\Druckumgebung
2017-02-14 17:41 - 2017-02-14 17:41 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Videos
2017-02-14 17:41 - 2017-02-14 17:41 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Musik
2017-02-14 17:41 - 2017-02-14 17:41 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Bilder
2017-02-14 17:41 - 2017-02-14 17:41 - 00000000 _SHDL C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2017-02-14 17:41 - 2017-02-14 17:41 - 00000000 _SHDL C:\Users\Default\AppData\Local\Verlauf
2017-02-14 17:41 - 2017-02-14 17:41 - 00000000 _SHDL C:\Users\Default\AppData\Local\Anwendungsdaten
2017-02-14 17:41 - 2017-02-14 17:41 - 00000000 _SHDL C:\Users\Default\Anwendungsdaten
2017-02-14 17:41 - 2017-02-14 17:41 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Videos
2017-02-14 17:41 - 2017-02-14 17:41 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Musik
2017-02-14 17:41 - 2017-02-14 17:41 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Bilder
2017-02-14 17:41 - 2017-02-14 17:41 - 00000000 _SHDL C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2017-02-14 17:41 - 2017-02-14 17:41 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Verlauf
2017-02-14 17:41 - 2017-02-14 17:41 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Anwendungsdaten
2017-02-14 17:40 - 2017-02-14 17:41 - 00007623 _____ C:\WINDOWS\diagwrn.xml
2017-02-14 17:40 - 2017-02-14 17:41 - 00007623 _____ C:\WINDOWS\diagerr.xml
2017-02-14 17:39 - 2017-02-14 17:39 - 00003310 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{80B2E059-914D-4AA0-B810-B7874A284424}
2017-02-14 17:39 - 2017-02-14 17:39 - 00002770 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task v2
2017-02-14 17:39 - 2017-02-14 17:39 - 00000000 ____D C:\WINDOWS\System32\Tasks\McAfee
2017-02-14 17:39 - 2017-02-14 17:39 - 00000000 ____D C:\WINDOWS\System32\Tasks\Lenovo
2017-02-14 17:39 - 2017-02-14 17:39 - 00000000 ____D C:\WINDOWS\System32\Tasks\CyberLink
2017-02-14 17:32 - 2017-02-14 17:32 - 00022960 _____ C:\WINDOWS\system32\emptyregdb.dat
2017-02-14 17:26 - 2017-02-14 17:26 - 00001576 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2017-02-14 17:26 - 2017-02-14 17:26 - 00000000 ____D C:\Users\Default\AppData\Local\AdvinstAnalytics
2017-02-14 17:26 - 2017-02-14 17:26 - 00000000 ____D C:\Users\Default User\AppData\Local\AdvinstAnalytics
2017-02-14 17:23 - 2017-02-14 17:27 - 00000000 ____D C:\WINDOWS\system32\config\bbimigrate
2017-02-14 17:22 - 2017-03-03 18:46 - 00000000 ____D C:\Users\Baby
2017-02-14 17:22 - 2017-02-14 17:22 - 00000000 _SHDL C:\Users\Baby\Vorlagen
2017-02-14 17:22 - 2017-02-14 17:22 - 00000000 _SHDL C:\Users\Baby\Startmenü
2017-02-14 17:22 - 2017-02-14 17:22 - 00000000 _SHDL C:\Users\Baby\Netzwerkumgebung
2017-02-14 17:22 - 2017-02-14 17:22 - 00000000 _SHDL C:\Users\Baby\Lokale Einstellungen
2017-02-14 17:22 - 2017-02-14 17:22 - 00000000 _SHDL C:\Users\Baby\Eigene Dateien
2017-02-14 17:22 - 2017-02-14 17:22 - 00000000 _SHDL C:\Users\Baby\Druckumgebung
2017-02-14 17:22 - 2017-02-14 17:22 - 00000000 _SHDL C:\Users\Baby\Documents\Eigene Videos
2017-02-14 17:22 - 2017-02-14 17:22 - 00000000 _SHDL C:\Users\Baby\Documents\Eigene Musik
2017-02-14 17:22 - 2017-02-14 17:22 - 00000000 _SHDL C:\Users\Baby\Documents\Eigene Bilder
2017-02-14 17:22 - 2017-02-14 17:22 - 00000000 _SHDL C:\Users\Baby\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2017-02-14 17:22 - 2017-02-14 17:22 - 00000000 _SHDL C:\Users\Baby\AppData\Local\Verlauf
2017-02-14 17:22 - 2017-02-14 17:22 - 00000000 _SHDL C:\Users\Baby\AppData\Local\Anwendungsdaten
2017-02-14 17:22 - 2017-02-14 17:22 - 00000000 _SHDL C:\Users\Baby\Anwendungsdaten
2017-02-14 17:18 - 2017-02-14 17:18 - 00000000 ____H C:\ProgramData\DP45977C.lfl
2017-02-14 17:18 - 2017-02-14 17:18 - 00000000 ____D C:\WINDOWS\SysWOW64\RTCOM
2017-02-14 17:18 - 2017-02-14 17:18 - 00000000 ____D C:\WINDOWS\system32\DAX2
2017-02-14 17:18 - 2017-02-14 17:18 - 00000000 ____D C:\Program Files\Realtek
2017-02-14 17:17 - 2017-03-03 18:49 - 00000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2017-02-14 17:17 - 2017-02-14 17:27 - 00000000 ____D C:\Program Files\Elantech
2017-02-14 17:17 - 2017-02-14 17:24 - 00000000 ____D C:\Program Files\Intel
2017-02-14 17:17 - 2017-02-14 17:17 - 00000200 _____ C:\WINDOWS\system32\{EC94D02F-D200-4428-9531-05AF7F9799CB}.bat
2017-02-14 17:17 - 2017-02-14 17:17 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_ETDSMBus_01011.Wdf
2017-02-14 17:17 - 2015-08-16 18:13 - 00086528 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.DLL
2017-02-14 17:17 - 2015-08-16 18:13 - 00082432 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.DLL
2017-02-14 17:14 - 2017-02-14 17:42 - 00000000 ___DC C:\WINDOWS\Panther
2017-02-14 17:11 - 2017-02-14 17:11 - 00008192 _____ C:\WINDOWS\system32\config\userdiff
2017-02-14 17:09 - 2017-02-14 17:09 - 00000000 ____D C:\WINDOWS\SysWOW64\XPSViewer
2017-02-14 17:09 - 2017-02-14 17:09 - 00000000 ____D C:\Program Files\Reference Assemblies
2017-02-14 17:09 - 2017-02-14 17:09 - 00000000 ____D C:\Program Files\MSBuild
2017-02-14 17:09 - 2017-02-14 17:09 - 00000000 ____D C:\Program Files (x86)\Reference Assemblies
2017-02-14 17:09 - 2017-02-14 17:09 - 00000000 ____D C:\Program Files (x86)\MSBuild
2017-02-14 17:08 - 2016-05-25 14:31 - 01166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
2017-02-14 17:08 - 2016-05-25 14:31 - 00124624 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2017-02-14 17:08 - 2016-05-25 14:31 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2017-02-14 17:08 - 2016-05-25 11:03 - 00778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll
2017-02-14 17:08 - 2016-05-25 11:03 - 00103120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2017-02-14 17:08 - 2016-05-25 11:03 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2017-02-12 21:14 - 2017-02-12 21:14 - 00061781 _____ C:\Users\Baby\Downloads\31_031_01424_Bestätigung der Annahme ESt unbeschränkt (ESt 1 A) 2016_ElsterOnline2.pdf
2017-02-12 21:04 - 2017-02-12 21:05 - 00022072 _____ C:\Users\Baby\Downloads\steuerberechnung_2017-02-12-210443.pdf
2017-02-12 21:00 - 2017-02-12 21:00 - 00022068 _____ C:\Users\Baby\Downloads\steuerberechnung_2017-02-12-210042.pdf
2017-02-12 20:57 - 2017-02-12 20:57 - 00022071 _____ C:\Users\Baby\Downloads\steuerberechnung_2017-02-12-205749.pdf
2017-02-10 19:02 - 2017-02-10 19:02 - 00022075 _____ C:\Users\Baby\Downloads\steuerberechnung_2017-02-10-190244.pdf
2017-02-10 19:01 - 2017-02-10 19:01 - 00022094 _____ C:\Users\Baby\Downloads\steuerberechnung_2017-02-10-190109.pdf
2017-02-10 18:43 - 2017-02-10 18:43 - 00022759 _____ C:\Users\Baby\Downloads\steuerberechnung_2017-02-10-184311.pdf
2017-02-10 18:20 - 2017-02-10 18:20 - 00010495 _____ C:\Users\Baby\Downloads\Rene1896_elster_10.02.2017_18.20.pfx
2017-02-10 18:16 - 2017-02-10 18:16 - 00010495 _____ C:\Users\Baby\Downloads\VanyB91_elster_10.02.2017_18.15.pfx
2017-02-08 15:27 - 2017-03-02 19:09 - 00001309 _____ C:\Users\Public\Desktop\ElsterFormular.lnk
2017-02-08 15:27 - 2017-03-02 19:09 - 00000000 ____D C:\ProgramData\elsterformular
2017-02-08 15:27 - 2017-03-02 19:09 - 00000000 ____D C:\Program Files (x86)\ElsterFormular
2017-02-08 15:27 - 2017-02-08 15:27 - 00000000 ____D C:\Users\Baby\AppData\Roaming\elsterformular
2017-02-08 15:24 - 2017-02-08 15:26 - 67816592 _____ (Landesfinanzdirektion Thüringen) C:\Users\Baby\Downloads\ElsterFormularPrivat.exe
2017-02-03 16:50 - 2017-02-03 16:50 - 00000000 ____D C:\Users\Baby\AppData\Local\CEF
2017-02-03 16:49 - 2017-02-19 18:46 - 00000000 ____D C:\ProgramData\ProductData
2017-02-03 16:49 - 2017-02-03 16:49 - 00000000 ____D C:\Users\Baby\AppData\Roaming\ProductData
2017-02-03 16:48 - 2017-02-19 19:29 - 00000000 ____D C:\Program Files (x86)\IObit
2017-02-03 16:48 - 2017-02-03 17:04 - 00000000 ____D C:\ProgramData\Avg
2017-02-03 16:48 - 2017-02-03 17:03 - 00000000 ____D C:\Users\Baby\AppData\Local\AvgSetupLog
2017-02-03 16:48 - 2017-02-03 16:49 - 00000000 ____D C:\Users\Baby\AppData\Roaming\IObit
2017-02-03 16:48 - 2017-02-03 16:49 - 00000000 ____D C:\ProgramData\IObit
2017-02-03 16:48 - 2017-02-03 16:48 - 00000000 ____D C:\WINDOWS\Tasks\ImCleanDisabled
2017-02-03 16:48 - 2017-02-03 16:48 - 00000000 ____D C:\Users\Baby\AppData\Local\Avg
2017-02-03 16:48 - 2017-02-03 16:48 - 00000000 ____D C:\ProgramData\{FD6F83C0-EC70-4581-8361-C70CD1AA4B98}

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2017-03-03 20:44 - 2016-11-20 13:32 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2017-03-03 19:04 - 2017-01-13 15:24 - 00000000 ____D C:\ProgramData\Kaspersky Lab
2017-03-03 18:54 - 2017-01-13 14:58 - 00043532 _____ C:\WINDOWS\system32\InstallUtil.InstallLog
2017-03-03 18:54 - 2016-11-20 22:42 - 01597994 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-03-03 18:54 - 2016-11-20 22:00 - 00567798 _____ C:\WINDOWS\system32\perfh007.dat
2017-03-03 18:54 - 2016-11-20 22:00 - 00108362 _____ C:\WINDOWS\system32\perfc007.dat
2017-03-03 18:50 - 2017-01-12 16:03 - 00000000 ___RD C:\Users\Baby\OneDrive
2017-03-03 18:49 - 2017-01-30 18:31 - 00625272 _____ C:\WINDOWS\system32\NetUtils2016.dll
2017-03-03 18:49 - 2017-01-12 16:00 - 00000000 __SHD C:\Users\Baby\IntelGraphicsProfiles
2017-03-03 18:47 - 2016-11-20 22:32 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-03-03 18:46 - 2016-07-16 07:04 - 00524288 _____ C:\WINDOWS\system32\config\BBI
2017-03-03 18:41 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\AppReadiness
2017-03-02 20:59 - 2016-07-16 12:45 - 00000000 ____D C:\WINDOWS\INF
2017-03-02 16:57 - 2016-07-16 12:47 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2017-03-02 16:56 - 2016-10-19 00:32 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2017-03-02 16:45 - 2016-07-16 12:47 - 00000000 ___HD C:\Program Files\WindowsApps
2017-02-28 19:50 - 2016-11-20 13:32 - 00357328 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2017-02-26 15:24 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\rescache
2017-02-26 10:58 - 2017-01-12 20:00 - 00000000 ____D C:\WINDOWS\system32\MRT
2017-02-26 10:57 - 2017-01-12 20:00 - 138020592 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-02-26 10:57 - 2016-07-16 12:36 - 00000000 ____D C:\WINDOWS\CbsTemp
2017-02-23 21:20 - 2017-01-12 16:03 - 00002387 _____ C:\Users\Baby\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2017-02-20 20:45 - 2016-07-16 12:47 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2017-02-20 20:17 - 2017-01-12 16:00 - 00000000 ____D C:\Users\Baby\AppData\Local\Packages
2017-02-19 18:50 - 2016-11-20 22:46 - 00000000 __RHD C:\Users\Public\AccountPictures
2017-02-17 20:03 - 2016-07-16 12:47 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2017-02-17 20:03 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\SysWOW64\oobe
2017-02-17 20:03 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2017-02-17 20:03 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\oobe
2017-02-17 20:03 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\ShellExperiences
2017-02-17 20:03 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\Provisioning
2017-02-17 20:03 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\bcastdvr
2017-02-17 20:03 - 2016-07-16 07:04 - 00000000 ____D C:\WINDOWS\SysWOW64\Dism
2017-02-17 20:03 - 2016-07-16 07:04 - 00000000 ____D C:\WINDOWS\system32\Sysprep
2017-02-17 20:03 - 2016-07-16 07:04 - 00000000 ____D C:\WINDOWS\system32\Dism
2017-02-17 20:03 - 2016-07-16 07:04 - 00000000 ____D C:\WINDOWS\servicing
2017-02-15 17:48 - 2016-07-16 12:42 - 00180224 _____ (Microsoft Corporation) C:\WINDOWS\system32\enrollmentapi.dll
2017-02-15 17:39 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\appcompat
2017-02-14 17:49 - 2016-06-20 23:41 - 00057424 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klim6.sys
2017-02-14 17:41 - 2016-07-16 12:47 - 00000000 ____D C:\Program Files\Windows NT
2017-02-14 17:40 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\Registration
2017-02-14 17:39 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\WinBioDatabase
2017-02-14 17:39 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\Tasks_Migrated
2017-02-14 17:31 - 2016-10-19 01:44 - 01442704 _____ C:\WINDOWS\SysWOW64\PerfStringBackup.INI
2017-02-14 17:31 - 2016-07-16 12:47 - 00000000 __RHD C:\Users\Public\Libraries
2017-02-14 17:27 - 2017-01-31 13:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Zylom
2017-02-14 17:27 - 2017-01-13 15:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Total Security
2017-02-14 17:27 - 2017-01-13 15:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Secure Connection
2017-02-14 17:27 - 2016-10-19 01:44 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
2017-02-14 17:27 - 2016-10-19 01:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Realtek
2017-02-14 17:27 - 2016-10-19 01:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dolby
2017-02-14 17:27 - 2016-10-19 00:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2016-Tools
2017-02-14 17:27 - 2016-10-19 00:31 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lenovo
2017-02-14 17:27 - 2016-07-16 07:04 - 00032768 _____ C:\WINDOWS\system32\config\ELAM
2017-02-14 17:26 - 2015-10-30 07:28 - 00000000 ____D C:\Users\Default.migrated
2017-02-14 17:24 - 2017-01-13 15:13 - 00000000 ____D C:\WINDOWS\SysWOW64\BestPractices
2017-02-14 17:24 - 2017-01-13 15:13 - 00000000 ____D C:\WINDOWS\system32\BestPractices
2017-02-14 17:24 - 2016-11-20 21:59 - 00000000 ____D C:\WINDOWS\SysWOW64\winrm
2017-02-14 17:24 - 2016-11-20 21:59 - 00000000 ____D C:\WINDOWS\SysWOW64\WCN
2017-02-14 17:24 - 2016-11-20 21:59 - 00000000 ____D C:\WINDOWS\SysWOW64\slmgr
2017-02-14 17:24 - 2016-11-20 21:59 - 00000000 ____D C:\WINDOWS\SysWOW64\Printing_Admin_Scripts
2017-02-14 17:24 - 2016-11-20 21:59 - 00000000 ____D C:\WINDOWS\system32\winrm
2017-02-14 17:24 - 2016-11-20 21:59 - 00000000 ____D C:\WINDOWS\system32\WCN
2017-02-14 17:24 - 2016-11-20 21:59 - 00000000 ____D C:\WINDOWS\system32\slmgr
2017-02-14 17:24 - 2016-11-20 21:59 - 00000000 ____D C:\WINDOWS\system32\Printing_Admin_Scripts
2017-02-14 17:24 - 2016-10-19 01:47 - 00000000 ___HD C:\WINDOWS\system32\WLANProfiles
2017-02-14 17:24 - 2016-07-16 12:47 - 00000000 ___SD C:\WINDOWS\SysWOW64\F12
2017-02-14 17:24 - 2016-07-16 12:47 - 00000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs
2017-02-14 17:24 - 2016-07-16 12:47 - 00000000 ___SD C:\WINDOWS\system32\F12
2017-02-14 17:24 - 2016-07-16 12:47 - 00000000 ___SD C:\WINDOWS\system32\dsc
2017-02-14 17:24 - 2016-07-16 12:47 - 00000000 ___SD C:\WINDOWS\system32\DiagSvcs
2017-02-14 17:24 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2017-02-14 17:24 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\NDF
2017-02-14 17:24 - 2016-07-16 12:47 - 00000000 ____D C:\Program Files\Windows Photo Viewer
2017-02-14 17:24 - 2016-07-16 12:47 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2017-02-14 17:17 - 2016-10-19 01:41 - 00000000 ___HD C:\Intel
2017-02-14 17:14 - 2016-07-16 12:47 - 00028672 _____ C:\WINDOWS\system32\config\BCD-Template
2017-02-14 17:09 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\SysWOW64\MUI
2017-02-14 17:09 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\MUI
2017-02-06 20:48 - 2016-07-16 12:49 - 00835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2017-02-06 20:48 - 2016-07-16 12:49 - 00177656 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2017-02-03 17:06 - 2017-01-25 19:00 - 00000000 ____D C:\ProgramData\install_backup
2017-02-03 17:06 - 2016-10-19 00:45 - 00000000 ____D C:\ProgramData\SUPPORTDIR
2017-02-03 17:06 - 2016-10-19 00:43 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2017-02-03 17:06 - 2016-10-19 00:31 - 00000000 ____D C:\Program Files (x86)\Lenovo
2017-02-03 17:05 - 2016-10-19 00:47 - 00000000 ____D C:\ProgramData\CyberLink

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2010-06-02 05:21 - 2010-06-02 05:21 - 1347354 _____ () C:\Program Files\Apr2005_d3dx9_25_x64.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 1078962 _____ () C:\Program Files\Apr2005_d3dx9_25_x86.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 1397830 _____ () C:\Program Files\Apr2006_d3dx9_30_x64.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 1115221 _____ () C:\Program Files\Apr2006_d3dx9_30_x86.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 0916430 _____ () C:\Program Files\Apr2006_MDX1_x86.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 4162630 _____ () C:\Program Files\Apr2006_MDX1_x86_Archive.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 0179133 _____ () C:\Program Files\Apr2006_XACT_x64.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 0133103 _____ () C:\Program Files\Apr2006_XACT_x86.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 0087101 _____ () C:\Program Files\Apr2006_xinput_x64.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 0046010 _____ () C:\Program Files\Apr2006_xinput_x86.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 0698612 _____ () C:\Program Files\APR2007_d3dx10_33_x64.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 0695865 _____ () C:\Program Files\APR2007_d3dx10_33_x86.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 1607358 _____ () C:\Program Files\APR2007_d3dx9_33_x64.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 1606039 _____ () C:\Program Files\APR2007_d3dx9_33_x86.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 0195766 _____ () C:\Program Files\APR2007_XACT_x64.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 0151225 _____ () C:\Program Files\APR2007_XACT_x86.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 0096817 _____ () C:\Program Files\APR2007_xinput_x64.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 0053302 _____ () C:\Program Files\APR2007_xinput_x86.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 1350542 _____ () C:\Program Files\Aug2005_d3dx9_27_x64.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 1077644 _____ () C:\Program Files\Aug2005_d3dx9_27_x86.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 0182903 _____ () C:\Program Files\AUG2006_XACT_x64.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 0137235 _____ () C:\Program Files\AUG2006_XACT_x86.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 0087142 _____ () C:\Program Files\AUG2006_xinput_x64.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 0046058 _____ () C:\Program Files\AUG2006_xinput_x86.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 0852286 _____ () C:\Program Files\AUG2007_d3dx10_35_x64.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 0796867 _____ () C:\Program Files\AUG2007_d3dx10_35_x86.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 1800160 _____ () C:\Program Files\AUG2007_d3dx9_35_x64.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 1708152 _____ () C:\Program Files\AUG2007_d3dx9_35_x86.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 0198096 _____ () C:\Program Files\AUG2007_XACT_x64.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 0153012 _____ () C:\Program Files\AUG2007_XACT_x86.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 0867612 _____ () C:\Program Files\Aug2008_d3dx10_39_x64.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 0849167 _____ () C:\Program Files\Aug2008_d3dx10_39_x86.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 1794084 _____ () C:\Program Files\Aug2008_d3dx9_39_x64.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 1464672 _____ () C:\Program Files\Aug2008_d3dx9_39_x86.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 0121772 _____ () C:\Program Files\Aug2008_XACT_x64.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 0092996 _____ () C:\Program Files\Aug2008_XACT_x86.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 0271412 _____ () C:\Program Files\Aug2008_XAudio_x64.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 0271038 _____ () C:\Program Files\Aug2008_XAudio_x86.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 0919044 _____ () C:\Program Files\Aug2009_D3DCompiler_42_x64.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 0900598 _____ () C:\Program Files\Aug2009_D3DCompiler_42_x86.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 3112111 _____ () C:\Program Files\Aug2009_d3dcsx_42_x64.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 3319740 _____ () C:\Program Files\Aug2009_d3dcsx_42_x86.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 0232635 _____ () C:\Program Files\Aug2009_d3dx10_42_x64.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 0192131 _____ () C:\Program Files\Aug2009_d3dx10_42_x86.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 0136301 _____ () C:\Program Files\Aug2009_d3dx11_42_x64.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 0105044 _____ () C:\Program Files\Aug2009_d3dx11_42_x86.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 0930116 _____ () C:\Program Files\Aug2009_d3dx9_42_x64.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 0728456 _____ () C:\Program Files\Aug2009_d3dx9_42_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0122408 _____ () C:\Program Files\Aug2009_XACT_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0093106 _____ () C:\Program Files\Aug2009_XACT_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0273264 _____ () C:\Program Files\Aug2009_XAudio_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0272642 _____ () C:\Program Files\Aug2009_XAudio_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 1357976 _____ () C:\Program Files\Dec2005_d3dx9_28_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 1079456 _____ () C:\Program Files\Dec2005_d3dx9_28_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0212807 _____ () C:\Program Files\DEC2006_d3dx10_00_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0191720 _____ () C:\Program Files\DEC2006_d3dx10_00_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 1571154 _____ () C:\Program Files\DEC2006_d3dx9_32_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 1574376 _____ () C:\Program Files\DEC2006_d3dx9_32_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0192475 _____ () C:\Program Files\DEC2006_XACT_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0145599 _____ () C:\Program Files\DEC2006_XACT_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0089944 _____ (Microsoft Corporation) C:\Program Files\DSETUP.dll
2010-06-02 05:22 - 2010-06-02 05:22 - 1801048 _____ () C:\Program Files\dsetup32.dll
2010-06-02 05:22 - 2010-06-02 05:22 - 0042410 _____ () C:\Program Files\dxdllreg_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0537432 _____ () C:\Program Files\DXSETUP.exe
2010-06-02 05:22 - 2010-06-02 05:22 - 0094011 _____ () C:\Program Files\dxupdate.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 1247499 _____ () C:\Program Files\Feb2005_d3dx9_24_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 1013225 _____ () C:\Program Files\Feb2005_d3dx9_24_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 1362796 _____ () C:\Program Files\Feb2006_d3dx9_29_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 1084720 _____ () C:\Program Files\Feb2006_d3dx9_29_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0178359 _____ () C:\Program Files\Feb2006_XACT_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0132409 _____ () C:\Program Files\Feb2006_XACT_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0194675 _____ () C:\Program Files\FEB2007_XACT_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0147983 _____ () C:\Program Files\FEB2007_XACT_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0054678 _____ () C:\Program Files\Feb2010_X3DAudio_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0020713 _____ () C:\Program Files\Feb2010_X3DAudio_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0122446 _____ () C:\Program Files\Feb2010_XACT_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0093180 _____ () C:\Program Files\Feb2010_XACT_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0276960 _____ () C:\Program Files\Feb2010_XAudio_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0277191 _____ () C:\Program Files\Feb2010_XAudio_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 1336002 _____ () C:\Program Files\Jun2005_d3dx9_26_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 1064925 _____ () C:\Program Files\Jun2005_d3dx9_26_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0180785 _____ () C:\Program Files\JUN2006_XACT_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0133671 _____ () C:\Program Files\JUN2006_XACT_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0699044 _____ () C:\Program Files\JUN2007_d3dx10_34_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0698472 _____ () C:\Program Files\JUN2007_d3dx10_34_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 1607774 _____ () C:\Program Files\JUN2007_d3dx9_34_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 1607286 _____ () C:\Program Files\JUN2007_d3dx9_34_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0197122 _____ () C:\Program Files\JUN2007_XACT_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0152909 _____ () C:\Program Files\JUN2007_XACT_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0867828 _____ () C:\Program Files\JUN2008_d3dx10_38_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0849919 _____ () C:\Program Files\JUN2008_d3dx10_38_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 1792608 _____ () C:\Program Files\JUN2008_d3dx9_38_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 1463878 _____ () C:\Program Files\JUN2008_d3dx9_38_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0055154 _____ () C:\Program Files\JUN2008_X3DAudio_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0021905 _____ () C:\Program Files\JUN2008_X3DAudio_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0121054 _____ () C:\Program Files\JUN2008_XACT_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0093128 _____ () C:\Program Files\JUN2008_XACT_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0269628 _____ () C:\Program Files\JUN2008_XAudio_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0269024 _____ () C:\Program Files\JUN2008_XAudio_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0944460 _____ () C:\Program Files\Jun2010_D3DCompiler_43_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0931471 _____ () C:\Program Files\Jun2010_D3DCompiler_43_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0752783 _____ () C:\Program Files\Jun2010_d3dcsx_43_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0762188 _____ () C:\Program Files\Jun2010_d3dcsx_43_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0235955 _____ () C:\Program Files\Jun2010_d3dx10_43_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0197283 _____ () C:\Program Files\Jun2010_d3dx10_43_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0138205 _____ () C:\Program Files\Jun2010_d3dx11_43_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0109445 _____ () C:\Program Files\Jun2010_d3dx11_43_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0937246 _____ () C:\Program Files\Jun2010_d3dx9_43_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0768036 _____ () C:\Program Files\Jun2010_d3dx9_43_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0124596 _____ () C:\Program Files\Jun2010_XACT_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0093686 _____ () C:\Program Files\Jun2010_XACT_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0277338 _____ () C:\Program Files\Jun2010_XAudio_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0278060 _____ () C:\Program Files\Jun2010_XAudio_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0844884 _____ () C:\Program Files\Mar2008_d3dx10_37_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0818260 _____ () C:\Program Files\Mar2008_d3dx10_37_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 1769862 _____ () C:\Program Files\Mar2008_d3dx9_37_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 1443282 _____ () C:\Program Files\Mar2008_d3dx9_37_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0055058 _____ () C:\Program Files\Mar2008_X3DAudio_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0021867 _____ () C:\Program Files\Mar2008_X3DAudio_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0122336 _____ () C:\Program Files\Mar2008_XACT_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0093734 _____ () C:\Program Files\Mar2008_XACT_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0251194 _____ () C:\Program Files\Mar2008_XAudio_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0226250 _____ () C:\Program Files\Mar2008_XAudio_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 1067160 _____ () C:\Program Files\Mar2009_d3dx10_41_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 1040745 _____ () C:\Program Files\Mar2009_d3dx10_41_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 1973702 _____ () C:\Program Files\Mar2009_d3dx9_41_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 1612446 _____ () C:\Program Files\Mar2009_d3dx9_41_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0054600 _____ () C:\Program Files\Mar2009_X3DAudio_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0021298 _____ () C:\Program Files\Mar2009_X3DAudio_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0121506 _____ () C:\Program Files\Mar2009_XACT_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0092740 _____ () C:\Program Files\Mar2009_XACT_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0275044 _____ () C:\Program Files\Mar2009_XAudio_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0273018 _____ () C:\Program Files\Mar2009_XAudio_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0864600 _____ () C:\Program Files\Nov2007_d3dx10_36_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0803884 _____ () C:\Program Files\Nov2007_d3dx10_36_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 1802058 _____ () C:\Program Files\Nov2007_d3dx9_36_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 1709360 _____ () C:\Program Files\Nov2007_d3dx9_36_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0046144 _____ () C:\Program Files\NOV2007_X3DAudio_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0018496 _____ () C:\Program Files\NOV2007_X3DAudio_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0196762 _____ () C:\Program Files\NOV2007_XACT_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0148264 _____ () C:\Program Files\NOV2007_XACT_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0994154 _____ () C:\Program Files\Nov2008_d3dx10_40_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0965421 _____ () C:\Program Files\Nov2008_d3dx10_40_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 1906878 _____ () C:\Program Files\Nov2008_d3dx9_40_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 1550796 _____ () C:\Program Files\Nov2008_d3dx9_40_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0054522 _____ () C:\Program Files\Nov2008_X3DAudio_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0021851 _____ () C:\Program Files\Nov2008_X3DAudio_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0121794 _____ () C:\Program Files\Nov2008_XACT_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0092684 _____ () C:\Program Files\Nov2008_XACT_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0273960 _____ () C:\Program Files\Nov2008_XAudio_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0272611 _____ () C:\Program Files\Nov2008_XAudio_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0086037 _____ () C:\Program Files\Oct2005_xinput_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0045359 _____ () C:\Program Files\Oct2005_xinput_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 1412902 _____ () C:\Program Files\OCT2006_d3dx9_31_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 1127217 _____ () C:\Program Files\OCT2006_d3dx9_31_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0182361 _____ () C:\Program Files\OCT2006_XACT_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0138017 _____ () C:\Program Files\OCT2006_XACT_x86.cab
2017-02-14 17:18 - 2017-02-14 17:18 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

Einige Dateien in TEMP:
====================
2016-10-13 09:18 - 2016-10-13 09:18 - 171330228 _____ () C:\Users\Baby\AppData\Local\Temp\OpenOffice_4.1.3_Win_x86_install_de.exe

==================== Bamital & volsnap ======================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert

LastRegBack: 2017-03-02 17:04

==================== Ende von FRST.txt ============================

Reen96 03.03.2017 22:20
Hier Addition:
Code:
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 01-03-2017
durchgeführt von Baby (03-03-2017 22:01:53)
Gestartet von C:\Users\Baby\Desktop
Windows 10 Home Version 1607 (X64) (2017-02-14 16:42:20)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-217730058-1440262021-2186221569-500 - Administrator - Disabled)
Baby (S-1-5-21-217730058-1440262021-2186221569-1001 - Administrator - Enabled) => C:\Users\Baby
DefaultAccount (S-1-5-21-217730058-1440262021-2186221569-503 - Limited - Disabled)
Gast (S-1-5-21-217730058-1440262021-2186221569-501 - Limited - Disabled)

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Kaspersky Total Security (Enabled - Up to date) {86367591-4BE4-AE08-2FD9-7FCB8259CD98}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Kaspersky Total Security (Enabled - Up to date) {3D579475-6DDE-A186-1569-44B9F9DE8725}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky Total Security (Enabled) {BE0DF4B4-018B-AF50-0486-D6FE7C8A8AE3}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

Benutzerhandbücher (x32 Version: 6.0.0.0 - Lenovo) Hidden
Big Fish: Game Manager (HKLM-x32\...\BFGC) (Version: 3.3.0.2 - )
Delicious - Emily's Christmas Carol Deluxe (HKLM-x32\...\59221808f4c2c0c992944c696bd81176) (Version:  - Zylom)
Dolby Digital Plus (HKLM\...\{D2CD7DCF-D129-4A54-8543-38BECC6CFDAE}) (Version: 7.6.7.1 - Dolby Laboratories Inc)
ElsterFormular (HKLM-x32\...\ElsterFormular) (Version: 18.1.22140 - Landesfinanzdirektion Thüringen)
Genesys USB Mass Storage Device (HKLM-x32\...\{959B7F35-2819-40C5-A0CD-3C53B5FCC935}) (Version: 4.5.0.4.1001 - Genesys Logic)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.0.1158 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.15.4271 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 14.6.0.1029 - Intel Corporation)
Intel(R) Serial IO (HKLM\...\{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}) (Version: 1.1.253.0 - Intel Corporation)
Intel(R) Wireless Bluetooth(R) (HKLM-x32\...\{FD46588A-DB19-4C43-B657-EA898E280812}) (Version: 17.1.1524.1353 - Intel Corporation)
Intel® Chipsatz-Gerätesoftware (x32 Version: 10.1.1.8 - Intel(R) Corporation) Hidden
Intel® PROSet/Wireless Software (HKLM-x32\...\{4c8b7360-62a2-4339-b745-41323055d0bb}) (Version: 18.20.0 - Intel Corporation)
Intel® Security Assist (HKLM-x32\...\{4B230374-6475-4A73-BA6E-41015E9C5013}) (Version: 1.0.0.532 - Intel Corporation)
Kaspersky Secure Connection (HKLM-x32\...\InstallWIX_{1CF84962-50F8-48CA-9082-B70F3A02C686}) (Version: 17.0.0.611 - Kaspersky Lab)
Kaspersky Secure Connection (x32 Version: 17.0.0.611 - Kaspersky Lab) Hidden
Kaspersky Total Security (HKLM-x32\...\InstallWIX_{E27B1D7B-3B34-43A2-9FC0-9828D5DF46E2}) (Version: 17.0.0.611 - Kaspersky Lab)
Kaspersky Total Security (x32 Version: 17.0.0.611 - Kaspersky Lab) Hidden
Lenovo EasyCamera (HKLM-x32\...\{E399A5B3-ED53-4DEA-AF04-8011E1EB1EAC}) (Version: 6.3.9600.11103 - Realtek Semiconductor Corp.)
Lenovo OneKey Recovery (HKLM-x32\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 8.1.0.4706 - CyberLink Corp.)
Lenovo OneKey Recovery (Version: 8.1.0.4706 - CyberLink Corp.) Hidden
Lenovo pointing device (HKLM\...\Elantech) (Version: 11.4.78.5 - ELAN Microelectronic Corp.)
Lenovo Product Demo (HKLM-x32\...\{8EA60981-2735-458E-9F11-1E8813B278EA}) (Version: 2.0.5 - Lenovo)
Lenovo QuickOptimizer (HKLM\...\{8D2C871B-1B9F-45AC-9C43-2BB18089CDFA}) (Version: 1.0.019.00 - Lenovo)
Lenovo System Interface Foundation (HKLM\...\{C2E5CA37-C862-4A69-AC6D-24F450A20C16}) (Version: 1.0.070.04 - Lenovo)
LenovoUtility (HKLM-x32\...\InstallShield_{6ADA7E88-8D16-4D0D-BC90-2B93AC5E56DA}) (Version: 3.0.0.4 - Lenovo)
LenovoUtility (x32 Version: 3.0.0.4 - Lenovo) Hidden
Metric Collection SDK 35 (x32 Version: 1.2.0010.00 - Lenovo Group Limited) Hidden
Microsoft Office 365 - de-de (HKLM\...\O365HomePremRetail - de-de) (Version: 16.0.7766.2060 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-217730058-1440262021-2186221569-1001\...\OneDriveSetup.exe) (Version: 17.3.6798.0207 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50901.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Mozilla Firefox 51.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 51.0.1 (x86 de)) (Version: 51.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 51.0.1 - Mozilla)
Office 16 Click-to-Run Extensibility Component (x32 Version: 16.0.7766.2047 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (Version: 16.0.7766.2047 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (Version: 16.0.7766.2047 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (x32 Version: 16.0.7668.2066 - Microsoft Corporation) Hidden
Online Games Manager v1.50 (HKLM-x32\...\Online Games Manager) (Version: 1.50.4 - Real Networks, Inc.)
OpenOffice 4.1.3 (HKLM-x32\...\{8D5FCC56-BB9F-4122-923C-71753F50F6F5}) (Version: 4.13.9783 - Apache Software Foundation)
OpenOffice Updater (HKU\S-1-5-21-217730058-1440262021-2186221569-1001\...\OpenOffice Updater) (Version: 1.1.10 - OpenOffice)
REACHit (HKLM-x32\...\{4532E4C5-C84D-4040-A044-ECFCC5C6995B}) (Version: 2.1.0.11 - Lenovo)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.1.505.2015 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7606 - Realtek Semiconductor Corp.)
SHAREit (HKLM-x32\...\SHAREit_is1) (Version: 2.5.5.1 - Lenovo)
Sweet Home 3D version 5.4 (HKLM\...\Sweet Home 3D_is1) (Version: 5.4 - eTeks)
User Manuals (HKLM-x32\...\InstallShield_{7042D952-EE42-4C09-A23D-E7AE4D047007}) (Version: 6.0.0.0 - Lenovo)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-217730058-1440262021-2186221569-1001_Classes\CLSID\{cece6816-6107-4dc7-bdbc-20cd5ae1ffed}\localserver32 -> C:\ProgramData\Lenovo\ImController\Plugins\LenovoAppPromotionPlugin\x64\DesktopToastsHelper.exe (Lenovo Group Limited)

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {2A879CB0-6358-47FF-849D-92BA7DDC3DFB} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\1651d3e1-b901-4df7-bd34-79b69918d1f8 => powershell.exe -nologo -noninteractive "&amp; {New-Item -Path Registry::HKCU\Software\Lenovo\ImController\ScheduledTasks\1651d3e1-b901-4df7-bd34-79b69918d1f8 -type directory -force;$conter=Get-Date;$conter=$conter.ToUniversalTime();Set-ItemProperty -Path Registry::HKCU\Software\Lenovo\ImController\ScheduledTasks\1 (Der Dateneintrag hat 73 mehr Zeichen).
Task: {50090DAC-A4B1-4E45-8EED-9DDEA06F6FFE} - System32\Tasks\Lenovo\REACHit Agent Update => C:\Program Files (x86)\Lenovo\REACHit\webAgent.exe [2015-06-12] (Lenovo)
Task: {6206EF9F-F623-43E0-A461-F6E596A6EF36} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 35 => C:\Program Files (x86)\Lenovo\Customer Feedback Program 35\Lenovo.TVT.CustomerFeedback.Agent35.exe [2015-07-06] (Lenovo)
Task: {7418AF06-A5FA-400A-ACF3-296CEADA1260} - System32\Tasks\Lenovo\REACHit Agent Startup => C:\Program Files (x86)\Lenovo\REACHit\webAgent.exe [2015-06-12] (Lenovo)
Task: {7B3ADA49-45AC-411E-87DF-BEEC6F7BCFB0} - System32\Tasks\Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_WeeklyTask => reg.exe add hklm\SOFTWARE\Lenovo\SystemUpdatePlugin\scheduler  /v start /t reg_dword /d 1 /f /reg:32
Task: {87D481CA-9DE5-424B-8D12-BFC9C36EA954} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2017-02-18] (Microsoft Corporation)
Task: {CDAD8E01-DABA-40EF-878E-C336F86847B6} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance => Sc.exe START ImControllerService
Task: {FEBEB2EB-4782-4D76-AEA5-E8ABEC34F572} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2017-02-18] (Microsoft Corporation)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)


==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2017-01-30 18:31 - 2017-03-03 18:49 - 00625272 _____ () C:\Windows\System32\NetUtils2016.dll
2016-07-16 12:42 - 2016-07-16 12:42 - 00231424 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2017-02-15 18:32 - 2016-12-09 11:29 - 02681200 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2016-10-19 00:42 - 2015-08-19 03:59 - 00058296 _____ () C:\ProgramData\LenovoTransition\Server\x64\dptf.dll
2017-02-15 18:32 - 2016-12-09 11:29 - 02681200 _____ () C:\WINDOWS\SYSTEM32\CoreUIComponents.dll
2016-10-19 00:42 - 2015-12-02 09:24 - 00043960 _____ () C:\ProgramData\LenovoTransition\Server\x64\EnableAutoRotation.dll
2016-11-20 22:06 - 2016-11-20 22:06 - 00134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll
2017-02-15 18:30 - 2016-12-21 08:09 - 00474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll
2015-10-16 09:55 - 2015-08-16 18:13 - 00395880 _____ () C:\WINDOWS\system32\igfxTray.exe
2017-02-15 18:29 - 2016-12-21 07:54 - 09760768 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2017-02-15 18:29 - 2016-12-21 07:48 - 01401856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2017-02-15 18:29 - 2016-12-21 07:48 - 00757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll
2017-02-15 18:29 - 2016-12-21 07:48 - 01033216 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Actions.dll
2017-02-15 18:29 - 2016-12-21 07:48 - 02424320 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2017-02-15 18:29 - 2016-12-21 07:53 - 04853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2016-10-19 00:43 - 2016-10-19 00:42 - 00791848 _____ () C:\Program Files\Lenovo\LenovoUtility\utility.exe
2016-10-19 00:43 - 2016-10-19 00:42 - 00097048 _____ () C:\Program Files\Lenovo\LenovoUtility\kbdhook.dll
2017-02-15 17:39 - 2017-02-15 17:39 - 03865088 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1702.312.0_x64__8wekyb3d8bbwe\Calculator.exe
2017-03-02 16:38 - 2017-03-02 16:45 - 00019456 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.214.10010.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
2017-03-02 16:38 - 2017-03-02 16:45 - 21149696 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.214.10010.0_x64__8wekyb3d8bbwe\Microsoft.Photos.dll
2017-03-02 16:38 - 2017-03-02 16:45 - 05380096 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.214.10010.0_x64__8wekyb3d8bbwe\MediaEngine.dll
2017-01-17 17:10 - 2017-01-17 17:11 - 00680448 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.214.10010.0_x64__8wekyb3d8bbwe\Microsoft.DesignCore.dll
2017-03-02 16:38 - 2017-03-02 16:45 - 00387584 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.214.10010.0_x64__8wekyb3d8bbwe\Microsoft.RichMedia.Ink.Controls.dll
2017-03-02 16:38 - 2017-03-02 16:45 - 01047552 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.214.10010.0_x64__8wekyb3d8bbwe\Microsoft.Sharing.dll
2017-01-17 17:10 - 2017-01-17 17:11 - 00291328 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.214.10010.0_x64__8wekyb3d8bbwe\StoreRatingPromotion.dll
2017-02-23 21:24 - 2017-02-23 21:26 - 00073728 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.11.110.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2017-02-23 21:24 - 2017-02-23 21:26 - 00179712 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.11.110.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2016-06-28 00:19 - 2016-06-28 00:19 - 00865232 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\kpcengine.2.3.dll
2015-07-10 22:37 - 2015-07-10 22:37 - 01243936 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2017-01-19 19:59 - 2016-12-06 16:09 - 00116064 _____ () C:\Program Files (x86)\Lenovo\CCSDK\Xmlparser.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)


==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)


==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2015-10-30 08:24 - 2015-10-30 08:21 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-217730058-1440262021-2186221569-1001\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\theme1\img1.jpg
DNS Servers: 192.168.2.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==


==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{46B32332-4A74-4540-91E9-F740ECBAAC38}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe
FirewallRules: [{EAF8C99D-6F66-40DD-B8F7-8C902F5C8906}] => (Allow) C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe
FirewallRules: [{B5FFBE7D-2A55-4F69-9116-B7E25CFCFF65}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
FirewallRules: [{A350F950-6097-4304-8497-C521C9329600}] => (Allow) C:\Program Files (x86)\Lenovo\SHAREit\SHAREit.exe
FirewallRules: [{715F2D49-9B78-490B-98DB-CBE1176E2FBF}] => (Allow) C:\Program Files (x86)\Lenovo\SHAREit\SHAREit.exe
FirewallRules: [{F9638912-15E0-44FB-BD3A-02965C99AFEE}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{9BED336A-8E4B-4DA0-B686-0C891E969AB7}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe

==================== Wiederherstellungspunkte =========================

ACHTUNG: Systemwiederherstellung ist deaktiviert

==================== Fehlerhafte Geräte im Gerätemanager =============


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (03/03/2017 08:16:49 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: SkypeHost.exe, Version: 11.11.110.0, Zeitstempel: 0x58a63eb4
Name des fehlerhaften Moduls: ntdll.dll, Version: 10.0.14393.479, Zeitstempel: 0x5825887f
Ausnahmecode: 0xc0000008
Fehleroffset: 0x00000000000a9d2a
ID des fehlerhaften Prozesses: 0x1f6c
Startzeit der fehlerhaften Anwendung: 0x01d2944686601db4
Pfad der fehlerhaften Anwendung: C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.11.110.0_x64__kzf8qxf38zg5c\SkypeHost.exe
Pfad des fehlerhaften Moduls: C:\WINDOWS\SYSTEM32\ntdll.dll
Berichtskennung: c26a4b0d-7206-4f9a-a75b-e4aeeecd50eb
Vollständiger Name des fehlerhaften Pakets: Microsoft.SkypeApp_11.11.110.0_x64__kzf8qxf38zg5c
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: ppleae38af2e007f4358a809ac99a64a67c1

Error: (03/03/2017 07:29:48 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2484) (User: DESKTOP-A10S929)
Description: Das Paket „Microsoft.MicrosoftEdge_38.14393.0.0_neutral__8wekyb3d8bbwe+MicrosoftEdge#{bce8ade2-2d0c-4030-a803-f7c82671ec9d}“ wurde beendet, da das Anhalten zu lange dauerte.

Error: (03/03/2017 06:54:00 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm MicrosoftEdgeCP.exe, Version 11.0.14393.82 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Systemsteuerung "Sicherheit und Wartung", um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 2b0c

Startzeit: 01d294469ac49a58

Beendigungszeit: 19

Anwendungspfad: C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe

Berichts-ID: 5f4e31d5-003a-11e7-af19-54ee755efccd

Vollständiger Name des fehlerhaften Pakets: Microsoft.MicrosoftEdge_38.14393.0.0_neutral__8wekyb3d8bbwe

Auf das fehlerhafte Paket bezogene Anwendungs-ID: MicrosoftEdge

Error: (03/03/2017 06:41:31 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: SkypeHost.exe, Version: 11.11.110.0, Zeitstempel: 0x58a63eb4
Name des fehlerhaften Moduls: ntdll.dll, Version: 10.0.14393.479, Zeitstempel: 0x5825887f
Ausnahmecode: 0xc0000008
Fehleroffset: 0x00000000000a9d2a
ID des fehlerhaften Prozesses: 0x1bf4
Startzeit der fehlerhaften Anwendung: 0x01d293888012c855
Pfad der fehlerhaften Anwendung: C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.11.110.0_x64__kzf8qxf38zg5c\SkypeHost.exe
Pfad des fehlerhaften Moduls: C:\WINDOWS\SYSTEM32\ntdll.dll
Berichtskennung: 383576e7-64e8-41e4-b370-453eed72c06f
Vollständiger Name des fehlerhaften Pakets: Microsoft.SkypeApp_11.11.110.0_x64__kzf8qxf38zg5c
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: ppleae38af2e007f4358a809ac99a64a67c1

Error: (03/02/2017 08:09:20 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: SkypeHost.exe, Version: 11.11.110.0, Zeitstempel: 0x58a63eb4
Name des fehlerhaften Moduls: ntdll.dll, Version: 10.0.14393.479, Zeitstempel: 0x5825887f
Ausnahmecode: 0xc0000008
Fehleroffset: 0x00000000000a9d2a
ID des fehlerhaften Prozesses: 0x1af0
Startzeit der fehlerhaften Anwendung: 0x01d293885eefa619
Pfad der fehlerhaften Anwendung: C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.11.110.0_x64__kzf8qxf38zg5c\SkypeHost.exe
Pfad des fehlerhaften Moduls: C:\WINDOWS\SYSTEM32\ntdll.dll
Berichtskennung: 40735ea9-a804-40ba-bbad-7d03d84cf475
Vollständiger Name des fehlerhaften Pakets: Microsoft.SkypeApp_11.11.110.0_x64__kzf8qxf38zg5c
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: ppleae38af2e007f4358a809ac99a64a67c1

Error: (03/02/2017 07:35:39 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: microsoftedgecp.exe, Version: 11.0.14393.82, Zeitstempel: 0x57a55786
Name des fehlerhaften Moduls: wpaxholder.dll, Version: 10.0.14393.447, Zeitstempel: 0x5819bfb6
Ausnahmecode: 0xc0000409
Fehleroffset: 0x0000000000011b68
ID des fehlerhaften Prozesses: 0x3888
Startzeit der fehlerhaften Anwendung: 0x01d29383917ad5a7
Pfad der fehlerhaften Anwendung: C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\microsoftedgecp.exe
Pfad des fehlerhaften Moduls: C:\WINDOWS\SYSTEM32\wpaxholder.dll
Berichtskennung: f6a16b3d-de5a-4a1f-b1ed-a2b430fa2dff
Vollständiger Name des fehlerhaften Pakets: Microsoft.MicrosoftEdge_38.14393.0.0_neutral__8wekyb3d8bbwe
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: MicrosoftEdge

Error: (03/02/2017 07:34:02 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm MicrosoftEdgeCP.exe, Version 11.0.14393.82 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Systemsteuerung "Sicherheit und Wartung", um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 3854

Startzeit: 01d29383641a7bfa

Beendigungszeit: 24

Anwendungspfad: C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe

Berichts-ID: cc921847-ff76-11e6-af17-54ee755efccd

Vollständiger Name des fehlerhaften Pakets: Microsoft.MicrosoftEdge_38.14393.0.0_neutral__8wekyb3d8bbwe

Auf das fehlerhafte Paket bezogene Anwendungs-ID: MicrosoftEdge

Error: (03/02/2017 07:32:37 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm MicrosoftEdgeCP.exe, Version 11.0.14393.82 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Systemsteuerung "Sicherheit und Wartung", um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: f8

Startzeit: 01d2938319006294

Beendigungszeit: 10

Anwendungspfad: C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe

Berichts-ID: 99a54f39-ff76-11e6-af17-54ee755efccd

Vollständiger Name des fehlerhaften Pakets: Microsoft.MicrosoftEdge_38.14393.0.0_neutral__8wekyb3d8bbwe

Auf das fehlerhafte Paket bezogene Anwendungs-ID: MicrosoftEdge

Error: (03/02/2017 07:24:23 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: microsoftedgecp.exe, Version: 11.0.14393.82, Zeitstempel: 0x57a55786
Name des fehlerhaften Moduls: edgehtml.dll, Version: 11.0.14393.693, Zeitstempel: 0x585a2bf0
Ausnahmecode: 0x80004004
Fehleroffset: 0x000000000064c365
ID des fehlerhaften Prozesses: 0x844
Startzeit der fehlerhaften Anwendung: 0x01d293821f00650d
Pfad der fehlerhaften Anwendung: C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\microsoftedgecp.exe
Pfad des fehlerhaften Moduls: C:\WINDOWS\SYSTEM32\edgehtml.dll
Berichtskennung: a65a3319-d859-49f8-8566-673a51475529
Vollständiger Name des fehlerhaften Pakets: Microsoft.MicrosoftEdge_38.14393.0.0_neutral__8wekyb3d8bbwe
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: MicrosoftEdge

Error: (03/02/2017 07:23:42 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Programm MicrosoftEdgeCP.exe, Version 11.0.14393.82 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Systemsteuerung "Sicherheit und Wartung", um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 3510

Startzeit: 01d29382070f6e61

Beendigungszeit: 20

Anwendungspfad: C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe

Berichts-ID: 5a7b00ae-ff75-11e6-af17-54ee755efccd

Vollständiger Name des fehlerhaften Pakets: Microsoft.MicrosoftEdge_38.14393.0.0_neutral__8wekyb3d8bbwe

Auf das fehlerhafte Paket bezogene Anwendungs-ID: MicrosoftEdge


Systemfehler:
=============
Error: (03/03/2017 08:22:11 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 und der APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (03/03/2017 07:10:55 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 und der APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (03/03/2017 06:53:57 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 und der APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (03/03/2017 06:49:32 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
 und der APPID
{F72671A9-012C-4725-9D2F-2A4D32D65169}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (03/03/2017 06:49:24 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "McAfee CSP Service" wurde aufgrund folgenden Fehlers nicht gestartet:
Der Dienst antwortete nicht rechtzeitig auf die Start- oder Steuerungsanforderung.

Error: (03/03/2017 06:49:24 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst mccspsvc erreicht.

Error: (03/03/2017 06:46:40 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT-AUTORITÄT)
Description: Das WLAN-Erweiterungsmodul wurde unerwartet beendet.

Modulpfad: C:\WINDOWS\System32\IWMSSvc.dll

Error: (03/03/2017 06:46:40 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT-AUTORITÄT)
Description: Das WLAN-Erweiterungsmodul wurde unerwartet beendet.

Modulpfad: C:\WINDOWS\System32\IWMSSvc.dll

Error: (03/03/2017 06:46:38 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT-AUTORITÄT)
Description: Das WLAN-Erweiterungsmodul wurde unerwartet beendet.

Modulpfad: C:\WINDOWS\System32\IWMSSvc.dll

Error: (03/03/2017 06:46:38 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 und der APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.


==================== Speicherinformationen ===========================

Prozessor: Intel(R) Core(TM) i7-5500U CPU @ 2.40GHz
Prozentuale Nutzung des RAM: 33%
Installierter physikalischer RAM: 8097.92 MB
Verfügbarer physikalischer RAM: 5405.46 MB
Summe virtueller Speicher: 9377.92 MB
Verfügbarer virtueller Speicher: 6096.82 MB

==================== Laufwerke ================================

Drive c: (Windows) (Fixed) (Total:426.12 GB) (Free:393.37 GB) NTFS
Drive d: (LENOVO) (Fixed) (Total:25 GB) (Free:21.6 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 286089BB)

Partition: GPT.

==================== Ende von Addition.txt ============================

M-K-D-B 04.03.2017 14:43
Servus,



Ich seh den Schädling... :D




Schritt 1
Downloade Dir bitte AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser.
  • Starte die adwcleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Werkzeuge > Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel
    • "Prefetch" Dateien
    • Proxy
    • Winsock
    • Firewall
    • Internet Explorer Richtlinien
    • Chrome Richtlinien
  • Bestätige die Auswahl mit Ok.
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen (auch dann wenn AdwCleaner sagt, dass nichts gefunden wurde) und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).






Schritt 2
Downloade Dir bitte Malwarebytes Anti-Malware
  • Installiere das Programm in den vorgegebenen Pfad.
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Klicke im Anschluss auf Scan, wähle den Bedrohungs-Scan aus und klicke auf Scan starten.
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Ausgewählte Elemente in die Quarantäne verschieben.
  • Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM nach dem Neustart, klicke auf Berichte.
  • Wähle den neuesten Scan-Bericht aus, klicke auf Bericht anzeigen und dann auf Export.
  • Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.





Schritt 3

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.







Schritt 4
  • Starte die FRST.exe erneut. Setze einen Haken vor Dateiliste 90 Tage und drücke auf Untersuchen.
  • FRST erstellt nun zwei Logdateien (FRST.txt und Addition.txt).
  • Poste mir beide Logdateien mit deiner nächsten Antwort.






Bitte poste mit deiner nächsten Antwort
  • die Logdatei von AdwCleaner,
  • die Logdatei von MBAM,
  • die Logdatei von JRT,
  • die beiden neuen Logdateien von FRST.

Reen96 04.03.2017 19:32
ADWCLEANER:

Code:
# AdwCleaner v6.044 - Bericht erstellt am 04/03/2017 um 18:58:05
# Aktualisiert am 28/02/2017 von Malwarebytes
# Datenbank : 2017-03-02.1 [Lokal]
# Betriebssystem : Windows 10 Home  (X64)
# Benutzername : Baby - DESKTOP-A10S929
# Gestartet von : C:\Users\Baby\Desktop\adwcleaner_6.044.exe
# Modus: Löschen
# Unterstützung : https://www.malwarebytes.com/support



***** [ Dienste ] *****



***** [ Ordner ] *****



***** [ Dateien ] *****

[#] Datei gelöscht: C:\WINDOWS\SysNative\NetUtils2016.dll
[#] Datei gelöscht: C:\WINDOWS\SysNative\drivers\NetUtils2016.sys


***** [ DLL ] *****



***** [ WMI ] *****



***** [ Verknüpfungen ] *****



***** [ Aufgabenplanung ] *****



***** [ Registrierungsdatenbank ] *****

[-] Schlüssel gelöscht: [x64] HKLM\SOFTWARE\HDWallpaper
[-] Schlüssel gelöscht: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\cmptch.com
[-] Schlüssel gelöscht: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\coupontime.co
[-] Schlüssel gelöscht: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\static.cmptch.com
[-] Schlüssel gelöscht: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\static.coupontime00.coupontime.co
[-] Schlüssel gelöscht: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\cmptch.com
[-] Schlüssel gelöscht: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\coupontime.co
[-] Schlüssel gelöscht: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\static.cmptch.com
[-] Schlüssel gelöscht: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\static.coupontime00.coupontime.co
[#] Schlüssel mit Neustart gelöscht: [x64] HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\cmptch.com
[#] Schlüssel mit Neustart gelöscht: [x64] HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\coupontime.co
[#] Schlüssel mit Neustart gelöscht: [x64] HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\static.cmptch.com
[#] Schlüssel mit Neustart gelöscht: [x64] HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\static.coupontime00.coupontime.co
[#] Schlüssel mit Neustart gelöscht: [x64] HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\cmptch.com
[#] Schlüssel mit Neustart gelöscht: [x64] HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\coupontime.co
[#] Schlüssel mit Neustart gelöscht: [x64] HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\static.cmptch.com
[#] Schlüssel mit Neustart gelöscht: [x64] HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\static.coupontime00.coupontime.co


***** [ Browser ] *****



*************************

:: "Tracing" Schlüssel gelöscht
:: Winsock Einstellungen zurückgesetzt
:: "Prefetch" Dateien gelöscht
:: Proxy Einstellungen zurückgesetzt
:: Firewall Einstellungen zurückgesetzt
:: Internet Explorer Richtlinien gelöscht
:: Chrome Richtlinien gelöscht

*************************

C:\AdwCleaner\AdwCleaner[C0].txt - [9058 Bytes] - [03/03/2017 18:46:09]
C:\AdwCleaner\AdwCleaner[C2].txt - [5025 Bytes] - [04/03/2017 18:58:05]
C:\AdwCleaner\AdwCleaner[S0].txt - [8427 Bytes] - [02/03/2017 20:04:53]
C:\AdwCleaner\AdwCleaner[S1].txt - [8500 Bytes] - [03/03/2017 18:45:00]
C:\AdwCleaner\AdwCleaner[S2].txt - [5174 Bytes] - [04/03/2017 18:57:35]

########## EOF - C:\AdwCleaner\AdwCleaner[C2].txt - [5317 Bytes] ##########
MBAM:

Code:
Malwarebytes
www.malwarebytes.com

-Protokolldetails-
Scan-Datum: 04.03.17
Scan-Zeit: 19:08
Protokolldatei: mbam.txt
Administrator: Ja

-Softwaredaten-
Version: 3.0.6.1469
Komponentenversion: 1.0.75
Version des Aktualisierungspakets: 1.0.1426
Lizenz: Testversion

-Systemdaten-
Betriebssystem: Windows 10
CPU: x64
Dateisystem: NTFS
Benutzer: DESKTOP-A10S929\Baby

-Scan-Übersicht-
Scan-Typ: Bedrohungs-Scan
Ergebnis: Abgeschlossen
Gescannte Objekte: 399011
Abgelaufene Zeit: 2 Min., 14 Sek.

-Scan-Optionen-
Speicher: Aktiviert
Start: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

-Scan-Details-
Prozess: 0
(keine bösartigen Elemente erkannt)

Modul: 1
PUP.Optional.StartGo123, C:\WINDOWS\SYSTEM32\NETUTILS2016.DLL, In Quarantäne, [863], [318108],1.0.1426

Registrierungsschlüssel: 1
PUP.Optional.StartGo123, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\NetUtils2016, In Quarantäne, [863], [325509],1.0.1426

Registrierungswert: 0
(keine bösartigen Elemente erkannt)

Registrierungsdaten: 0
(keine bösartigen Elemente erkannt)

Daten-Stream: 0
(keine bösartigen Elemente erkannt)

Ordner: 0
(keine bösartigen Elemente erkannt)

Datei: 2
PUP.Optional.StartGo123, C:\WINDOWS\SYSTEM32\NETUTILS2016.DLL, In Quarantäne, [863], [318108],1.0.1426
PUP.Optional.StartGo123, C:\WINDOWS\SYSTEM32\DRIVERS\NETUTILS2016.SYS, In Quarantäne, [863], [325509],1.0.1426

Physischer Sektor: 0
(keine bösartigen Elemente erkannt)


(end)
JRT:

Code:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.1.1 (02.11.2017)
Operating System: Windows 10 Home x64
Ran by Baby (Administrator) on 04.03.2017 at 19:24:13,44
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




File System: 2

Successfully deleted: C:\ProgramData\productdata (Folder)
Successfully deleted: C:\Users\Baby\AppData\Roaming\productdata (Folder)



Registry: 1

Successfully deleted: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{7AD69B7E-3FA6-4429-B5DF-34879D0D7903} (Registry Key)




~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 04.03.2017 at 19:25:34,67
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
FRSt:

Code:
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 04-03-2017
durchgeführt von Baby (Administrator) auf DESKTOP-A10S929 (04-03-2017 19:27:37)
Gestartet von C:\Users\Baby\Desktop
Geladene Profile: Baby (Verfügbare Profile: Baby)
Platform: Windows 10 Home Version 1607 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Edge)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Intel Corporation) C:\Windows\System32\ibtsiva.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
() C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(RealNetworks, Inc.) C:\Program Files (x86)\Online Games Manager\ogmservice.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Intel Security, Inc.) C:\Program Files\Common Files\Intel Security\PEF\CORE\PEFService.exe
(Lenovo) C:\ProgramData\LenovoTransition\Server\x64\ymc.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.11.110.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Lenovo) C:\Program Files (x86)\Lenovo\CCSDK\CCSDK.exe
(Microsoft Corporation) C:\Windows\System32\Locator.exe
(Lenovo) C:\Program Files (x86)\Lenovo\GDCAgentSetupRed\GDCAgent.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\ImController\PluginHost\Lenovo.Modern.ImController.PluginHost.Device.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\ImController\PluginHost\Lenovo.Modern.ImController.PluginHost.Device.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
(Microsoft Corporation) C:\Windows\System32\browser_broker.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe

==================== Registry (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [16405744 2015-09-09] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1408752 2015-09-09] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_LENOVO_DOLBYDRAGON] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1408752 2015-09-09] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_LENOVO_MICPKEY] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1408752 2015-09-09] (Realtek Semiconductor)
HKLM\...\Run: [LenovoUtility] => C:\Program Files\Lenovo\LenovoUtility\utility.exe [791848 2016-10-19] ()
HKLM\...\Run: [DDPF3] => c:\Program Files\Dolby\DDP_F3\ddpf3.exe [746496 2014-11-03] (Dolby Laboratories Inc.)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [322472 2015-07-27] (Intel Corporation)
HKLM\...\Run: [Malwarebytes TrayApp] => C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe [2780112 2017-01-20] (Malwarebytes)
HKLM\...\Run: [WindowsDefender] => C:\Program Files\Windows Defender\MSASCuiL.exe [631808 2016-11-20] (Microsoft Corporation)
HKU\S-1-5-21-217730058-1440262021-2186221569-1001\...\Run: [OpenOffice Updater] => C:\Users\Baby\AppData\Roaming\OpenOffice Updater\Updater.exe [388000 2017-01-17] ()

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{0e253416-4c93-4cba-b265-67ee91b4e78f}: [DhcpNameServer] 8.8.8.8 8.8.4.4
Tcpip\..\Interfaces\{4c9f59fe-49fd-4b3d-8862-7d471cf81274}: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{e9f11131-d610-4ed4-aa54-5218b37a9faa}: [DhcpNameServer] 172.168.137.2

Internet Explorer:
==================
HKU\S-1-5-21-217730058-1440262021-2186221569-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://lenovo15.msn.com/?pc=LCTE
HKU\S-1-5-21-217730058-1440262021-2186221569-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo15.msn.com/?pc=LCTE
SearchScopes: HKU\S-1-5-21-217730058-1440262021-2186221569-1001 -> DefaultScope {7AD69B7E-3FA6-4429-B5DF-34879D0D7903} URL =
BHO: Kaspersky Protection -> {2E38825B-8815-42CF-9126-C58BC28D4591} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\x64\IEExt\ie_plugin.dll [2017-01-13] (AO Kaspersky Lab)
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2017-01-29] (Microsoft Corporation)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2017-01-29] (Microsoft Corporation)
BHO-x32: Kaspersky Protection -> {2E38825B-8815-42CF-9126-C58BC28D4591} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\IEExt\ie_plugin.dll [2017-01-13] (AO Kaspersky Lab)
Toolbar: HKLM - Kaspersky Protection Toolbar - {093F479D-712E-46CD-9E06-62E734A05F68} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\x64\IEExt\ie_plugin.dll [2017-01-13] (AO Kaspersky Lab)
Toolbar: HKLM-x32 - Kaspersky Protection Toolbar - {093F479D-712E-46CD-9E06-62E734A05F68} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\IEExt\ie_plugin.dll [2017-01-13] (AO Kaspersky Lab)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-01-29] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-01-29] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-01-29] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-01-29] (Microsoft Corporation)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\PROGRA~2\mcafee\msc\mcsniepl.dll Keine Datei

Edge:
======
Edge HomeButtonPage: HKU\S-1-5-21-217730058-1440262021-2186221569-1001 -> hxxp://www.google.de/

FireFox:
========
FF ProfilePath: C:\Users\Baby\AppData\Roaming\Mozilla\Firefox\Profiles\nqqia258.default [2017-03-03]
FF Extension: (SHA-1 deprecation staged rollout) - C:\Users\Baby\AppData\Roaming\Mozilla\Firefox\Profiles\nqqia258.default\features\{205ac0c8-04b7-4934-a6da-4a58e36a3694}\disableSHA1rollout@mozilla.org.xpi [2017-02-19]
FF HKLM\...\Firefox\Extensions: [light_plugin_F6F079488B53499DB99380A7E11A93F6@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\FFExt\light_plugin_firefox\addon.xpi
FF Extension: (Kaspersky Protection) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\FFExt\light_plugin_firefox\addon.xpi [2017-01-13]
FF HKLM-x32\...\Firefox\Extensions: [light_plugin_F6F079488B53499DB99380A7E11A93F6@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\FFExt\light_plugin_firefox\addon.xpi
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK => nicht gefunden
FF Plugin: @mcafee.com/MSC,version=10 -> c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL [Keine Datei]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.68 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-04-21] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2015-04-21] (Intel Corporation)
FF Plugin-x32: @mcafee.com/MSC,version=10 -> c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL [Keine Datei]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2017-01-29] (Microsoft Corporation)

Chrome:
=======
CHR HKLM\...\Chrome\Extension: [fhoibnponjcgjgcnfacekaijdbbplhib] - hxxps://chrome.google.com/webstore/detail/fhoibnponjcgjgcnfacekaijdbbplhib
CHR HKLM-x32\...\Chrome\Extension: [fhoibnponjcgjgcnfacekaijdbbplhib] - hxxps://chrome.google.com/webstore/detail/fhoibnponjcgjgcnfacekaijdbbplhib

==================== Dienste (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S2 AVP17.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\avp.exe [241544 2016-06-28] (AO Kaspersky Lab)
R2 CCSDK; C:\Program Files (x86)\Lenovo\CCSDK\CCSDK.exe [680288 2016-12-06] (Lenovo)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [3704520 2017-02-18] (Microsoft Corporation)
S3 ElfoService; C:\Program Files (x86)\ElsterFormular Update Service\bin\ElfoService.exe [1283376 2017-02-28] ()
R2 ETDService; C:\Program Files\Elantech\ETDService.exe [134888 2015-12-17] (ELAN Microelectronics Corp.)
R2 GDCAgent; C:\Program Files (x86)\Lenovo\GDCAgentSetupRed\GDCAgent.exe [1155512 2015-07-29] (Lenovo)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [18856 2015-07-27] (Intel Corporation)
R2 igfxCUIService2.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [350312 2015-08-16] (Intel Corporation)
R2 ImControllerService; C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [61768 2017-02-15] (Lenovo Group Limited)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [881152 2015-05-22] (Intel(R) Corporation)
S3 Intel(R) Security Assist; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe [335872 2015-05-19] (Intel Corporation) [Datei ist nicht signiert]
R2 isaHelperSvc; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe [7680 2015-05-19] () [Datei ist nicht signiert]
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [223520 2015-07-10] (Intel Corporation)
S3 klvssbrigde64; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\x64\vssbridge64.exe [77328 2016-06-28] (AO Kaspersky Lab)
S2 KSDE1.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 1.0\ksde.exe [241544 2016-06-28] (AO Kaspersky Lab)
S2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [4355024 2017-01-20] (Malwarebytes)
S2 mccspsvc; C:\Program Files\Common Files\McAfee\CSP\1.9.829.0\\McCSPServiceHost.exe [1910000 2016-05-31] (McAfee, Inc.)
S3 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [232688 2016-04-26] (McAfee, Inc.)
R2 mfemms; C:\Program Files\Common Files\McAfee\SystemCore\\mfemms.exe [382456 2016-08-02] (McAfee, Inc.)
R2 mfevtp; C:\Windows\system32\mfevtps.exe [277744 2016-04-26] (McAfee, Inc.)
R2 ModuleCoreService; C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe [1454216 2016-09-13] (McAfee, Inc.)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [268192 2015-08-13] ()
R2 ogmservice; C:\Program Files (x86)\Online Games Manager\ogmservice.exe [582544 2016-07-13] (RealNetworks, Inc.)
R2 PEFService; C:\Program Files\Common Files\Intel Security\PEF\CORE\PEFService.exe [1045336 2016-05-25] (Intel Security, Inc.)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347328 2016-07-16] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103720 2016-07-16] (Microsoft Corporation)
R2 ymc; C:\ProgramData\LenovoTransition\Server\x64\ymc.exe [38328 2015-12-02] (Lenovo)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3831712 2015-08-13] (Intel® Corporation)
R2 ibtsiva; %SystemRoot%\system32\ibtsiva [X]

===================== Treiber (Nicht auf der Ausnahmeliste) ======================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S3 cfwids; C:\WINDOWS\system32\drivers\cfwids.sys [78632 2016-08-02] (McAfee, Inc.)
R0 cm_km; C:\WINDOWS\System32\DRIVERS\cm_km.sys [238936 2016-06-10] (AO Kaspersky Lab)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131712 2016-09-05] (Samsung Electronics Co., Ltd.)
R3 ETDSMBus; C:\WINDOWS\system32\DRIVERS\ETDSMBus.sys [30808 2015-12-17] (ELAN Microelectronic Corp.)
S3 HipShieldK; C:\WINDOWS\System32\drivers\HipShieldK.sys [216704 2016-08-02] (McAfee, Inc.)
R3 iaLPSS_GPIO; C:\WINDOWS\System32\drivers\iaLPSS_GPIO.sys [46856 2015-06-15] (Intel Corporation)
R3 ibtusb; C:\WINDOWS\system32\DRIVERS\ibtusb.sys [231168 2017-01-13] (Intel Corporation)
R0 kl1; C:\WINDOWS\System32\DRIVERS\kl1.sys [554416 2016-06-02] (AO Kaspersky Lab)
R0 klbackupdisk; C:\WINDOWS\System32\DRIVERS\klbackupdisk.sys [63920 2016-06-07] (AO Kaspersky Lab)
R1 klbackupflt; C:\WINDOWS\System32\DRIVERS\klbackupflt.sys [86352 2016-06-15] (AO Kaspersky Lab)
R2 kldisk; C:\WINDOWS\system32\DRIVERS\kldisk.sys [78216 2016-05-31] (AO Kaspersky Lab)
S0 klelam; C:\WINDOWS\System32\DRIVERS\klelam.sys [28792 2016-03-31] (AO Kaspersky Lab)
R3 klflt; C:\WINDOWS\system32\DRIVERS\klflt.sys [191312 2016-06-26] (AO Kaspersky Lab)
R1 klhk; C:\WINDOWS\System32\drivers\klhk.sys [435032 2017-01-13] (AO Kaspersky Lab)
S3 klids; C:\ProgramData\Kaspersky Lab\AVP17.0.0\Bases\klids.sys [182360 2017-01-13] (AO Kaspersky Lab)
R1 KLIF; C:\WINDOWS\System32\DRIVERS\klif.sys [1019616 2017-01-13] (AO Kaspersky Lab)
R1 KLIM6; C:\WINDOWS\system32\DRIVERS\klim6.sys [57424 2017-02-14] (AO Kaspersky Lab)
R3 klkbdflt; C:\WINDOWS\system32\DRIVERS\klkbdflt.sys [52136 2016-05-19] (AO Kaspersky Lab)
R3 klmouflt; C:\WINDOWS\system32\DRIVERS\klmouflt.sys [41656 2015-06-07] (Kaspersky Lab ZAO)
R1 klpd; C:\WINDOWS\System32\DRIVERS\klpd.sys [45488 2016-05-31] (AO Kaspersky Lab)
R3 kltap; C:\WINDOWS\System32\drivers\kltap.sys [52152 2016-06-07] (The OpenVPN Project)
R0 klupd_klif_arkmon; C:\WINDOWS\System32\Drivers\klupd_klif_arkmon.sys [218920 2017-01-13] (AO Kaspersky Lab)
R3 klupd_klif_kimul; C:\WINDOWS\System32\Drivers\klupd_klif_kimul.sys [85984 2017-01-13] ()
S3 klupd_klif_klark; C:\WINDOWS\System32\Drivers\klupd_klif_klark.sys [245512 2017-01-13] (AO Kaspersky Lab)
R0 klupd_klif_klbg; C:\WINDOWS\System32\Drivers\klupd_klif_klbg.sys [104720 2017-01-13] (AO Kaspersky Lab)
R3 klupd_klif_mark; C:\WINDOWS\System32\Drivers\klupd_klif_mark.sys [164888 2017-01-13] (AO Kaspersky Lab)
R1 klwfp; C:\WINDOWS\system32\DRIVERS\klwfp.sys [85320 2016-06-18] (AO Kaspersky Lab)
R1 Klwtp; C:\WINDOWS\system32\DRIVERS\klwtp.sys [134880 2017-01-13] (AO Kaspersky Lab)
R1 kneps; C:\WINDOWS\system32\DRIVERS\kneps.sys [194480 2016-06-14] (AO Kaspersky Lab)
R3 mfeaack; C:\WINDOWS\system32\drivers\mfeaack.sys [419624 2016-08-02] (McAfee, Inc.)
R3 mfeavfk; C:\WINDOWS\System32\drivers\mfeavfk.sys [349480 2016-08-02] (McAfee, Inc.)
S0 mfeelamk; C:\WINDOWS\System32\drivers\mfeelamk.sys [83608 2016-08-02] (McAfee, Inc.)
R3 mfefirek; C:\WINDOWS\system32\drivers\mfefirek.sys [493352 2016-08-02] (McAfee, Inc.)
R0 mfehidk; C:\WINDOWS\System32\drivers\mfehidk.sys [843048 2016-08-02] (McAfee, Inc.)
R3 mfencbdc; C:\WINDOWS\System32\DRIVERS\mfencbdc.sys [519456 2016-08-01] (McAfee, Inc.)
S3 mfencrk; C:\WINDOWS\System32\DRIVERS\mfencrk.sys [100136 2016-08-01] (McAfee, Inc.)
R0 mfewfpk; C:\WINDOWS\System32\drivers\mfewfpk.sys [243496 2016-08-02] (McAfee, Inc.)
S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
R3 NETwNb64; C:\WINDOWS\System32\drivers\Netwbw02.sys [4103920 2015-08-23] (Intel Corporation)
S3 NETwNe64; C:\WINDOWS\System32\drivers\NETwew01.sys [3343872 2015-10-30] (Intel Corporation)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [886528 2015-05-29] (Realtek                                            )
R3 rtsuvc; C:\WINDOWS\system32\DRIVERS\rtsuvc.sys [3049176 2015-05-29] (Realtek Semiconductor Corp.)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [165504 2016-09-05] (Samsung Electronics Co., Ltd.)
S0 WdBoot; C:\WINDOWS\System32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)
S3 wsvd; C:\WINDOWS\system32\DRIVERS\wsvd.sys [102376 2012-06-13] ("CyberLink)

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Drei Monate: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2017-03-04 19:27 - 2017-03-04 19:27 - 00000000 ____D C:\Users\Baby\Desktop\FRST-OlderVersion
2017-03-04 19:25 - 2017-03-04 19:25 - 00000813 _____ C:\Users\Baby\Desktop\JRT.txt
2017-03-04 19:24 - 2017-03-04 19:24 - 01663736 _____ (Malwarebytes) C:\Users\Baby\Desktop\JRT.exe
2017-03-04 19:20 - 2017-03-04 19:20 - 00001569 _____ C:\Users\Baby\Desktop\mbam.txt
2017-03-04 19:17 - 2017-03-04 19:17 - 00000000 ___HD C:\OneDriveTemp
2017-03-04 19:07 - 2017-03-04 19:17 - 00251840 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2017-03-04 19:07 - 2017-03-04 19:17 - 00186304 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMChameleon.sys
2017-03-04 19:07 - 2017-03-04 19:17 - 00092088 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2017-03-04 19:07 - 2017-03-04 19:17 - 00043968 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2017-03-04 19:07 - 2017-03-04 19:07 - 00001919 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2017-03-04 19:07 - 2017-03-04 19:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2017-03-04 19:07 - 2017-03-04 19:07 - 00000000 ____D C:\ProgramData\Malwarebytes
2017-03-04 19:07 - 2017-03-04 19:07 - 00000000 ____D C:\Program Files\Malwarebytes
2017-03-04 19:07 - 2017-02-24 06:23 - 00077408 _____ C:\WINDOWS\system32\Drivers\mbae64.sys
2017-03-04 19:05 - 2017-03-04 19:06 - 57131432 _____ (Malwarebytes ) C:\Users\Baby\Downloads\mb3-setup-consumer-3.0.6.1469-1075.exe
2017-03-03 22:01 - 2017-03-03 22:06 - 00031008 _____ C:\Users\Baby\Desktop\Addition.txt
2017-03-03 22:00 - 2017-03-03 22:01 - 00094734 _____ C:\TDSSKiller.3.1.0.12_03.03.2017_22.00.13_log.txt
2017-03-03 21:57 - 2017-03-04 19:28 - 00019807 _____ C:\Users\Baby\Desktop\FRST.txt
2017-03-03 21:56 - 2017-03-04 19:27 - 00000000 ____D C:\FRST
2017-03-03 21:55 - 2017-03-04 19:27 - 02423296 _____ (Farbar) C:\Users\Baby\Desktop\FRST64.exe
2017-03-03 20:59 - 2017-03-03 21:00 - 00181760 _____ C:\TDSSKiller.3.1.0.12_03.03.2017_20.59.47_log.txt
2017-03-03 20:59 - 2017-03-03 20:59 - 04747704 _____ (AO Kaspersky Lab) C:\Users\Baby\Desktop\tdsskiller.exe
2017-03-03 20:53 - 2017-03-03 20:53 - 00024402 _____ C:\Users\Baby\Desktop\ESt2014_Lüke_Sebastian.elfo
2017-03-03 20:53 - 2017-03-03 20:53 - 00010002 _____ C:\Users\Baby\Desktop\ESt2013_Lüke_Sebastian.elfo
2017-03-03 20:52 - 2017-03-03 20:52 - 00024706 _____ C:\Users\Baby\Desktop\ESt2015_Lüke_Sebastian.elfo
2017-03-03 20:52 - 2017-03-03 20:52 - 00020658 _____ C:\Users\Baby\Desktop\ESt2016_Lüke_Sebastian.elfo
2017-03-02 20:59 - 2017-03-02 20:59 - 00000000 ____D C:\WINDOWS\LastGood.Tmp
2017-03-02 20:07 - 2017-03-02 20:07 - 1134936728 _____ C:\WINDOWS\MEMORY.DMP
2017-03-02 20:07 - 2017-03-02 20:07 - 00436516 _____ C:\WINDOWS\Minidump\030217-26859-01.dmp
2017-03-02 20:07 - 2017-03-02 20:07 - 00000000 ____D C:\WINDOWS\Minidump
2017-03-02 20:00 - 2017-03-04 18:58 - 00000000 ____D C:\AdwCleaner
2017-03-02 20:00 - 2017-03-02 20:00 - 04031440 _____ C:\Users\Baby\Desktop\adwcleaner_6.044.exe
2017-03-02 19:09 - 2017-03-02 19:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ElsterFormular
2017-03-02 19:09 - 2017-03-02 19:09 - 00000000 ____D C:\Program Files (x86)\ElsterFormular Update Service
2017-02-28 20:03 - 2017-02-28 20:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2017-02-28 20:03 - 2017-02-28 20:03 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2017-02-28 20:03 - 2017-02-28 20:03 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2017-02-28 20:02 - 2017-02-28 20:03 - 13165792 _____ (Microsoft Corporation) C:\Users\Baby\Downloads\Silverlight_x64.exe
2017-02-26 11:13 - 2017-02-26 11:13 - 00000000 ____D C:\Users\Baby\eTeks
2017-02-26 11:03 - 2017-02-26 11:03 - 00000982 _____ C:\Users\Baby\Desktop\Sweet Home 3D.lnk
2017-02-26 11:03 - 2017-02-26 11:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eTeks Sweet Home 3D
2017-02-26 11:03 - 2017-02-26 11:03 - 00000000 ____D C:\Program Files\Sweet Home 3D
2017-02-26 11:02 - 2017-02-26 11:03 - 42772656 _____ (eTeks ) C:\Users\Baby\Downloads\SweetHome3D-5.4-windows.exe
2017-02-24 15:48 - 2017-02-24 15:48 - 00047792 _____ C:\Users\Baby\Desktop\komprimierte Steuererklaerung_ESt2015_Schneider_Nicole.pdf
2017-02-24 15:48 - 2017-02-24 15:48 - 00047477 _____ C:\Users\Baby\Desktop\komprimierte Steuererklaerung_ESt2016_Schneider_Nicole.pdf
2017-02-24 15:47 - 2017-02-24 15:47 - 00075442 _____ C:\Users\Baby\Desktop\ESt2015_Schneider_Nicole.elfo
2017-02-24 15:45 - 2017-02-24 15:45 - 00091538 _____ C:\Users\Baby\Desktop\ESt2016_Schneider_Nicole.elfo
2017-02-21 10:20 - 2017-02-21 10:20 - 00014230 _____ C:\Users\Baby\Documents\Gesamteinkommen_Elternzeit.odt
2017-02-21 09:59 - 2017-02-21 09:59 - 00051666 _____ C:\Users\Baby\Downloads\Besoldungstabellen_2017.pdf
2017-02-20 20:47 - 2017-02-20 20:47 - 00000000 ____D C:\Users\Baby\AppData\Roaming\OpenOffice
2017-02-20 20:46 - 2017-02-20 20:47 - 00013313 _____ C:\Users\Baby\Downloads\Kostenerstattung_KV_Vanessa.odt
2017-02-20 20:46 - 2017-02-20 20:46 - 00001132 _____ C:\Users\Public\Desktop\OpenOffice 4.1.3.lnk
2017-02-20 20:46 - 2017-02-20 20:46 - 00000000 ___SD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.3
2017-02-20 20:45 - 2017-02-20 20:46 - 00000000 ____D C:\Program Files (x86)\OpenOffice 4
2017-02-20 20:44 - 2017-02-21 09:04 - 00000000 ____D C:\Users\Baby\AppData\Roaming\OpenOffice Updater
2017-02-20 20:44 - 2017-02-20 20:44 - 00000000 ____D C:\Users\Baby\Desktop\OpenOffice 4.1.3 (de) Installation Files
2017-02-20 20:37 - 2017-02-20 20:43 - 171801456 _____ C:\Users\Baby\Downloads\OpenOffice_4.1.3_Win_x86_install_de(1).exe
2017-02-20 20:25 - 2017-02-20 20:32 - 171801456 _____ C:\Users\Baby\Downloads\OpenOffice_4.1.3_Win_x86_install_de.exe
2017-02-20 20:17 - 2017-02-20 20:17 - 00013313 _____ C:\Users\Baby\Downloads\Kostenerstattung_KV_Vanessa (1).odt
2017-02-19 19:23 - 2017-03-03 18:55 - 00000000 ____D C:\Users\Baby\AppData\LocalLow\Mozilla
2017-02-19 19:23 - 2017-02-19 19:29 - 00000000 ____D C:\Users\Baby\AppData\Local\Mozilla
2017-02-19 19:23 - 2017-02-19 19:23 - 00001235 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2017-02-19 19:23 - 2017-02-19 19:23 - 00001223 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2017-02-19 19:23 - 2017-02-19 19:23 - 00000000 ____D C:\Users\Baby\AppData\Roaming\Mozilla
2017-02-19 19:23 - 2017-02-19 19:23 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2017-02-19 19:22 - 2017-02-19 19:23 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2017-02-19 19:20 - 2017-02-19 19:20 - 00245600 _____ C:\Users\Baby\Downloads\Firefox Setup Stub 51.0.1.exe
2017-02-17 19:26 - 2016-12-21 08:08 - 00142848 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe
2017-02-17 19:26 - 2016-12-21 05:44 - 00120320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\poqexec.exe
2017-02-17 19:12 - 2017-02-17 19:12 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
2017-02-15 20:26 - 2017-02-15 20:26 - 00257864 _____ (Lenovo Group Limited) C:\WINDOWS\system32\iMDriverHelper.dll
2017-02-15 18:32 - 2016-12-21 08:43 - 04130440 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2017-02-15 18:32 - 2016-12-21 08:43 - 01454504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetsrc.dll
2017-02-15 18:32 - 2016-12-21 08:43 - 01071736 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetcore.dll
2017-02-15 18:32 - 2016-12-21 08:42 - 01988560 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2017-02-15 18:32 - 2016-12-21 08:42 - 01702392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
2017-02-15 18:32 - 2016-12-21 08:42 - 01300600 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2017-02-15 18:32 - 2016-12-21 08:08 - 00360448 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpencom.dll
2017-02-15 18:32 - 2016-12-21 08:06 - 06285312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2017-02-15 18:32 - 2016-12-21 07:56 - 00936960 _____ (Microsoft Corporation) C:\WINDOWS\system32\MCRecvSrc.dll
2017-02-15 18:32 - 2016-12-21 07:53 - 04474368 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_47.dll
2017-02-15 18:32 - 2016-12-21 07:51 - 08075776 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2017-02-15 18:32 - 2016-12-21 07:51 - 05611008 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll
2017-02-15 18:32 - 2016-12-21 06:09 - 00263472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Storage.ApplicationData.dll
2017-02-15 18:32 - 2016-12-21 05:41 - 00253952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.BioFeedback.dll
2017-02-15 18:32 - 2016-12-21 05:40 - 00557568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll
2017-02-15 18:32 - 2016-12-21 05:39 - 00223232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgentUserBroker.exe
2017-02-15 18:32 - 2016-12-21 05:22 - 01883648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
2017-02-15 18:32 - 2016-12-14 06:41 - 01235296 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2017-02-15 18:32 - 2016-12-14 05:48 - 01631232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll
2017-02-15 18:32 - 2016-12-14 05:44 - 00114688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netvsc.sys
2017-02-15 18:32 - 2016-12-14 05:38 - 17188864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2017-02-15 18:32 - 2016-12-14 05:38 - 00213504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.CredDialogController.dll
2017-02-15 18:32 - 2016-12-14 05:23 - 03134976 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcore.dll
2017-02-15 18:32 - 2016-12-09 11:42 - 01637728 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2017-02-15 18:32 - 2016-12-09 11:42 - 00137568 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2017-02-15 18:32 - 2016-12-09 11:29 - 02681200 _____ C:\WINDOWS\system32\CoreUIComponents.dll
2017-02-15 18:32 - 2016-12-09 11:20 - 02677544 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10warp.dll
2017-02-15 18:32 - 2016-12-09 11:18 - 01100128 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2017-02-15 18:32 - 2016-12-09 11:18 - 00989024 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2017-02-15 18:32 - 2016-12-09 11:18 - 00947552 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.efi
2017-02-15 18:32 - 2016-12-09 11:18 - 00811872 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.exe
2017-02-15 18:32 - 2016-12-09 11:01 - 00861024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2017-02-15 18:32 - 2016-12-09 10:56 - 00959112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2017-02-15 18:32 - 2016-12-09 10:52 - 01415752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2017-02-15 18:32 - 2016-12-09 10:41 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WordBreakers.dll
2017-02-15 18:32 - 2016-12-09 10:33 - 03777536 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2017-02-15 18:32 - 2016-12-09 10:18 - 02138112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll
2017-02-15 18:32 - 2016-12-09 10:16 - 00353280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TextInputFramework.dll
2017-02-15 18:32 - 2016-12-09 10:15 - 00206848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Core.TextInput.dll
2017-02-15 18:32 - 2016-12-09 10:15 - 00092672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputLocaleManager.dll
2017-02-15 18:32 - 2016-12-09 10:15 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EditBufferTestHook.dll
2017-02-15 18:32 - 2016-12-09 09:54 - 00483840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2017-02-15 18:32 - 2016-11-11 11:08 - 00142176 _____ (Microsoft Corporation) C:\WINDOWS\system32\migisol.dll
2017-02-15 18:32 - 2016-11-11 11:02 - 02828376 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll
2017-02-15 18:32 - 2016-11-11 11:01 - 00637400 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2017-02-15 18:32 - 2016-11-11 11:00 - 00219488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tpm.sys
2017-02-15 18:32 - 2016-11-11 10:57 - 01473048 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2017-02-15 18:32 - 2016-11-11 10:56 - 01062480 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2017-02-15 18:32 - 2016-11-11 10:56 - 00126568 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfaudiocnv.dll
2017-02-15 18:32 - 2016-11-11 10:51 - 00454592 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe
2017-02-15 18:32 - 2016-11-11 10:26 - 00034816 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReAgentc.exe
2017-02-15 18:32 - 2016-11-11 10:24 - 00110080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.BackgroundTransfer.BackgroundManagerPolicy.dll
2017-02-15 18:32 - 2016-11-11 10:24 - 00098304 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2017-02-15 18:32 - 2016-11-11 10:18 - 00967168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2017-02-15 18:32 - 2016-11-11 10:18 - 00278016 _____ (Microsoft Corporation) C:\WINDOWS\system32\netplwiz.dll
2017-02-15 18:32 - 2016-11-11 10:16 - 00560128 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppReadiness.dll
2017-02-15 18:32 - 2016-11-11 10:14 - 00178176 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppnp.dll
2017-02-15 18:32 - 2016-11-11 10:11 - 00870400 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmkvsrcsnk.dll
2017-02-15 18:32 - 2016-11-11 10:09 - 00164352 _____ (Microsoft Corporation) C:\WINDOWS\system32\dialserver.dll
2017-02-15 18:32 - 2016-11-11 10:07 - 01691136 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitstatic.exe
2017-02-15 18:32 - 2016-11-11 10:04 - 02800128 _____ (Microsoft Corporation) C:\WINDOWS\system32\netshell.dll
2017-02-15 18:32 - 2016-11-11 10:04 - 01359360 _____ (Microsoft Corporation) C:\WINDOWS\system32\usercpl.dll
2017-02-15 18:32 - 2016-11-11 10:03 - 02287616 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2017-02-15 18:32 - 2016-11-11 08:47 - 05722832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2017-02-15 18:32 - 2016-11-11 08:47 - 01430720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2017-02-15 18:32 - 2016-11-11 08:38 - 01263856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2017-02-15 18:32 - 2016-11-11 08:25 - 00117248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapsBtSvc.dll
2017-02-15 18:32 - 2016-11-11 08:25 - 00071168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MosStorage.dll
2017-02-15 18:32 - 2016-11-11 08:24 - 00138240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DisplayManager.dll
2017-02-15 18:32 - 2016-11-11 08:21 - 00332288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapConfiguration.dll
2017-02-15 18:32 - 2016-11-11 08:19 - 00284672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apprepsync.dll
2017-02-15 18:32 - 2016-11-11 08:19 - 00125952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apprepapi.dll
2017-02-15 18:32 - 2016-11-11 08:18 - 02333184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmSvc.dll
2017-02-15 18:32 - 2016-11-11 08:16 - 00253952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2017-02-15 18:32 - 2016-11-11 08:15 - 01357824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll
2017-02-15 18:32 - 2016-11-11 08:12 - 00259584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msdtcuiu.dll
2017-02-15 18:32 - 2016-11-11 08:10 - 06109184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll
2017-02-15 18:32 - 2016-11-11 08:09 - 05380608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2017-02-15 18:32 - 2016-11-11 08:06 - 02362880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapRouter.dll
2017-02-15 18:32 - 2016-11-11 08:06 - 02109952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapGeocoder.dll
2017-02-15 18:32 - 2016-11-11 08:04 - 00715264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapControlCore.dll
2017-02-15 18:31 - 2016-12-21 09:08 - 00245600 _____ (Microsoft Corporation) C:\WINDOWS\system32\offlinesam.dll
2017-02-15 18:31 - 2016-12-21 09:08 - 00136032 _____ (Microsoft Corporation) C:\WINDOWS\system32\ImplatSetup.dll
2017-02-15 18:31 - 2016-12-21 08:46 - 00624048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2017-02-15 18:31 - 2016-12-21 08:42 - 22224480 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2017-02-15 18:31 - 2016-12-21 08:41 - 01600632 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2017-02-15 18:31 - 2016-12-21 08:15 - 22563840 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2017-02-15 18:31 - 2016-12-21 08:05 - 00261632 _____ (Microsoft Corporation) C:\WINDOWS\system32\indexeddbserver.dll
2017-02-15 18:31 - 2016-12-21 08:01 - 09131008 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2017-02-15 18:31 - 2016-12-21 07:59 - 01908224 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2017-02-15 18:31 - 2016-12-21 07:59 - 00883712 _____ (Microsoft Corporation) C:\WINDOWS\system32\samsrv.dll
2017-02-15 18:31 - 2016-12-21 07:58 - 23678464 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2017-02-15 18:31 - 2016-12-21 07:55 - 08129536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2017-02-15 18:31 - 2016-12-21 07:55 - 04749312 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2017-02-15 18:31 - 2016-12-21 07:50 - 01490432 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2017-02-15 18:31 - 2016-12-21 06:59 - 00218976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offlinesam.dll
2017-02-15 18:31 - 2016-12-21 06:01 - 20969928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2017-02-15 18:31 - 2016-12-21 05:43 - 00285184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.BlockedShutdown.dll
2017-02-15 18:31 - 2016-12-21 05:40 - 00180224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
2017-02-15 18:31 - 2016-12-21 05:38 - 00866816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Cred.dll
2017-02-15 18:31 - 2016-12-21 05:35 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\indexeddbserver.dll
2017-02-15 18:31 - 2016-12-21 05:34 - 07626752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2017-02-15 18:31 - 2016-12-21 05:33 - 19413504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2017-02-15 18:31 - 2016-12-21 05:32 - 19417600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2017-02-15 18:31 - 2016-12-21 05:30 - 05398016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aclui.dll
2017-02-15 18:31 - 2016-12-21 05:30 - 01255936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll
2017-02-15 18:31 - 2016-12-21 05:26 - 01155072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVP9DEC.dll
2017-02-15 18:31 - 2016-12-14 06:23 - 00404832 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2017-02-15 18:31 - 2016-12-14 06:21 - 02206496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
2017-02-15 18:31 - 2016-12-14 06:17 - 00319288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64.dll
2017-02-15 18:31 - 2016-12-14 06:14 - 01694712 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2017-02-15 18:31 - 2016-12-14 06:01 - 01557808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll
2017-02-15 18:31 - 2016-12-14 05:43 - 00201728 _____ (Microsoft Corporation) C:\WINDOWS\system32\ScDeviceEnum.dll
2017-02-15 18:31 - 2016-12-14 05:42 - 00236544 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinSCard.dll
2017-02-15 18:31 - 2016-12-14 05:42 - 00167424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinSCard.dll
2017-02-15 18:31 - 2016-12-14 05:40 - 00193536 _____ (Microsoft Corporation) C:\WINDOWS\system32\certprop.dll
2017-02-15 18:31 - 2016-12-14 05:38 - 13869056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2017-02-15 18:31 - 2016-12-14 05:37 - 00090112 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll
2017-02-15 18:31 - 2016-12-14 05:36 - 00074752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\updatepolicy.dll
2017-02-15 18:31 - 2016-12-14 05:35 - 00755712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2017-02-15 18:31 - 2016-12-14 05:35 - 00600576 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptui.dll
2017-02-15 18:31 - 2016-12-14 05:35 - 00553984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cryptui.dll
2017-02-15 18:31 - 2016-12-14 05:26 - 00932864 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2017-02-15 18:31 - 2016-12-14 05:26 - 00869888 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2017-02-15 18:31 - 2016-12-14 05:24 - 01005568 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3D12.dll
2017-02-15 18:31 - 2016-12-14 05:24 - 00673792 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2017-02-15 18:31 - 2016-12-14 05:22 - 02317824 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2017-02-15 18:31 - 2016-12-14 05:22 - 01513472 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2017-02-15 18:31 - 2016-12-14 05:22 - 00391168 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2017-02-15 18:31 - 2016-12-09 11:20 - 02189664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2017-02-15 18:31 - 2016-12-09 11:20 - 00658784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2017-02-15 18:31 - 2016-12-09 11:20 - 00402272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2017-02-15 18:31 - 2016-12-09 11:19 - 00168424 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcrypt.dll
2017-02-15 18:31 - 2016-12-09 11:18 - 02913144 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2017-02-15 18:31 - 2016-12-09 11:18 - 01267512 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2017-02-15 18:31 - 2016-12-09 11:01 - 01503544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2017-02-15 18:31 - 2016-12-09 11:00 - 00106896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcrypt.dll
2017-02-15 18:31 - 2016-12-09 10:59 - 02166752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2017-02-15 18:31 - 2016-12-09 10:59 - 00846560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll
2017-02-15 18:31 - 2016-12-09 10:42 - 00227328 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll
2017-02-15 18:31 - 2016-12-09 10:41 - 00380928 _____ (Microsoft Corporation) C:\WINDOWS\system32\wincorlib.dll
2017-02-15 18:31 - 2016-12-09 10:37 - 00411136 _____ (Microsoft Corporation) C:\WINDOWS\system32\facecredentialprovider.dll
2017-02-15 18:31 - 2016-12-09 10:36 - 03059200 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2017-02-15 18:31 - 2016-12-09 10:36 - 00410112 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2017-02-15 18:31 - 2016-12-09 10:34 - 00288768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wincorlib.dll
2017-02-15 18:31 - 2016-12-09 10:25 - 00376832 _____ (Microsoft Corporation) C:\WINDOWS\system32\CryptoWinRT.dll
2017-02-15 18:31 - 2016-12-09 10:20 - 00730624 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2017-02-15 18:31 - 2016-12-09 10:18 - 00165376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mdmregistration.dll
2017-02-15 18:31 - 2016-11-11 11:15 - 00101216 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceReactivation.dll
2017-02-15 18:31 - 2016-11-11 11:14 - 00603488 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContentDeliveryManager.Utilities.dll
2017-02-15 18:31 - 2016-11-11 11:13 - 02213760 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2017-02-15 18:31 - 2016-11-11 11:13 - 00352096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fastfat.sys
2017-02-15 18:31 - 2016-11-11 11:12 - 00128352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\partmgr.sys
2017-02-15 18:31 - 2016-11-11 11:00 - 00223584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2017-02-15 18:31 - 2016-11-11 10:59 - 00433504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2017-02-15 18:31 - 2016-11-11 10:56 - 00187520 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudStorageWizard.exe
2017-02-15 18:31 - 2016-11-11 10:55 - 00882680 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditionUpgradeManagerObj.dll
2017-02-15 18:31 - 2016-11-11 10:55 - 00743224 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppwinob.dll
2017-02-15 18:31 - 2016-11-11 10:27 - 00086016 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetCfgNotifyObjectHost.exe
2017-02-15 18:31 - 2016-11-11 10:26 - 00258560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\xboxgip.sys
2017-02-15 18:31 - 2016-11-11 10:25 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\system32\BcastDVRHelper.dll
2017-02-15 18:31 - 2016-11-11 10:25 - 00073216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryBroker.dll
2017-02-15 18:31 - 2016-11-11 10:24 - 00170496 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppCapture.dll
2017-02-15 18:31 - 2016-11-11 10:24 - 00122880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryClient.dll
2017-02-15 18:31 - 2016-11-11 10:23 - 00058880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Shell.Search.UriHandler.dll
2017-02-15 18:31 - 2016-11-11 10:22 - 00489472 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupShim.dll
2017-02-15 18:31 - 2016-11-11 10:20 - 00125952 _____ (Microsoft Corporation) C:\WINDOWS\system32\setupugc.exe
2017-02-15 18:31 - 2016-11-11 10:19 - 00620544 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.exe
2017-02-15 18:31 - 2016-11-11 10:19 - 00198144 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpapisrv.dll
2017-02-15 18:31 - 2016-11-11 10:16 - 02716672 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmSvc.dll
2017-02-15 18:31 - 2016-11-11 10:16 - 01477632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsecedit.dll
2017-02-15 18:31 - 2016-11-11 10:16 - 00161792 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditionUpgradeHelper.dll
2017-02-15 18:31 - 2016-11-11 10:15 - 00032256 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSManHTTPConfig.exe
2017-02-15 18:31 - 2016-11-11 10:11 - 00096256 _____ (Microsoft Corporation) C:\WINDOWS\system32\umpoext.dll
2017-02-15 18:31 - 2016-11-11 10:06 - 00650752 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2017-02-15 18:31 - 2016-11-11 10:05 - 04136448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepository.dll
2017-02-15 18:31 - 2016-11-11 10:05 - 01779712 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2017-02-15 18:31 - 2016-11-11 10:04 - 01709056 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll
2017-02-15 18:31 - 2016-11-11 10:04 - 00909312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
2017-02-15 18:31 - 2016-11-11 10:03 - 00842240 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntshrui.dll
2017-02-15 18:31 - 2016-11-11 10:03 - 00283648 _____ (Microsoft Corporation) C:\WINDOWS\system32\wkssvc.dll
2017-02-15 18:31 - 2016-11-11 09:01 - 01969912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hevcdecoder.dll
2017-02-15 18:31 - 2016-11-11 09:00 - 01706488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2017-02-15 18:31 - 2016-11-11 08:49 - 00248480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\policymanager.dll
2017-02-15 18:31 - 2016-11-11 08:19 - 00298496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2017-02-15 18:31 - 2016-11-11 08:18 - 01336320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsecedit.dll
2017-02-15 18:31 - 2016-11-11 08:18 - 00318464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFolder.dll
2017-02-15 18:31 - 2016-11-11 08:17 - 00033280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSManHTTPConfig.exe
2017-02-15 18:31 - 2016-11-11 08:15 - 00838144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JpMapControl.dll
2017-02-15 18:31 - 2016-11-11 08:14 - 00395264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmenrollengine.dll
2017-02-15 18:31 - 2016-11-11 08:04 - 02682880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netshell.dll
2017-02-15 18:31 - 2016-11-11 08:04 - 00912896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comdlg32.dll
2017-02-15 18:31 - 2016-11-11 08:03 - 01576448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2017-02-15 18:31 - 2016-11-11 08:03 - 00772608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntshrui.dll
2017-02-15 18:31 - 2016-11-11 08:03 - 00760832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NMAA.dll
2017-02-15 18:31 - 2016-11-11 08:03 - 00565248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasapi32.dll
2017-02-15 18:31 - 2016-11-11 08:02 - 00711680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll
2017-02-15 18:30 - 2016-12-21 08:49 - 00328008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Storage.ApplicationData.dll
2017-02-15 18:30 - 2016-12-21 08:43 - 00092512 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2017-02-15 18:30 - 2016-12-21 08:14 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchWinApp.exe
2017-02-15 18:30 - 2016-12-21 08:09 - 00368640 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneBackupHandler.dll
2017-02-15 18:30 - 2016-12-21 08:08 - 00289792 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeveloperOptionsSettingsHandlers.dll
2017-02-15 18:30 - 2016-12-21 08:05 - 00425984 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
2017-02-15 18:30 - 2016-12-21 08:05 - 00049152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll
2017-02-15 18:30 - 2016-12-21 07:56 - 00947712 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVP9DEC.dll
2017-02-15 18:30 - 2016-12-21 07:53 - 06664192 _____ (Microsoft Corporation) C:\WINDOWS\system32\mspaint.exe
2017-02-15 18:30 - 2016-12-21 07:49 - 04149248 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2017-02-15 18:30 - 2016-12-21 07:47 - 01121280 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2017-02-15 18:30 - 2016-12-21 05:46 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LaunchWinApp.exe
2017-02-15 18:30 - 2016-12-21 05:41 - 00231936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.LockScreen.dll
2017-02-15 18:30 - 2016-12-21 05:40 - 00318976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpencom.dll
2017-02-15 18:30 - 2016-12-21 05:40 - 00237056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SyncSettings.dll
2017-02-15 18:30 - 2016-12-21 05:39 - 01300480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVPXENC.dll
2017-02-15 18:30 - 2016-12-21 05:25 - 07469056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2017-02-15 18:30 - 2016-12-21 05:25 - 06474752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mspaint.exe
2017-02-15 18:30 - 2016-12-21 05:24 - 06044160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2017-02-15 18:30 - 2016-12-14 06:34 - 02482280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2017-02-15 18:30 - 2016-12-14 06:01 - 00382784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AUDIOKSE.dll
2017-02-15 18:30 - 2016-12-14 06:01 - 00076984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\remoteaudioendpoint.dll
2017-02-15 18:30 - 2016-12-14 05:46 - 01631232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Resources.dll
2017-02-15 18:30 - 2016-12-14 05:42 - 00208896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.UI.Logon.ProxyStub.dll
2017-02-15 18:30 - 2016-12-14 05:40 - 00231424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudBackupSettings.dll
2017-02-15 18:30 - 2016-12-14 05:39 - 00290816 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2017-02-15 18:30 - 2016-12-14 05:36 - 00539648 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2017-02-15 18:30 - 2016-12-14 05:22 - 02748416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpcore.dll
2017-02-15 18:30 - 2016-12-09 11:28 - 00764392 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2017-02-15 18:30 - 2016-12-09 11:27 - 00172528 _____ (Microsoft Corporation) C:\WINDOWS\system32\sspicli.dll
2017-02-15 18:30 - 2016-12-09 11:20 - 01738560 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2017-02-15 18:30 - 2016-12-09 11:15 - 08168000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2017-02-15 18:30 - 2016-12-09 11:11 - 02048496 _____ C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2017-02-15 18:30 - 2016-12-09 10:57 - 06668040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2017-02-15 18:30 - 2016-12-09 10:32 - 00635904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2017-02-15 18:30 - 2016-12-09 10:31 - 03689984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2017-02-15 18:30 - 2016-12-09 10:31 - 00313856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2017-02-15 18:30 - 2016-12-09 10:28 - 01004544 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2017-02-15 18:30 - 2016-12-09 10:27 - 00981504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.OnlineId.dll
2017-02-15 18:30 - 2016-12-09 10:21 - 04746752 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2017-02-15 18:30 - 2016-12-09 10:20 - 00187392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll
2017-02-15 18:30 - 2016-12-09 10:20 - 00172544 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceEnroller.exe
2017-02-15 18:30 - 2016-12-09 10:18 - 03666432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2017-02-15 18:30 - 2016-11-11 11:14 - 02186896 _____ (Microsoft Corporation) C:\WINDOWS\system32\hevcdecoder.dll
2017-02-15 18:30 - 2016-11-11 11:13 - 01886344 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2017-02-15 18:30 - 2016-11-11 11:03 - 01069720 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2017-02-15 18:30 - 2016-11-11 11:03 - 00266544 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanager.dll
2017-02-15 18:30 - 2016-11-11 10:56 - 04673304 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2017-02-15 18:30 - 2016-11-11 10:26 - 00163840 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseModernAppMgmtCSP.dll
2017-02-15 18:30 - 2016-11-11 10:26 - 00109056 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReportingCSP.dll
2017-02-15 18:30 - 2016-11-11 10:25 - 00185344 _____ (Microsoft Corporation) C:\WINDOWS\system32\DisplayManager.dll
2017-02-15 18:30 - 2016-11-11 10:25 - 00147968 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcertinst.exe
2017-02-15 18:30 - 2016-11-11 10:25 - 00081408 _____ (Microsoft Corporation) C:\WINDOWS\system32\HttpsDataSource.dll
2017-02-15 18:30 - 2016-11-11 10:24 - 00158720 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEStoreEventHandlers.dll
2017-02-15 18:30 - 2016-11-11 10:24 - 00136192 _____ (Microsoft Corporation) C:\WINDOWS\system32\sendmail.dll
2017-02-15 18:30 - 2016-11-11 10:24 - 00107520 _____ (Microsoft Corporation) C:\WINDOWS\system32\VPNv2CSP.dll
2017-02-15 18:30 - 2016-11-11 10:23 - 00567296 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevicePairing.dll
2017-02-15 18:30 - 2016-11-11 10:23 - 00041472 _____ (Microsoft Corporation) C:\WINDOWS\system32\EAMProgressHandler.dll
2017-02-15 18:30 - 2016-11-11 10:22 - 00143360 _____ (Microsoft Corporation) C:\WINDOWS\system32\EDPCleanup.exe
2017-02-15 18:30 - 2016-11-11 10:21 - 00690688 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2017-02-15 18:30 - 2016-11-11 10:21 - 00587776 _____ (Microsoft Corporation) C:\WINDOWS\system32\vpnike.dll
2017-02-15 18:30 - 2016-11-11 10:21 - 00379392 _____ (Microsoft Corporation) C:\WINDOWS\system32\apprepsync.dll
2017-02-15 18:30 - 2016-11-11 10:20 - 00657920 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmans.dll
2017-02-15 18:30 - 2016-11-11 10:20 - 00574464 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_StorageSense.dll
2017-02-15 18:30 - 2016-11-11 10:20 - 00407552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2017-02-15 18:30 - 2016-11-11 10:20 - 00176128 _____ (Microsoft Corporation) C:\WINDOWS\system32\apprepapi.dll
2017-02-15 18:30 - 2016-11-11 10:20 - 00115200 _____ (Microsoft Corporation) C:\WINDOWS\system32\IdCtrls.dll
2017-02-15 18:30 - 2016-11-11 10:19 - 00495104 _____ (Microsoft Corporation) C:\WINDOWS\system32\DataSenseHandlers.dll
2017-02-15 18:30 - 2016-11-11 10:19 - 00389632 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActivationManager.dll
2017-02-15 18:30 - 2016-11-11 10:19 - 00388096 _____ (Microsoft Corporation) C:\WINDOWS\system32\zipfldr.dll
2017-02-15 18:30 - 2016-11-11 10:19 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseAppMgmtSvc.dll
2017-02-15 18:30 - 2016-11-11 10:18 - 02084352 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceFlows.DataModel.dll
2017-02-15 18:30 - 2016-11-11 10:14 - 02104320 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll
2017-02-15 18:30 - 2016-11-11 10:14 - 00615424 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnprv.dll
2017-02-15 18:30 - 2016-11-11 10:13 - 00396800 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2017-02-15 18:30 - 2016-11-11 10:07 - 00347648 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascustom.dll
2017-02-15 18:30 - 2016-11-11 10:06 - 03400192 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncCenter.dll
2017-02-15 18:30 - 2016-11-11 10:04 - 02611200 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameux.dll
2017-02-15 18:30 - 2016-11-11 10:04 - 00455168 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll
2017-02-15 18:30 - 2016-11-11 10:04 - 00389632 _____ (Microsoft Corporation) C:\WINDOWS\system32\stobject.dll
2017-02-15 18:30 - 2016-11-11 10:03 - 02669056 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2017-02-15 18:30 - 2016-11-11 10:03 - 00632320 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasapi32.dll
2017-02-15 18:30 - 2016-11-11 08:54 - 00122208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\migisol.dll
2017-02-15 18:30 - 2016-11-11 08:49 - 00869848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmCoreR.dll
2017-02-15 18:30 - 2016-11-11 08:42 - 00152416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RTWorkQ.dll
2017-02-15 18:30 - 2016-11-11 08:41 - 04311736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2017-02-15 18:30 - 2016-11-11 08:24 - 00047104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Shell.Search.UriHandler.dll
2017-02-15 18:30 - 2016-11-11 08:23 - 00094208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryClient.dll
2017-02-15 18:30 - 2016-11-11 08:22 - 00122880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sendmail.dll
2017-02-15 18:30 - 2016-11-11 08:21 - 00091648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.BackgroundTransfer.BackgroundManagerPolicy.dll
2017-02-15 18:30 - 2016-11-11 08:20 - 00306176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2017-02-15 18:30 - 2016-11-11 08:19 - 00506880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DevicePairing.dll
2017-02-15 18:30 - 2016-11-11 08:06 - 00400384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToManager.dll
2017-02-15 18:30 - 2016-11-11 08:05 - 03370496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepository.dll
2017-02-15 18:30 - 2016-11-11 08:04 - 00358912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\stobject.dll
2017-02-15 18:30 - 2016-11-11 08:03 - 02484736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gameux.dll
2017-02-15 18:30 - 2016-11-11 08:03 - 01556480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2017-02-15 18:29 - 2016-12-21 08:09 - 00363520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.BioFeedback.dll
2017-02-15 18:29 - 2016-12-21 08:08 - 00418304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.BlockedShutdown.dll
2017-02-15 18:29 - 2016-12-21 08:08 - 00211968 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2017-02-15 18:29 - 2016-12-21 08:07 - 00748544 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2017-02-15 18:29 - 2016-12-21 08:06 - 00310784 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncSettings.dll
2017-02-15 18:29 - 2016-12-21 08:06 - 00260608 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgentUserBroker.exe
2017-02-15 18:29 - 2016-12-21 08:06 - 00147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll
2017-02-15 18:29 - 2016-12-21 08:00 - 00440320 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhcfg.dll
2017-02-15 18:29 - 2016-12-21 07:57 - 00462336 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhsettingsprovider.dll
2017-02-15 18:29 - 2016-12-21 07:54 - 05511680 _____ (Microsoft Corporation) C:\WINDOWS\system32\aclui.dll
2017-02-15 18:29 - 2016-12-21 07:49 - 02691072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2017-02-15 18:29 - 2016-12-21 07:49 - 01062912 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2017-02-15 18:29 - 2016-12-21 06:02 - 03892864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2017-02-15 18:29 - 2016-12-21 06:02 - 01852720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2017-02-15 18:29 - 2016-12-21 06:02 - 01360464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetsrc.dll
2017-02-15 18:29 - 2016-12-21 06:02 - 01277344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll
2017-02-15 18:29 - 2016-12-21 06:02 - 01201872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2017-02-15 18:29 - 2016-12-21 06:02 - 00980832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetcore.dll
2017-02-15 18:29 - 2016-12-21 05:35 - 04612608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2017-02-15 18:29 - 2016-12-21 05:27 - 00640000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MCRecvSrc.dll
2017-02-15 18:29 - 2016-12-14 06:41 - 00590960 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2017-02-15 18:29 - 2016-12-14 06:33 - 01356864 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipUp.exe
2017-02-15 18:29 - 2016-12-14 06:19 - 00584544 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2017-02-15 18:29 - 2016-12-14 06:18 - 00715104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys
2017-02-15 18:29 - 2016-12-14 06:14 - 00418952 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2017-02-15 18:29 - 2016-12-14 06:14 - 00089416 _____ (Microsoft Corporation) C:\WINDOWS\system32\remoteaudioendpoint.dll
2017-02-15 18:29 - 2016-12-14 05:46 - 00206848 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2017-02-15 18:29 - 2016-12-14 05:42 - 00352768 _____ (Microsoft Corporation) C:\WINDOWS\system32\cloudAP.dll
2017-02-15 18:29 - 2016-12-14 05:41 - 00223744 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2017-02-15 18:29 - 2016-12-14 05:40 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll
2017-02-15 18:29 - 2016-12-14 05:39 - 00837632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbiosrvc.dll
2017-02-15 18:29 - 2016-12-14 05:39 - 00257024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.CredDialogController.dll
2017-02-15 18:29 - 2016-12-14 05:38 - 00295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudBackupSettings.dll
2017-02-15 18:29 - 2016-12-14 05:36 - 01002496 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2017-02-15 18:29 - 2016-12-14 05:35 - 00712192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2017-02-15 18:29 - 2016-12-14 05:32 - 00497152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LogonController.dll
2017-02-15 18:29 - 2016-12-14 05:25 - 02009600 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRHInproc.dll
2017-02-15 18:29 - 2016-12-14 05:23 - 01231872 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2017-02-15 18:29 - 2016-12-14 05:21 - 03616768 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2017-02-15 18:29 - 2016-12-09 11:30 - 00377184 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2017-02-15 18:29 - 2016-12-09 11:19 - 01293152 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2017-02-15 18:29 - 2016-12-09 11:14 - 01274712 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2017-02-15 18:29 - 2016-12-09 11:10 - 01572768 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2017-02-15 18:29 - 2016-12-09 11:10 - 01461200 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2017-02-15 18:29 - 2016-12-09 10:52 - 01435896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2017-02-15 18:29 - 2016-12-09 10:33 - 01589760 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdtctm.dll
2017-02-15 18:29 - 2016-12-09 10:28 - 03306496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2017-02-15 18:29 - 2016-12-09 10:27 - 13084160 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2017-02-15 18:29 - 2016-12-09 10:27 - 05114368 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
2017-02-15 18:29 - 2016-12-09 10:23 - 12177920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2017-02-15 18:29 - 2016-12-09 10:21 - 00716800 _____ (Microsoft Corporation) C:\WINDOWS\system32\ShareHost.dll
2017-02-15 18:29 - 2016-11-11 11:02 - 00360040 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2017-02-15 18:29 - 2016-11-11 11:01 - 07219672 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2017-02-15 18:29 - 2016-11-11 11:01 - 01859264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2017-02-15 18:29 - 2016-11-11 10:56 - 00163752 _____ (Microsoft Corporation) C:\WINDOWS\system32\RTWorkQ.dll
2017-02-15 18:29 - 2016-11-11 10:54 - 01418312 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2017-02-15 18:29 - 2016-11-11 10:31 - 00366080 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXTaskFactory.dll
2017-02-15 18:29 - 2016-11-11 10:27 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpremove.exe
2017-02-15 18:29 - 2016-11-11 10:24 - 00159744 _____ (Microsoft Corporation) C:\WINDOWS\system32\ACPBackgroundManagerPolicy.dll
2017-02-15 18:29 - 2016-11-11 10:23 - 00409088 _____ (Microsoft Corporation) C:\WINDOWS\system32\NgcCtnr.dll
2017-02-15 18:29 - 2016-11-11 10:20 - 00641024 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngccredprov.dll
2017-02-15 18:29 - 2016-11-11 10:20 - 00590336 _____ (Microsoft Corporation) C:\WINDOWS\system32\efswrt.dll
2017-02-15 18:29 - 2016-11-11 10:20 - 00381952 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptngc.dll
2017-02-15 18:29 - 2016-11-11 10:20 - 00339456 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpusersvc.dll
2017-02-15 18:29 - 2016-11-11 10:19 - 00411648 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpsvc.dll
2017-02-15 18:29 - 2016-11-11 10:19 - 00366080 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFolder.dll
2017-02-15 18:29 - 2016-11-11 10:19 - 00320000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2017-02-15 18:29 - 2016-11-11 10:17 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProvSysprep.dll
2017-02-15 18:29 - 2016-11-11 10:16 - 00105984 _____ (Microsoft Corporation) C:\WINDOWS\system32\RjvMDMConfig.dll
2017-02-15 18:29 - 2016-11-11 10:12 - 00870912 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdtcprx.dll
2017-02-15 18:29 - 2016-11-11 10:09 - 01366016 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2017-02-15 18:29 - 2016-11-11 10:07 - 00991232 _____ (Microsoft Corporation) C:\WINDOWS\system32\comdlg32.dll
2017-02-15 18:29 - 2016-11-11 10:06 - 00960000 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2017-02-15 18:29 - 2016-11-11 10:05 - 02852864 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll
2017-02-15 18:29 - 2016-11-11 10:04 - 00691712 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsm.dll
2017-02-15 18:29 - 2016-11-11 10:02 - 03542016 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2017-02-15 18:29 - 2016-11-11 10:02 - 01726976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2017-02-15 18:29 - 2016-11-11 08:59 - 01572768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2017-02-15 18:29 - 2016-11-11 08:42 - 01123912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2017-02-15 18:29 - 2016-11-11 08:42 - 00952416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2017-02-15 18:29 - 2016-11-11 08:42 - 00374448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFPlay.dll
2017-02-15 18:29 - 2016-11-11 08:42 - 00091936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfaudiocnv.dll
2017-02-15 18:29 - 2016-11-11 08:41 - 00157536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudStorageWizard.exe
2017-02-15 18:29 - 2016-11-11 08:24 - 00519168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ngccredprov.dll
2017-02-15 18:29 - 2016-11-11 08:24 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BcastDVRHelper.dll
2017-02-15 18:29 - 2016-11-11 08:23 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppCapture.dll
2017-02-15 18:29 - 2016-11-11 08:22 - 00505856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcastdvr.exe
2017-02-15 18:29 - 2016-11-11 08:19 - 00114176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\setupugc.exe
2017-02-15 18:29 - 2016-11-11 08:15 - 00348672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\zipfldr.dll
2017-02-15 18:29 - 2016-11-11 08:15 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cryptngc.dll
2017-02-15 18:29 - 2016-11-11 08:10 - 00746496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msdtcprx.dll
2017-02-15 18:29 - 2016-11-11 08:09 - 00545280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmkvsrcsnk.dll
2017-02-15 18:29 - 2016-11-11 08:08 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xolehlp.dll
2017-02-15 18:29 - 2016-11-11 08:06 - 00359936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mtxclu.dll
2017-02-15 18:29 - 2016-11-11 08:05 - 04423680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll
2017-02-15 18:29 - 2016-11-11 08:04 - 01992704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2017-02-15 18:28 - 2016-12-21 09:04 - 07816032 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2017-02-15 18:28 - 2016-12-21 08:42 - 00241504 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHost.dll
2017-02-15 18:28 - 2016-12-21 08:37 - 00455520 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2017-02-15 18:28 - 2016-12-21 08:08 - 01292288 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVPXENC.dll
2017-02-15 18:28 - 2016-12-21 08:08 - 00349184 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2017-02-15 18:28 - 2016-12-21 07:53 - 01692672 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2017-02-15 18:28 - 2016-12-21 07:51 - 02275840 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2017-02-15 18:28 - 2016-12-21 05:24 - 05061120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2017-02-15 18:28 - 2016-12-21 05:24 - 03733504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_47.dll
2017-02-15 18:28 - 2016-12-21 05:24 - 00886272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2017-02-15 18:28 - 2016-12-21 05:22 - 00860672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2017-02-15 18:28 - 2016-12-14 06:18 - 00335712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2017-02-15 18:28 - 2016-12-14 06:08 - 00341344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2017-02-15 18:28 - 2016-12-14 06:06 - 00509792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2017-02-15 18:28 - 2016-12-14 05:45 - 00147968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32k.sys
2017-02-15 18:28 - 2016-12-14 05:40 - 00266752 _____ (Microsoft Corporation) C:\WINDOWS\system32\ConsoleLogon.dll
2017-02-15 18:28 - 2016-12-14 05:40 - 00104448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.UI.Logon.ProxyStub.dll
2017-02-15 18:28 - 2016-12-14 05:22 - 02998272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2017-02-15 18:28 - 2016-12-14 05:22 - 00707584 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2017-02-15 18:28 - 2016-12-09 11:34 - 01051112 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2017-02-15 18:28 - 2016-12-09 11:34 - 00894096 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2017-02-15 18:28 - 2016-12-09 11:33 - 01354320 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2017-02-15 18:28 - 2016-12-09 11:33 - 01173496 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2017-02-15 18:28 - 2016-12-09 11:01 - 02323728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10warp.dll
2017-02-15 18:28 - 2016-12-09 10:51 - 00117240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sspicli.dll
2017-02-15 18:28 - 2016-12-09 10:45 - 00040448 _____ (Microsoft Corporation) C:\WINDOWS\system32\WordBreakers.dll
2017-02-15 18:28 - 2016-12-09 10:22 - 02820096 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
2017-02-15 18:28 - 2016-12-09 10:20 - 03198464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll
2017-02-15 18:28 - 2016-12-09 10:19 - 00433664 _____ (Microsoft Corporation) C:\WINDOWS\system32\TextInputFramework.dll
2017-02-15 18:28 - 2016-12-09 10:19 - 00261120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll
2017-02-15 18:28 - 2016-12-09 10:19 - 00119296 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputLocaleManager.dll
2017-02-15 18:28 - 2016-12-09 10:19 - 00085504 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditBufferTestHook.dll
2017-02-15 18:28 - 2016-12-09 10:17 - 00566784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ShareHost.dll
2017-02-15 18:28 - 2016-11-11 11:15 - 00198856 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscapi.dll
2017-02-15 18:28 - 2016-11-11 10:56 - 00424616 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFPlay.dll
2017-02-15 18:28 - 2016-11-11 10:25 - 00151040 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsBtSvc.dll
2017-02-15 18:28 - 2016-11-11 10:25 - 00089600 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosStorage.dll
2017-02-15 18:28 - 2016-11-11 10:22 - 00082944 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshost.dll
2017-02-15 18:28 - 2016-11-11 10:21 - 00313856 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshostcore.dll
2017-02-15 18:28 - 2016-11-11 10:20 - 00446976 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapConfiguration.dll
2017-02-15 18:28 - 2016-11-11 10:17 - 01220096 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscui.cpl
2017-02-15 18:28 - 2016-11-11 10:16 - 00184832 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscsvc.dll
2017-02-15 18:28 - 2016-11-11 10:15 - 00282624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb10.sys
2017-02-15 18:28 - 2016-11-11 10:14 - 07654400 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2017-02-15 18:28 - 2016-11-11 10:13 - 07812096 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2017-02-15 18:28 - 2016-11-11 10:08 - 00539136 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToManager.dll
2017-02-15 18:28 - 2016-11-11 10:07 - 03441152 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapRouter.dll
2017-02-15 18:28 - 2016-11-11 10:07 - 02953216 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapGeocoder.dll
2017-02-15 18:28 - 2016-11-11 10:07 - 02510848 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2017-02-15 18:28 - 2016-11-11 10:05 - 01031680 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
2017-02-15 18:28 - 2016-11-11 10:03 - 04708864 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
2017-02-15 18:28 - 2016-11-11 10:03 - 00905216 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlCore.dll
2017-02-15 18:28 - 2016-11-11 09:01 - 00167848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscapi.dll
2017-02-15 18:28 - 2016-11-11 08:48 - 02277248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll
2017-02-15 18:28 - 2016-11-11 08:47 - 00527880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2017-02-15 18:28 - 2016-11-11 08:26 - 00030720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReAgentc.exe
2017-02-15 18:28 - 2016-11-11 08:19 - 01755136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DeviceFlows.DataModel.dll
2017-02-15 18:28 - 2016-11-11 08:19 - 00364544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupShim.dll
2017-02-15 18:28 - 2016-11-11 08:18 - 00431616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\efswrt.dll
2017-02-15 18:28 - 2016-11-11 08:17 - 00333312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActivationManager.dll
2017-02-15 18:28 - 2016-11-11 08:06 - 01228288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usercpl.dll
2017-02-15 18:28 - 2016-11-11 08:04 - 01595392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2017-02-15 18:28 - 2016-11-11 08:03 - 02256384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2017-02-15 18:27 - 2016-12-21 08:13 - 00119808 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCsp.dll
2017-02-15 18:27 - 2016-12-21 08:12 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProvPluginEng.dll
2017-02-15 18:27 - 2016-12-21 08:10 - 00234496 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCore.dll
2017-02-15 18:27 - 2016-12-14 05:32 - 00806400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3D12.dll
2017-02-15 18:27 - 2016-11-11 10:28 - 00040960 _____ (Microsoft Corporation) C:\WINDOWS\system32\CbtBackgroundManagerPolicy.dll
2017-02-15 18:27 - 2016-11-11 10:26 - 00042496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\modem.sys
2017-02-15 18:27 - 2016-11-11 10:15 - 00159232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscinterop.dll
2017-02-15 18:27 - 2016-11-11 10:14 - 00713216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2017-02-15 18:27 - 2016-11-11 10:13 - 00306176 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdtcuiu.dll
2017-02-15 18:27 - 2016-11-11 10:07 - 01060864 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpMapControl.dll
2017-02-15 18:27 - 2016-11-11 10:02 - 00936448 _____ (Microsoft Corporation) C:\WINDOWS\system32\NMAA.dll
2017-02-15 18:27 - 2016-11-11 08:27 - 00065024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetCfgNotifyObjectHost.exe
2017-02-15 18:27 - 2016-11-11 08:18 - 01196544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscui.cpl
2017-02-15 18:27 - 2016-11-11 08:18 - 00108544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscinterop.dll
2017-02-14 17:43 - 2017-02-19 18:51 - 00000000 ____D C:\Users\Baby\AppData\Local\ConnectedDevicesPlatform
2017-02-14 17:43 - 2017-02-14 17:43 - 00000020 ___SH C:\Users\Baby\ntuser.ini
2017-02-14 17:41 - 2017-02-14 17:41 - 00000000 _SHDL C:\Users\Default\Vorlagen
2017-02-14 17:41 - 2017-02-14 17:41 - 00000000 _SHDL C:\Users\Default\Startmenü
2017-02-14 17:41 - 2017-02-14 17:41 - 00000000 _SHDL C:\Users\Default\Netzwerkumgebung
2017-02-14 17:41 - 2017-02-14 17:41 - 00000000 _SHDL C:\Users\Default\Lokale Einstellungen
2017-02-14 17:41 - 2017-02-14 17:41 - 00000000 _SHDL C:\Users\Default\Eigene Dateien
2017-02-14 17:41 - 2017-02-14 17:41 - 00000000 _SHDL C:\Users\Default\Druckumgebung
2017-02-14 17:41 - 2017-02-14 17:41 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Videos
2017-02-14 17:41 - 2017-02-14 17:41 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Musik
2017-02-14 17:41 - 2017-02-14 17:41 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Bilder
2017-02-14 17:41 - 2017-02-14 17:41 - 00000000 _SHDL C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2017-02-14 17:41 - 2017-02-14 17:41 - 00000000 _SHDL C:\Users\Default\AppData\Local\Verlauf
2017-02-14 17:41 - 2017-02-14 17:41 - 00000000 _SHDL C:\Users\Default\AppData\Local\Anwendungsdaten
2017-02-14 17:41 - 2017-02-14 17:41 - 00000000 _SHDL C:\Users\Default\Anwendungsdaten
2017-02-14 17:41 - 2017-02-14 17:41 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Videos
2017-02-14 17:41 - 2017-02-14 17:41 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Musik
2017-02-14 17:41 - 2017-02-14 17:41 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Bilder
2017-02-14 17:41 - 2017-02-14 17:41 - 00000000 _SHDL C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2017-02-14 17:41 - 2017-02-14 17:41 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Verlauf
2017-02-14 17:41 - 2017-02-14 17:41 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Anwendungsdaten
2017-02-14 17:40 - 2017-02-14 17:41 - 00007623 _____ C:\WINDOWS\diagwrn.xml
2017-02-14 17:40 - 2017-02-14 17:41 - 00007623 _____ C:\WINDOWS\diagerr.xml
2017-02-14 17:39 - 2017-02-14 17:39 - 00003310 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{80B2E059-914D-4AA0-B810-B7874A284424}
2017-02-14 17:39 - 2017-02-14 17:39 - 00002770 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task v2
2017-02-14 17:39 - 2017-02-14 17:39 - 00000000 ____D C:\WINDOWS\System32\Tasks\McAfee
2017-02-14 17:39 - 2017-02-14 17:39 - 00000000 ____D C:\WINDOWS\System32\Tasks\Lenovo
2017-02-14 17:39 - 2017-02-14 17:39 - 00000000 ____D C:\WINDOWS\System32\Tasks\CyberLink
2017-02-14 17:32 - 2017-02-14 17:32 - 00022960 _____ C:\WINDOWS\system32\emptyregdb.dat
2017-02-14 17:26 - 2017-02-14 17:26 - 00001576 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2017-02-14 17:26 - 2017-02-14 17:26 - 00000000 ____D C:\Users\Default\AppData\Local\AdvinstAnalytics
2017-02-14 17:26 - 2017-02-14 17:26 - 00000000 ____D C:\Users\Default User\AppData\Local\AdvinstAnalytics
2017-02-14 17:23 - 2017-02-14 17:27 - 00000000 ____D C:\WINDOWS\system32\config\bbimigrate
2017-02-14 17:22 - 2017-03-03 18:46 - 00000000 ____D C:\Users\Baby
2017-02-14 17:22 - 2017-02-14 17:22 - 00000000 _SHDL C:\Users\Baby\Vorlagen
2017-02-14 17:22 - 2017-02-14 17:22 - 00000000 _SHDL C:\Users\Baby\Startmenü
2017-02-14 17:22 - 2017-02-14 17:22 - 00000000 _SHDL C:\Users\Baby\Netzwerkumgebung
2017-02-14 17:22 - 2017-02-14 17:22 - 00000000 _SHDL C:\Users\Baby\Lokale Einstellungen
2017-02-14 17:22 - 2017-02-14 17:22 - 00000000 _SHDL C:\Users\Baby\Eigene Dateien
2017-02-14 17:22 - 2017-02-14 17:22 - 00000000 _SHDL C:\Users\Baby\Druckumgebung
2017-02-14 17:22 - 2017-02-14 17:22 - 00000000 _SHDL C:\Users\Baby\Documents\Eigene Videos
2017-02-14 17:22 - 2017-02-14 17:22 - 00000000 _SHDL C:\Users\Baby\Documents\Eigene Musik
2017-02-14 17:22 - 2017-02-14 17:22 - 00000000 _SHDL C:\Users\Baby\Documents\Eigene Bilder
2017-02-14 17:22 - 2017-02-14 17:22 - 00000000 _SHDL C:\Users\Baby\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2017-02-14 17:22 - 2017-02-14 17:22 - 00000000 _SHDL C:\Users\Baby\AppData\Local\Verlauf
2017-02-14 17:22 - 2017-02-14 17:22 - 00000000 _SHDL C:\Users\Baby\AppData\Local\Anwendungsdaten
2017-02-14 17:22 - 2017-02-14 17:22 - 00000000 _SHDL C:\Users\Baby\Anwendungsdaten
2017-02-14 17:18 - 2017-02-14 17:18 - 00000000 ____H C:\ProgramData\DP45977C.lfl
2017-02-14 17:18 - 2017-02-14 17:18 - 00000000 ____D C:\WINDOWS\SysWOW64\RTCOM
2017-02-14 17:18 - 2017-02-14 17:18 - 00000000 ____D C:\WINDOWS\system32\DAX2
2017-02-14 17:18 - 2017-02-14 17:18 - 00000000 ____D C:\Program Files\Realtek
2017-02-14 17:17 - 2017-03-04 19:17 - 00000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2017-02-14 17:17 - 2017-02-14 17:27 - 00000000 ____D C:\Program Files\Elantech
2017-02-14 17:17 - 2017-02-14 17:24 - 00000000 ____D C:\Program Files\Intel
2017-02-14 17:17 - 2017-02-14 17:17 - 00000200 _____ C:\WINDOWS\system32\{EC94D02F-D200-4428-9531-05AF7F9799CB}.bat
2017-02-14 17:17 - 2017-02-14 17:17 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_ETDSMBus_01011.Wdf
2017-02-14 17:17 - 2015-08-16 18:13 - 00086528 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.DLL
2017-02-14 17:17 - 2015-08-16 18:13 - 00082432 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.DLL
2017-02-14 17:14 - 2017-02-14 17:42 - 00000000 ___DC C:\WINDOWS\Panther
2017-02-14 17:11 - 2017-02-14 17:11 - 00008192 _____ C:\WINDOWS\system32\config\userdiff
2017-02-14 17:09 - 2017-02-14 17:09 - 00000000 ____D C:\WINDOWS\SysWOW64\XPSViewer
2017-02-14 17:09 - 2017-02-14 17:09 - 00000000 ____D C:\Program Files\Reference Assemblies
2017-02-14 17:09 - 2017-02-14 17:09 - 00000000 ____D C:\Program Files\MSBuild
2017-02-14 17:09 - 2017-02-14 17:09 - 00000000 ____D C:\Program Files (x86)\Reference Assemblies
2017-02-14 17:09 - 2017-02-14 17:09 - 00000000 ____D C:\Program Files (x86)\MSBuild
2017-02-14 17:08 - 2016-05-25 14:31 - 01166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
2017-02-14 17:08 - 2016-05-25 14:31 - 00124624 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2017-02-14 17:08 - 2016-05-25 14:31 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2017-02-14 17:08 - 2016-05-25 11:03 - 00778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll
2017-02-14 17:08 - 2016-05-25 11:03 - 00103120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2017-02-14 17:08 - 2016-05-25 11:03 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2017-02-12 21:14 - 2017-02-12 21:14 - 00061781 _____ C:\Users\Baby\Downloads\31_031_01424_Bestätigung der Annahme ESt unbeschränkt (ESt 1 A) 2016_ElsterOnline2.pdf
2017-02-12 21:04 - 2017-02-12 21:05 - 00022072 _____ C:\Users\Baby\Downloads\steuerberechnung_2017-02-12-210443.pdf
2017-02-12 21:00 - 2017-02-12 21:00 - 00022068 _____ C:\Users\Baby\Downloads\steuerberechnung_2017-02-12-210042.pdf
2017-02-12 20:57 - 2017-02-12 20:57 - 00022071 _____ C:\Users\Baby\Downloads\steuerberechnung_2017-02-12-205749.pdf
2017-02-10 19:02 - 2017-02-10 19:02 - 00022075 _____ C:\Users\Baby\Downloads\steuerberechnung_2017-02-10-190244.pdf
2017-02-10 19:01 - 2017-02-10 19:01 - 00022094 _____ C:\Users\Baby\Downloads\steuerberechnung_2017-02-10-190109.pdf
2017-02-10 18:43 - 2017-02-10 18:43 - 00022759 _____ C:\Users\Baby\Downloads\steuerberechnung_2017-02-10-184311.pdf
2017-02-10 18:20 - 2017-02-10 18:20 - 00010495 _____ C:\Users\Baby\Downloads\Rene1896_elster_10.02.2017_18.20.pfx
2017-02-10 18:16 - 2017-02-10 18:16 - 00010495 _____ C:\Users\Baby\Downloads\VanyB91_elster_10.02.2017_18.15.pfx
2017-02-08 15:27 - 2017-03-02 19:09 - 00001309 _____ C:\Users\Public\Desktop\ElsterFormular.lnk
2017-02-08 15:27 - 2017-03-02 19:09 - 00000000 ____D C:\ProgramData\elsterformular
2017-02-08 15:27 - 2017-03-02 19:09 - 00000000 ____D C:\Program Files (x86)\ElsterFormular
2017-02-08 15:27 - 2017-02-08 15:27 - 00000000 ____D C:\Users\Baby\AppData\Roaming\elsterformular
2017-02-08 15:24 - 2017-02-08 15:26 - 67816592 _____ (Landesfinanzdirektion Thüringen) C:\Users\Baby\Downloads\ElsterFormularPrivat.exe
2017-02-03 16:50 - 2017-02-03 16:50 - 00000000 ____D C:\Users\Baby\AppData\Local\CEF
2017-02-03 16:48 - 2017-02-19 19:29 - 00000000 ____D C:\Program Files (x86)\IObit
2017-02-03 16:48 - 2017-02-03 17:04 - 00000000 ____D C:\ProgramData\Avg
2017-02-03 16:48 - 2017-02-03 17:03 - 00000000 ____D C:\Users\Baby\AppData\Local\AvgSetupLog
2017-02-03 16:48 - 2017-02-03 16:49 - 00000000 ____D C:\Users\Baby\AppData\Roaming\IObit
2017-02-03 16:48 - 2017-02-03 16:49 - 00000000 ____D C:\ProgramData\IObit
2017-02-03 16:48 - 2017-02-03 16:48 - 00000000 ____D C:\WINDOWS\Tasks\ImCleanDisabled
2017-02-03 16:48 - 2017-02-03 16:48 - 00000000 ____D C:\Users\Baby\AppData\Local\Avg
2017-02-03 16:48 - 2017-02-03 16:48 - 00000000 ____D C:\ProgramData\{FD6F83C0-EC70-4581-8361-C70CD1AA4B98}
2017-01-31 13:49 - 2017-01-31 13:49 - 00000000 ____D C:\Users\Baby\AppData\Roaming\GameHouse
2017-01-31 13:48 - 2017-02-14 17:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Zylom
2017-01-31 13:48 - 2017-01-31 13:48 - 00000000 ____D C:\ProgramData\com.gamehouse.acid
2017-01-31 13:48 - 2017-01-31 13:48 - 00000000 ____D C:\Program Files (x86)\Online Games Manager
2017-01-31 13:42 - 2017-01-31 13:48 - 00000000 ____D C:\Users\Baby\AppData\Local\com.gamehouse.acid
2017-01-31 13:42 - 2017-01-31 13:42 - 00000000 ____D C:\Zylom Games
2017-01-31 13:41 - 2017-01-31 13:41 - 00002003 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Game Manager.lnk
2017-01-31 13:41 - 2017-01-31 13:41 - 00001208 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Weitere fantastische Spiele.lnk
2017-01-31 13:41 - 2017-01-31 13:41 - 00000000 ____D C:\ProgramData\Big Fish
2017-01-31 13:41 - 2017-01-31 13:41 - 00000000 ____D C:\Program Files (x86)\bfgclient
2017-01-31 13:40 - 2017-01-31 13:41 - 00000000 ____D C:\Users\Baby\AppData\Local\Big Fish
2017-01-31 13:40 - 2017-01-31 13:41 - 00000000 ____D C:\BigFishCache
2017-01-31 13:40 - 2017-01-31 13:40 - 00237568 _____ (Big Fish Games) C:\Users\Baby\Downloads\gardenscapes_s2_l2_gF5293T1L2_d2692186189.exe
2017-01-30 18:31 - 2017-01-30 18:31 - 00000000 ____D C:\WINDOWS\system32\sstmp
2017-01-28 17:42 - 2017-01-28 17:42 - 01496584 _____ C:\Users\Baby\Downloads\DirectX - CHIP-Installer.exe
2017-01-28 17:36 - 2017-01-28 17:52 - 00000000 ____D C:\Users\Baby\Downloads\flatout2_demo
2017-01-28 14:54 - 2017-01-28 15:04 - 499573731 _____ C:\Users\Baby\Downloads\flatout2_demo.zip
2017-01-25 19:00 - 2017-02-03 17:06 - 00000000 ____D C:\ProgramData\install_backup
2017-01-22 20:39 - 2017-01-22 20:39 - 00000000 __RHD C:\Users\Baby\AppData\Roaming\SecuROM
2017-01-22 20:39 - 2017-01-22 20:39 - 00000000 ____D C:\Users\Baby\Documents\GTA San Andreas User Files
2017-01-17 17:03 - 2017-01-17 17:03 - 00159009 _____ C:\Users\Baby\Downloads\Rechnung_9201230.pdf
2017-01-17 17:03 - 2017-01-17 17:03 - 00000000 ____D C:\ProgramData\HP
2017-01-13 21:11 - 2017-01-13 21:11 - 00379136 _____ (Intel Corporation) C:\WINDOWS\system32\ibtproppage.dll
2017-01-13 18:46 - 2017-01-13 18:46 - 00003253 _____ C:\Users\Baby\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Lenovo App Explorer.lnk
2017-01-13 18:41 - 2017-01-13 18:41 - 00000000 ____D C:\Users\Baby\AppData\Roaming\Skype
2017-01-13 15:40 - 2017-01-13 15:40 - 00245512 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klupd_klif_klark.sys
2017-01-13 15:38 - 2017-01-13 15:38 - 00218920 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klupd_klif_arkmon.sys
2017-01-13 15:38 - 2017-01-13 15:38 - 00164888 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klupd_klif_mark.sys
2017-01-13 15:38 - 2017-01-13 15:38 - 00104720 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klupd_klif_klbg.sys
2017-01-13 15:38 - 2017-01-13 15:38 - 00085984 _____ C:\WINDOWS\system32\Drivers\klupd_klif_kimul.sys
2017-01-13 15:35 - 2017-02-14 17:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Total Security
2017-01-13 15:33 - 2017-01-13 15:25 - 00002214 _____ C:\Users\Public\Desktop\Kaspersky Total Security.lnk
2017-01-13 15:26 - 2017-02-14 17:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Secure Connection
2017-01-13 15:26 - 2017-01-13 15:39 - 00001480 _____ C:\Users\Public\Desktop\Kaspersky Secure Connection.lnk
2017-01-13 15:25 - 2017-01-13 15:25 - 00002282 _____ C:\Users\Public\Desktop\Sicherer Zahlungsverkehr.lnk
2017-01-13 15:25 - 2013-05-06 08:13 - 00110176 _____ (Kaspersky Lab ZAO) C:\WINDOWS\system32\klfphc.dll
2017-01-13 15:24 - 2017-03-04 19:19 - 00000000 ____D C:\ProgramData\Kaspersky Lab
2017-01-13 15:24 - 2017-01-13 15:38 - 01019616 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klif.sys
2017-01-13 15:24 - 2017-01-13 15:26 - 00000000 ____D C:\Program Files (x86)\Kaspersky Lab
2017-01-13 15:24 - 2016-06-26 15:14 - 00191312 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klflt.sys
2017-01-13 15:13 - 2017-02-14 17:24 - 00000000 ____D C:\WINDOWS\SysWOW64\BestPractices
2017-01-13 15:13 - 2017-02-14 17:24 - 00000000 ____D C:\WINDOWS\system32\BestPractices
2017-01-13 15:11 - 2016-08-02 01:03 - 00216704 _____ (McAfee, Inc.) C:\WINDOWS\system32\Drivers\HipShieldK.sys
2017-01-13 15:10 - 2016-04-26 17:56 - 00277744 _____ (McAfee, Inc.) C:\WINDOWS\system32\mfevtps.exe
2017-01-13 15:09 - 2017-01-13 15:09 - 00000000 ____D C:\ProgramData\Intel Security
2017-01-13 15:09 - 2017-01-13 15:09 - 00000000 ____D C:\Program Files\Common Files\Intel Security
2017-01-13 15:01 - 2017-01-13 15:01 - 01496584 _____ C:\Users\Baby\Downloads\Kaspersky Internet Security 2017 - CHIP-Installer.exe
2017-01-13 14:58 - 2017-03-04 19:22 - 00045476 _____ C:\WINDOWS\system32\InstallUtil.InstallLog
2017-01-12 21:54 - 2017-01-12 21:54 - 00000000 _SHDL C:\Users\Public\Documents\Eigene Videos
2017-01-12 21:54 - 2017-01-12 21:54 - 00000000 _SHDL C:\Users\Public\Documents\Eigene Musik
2017-01-12 21:54 - 2017-01-12 21:54 - 00000000 _SHDL C:\Users\Public\Documents\Eigene Bilder
2017-01-12 21:54 - 2017-01-12 21:54 - 00000000 _SHDL C:\Users\Default.migrated\Vorlagen
2017-01-12 21:54 - 2017-01-12 21:54 - 00000000 _SHDL C:\Users\Default.migrated\Startmenü
2017-01-12 21:54 - 2017-01-12 21:54 - 00000000 _SHDL C:\Users\Default.migrated\Netzwerkumgebung
2017-01-12 21:54 - 2017-01-12 21:54 - 00000000 _SHDL C:\Users\Default.migrated\Lokale Einstellungen
2017-01-12 21:54 - 2017-01-12 21:54 - 00000000 _SHDL C:\Users\Default.migrated\Eigene Dateien
2017-01-12 21:54 - 2017-01-12 21:54 - 00000000 _SHDL C:\Users\Default.migrated\Druckumgebung
2017-01-12 21:54 - 2017-01-12 21:54 - 00000000 _SHDL C:\Users\Default.migrated\Documents\Eigene Videos
2017-01-12 21:54 - 2017-01-12 21:54 - 00000000 _SHDL C:\Users\Default.migrated\Documents\Eigene Musik
2017-01-12 21:54 - 2017-01-12 21:54 - 00000000 _SHDL C:\Users\Default.migrated\Documents\Eigene Bilder
2017-01-12 21:54 - 2017-01-12 21:54 - 00000000 _SHDL C:\Users\Default.migrated\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2017-01-12 21:54 - 2017-01-12 21:54 - 00000000 _SHDL C:\Users\Default.migrated\AppData\Local\Verlauf
2017-01-12 21:54 - 2017-01-12 21:54 - 00000000 _SHDL C:\Users\Default.migrated\AppData\Local\Anwendungsdaten
2017-01-12 21:54 - 2017-01-12 21:54 - 00000000 _SHDL C:\Users\Default.migrated\Anwendungsdaten
2017-01-12 21:54 - 2017-01-12 21:54 - 00000000 _SHDL C:\Programme
2017-01-12 21:54 - 2017-01-12 21:54 - 00000000 _SHDL C:\ProgramData\Vorlagen
2017-01-12 21:54 - 2017-01-12 21:54 - 00000000 _SHDL C:\ProgramData\Startmenü
2017-01-12 21:54 - 2017-01-12 21:54 - 00000000 _SHDL C:\ProgramData\Microsoft\Windows\Start Menu\Programme
2017-01-12 21:54 - 2017-01-12 21:54 - 00000000 _SHDL C:\ProgramData\Dokumente
2017-01-12 21:54 - 2017-01-12 21:54 - 00000000 _SHDL C:\ProgramData\Anwendungsdaten
2017-01-12 21:54 - 2017-01-12 21:54 - 00000000 _SHDL C:\Program Files\Gemeinsame Dateien
2017-01-12 21:54 - 2017-01-12 21:54 - 00000000 _SHDL C:\Dokumente und Einstellungen
2017-01-12 20:00 - 2017-02-26 10:58 - 00000000 ____D C:\WINDOWS\system32\MRT
2017-01-12 20:00 - 2017-02-26 10:57 - 138020592 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-01-12 19:51 - 2016-07-01 04:40 - 00034304 ____N (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Speech.Pal.dll
2017-01-12 18:43 - 2016-07-01 04:57 - 00059392 ____N (Microsoft Corporation) C:\WINDOWS\system32\cdpreference.exe
2017-01-12 18:41 - 2015-10-30 03:40 - 00014848 ____N (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqcertui.dll
2017-01-12 18:41 - 2015-10-30 03:30 - 00635904 ____N (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqsnap.dll
2017-01-12 18:32 - 2017-01-12 18:32 - 02365296 _____ (Microsoft Corporation) C:\WINDOWS\system32\WudfUpdate_01011.dll
2017-01-12 16:19 - 2017-01-12 16:19 - 00000000 ____D C:\Users\Baby\AppData\Local\Comms
2017-01-12 16:15 - 2017-01-12 16:15 - 00000000 ____D C:\Users\Baby\AppData\Local\CyberLink
2017-01-12 16:05 - 2017-01-12 16:07 - 00000000 ____D C:\Users\Baby\AppData\Local\MicrosoftEdge
2017-01-12 16:05 - 2017-01-12 16:06 - 21628640 _____ (Microsoft Corporation) C:\Users\Baby\Downloads\OneDriveSetup.exe
2017-01-12 16:05 - 2017-01-12 16:05 - 00000000 ____D C:\Users\Baby\AppData\Roaming\Macromedia
2017-01-12 16:04 - 2017-01-12 16:04 - 00000000 ____D C:\Users\Baby\AppData\Roaming\Intel Corporation
2017-01-12 16:04 - 2017-01-12 16:04 - 00000000 ____D C:\Users\Baby\AppData\Local\NetworkTiles
2017-01-12 16:03 - 2017-03-04 19:24 - 00000000 ___RD C:\Users\Baby\OneDrive
2017-01-12 16:03 - 2017-02-23 21:20 - 00002387 _____ C:\Users\Baby\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2017-01-12 16:02 - 2017-01-12 16:02 - 00000000 ____D C:\Users\Baby\AppData\Local\ActiveSync
2017-01-12 16:01 - 2017-01-13 15:00 - 00000000 ____D C:\Users\Baby\AppData\Local\Lenovo
2017-01-12 16:01 - 2017-01-12 16:01 - 00000000 ____D C:\Users\Baby\REACHit
2017-01-12 16:01 - 2017-01-12 16:01 - 00000000 ____D C:\Users\Baby\AppData\Local\Publishers
2017-01-12 16:00 - 2017-03-04 19:17 - 00000000 __SHD C:\Users\Baby\IntelGraphicsProfiles
2017-01-12 16:00 - 2017-02-20 20:17 - 00000000 ____D C:\Users\Baby\AppData\Local\Packages
2017-01-12 16:00 - 2017-01-12 16:00 - 00000000 ____D C:\Users\Baby\AppData\Roaming\Intel
2017-01-12 16:00 - 2017-01-12 16:00 - 00000000 ____D C:\Users\Baby\AppData\Roaming\Adobe
2017-01-12 16:00 - 2017-01-12 16:00 - 00000000 ____D C:\Users\Baby\AppData\Local\VirtualStore
2017-01-12 16:00 - 2017-01-12 16:00 - 00000000 ____D C:\Users\Baby\AppData\Local\TileDataLayer
2017-01-12 15:58 - 2017-01-12 15:58 - 00000000 ____D C:\Users\Public\Lenovo App Explorer
2016-12-12 16:21 - 2017-01-13 21:11 - 00231168 _____ (Intel Corporation) C:\WINDOWS\system32\Drivers\ibtusb.sys
2016-12-12 16:21 - 2017-01-13 21:11 - 00184064 _____ (Intel Corporation) C:\WINDOWS\system32\ibtsiva.exe

==================== Drei Monate: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2017-03-04 19:21 - 2016-11-20 22:42 - 01660258 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-03-04 19:21 - 2016-11-20 22:00 - 00601682 _____ C:\WINDOWS\system32\perfh007.dat
2017-03-04 19:21 - 2016-11-20 22:00 - 00117834 _____ C:\WINDOWS\system32\perfc007.dat
2017-03-04 19:19 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\Macromed
2017-03-04 19:16 - 2016-11-20 22:32 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-03-04 19:10 - 2016-07-16 07:04 - 00524288 _____ C:\WINDOWS\system32\config\BBI
2017-03-04 18:52 - 2016-11-20 13:32 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2017-03-03 18:41 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\AppReadiness
2017-03-02 20:59 - 2016-07-16 12:45 - 00000000 ____D C:\WINDOWS\INF
2017-03-02 16:57 - 2016-07-16 12:47 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2017-03-02 16:56 - 2016-10-19 00:32 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2017-03-02 16:45 - 2016-07-16 12:47 - 00000000 ___HD C:\Program Files\WindowsApps
2017-02-28 19:50 - 2016-11-20 13:32 - 00357328 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2017-02-26 15:24 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\rescache
2017-02-26 10:57 - 2016-07-16 12:36 - 00000000 ____D C:\WINDOWS\CbsTemp
2017-02-20 20:45 - 2016-07-16 12:47 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2017-02-19 18:50 - 2016-11-20 22:46 - 00000000 __RHD C:\Users\Public\AccountPictures
2017-02-17 20:03 - 2016-07-16 12:47 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2017-02-17 20:03 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\SysWOW64\oobe
2017-02-17 20:03 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2017-02-17 20:03 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\oobe
2017-02-17 20:03 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\ShellExperiences
2017-02-17 20:03 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\Provisioning
2017-02-17 20:03 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\bcastdvr
2017-02-17 20:03 - 2016-07-16 07:04 - 00000000 ____D C:\WINDOWS\SysWOW64\Dism
2017-02-17 20:03 - 2016-07-16 07:04 - 00000000 ____D C:\WINDOWS\system32\Sysprep
2017-02-17 20:03 - 2016-07-16 07:04 - 00000000 ____D C:\WINDOWS\system32\Dism
2017-02-17 20:03 - 2016-07-16 07:04 - 00000000 ____D C:\WINDOWS\servicing
2017-02-15 17:48 - 2016-07-16 12:42 - 00180224 _____ (Microsoft Corporation) C:\WINDOWS\system32\enrollmentapi.dll
2017-02-15 17:39 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\appcompat
2017-02-14 17:49 - 2016-06-20 23:41 - 00057424 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klim6.sys
2017-02-14 17:41 - 2016-07-16 12:47 - 00000000 ____D C:\Program Files\Windows NT
2017-02-14 17:40 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\Registration
2017-02-14 17:39 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\WinBioDatabase
2017-02-14 17:39 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\Tasks_Migrated
2017-02-14 17:31 - 2016-10-19 01:44 - 01442704 _____ C:\WINDOWS\SysWOW64\PerfStringBackup.INI
2017-02-14 17:31 - 2016-07-16 12:47 - 00000000 __RHD C:\Users\Public\Libraries
2017-02-14 17:27 - 2016-10-19 01:44 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
2017-02-14 17:27 - 2016-10-19 01:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Realtek
2017-02-14 17:27 - 2016-10-19 01:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dolby
2017-02-14 17:27 - 2016-10-19 00:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2016-Tools
2017-02-14 17:27 - 2016-10-19 00:31 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lenovo
2017-02-14 17:27 - 2016-07-16 07:04 - 00032768 _____ C:\WINDOWS\system32\config\ELAM
2017-02-14 17:26 - 2015-10-30 07:28 - 00000000 ____D C:\Users\Default.migrated
2017-02-14 17:24 - 2016-11-20 21:59 - 00000000 ____D C:\WINDOWS\SysWOW64\winrm
2017-02-14 17:24 - 2016-11-20 21:59 - 00000000 ____D C:\WINDOWS\SysWOW64\WCN
2017-02-14 17:24 - 2016-11-20 21:59 - 00000000 ____D C:\WINDOWS\SysWOW64\slmgr
2017-02-14 17:24 - 2016-11-20 21:59 - 00000000 ____D C:\WINDOWS\SysWOW64\Printing_Admin_Scripts
2017-02-14 17:24 - 2016-11-20 21:59 - 00000000 ____D C:\WINDOWS\system32\winrm
2017-02-14 17:24 - 2016-11-20 21:59 - 00000000 ____D C:\WINDOWS\system32\WCN
2017-02-14 17:24 - 2016-11-20 21:59 - 00000000 ____D C:\WINDOWS\system32\slmgr
2017-02-14 17:24 - 2016-11-20 21:59 - 00000000 ____D C:\WINDOWS\system32\Printing_Admin_Scripts
2017-02-14 17:24 - 2016-10-19 01:47 - 00000000 ___HD C:\WINDOWS\system32\WLANProfiles
2017-02-14 17:24 - 2016-07-16 12:47 - 00000000 ___SD C:\WINDOWS\SysWOW64\F12
2017-02-14 17:24 - 2016-07-16 12:47 - 00000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs
2017-02-14 17:24 - 2016-07-16 12:47 - 00000000 ___SD C:\WINDOWS\system32\F12
2017-02-14 17:24 - 2016-07-16 12:47 - 00000000 ___SD C:\WINDOWS\system32\dsc
2017-02-14 17:24 - 2016-07-16 12:47 - 00000000 ___SD C:\WINDOWS\system32\DiagSvcs
2017-02-14 17:24 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2017-02-14 17:24 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\NDF
2017-02-14 17:24 - 2016-07-16 12:47 - 00000000 ____D C:\Program Files\Windows Photo Viewer
2017-02-14 17:24 - 2016-07-16 12:47 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2017-02-14 17:17 - 2016-10-19 01:41 - 00000000 ___HD C:\Intel
2017-02-14 17:14 - 2016-07-16 12:47 - 00028672 _____ C:\WINDOWS\system32\config\BCD-Template
2017-02-14 17:09 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\SysWOW64\MUI
2017-02-14 17:09 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\MUI
2017-02-06 20:48 - 2016-07-16 12:49 - 00835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2017-02-06 20:48 - 2016-07-16 12:49 - 00177656 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2017-02-03 17:06 - 2016-10-19 00:45 - 00000000 ____D C:\ProgramData\SUPPORTDIR
2017-02-03 17:06 - 2016-10-19 00:43 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2017-02-03 17:06 - 2016-10-19 00:31 - 00000000 ____D C:\Program Files (x86)\Lenovo
2017-02-03 17:05 - 2016-10-19 00:47 - 00000000 ____D C:\ProgramData\CyberLink

Reen96 04.03.2017 19:34
Den Rest von FRST, da Nachricht zu lang:

Code:
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2010-06-02 05:21 - 2010-06-02 05:21 - 1347354 _____ () C:\Program Files\Apr2005_d3dx9_25_x64.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 1078962 _____ () C:\Program Files\Apr2005_d3dx9_25_x86.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 1397830 _____ () C:\Program Files\Apr2006_d3dx9_30_x64.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 1115221 _____ () C:\Program Files\Apr2006_d3dx9_30_x86.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 0916430 _____ () C:\Program Files\Apr2006_MDX1_x86.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 4162630 _____ () C:\Program Files\Apr2006_MDX1_x86_Archive.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 0179133 _____ () C:\Program Files\Apr2006_XACT_x64.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 0133103 _____ () C:\Program Files\Apr2006_XACT_x86.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 0087101 _____ () C:\Program Files\Apr2006_xinput_x64.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 0046010 _____ () C:\Program Files\Apr2006_xinput_x86.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 0698612 _____ () C:\Program Files\APR2007_d3dx10_33_x64.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 0695865 _____ () C:\Program Files\APR2007_d3dx10_33_x86.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 1607358 _____ () C:\Program Files\APR2007_d3dx9_33_x64.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 1606039 _____ () C:\Program Files\APR2007_d3dx9_33_x86.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 0195766 _____ () C:\Program Files\APR2007_XACT_x64.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 0151225 _____ () C:\Program Files\APR2007_XACT_x86.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 0096817 _____ () C:\Program Files\APR2007_xinput_x64.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 0053302 _____ () C:\Program Files\APR2007_xinput_x86.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 1350542 _____ () C:\Program Files\Aug2005_d3dx9_27_x64.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 1077644 _____ () C:\Program Files\Aug2005_d3dx9_27_x86.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 0182903 _____ () C:\Program Files\AUG2006_XACT_x64.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 0137235 _____ () C:\Program Files\AUG2006_XACT_x86.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 0087142 _____ () C:\Program Files\AUG2006_xinput_x64.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 0046058 _____ () C:\Program Files\AUG2006_xinput_x86.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 0852286 _____ () C:\Program Files\AUG2007_d3dx10_35_x64.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 0796867 _____ () C:\Program Files\AUG2007_d3dx10_35_x86.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 1800160 _____ () C:\Program Files\AUG2007_d3dx9_35_x64.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 1708152 _____ () C:\Program Files\AUG2007_d3dx9_35_x86.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 0198096 _____ () C:\Program Files\AUG2007_XACT_x64.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 0153012 _____ () C:\Program Files\AUG2007_XACT_x86.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 0867612 _____ () C:\Program Files\Aug2008_d3dx10_39_x64.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 0849167 _____ () C:\Program Files\Aug2008_d3dx10_39_x86.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 1794084 _____ () C:\Program Files\Aug2008_d3dx9_39_x64.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 1464672 _____ () C:\Program Files\Aug2008_d3dx9_39_x86.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 0121772 _____ () C:\Program Files\Aug2008_XACT_x64.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 0092996 _____ () C:\Program Files\Aug2008_XACT_x86.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 0271412 _____ () C:\Program Files\Aug2008_XAudio_x64.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 0271038 _____ () C:\Program Files\Aug2008_XAudio_x86.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 0919044 _____ () C:\Program Files\Aug2009_D3DCompiler_42_x64.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 0900598 _____ () C:\Program Files\Aug2009_D3DCompiler_42_x86.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 3112111 _____ () C:\Program Files\Aug2009_d3dcsx_42_x64.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 3319740 _____ () C:\Program Files\Aug2009_d3dcsx_42_x86.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 0232635 _____ () C:\Program Files\Aug2009_d3dx10_42_x64.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 0192131 _____ () C:\Program Files\Aug2009_d3dx10_42_x86.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 0136301 _____ () C:\Program Files\Aug2009_d3dx11_42_x64.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 0105044 _____ () C:\Program Files\Aug2009_d3dx11_42_x86.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 0930116 _____ () C:\Program Files\Aug2009_d3dx9_42_x64.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 0728456 _____ () C:\Program Files\Aug2009_d3dx9_42_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0122408 _____ () C:\Program Files\Aug2009_XACT_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0093106 _____ () C:\Program Files\Aug2009_XACT_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0273264 _____ () C:\Program Files\Aug2009_XAudio_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0272642 _____ () C:\Program Files\Aug2009_XAudio_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 1357976 _____ () C:\Program Files\Dec2005_d3dx9_28_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 1079456 _____ () C:\Program Files\Dec2005_d3dx9_28_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0212807 _____ () C:\Program Files\DEC2006_d3dx10_00_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0191720 _____ () C:\Program Files\DEC2006_d3dx10_00_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 1571154 _____ () C:\Program Files\DEC2006_d3dx9_32_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 1574376 _____ () C:\Program Files\DEC2006_d3dx9_32_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0192475 _____ () C:\Program Files\DEC2006_XACT_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0145599 _____ () C:\Program Files\DEC2006_XACT_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0089944 _____ (Microsoft Corporation) C:\Program Files\DSETUP.dll
2010-06-02 05:22 - 2010-06-02 05:22 - 1801048 _____ () C:\Program Files\dsetup32.dll
2010-06-02 05:22 - 2010-06-02 05:22 - 0042410 _____ () C:\Program Files\dxdllreg_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0537432 _____ () C:\Program Files\DXSETUP.exe
2010-06-02 05:22 - 2010-06-02 05:22 - 0094011 _____ () C:\Program Files\dxupdate.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 1247499 _____ () C:\Program Files\Feb2005_d3dx9_24_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 1013225 _____ () C:\Program Files\Feb2005_d3dx9_24_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 1362796 _____ () C:\Program Files\Feb2006_d3dx9_29_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 1084720 _____ () C:\Program Files\Feb2006_d3dx9_29_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0178359 _____ () C:\Program Files\Feb2006_XACT_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0132409 _____ () C:\Program Files\Feb2006_XACT_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0194675 _____ () C:\Program Files\FEB2007_XACT_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0147983 _____ () C:\Program Files\FEB2007_XACT_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0054678 _____ () C:\Program Files\Feb2010_X3DAudio_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0020713 _____ () C:\Program Files\Feb2010_X3DAudio_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0122446 _____ () C:\Program Files\Feb2010_XACT_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0093180 _____ () C:\Program Files\Feb2010_XACT_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0276960 _____ () C:\Program Files\Feb2010_XAudio_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0277191 _____ () C:\Program Files\Feb2010_XAudio_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 1336002 _____ () C:\Program Files\Jun2005_d3dx9_26_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 1064925 _____ () C:\Program Files\Jun2005_d3dx9_26_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0180785 _____ () C:\Program Files\JUN2006_XACT_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0133671 _____ () C:\Program Files\JUN2006_XACT_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0699044 _____ () C:\Program Files\JUN2007_d3dx10_34_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0698472 _____ () C:\Program Files\JUN2007_d3dx10_34_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 1607774 _____ () C:\Program Files\JUN2007_d3dx9_34_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 1607286 _____ () C:\Program Files\JUN2007_d3dx9_34_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0197122 _____ () C:\Program Files\JUN2007_XACT_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0152909 _____ () C:\Program Files\JUN2007_XACT_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0867828 _____ () C:\Program Files\JUN2008_d3dx10_38_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0849919 _____ () C:\Program Files\JUN2008_d3dx10_38_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 1792608 _____ () C:\Program Files\JUN2008_d3dx9_38_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 1463878 _____ () C:\Program Files\JUN2008_d3dx9_38_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0055154 _____ () C:\Program Files\JUN2008_X3DAudio_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0021905 _____ () C:\Program Files\JUN2008_X3DAudio_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0121054 _____ () C:\Program Files\JUN2008_XACT_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0093128 _____ () C:\Program Files\JUN2008_XACT_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0269628 _____ () C:\Program Files\JUN2008_XAudio_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0269024 _____ () C:\Program Files\JUN2008_XAudio_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0944460 _____ () C:\Program Files\Jun2010_D3DCompiler_43_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0931471 _____ () C:\Program Files\Jun2010_D3DCompiler_43_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0752783 _____ () C:\Program Files\Jun2010_d3dcsx_43_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0762188 _____ () C:\Program Files\Jun2010_d3dcsx_43_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0235955 _____ () C:\Program Files\Jun2010_d3dx10_43_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0197283 _____ () C:\Program Files\Jun2010_d3dx10_43_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0138205 _____ () C:\Program Files\Jun2010_d3dx11_43_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0109445 _____ () C:\Program Files\Jun2010_d3dx11_43_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0937246 _____ () C:\Program Files\Jun2010_d3dx9_43_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0768036 _____ () C:\Program Files\Jun2010_d3dx9_43_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0124596 _____ () C:\Program Files\Jun2010_XACT_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0093686 _____ () C:\Program Files\Jun2010_XACT_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0277338 _____ () C:\Program Files\Jun2010_XAudio_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0278060 _____ () C:\Program Files\Jun2010_XAudio_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0844884 _____ () C:\Program Files\Mar2008_d3dx10_37_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0818260 _____ () C:\Program Files\Mar2008_d3dx10_37_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 1769862 _____ () C:\Program Files\Mar2008_d3dx9_37_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 1443282 _____ () C:\Program Files\Mar2008_d3dx9_37_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0055058 _____ () C:\Program Files\Mar2008_X3DAudio_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0021867 _____ () C:\Program Files\Mar2008_X3DAudio_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0122336 _____ () C:\Program Files\Mar2008_XACT_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0093734 _____ () C:\Program Files\Mar2008_XACT_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0251194 _____ () C:\Program Files\Mar2008_XAudio_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0226250 _____ () C:\Program Files\Mar2008_XAudio_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 1067160 _____ () C:\Program Files\Mar2009_d3dx10_41_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 1040745 _____ () C:\Program Files\Mar2009_d3dx10_41_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 1973702 _____ () C:\Program Files\Mar2009_d3dx9_41_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 1612446 _____ () C:\Program Files\Mar2009_d3dx9_41_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0054600 _____ () C:\Program Files\Mar2009_X3DAudio_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0021298 _____ () C:\Program Files\Mar2009_X3DAudio_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0121506 _____ () C:\Program Files\Mar2009_XACT_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0092740 _____ () C:\Program Files\Mar2009_XACT_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0275044 _____ () C:\Program Files\Mar2009_XAudio_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0273018 _____ () C:\Program Files\Mar2009_XAudio_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0864600 _____ () C:\Program Files\Nov2007_d3dx10_36_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0803884 _____ () C:\Program Files\Nov2007_d3dx10_36_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 1802058 _____ () C:\Program Files\Nov2007_d3dx9_36_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 1709360 _____ () C:\Program Files\Nov2007_d3dx9_36_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0046144 _____ () C:\Program Files\NOV2007_X3DAudio_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0018496 _____ () C:\Program Files\NOV2007_X3DAudio_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0196762 _____ () C:\Program Files\NOV2007_XACT_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0148264 _____ () C:\Program Files\NOV2007_XACT_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0994154 _____ () C:\Program Files\Nov2008_d3dx10_40_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0965421 _____ () C:\Program Files\Nov2008_d3dx10_40_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 1906878 _____ () C:\Program Files\Nov2008_d3dx9_40_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 1550796 _____ () C:\Program Files\Nov2008_d3dx9_40_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0054522 _____ () C:\Program Files\Nov2008_X3DAudio_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0021851 _____ () C:\Program Files\Nov2008_X3DAudio_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0121794 _____ () C:\Program Files\Nov2008_XACT_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0092684 _____ () C:\Program Files\Nov2008_XACT_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0273960 _____ () C:\Program Files\Nov2008_XAudio_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0272611 _____ () C:\Program Files\Nov2008_XAudio_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0086037 _____ () C:\Program Files\Oct2005_xinput_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0045359 _____ () C:\Program Files\Oct2005_xinput_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 1412902 _____ () C:\Program Files\OCT2006_d3dx9_31_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 1127217 _____ () C:\Program Files\OCT2006_d3dx9_31_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0182361 _____ () C:\Program Files\OCT2006_XACT_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0138017 _____ () C:\Program Files\OCT2006_XACT_x86.cab
2017-02-14 17:18 - 2017-02-14 17:18 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

Einige Dateien in TEMP:
====================
2016-10-13 09:18 - 2016-10-13 09:18 - 171330228 _____ () C:\Users\Baby\AppData\Local\Temp\OpenOffice_4.1.3_Win_x86_install_de.exe

==================== Bamital & volsnap ======================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert

LastRegBack: 2017-03-02 17:04

==================== Ende von FRST.txt ============================
Addition:

Code:
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 04-03-2017
durchgeführt von Baby (04-03-2017 19:29:15)
Gestartet von C:\Users\Baby\Desktop
Windows 10 Home Version 1607 (X64) (2017-02-14 16:42:20)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-217730058-1440262021-2186221569-500 - Administrator - Disabled)
Baby (S-1-5-21-217730058-1440262021-2186221569-1001 - Administrator - Enabled) => C:\Users\Baby
DefaultAccount (S-1-5-21-217730058-1440262021-2186221569-503 - Limited - Disabled)
Gast (S-1-5-21-217730058-1440262021-2186221569-501 - Limited - Disabled)

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Kaspersky Total Security (Disabled - Up to date) {86367591-4BE4-AE08-2FD9-7FCB8259CD98}
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Kaspersky Total Security (Disabled - Up to date) {3D579475-6DDE-A186-1569-44B9F9DE8725}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky Total Security (Disabled) {BE0DF4B4-018B-AF50-0486-D6FE7C8A8AE3}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

Benutzerhandbücher (x32 Version: 6.0.0.0 - Lenovo) Hidden
Big Fish: Game Manager (HKLM-x32\...\BFGC) (Version: 3.3.0.2 - )
Delicious - Emily's Christmas Carol Deluxe (HKLM-x32\...\59221808f4c2c0c992944c696bd81176) (Version:  - Zylom)
Dolby Digital Plus (HKLM\...\{D2CD7DCF-D129-4A54-8543-38BECC6CFDAE}) (Version: 7.6.7.1 - Dolby Laboratories Inc)
ElsterFormular (HKLM-x32\...\ElsterFormular) (Version: 18.1.22140 - Landesfinanzdirektion Thüringen)
Genesys USB Mass Storage Device (HKLM-x32\...\{959B7F35-2819-40C5-A0CD-3C53B5FCC935}) (Version: 4.5.0.4.1001 - Genesys Logic)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.0.1158 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.15.4271 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 14.6.0.1029 - Intel Corporation)
Intel(R) Serial IO (HKLM\...\{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}) (Version: 1.1.253.0 - Intel Corporation)
Intel(R) Wireless Bluetooth(R) (HKLM-x32\...\{FD46588A-DB19-4C43-B657-EA898E280812}) (Version: 17.1.1524.1353 - Intel Corporation)
Intel® Chipsatz-Gerätesoftware (x32 Version: 10.1.1.8 - Intel(R) Corporation) Hidden
Intel® PROSet/Wireless Software (HKLM-x32\...\{4c8b7360-62a2-4339-b745-41323055d0bb}) (Version: 18.20.0 - Intel Corporation)
Intel® Security Assist (HKLM-x32\...\{4B230374-6475-4A73-BA6E-41015E9C5013}) (Version: 1.0.0.532 - Intel Corporation)
Kaspersky Secure Connection (HKLM-x32\...\InstallWIX_{1CF84962-50F8-48CA-9082-B70F3A02C686}) (Version: 17.0.0.611 - Kaspersky Lab)
Kaspersky Secure Connection (x32 Version: 17.0.0.611 - Kaspersky Lab) Hidden
Kaspersky Total Security (HKLM-x32\...\InstallWIX_{E27B1D7B-3B34-43A2-9FC0-9828D5DF46E2}) (Version: 17.0.0.611 - Kaspersky Lab)
Kaspersky Total Security (x32 Version: 17.0.0.611 - Kaspersky Lab) Hidden
Lenovo EasyCamera (HKLM-x32\...\{E399A5B3-ED53-4DEA-AF04-8011E1EB1EAC}) (Version: 6.3.9600.11103 - Realtek Semiconductor Corp.)
Lenovo OneKey Recovery (HKLM-x32\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 8.1.0.4706 - CyberLink Corp.)
Lenovo OneKey Recovery (Version: 8.1.0.4706 - CyberLink Corp.) Hidden
Lenovo pointing device (HKLM\...\Elantech) (Version: 11.4.78.5 - ELAN Microelectronic Corp.)
Lenovo Product Demo (HKLM-x32\...\{8EA60981-2735-458E-9F11-1E8813B278EA}) (Version: 2.0.5 - Lenovo)
Lenovo QuickOptimizer (HKLM\...\{8D2C871B-1B9F-45AC-9C43-2BB18089CDFA}) (Version: 1.0.019.00 - Lenovo)
Lenovo System Interface Foundation (HKLM\...\{C2E5CA37-C862-4A69-AC6D-24F450A20C16}) (Version: 1.0.070.04 - Lenovo)
LenovoUtility (HKLM-x32\...\InstallShield_{6ADA7E88-8D16-4D0D-BC90-2B93AC5E56DA}) (Version: 3.0.0.4 - Lenovo)
LenovoUtility (x32 Version: 3.0.0.4 - Lenovo) Hidden
Malwarebytes Version 3.0.6.1469 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.0.6.1469 - Malwarebytes)
Metric Collection SDK 35 (x32 Version: 1.2.0010.00 - Lenovo Group Limited) Hidden
Microsoft Office 365 - de-de (HKLM\...\O365HomePremRetail - de-de) (Version: 16.0.7766.2060 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-217730058-1440262021-2186221569-1001\...\OneDriveSetup.exe) (Version: 17.3.6798.0207 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50901.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Mozilla Firefox 51.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 51.0.1 (x86 de)) (Version: 51.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 51.0.1 - Mozilla)
Office 16 Click-to-Run Extensibility Component (x32 Version: 16.0.7766.2047 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (Version: 16.0.7766.2047 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (Version: 16.0.7766.2047 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (x32 Version: 16.0.7668.2066 - Microsoft Corporation) Hidden
Online Games Manager v1.50 (HKLM-x32\...\Online Games Manager) (Version: 1.50.4 - Real Networks, Inc.)
OpenOffice 4.1.3 (HKLM-x32\...\{8D5FCC56-BB9F-4122-923C-71753F50F6F5}) (Version: 4.13.9783 - Apache Software Foundation)
OpenOffice Updater (HKU\S-1-5-21-217730058-1440262021-2186221569-1001\...\OpenOffice Updater) (Version: 1.1.10 - OpenOffice)
REACHit (HKLM-x32\...\{4532E4C5-C84D-4040-A044-ECFCC5C6995B}) (Version: 2.1.0.11 - Lenovo)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.1.505.2015 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7606 - Realtek Semiconductor Corp.)
SHAREit (HKLM-x32\...\SHAREit_is1) (Version: 2.5.5.1 - Lenovo)
Sweet Home 3D version 5.4 (HKLM\...\Sweet Home 3D_is1) (Version: 5.4 - eTeks)
User Manuals (HKLM-x32\...\InstallShield_{7042D952-EE42-4C09-A23D-E7AE4D047007}) (Version: 6.0.0.0 - Lenovo)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-217730058-1440262021-2186221569-1001_Classes\CLSID\{cece6816-6107-4dc7-bdbc-20cd5ae1ffed}\localserver32 -> C:\ProgramData\Lenovo\ImController\Plugins\LenovoAppPromotionPlugin\x64\DesktopToastsHelper.exe (Lenovo Group Limited)

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {2A879CB0-6358-47FF-849D-92BA7DDC3DFB} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\1651d3e1-b901-4df7-bd34-79b69918d1f8 => powershell.exe -nologo -noninteractive "&amp; {New-Item -Path Registry::HKCU\Software\Lenovo\ImController\ScheduledTasks\1651d3e1-b901-4df7-bd34-79b69918d1f8 -type directory -force;$conter=Get-Date;$conter=$conter.ToUniversalTime();Set-ItemProperty -Path Registry::HKCU\Software\Lenovo\ImController\ScheduledTasks\1 (Der Dateneintrag hat 73 mehr Zeichen).
Task: {50090DAC-A4B1-4E45-8EED-9DDEA06F6FFE} - System32\Tasks\Lenovo\REACHit Agent Update => C:\Program Files (x86)\Lenovo\REACHit\webAgent.exe [2015-06-12] (Lenovo)
Task: {6206EF9F-F623-43E0-A461-F6E596A6EF36} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 35 => C:\Program Files (x86)\Lenovo\Customer Feedback Program 35\Lenovo.TVT.CustomerFeedback.Agent35.exe [2015-07-06] (Lenovo)
Task: {7418AF06-A5FA-400A-ACF3-296CEADA1260} - System32\Tasks\Lenovo\REACHit Agent Startup => C:\Program Files (x86)\Lenovo\REACHit\webAgent.exe [2015-06-12] (Lenovo)
Task: {7B3ADA49-45AC-411E-87DF-BEEC6F7BCFB0} - System32\Tasks\Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_WeeklyTask => reg.exe add hklm\SOFTWARE\Lenovo\SystemUpdatePlugin\scheduler  /v start /t reg_dword /d 1 /f /reg:32
Task: {87D481CA-9DE5-424B-8D12-BFC9C36EA954} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2017-02-18] (Microsoft Corporation)
Task: {CDAD8E01-DABA-40EF-878E-C336F86847B6} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance => Sc.exe START ImControllerService
Task: {FEBEB2EB-4782-4D76-AEA5-E8ABEC34F572} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2017-02-18] (Microsoft Corporation)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)


==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2016-07-16 12:42 - 2016-07-16 12:42 - 00231424 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2017-02-15 18:32 - 2016-12-09 11:29 - 02681200 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2015-05-19 08:11 - 2015-05-19 08:11 - 00007680 _____ () C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe
2016-10-19 00:42 - 2015-08-19 03:59 - 00058296 _____ () C:\ProgramData\LenovoTransition\Server\x64\dptf.dll
2017-02-15 18:32 - 2016-12-09 11:29 - 02681200 _____ () C:\WINDOWS\SYSTEM32\CoreUIComponents.dll
2017-02-15 18:29 - 2016-12-21 07:54 - 09760768 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2017-02-15 18:29 - 2016-12-21 07:48 - 01401856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2017-02-15 18:29 - 2016-12-21 07:48 - 00757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll
2017-02-15 18:29 - 2016-12-21 07:48 - 01033216 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Actions.dll
2017-02-15 18:29 - 2016-12-21 07:48 - 02424320 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2017-02-15 18:29 - 2016-12-21 07:53 - 04853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2017-02-23 21:24 - 2017-02-23 21:26 - 00073728 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.11.110.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2017-02-23 21:24 - 2017-02-23 21:26 - 00179712 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.11.110.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2017-02-23 21:24 - 2017-02-24 15:40 - 42895360 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.11.110.0_x64__kzf8qxf38zg5c\SkyWrap.dll
2017-02-14 18:17 - 2017-02-14 18:18 - 02215424 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.11.110.0_x64__kzf8qxf38zg5c\roottools.dll
2016-11-20 22:06 - 2016-11-20 22:06 - 00134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll
2017-02-15 18:30 - 2016-12-21 08:09 - 00474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll
2015-07-10 22:37 - 2015-07-10 22:37 - 01243936 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)


==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2015-10-30 08:24 - 2015-10-30 08:21 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-217730058-1440262021-2186221569-1001\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\theme1\img1.jpg
DNS Servers: 192.168.2.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==


==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Wiederherstellungspunkte =========================

04-03-2017 19:24:14 JRT Pre-Junkware Removal

==================== Fehlerhafte Geräte im Gerätemanager =============


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (03/04/2017 07:24:46 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: MicrosoftEdge.exe, Version: 11.0.14393.693, Zeitstempel: 0x585a26c4
Name des fehlerhaften Moduls: CoreUIComponents.dll, Version: 0.0.0.0, Zeitstempel: 0x584a72ab
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0000000000072fda
ID des fehlerhaften Prozesses: 0x2690
Startzeit der fehlerhaften Anwendung: 0x01d29513d147af5c
Pfad der fehlerhaften Anwendung: C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
Pfad des fehlerhaften Moduls: C:\WINDOWS\system32\CoreUIComponents.dll
Berichtskennung: 1b0c80d6-4929-46ee-b700-127ac595b4aa
Vollständiger Name des fehlerhaften Pakets: Microsoft.MicrosoftEdge_38.14393.0.0_neutral__8wekyb3d8bbwe
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: MicrosoftEdge

Error: (03/04/2017 07:24:26 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".

Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.

System Error:
Zugriff verweigert
.

Error: (03/04/2017 07:22:35 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: microsoftedgecp.exe, Version: 11.0.14393.82, Zeitstempel: 0x57a55786
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000604
Fehleroffset: 0x0000000000000000
ID des fehlerhaften Prozesses: 0x28f8
Startzeit der fehlerhaften Anwendung: 0x01d29513d2e1adea
Pfad der fehlerhaften Anwendung: C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\microsoftedgecp.exe
Pfad des fehlerhaften Moduls: unknown
Berichtskennung: 49dbb91c-76cb-4dea-b810-85101df8b493
Vollständiger Name des fehlerhaften Pakets: Microsoft.MicrosoftEdge_38.14393.0.0_neutral__8wekyb3d8bbwe
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: MicrosoftEdge

Error: (03/04/2017 07:22:09 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: microsoftedgecp.exe, Version: 11.0.14393.82, Zeitstempel: 0x57a55786
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000604
Fehleroffset: 0x0000000000000000
ID des fehlerhaften Prozesses: 0x28f8
Startzeit der fehlerhaften Anwendung: 0x01d29513d2e1adea
Pfad der fehlerhaften Anwendung: C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\microsoftedgecp.exe
Pfad des fehlerhaften Moduls: unknown
Berichtskennung: 2f01d584-ce37-4689-b5ea-72f4c05f1dff
Vollständiger Name des fehlerhaften Pakets: Microsoft.MicrosoftEdge_38.14393.0.0_neutral__8wekyb3d8bbwe
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: MicrosoftEdge

Error: (03/04/2017 07:02:01 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: MicrosoftEdge.exe, Version: 11.0.14393.693, Zeitstempel: 0x585a26c4
Name des fehlerhaften Moduls: Windows.UI.Xaml.dll, Version: 10.0.14393.594, Zeitstempel: 0x5850ccd3
Ausnahmecode: 0xc000027b
Fehleroffset: 0x00000000006d682b
ID des fehlerhaften Prozesses: 0x1b00
Startzeit der fehlerhaften Anwendung: 0x01d2951111e8f056
Pfad der fehlerhaften Anwendung: C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
Pfad des fehlerhaften Moduls: C:\Windows\System32\Windows.UI.Xaml.dll
Berichtskennung: 2a4af1ed-50d0-40ba-a5b2-3877cb973448
Vollständiger Name des fehlerhaften Pakets: Microsoft.MicrosoftEdge_38.14393.0.0_neutral__8wekyb3d8bbwe
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: MicrosoftEdge

Error: (03/04/2017 07:00:49 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: SkypeHost.exe, Version: 11.11.110.0, Zeitstempel: 0x58a63eb4
Name des fehlerhaften Moduls: ntdll.dll, Version: 10.0.14393.479, Zeitstempel: 0x5825887f
Ausnahmecode: 0xc0000008
Fehleroffset: 0x00000000000a9d2a
ID des fehlerhaften Prozesses: 0x918
Startzeit der fehlerhaften Anwendung: 0x01d2951105a5de72
Pfad der fehlerhaften Anwendung: C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.11.110.0_x64__kzf8qxf38zg5c\SkypeHost.exe
Pfad des fehlerhaften Moduls: C:\WINDOWS\SYSTEM32\ntdll.dll
Berichtskennung: 695df0f0-f710-492a-a543-3f93e5af1041
Vollständiger Name des fehlerhaften Pakets: Microsoft.SkypeApp_11.11.110.0_x64__kzf8qxf38zg5c
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: ppleae38af2e007f4358a809ac99a64a67c1

Error: (03/04/2017 06:59:07 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: SkypeHost.exe, Version: 11.11.110.0, Zeitstempel: 0x58a63eb4
Name des fehlerhaften Moduls: ntdll.dll, Version: 10.0.14393.479, Zeitstempel: 0x5825887f
Ausnahmecode: 0xc0000008
Fehleroffset: 0x00000000000a9d2a
ID des fehlerhaften Prozesses: 0x15ec
Startzeit der fehlerhaften Anwendung: 0x01d29510ffab3617
Pfad der fehlerhaften Anwendung: C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.11.110.0_x64__kzf8qxf38zg5c\SkypeHost.exe
Pfad des fehlerhaften Moduls: C:\WINDOWS\SYSTEM32\ntdll.dll
Berichtskennung: 6ed4707a-be63-428a-a983-e54a2471d8fe
Vollständiger Name des fehlerhaften Pakets: Microsoft.SkypeApp_11.11.110.0_x64__kzf8qxf38zg5c
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: ppleae38af2e007f4358a809ac99a64a67c1

Error: (03/04/2017 06:53:09 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: SkypeHost.exe, Version: 11.11.110.0, Zeitstempel: 0x58a63eb4
Name des fehlerhaften Moduls: ntdll.dll, Version: 10.0.14393.479, Zeitstempel: 0x5825887f
Ausnahmecode: 0xc0000008
Fehleroffset: 0x00000000000a9d2a
ID des fehlerhaften Prozesses: 0x22c0
Startzeit der fehlerhaften Anwendung: 0x01d2951029ea6d81
Pfad der fehlerhaften Anwendung: C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.11.110.0_x64__kzf8qxf38zg5c\SkypeHost.exe
Pfad des fehlerhaften Moduls: C:\WINDOWS\SYSTEM32\ntdll.dll
Berichtskennung: de164e89-2b8c-43dc-abc7-d2587f4f78e8
Vollständiger Name des fehlerhaften Pakets: Microsoft.SkypeApp_11.11.110.0_x64__kzf8qxf38zg5c
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: ppleae38af2e007f4358a809ac99a64a67c1

Error: (03/04/2017 03:21:01 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: SkypeHost.exe, Version: 11.11.110.0, Zeitstempel: 0x58a63eb4
Name des fehlerhaften Moduls: ntdll.dll, Version: 10.0.14393.479, Zeitstempel: 0x5825887f
Ausnahmecode: 0xc0000008
Fehleroffset: 0x00000000000a9d2a
ID des fehlerhaften Prozesses: 0x1884
Startzeit der fehlerhaften Anwendung: 0x01d294f28ca884dd
Pfad der fehlerhaften Anwendung: C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.11.110.0_x64__kzf8qxf38zg5c\SkypeHost.exe
Pfad des fehlerhaften Moduls: C:\WINDOWS\SYSTEM32\ntdll.dll
Berichtskennung: e6800b0b-146c-4cb3-9853-942188987757
Vollständiger Name des fehlerhaften Pakets: Microsoft.SkypeApp_11.11.110.0_x64__kzf8qxf38zg5c
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: ppleae38af2e007f4358a809ac99a64a67c1

Error: (03/04/2017 12:05:36 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: SkypeHost.exe, Version: 11.11.110.0, Zeitstempel: 0x58a63eb4
Name des fehlerhaften Moduls: ntdll.dll, Version: 10.0.14393.479, Zeitstempel: 0x5825887f
Ausnahmecode: 0xc0000008
Fehleroffset: 0x00000000000a9d2a
ID des fehlerhaften Prozesses: 0x37ac
Startzeit der fehlerhaften Anwendung: 0x01d294d501351e69
Pfad der fehlerhaften Anwendung: C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.11.110.0_x64__kzf8qxf38zg5c\SkypeHost.exe
Pfad des fehlerhaften Moduls: C:\WINDOWS\SYSTEM32\ntdll.dll
Berichtskennung: eb1f7214-e496-449b-8fcf-184a7e9eaa76
Vollständiger Name des fehlerhaften Pakets: Microsoft.SkypeApp_11.11.110.0_x64__kzf8qxf38zg5c
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: ppleae38af2e007f4358a809ac99a64a67c1


Systemfehler:
=============
Error: (03/04/2017 07:19:07 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "McAfee CSP Service" wurde aufgrund folgenden Fehlers nicht gestartet:
Der Dienst antwortete nicht rechtzeitig auf die Start- oder Steuerungsanforderung.

Error: (03/04/2017 07:19:07 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst McAfee CSP Service erreicht.

Error: (03/04/2017 07:17:19 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
 und der APPID
{F72671A9-012C-4725-9D2F-2A4D32D65169}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (03/04/2017 07:10:40 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-A10S929)
Description: Der Server "{0002DF02-0000-0000-C000-000000000046}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.

Error: (03/04/2017 07:10:40 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 und der APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (03/04/2017 07:01:56 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 und der APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (03/04/2017 07:00:47 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "McAfee CSP Service" wurde aufgrund folgenden Fehlers nicht gestartet:
Der Dienst antwortete nicht rechtzeitig auf die Start- oder Steuerungsanforderung.

Error: (03/04/2017 07:00:47 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst McAfee CSP Service erreicht.

Error: (03/04/2017 06:58:47 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
 und der APPID
{F72671A9-012C-4725-9D2F-2A4D32D65169}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (03/04/2017 06:58:12 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT-AUTORITÄT)
Description: Das WLAN-Erweiterungsmodul wurde unerwartet beendet.

Modulpfad: C:\WINDOWS\System32\IWMSSvc.dll


CodeIntegrity:
===================================
  Date: 2017-03-04 19:07:31.175
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.

  Date: 2017-03-04 19:07:31.164
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.

  Date: 2017-03-04 19:07:31.153
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.


==================== Speicherinformationen ===========================

Prozessor: Intel(R) Core(TM) i7-5500U CPU @ 2.40GHz
Prozentuale Nutzung des RAM: 28%
Installierter physikalischer RAM: 8097.92 MB
Verfügbarer physikalischer RAM: 5800.89 MB
Summe virtueller Speicher: 9377.92 MB
Verfügbarer virtueller Speicher: 7132.47 MB

==================== Laufwerke ================================

Drive c: (Windows) (Fixed) (Total:426.12 GB) (Free:392.44 GB) NTFS
Drive d: (LENOVO) (Fixed) (Total:25 GB) (Free:21.6 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 286089BB)

Partition: GPT.

==================== Ende von Addition.txt ============================

M-K-D-B 04.03.2017 20:55
Servus,


wir kontrollieren nochmal alles. :)



Hinweis: Der Suchlauf mit ESET kann länger dauern.



Schritt 1
Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument


Code:
start
CloseProcesses:
RemoveProxy:
CMD: ipconfig /flushdns
CMD: netsh winsock reset
EmptyTemp:
end

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
  • Starte nun FRST erneut und klicke den Entfernen Button.
  • Das Tool erstellt eine Fixlog.txt.
  • Poste mir deren Inhalt.







Schritt 2

ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset







Schritt 3
Downloade dir die passende Version von HitmanPro auf deinen Desktop: HitmanPro - 32 Bit | HitmanPro - 64 Bit.
  • Starte die HitmanPro.exe
  • Klicke auf
  • Entferne den Haken bei
  • Klicke auf
    und
  • Akzeptiere die Lizenzbedingungen und klicke auf
  • Klicke auf

    und auf
  • Wenn der Scan beendet wurde, nichts löschen lassen etc. sondern wähle unten links auf der Button-Leiste
    und speichere die Logdatei auf Deinem Desktop.
  • Schließe HitmanPro und poste mir das Log.

 







Schritt 4
  • Starte die FRST.exe erneut. Setze einen Haken vor Addition.txt und drücke auf Untersuchen.
  • FRST erstellt wieder zwei Logdateien (FRST.txt und Addition.txt).
  • Poste mir beide Logdateien mit deiner nächsten Antwort.





http://www.trojaner-board.de/extra/lesestoff.pngGibt es jetzt noch Probleme mit dem PC? Wenn ja, welche?







Bitte poste mit deiner nächsten Antwort
  • die Logdatei des FRST-Fix,
  • die Logdatei von ESET,
  • die Logdatei von HitmanPro,
  • die beiden neuen Logdateien von FRST,
  • die Beantwortung der gestellten Fragen.

Reen96 04.03.2017 21:29
FRST-Fix:

Code:
Entferungsergebnis von Farbar Recovery Scan Tool (x64) Version: 04-03-2017
durchgeführt von Baby (04-03-2017 21:25:20) Run:1
Gestartet von C:\Users\Baby\Desktop
Geladene Profile: Baby (Verfügbare Profile: Baby)
Start-Modus: Normal
==============================================

fixlist Inhalt:
*****************
start
CloseProcesses:
RemoveProxy:
CMD: ipconfig /flushdns
CMD: netsh winsock reset
EmptyTemp:
end
     
*****************

Prozesse erfolgreich geschlossen.

========= RemoveProxy: =========

HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => Wert erfolgreich entfernt
HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => Wert erfolgreich entfernt
HKU\S-1-5-21-217730058-1440262021-2186221569-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => Wert erfolgreich entfernt
HKU\S-1-5-21-217730058-1440262021-2186221569-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => Wert erfolgreich entfernt


========= Ende von RemoveProxy: =========


========= ipconfig /flushdns =========


Windows-IP-Konfiguration

Der DNS-Aufl”sungscache wurde geleert.

========= Ende von CMD: =========


========= netsh winsock reset =========


Der Winsock-Katalog wurde zurckgesetzt.
Sie mssen den Computer neu starten, um den Vorgang abzuschlieáen.


========= Ende von CMD: =========


=========== EmptyTemp: ==========

BITS transfer queue => 308208 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 36895244 B
Java, Flash, Steam htmlcache => 9891 B
Windows/system/drivers => 8766872 B
Edge => 136824778 B
Chrome => 0 B
Firefox => 243690857 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 128 B
systemprofile32 => 0 B
LocalService => 35116 B
NetworkService => 5010 B
Baby => 227081452 B

RecycleBin => 0 B
EmptyTemp: => 623.3 MB temporäre Dateien entfernt.

================================


Das System musste neu gestartet werden.

==== Ende von Fixlog 21:26:11 ====

M-K-D-B 04.03.2017 21:57
Gut gemacht. :)


Fehlen noch die anderen Schritte.

Reen96 04.03.2017 23:32
Puuh das hat lang gedauert.
ESET:

Code:
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=c3807102aa2fde41abf02daa492d7dd6
# end=init
# utc_time=2017-03-04 08:31:21
# local_time=2017-03-04 09:31:21 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# osver=6.2.9200 NT
Update Init
Update Download
Update Finalize
Updated modules version: 32605
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=c3807102aa2fde41abf02daa492d7dd6
# end=updated
# utc_time=2017-03-04 08:35:48
# local_time=2017-03-04 09:35:48 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# osver=6.2.9200 NT
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7777
# api_version=3.1.1
# EOSSerial=c3807102aa2fde41abf02daa492d7dd6
# engine=32605
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2017-03-04 09:58:57
# local_time=2017-03-04 10:58:57 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1031
# osver=6.2.9200 NT
# compatibility_mode_1='Kaspersky Internet Security'
# compatibility_mode=1313 16777213 100 100 9024 21595271 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776574 100 94 8991324 19995353 0 0
# scanned=194120
# found=2
# cleaned=0
# scan_time=4988
sh=CBA164396109D0C0152BB410D3D226EB6497B9E3 ft=1 fh=b92ce7fb072d4e1e vn="Variante von Win32/DownloadSponsor.C eventuell unerwünschte Anwendung" ac=I fn="C:\Users\Baby\Downloads\DirectX - CHIP-Installer.exe"
sh=7AB111CF04A7CE1C3882528F73892CA6AC22C69D ft=1 fh=4b3a8c536f5793f0 vn="Variante von Win32/DownloadSponsor.C eventuell unerwünschte Anwendung" ac=I fn="C:\Users\Baby\Downloads\Kaspersky Internet Security 2017 - CHIP-Installer.exe"
HitmanPro:

Code:

       
Code:

       
HitmanPro 3.7.15.281
www.hitmanpro.com

   Computer name . . . . : DESKTOP-A10S929
   Windows . . . . . . . : 10.0.0.14393.X64/4
   User name . . . . . . : DESKTOP-A10S929\Baby
   UAC . . . . . . . . . : Enabled
   License . . . . . . . : Free

   Scan date . . . . . . : 2017-03-04 23:26:45
   Scan mode . . . . . . : Normal
   Scan duration . . . . : 5m 8s
   Disk access mode  . . : Direct disk access (SRB)
   Cloud . . . . . . . . : Internet
   Reboot  . . . . . . . : No

   Threats . . . . . . . : 2
   Traces  . . . . . . . : 4

   Objects scanned . . . : 1.657.030
   Files scanned . . . . : 20.874
   Remnants scanned  . . : 293.395 files / 1.342.761 keys

Malware _____________________________________________________________________

   C:\Users\Baby\Downloads\DirectX - CHIP-Installer.exe
      Size . . . . . . . : 1.496.584 bytes
      Age  . . . . . . . : 35.2 days (2017-01-28 17:42:31)
      Entropy  . . . . . : 7.1
      SHA-256  . . . . . : AACEC38E446FF7A8CDB9D0161535AD507DA264E919A20170D9AF5C68A1D3B334
      Needs elevation  . : Yes
      RSA Key Size . . . : 2048
      Authenticode . . . : Valid
    > Kaspersky  . . . . : not-a-virus:HEUR:Downloader.MSIL.DownloadSponsor.gen
      Fuzzy  . . . . . . : 103.0

   C:\Users\Baby\Downloads\Kaspersky Internet Security 2017 - CHIP-Installer.exe
      Size . . . . . . . : 1.496.584 bytes
      Age  . . . . . . . : 50.4 days (2017-01-13 15:01:37)
      Entropy  . . . . . : 7.1
      SHA-256  . . . . . : 0B3769AAA13DA64C5868F39865D528C175593A3683F955921B9D33B742EBF8C5
      Needs elevation  . : Yes
      RSA Key Size . . . : 2048
      Authenticode . . . : Valid
    > Kaspersky  . . . . : not-a-virus:Downloader.Win32.DownloadSponsor.pe
      Fuzzy  . . . . . . : 103.0


Suspicious files ____________________________________________________________

   C:\Users\Baby\Desktop\FRST-OlderVersion\FRST64.exe
      Size . . . . . . . : 2.423.808 bytes
      Age  . . . . . . . : 1.1 days (2017-03-03 21:55:16)
      Entropy  . . . . . : 7.6
      SHA-256  . . . . . : 60B968082A72AB85CF54E6FF5EE03588CD1F6CA566CC7CCDE96AA4F6080083CF
      Needs elevation  . : Yes
      Fuzzy  . . . . . . : 24.0
         Program has no publisher information but prompts the user for permission elevation.
         Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
         Authors name is missing in version info. This is not common to most programs.
         Version control is missing. This file is probably created by an individual. This is not typical for most programs.
         Time indicates that the file appeared recently on this computer.

   C:\Users\Baby\Desktop\FRST64.exe
      Size . . . . . . . : 2.423.296 bytes
      Age  . . . . . . . : 0.2 days (2017-03-04 19:27:17)
      Entropy  . . . . . : 7.6
      SHA-256  . . . . . : EB50DCC525D3D509738006F1BC09E5C38D2CBE4DD1C9F3DD53EB8CA3A0C4B117
      Needs elevation  . : Yes
      Fuzzy  . . . . . . : 24.0
         Program has no publisher information but prompts the user for permission elevation.
         Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
         Authors name is missing in version info. This is not common to most programs.
         Version control is missing. This file is probably created by an individual. This is not typical for most programs.
         Time indicates that the file appeared recently on this computer.
      Forensic Cluster
         -3.2s C:\ProgramData\Microsoft\Windows Defender\Scans\MetaStore\2\12\
         -3.2s C:\ProgramData\Microsoft\Windows Defender\Scans\MetaStore\2\12\E9CAC966A31067C0.dat
         -1.2s C:\Users\Baby\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\6AF4EE75E3A4ABA658C0087EB9A0BB5B_556BB0FF4D382D90E7703209690E089E
         -1.2s C:\Users\Baby\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\6AF4EE75E3A4ABA658C0087EB9A0BB5B_556BB0FF4D382D90E7703209690E089E
          0.0s C:\Users\Baby\Desktop\FRST64.exe

Reen96 04.03.2017 23:35
FRST:

Code:
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 04-03-2017
durchgeführt von Baby (Administrator) auf DESKTOP-A10S929 (04-03-2017 23:33:09)
Gestartet von C:\Users\Baby\Desktop
Geladene Profile: Baby (Verfügbare Profile: Baby)
Platform: Windows 10 Home Version 1607 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Edge)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\avp.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel Corporation) C:\Windows\System32\ibtsiva.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(RealNetworks, Inc.) C:\Program Files (x86)\Online Games Manager\ogmservice.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Intel Security, Inc.) C:\Program Files\Common Files\Intel Security\PEF\CORE\PEFService.exe
(Lenovo) C:\ProgramData\LenovoTransition\Server\x64\ymc.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(McAfee, Inc.) C:\Windows\System32\mfevtps.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\avpui.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
() C:\Windows\System32\igfxTray.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDIntelligent.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.11.110.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Lenovo Group Limited) C:\Program Files (x86)\Lenovo\ImController\PluginHost\Lenovo.Modern.ImController.PluginHost.SettingsApp.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
() C:\Program Files\Lenovo\LenovoUtility\utility.exe
(Dolby Laboratories Inc.) C:\Program Files\Dolby\DDP_F3\ddpf3.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
(Microsoft Corporation) C:\Windows\System32\browser_broker.exe
(Microsoft Corporation) C:\Windows\System32\InstallAgent.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Lenovo) C:\Program Files (x86)\Lenovo\CCSDK\CCSDK.exe
(Microsoft Corporation) C:\Windows\System32\Locator.exe
(Lenovo) C:\Program Files (x86)\Lenovo\GDCAgentSetupRed\GDCAgent.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 1.0\ksde.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 1.0\ksdeui.exe
(McAfee, Inc.) C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe
(Lenovo Group Limited) C:\Program Files\Lenovo\ImController\PluginHost\Lenovo.Modern.ImController.PluginHost.Device.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe
() C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1702.312.0_x64__8wekyb3d8bbwe\Calculator.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
() C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.214.10010.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe

==================== Registry (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [16405744 2015-09-09] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1408752 2015-09-09] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_LENOVO_DOLBYDRAGON] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1408752 2015-09-09] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_LENOVO_MICPKEY] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1408752 2015-09-09] (Realtek Semiconductor)
HKLM\...\Run: [LenovoUtility] => C:\Program Files\Lenovo\LenovoUtility\utility.exe [791848 2016-10-19] ()
HKLM\...\Run: [DDPF3] => c:\Program Files\Dolby\DDP_F3\ddpf3.exe [746496 2014-11-03] (Dolby Laboratories Inc.)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [322472 2015-07-27] (Intel Corporation)
HKLM\...\Run: [Malwarebytes TrayApp] => C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe [2780112 2017-01-20] (Malwarebytes)
HKU\S-1-5-21-217730058-1440262021-2186221569-1001\...\Run: [OpenOffice Updater] => C:\Users\Baby\AppData\Roaming\OpenOffice Updater\Updater.exe [388000 2017-01-17] ()

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{0e253416-4c93-4cba-b265-67ee91b4e78f}: [DhcpNameServer] 8.8.8.8 8.8.4.4
Tcpip\..\Interfaces\{4c9f59fe-49fd-4b3d-8862-7d471cf81274}: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{e9f11131-d610-4ed4-aa54-5218b37a9faa}: [DhcpNameServer] 172.168.137.2

Internet Explorer:
==================
HKU\S-1-5-21-217730058-1440262021-2186221569-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://lenovo15.msn.com/?pc=LCTE
HKU\S-1-5-21-217730058-1440262021-2186221569-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo15.msn.com/?pc=LCTE
SearchScopes: HKU\S-1-5-21-217730058-1440262021-2186221569-1001 -> DefaultScope {7AD69B7E-3FA6-4429-B5DF-34879D0D7903} URL =
BHO: Kaspersky Protection -> {2E38825B-8815-42CF-9126-C58BC28D4591} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\x64\IEExt\ie_plugin.dll [2017-01-13] (AO Kaspersky Lab)
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2017-01-29] (Microsoft Corporation)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2017-01-29] (Microsoft Corporation)
BHO-x32: Kaspersky Protection -> {2E38825B-8815-42CF-9126-C58BC28D4591} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\IEExt\ie_plugin.dll [2017-01-13] (AO Kaspersky Lab)
Toolbar: HKLM - Kaspersky Protection Toolbar - {093F479D-712E-46CD-9E06-62E734A05F68} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\x64\IEExt\ie_plugin.dll [2017-01-13] (AO Kaspersky Lab)
Toolbar: HKLM-x32 - Kaspersky Protection Toolbar - {093F479D-712E-46CD-9E06-62E734A05F68} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\IEExt\ie_plugin.dll [2017-01-13] (AO Kaspersky Lab)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-01-29] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-01-29] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-01-29] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2017-01-29] (Microsoft Corporation)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\PROGRA~2\mcafee\msc\mcsniepl.dll Keine Datei

Edge:
======
Edge HomeButtonPage: HKU\S-1-5-21-217730058-1440262021-2186221569-1001 -> hxxp://www.google.de/

FireFox:
========
FF ProfilePath: C:\Users\Baby\AppData\Roaming\Mozilla\Firefox\Profiles\nqqia258.default [2017-03-04]
FF Extension: (SHA-1 deprecation staged rollout) - C:\Users\Baby\AppData\Roaming\Mozilla\Firefox\Profiles\nqqia258.default\features\{205ac0c8-04b7-4934-a6da-4a58e36a3694}\disableSHA1rollout@mozilla.org.xpi [2017-02-19]
FF HKLM\...\Firefox\Extensions: [light_plugin_F6F079488B53499DB99380A7E11A93F6@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\FFExt\light_plugin_firefox\addon.xpi
FF Extension: (Kaspersky Protection) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\FFExt\light_plugin_firefox\addon.xpi [2017-01-13]
FF HKLM-x32\...\Firefox\Extensions: [light_plugin_F6F079488B53499DB99380A7E11A93F6@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\FFExt\light_plugin_firefox\addon.xpi
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK => nicht gefunden
FF Plugin: @mcafee.com/MSC,version=10 -> c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL [Keine Datei]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.68 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-04-21] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2015-04-21] (Intel Corporation)
FF Plugin-x32: @mcafee.com/MSC,version=10 -> c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL [Keine Datei]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50901.0\npctrl.dll [2016-08-31] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2017-01-29] (Microsoft Corporation)

Chrome:
=======
CHR HKLM\...\Chrome\Extension: [fhoibnponjcgjgcnfacekaijdbbplhib] - hxxps://chrome.google.com/webstore/detail/fhoibnponjcgjgcnfacekaijdbbplhib
CHR HKLM-x32\...\Chrome\Extension: [fhoibnponjcgjgcnfacekaijdbbplhib] - hxxps://chrome.google.com/webstore/detail/fhoibnponjcgjgcnfacekaijdbbplhib

==================== Dienste (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 AVP17.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\avp.exe [241544 2016-06-28] (AO Kaspersky Lab)
R2 CCSDK; C:\Program Files (x86)\Lenovo\CCSDK\CCSDK.exe [680288 2016-12-06] (Lenovo)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [3704520 2017-02-18] (Microsoft Corporation)
S3 ElfoService; C:\Program Files (x86)\ElsterFormular Update Service\bin\ElfoService.exe [1283376 2017-02-28] ()
R2 ETDService; C:\Program Files\Elantech\ETDService.exe [134888 2015-12-17] (ELAN Microelectronics Corp.)
R2 GDCAgent; C:\Program Files (x86)\Lenovo\GDCAgentSetupRed\GDCAgent.exe [1155512 2015-07-29] (Lenovo)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [18856 2015-07-27] (Intel Corporation)
R2 igfxCUIService2.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [350312 2015-08-16] (Intel Corporation)
R2 ImControllerService; C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [61768 2017-02-15] (Lenovo Group Limited)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [881152 2015-05-22] (Intel(R) Corporation)
R3 Intel(R) Security Assist; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe [335872 2015-05-19] (Intel Corporation) [Datei ist nicht signiert]
S2 isaHelperSvc; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe [7680 2015-05-19] () [Datei ist nicht signiert]
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [223520 2015-07-10] (Intel Corporation)
S3 klvssbrigde64; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\x64\vssbridge64.exe [77328 2016-06-28] (AO Kaspersky Lab)
R2 KSDE1.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 1.0\ksde.exe [241544 2016-06-28] (AO Kaspersky Lab)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [4355024 2017-01-20] (Malwarebytes)
S2 mccspsvc; C:\Program Files\Common Files\McAfee\CSP\1.9.829.0\\McCSPServiceHost.exe [1910000 2016-05-31] (McAfee, Inc.)
S3 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [232688 2016-04-26] (McAfee, Inc.)
R2 mfemms; C:\Program Files\Common Files\McAfee\SystemCore\\mfemms.exe [382456 2016-08-02] (McAfee, Inc.)
R2 mfevtp; C:\Windows\system32\mfevtps.exe [277744 2016-04-26] (McAfee, Inc.)
R2 ModuleCoreService; C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe [1454216 2016-09-13] (McAfee, Inc.)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [268192 2015-08-13] ()
R2 ogmservice; C:\Program Files (x86)\Online Games Manager\ogmservice.exe [582544 2016-07-13] (RealNetworks, Inc.)
R2 PEFService; C:\Program Files\Common Files\Intel Security\PEF\CORE\PEFService.exe [1045336 2016-05-25] (Intel Security, Inc.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347328 2016-07-16] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103720 2016-07-16] (Microsoft Corporation)
R2 ymc; C:\ProgramData\LenovoTransition\Server\x64\ymc.exe [38328 2015-12-02] (Lenovo)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3831712 2015-08-13] (Intel® Corporation)
R2 ibtsiva; %SystemRoot%\system32\ibtsiva [X]

===================== Treiber (Nicht auf der Ausnahmeliste) ======================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S3 cfwids; C:\WINDOWS\system32\drivers\cfwids.sys [78632 2016-08-02] (McAfee, Inc.)
R0 cm_km; C:\WINDOWS\System32\DRIVERS\cm_km.sys [238936 2016-06-10] (AO Kaspersky Lab)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131712 2016-09-05] (Samsung Electronics Co., Ltd.)
R3 ETDSMBus; C:\WINDOWS\system32\DRIVERS\ETDSMBus.sys [30808 2015-12-17] (ELAN Microelectronic Corp.)
S3 HipShieldK; C:\WINDOWS\System32\drivers\HipShieldK.sys [216704 2016-08-02] (McAfee, Inc.)
R3 iaLPSS_GPIO; C:\WINDOWS\System32\drivers\iaLPSS_GPIO.sys [46856 2015-06-15] (Intel Corporation)
R3 ibtusb; C:\WINDOWS\system32\DRIVERS\ibtusb.sys [231168 2017-01-13] (Intel Corporation)
R0 kl1; C:\WINDOWS\System32\DRIVERS\kl1.sys [554416 2016-06-02] (AO Kaspersky Lab)
R0 klbackupdisk; C:\WINDOWS\System32\DRIVERS\klbackupdisk.sys [63920 2016-06-07] (AO Kaspersky Lab)
R1 klbackupflt; C:\WINDOWS\System32\DRIVERS\klbackupflt.sys [86352 2016-06-15] (AO Kaspersky Lab)
R2 kldisk; C:\WINDOWS\system32\DRIVERS\kldisk.sys [78216 2016-05-31] (AO Kaspersky Lab)
S0 klelam; C:\WINDOWS\System32\DRIVERS\klelam.sys [28792 2016-03-31] (AO Kaspersky Lab)
R3 klflt; C:\WINDOWS\system32\DRIVERS\klflt.sys [191312 2016-06-26] (AO Kaspersky Lab)
R1 klhk; C:\WINDOWS\System32\drivers\klhk.sys [435032 2017-01-13] (AO Kaspersky Lab)
R3 klids; C:\ProgramData\Kaspersky Lab\AVP17.0.0\Bases\klids.sys [182360 2017-03-04] (AO Kaspersky Lab)
R1 KLIF; C:\WINDOWS\System32\DRIVERS\klif.sys [1019616 2017-01-13] (AO Kaspersky Lab)
R1 KLIM6; C:\WINDOWS\system32\DRIVERS\klim6.sys [57424 2017-02-14] (AO Kaspersky Lab)
R3 klkbdflt; C:\WINDOWS\system32\DRIVERS\klkbdflt.sys [52136 2016-05-19] (AO Kaspersky Lab)
R3 klmouflt; C:\WINDOWS\system32\DRIVERS\klmouflt.sys [41656 2015-06-07] (Kaspersky Lab ZAO)
R1 klpd; C:\WINDOWS\System32\DRIVERS\klpd.sys [45488 2016-05-31] (AO Kaspersky Lab)
R3 kltap; C:\WINDOWS\System32\drivers\kltap.sys [52152 2016-06-07] (The OpenVPN Project)
R0 klupd_klif_arkmon; C:\WINDOWS\System32\Drivers\klupd_klif_arkmon.sys [218920 2017-01-13] (AO Kaspersky Lab)
R3 klupd_klif_kimul; C:\WINDOWS\System32\Drivers\klupd_klif_kimul.sys [85984 2017-01-13] ()
R3 klupd_klif_klark; C:\WINDOWS\System32\Drivers\klupd_klif_klark.sys [245512 2017-01-13] (AO Kaspersky Lab)
R0 klupd_klif_klbg; C:\WINDOWS\System32\Drivers\klupd_klif_klbg.sys [104720 2017-01-13] (AO Kaspersky Lab)
R3 klupd_klif_mark; C:\WINDOWS\System32\Drivers\klupd_klif_mark.sys [164888 2017-01-13] (AO Kaspersky Lab)
R1 klwfp; C:\WINDOWS\system32\DRIVERS\klwfp.sys [85320 2016-06-18] (AO Kaspersky Lab)
R1 Klwtp; C:\WINDOWS\system32\DRIVERS\klwtp.sys [134880 2017-01-13] (AO Kaspersky Lab)
R1 kneps; C:\WINDOWS\system32\DRIVERS\kneps.sys [194480 2016-06-14] (AO Kaspersky Lab)
R2 MBAMChameleon; C:\WINDOWS\system32\drivers\MBAMChameleon.sys [186304 2017-03-04] (Malwarebytes)
S3 MBAMProtection; C:\WINDOWS\system32\drivers\mbam.sys [43968 2017-03-04] (Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [251840 2017-03-04] (Malwarebytes)
R3 mfeaack; C:\WINDOWS\system32\drivers\mfeaack.sys [419624 2016-08-02] (McAfee, Inc.)
R3 mfeavfk; C:\WINDOWS\System32\drivers\mfeavfk.sys [349480 2016-08-02] (McAfee, Inc.)
S0 mfeelamk; C:\WINDOWS\System32\drivers\mfeelamk.sys [83608 2016-08-02] (McAfee, Inc.)
R3 mfefirek; C:\WINDOWS\system32\drivers\mfefirek.sys [493352 2016-08-02] (McAfee, Inc.)
R0 mfehidk; C:\WINDOWS\System32\drivers\mfehidk.sys [843048 2016-08-02] (McAfee, Inc.)
R3 mfencbdc; C:\WINDOWS\System32\DRIVERS\mfencbdc.sys [519456 2016-08-01] (McAfee, Inc.)
S3 mfencrk; C:\WINDOWS\System32\DRIVERS\mfencrk.sys [100136 2016-08-01] (McAfee, Inc.)
R0 mfewfpk; C:\WINDOWS\System32\drivers\mfewfpk.sys [243496 2016-08-02] (McAfee, Inc.)
S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
R3 NETwNb64; C:\WINDOWS\System32\drivers\Netwbw02.sys [4103920 2015-08-23] (Intel Corporation)
S3 NETwNe64; C:\WINDOWS\System32\drivers\NETwew01.sys [3343872 2015-10-30] (Intel Corporation)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [886528 2015-05-29] (Realtek                                            )
R3 rtsuvc; C:\WINDOWS\system32\DRIVERS\rtsuvc.sys [3049176 2015-05-29] (Realtek Semiconductor Corp.)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [165504 2016-09-05] (Samsung Electronics Co., Ltd.)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)
S3 wsvd; C:\WINDOWS\system32\DRIVERS\wsvd.sys [102376 2012-06-13] ("CyberLink)

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2017-03-04 23:26 - 2017-03-04 23:32 - 00000000 ____D C:\ProgramData\HitmanPro
2017-03-04 23:25 - 2017-03-04 23:26 - 11581544 _____ (SurfRight B.V.) C:\Users\Baby\Desktop\HitmanPro_x64.exe
2017-03-04 21:31 - 2017-03-04 21:31 - 00000000 ____D C:\Program Files (x86)\ESET
2017-03-04 21:30 - 2017-03-04 21:30 - 02870984 _____ (ESET) C:\Users\Baby\Desktop\esetsmartinstaller_deu.exe
2017-03-04 21:25 - 2017-03-04 21:26 - 00002294 _____ C:\Users\Baby\Desktop\Fixlog.txt
2017-03-04 19:27 - 2017-03-04 19:27 - 00000000 ____D C:\Users\Baby\Desktop\FRST-OlderVersion
2017-03-04 19:25 - 2017-03-04 19:25 - 00000813 _____ C:\Users\Baby\Desktop\JRT.txt
2017-03-04 19:24 - 2017-03-04 19:24 - 01663736 _____ (Malwarebytes) C:\Users\Baby\Desktop\JRT.exe
2017-03-04 19:20 - 2017-03-04 19:20 - 00001569 _____ C:\Users\Baby\Desktop\mbam.txt
2017-03-04 19:17 - 2017-03-04 19:17 - 00000000 ___HD C:\OneDriveTemp
2017-03-04 19:07 - 2017-03-04 21:27 - 00186304 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMChameleon.sys
2017-03-04 19:07 - 2017-03-04 21:26 - 00251840 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2017-03-04 19:07 - 2017-03-04 21:26 - 00043968 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2017-03-04 19:07 - 2017-03-04 19:17 - 00092088 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2017-03-04 19:07 - 2017-03-04 19:07 - 00001919 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2017-03-04 19:07 - 2017-03-04 19:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2017-03-04 19:07 - 2017-03-04 19:07 - 00000000 ____D C:\ProgramData\Malwarebytes
2017-03-04 19:07 - 2017-03-04 19:07 - 00000000 ____D C:\Program Files\Malwarebytes
2017-03-04 19:07 - 2017-02-24 06:23 - 00077408 _____ C:\WINDOWS\system32\Drivers\mbae64.sys
2017-03-04 19:05 - 2017-03-04 19:06 - 57131432 _____ (Malwarebytes ) C:\Users\Baby\Downloads\mb3-setup-consumer-3.0.6.1469-1075.exe
2017-03-03 22:01 - 2017-03-04 19:29 - 00029825 _____ C:\Users\Baby\Desktop\Addition.txt
2017-03-03 22:00 - 2017-03-03 22:01 - 00094734 _____ C:\TDSSKiller.3.1.0.12_03.03.2017_22.00.13_log.txt
2017-03-03 21:57 - 2017-03-04 23:33 - 00021272 _____ C:\Users\Baby\Desktop\FRST.txt
2017-03-03 21:56 - 2017-03-04 23:33 - 00000000 ____D C:\FRST
2017-03-03 21:55 - 2017-03-04 19:27 - 02423296 _____ (Farbar) C:\Users\Baby\Desktop\FRST64.exe
2017-03-03 20:59 - 2017-03-03 21:00 - 00181760 _____ C:\TDSSKiller.3.1.0.12_03.03.2017_20.59.47_log.txt
2017-03-03 20:59 - 2017-03-03 20:59 - 04747704 _____ (AO Kaspersky Lab) C:\Users\Baby\Desktop\tdsskiller.exe
2017-03-03 20:53 - 2017-03-03 20:53 - 00024402 _____ C:\Users\Baby\Desktop\ESt2014_Lüke_Sebastian.elfo
2017-03-03 20:53 - 2017-03-03 20:53 - 00010002 _____ C:\Users\Baby\Desktop\ESt2013_Lüke_Sebastian.elfo
2017-03-03 20:52 - 2017-03-03 20:52 - 00024706 _____ C:\Users\Baby\Desktop\ESt2015_Lüke_Sebastian.elfo
2017-03-03 20:52 - 2017-03-03 20:52 - 00020658 _____ C:\Users\Baby\Desktop\ESt2016_Lüke_Sebastian.elfo
2017-03-02 20:59 - 2017-03-02 20:59 - 00000000 ____D C:\WINDOWS\LastGood.Tmp
2017-03-02 20:07 - 2017-03-02 20:07 - 1134936728 _____ C:\WINDOWS\MEMORY.DMP
2017-03-02 20:07 - 2017-03-02 20:07 - 00436516 _____ C:\WINDOWS\Minidump\030217-26859-01.dmp
2017-03-02 20:07 - 2017-03-02 20:07 - 00000000 ____D C:\WINDOWS\Minidump
2017-03-02 20:00 - 2017-03-04 18:58 - 00000000 ____D C:\AdwCleaner
2017-03-02 20:00 - 2017-03-02 20:00 - 04031440 _____ C:\Users\Baby\Desktop\adwcleaner_6.044.exe
2017-03-02 19:09 - 2017-03-02 19:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ElsterFormular
2017-03-02 19:09 - 2017-03-02 19:09 - 00000000 ____D C:\Program Files (x86)\ElsterFormular Update Service
2017-02-28 20:03 - 2017-02-28 20:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2017-02-28 20:03 - 2017-02-28 20:03 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2017-02-28 20:03 - 2017-02-28 20:03 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2017-02-28 20:02 - 2017-02-28 20:03 - 13165792 _____ (Microsoft Corporation) C:\Users\Baby\Downloads\Silverlight_x64.exe
2017-02-26 11:13 - 2017-02-26 11:13 - 00000000 ____D C:\Users\Baby\eTeks
2017-02-26 11:03 - 2017-02-26 11:03 - 00000982 _____ C:\Users\Baby\Desktop\Sweet Home 3D.lnk
2017-02-26 11:03 - 2017-02-26 11:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eTeks Sweet Home 3D
2017-02-26 11:03 - 2017-02-26 11:03 - 00000000 ____D C:\Program Files\Sweet Home 3D
2017-02-26 11:02 - 2017-02-26 11:03 - 42772656 _____ (eTeks ) C:\Users\Baby\Downloads\SweetHome3D-5.4-windows.exe
2017-02-24 15:48 - 2017-02-24 15:48 - 00047792 _____ C:\Users\Baby\Desktop\komprimierte Steuererklaerung_ESt2015_Schneider_Nicole.pdf
2017-02-24 15:48 - 2017-02-24 15:48 - 00047477 _____ C:\Users\Baby\Desktop\komprimierte Steuererklaerung_ESt2016_Schneider_Nicole.pdf
2017-02-24 15:47 - 2017-02-24 15:47 - 00075442 _____ C:\Users\Baby\Desktop\ESt2015_Schneider_Nicole.elfo
2017-02-24 15:45 - 2017-02-24 15:45 - 00091538 _____ C:\Users\Baby\Desktop\ESt2016_Schneider_Nicole.elfo
2017-02-21 10:20 - 2017-02-21 10:20 - 00014230 _____ C:\Users\Baby\Documents\Gesamteinkommen_Elternzeit.odt
2017-02-21 09:59 - 2017-02-21 09:59 - 00051666 _____ C:\Users\Baby\Downloads\Besoldungstabellen_2017.pdf
2017-02-20 20:47 - 2017-02-20 20:47 - 00000000 ____D C:\Users\Baby\AppData\Roaming\OpenOffice
2017-02-20 20:46 - 2017-02-20 20:47 - 00013313 _____ C:\Users\Baby\Downloads\Kostenerstattung_KV_Vanessa.odt
2017-02-20 20:46 - 2017-02-20 20:46 - 00001132 _____ C:\Users\Public\Desktop\OpenOffice 4.1.3.lnk
2017-02-20 20:46 - 2017-02-20 20:46 - 00000000 ___SD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.3
2017-02-20 20:45 - 2017-02-20 20:46 - 00000000 ____D C:\Program Files (x86)\OpenOffice 4
2017-02-20 20:44 - 2017-02-21 09:04 - 00000000 ____D C:\Users\Baby\AppData\Roaming\OpenOffice Updater
2017-02-20 20:44 - 2017-02-20 20:44 - 00000000 ____D C:\Users\Baby\Desktop\OpenOffice 4.1.3 (de) Installation Files
2017-02-20 20:37 - 2017-02-20 20:43 - 171801456 _____ C:\Users\Baby\Downloads\OpenOffice_4.1.3_Win_x86_install_de(1).exe
2017-02-20 20:25 - 2017-02-20 20:32 - 171801456 _____ C:\Users\Baby\Downloads\OpenOffice_4.1.3_Win_x86_install_de.exe
2017-02-20 20:17 - 2017-02-20 20:17 - 00013313 _____ C:\Users\Baby\Downloads\Kostenerstattung_KV_Vanessa (1).odt
2017-02-19 19:23 - 2017-03-03 18:55 - 00000000 ____D C:\Users\Baby\AppData\LocalLow\Mozilla
2017-02-19 19:23 - 2017-02-19 19:29 - 00000000 ____D C:\Users\Baby\AppData\Local\Mozilla
2017-02-19 19:23 - 2017-02-19 19:23 - 00001235 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2017-02-19 19:23 - 2017-02-19 19:23 - 00001223 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2017-02-19 19:23 - 2017-02-19 19:23 - 00000000 ____D C:\Users\Baby\AppData\Roaming\Mozilla
2017-02-19 19:23 - 2017-02-19 19:23 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2017-02-19 19:22 - 2017-02-19 19:23 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2017-02-19 19:20 - 2017-02-19 19:20 - 00245600 _____ C:\Users\Baby\Downloads\Firefox Setup Stub 51.0.1.exe
2017-02-17 19:26 - 2016-12-21 08:08 - 00142848 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe
2017-02-17 19:26 - 2016-12-21 05:44 - 00120320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\poqexec.exe
2017-02-17 19:12 - 2017-02-17 19:12 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
2017-02-15 20:26 - 2017-02-15 20:26 - 00257864 _____ (Lenovo Group Limited) C:\WINDOWS\system32\iMDriverHelper.dll
2017-02-15 18:32 - 2016-12-21 08:43 - 04130440 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2017-02-15 18:32 - 2016-12-21 08:43 - 01454504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetsrc.dll
2017-02-15 18:32 - 2016-12-21 08:43 - 01071736 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetcore.dll
2017-02-15 18:32 - 2016-12-21 08:42 - 01988560 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2017-02-15 18:32 - 2016-12-21 08:42 - 01702392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
2017-02-15 18:32 - 2016-12-21 08:42 - 01300600 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2017-02-15 18:32 - 2016-12-21 08:08 - 00360448 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpencom.dll
2017-02-15 18:32 - 2016-12-21 08:06 - 06285312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2017-02-15 18:32 - 2016-12-21 07:56 - 00936960 _____ (Microsoft Corporation) C:\WINDOWS\system32\MCRecvSrc.dll
2017-02-15 18:32 - 2016-12-21 07:53 - 04474368 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_47.dll
2017-02-15 18:32 - 2016-12-21 07:51 - 08075776 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2017-02-15 18:32 - 2016-12-21 07:51 - 05611008 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll
2017-02-15 18:32 - 2016-12-21 06:09 - 00263472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Storage.ApplicationData.dll
2017-02-15 18:32 - 2016-12-21 05:41 - 00253952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.BioFeedback.dll
2017-02-15 18:32 - 2016-12-21 05:40 - 00557568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll
2017-02-15 18:32 - 2016-12-21 05:39 - 00223232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgentUserBroker.exe
2017-02-15 18:32 - 2016-12-21 05:22 - 01883648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
2017-02-15 18:32 - 2016-12-14 06:41 - 01235296 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2017-02-15 18:32 - 2016-12-14 05:48 - 01631232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll
2017-02-15 18:32 - 2016-12-14 05:44 - 00114688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netvsc.sys
2017-02-15 18:32 - 2016-12-14 05:38 - 17188864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2017-02-15 18:32 - 2016-12-14 05:38 - 00213504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.CredDialogController.dll
2017-02-15 18:32 - 2016-12-14 05:23 - 03134976 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcore.dll
2017-02-15 18:32 - 2016-12-09 11:42 - 01637728 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2017-02-15 18:32 - 2016-12-09 11:42 - 00137568 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2017-02-15 18:32 - 2016-12-09 11:29 - 02681200 _____ C:\WINDOWS\system32\CoreUIComponents.dll
2017-02-15 18:32 - 2016-12-09 11:20 - 02677544 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10warp.dll
2017-02-15 18:32 - 2016-12-09 11:18 - 01100128 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2017-02-15 18:32 - 2016-12-09 11:18 - 00989024 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2017-02-15 18:32 - 2016-12-09 11:18 - 00947552 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.efi
2017-02-15 18:32 - 2016-12-09 11:18 - 00811872 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.exe
2017-02-15 18:32 - 2016-12-09 11:01 - 00861024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2017-02-15 18:32 - 2016-12-09 10:56 - 00959112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2017-02-15 18:32 - 2016-12-09 10:52 - 01415752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2017-02-15 18:32 - 2016-12-09 10:41 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WordBreakers.dll
2017-02-15 18:32 - 2016-12-09 10:33 - 03777536 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2017-02-15 18:32 - 2016-12-09 10:18 - 02138112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll
2017-02-15 18:32 - 2016-12-09 10:16 - 00353280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TextInputFramework.dll
2017-02-15 18:32 - 2016-12-09 10:15 - 00206848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Core.TextInput.dll
2017-02-15 18:32 - 2016-12-09 10:15 - 00092672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputLocaleManager.dll
2017-02-15 18:32 - 2016-12-09 10:15 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EditBufferTestHook.dll
2017-02-15 18:32 - 2016-12-09 09:54 - 00483840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2017-02-15 18:32 - 2016-11-11 11:08 - 00142176 _____ (Microsoft Corporation) C:\WINDOWS\system32\migisol.dll
2017-02-15 18:32 - 2016-11-11 11:02 - 02828376 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll
2017-02-15 18:32 - 2016-11-11 11:01 - 00637400 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2017-02-15 18:32 - 2016-11-11 11:00 - 00219488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tpm.sys
2017-02-15 18:32 - 2016-11-11 10:57 - 01473048 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2017-02-15 18:32 - 2016-11-11 10:56 - 01062480 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2017-02-15 18:32 - 2016-11-11 10:56 - 00126568 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfaudiocnv.dll
2017-02-15 18:32 - 2016-11-11 10:51 - 00454592 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe
2017-02-15 18:32 - 2016-11-11 10:26 - 00034816 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReAgentc.exe
2017-02-15 18:32 - 2016-11-11 10:24 - 00110080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.BackgroundTransfer.BackgroundManagerPolicy.dll
2017-02-15 18:32 - 2016-11-11 10:24 - 00098304 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2017-02-15 18:32 - 2016-11-11 10:18 - 00967168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2017-02-15 18:32 - 2016-11-11 10:18 - 00278016 _____ (Microsoft Corporation) C:\WINDOWS\system32\netplwiz.dll
2017-02-15 18:32 - 2016-11-11 10:16 - 00560128 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppReadiness.dll
2017-02-15 18:32 - 2016-11-11 10:14 - 00178176 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppnp.dll
2017-02-15 18:32 - 2016-11-11 10:11 - 00870400 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmkvsrcsnk.dll
2017-02-15 18:32 - 2016-11-11 10:09 - 00164352 _____ (Microsoft Corporation) C:\WINDOWS\system32\dialserver.dll
2017-02-15 18:32 - 2016-11-11 10:07 - 01691136 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitstatic.exe
2017-02-15 18:32 - 2016-11-11 10:04 - 02800128 _____ (Microsoft Corporation) C:\WINDOWS\system32\netshell.dll
2017-02-15 18:32 - 2016-11-11 10:04 - 01359360 _____ (Microsoft Corporation) C:\WINDOWS\system32\usercpl.dll
2017-02-15 18:32 - 2016-11-11 10:03 - 02287616 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2017-02-15 18:32 - 2016-11-11 08:47 - 05722832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2017-02-15 18:32 - 2016-11-11 08:47 - 01430720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2017-02-15 18:32 - 2016-11-11 08:38 - 01263856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2017-02-15 18:32 - 2016-11-11 08:25 - 00117248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapsBtSvc.dll
2017-02-15 18:32 - 2016-11-11 08:25 - 00071168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MosStorage.dll
2017-02-15 18:32 - 2016-11-11 08:24 - 00138240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DisplayManager.dll
2017-02-15 18:32 - 2016-11-11 08:21 - 00332288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapConfiguration.dll
2017-02-15 18:32 - 2016-11-11 08:19 - 00284672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apprepsync.dll
2017-02-15 18:32 - 2016-11-11 08:19 - 00125952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apprepapi.dll
2017-02-15 18:32 - 2016-11-11 08:18 - 02333184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmSvc.dll
2017-02-15 18:32 - 2016-11-11 08:16 - 00253952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2017-02-15 18:32 - 2016-11-11 08:15 - 01357824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll
2017-02-15 18:32 - 2016-11-11 08:12 - 00259584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msdtcuiu.dll
2017-02-15 18:32 - 2016-11-11 08:10 - 06109184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll
2017-02-15 18:32 - 2016-11-11 08:09 - 05380608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2017-02-15 18:32 - 2016-11-11 08:06 - 02362880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapRouter.dll
2017-02-15 18:32 - 2016-11-11 08:06 - 02109952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapGeocoder.dll
2017-02-15 18:32 - 2016-11-11 08:04 - 00715264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapControlCore.dll
2017-02-15 18:31 - 2016-12-21 09:08 - 00245600 _____ (Microsoft Corporation) C:\WINDOWS\system32\offlinesam.dll
2017-02-15 18:31 - 2016-12-21 09:08 - 00136032 _____ (Microsoft Corporation) C:\WINDOWS\system32\ImplatSetup.dll
2017-02-15 18:31 - 2016-12-21 08:46 - 00624048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2017-02-15 18:31 - 2016-12-21 08:42 - 22224480 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2017-02-15 18:31 - 2016-12-21 08:41 - 01600632 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2017-02-15 18:31 - 2016-12-21 08:15 - 22563840 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2017-02-15 18:31 - 2016-12-21 08:05 - 00261632 _____ (Microsoft Corporation) C:\WINDOWS\system32\indexeddbserver.dll
2017-02-15 18:31 - 2016-12-21 08:01 - 09131008 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2017-02-15 18:31 - 2016-12-21 07:59 - 01908224 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2017-02-15 18:31 - 2016-12-21 07:59 - 00883712 _____ (Microsoft Corporation) C:\WINDOWS\system32\samsrv.dll
2017-02-15 18:31 - 2016-12-21 07:58 - 23678464 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2017-02-15 18:31 - 2016-12-21 07:55 - 08129536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2017-02-15 18:31 - 2016-12-21 07:55 - 04749312 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2017-02-15 18:31 - 2016-12-21 07:50 - 01490432 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2017-02-15 18:31 - 2016-12-21 06:59 - 00218976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offlinesam.dll
2017-02-15 18:31 - 2016-12-21 06:01 - 20969928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2017-02-15 18:31 - 2016-12-21 05:43 - 00285184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.BlockedShutdown.dll
2017-02-15 18:31 - 2016-12-21 05:40 - 00180224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
2017-02-15 18:31 - 2016-12-21 05:38 - 00866816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Cred.dll
2017-02-15 18:31 - 2016-12-21 05:35 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\indexeddbserver.dll
2017-02-15 18:31 - 2016-12-21 05:34 - 07626752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2017-02-15 18:31 - 2016-12-21 05:33 - 19413504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2017-02-15 18:31 - 2016-12-21 05:32 - 19417600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2017-02-15 18:31 - 2016-12-21 05:30 - 05398016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aclui.dll
2017-02-15 18:31 - 2016-12-21 05:30 - 01255936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll
2017-02-15 18:31 - 2016-12-21 05:26 - 01155072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVP9DEC.dll
2017-02-15 18:31 - 2016-12-14 06:23 - 00404832 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2017-02-15 18:31 - 2016-12-14 06:21 - 02206496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
2017-02-15 18:31 - 2016-12-14 06:17 - 00319288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64.dll
2017-02-15 18:31 - 2016-12-14 06:14 - 01694712 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2017-02-15 18:31 - 2016-12-14 06:01 - 01557808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll
2017-02-15 18:31 - 2016-12-14 05:43 - 00201728 _____ (Microsoft Corporation) C:\WINDOWS\system32\ScDeviceEnum.dll
2017-02-15 18:31 - 2016-12-14 05:42 - 00236544 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinSCard.dll
2017-02-15 18:31 - 2016-12-14 05:42 - 00167424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinSCard.dll
2017-02-15 18:31 - 2016-12-14 05:40 - 00193536 _____ (Microsoft Corporation) C:\WINDOWS\system32\certprop.dll
2017-02-15 18:31 - 2016-12-14 05:38 - 13869056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2017-02-15 18:31 - 2016-12-14 05:37 - 00090112 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll
2017-02-15 18:31 - 2016-12-14 05:36 - 00074752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\updatepolicy.dll
2017-02-15 18:31 - 2016-12-14 05:35 - 00755712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2017-02-15 18:31 - 2016-12-14 05:35 - 00600576 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptui.dll
2017-02-15 18:31 - 2016-12-14 05:35 - 00553984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cryptui.dll
2017-02-15 18:31 - 2016-12-14 05:26 - 00932864 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2017-02-15 18:31 - 2016-12-14 05:26 - 00869888 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2017-02-15 18:31 - 2016-12-14 05:24 - 01005568 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3D12.dll
2017-02-15 18:31 - 2016-12-14 05:24 - 00673792 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2017-02-15 18:31 - 2016-12-14 05:22 - 02317824 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2017-02-15 18:31 - 2016-12-14 05:22 - 01513472 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2017-02-15 18:31 - 2016-12-14 05:22 - 00391168 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2017-02-15 18:31 - 2016-12-09 11:20 - 02189664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2017-02-15 18:31 - 2016-12-09 11:20 - 00658784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2017-02-15 18:31 - 2016-12-09 11:20 - 00402272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2017-02-15 18:31 - 2016-12-09 11:19 - 00168424 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcrypt.dll
2017-02-15 18:31 - 2016-12-09 11:18 - 02913144 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2017-02-15 18:31 - 2016-12-09 11:18 - 01267512 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2017-02-15 18:31 - 2016-12-09 11:01 - 01503544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2017-02-15 18:31 - 2016-12-09 11:00 - 00106896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcrypt.dll
2017-02-15 18:31 - 2016-12-09 10:59 - 02166752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2017-02-15 18:31 - 2016-12-09 10:59 - 00846560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll
2017-02-15 18:31 - 2016-12-09 10:42 - 00227328 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll
2017-02-15 18:31 - 2016-12-09 10:41 - 00380928 _____ (Microsoft Corporation) C:\WINDOWS\system32\wincorlib.dll
2017-02-15 18:31 - 2016-12-09 10:37 - 00411136 _____ (Microsoft Corporation) C:\WINDOWS\system32\facecredentialprovider.dll
2017-02-15 18:31 - 2016-12-09 10:36 - 03059200 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2017-02-15 18:31 - 2016-12-09 10:36 - 00410112 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2017-02-15 18:31 - 2016-12-09 10:34 - 00288768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wincorlib.dll
2017-02-15 18:31 - 2016-12-09 10:25 - 00376832 _____ (Microsoft Corporation) C:\WINDOWS\system32\CryptoWinRT.dll
2017-02-15 18:31 - 2016-12-09 10:20 - 00730624 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2017-02-15 18:31 - 2016-12-09 10:18 - 00165376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mdmregistration.dll
2017-02-15 18:31 - 2016-11-11 11:15 - 00101216 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceReactivation.dll
2017-02-15 18:31 - 2016-11-11 11:14 - 00603488 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContentDeliveryManager.Utilities.dll
2017-02-15 18:31 - 2016-11-11 11:13 - 02213760 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2017-02-15 18:31 - 2016-11-11 11:13 - 00352096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fastfat.sys
2017-02-15 18:31 - 2016-11-11 11:12 - 00128352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\partmgr.sys
2017-02-15 18:31 - 2016-11-11 11:00 - 00223584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2017-02-15 18:31 - 2016-11-11 10:59 - 00433504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2017-02-15 18:31 - 2016-11-11 10:56 - 00187520 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudStorageWizard.exe
2017-02-15 18:31 - 2016-11-11 10:55 - 00882680 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditionUpgradeManagerObj.dll
2017-02-15 18:31 - 2016-11-11 10:55 - 00743224 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppwinob.dll
2017-02-15 18:31 - 2016-11-11 10:27 - 00086016 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetCfgNotifyObjectHost.exe
2017-02-15 18:31 - 2016-11-11 10:26 - 00258560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\xboxgip.sys
2017-02-15 18:31 - 2016-11-11 10:25 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\system32\BcastDVRHelper.dll
2017-02-15 18:31 - 2016-11-11 10:25 - 00073216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryBroker.dll
2017-02-15 18:31 - 2016-11-11 10:24 - 00170496 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppCapture.dll
2017-02-15 18:31 - 2016-11-11 10:24 - 00122880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryClient.dll
2017-02-15 18:31 - 2016-11-11 10:23 - 00058880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Shell.Search.UriHandler.dll
2017-02-15 18:31 - 2016-11-11 10:22 - 00489472 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupShim.dll
2017-02-15 18:31 - 2016-11-11 10:20 - 00125952 _____ (Microsoft Corporation) C:\WINDOWS\system32\setupugc.exe
2017-02-15 18:31 - 2016-11-11 10:19 - 00620544 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvr.exe
2017-02-15 18:31 - 2016-11-11 10:19 - 00198144 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpapisrv.dll
2017-02-15 18:31 - 2016-11-11 10:16 - 02716672 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmSvc.dll
2017-02-15 18:31 - 2016-11-11 10:16 - 01477632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsecedit.dll
2017-02-15 18:31 - 2016-11-11 10:16 - 00161792 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditionUpgradeHelper.dll
2017-02-15 18:31 - 2016-11-11 10:15 - 00032256 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSManHTTPConfig.exe
2017-02-15 18:31 - 2016-11-11 10:11 - 00096256 _____ (Microsoft Corporation) C:\WINDOWS\system32\umpoext.dll
2017-02-15 18:31 - 2016-11-11 10:06 - 00650752 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2017-02-15 18:31 - 2016-11-11 10:05 - 04136448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepository.dll
2017-02-15 18:31 - 2016-11-11 10:05 - 01779712 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2017-02-15 18:31 - 2016-11-11 10:04 - 01709056 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll
2017-02-15 18:31 - 2016-11-11 10:04 - 00909312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
2017-02-15 18:31 - 2016-11-11 10:03 - 00842240 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntshrui.dll
2017-02-15 18:31 - 2016-11-11 10:03 - 00283648 _____ (Microsoft Corporation) C:\WINDOWS\system32\wkssvc.dll
2017-02-15 18:31 - 2016-11-11 09:01 - 01969912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hevcdecoder.dll
2017-02-15 18:31 - 2016-11-11 09:00 - 01706488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2017-02-15 18:31 - 2016-11-11 08:49 - 00248480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\policymanager.dll
2017-02-15 18:31 - 2016-11-11 08:19 - 00298496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2017-02-15 18:31 - 2016-11-11 08:18 - 01336320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsecedit.dll
2017-02-15 18:31 - 2016-11-11 08:18 - 00318464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFolder.dll
2017-02-15 18:31 - 2016-11-11 08:17 - 00033280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSManHTTPConfig.exe
2017-02-15 18:31 - 2016-11-11 08:15 - 00838144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JpMapControl.dll
2017-02-15 18:31 - 2016-11-11 08:14 - 00395264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmenrollengine.dll
2017-02-15 18:31 - 2016-11-11 08:04 - 02682880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netshell.dll
2017-02-15 18:31 - 2016-11-11 08:04 - 00912896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comdlg32.dll
2017-02-15 18:31 - 2016-11-11 08:03 - 01576448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2017-02-15 18:31 - 2016-11-11 08:03 - 00772608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntshrui.dll
2017-02-15 18:31 - 2016-11-11 08:03 - 00760832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NMAA.dll
2017-02-15 18:31 - 2016-11-11 08:03 - 00565248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasapi32.dll
2017-02-15 18:31 - 2016-11-11 08:02 - 00711680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll
2017-02-15 18:30 - 2016-12-21 08:49 - 00328008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Storage.ApplicationData.dll
2017-02-15 18:30 - 2016-12-21 08:43 - 00092512 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2017-02-15 18:30 - 2016-12-21 08:14 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchWinApp.exe
2017-02-15 18:30 - 2016-12-21 08:09 - 00368640 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneBackupHandler.dll
2017-02-15 18:30 - 2016-12-21 08:08 - 00289792 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeveloperOptionsSettingsHandlers.dll
2017-02-15 18:30 - 2016-12-21 08:05 - 00425984 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
2017-02-15 18:30 - 2016-12-21 08:05 - 00049152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll
2017-02-15 18:30 - 2016-12-21 07:56 - 00947712 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVP9DEC.dll
2017-02-15 18:30 - 2016-12-21 07:53 - 06664192 _____ (Microsoft Corporation) C:\WINDOWS\system32\mspaint.exe
2017-02-15 18:30 - 2016-12-21 07:49 - 04149248 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2017-02-15 18:30 - 2016-12-21 07:47 - 01121280 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2017-02-15 18:30 - 2016-12-21 05:46 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LaunchWinApp.exe
2017-02-15 18:30 - 2016-12-21 05:41 - 00231936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.LockScreen.dll
2017-02-15 18:30 - 2016-12-21 05:40 - 00318976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpencom.dll
2017-02-15 18:30 - 2016-12-21 05:40 - 00237056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SyncSettings.dll
2017-02-15 18:30 - 2016-12-21 05:39 - 01300480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVPXENC.dll
2017-02-15 18:30 - 2016-12-21 05:25 - 07469056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2017-02-15 18:30 - 2016-12-21 05:25 - 06474752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mspaint.exe
2017-02-15 18:30 - 2016-12-21 05:24 - 06044160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2017-02-15 18:30 - 2016-12-14 06:34 - 02482280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2017-02-15 18:30 - 2016-12-14 06:01 - 00382784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AUDIOKSE.dll
2017-02-15 18:30 - 2016-12-14 06:01 - 00076984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\remoteaudioendpoint.dll
2017-02-15 18:30 - 2016-12-14 05:46 - 01631232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Resources.dll
2017-02-15 18:30 - 2016-12-14 05:42 - 00208896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.UI.Logon.ProxyStub.dll
2017-02-15 18:30 - 2016-12-14 05:40 - 00231424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudBackupSettings.dll
2017-02-15 18:30 - 2016-12-14 05:39 - 00290816 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2017-02-15 18:30 - 2016-12-14 05:36 - 00539648 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2017-02-15 18:30 - 2016-12-14 05:22 - 02748416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpcore.dll
2017-02-15 18:30 - 2016-12-09 11:28 - 00764392 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2017-02-15 18:30 - 2016-12-09 11:27 - 00172528 _____ (Microsoft Corporation) C:\WINDOWS\system32\sspicli.dll
2017-02-15 18:30 - 2016-12-09 11:20 - 01738560 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2017-02-15 18:30 - 2016-12-09 11:15 - 08168000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2017-02-15 18:30 - 2016-12-09 11:11 - 02048496 _____ C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2017-02-15 18:30 - 2016-12-09 10:57 - 06668040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2017-02-15 18:30 - 2016-12-09 10:32 - 00635904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2017-02-15 18:30 - 2016-12-09 10:31 - 03689984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2017-02-15 18:30 - 2016-12-09 10:31 - 00313856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2017-02-15 18:30 - 2016-12-09 10:28 - 01004544 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2017-02-15 18:30 - 2016-12-09 10:27 - 00981504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.OnlineId.dll
2017-02-15 18:30 - 2016-12-09 10:21 - 04746752 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2017-02-15 18:30 - 2016-12-09 10:20 - 00187392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll
2017-02-15 18:30 - 2016-12-09 10:20 - 00172544 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceEnroller.exe
2017-02-15 18:30 - 2016-12-09 10:18 - 03666432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2017-02-15 18:30 - 2016-11-11 11:14 - 02186896 _____ (Microsoft Corporation) C:\WINDOWS\system32\hevcdecoder.dll
2017-02-15 18:30 - 2016-11-11 11:13 - 01886344 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2017-02-15 18:30 - 2016-11-11 11:03 - 01069720 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2017-02-15 18:30 - 2016-11-11 11:03 - 00266544 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanager.dll
2017-02-15 18:30 - 2016-11-11 10:56 - 04673304 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2017-02-15 18:30 - 2016-11-11 10:26 - 00163840 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseModernAppMgmtCSP.dll
2017-02-15 18:30 - 2016-11-11 10:26 - 00109056 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReportingCSP.dll
2017-02-15 18:30 - 2016-11-11 10:25 - 00185344 _____ (Microsoft Corporation) C:\WINDOWS\system32\DisplayManager.dll
2017-02-15 18:30 - 2016-11-11 10:25 - 00147968 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcertinst.exe
2017-02-15 18:30 - 2016-11-11 10:25 - 00081408 _____ (Microsoft Corporation) C:\WINDOWS\system32\HttpsDataSource.dll
2017-02-15 18:30 - 2016-11-11 10:24 - 00158720 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEStoreEventHandlers.dll
2017-02-15 18:30 - 2016-11-11 10:24 - 00136192 _____ (Microsoft Corporation) C:\WINDOWS\system32\sendmail.dll
2017-02-15 18:30 - 2016-11-11 10:24 - 00107520 _____ (Microsoft Corporation) C:\WINDOWS\system32\VPNv2CSP.dll
2017-02-15 18:30 - 2016-11-11 10:23 - 00567296 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevicePairing.dll
2017-02-15 18:30 - 2016-11-11 10:23 - 00041472 _____ (Microsoft Corporation) C:\WINDOWS\system32\EAMProgressHandler.dll
2017-02-15 18:30 - 2016-11-11 10:22 - 00143360 _____ (Microsoft Corporation) C:\WINDOWS\system32\EDPCleanup.exe
2017-02-15 18:30 - 2016-11-11 10:21 - 00690688 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2017-02-15 18:30 - 2016-11-11 10:21 - 00587776 _____ (Microsoft Corporation) C:\WINDOWS\system32\vpnike.dll
2017-02-15 18:30 - 2016-11-11 10:21 - 00379392 _____ (Microsoft Corporation) C:\WINDOWS\system32\apprepsync.dll
2017-02-15 18:30 - 2016-11-11 10:20 - 00657920 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmans.dll
2017-02-15 18:30 - 2016-11-11 10:20 - 00574464 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_StorageSense.dll
2017-02-15 18:30 - 2016-11-11 10:20 - 00407552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2017-02-15 18:30 - 2016-11-11 10:20 - 00176128 _____ (Microsoft Corporation) C:\WINDOWS\system32\apprepapi.dll
2017-02-15 18:30 - 2016-11-11 10:20 - 00115200 _____ (Microsoft Corporation) C:\WINDOWS\system32\IdCtrls.dll
2017-02-15 18:30 - 2016-11-11 10:19 - 00495104 _____ (Microsoft Corporation) C:\WINDOWS\system32\DataSenseHandlers.dll
2017-02-15 18:30 - 2016-11-11 10:19 - 00389632 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActivationManager.dll
2017-02-15 18:30 - 2016-11-11 10:19 - 00388096 _____ (Microsoft Corporation) C:\WINDOWS\system32\zipfldr.dll
2017-02-15 18:30 - 2016-11-11 10:19 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseAppMgmtSvc.dll
2017-02-15 18:30 - 2016-11-11 10:18 - 02084352 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceFlows.DataModel.dll
2017-02-15 18:30 - 2016-11-11 10:14 - 02104320 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll
2017-02-15 18:30 - 2016-11-11 10:14 - 00615424 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnprv.dll
2017-02-15 18:30 - 2016-11-11 10:13 - 00396800 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2017-02-15 18:30 - 2016-11-11 10:07 - 00347648 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascustom.dll
2017-02-15 18:30 - 2016-11-11 10:06 - 03400192 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncCenter.dll
2017-02-15 18:30 - 2016-11-11 10:04 - 02611200 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameux.dll
2017-02-15 18:30 - 2016-11-11 10:04 - 00455168 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll
2017-02-15 18:30 - 2016-11-11 10:04 - 00389632 _____ (Microsoft Corporation) C:\WINDOWS\system32\stobject.dll
2017-02-15 18:30 - 2016-11-11 10:03 - 02669056 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2017-02-15 18:30 - 2016-11-11 10:03 - 00632320 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasapi32.dll
2017-02-15 18:30 - 2016-11-11 08:54 - 00122208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\migisol.dll
2017-02-15 18:30 - 2016-11-11 08:49 - 00869848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmCoreR.dll
2017-02-15 18:30 - 2016-11-11 08:42 - 00152416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RTWorkQ.dll
2017-02-15 18:30 - 2016-11-11 08:41 - 04311736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2017-02-15 18:30 - 2016-11-11 08:24 - 00047104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Shell.Search.UriHandler.dll
2017-02-15 18:30 - 2016-11-11 08:23 - 00094208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryClient.dll
2017-02-15 18:30 - 2016-11-11 08:22 - 00122880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sendmail.dll
2017-02-15 18:30 - 2016-11-11 08:21 - 00091648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.BackgroundTransfer.BackgroundManagerPolicy.dll
2017-02-15 18:30 - 2016-11-11 08:20 - 00306176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2017-02-15 18:30 - 2016-11-11 08:19 - 00506880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DevicePairing.dll
2017-02-15 18:30 - 2016-11-11 08:06 - 00400384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToManager.dll
2017-02-15 18:30 - 2016-11-11 08:05 - 03370496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepository.dll
2017-02-15 18:30 - 2016-11-11 08:04 - 00358912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\stobject.dll
2017-02-15 18:30 - 2016-11-11 08:03 - 02484736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gameux.dll
2017-02-15 18:30 - 2016-11-11 08:03 - 01556480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2017-02-15 18:29 - 2016-12-21 08:09 - 00363520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.BioFeedback.dll
2017-02-15 18:29 - 2016-12-21 08:08 - 00418304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.BlockedShutdown.dll
2017-02-15 18:29 - 2016-12-21 08:08 - 00211968 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2017-02-15 18:29 - 2016-12-21 08:07 - 00748544 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2017-02-15 18:29 - 2016-12-21 08:06 - 00310784 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncSettings.dll
2017-02-15 18:29 - 2016-12-21 08:06 - 00260608 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgentUserBroker.exe
2017-02-15 18:29 - 2016-12-21 08:06 - 00147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll
2017-02-15 18:29 - 2016-12-21 08:00 - 00440320 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhcfg.dll
2017-02-15 18:29 - 2016-12-21 07:57 - 00462336 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhsettingsprovider.dll
2017-02-15 18:29 - 2016-12-21 07:54 - 05511680 _____ (Microsoft Corporation) C:\WINDOWS\system32\aclui.dll
2017-02-15 18:29 - 2016-12-21 07:49 - 02691072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2017-02-15 18:29 - 2016-12-21 07:49 - 01062912 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2017-02-15 18:29 - 2016-12-21 06:02 - 03892864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2017-02-15 18:29 - 2016-12-21 06:02 - 01852720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2017-02-15 18:29 - 2016-12-21 06:02 - 01360464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetsrc.dll
2017-02-15 18:29 - 2016-12-21 06:02 - 01277344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll
2017-02-15 18:29 - 2016-12-21 06:02 - 01201872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2017-02-15 18:29 - 2016-12-21 06:02 - 00980832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetcore.dll
2017-02-15 18:29 - 2016-12-21 05:35 - 04612608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2017-02-15 18:29 - 2016-12-21 05:27 - 00640000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MCRecvSrc.dll
2017-02-15 18:29 - 2016-12-14 06:41 - 00590960 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2017-02-15 18:29 - 2016-12-14 06:33 - 01356864 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipUp.exe
2017-02-15 18:29 - 2016-12-14 06:19 - 00584544 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2017-02-15 18:29 - 2016-12-14 06:18 - 00715104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys
2017-02-15 18:29 - 2016-12-14 06:14 - 00418952 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2017-02-15 18:29 - 2016-12-14 06:14 - 00089416 _____ (Microsoft Corporation) C:\WINDOWS\system32\remoteaudioendpoint.dll
2017-02-15 18:29 - 2016-12-14 05:46 - 00206848 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2017-02-15 18:29 - 2016-12-14 05:42 - 00352768 _____ (Microsoft Corporation) C:\WINDOWS\system32\cloudAP.dll
2017-02-15 18:29 - 2016-12-14 05:41 - 00223744 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2017-02-15 18:29 - 2016-12-14 05:40 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll
2017-02-15 18:29 - 2016-12-14 05:39 - 00837632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbiosrvc.dll
2017-02-15 18:29 - 2016-12-14 05:39 - 00257024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.CredDialogController.dll
2017-02-15 18:29 - 2016-12-14 05:38 - 00295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudBackupSettings.dll
2017-02-15 18:29 - 2016-12-14 05:36 - 01002496 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2017-02-15 18:29 - 2016-12-14 05:35 - 00712192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2017-02-15 18:29 - 2016-12-14 05:32 - 00497152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LogonController.dll
2017-02-15 18:29 - 2016-12-14 05:25 - 02009600 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRHInproc.dll
2017-02-15 18:29 - 2016-12-14 05:23 - 01231872 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2017-02-15 18:29 - 2016-12-14 05:21 - 03616768 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2017-02-15 18:29 - 2016-12-09 11:30 - 00377184 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2017-02-15 18:29 - 2016-12-09 11:19 - 01293152 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2017-02-15 18:29 - 2016-12-09 11:14 - 01274712 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2017-02-15 18:29 - 2016-12-09 11:10 - 01572768 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2017-02-15 18:29 - 2016-12-09 11:10 - 01461200 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2017-02-15 18:29 - 2016-12-09 10:52 - 01435896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2017-02-15 18:29 - 2016-12-09 10:33 - 01589760 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdtctm.dll
2017-02-15 18:29 - 2016-12-09 10:28 - 03306496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2017-02-15 18:29 - 2016-12-09 10:27 - 13084160 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2017-02-15 18:29 - 2016-12-09 10:27 - 05114368 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
2017-02-15 18:29 - 2016-12-09 10:23 - 12177920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2017-02-15 18:29 - 2016-12-09 10:21 - 00716800 _____ (Microsoft Corporation) C:\WINDOWS\system32\ShareHost.dll
2017-02-15 18:29 - 2016-11-11 11:02 - 00360040 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2017-02-15 18:29 - 2016-11-11 11:01 - 07219672 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2017-02-15 18:29 - 2016-11-11 11:01 - 01859264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2017-02-15 18:29 - 2016-11-11 10:56 - 00163752 _____ (Microsoft Corporation) C:\WINDOWS\system32\RTWorkQ.dll
2017-02-15 18:29 - 2016-11-11 10:54 - 01418312 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2017-02-15 18:29 - 2016-11-11 10:31 - 00366080 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXTaskFactory.dll
2017-02-15 18:29 - 2016-11-11 10:27 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpremove.exe
2017-02-15 18:29 - 2016-11-11 10:24 - 00159744 _____ (Microsoft Corporation) C:\WINDOWS\system32\ACPBackgroundManagerPolicy.dll
2017-02-15 18:29 - 2016-11-11 10:23 - 00409088 _____ (Microsoft Corporation) C:\WINDOWS\system32\NgcCtnr.dll
2017-02-15 18:29 - 2016-11-11 10:20 - 00641024 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngccredprov.dll
2017-02-15 18:29 - 2016-11-11 10:20 - 00590336 _____ (Microsoft Corporation) C:\WINDOWS\system32\efswrt.dll
2017-02-15 18:29 - 2016-11-11 10:20 - 00381952 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptngc.dll
2017-02-15 18:29 - 2016-11-11 10:20 - 00339456 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpusersvc.dll
2017-02-15 18:29 - 2016-11-11 10:19 - 00411648 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpsvc.dll
2017-02-15 18:29 - 2016-11-11 10:19 - 00366080 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFolder.dll
2017-02-15 18:29 - 2016-11-11 10:19 - 00320000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2017-02-15 18:29 - 2016-11-11 10:17 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProvSysprep.dll
2017-02-15 18:29 - 2016-11-11 10:16 - 00105984 _____ (Microsoft Corporation) C:\WINDOWS\system32\RjvMDMConfig.dll
2017-02-15 18:29 - 2016-11-11 10:12 - 00870912 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdtcprx.dll
2017-02-15 18:29 - 2016-11-11 10:09 - 01366016 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2017-02-15 18:29 - 2016-11-11 10:07 - 00991232 _____ (Microsoft Corporation) C:\WINDOWS\system32\comdlg32.dll
2017-02-15 18:29 - 2016-11-11 10:06 - 00960000 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2017-02-15 18:29 - 2016-11-11 10:05 - 02852864 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll
2017-02-15 18:29 - 2016-11-11 10:04 - 00691712 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsm.dll
2017-02-15 18:29 - 2016-11-11 10:02 - 03542016 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2017-02-15 18:29 - 2016-11-11 10:02 - 01726976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2017-02-15 18:29 - 2016-11-11 08:59 - 01572768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2017-02-15 18:29 - 2016-11-11 08:42 - 01123912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2017-02-15 18:29 - 2016-11-11 08:42 - 00952416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2017-02-15 18:29 - 2016-11-11 08:42 - 00374448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFPlay.dll
2017-02-15 18:29 - 2016-11-11 08:42 - 00091936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfaudiocnv.dll
2017-02-15 18:29 - 2016-11-11 08:41 - 00157536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudStorageWizard.exe
2017-02-15 18:29 - 2016-11-11 08:24 - 00519168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ngccredprov.dll
2017-02-15 18:29 - 2016-11-11 08:24 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BcastDVRHelper.dll
2017-02-15 18:29 - 2016-11-11 08:23 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppCapture.dll
2017-02-15 18:29 - 2016-11-11 08:22 - 00505856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcastdvr.exe
2017-02-15 18:29 - 2016-11-11 08:19 - 00114176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\setupugc.exe
2017-02-15 18:29 - 2016-11-11 08:15 - 00348672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\zipfldr.dll
2017-02-15 18:29 - 2016-11-11 08:15 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cryptngc.dll
2017-02-15 18:29 - 2016-11-11 08:10 - 00746496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msdtcprx.dll
2017-02-15 18:29 - 2016-11-11 08:09 - 00545280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmkvsrcsnk.dll
2017-02-15 18:29 - 2016-11-11 08:08 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xolehlp.dll
2017-02-15 18:29 - 2016-11-11 08:06 - 00359936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mtxclu.dll
2017-02-15 18:29 - 2016-11-11 08:05 - 04423680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll
2017-02-15 18:29 - 2016-11-11 08:04 - 01992704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2017-02-15 18:28 - 2016-12-21 09:04 - 07816032 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2017-02-15 18:28 - 2016-12-21 08:42 - 00241504 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHost.dll
2017-02-15 18:28 - 2016-12-21 08:37 - 00455520 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2017-02-15 18:28 - 2016-12-21 08:08 - 01292288 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVPXENC.dll
2017-02-15 18:28 - 2016-12-21 08:08 - 00349184 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2017-02-15 18:28 - 2016-12-21 07:53 - 01692672 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2017-02-15 18:28 - 2016-12-21 07:51 - 02275840 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2017-02-15 18:28 - 2016-12-21 05:24 - 05061120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2017-02-15 18:28 - 2016-12-21 05:24 - 03733504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_47.dll
2017-02-15 18:28 - 2016-12-21 05:24 - 00886272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2017-02-15 18:28 - 2016-12-21 05:22 - 00860672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2017-02-15 18:28 - 2016-12-14 06:18 - 00335712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2017-02-15 18:28 - 2016-12-14 06:08 - 00341344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2017-02-15 18:28 - 2016-12-14 06:06 - 00509792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2017-02-15 18:28 - 2016-12-14 05:45 - 00147968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32k.sys
2017-02-15 18:28 - 2016-12-14 05:40 - 00266752 _____ (Microsoft Corporation) C:\WINDOWS\system32\ConsoleLogon.dll
2017-02-15 18:28 - 2016-12-14 05:40 - 00104448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.UI.Logon.ProxyStub.dll
2017-02-15 18:28 - 2016-12-14 05:22 - 02998272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2017-02-15 18:28 - 2016-12-14 05:22 - 00707584 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2017-02-15 18:28 - 2016-12-09 11:34 - 01051112 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2017-02-15 18:28 - 2016-12-09 11:34 - 00894096 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2017-02-15 18:28 - 2016-12-09 11:33 - 01354320 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2017-02-15 18:28 - 2016-12-09 11:33 - 01173496 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2017-02-15 18:28 - 2016-12-09 11:01 - 02323728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10warp.dll
2017-02-15 18:28 - 2016-12-09 10:51 - 00117240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sspicli.dll
2017-02-15 18:28 - 2016-12-09 10:45 - 00040448 _____ (Microsoft Corporation) C:\WINDOWS\system32\WordBreakers.dll
2017-02-15 18:28 - 2016-12-09 10:22 - 02820096 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
2017-02-15 18:28 - 2016-12-09 10:20 - 03198464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll
2017-02-15 18:28 - 2016-12-09 10:19 - 00433664 _____ (Microsoft Corporation) C:\WINDOWS\system32\TextInputFramework.dll
2017-02-15 18:28 - 2016-12-09 10:19 - 00261120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll
2017-02-15 18:28 - 2016-12-09 10:19 - 00119296 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputLocaleManager.dll
2017-02-15 18:28 - 2016-12-09 10:19 - 00085504 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditBufferTestHook.dll
2017-02-15 18:28 - 2016-12-09 10:17 - 00566784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ShareHost.dll
2017-02-15 18:28 - 2016-11-11 11:15 - 00198856 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscapi.dll
2017-02-15 18:28 - 2016-11-11 10:56 - 00424616 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFPlay.dll
2017-02-15 18:28 - 2016-11-11 10:25 - 00151040 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsBtSvc.dll
2017-02-15 18:28 - 2016-11-11 10:25 - 00089600 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosStorage.dll
2017-02-15 18:28 - 2016-11-11 10:22 - 00082944 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshost.dll
2017-02-15 18:28 - 2016-11-11 10:21 - 00313856 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshostcore.dll
2017-02-15 18:28 - 2016-11-11 10:20 - 00446976 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapConfiguration.dll
2017-02-15 18:28 - 2016-11-11 10:17 - 01220096 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscui.cpl
2017-02-15 18:28 - 2016-11-11 10:16 - 00184832 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscsvc.dll
2017-02-15 18:28 - 2016-11-11 10:15 - 00282624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb10.sys
2017-02-15 18:28 - 2016-11-11 10:14 - 07654400 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2017-02-15 18:28 - 2016-11-11 10:13 - 07812096 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2017-02-15 18:28 - 2016-11-11 10:08 - 00539136 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToManager.dll
2017-02-15 18:28 - 2016-11-11 10:07 - 03441152 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapRouter.dll
2017-02-15 18:28 - 2016-11-11 10:07 - 02953216 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapGeocoder.dll
2017-02-15 18:28 - 2016-11-11 10:07 - 02510848 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2017-02-15 18:28 - 2016-11-11 10:05 - 01031680 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
2017-02-15 18:28 - 2016-11-11 10:03 - 04708864 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
2017-02-15 18:28 - 2016-11-11 10:03 - 00905216 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlCore.dll
2017-02-15 18:28 - 2016-11-11 09:01 - 00167848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscapi.dll
2017-02-15 18:28 - 2016-11-11 08:48 - 02277248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll
2017-02-15 18:28 - 2016-11-11 08:47 - 00527880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2017-02-15 18:28 - 2016-11-11 08:26 - 00030720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReAgentc.exe
2017-02-15 18:28 - 2016-11-11 08:19 - 01755136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DeviceFlows.DataModel.dll
2017-02-15 18:28 - 2016-11-11 08:19 - 00364544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupShim.dll
2017-02-15 18:28 - 2016-11-11 08:18 - 00431616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\efswrt.dll
2017-02-15 18:28 - 2016-11-11 08:17 - 00333312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActivationManager.dll
2017-02-15 18:28 - 2016-11-11 08:06 - 01228288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usercpl.dll
2017-02-15 18:28 - 2016-11-11 08:04 - 01595392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2017-02-15 18:28 - 2016-11-11 08:03 - 02256384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2017-02-15 18:27 - 2016-12-21 08:13 - 00119808 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCsp.dll
2017-02-15 18:27 - 2016-12-21 08:12 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProvPluginEng.dll
2017-02-15 18:27 - 2016-12-21 08:10 - 00234496 _____ (Microsoft Corporation) C:\WINDOWS\system32\KnobsCore.dll
2017-02-15 18:27 - 2016-12-14 05:32 - 00806400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3D12.dll
2017-02-15 18:27 - 2016-11-11 10:28 - 00040960 _____ (Microsoft Corporation) C:\WINDOWS\system32\CbtBackgroundManagerPolicy.dll
2017-02-15 18:27 - 2016-11-11 10:26 - 00042496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\modem.sys
2017-02-15 18:27 - 2016-11-11 10:15 - 00159232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscinterop.dll
2017-02-15 18:27 - 2016-11-11 10:14 - 00713216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2017-02-15 18:27 - 2016-11-11 10:13 - 00306176 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdtcuiu.dll
2017-02-15 18:27 - 2016-11-11 10:07 - 01060864 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpMapControl.dll
2017-02-15 18:27 - 2016-11-11 10:02 - 00936448 _____ (Microsoft Corporation) C:\WINDOWS\system32\NMAA.dll
2017-02-15 18:27 - 2016-11-11 08:27 - 00065024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetCfgNotifyObjectHost.exe
2017-02-15 18:27 - 2016-11-11 08:18 - 01196544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscui.cpl
2017-02-15 18:27 - 2016-11-11 08:18 - 00108544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscinterop.dll
2017-02-14 17:43 - 2017-02-19 18:51 - 00000000 ____D C:\Users\Baby\AppData\Local\ConnectedDevicesPlatform
2017-02-14 17:43 - 2017-02-14 17:43 - 00000020 ___SH C:\Users\Baby\ntuser.ini
2017-02-14 17:41 - 2017-02-14 17:41 - 00000000 _SHDL C:\Users\Default\Vorlagen
2017-02-14 17:41 - 2017-02-14 17:41 - 00000000 _SHDL C:\Users\Default\Startmenü
2017-02-14 17:41 - 2017-02-14 17:41 - 00000000 _SHDL C:\Users\Default\Netzwerkumgebung
2017-02-14 17:41 - 2017-02-14 17:41 - 00000000 _SHDL C:\Users\Default\Lokale Einstellungen
2017-02-14 17:41 - 2017-02-14 17:41 - 00000000 _SHDL C:\Users\Default\Eigene Dateien
2017-02-14 17:41 - 2017-02-14 17:41 - 00000000 _SHDL C:\Users\Default\Druckumgebung
2017-02-14 17:41 - 2017-02-14 17:41 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Videos
2017-02-14 17:41 - 2017-02-14 17:41 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Musik
2017-02-14 17:41 - 2017-02-14 17:41 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Bilder
2017-02-14 17:41 - 2017-02-14 17:41 - 00000000 _SHDL C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2017-02-14 17:41 - 2017-02-14 17:41 - 00000000 _SHDL C:\Users\Default\AppData\Local\Verlauf
2017-02-14 17:41 - 2017-02-14 17:41 - 00000000 _SHDL C:\Users\Default\AppData\Local\Anwendungsdaten
2017-02-14 17:41 - 2017-02-14 17:41 - 00000000 _SHDL C:\Users\Default\Anwendungsdaten
2017-02-14 17:41 - 2017-02-14 17:41 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Videos
2017-02-14 17:41 - 2017-02-14 17:41 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Musik
2017-02-14 17:41 - 2017-02-14 17:41 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Bilder
2017-02-14 17:41 - 2017-02-14 17:41 - 00000000 _SHDL C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2017-02-14 17:41 - 2017-02-14 17:41 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Verlauf
2017-02-14 17:41 - 2017-02-14 17:41 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Anwendungsdaten
2017-02-14 17:40 - 2017-02-14 17:41 - 00007623 _____ C:\WINDOWS\diagwrn.xml
2017-02-14 17:40 - 2017-02-14 17:41 - 00007623 _____ C:\WINDOWS\diagerr.xml
2017-02-14 17:39 - 2017-02-14 17:39 - 00003310 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{80B2E059-914D-4AA0-B810-B7874A284424}
2017-02-14 17:39 - 2017-02-14 17:39 - 00002770 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task v2
2017-02-14 17:39 - 2017-02-14 17:39 - 00000000 ____D C:\WINDOWS\System32\Tasks\McAfee
2017-02-14 17:39 - 2017-02-14 17:39 - 00000000 ____D C:\WINDOWS\System32\Tasks\Lenovo
2017-02-14 17:39 - 2017-02-14 17:39 - 00000000 ____D C:\WINDOWS\System32\Tasks\CyberLink
2017-02-14 17:32 - 2017-02-14 17:32 - 00022960 _____ C:\WINDOWS\system32\emptyregdb.dat
2017-02-14 17:26 - 2017-02-14 17:26 - 00001576 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2017-02-14 17:26 - 2017-02-14 17:26 - 00000000 ____D C:\Users\Default\AppData\Local\AdvinstAnalytics
2017-02-14 17:26 - 2017-02-14 17:26 - 00000000 ____D C:\Users\Default User\AppData\Local\AdvinstAnalytics
2017-02-14 17:23 - 2017-02-14 17:27 - 00000000 ____D C:\WINDOWS\system32\config\bbimigrate
2017-02-14 17:22 - 2017-03-03 18:46 - 00000000 ____D C:\Users\Baby
2017-02-14 17:22 - 2017-02-14 17:22 - 00000000 _SHDL C:\Users\Baby\Vorlagen
2017-02-14 17:22 - 2017-02-14 17:22 - 00000000 _SHDL C:\Users\Baby\Startmenü
2017-02-14 17:22 - 2017-02-14 17:22 - 00000000 _SHDL C:\Users\Baby\Netzwerkumgebung
2017-02-14 17:22 - 2017-02-14 17:22 - 00000000 _SHDL C:\Users\Baby\Lokale Einstellungen
2017-02-14 17:22 - 2017-02-14 17:22 - 00000000 _SHDL C:\Users\Baby\Eigene Dateien
2017-02-14 17:22 - 2017-02-14 17:22 - 00000000 _SHDL C:\Users\Baby\Druckumgebung
2017-02-14 17:22 - 2017-02-14 17:22 - 00000000 _SHDL C:\Users\Baby\Documents\Eigene Videos
2017-02-14 17:22 - 2017-02-14 17:22 - 00000000 _SHDL C:\Users\Baby\Documents\Eigene Musik
2017-02-14 17:22 - 2017-02-14 17:22 - 00000000 _SHDL C:\Users\Baby\Documents\Eigene Bilder
2017-02-14 17:22 - 2017-02-14 17:22 - 00000000 _SHDL C:\Users\Baby\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2017-02-14 17:22 - 2017-02-14 17:22 - 00000000 _SHDL C:\Users\Baby\AppData\Local\Verlauf
2017-02-14 17:22 - 2017-02-14 17:22 - 00000000 _SHDL C:\Users\Baby\AppData\Local\Anwendungsdaten
2017-02-14 17:22 - 2017-02-14 17:22 - 00000000 _SHDL C:\Users\Baby\Anwendungsdaten
2017-02-14 17:18 - 2017-02-14 17:18 - 00000000 ____H C:\ProgramData\DP45977C.lfl
2017-02-14 17:18 - 2017-02-14 17:18 - 00000000 ____D C:\WINDOWS\SysWOW64\RTCOM
2017-02-14 17:18 - 2017-02-14 17:18 - 00000000 ____D C:\WINDOWS\system32\DAX2
2017-02-14 17:18 - 2017-02-14 17:18 - 00000000 ____D C:\Program Files\Realtek
2017-02-14 17:17 - 2017-03-04 21:26 - 00000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2017-02-14 17:17 - 2017-02-14 17:27 - 00000000 ____D C:\Program Files\Elantech
2017-02-14 17:17 - 2017-02-14 17:24 - 00000000 ____D C:\Program Files\Intel
2017-02-14 17:17 - 2017-02-14 17:17 - 00000200 _____ C:\WINDOWS\system32\{EC94D02F-D200-4428-9531-05AF7F9799CB}.bat
2017-02-14 17:17 - 2017-02-14 17:17 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_ETDSMBus_01011.Wdf
2017-02-14 17:17 - 2015-08-16 18:13 - 00086528 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.DLL
2017-02-14 17:17 - 2015-08-16 18:13 - 00082432 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.DLL
2017-02-14 17:14 - 2017-02-14 17:42 - 00000000 ___DC C:\WINDOWS\Panther
2017-02-14 17:11 - 2017-02-14 17:11 - 00008192 _____ C:\WINDOWS\system32\config\userdiff
2017-02-14 17:09 - 2017-02-14 17:09 - 00000000 ____D C:\WINDOWS\SysWOW64\XPSViewer
2017-02-14 17:09 - 2017-02-14 17:09 - 00000000 ____D C:\Program Files\Reference Assemblies
2017-02-14 17:09 - 2017-02-14 17:09 - 00000000 ____D C:\Program Files\MSBuild
2017-02-14 17:09 - 2017-02-14 17:09 - 00000000 ____D C:\Program Files (x86)\Reference Assemblies
2017-02-14 17:09 - 2017-02-14 17:09 - 00000000 ____D C:\Program Files (x86)\MSBuild
2017-02-14 17:08 - 2016-05-25 14:31 - 01166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
2017-02-14 17:08 - 2016-05-25 14:31 - 00124624 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2017-02-14 17:08 - 2016-05-25 14:31 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2017-02-14 17:08 - 2016-05-25 11:03 - 00778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll
2017-02-14 17:08 - 2016-05-25 11:03 - 00103120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2017-02-14 17:08 - 2016-05-25 11:03 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2017-02-12 21:14 - 2017-02-12 21:14 - 00061781 _____ C:\Users\Baby\Downloads\31_031_01424_Bestätigung der Annahme ESt unbeschränkt (ESt 1 A) 2016_ElsterOnline2.pdf
2017-02-12 21:04 - 2017-02-12 21:05 - 00022072 _____ C:\Users\Baby\Downloads\steuerberechnung_2017-02-12-210443.pdf
2017-02-12 21:00 - 2017-02-12 21:00 - 00022068 _____ C:\Users\Baby\Downloads\steuerberechnung_2017-02-12-210042.pdf
2017-02-12 20:57 - 2017-02-12 20:57 - 00022071 _____ C:\Users\Baby\Downloads\steuerberechnung_2017-02-12-205749.pdf
2017-02-10 19:02 - 2017-02-10 19:02 - 00022075 _____ C:\Users\Baby\Downloads\steuerberechnung_2017-02-10-190244.pdf
2017-02-10 19:01 - 2017-02-10 19:01 - 00022094 _____ C:\Users\Baby\Downloads\steuerberechnung_2017-02-10-190109.pdf
2017-02-10 18:43 - 2017-02-10 18:43 - 00022759 _____ C:\Users\Baby\Downloads\steuerberechnung_2017-02-10-184311.pdf
2017-02-10 18:20 - 2017-02-10 18:20 - 00010495 _____ C:\Users\Baby\Downloads\Rene1896_elster_10.02.2017_18.20.pfx
2017-02-10 18:16 - 2017-02-10 18:16 - 00010495 _____ C:\Users\Baby\Downloads\VanyB91_elster_10.02.2017_18.15.pfx
2017-02-08 15:27 - 2017-03-02 19:09 - 00001309 _____ C:\Users\Public\Desktop\ElsterFormular.lnk
2017-02-08 15:27 - 2017-03-02 19:09 - 00000000 ____D C:\ProgramData\elsterformular
2017-02-08 15:27 - 2017-03-02 19:09 - 00000000 ____D C:\Program Files (x86)\ElsterFormular
2017-02-08 15:27 - 2017-02-08 15:27 - 00000000 ____D C:\Users\Baby\AppData\Roaming\elsterformular
2017-02-08 15:24 - 2017-02-08 15:26 - 67816592 _____ (Landesfinanzdirektion Thüringen) C:\Users\Baby\Downloads\ElsterFormularPrivat.exe
2017-02-03 16:50 - 2017-02-03 16:50 - 00000000 ____D C:\Users\Baby\AppData\Local\CEF
2017-02-03 16:48 - 2017-02-19 19:29 - 00000000 ____D C:\Program Files (x86)\IObit
2017-02-03 16:48 - 2017-02-03 17:04 - 00000000 ____D C:\ProgramData\Avg
2017-02-03 16:48 - 2017-02-03 17:03 - 00000000 ____D C:\Users\Baby\AppData\Local\AvgSetupLog
2017-02-03 16:48 - 2017-02-03 16:49 - 00000000 ____D C:\Users\Baby\AppData\Roaming\IObit
2017-02-03 16:48 - 2017-02-03 16:49 - 00000000 ____D C:\ProgramData\IObit
2017-02-03 16:48 - 2017-02-03 16:48 - 00000000 ____D C:\WINDOWS\Tasks\ImCleanDisabled
2017-02-03 16:48 - 2017-02-03 16:48 - 00000000 ____D C:\Users\Baby\AppData\Local\Avg
2017-02-03 16:48 - 2017-02-03 16:48 - 00000000 ____D C:\ProgramData\{FD6F83C0-EC70-4581-8361-C70CD1AA4B98}

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2017-03-04 23:20 - 2016-11-20 13:32 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2017-03-04 22:29 - 2017-01-13 15:24 - 00000000 ____D C:\ProgramData\Kaspersky Lab
2017-03-04 21:34 - 2016-11-20 22:42 - 01691388 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-03-04 21:34 - 2016-11-20 22:00 - 00618624 _____ C:\WINDOWS\system32\perfh007.dat
2017-03-04 21:34 - 2016-11-20 22:00 - 00122570 _____ C:\WINDOWS\system32\perfc007.dat
2017-03-04 21:32 - 2017-01-13 14:58 - 00046448 _____ C:\WINDOWS\system32\InstallUtil.InstallLog
2017-03-04 21:27 - 2017-01-12 16:03 - 00000000 ___RD C:\Users\Baby\OneDrive
2017-03-04 21:26 - 2017-01-12 16:00 - 00000000 __SHD C:\Users\Baby\IntelGraphicsProfiles
2017-03-04 21:26 - 2016-11-20 22:32 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-03-04 21:26 - 2016-07-16 07:04 - 00524288 _____ C:\WINDOWS\system32\config\BBI
2017-03-04 19:19 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\Macromed
2017-03-03 18:41 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\AppReadiness
2017-03-02 20:59 - 2016-07-16 12:45 - 00000000 ____D C:\WINDOWS\INF
2017-03-02 16:57 - 2016-07-16 12:47 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2017-03-02 16:56 - 2016-10-19 00:32 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2017-03-02 16:45 - 2016-07-16 12:47 - 00000000 ___HD C:\Program Files\WindowsApps
2017-02-28 19:50 - 2016-11-20 13:32 - 00357328 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2017-02-26 15:24 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\rescache
2017-02-26 10:58 - 2017-01-12 20:00 - 00000000 ____D C:\WINDOWS\system32\MRT
2017-02-26 10:57 - 2017-01-12 20:00 - 138020592 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-02-26 10:57 - 2016-07-16 12:36 - 00000000 ____D C:\WINDOWS\CbsTemp
2017-02-23 21:20 - 2017-01-12 16:03 - 00002387 _____ C:\Users\Baby\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2017-02-20 20:45 - 2016-07-16 12:47 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2017-02-20 20:17 - 2017-01-12 16:00 - 00000000 ____D C:\Users\Baby\AppData\Local\Packages
2017-02-19 18:50 - 2016-11-20 22:46 - 00000000 __RHD C:\Users\Public\AccountPictures
2017-02-17 20:03 - 2016-07-16 12:47 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2017-02-17 20:03 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\SysWOW64\oobe
2017-02-17 20:03 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2017-02-17 20:03 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\oobe
2017-02-17 20:03 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\ShellExperiences
2017-02-17 20:03 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\Provisioning
2017-02-17 20:03 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\bcastdvr
2017-02-17 20:03 - 2016-07-16 07:04 - 00000000 ____D C:\WINDOWS\SysWOW64\Dism
2017-02-17 20:03 - 2016-07-16 07:04 - 00000000 ____D C:\WINDOWS\system32\Sysprep
2017-02-17 20:03 - 2016-07-16 07:04 - 00000000 ____D C:\WINDOWS\system32\Dism
2017-02-17 20:03 - 2016-07-16 07:04 - 00000000 ____D C:\WINDOWS\servicing
2017-02-15 17:48 - 2016-07-16 12:42 - 00180224 _____ (Microsoft Corporation) C:\WINDOWS\system32\enrollmentapi.dll
2017-02-15 17:39 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\appcompat
2017-02-14 17:49 - 2016-06-20 23:41 - 00057424 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klim6.sys
2017-02-14 17:41 - 2016-07-16 12:47 - 00000000 ____D C:\Program Files\Windows NT
2017-02-14 17:40 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\Registration
2017-02-14 17:39 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\WinBioDatabase
2017-02-14 17:39 - 2015-10-30 08:24 - 00000000 ____D C:\WINDOWS\system32\Tasks_Migrated
2017-02-14 17:31 - 2016-10-19 01:44 - 01442704 _____ C:\WINDOWS\SysWOW64\PerfStringBackup.INI
2017-02-14 17:31 - 2016-07-16 12:47 - 00000000 __RHD C:\Users\Public\Libraries
2017-02-14 17:27 - 2017-01-31 13:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Zylom
2017-02-14 17:27 - 2017-01-13 15:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Total Security
2017-02-14 17:27 - 2017-01-13 15:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Secure Connection
2017-02-14 17:27 - 2016-10-19 01:44 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
2017-02-14 17:27 - 2016-10-19 01:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Realtek
2017-02-14 17:27 - 2016-10-19 01:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dolby
2017-02-14 17:27 - 2016-10-19 00:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2016-Tools
2017-02-14 17:27 - 2016-10-19 00:31 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lenovo
2017-02-14 17:27 - 2016-07-16 07:04 - 00032768 _____ C:\WINDOWS\system32\config\ELAM
2017-02-14 17:26 - 2015-10-30 07:28 - 00000000 ____D C:\Users\Default.migrated
2017-02-14 17:24 - 2017-01-13 15:13 - 00000000 ____D C:\WINDOWS\SysWOW64\BestPractices
2017-02-14 17:24 - 2017-01-13 15:13 - 00000000 ____D C:\WINDOWS\system32\BestPractices
2017-02-14 17:24 - 2016-11-20 21:59 - 00000000 ____D C:\WINDOWS\SysWOW64\winrm
2017-02-14 17:24 - 2016-11-20 21:59 - 00000000 ____D C:\WINDOWS\SysWOW64\WCN
2017-02-14 17:24 - 2016-11-20 21:59 - 00000000 ____D C:\WINDOWS\SysWOW64\slmgr
2017-02-14 17:24 - 2016-11-20 21:59 - 00000000 ____D C:\WINDOWS\SysWOW64\Printing_Admin_Scripts
2017-02-14 17:24 - 2016-11-20 21:59 - 00000000 ____D C:\WINDOWS\system32\winrm
2017-02-14 17:24 - 2016-11-20 21:59 - 00000000 ____D C:\WINDOWS\system32\WCN
2017-02-14 17:24 - 2016-11-20 21:59 - 00000000 ____D C:\WINDOWS\system32\slmgr
2017-02-14 17:24 - 2016-11-20 21:59 - 00000000 ____D C:\WINDOWS\system32\Printing_Admin_Scripts
2017-02-14 17:24 - 2016-10-19 01:47 - 00000000 ___HD C:\WINDOWS\system32\WLANProfiles
2017-02-14 17:24 - 2016-07-16 12:47 - 00000000 ___SD C:\WINDOWS\SysWOW64\F12
2017-02-14 17:24 - 2016-07-16 12:47 - 00000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs
2017-02-14 17:24 - 2016-07-16 12:47 - 00000000 ___SD C:\WINDOWS\system32\F12
2017-02-14 17:24 - 2016-07-16 12:47 - 00000000 ___SD C:\WINDOWS\system32\dsc
2017-02-14 17:24 - 2016-07-16 12:47 - 00000000 ___SD C:\WINDOWS\system32\DiagSvcs
2017-02-14 17:24 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2017-02-14 17:24 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\NDF
2017-02-14 17:24 - 2016-07-16 12:47 - 00000000 ____D C:\Program Files\Windows Photo Viewer
2017-02-14 17:24 - 2016-07-16 12:47 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2017-02-14 17:17 - 2016-10-19 01:41 - 00000000 ___HD C:\Intel
2017-02-14 17:14 - 2016-07-16 12:47 - 00028672 _____ C:\WINDOWS\system32\config\BCD-Template
2017-02-14 17:09 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\SysWOW64\MUI
2017-02-14 17:09 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\MUI
2017-02-06 20:48 - 2016-07-16 12:49 - 00835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2017-02-06 20:48 - 2016-07-16 12:49 - 00177656 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2017-02-03 17:06 - 2017-01-25 19:00 - 00000000 ____D C:\ProgramData\install_backup
2017-02-03 17:06 - 2016-10-19 00:45 - 00000000 ____D C:\ProgramData\SUPPORTDIR
2017-02-03 17:06 - 2016-10-19 00:43 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2017-02-03 17:06 - 2016-10-19 00:31 - 00000000 ____D C:\Program Files (x86)\Lenovo
2017-02-03 17:05 - 2016-10-19 00:47 - 00000000 ____D C:\ProgramData\CyberLink

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2010-06-02 05:21 - 2010-06-02 05:21 - 1347354 _____ () C:\Program Files\Apr2005_d3dx9_25_x64.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 1078962 _____ () C:\Program Files\Apr2005_d3dx9_25_x86.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 1397830 _____ () C:\Program Files\Apr2006_d3dx9_30_x64.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 1115221 _____ () C:\Program Files\Apr2006_d3dx9_30_x86.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 0916430 _____ () C:\Program Files\Apr2006_MDX1_x86.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 4162630 _____ () C:\Program Files\Apr2006_MDX1_x86_Archive.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 0179133 _____ () C:\Program Files\Apr2006_XACT_x64.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 0133103 _____ () C:\Program Files\Apr2006_XACT_x86.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 0087101 _____ () C:\Program Files\Apr2006_xinput_x64.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 0046010 _____ () C:\Program Files\Apr2006_xinput_x86.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 0698612 _____ () C:\Program Files\APR2007_d3dx10_33_x64.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 0695865 _____ () C:\Program Files\APR2007_d3dx10_33_x86.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 1607358 _____ () C:\Program Files\APR2007_d3dx9_33_x64.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 1606039 _____ () C:\Program Files\APR2007_d3dx9_33_x86.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 0195766 _____ () C:\Program Files\APR2007_XACT_x64.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 0151225 _____ () C:\Program Files\APR2007_XACT_x86.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 0096817 _____ () C:\Program Files\APR2007_xinput_x64.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 0053302 _____ () C:\Program Files\APR2007_xinput_x86.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 1350542 _____ () C:\Program Files\Aug2005_d3dx9_27_x64.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 1077644 _____ () C:\Program Files\Aug2005_d3dx9_27_x86.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 0182903 _____ () C:\Program Files\AUG2006_XACT_x64.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 0137235 _____ () C:\Program Files\AUG2006_XACT_x86.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 0087142 _____ () C:\Program Files\AUG2006_xinput_x64.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 0046058 _____ () C:\Program Files\AUG2006_xinput_x86.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 0852286 _____ () C:\Program Files\AUG2007_d3dx10_35_x64.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 0796867 _____ () C:\Program Files\AUG2007_d3dx10_35_x86.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 1800160 _____ () C:\Program Files\AUG2007_d3dx9_35_x64.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 1708152 _____ () C:\Program Files\AUG2007_d3dx9_35_x86.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 0198096 _____ () C:\Program Files\AUG2007_XACT_x64.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 0153012 _____ () C:\Program Files\AUG2007_XACT_x86.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 0867612 _____ () C:\Program Files\Aug2008_d3dx10_39_x64.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 0849167 _____ () C:\Program Files\Aug2008_d3dx10_39_x86.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 1794084 _____ () C:\Program Files\Aug2008_d3dx9_39_x64.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 1464672 _____ () C:\Program Files\Aug2008_d3dx9_39_x86.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 0121772 _____ () C:\Program Files\Aug2008_XACT_x64.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 0092996 _____ () C:\Program Files\Aug2008_XACT_x86.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 0271412 _____ () C:\Program Files\Aug2008_XAudio_x64.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 0271038 _____ () C:\Program Files\Aug2008_XAudio_x86.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 0919044 _____ () C:\Program Files\Aug2009_D3DCompiler_42_x64.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 0900598 _____ () C:\Program Files\Aug2009_D3DCompiler_42_x86.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 3112111 _____ () C:\Program Files\Aug2009_d3dcsx_42_x64.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 3319740 _____ () C:\Program Files\Aug2009_d3dcsx_42_x86.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 0232635 _____ () C:\Program Files\Aug2009_d3dx10_42_x64.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 0192131 _____ () C:\Program Files\Aug2009_d3dx10_42_x86.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 0136301 _____ () C:\Program Files\Aug2009_d3dx11_42_x64.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 0105044 _____ () C:\Program Files\Aug2009_d3dx11_42_x86.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 0930116 _____ () C:\Program Files\Aug2009_d3dx9_42_x64.cab
2010-06-02 05:21 - 2010-06-02 05:21 - 0728456 _____ () C:\Program Files\Aug2009_d3dx9_42_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0122408 _____ () C:\Program Files\Aug2009_XACT_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0093106 _____ () C:\Program Files\Aug2009_XACT_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0273264 _____ () C:\Program Files\Aug2009_XAudio_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0272642 _____ () C:\Program Files\Aug2009_XAudio_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 1357976 _____ () C:\Program Files\Dec2005_d3dx9_28_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 1079456 _____ () C:\Program Files\Dec2005_d3dx9_28_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0212807 _____ () C:\Program Files\DEC2006_d3dx10_00_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0191720 _____ () C:\Program Files\DEC2006_d3dx10_00_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 1571154 _____ () C:\Program Files\DEC2006_d3dx9_32_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 1574376 _____ () C:\Program Files\DEC2006_d3dx9_32_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0192475 _____ () C:\Program Files\DEC2006_XACT_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0145599 _____ () C:\Program Files\DEC2006_XACT_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0089944 _____ (Microsoft Corporation) C:\Program Files\DSETUP.dll
2010-06-02 05:22 - 2010-06-02 05:22 - 1801048 _____ () C:\Program Files\dsetup32.dll
2010-06-02 05:22 - 2010-06-02 05:22 - 0042410 _____ () C:\Program Files\dxdllreg_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0537432 _____ () C:\Program Files\DXSETUP.exe
2010-06-02 05:22 - 2010-06-02 05:22 - 0094011 _____ () C:\Program Files\dxupdate.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 1247499 _____ () C:\Program Files\Feb2005_d3dx9_24_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 1013225 _____ () C:\Program Files\Feb2005_d3dx9_24_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 1362796 _____ () C:\Program Files\Feb2006_d3dx9_29_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 1084720 _____ () C:\Program Files\Feb2006_d3dx9_29_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0178359 _____ () C:\Program Files\Feb2006_XACT_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0132409 _____ () C:\Program Files\Feb2006_XACT_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0194675 _____ () C:\Program Files\FEB2007_XACT_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0147983 _____ () C:\Program Files\FEB2007_XACT_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0054678 _____ () C:\Program Files\Feb2010_X3DAudio_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0020713 _____ () C:\Program Files\Feb2010_X3DAudio_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0122446 _____ () C:\Program Files\Feb2010_XACT_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0093180 _____ () C:\Program Files\Feb2010_XACT_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0276960 _____ () C:\Program Files\Feb2010_XAudio_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0277191 _____ () C:\Program Files\Feb2010_XAudio_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 1336002 _____ () C:\Program Files\Jun2005_d3dx9_26_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 1064925 _____ () C:\Program Files\Jun2005_d3dx9_26_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0180785 _____ () C:\Program Files\JUN2006_XACT_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0133671 _____ () C:\Program Files\JUN2006_XACT_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0699044 _____ () C:\Program Files\JUN2007_d3dx10_34_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0698472 _____ () C:\Program Files\JUN2007_d3dx10_34_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 1607774 _____ () C:\Program Files\JUN2007_d3dx9_34_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 1607286 _____ () C:\Program Files\JUN2007_d3dx9_34_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0197122 _____ () C:\Program Files\JUN2007_XACT_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0152909 _____ () C:\Program Files\JUN2007_XACT_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0867828 _____ () C:\Program Files\JUN2008_d3dx10_38_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0849919 _____ () C:\Program Files\JUN2008_d3dx10_38_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 1792608 _____ () C:\Program Files\JUN2008_d3dx9_38_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 1463878 _____ () C:\Program Files\JUN2008_d3dx9_38_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0055154 _____ () C:\Program Files\JUN2008_X3DAudio_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0021905 _____ () C:\Program Files\JUN2008_X3DAudio_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0121054 _____ () C:\Program Files\JUN2008_XACT_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0093128 _____ () C:\Program Files\JUN2008_XACT_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0269628 _____ () C:\Program Files\JUN2008_XAudio_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0269024 _____ () C:\Program Files\JUN2008_XAudio_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0944460 _____ () C:\Program Files\Jun2010_D3DCompiler_43_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0931471 _____ () C:\Program Files\Jun2010_D3DCompiler_43_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0752783 _____ () C:\Program Files\Jun2010_d3dcsx_43_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0762188 _____ () C:\Program Files\Jun2010_d3dcsx_43_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0235955 _____ () C:\Program Files\Jun2010_d3dx10_43_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0197283 _____ () C:\Program Files\Jun2010_d3dx10_43_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0138205 _____ () C:\Program Files\Jun2010_d3dx11_43_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0109445 _____ () C:\Program Files\Jun2010_d3dx11_43_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0937246 _____ () C:\Program Files\Jun2010_d3dx9_43_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0768036 _____ () C:\Program Files\Jun2010_d3dx9_43_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0124596 _____ () C:\Program Files\Jun2010_XACT_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0093686 _____ () C:\Program Files\Jun2010_XACT_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0277338 _____ () C:\Program Files\Jun2010_XAudio_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0278060 _____ () C:\Program Files\Jun2010_XAudio_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0844884 _____ () C:\Program Files\Mar2008_d3dx10_37_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0818260 _____ () C:\Program Files\Mar2008_d3dx10_37_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 1769862 _____ () C:\Program Files\Mar2008_d3dx9_37_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 1443282 _____ () C:\Program Files\Mar2008_d3dx9_37_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0055058 _____ () C:\Program Files\Mar2008_X3DAudio_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0021867 _____ () C:\Program Files\Mar2008_X3DAudio_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0122336 _____ () C:\Program Files\Mar2008_XACT_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0093734 _____ () C:\Program Files\Mar2008_XACT_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0251194 _____ () C:\Program Files\Mar2008_XAudio_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0226250 _____ () C:\Program Files\Mar2008_XAudio_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 1067160 _____ () C:\Program Files\Mar2009_d3dx10_41_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 1040745 _____ () C:\Program Files\Mar2009_d3dx10_41_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 1973702 _____ () C:\Program Files\Mar2009_d3dx9_41_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 1612446 _____ () C:\Program Files\Mar2009_d3dx9_41_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0054600 _____ () C:\Program Files\Mar2009_X3DAudio_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0021298 _____ () C:\Program Files\Mar2009_X3DAudio_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0121506 _____ () C:\Program Files\Mar2009_XACT_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0092740 _____ () C:\Program Files\Mar2009_XACT_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0275044 _____ () C:\Program Files\Mar2009_XAudio_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0273018 _____ () C:\Program Files\Mar2009_XAudio_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0864600 _____ () C:\Program Files\Nov2007_d3dx10_36_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0803884 _____ () C:\Program Files\Nov2007_d3dx10_36_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 1802058 _____ () C:\Program Files\Nov2007_d3dx9_36_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 1709360 _____ () C:\Program Files\Nov2007_d3dx9_36_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0046144 _____ () C:\Program Files\NOV2007_X3DAudio_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0018496 _____ () C:\Program Files\NOV2007_X3DAudio_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0196762 _____ () C:\Program Files\NOV2007_XACT_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0148264 _____ () C:\Program Files\NOV2007_XACT_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0994154 _____ () C:\Program Files\Nov2008_d3dx10_40_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0965421 _____ () C:\Program Files\Nov2008_d3dx10_40_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 1906878 _____ () C:\Program Files\Nov2008_d3dx9_40_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 1550796 _____ () C:\Program Files\Nov2008_d3dx9_40_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0054522 _____ () C:\Program Files\Nov2008_X3DAudio_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0021851 _____ () C:\Program Files\Nov2008_X3DAudio_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0121794 _____ () C:\Program Files\Nov2008_XACT_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0092684 _____ () C:\Program Files\Nov2008_XACT_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0273960 _____ () C:\Program Files\Nov2008_XAudio_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0272611 _____ () C:\Program Files\Nov2008_XAudio_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0086037 _____ () C:\Program Files\Oct2005_xinput_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0045359 _____ () C:\Program Files\Oct2005_xinput_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 1412902 _____ () C:\Program Files\OCT2006_d3dx9_31_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 1127217 _____ () C:\Program Files\OCT2006_d3dx9_31_x86.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0182361 _____ () C:\Program Files\OCT2006_XACT_x64.cab
2010-06-02 05:22 - 2010-06-02 05:22 - 0138017 _____ () C:\Program Files\OCT2006_XACT_x86.cab
2017-02-14 17:18 - 2017-02-14 17:18 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

==================== Bamital & volsnap ======================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert

LastRegBack: 2017-03-02 17:04

==================== Ende von FRST.txt ============================

Reen96 04.03.2017 23:36
Addition:

Code:
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 04-03-2017
durchgeführt von Baby (04-03-2017 23:34:08)
Gestartet von C:\Users\Baby\Desktop
Windows 10 Home Version 1607 (X64) (2017-02-14 16:42:20)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-217730058-1440262021-2186221569-500 - Administrator - Disabled)
Baby (S-1-5-21-217730058-1440262021-2186221569-1001 - Administrator - Enabled) => C:\Users\Baby
DefaultAccount (S-1-5-21-217730058-1440262021-2186221569-503 - Limited - Disabled)
Gast (S-1-5-21-217730058-1440262021-2186221569-501 - Limited - Disabled)

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Kaspersky Total Security (Enabled - Up to date) {86367591-4BE4-AE08-2FD9-7FCB8259CD98}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Disabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: Malwarebytes (Disabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Kaspersky Total Security (Enabled - Up to date) {3D579475-6DDE-A186-1569-44B9F9DE8725}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky Total Security (Enabled) {BE0DF4B4-018B-AF50-0486-D6FE7C8A8AE3}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

Benutzerhandbücher (x32 Version: 6.0.0.0 - Lenovo) Hidden
Big Fish: Game Manager (HKLM-x32\...\BFGC) (Version: 3.3.0.2 - )
Delicious - Emily's Christmas Carol Deluxe (HKLM-x32\...\59221808f4c2c0c992944c696bd81176) (Version:  - Zylom)
Dolby Digital Plus (HKLM\...\{D2CD7DCF-D129-4A54-8543-38BECC6CFDAE}) (Version: 7.6.7.1 - Dolby Laboratories Inc)
ElsterFormular (HKLM-x32\...\ElsterFormular) (Version: 18.1.22140 - Landesfinanzdirektion Thüringen)
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version:  - )
Genesys USB Mass Storage Device (HKLM-x32\...\{959B7F35-2819-40C5-A0CD-3C53B5FCC935}) (Version: 4.5.0.4.1001 - Genesys Logic)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.0.1158 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.15.4271 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 14.6.0.1029 - Intel Corporation)
Intel(R) Serial IO (HKLM\...\{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}) (Version: 1.1.253.0 - Intel Corporation)
Intel(R) Wireless Bluetooth(R) (HKLM-x32\...\{FD46588A-DB19-4C43-B657-EA898E280812}) (Version: 17.1.1524.1353 - Intel Corporation)
Intel® Chipsatz-Gerätesoftware (x32 Version: 10.1.1.8 - Intel(R) Corporation) Hidden
Intel® PROSet/Wireless Software (HKLM-x32\...\{4c8b7360-62a2-4339-b745-41323055d0bb}) (Version: 18.20.0 - Intel Corporation)
Intel® Security Assist (HKLM-x32\...\{4B230374-6475-4A73-BA6E-41015E9C5013}) (Version: 1.0.0.532 - Intel Corporation)
Kaspersky Secure Connection (HKLM-x32\...\InstallWIX_{1CF84962-50F8-48CA-9082-B70F3A02C686}) (Version: 17.0.0.611 - Kaspersky Lab)
Kaspersky Secure Connection (x32 Version: 17.0.0.611 - Kaspersky Lab) Hidden
Kaspersky Total Security (HKLM-x32\...\InstallWIX_{E27B1D7B-3B34-43A2-9FC0-9828D5DF46E2}) (Version: 17.0.0.611 - Kaspersky Lab)
Kaspersky Total Security (x32 Version: 17.0.0.611 - Kaspersky Lab) Hidden
Lenovo EasyCamera (HKLM-x32\...\{E399A5B3-ED53-4DEA-AF04-8011E1EB1EAC}) (Version: 6.3.9600.11103 - Realtek Semiconductor Corp.)
Lenovo OneKey Recovery (HKLM-x32\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 8.1.0.4706 - CyberLink Corp.)
Lenovo OneKey Recovery (Version: 8.1.0.4706 - CyberLink Corp.) Hidden
Lenovo pointing device (HKLM\...\Elantech) (Version: 11.4.78.5 - ELAN Microelectronic Corp.)
Lenovo Product Demo (HKLM-x32\...\{8EA60981-2735-458E-9F11-1E8813B278EA}) (Version: 2.0.5 - Lenovo)
Lenovo QuickOptimizer (HKLM\...\{8D2C871B-1B9F-45AC-9C43-2BB18089CDFA}) (Version: 1.0.019.00 - Lenovo)
Lenovo System Interface Foundation (HKLM\...\{C2E5CA37-C862-4A69-AC6D-24F450A20C16}) (Version: 1.0.070.04 - Lenovo)
LenovoUtility (HKLM-x32\...\InstallShield_{6ADA7E88-8D16-4D0D-BC90-2B93AC5E56DA}) (Version: 3.0.0.4 - Lenovo)
LenovoUtility (x32 Version: 3.0.0.4 - Lenovo) Hidden
Malwarebytes Version 3.0.6.1469 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.0.6.1469 - Malwarebytes)
Metric Collection SDK 35 (x32 Version: 1.2.0010.00 - Lenovo Group Limited) Hidden
Microsoft Office 365 - de-de (HKLM\...\O365HomePremRetail - de-de) (Version: 16.0.7766.2060 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-217730058-1440262021-2186221569-1001\...\OneDriveSetup.exe) (Version: 17.3.6798.0207 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50901.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Mozilla Firefox 51.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 51.0.1 (x86 de)) (Version: 51.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 51.0.1 - Mozilla)
Office 16 Click-to-Run Extensibility Component (x32 Version: 16.0.7766.2047 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (Version: 16.0.7766.2047 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (Version: 16.0.7766.2047 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (x32 Version: 16.0.7668.2066 - Microsoft Corporation) Hidden
Online Games Manager v1.50 (HKLM-x32\...\Online Games Manager) (Version: 1.50.4 - Real Networks, Inc.)
OpenOffice 4.1.3 (HKLM-x32\...\{8D5FCC56-BB9F-4122-923C-71753F50F6F5}) (Version: 4.13.9783 - Apache Software Foundation)
OpenOffice Updater (HKU\S-1-5-21-217730058-1440262021-2186221569-1001\...\OpenOffice Updater) (Version: 1.1.10 - OpenOffice)
REACHit (HKLM-x32\...\{4532E4C5-C84D-4040-A044-ECFCC5C6995B}) (Version: 2.1.0.11 - Lenovo)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.1.505.2015 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7606 - Realtek Semiconductor Corp.)
SHAREit (HKLM-x32\...\SHAREit_is1) (Version: 2.5.5.1 - Lenovo)
Sweet Home 3D version 5.4 (HKLM\...\Sweet Home 3D_is1) (Version: 5.4 - eTeks)
User Manuals (HKLM-x32\...\InstallShield_{7042D952-EE42-4C09-A23D-E7AE4D047007}) (Version: 6.0.0.0 - Lenovo)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-217730058-1440262021-2186221569-1001_Classes\CLSID\{cece6816-6107-4dc7-bdbc-20cd5ae1ffed}\localserver32 -> C:\ProgramData\Lenovo\ImController\Plugins\LenovoAppPromotionPlugin\x64\DesktopToastsHelper.exe (Lenovo Group Limited)

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {2A879CB0-6358-47FF-849D-92BA7DDC3DFB} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\1651d3e1-b901-4df7-bd34-79b69918d1f8 => powershell.exe -nologo -noninteractive "&amp; {New-Item -Path Registry::HKCU\Software\Lenovo\ImController\ScheduledTasks\1651d3e1-b901-4df7-bd34-79b69918d1f8 -type directory -force;$conter=Get-Date;$conter=$conter.ToUniversalTime();Set-ItemProperty -Path Registry::HKCU\Software\Lenovo\ImController\ScheduledTasks\1 (Der Dateneintrag hat 73 mehr Zeichen).
Task: {50090DAC-A4B1-4E45-8EED-9DDEA06F6FFE} - System32\Tasks\Lenovo\REACHit Agent Update => C:\Program Files (x86)\Lenovo\REACHit\webAgent.exe [2015-06-12] (Lenovo)
Task: {6206EF9F-F623-43E0-A461-F6E596A6EF36} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 35 => C:\Program Files (x86)\Lenovo\Customer Feedback Program 35\Lenovo.TVT.CustomerFeedback.Agent35.exe [2015-07-06] (Lenovo)
Task: {7418AF06-A5FA-400A-ACF3-296CEADA1260} - System32\Tasks\Lenovo\REACHit Agent Startup => C:\Program Files (x86)\Lenovo\REACHit\webAgent.exe [2015-06-12] (Lenovo)
Task: {7B3ADA49-45AC-411E-87DF-BEEC6F7BCFB0} - System32\Tasks\Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_WeeklyTask => reg.exe add hklm\SOFTWARE\Lenovo\SystemUpdatePlugin\scheduler  /v start /t reg_dword /d 1 /f /reg:32
Task: {87D481CA-9DE5-424B-8D12-BFC9C36EA954} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2017-02-18] (Microsoft Corporation)
Task: {CDAD8E01-DABA-40EF-878E-C336F86847B6} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance => Sc.exe START ImControllerService
Task: {FEBEB2EB-4782-4D76-AEA5-E8ABEC34F572} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2017-02-18] (Microsoft Corporation)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)


==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2016-07-16 12:42 - 2016-07-16 12:42 - 00231424 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2017-02-15 18:32 - 2016-12-09 11:29 - 02681200 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2017-03-04 19:07 - 2017-02-24 06:23 - 02264352 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\PoliciesControllerImpl.dll
2016-10-19 00:42 - 2015-08-19 03:59 - 00058296 _____ () C:\ProgramData\LenovoTransition\Server\x64\dptf.dll
2017-02-15 18:32 - 2016-12-09 11:29 - 02681200 _____ () C:\WINDOWS\SYSTEM32\CoreUIComponents.dll
2016-10-19 00:42 - 2015-12-02 09:24 - 00043960 _____ () C:\ProgramData\LenovoTransition\Server\x64\EnableAutoRotation.dll
2015-10-16 09:55 - 2015-08-16 18:13 - 00395880 _____ () C:\WINDOWS\system32\igfxTray.exe
2016-11-20 22:06 - 2016-11-20 22:06 - 00134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll
2017-02-15 18:30 - 2016-12-21 08:09 - 00474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll
2017-02-15 18:29 - 2016-12-21 07:54 - 09760768 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2017-02-15 18:29 - 2016-12-21 07:48 - 01401856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2017-02-15 18:29 - 2016-12-21 07:48 - 00757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll
2017-02-15 18:29 - 2016-12-21 07:48 - 01033216 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Actions.dll
2017-02-15 18:29 - 2016-12-21 07:48 - 02424320 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2017-02-15 18:29 - 2016-12-21 07:53 - 04853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2017-02-23 21:24 - 2017-02-23 21:26 - 00073728 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.11.110.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2017-02-23 21:24 - 2017-02-23 21:26 - 00179712 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.11.110.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2017-02-23 21:24 - 2017-02-24 15:40 - 42895360 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.11.110.0_x64__kzf8qxf38zg5c\SkyWrap.dll
2017-02-14 18:17 - 2017-02-14 18:18 - 02215424 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.11.110.0_x64__kzf8qxf38zg5c\roottools.dll
2016-10-19 00:43 - 2016-10-19 00:42 - 00791848 _____ () C:\Program Files\Lenovo\LenovoUtility\utility.exe
2016-10-19 00:43 - 2016-10-19 00:42 - 00097048 _____ () C:\Program Files\Lenovo\LenovoUtility\kbdhook.dll
2017-02-15 17:39 - 2017-02-15 17:39 - 03865088 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1702.312.0_x64__8wekyb3d8bbwe\Calculator.exe
2017-03-02 16:38 - 2017-03-02 16:45 - 00019456 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.214.10010.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
2017-03-02 16:38 - 2017-03-02 16:45 - 21149696 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.214.10010.0_x64__8wekyb3d8bbwe\Microsoft.Photos.dll
2017-03-02 16:38 - 2017-03-02 16:45 - 05380096 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.214.10010.0_x64__8wekyb3d8bbwe\MediaEngine.dll
2017-01-17 17:10 - 2017-01-17 17:11 - 00680448 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.214.10010.0_x64__8wekyb3d8bbwe\Microsoft.DesignCore.dll
2017-03-02 16:38 - 2017-03-02 16:45 - 00387584 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.214.10010.0_x64__8wekyb3d8bbwe\Microsoft.RichMedia.Ink.Controls.dll
2017-03-02 16:38 - 2017-03-02 16:45 - 01047552 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.214.10010.0_x64__8wekyb3d8bbwe\Microsoft.Sharing.dll
2017-01-17 17:10 - 2017-01-17 17:11 - 00291328 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.214.10010.0_x64__8wekyb3d8bbwe\StoreRatingPromotion.dll
2016-06-28 00:19 - 2016-06-28 00:19 - 00865232 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\kpcengine.2.3.dll
2015-07-10 22:37 - 2015-07-10 22:37 - 01243936 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)


==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2015-10-30 08:24 - 2015-10-30 08:21 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-217730058-1440262021-2186221569-1001\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\theme1\img1.jpg
DNS Servers: 192.168.2.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==


==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Wiederherstellungspunkte =========================

04-03-2017 19:24:14 JRT Pre-Junkware Removal

==================== Fehlerhafte Geräte im Gerätemanager =============


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (03/04/2017 11:25:54 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Users\Baby\Desktop\esetsmartinstaller_deu.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.447_none_42191651c6827bb3.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.447_none_89c64d28dafea4b9.manifest.

Error: (03/04/2017 11:22:49 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.447_none_42191651c6827bb3.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.447_none_89c64d28dafea4b9.manifest.

Error: (03/04/2017 11:21:27 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.447_none_42191651c6827bb3.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.447_none_89c64d28dafea4b9.manifest.

Error: (03/04/2017 11:21:04 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "c:\program files (x86)\eset\eset online scanner\ESETSmartInstaller.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.447_none_42191651c6827bb3.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.447_none_89c64d28dafea4b9.manifest.

Error: (03/04/2017 09:32:24 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.447_none_42191651c6827bb3.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.447_none_89c64d28dafea4b9.manifest.

Error: (03/04/2017 09:31:57 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.447_none_42191651c6827bb3.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.447_none_89c64d28dafea4b9.manifest.

Error: (03/04/2017 09:31:17 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "c:\users\baby\desktop\esetsmartinstaller_deu.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.447_none_42191651c6827bb3.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.447_none_89c64d28dafea4b9.manifest.

Error: (03/04/2017 09:31:14 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Users\Baby\Desktop\esetsmartinstaller_deu.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.447_none_42191651c6827bb3.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.447_none_89c64d28dafea4b9.manifest.

Error: (03/04/2017 09:30:54 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Users\Baby\Desktop\esetsmartinstaller_deu.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.447_none_42191651c6827bb3.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.447_none_89c64d28dafea4b9.manifest.

Error: (03/04/2017 09:30:54 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\Users\Baby\Desktop\esetsmartinstaller_deu.exe". Fehler in Manifest- oder Richtliniendatei "" in Zeile .
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.447_none_42191651c6827bb3.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.14393.447_none_89c64d28dafea4b9.manifest.


Systemfehler:
=============
Error: (03/04/2017 09:35:40 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet:
Der Treiber konnte nicht geladen werden.

Error: (03/04/2017 09:35:40 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\Baby\AppData\Local\Temp\ehdrv.sys

Error: (03/04/2017 09:35:39 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet:
Der Treiber konnte nicht geladen werden.

Error: (03/04/2017 09:35:39 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\Baby\AppData\Local\Temp\ehdrv.sys

Error: (03/04/2017 09:35:39 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet:
Der Treiber konnte nicht geladen werden.

Error: (03/04/2017 09:35:39 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\Baby\AppData\Local\Temp\ehdrv.sys

Error: (03/04/2017 09:33:54 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet:
Der Treiber konnte nicht geladen werden.

Error: (03/04/2017 09:33:54 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\Baby\AppData\Local\Temp\ehdrv.sys

Error: (03/04/2017 09:33:53 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "eapihdrv" wurde aufgrund folgenden Fehlers nicht gestartet:
Der Treiber konnte nicht geladen werden.

Error: (03/04/2017 09:33:53 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\Baby\AppData\Local\Temp\ehdrv.sys


CodeIntegrity:
===================================
  Date: 2017-03-04 19:07:31.175
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.

  Date: 2017-03-04 19:07:31.164
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.

  Date: 2017-03-04 19:07:31.153
  Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.


==================== Speicherinformationen ===========================

Prozessor: Intel(R) Core(TM) i7-5500U CPU @ 2.40GHz
Prozentuale Nutzung des RAM: 41%
Installierter physikalischer RAM: 8097.92 MB
Verfügbarer physikalischer RAM: 4750.59 MB
Summe virtueller Speicher: 9377.92 MB
Verfügbarer virtueller Speicher: 5796.68 MB

==================== Laufwerke ================================

Drive c: (Windows) (Fixed) (Total:426.12 GB) (Free:392.45 GB) NTFS
Drive d: (LENOVO) (Fixed) (Total:25 GB) (Free:21.6 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 286089BB)

Partition: GPT.

==================== Ende von Addition.txt ============================
Momentan konnte ich noch keine Probleme mehr feststellen.

M-K-D-B 05.03.2017 09:52
Servus,




Zitat:
CHIP-Installer.exe
Bitte keinen Chip-Installer mehr verwenden! Bitte lesen: CHIP-Installer – was ist das?




Reste entfernen
Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument


Code:
start
CloseProcesses:
C:\Users\Baby\Downloads\*CHIP-Installer*.exe
EmptyTemp:
end

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
  • Starte nun FRST erneut und klicke den Entfernen Button.
  • Das Tool erstellt eine Fixlog.txt.
  • Poste mir deren Inhalt.



Die Fixlog von FRST gleich posten, da diese sonst mit DelFix (siehe weiter unten) automatisch entfernt wird!











Wenn du keine Probleme mehr mit Malware hast, dann sind wir hier fertig. Deine Logdateien sind sauber. :daumenhoc
Zum Schluss müssen wir noch ein paar abschließende Schritte unternehmen, um deinen Pc aufzuräumen und abzusichern.




http://deeprybka.trojaner-board.de/b...cleanupneu.png
Cleanup:
Alle Logs gepostet? Dann lade Dir bitte http://filepony.de/icon/tiny/delfix.pngDelFix herunter.
  • Schließe alle offenen Programme.
  • Starte die delfix.exe mit einem Doppelklick.
  • Setze vor jede Funktion ein Häkchen.
  • Klicke auf Start.
Hinweis:
DelFix entfernt u.a. alle verwendeten Programme, die Quarantäne unserer Scanner, den Java-Cache und löscht sich abschließend selbst.
Starte Deinen Rechner anschließend neu. Sollten jetzt noch Programme aus unserer Bereinigung übrig sein, kannst Du diese bedenkenlos löschen.




http://deeprybka.trojaner-board.de/b...ast/schild.png
Absicherung:
Beim Betriebsystem Windows die automatischen Updates aktivieren. Auch die sicherheitsrelevante Software sollte immer nur in der aktuellsten Version vorliegen:
Java
 Flash-Player
PDF-Reader

Sicherheitslücken in deren alten Versionen werden dazu ausgenutzt, um beim einfachen Besuch einer manipulierten Website per "Drive-by" Malware zu installieren.
Ich empfehle z.B. die Verwendung von Mozilla Firefox statt des Internet Explorers. Zudem lassen sich mit dem Firefox auch PDF-Dokumente öffnen.

Aktiviere eine Firewall. Die in Windows integrierte genügt im Normalfall völlig.




Sofern du noch unentschieden bist, verwende ein einziges der folgenden Antivirusprogramme mit Echtzeitscanner und stets aktueller Signaturendatenbank:

   
 

Microsoft Security Essentials (MSE) / Windows Defender (WD) ist ab Windows 8 fest eingebaut, wenn du also Windows 8, 8.1 oder 10 und dich für MSE/WD entschieden hast, brauchst du nicht extra MSE/WD zu installieren. Bei Windows 7 muss es aber manuell installiert oder über die Windows Updates als optionales Update bezogen werden. Selbstverständlich ist ein legales/aktiviertes Windows Voraussetzung dafür.




Zusätzlich kannst Du Deinen PC regelmäßig mit Malwarebytes Anti-Malware und ESET scannen.




Optional:
http://filepony.de/icon/adblock_firefox.pngAdblock Plus Kann Banner, Pop-ups, Videowerbung, Tracking und Malware-Seiten blockieren.
http://filepony.de/icon/noscript.png NoScript Verhindert das Ausführen von aktiven Inhalten (Java, JavaScript, Flash,...) für sämtliche Websites. Man kann aber nach dem Prinzip einer Whitelist festlegen, auf welchen Seiten Scripts erlaubt werden sollen.

Lade Software von einem sauberen Portal wie http://filepony.de/images/microbanner.gif.
Wähle beim Installieren von Software immer die benutzerdefinierte Option und entferne den Haken bei allen optional angebotenen Toolbars oder sonstigen, fürs Programm, irrelevanten Ergänzungen.
Um Adware wieder los zu werden, empfiehlt sich zunächst die Deinstallation sowie die anschließende Resteentfernung mit Adwcleaner .




Abschließend noch ein paar grundsätzliche Bemerkungen:
  • Ändere regelmäßig Deine wichtigen Online-Passwörter und erstelle regelmäßig Backups Deiner wichtigen Dateien oder des Systems.
  • Lade keine Software von Chip, Softonic oder SourceForge. Die dort angebotene Software wird häufig mit einem sog. "Installer" verteilt, mit dem man sich nur unerwünschte Software oder Adware installiert.
  • Der Nutzen von Registry-Cleanern, Optimizern usw. zur Performancesteigerung ist umstritten. Selbst Microsoft unterstützt sog. Registry-Cleaner nicht. Ich empfehle deshalb, die Finger von der Registry zu lassen und lieber die windowseigene Datenträgerbereinigung zu verwenden.




Wenn Du möchtest, kannst Du hier sagen, ob Du mit mir und meiner Hilfe zufrieden warst...:dankeschoen:und/oder das Forum mit einer kleinen Spende http://www.trojaner-board.de/extra/spende.png unterstützen. :applaus:

Hinweis: Bitte gib mir eine kurze Rückmeldung wenn alles erledigt ist und keine Fragen mehr vorhanden sind, so dass ich dieses Thema aus meinen Abos löschen kann.


Alle Zeitangaben in WEZ +1. Es ist jetzt 23:25 Uhr.
Seite 1 von 2 1 2
100 Beiträge dieses Themas auf einer Seite anzeigen

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131