Trojaner-Board
Seite 1 von 2 1 2
100 Beiträge dieses Themas auf einer Seite anzeigen

Trojaner-Board (https://www.trojaner-board.de/)
-   Plagegeister aller Art und deren Bekämpfung (https://www.trojaner-board.de/plagegeister-aller-art-deren-bekaempfung/)
-   -   Malwarebytes findet Adware.ChinAd (https://www.trojaner-board.de/184874-malwarebytes-findet-adware-chinad.html)

rwasser 22.03.2017 13:38
Malwarebytes findet Adware.ChinAd
 
Guten Tag ans Forum,

vorhin hat Malewarebytes diese Bedrohungen gefunden:
Adware.ChinAd (2 Dateien in einem Ordner [User/AppData/Local/Temp/DMR/]).

Daraufhin habe ich alles in die Quarantäne verschoben und anschließend gelöscht, wie Malwarebytes es anbietet.

Der fraglichen Ordner ist nun nicht mehr vorhanden, es sei denn, er wäre unsichtbar. Ist das Problem damit gelöst oder sollte ich weitere Schritte unternehmen?

Ich sollte vielleicht erwähnen, dass ich gestern zunächst - auf Anraten eines T-Mobile-Mitarbeiters Samsung Kies heruntergeladen habe, um eine Sicherung meines Smartphones zu machen. Bei der Installation hat MB aber schon gemeckert und PUP.Optional.DownloadSposnor gefunden, ebenfalls in der Quarantäne, aber dort noch nicht gelöscht. Es betrifft dasselbe Verzeichnis wie oben auch.

Dann habe ich recherchiert und Samsung Smart Switch heruntergeladen, ohne dass MB angesprungen ist (habe damit auch das Backup durchgeführt).

Ob es was damit überhaupt zu tun hat, kann ich natürlich nicht sagen, war aber die einzige "ungewöhnliche" Aktion, die ich gemacht habe.

Ich habe Windows 10 und MB Premium 3.0.6

PS: MB findet nun nichts mehr (auch nicht nach Neustart) und Kasperky auch nicht.

Es grüßt der Rüdiger

cosinus 23.03.2017 19:12
Sinnigerweise sind die Logs zu posten wenn es Funde gibt, die du thematisierst. Nacherzählungen sind da eher unbeliebt :rofl:

Lesestoff:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR oder 7Z-Archiv zu packen erschwert mir massiv die Arbeit.
Auch wenn die Logs für einen Beitrag zu groß sein sollten, bitte ich dich die Logs direkt und notfalls über mehrere Beiträge verteilt zu posten.
Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
  • Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
  • Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
  • Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
  • Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.
http://www.trojaner-board.de/picture...&pictureid=307

rwasser 24.03.2017 10:56
Tut mir leid, ich bin ja nicht so oft hier.
Ich hoffe, ich konnte das jetzt korrekt machen, beim Editor fehlt mir die Menüleiste, deswegen habe ich die Zeilen "CODE" selbst eingegeben.

Der Rüdiger

Code:
Malwarebytes
www.malwarebytes.com

-Protokolldetails-
Scan-Datum: 22.03.17
Scan-Zeit: 11:55
Protokolldatei: Logfile.txt
Administrator: Ja


-Softwaredaten-
Version: 3.0.6.1469
Komponentenversion: 1.0.75
Version des Aktualisierungspakets: 1.0.1567
Lizenz: Premium

-Systemdaten-
Betriebssystem: Windows 10
CPU: x64
Dateisystem: NTFS
Benutzer: System

-Scan-Übersicht-
Scan-Typ: Bedrohungs-Scan
Ergebnis: Abgeschlossen
Gescannte Objekte: 558754
Abgelaufene Zeit: 3 Min., 58 Sek.

-Scan-Optionen-
Speicher: Aktiviert
Start: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

-Scan-Details-
Prozess: 0
(keine bösartigen Elemente erkannt)

Modul: 0
(keine bösartigen Elemente erkannt)

Registrierungsschlüssel: 0
(keine bösartigen Elemente erkannt)

Registrierungswert: 0
(keine bösartigen Elemente erkannt)

Registrierungsdaten: 0
(keine bösartigen Elemente erkannt)

Daten-Stream: 0
(keine bösartigen Elemente erkannt)

Ordner: 1
Adware.ChinAd, C:\USERS\MARTIN_2\APPDATA\LOCAL\TEMP\DMR, In Quarantäne, [1420], [375557],1.0.1567

Datei: 2
Adware.ChinAd, C:\USERS\MARTIN_2\APPDATA\LOCAL\TEMP\DMR\XEGXOTIUSTIYJSPQ.DAT, In Quarantäne, [1420], [375557],1.0.1567
Adware.ChinAd, C:\Users\Martin_2\AppData\Local\Temp\DMR\thknecsmndggtcrr.dat, In Quarantäne, [1420], [375557],1.0.1567

Physischer Sektor: 0
(keine bösartigen Elemente erkannt)


(end)

cosinus 24.03.2017 11:09
da wurde ja nur was in in %tmp% gefunden :rofl:


Scan mit Farbar's Recovery Scan Tool (FRST)

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)




Lesestoff:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR oder 7Z-Archiv zu packen erschwert mir massiv die Arbeit.
Auch wenn die Logs für einen Beitrag zu groß sein sollten, bitte ich dich die Logs direkt und notfalls über mehrere Beiträge verteilt zu posten.
Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
  • Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
  • Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
  • Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
  • Klicke auf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.
http://www.trojaner-board.de/picture...&pictureid=307

rwasser 24.03.2017 12:07
Code:

Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 15-03-2017
durchgeführt von Martin (Administrator) auf HOME-PC (24-03-2017 11:31:26)
Gestartet von C:\Users\Martin_2\Downloads
Geladene Profile: Martin & Rwasser (Verfügbare Profile: Martin & Rwasser & Bärbel)
Platform: Windows 10 Home Version 1607 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Edge)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
() C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\avp.exe
() C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\psia.exe
(DEVGURU Co., LTD.) C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\avpui.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.32.7\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.32.7\GoogleCrashHandler64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Geek Software GmbH) C:\Program Files (x86)\PDF24\pdf24.exe
(CANON INC.) C:\Program Files (x86)\Canon\Quick Toolbox\cnqtbapp.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\psi_tray.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\sua.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 1.0\ksde.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 1.0\ksdeui.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
() C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.214.10010.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.17012.10301.0_x64__8wekyb3d8bbwe\Video.UI.exe
(Farbar) C:\Users\Martin_2\Downloads\FRST64(1).exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Farbar) C:\Users\Martin_2\Downloads\FRST64(1).exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe

==================== Registry (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7203032 2013-10-22] (Realtek Semiconductor)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2013-08-07] (Intel Corporation)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2234144 2014-02-05] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [500208 2010-03-06] (Adobe Systems Incorporated)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [176440 2016-09-09] (Apple Inc.)
HKLM\...\Run: [Malwarebytes TrayApp] => C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe [2780112 2017-01-20] (Malwarebytes)
HKLM-x32\...\Run: [ISUSPM Startup] => C:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe [221184 2006-08-25] (Macrovision Corporation)
HKLM-x32\...\Run: [ISUSScheduler] => C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe [81920 2006-08-25] (Macrovision Corporation)
HKLM-x32\...\Run: [AdobeCS5ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [402432 2010-07-22] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [PDFPrint] => C:\Program Files (x86)\PDF24\pdf24.exe [189480 2014-02-06] (Geek Software GmbH)
HKLM-x32\...\Run: [CanonQuickToolbox] => C:\Program Files (x86)\Canon\Quick Toolbox\cnqtbapp.exe [1854544 2014-05-13] (CANON INC.)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-10-02] (Apple Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2016-12-12] (Oracle Corporation)
HKU\S-1-5-21-1714761304-533778531-3308288475-1001\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [67384 2016-09-09] (Apple Inc.)
HKU\S-1-5-21-1714761304-533778531-3308288475-1001\...\RunOnce: [Uninstall C:\Users\Martin\AppData\Local\Microsoft\OneDrive\17.3.6386.0412\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Martin\AppData\Local\Microsoft\OneDrive\17.3.6386.0412\amd64"
HKU\S-1-5-21-1714761304-533778531-3308288475-1001\...\RunOnce: [Uninstall C:\Users\Martin\AppData\Local\Microsoft\OneDrive\17.3.6386.0412] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Martin\AppData\Local\Microsoft\OneDrive\17.3.6386.0412"
HKU\S-1-5-21-1714761304-533778531-3308288475-1003\...\RunOnce: [Uninstall C:\Users\Martin_2\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Martin_2\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64"
ShellIconOverlayIdentifiers: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer64.dll [2014-04-05] (IvoSoft)
ShellIconOverlayIdentifiers-x32: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer32.dll [2014-04-05] (IvoSoft)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\PHOTOfunSTUDIO 9.3 PE.lnk [2016-02-18]
ShortcutTarget: PHOTOfunSTUDIO 9.3 PE.lnk -> C:\Program Files (x86)\Common Files\Panasonic\PHOTOfunSTUDIO AutoStart\AutoStartupService.exe (Panasonic Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Secunia PSI Tray.lnk [2014-03-20]
ShortcutTarget: Secunia PSI Tray.lnk -> C:\Program Files (x86)\Secunia\PSI\psi_tray.exe (Secunia)
Startup: C:\Users\Martin_2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\JL Seaside Calendar.lnk [2017-01-04]
ShortcutTarget: JL Seaside Calendar.lnk -> C:\Program Files (x86)\JL Seaside Calendar\JL Seaside Calendar.exe (Keine Datei)

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 192.168.2.1 192.168.2.1
Tcpip\..\Interfaces\{9e488231-23b4-42c1-92e7-356bd892bd18}: [DhcpNameServer] 192.168.2.1 192.168.2.1
Tcpip\..\Interfaces\{e5d41687-117d-4ba6-b6b3-f7e6efef78d1}: [DhcpNameServer] 8.8.8.8 8.8.4.4

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-1714761304-533778531-3308288475-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://t.de.msn.com/
HKU\S-1-5-21-1714761304-533778531-3308288475-1003\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-1714761304-533778531-3308288475-1003\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/de-de/?ocid=iehp
BHO: Kaspersky Protection -> {2E38825B-8815-42CF-9126-C58BC28D4591} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\x64\IEExt\ie_plugin.dll [2016-12-08] (AO Kaspersky Lab)
BHO: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll [2015-02-23] (CANON INC.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Kaspersky Protection -> {2E38825B-8815-42CF-9126-C58BC28D4591} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\IEExt\ie_plugin.dll [2016-12-08] (AO Kaspersky Lab)
BHO-x32: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll [2015-02-23] (CANON INC.)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\ssv.dll [2017-01-21] (Oracle Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\jp2ssv.dll [2017-01-21] (Oracle Corporation)
Toolbar: HKLM - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2015-02-23] (CANON INC.)
Toolbar: HKLM - Kaspersky Protection Toolbar - {093F479D-712E-46CD-9E06-62E734A05F68} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\x64\IEExt\ie_plugin.dll [2016-12-08] (AO Kaspersky Lab)
Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll [2015-02-23] (CANON INC.)
Toolbar: HKLM-x32 - Kaspersky Protection Toolbar - {093F479D-712E-46CD-9E06-62E734A05F68} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\IEExt\ie_plugin.dll [2016-12-08] (AO Kaspersky Lab)

FireFox:
========
FF DefaultProfile: ptzvh2ag.default
FF ProfilePath: C:\ProgramData\Kaspersky Lab\SafeBrowser\S-1-5-21-1714761304-533778531-3308288475-1001\FireFox [nicht gefunden]
FF ProfilePath: C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\ptzvh2ag.default [2017-03-20]
FF Homepage: Mozilla\Firefox\Profiles\ptzvh2ag.default -> about:home
FF Extension: (Cliqz Beta) - C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\ptzvh2ag.default\Extensions\cliqz@cliqz.com.xpi [2015-02-13] [ist nicht signiert]
FF Extension: (NoScript) - C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\ptzvh2ag.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2015-10-05]
FF Extension: (WOT) - C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\ptzvh2ag.default\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} [2014-03-12] [ist nicht signiert]
FF Extension: (Adblock Plus) - C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\ptzvh2ag.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2017-03-20]
FF SearchPlugin: C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\ptzvh2ag.default\searchplugins\google-images.xml [2014-12-17]
FF SearchPlugin: C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\ptzvh2ag.default\searchplugins\google-maps.xml [2014-12-17]
FF HKLM\...\Firefox\Extensions: [light_plugin_F6F079488B53499DB99380A7E11A93F6@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\FFExt\light_plugin_firefox\addon.xpi
FF Extension: (Kaspersky Protection) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\FFExt\light_plugin_firefox\addon.xpi [2016-12-08]
FF HKLM-x32\...\Firefox\Extensions: [light_plugin_F6F079488B53499DB99380A7E11A93F6@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\FFExt\light_plugin_firefox\addon.xpi
FF HKU\S-1-5-21-1714761304-533778531-3308288475-1001\...\Firefox\Extensions: [cliqz@cliqz.com] - C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\ptzvh2ag.default\extensions\cliqz@cliqz.com => nicht gefunden
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_25_0_0_127.dll [2017-03-15] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50905.0\npctrl.dll [2017-02-10] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWoW64\Macromed\Flash\NPSWF32_25_0_0_127.dll [2017-03-15] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\WINDOWS\SysWOW64\Adobe\Director\np32dsw_1225195.dll [2016-09-20] (Adobe Systems, Inc.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-09-16] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-09-16] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.121.2 -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\dtplugin\npDeployJava1.dll [2017-01-21] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.121.2 -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\plugin2\npjp2.dll [2017-01-21] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50905.0\npctrl.dll [2017-02-10] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2016-12-29] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2016-12-29] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-17] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-17] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-12-23] (Adobe Systems Inc.)

Chrome:
=======
CHR HKLM\...\Chrome\Extension: [fhoibnponjcgjgcnfacekaijdbbplhib] - hxxps://chrome.google.com/webstore/detail/fhoibnponjcgjgcnfacekaijdbbplhib
CHR HKLM-x32\...\Chrome\Extension: [fhoibnponjcgjgcnfacekaijdbbplhib] - hxxps://chrome.google.com/webstore/detail/fhoibnponjcgjgcnfacekaijdbbplhib

==================== Dienste (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2016-08-05] (Apple Inc.)
R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe [936728 2013-05-07] ()
R2 AVP17.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\avp.exe [241544 2016-06-28] (AO Kaspersky Lab)
S3 ElfoService; C:\Program Files (x86)\ElsterFormular Update Service\bin\ElfoService.exe [1283376 2017-02-13] ()
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-08-07] (Intel Corporation)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [69632 2005-11-14] (Macrovision Corporation) [Datei ist nicht signiert]
R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [84616 2013-06-28] ()
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [Datei ist nicht signiert]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-16] (Intel Corporation)
S3 klvssbrigde64; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\x64\vssbridge64.exe [77328 2016-06-28] (AO Kaspersky Lab)
R2 KSDE1.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 1.0\ksde.exe [241544 2016-06-28] (AO Kaspersky Lab)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [4355024 2017-01-20] (Malwarebytes)
R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [458176 2016-12-29] (NVIDIA Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1593632 2014-02-05] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [16941856 2014-02-05] (NVIDIA Corporation)
R2 Secunia PSI Agent; C:\Program Files (x86)\Secunia\PSI\PSIA.exe [1229528 2013-12-06] (Secunia)
R2 Secunia Update Agent; C:\Program Files (x86)\Secunia\PSI\sua.exe [662232 2013-12-06] (Secunia)
R2 ss_conn_service; C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [752224 2017-01-16] (DEVGURU Co., LTD.)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [Datei ist nicht signiert]
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347328 2016-07-16] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103712 2017-03-04] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ======================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2012-08-22] ()
R0 cm_km; C:\WINDOWS\System32\DRIVERS\cm_km.sys [238936 2016-06-10] (AO Kaspersky Lab)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131712 2017-01-16] (Samsung Electronics Co., Ltd.)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [77408 2017-02-24] ()
R0 kl1; C:\WINDOWS\System32\DRIVERS\kl1.sys [554416 2016-06-02] (AO Kaspersky Lab)
R0 klbackupdisk; C:\WINDOWS\System32\DRIVERS\klbackupdisk.sys [63920 2016-06-07] (AO Kaspersky Lab)
R1 klbackupflt; C:\WINDOWS\System32\DRIVERS\klbackupflt.sys [86352 2016-06-15] (AO Kaspersky Lab)
R2 kldisk; C:\WINDOWS\system32\DRIVERS\kldisk.sys [78216 2016-05-31] (AO Kaspersky Lab)
S0 klelam; C:\WINDOWS\System32\DRIVERS\klelam.sys [28792 2016-03-31] (AO Kaspersky Lab)
R3 klflt; C:\WINDOWS\system32\DRIVERS\klflt.sys [196376 2017-03-15] (AO Kaspersky Lab)
R1 klhk; C:\WINDOWS\System32\drivers\klhk.sys [435032 2016-11-04] (AO Kaspersky Lab)
R3 klids; C:\ProgramData\Kaspersky Lab\AVP17.0.0\Bases\klids.sys [182360 2017-03-15] (AO Kaspersky Lab)
R1 KLIF; C:\WINDOWS\System32\DRIVERS\klif.sys [1017624 2017-03-15] (AO Kaspersky Lab)
R1 KLIM6; C:\WINDOWS\system32\DRIVERS\klim6.sys [57424 2016-12-08] (AO Kaspersky Lab)
R3 klkbdflt; C:\WINDOWS\system32\DRIVERS\klkbdflt.sys [52136 2016-05-19] (AO Kaspersky Lab)
R3 klmouflt; C:\WINDOWS\system32\DRIVERS\klmouflt.sys [41656 2015-06-07] (Kaspersky Lab ZAO)
R1 klpd; C:\WINDOWS\System32\DRIVERS\klpd.sys [45488 2016-05-31] (AO Kaspersky Lab)
R3 kltap; C:\WINDOWS\System32\drivers\kltap.sys [52152 2016-06-07] (The OpenVPN Project)
R0 klupd_klif_arkmon; C:\WINDOWS\System32\Drivers\klupd_klif_arkmon.sys [218920 2016-12-09] (AO Kaspersky Lab)
R3 klupd_klif_kimul; C:\WINDOWS\System32\Drivers\klupd_klif_kimul.sys [87584 2017-03-06] (AO Kaspersky Lab)
R3 klupd_klif_klark; C:\WINDOWS\System32\Drivers\klupd_klif_klark.sys [245512 2016-12-09] (AO Kaspersky Lab)
R0 klupd_klif_klbg; C:\WINDOWS\System32\Drivers\klupd_klif_klbg.sys [104720 2016-12-09] (AO Kaspersky Lab)
R3 klupd_klif_mark; C:\WINDOWS\System32\Drivers\klupd_klif_mark.sys [164888 2016-12-09] (AO Kaspersky Lab)
R1 klwfp; C:\WINDOWS\system32\DRIVERS\klwfp.sys [85320 2016-06-18] (AO Kaspersky Lab)
R1 Klwtp; C:\WINDOWS\system32\DRIVERS\klwtp.sys [136416 2017-03-15] (AO Kaspersky Lab)
R1 kneps; C:\WINDOWS\system32\DRIVERS\kneps.sys [199392 2017-03-15] (AO Kaspersky Lab)
R2 MBAMChameleon; C:\WINDOWS\system32\drivers\MBAMChameleon.sys [186304 2017-03-24] (Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\system32\drivers\farflt.sys [111544 2017-03-24] (Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\drivers\mbam.sys [43968 2017-03-24] (Malwarebytes)
R0 MBAMSwissArmy; C:\WINDOWS\System32\drivers\MBAMSwissArmy.sys [251840 2017-03-24] (Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\drivers\mwac.sys [92088 2017-03-24] (Malwarebytes)
R3 MEIx64; C:\WINDOWS\system32\DRIVERS\TeeDriverx64.sys [99288 2013-09-16] (Intel Corporation)
S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispiwu.inf_amd64_b67dc924fff8de6d\nvlddmkm.sys [14199224 2017-01-04] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [39200 2013-12-27] (NVIDIA Corporation)
R3 PSI; C:\WINDOWS\System32\DRIVERS\psi_mf_amd64.sys [18456 2013-12-06] (Secunia)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [165504 2017-01-16] (Samsung Electronics Co., Ltd.)
S1 VBoxNetAdp; C:\WINDOWS\system32\DRIVERS\VBoxNetAdp6.sys [117768 2015-12-18] (Oracle Corporation)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)
U3 aspnet_state; kein ImagePath
S3 MWAC; \??\C:\WINDOWS\system32\drivers\ [X]

rwasser 24.03.2017 12:08
Hier kommt Teil 2
Code:

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2017-03-24 11:17 - 2017-03-24 11:31 - 00000000 ____D C:\FRST
2017-03-24 11:17 - 2017-03-24 11:17 - 02424832 _____ (Farbar) C:\Users\Martin_2\Downloads\FRST64(1).exe
2017-03-21 13:35 - 2017-03-21 13:35 - 00000000 ____D C:\Users\Martin_2\Documents\Samsung
2017-03-21 13:32 - 2017-03-21 13:32 - 00002200 _____ C:\Users\Public\Desktop\Smart Switch.lnk
2017-03-21 13:32 - 2017-03-21 13:32 - 00000000 ____D C:\Users\Public\Documents\NativeFus_Log
2017-03-21 13:32 - 2017-03-21 13:32 - 00000000 ____D C:\Users\Martin_2\AppData\Roaming\Samsung
2017-03-21 13:32 - 2017-03-21 13:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung
2017-03-21 13:32 - 2017-01-16 07:26 - 00165504 _____ (Samsung Electronics Co., Ltd.) C:\WINDOWS\system32\Drivers\ssudmdm.sys
2017-03-21 13:32 - 2017-01-16 07:26 - 00131712 _____ (Samsung Electronics Co., Ltd.) C:\WINDOWS\system32\Drivers\ssudbus.sys
2017-03-21 13:31 - 2017-03-21 13:35 - 00000000 ____D C:\ProgramData\Samsung
2017-03-21 13:31 - 2017-03-21 13:32 - 00000000 ____D C:\Program Files (x86)\Samsung
2017-03-21 13:31 - 2017-03-21 13:31 - 00000000 ____D C:\Users\Martin\AppData\Roaming\Samsung
2017-03-21 13:31 - 2016-12-09 09:04 - 00144664 _____ (MAPILab Ltd. & Add-in Express Ltd.) C:\WINDOWS\SysWOW64\secman.dll
2017-03-21 13:29 - 2017-03-21 13:30 - 39612584 _____ (Samsung Electronics) C:\Users\Martin_2\Downloads\Smart_Switch_pc_setup.exe
2017-03-21 13:19 - 2017-03-21 13:20 - 01496584 _____ C:\Users\Martin_2\Downloads\Samsung Kies - CHIP-Installer.exe
2017-03-20 11:15 - 2017-03-20 11:16 - 00000000 ____D C:\Users\Martin\AppData\LocalLow\Mozilla
2017-03-20 11:07 - 2017-03-24 10:29 - 00092088 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2017-03-20 11:07 - 2017-03-24 10:28 - 00186304 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMChameleon.sys
2017-03-20 11:07 - 2017-03-24 10:28 - 00111544 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2017-03-20 11:07 - 2017-03-24 10:28 - 00043968 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2017-03-20 11:07 - 2017-03-20 11:07 - 00001916 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2017-03-20 11:07 - 2017-03-20 11:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2017-03-20 11:07 - 2017-03-20 11:07 - 00000000 ____D C:\Program Files\Malwarebytes
2017-03-20 11:07 - 2017-02-24 06:23 - 00077408 _____ C:\WINDOWS\system32\Drivers\mbae64.sys
2017-03-15 18:07 - 2017-03-04 07:53 - 05722320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2017-03-15 18:07 - 2017-03-04 07:47 - 06667528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2017-03-15 18:07 - 2017-03-04 07:36 - 05685760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2017-03-15 18:07 - 2017-03-04 07:20 - 13873664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2017-03-15 18:07 - 2017-03-04 07:10 - 03307008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2017-03-15 18:07 - 2017-03-04 07:07 - 02643456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2017-03-15 18:07 - 2017-03-04 07:06 - 06109184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll
2017-03-15 18:07 - 2017-03-04 07:06 - 05380608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2017-03-15 18:07 - 2017-03-04 07:00 - 02483200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2017-03-15 18:06 - 2017-03-04 08:57 - 00484584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2017-03-15 18:06 - 2017-03-04 08:57 - 00315744 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2017-03-15 18:06 - 2017-03-04 08:40 - 00965472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReAgent.dll
2017-03-15 18:06 - 2017-03-04 08:26 - 00794416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Shell.Broker.dll
2017-03-15 18:06 - 2017-03-04 08:24 - 02482280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2017-03-15 18:06 - 2017-03-04 08:24 - 02186896 _____ (Microsoft Corporation) C:\WINDOWS\system32\hevcdecoder.dll
2017-03-15 18:06 - 2017-03-04 08:24 - 00108384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys
2017-03-15 18:06 - 2017-03-04 08:24 - 00090976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\IPMIDrv.sys
2017-03-15 18:06 - 2017-03-04 08:23 - 02512304 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVDECOD.DLL
2017-03-15 18:06 - 2017-03-04 08:22 - 02213760 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2017-03-15 18:06 - 2017-03-04 08:19 - 02049480 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpmde.dll
2017-03-15 18:06 - 2017-03-04 08:18 - 01181024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2017-03-15 18:06 - 2017-03-04 08:18 - 00118624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tdx.sys
2017-03-15 18:06 - 2017-03-04 08:17 - 00409952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2017-03-15 18:06 - 2017-03-04 08:15 - 01000280 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2017-03-15 18:06 - 2017-03-04 08:10 - 00360040 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2017-03-15 18:06 - 2017-03-04 08:09 - 07220696 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2017-03-15 18:06 - 2017-03-04 08:09 - 02206496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
2017-03-15 18:06 - 2017-03-04 08:09 - 01969912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hevcdecoder.dll
2017-03-15 18:06 - 2017-03-04 08:09 - 01860288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2017-03-15 18:06 - 2017-03-04 08:09 - 01293152 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2017-03-15 18:06 - 2017-03-04 08:09 - 00857440 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2017-03-15 18:06 - 2017-03-04 08:09 - 00527808 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWanAPI.dll
2017-03-15 18:06 - 2017-03-04 08:09 - 00497416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll
2017-03-15 18:06 - 2017-03-04 08:09 - 00396168 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanapi.dll
2017-03-15 18:06 - 2017-03-04 08:08 - 00130912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storahci.sys
2017-03-15 18:06 - 2017-03-04 08:07 - 00557400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2017-03-15 18:06 - 2017-03-04 08:06 - 01706488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2017-03-15 18:06 - 2017-03-04 08:04 - 08169536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2017-03-15 18:06 - 2017-03-04 08:04 - 02048496 _____ C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2017-03-15 18:06 - 2017-03-04 08:04 - 01362512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmpmde.dll
2017-03-15 18:06 - 2017-03-04 08:04 - 01063472 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfds.dll
2017-03-15 18:06 - 2017-03-04 08:03 - 22223968 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2017-03-15 18:06 - 2017-03-04 08:03 - 04260576 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2017-03-15 18:06 - 2017-03-04 08:03 - 01989072 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2017-03-15 18:06 - 2017-03-04 08:03 - 01848072 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsrcsnk.dll
2017-03-15 18:06 - 2017-03-04 08:03 - 01723560 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcMon.exe
2017-03-15 18:06 - 2017-03-04 08:03 - 01702392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
2017-03-15 18:06 - 2017-03-04 08:03 - 01473048 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2017-03-15 18:06 - 2017-03-04 08:03 - 01454512 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetsrc.dll
2017-03-15 18:06 - 2017-03-04 08:03 - 01301112 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2017-03-15 18:06 - 2017-03-04 08:03 - 01071736 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetcore.dll
2017-03-15 18:06 - 2017-03-04 08:03 - 01062480 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2017-03-15 18:06 - 2017-03-04 08:03 - 00811416 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFCaptureEngine.dll
2017-03-15 18:06 - 2017-03-04 08:03 - 00596040 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2017-03-15 18:06 - 2017-03-04 08:03 - 00443232 _____ (Microsoft Corporation) C:\WINDOWS\system32\MMDevAPI.dll
2017-03-15 18:06 - 2017-03-04 08:03 - 00382272 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppHost.exe
2017-03-15 18:06 - 2017-03-04 08:02 - 00184416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\IPHLPAPI.DLL
2017-03-15 18:06 - 2017-03-04 08:01 - 00137936 _____ (Microsoft Corporation) C:\WINDOWS\system32\AuthHost.exe
2017-03-15 18:06 - 2017-03-04 07:57 - 02536288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2017-03-15 18:06 - 2017-03-04 07:57 - 00387872 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpps.dll
2017-03-15 18:06 - 2017-03-04 07:56 - 00263472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Storage.ApplicationData.dll
2017-03-15 18:06 - 2017-03-04 07:56 - 00248992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\policymanager.dll
2017-03-15 18:06 - 2017-03-04 07:54 - 02277288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll
2017-03-15 18:06 - 2017-03-04 07:54 - 00524776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2017-03-15 18:06 - 2017-03-04 07:53 - 02256080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2017-03-15 18:06 - 2017-03-04 07:53 - 01431232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2017-03-15 18:06 - 2017-03-04 07:53 - 00975744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll
2017-03-15 18:06 - 2017-03-04 07:53 - 00861024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2017-03-15 18:06 - 2017-03-04 07:53 - 00781152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2017-03-15 18:06 - 2017-03-04 07:53 - 00493912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2017-03-15 18:06 - 2017-03-04 07:53 - 00313568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanapi.dll
2017-03-15 18:06 - 2017-03-04 07:53 - 00136032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudExperienceHostUser.dll
2017-03-15 18:06 - 2017-03-04 07:52 - 00549088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SHCore.dll
2017-03-15 18:06 - 2017-03-04 07:52 - 00272720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wintrust.dll
2017-03-15 18:06 - 2017-03-04 07:51 - 01980768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2017-03-15 18:06 - 2017-03-04 07:51 - 00576408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2017-03-15 18:06 - 2017-03-04 07:50 - 00846560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll
2017-03-15 18:06 - 2017-03-04 07:47 - 20969928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2017-03-15 18:06 - 2017-03-04 07:47 - 04023000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2017-03-15 18:06 - 2017-03-04 07:47 - 01853224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2017-03-15 18:06 - 2017-03-04 07:47 - 01557808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll
2017-03-15 18:06 - 2017-03-04 07:47 - 01360456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetsrc.dll
2017-03-15 18:06 - 2017-03-04 07:47 - 01344448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsrcsnk.dll
2017-03-15 18:06 - 2017-03-04 07:47 - 01277856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll
2017-03-15 18:06 - 2017-03-04 07:47 - 01202384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2017-03-15 18:06 - 2017-03-04 07:47 - 01123912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2017-03-15 18:06 - 2017-03-04 07:47 - 00981376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetcore.dll
2017-03-15 18:06 - 2017-03-04 07:47 - 00976184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfds.dll
2017-03-15 18:06 - 2017-03-04 07:47 - 00952416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2017-03-15 18:06 - 2017-03-04 07:47 - 00640976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\evr.dll
2017-03-15 18:06 - 2017-03-04 07:47 - 00530480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf.dll
2017-03-15 18:06 - 2017-03-04 07:47 - 00374448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFPlay.dll
2017-03-15 18:06 - 2017-03-04 07:47 - 00352760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MMDevAPI.dll
2017-03-15 18:06 - 2017-03-04 07:47 - 00034088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CompPkgSup.dll
2017-03-15 18:06 - 2017-03-04 07:46 - 04312248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2017-03-15 18:06 - 2017-03-04 07:46 - 00321792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppHost.exe
2017-03-15 18:06 - 2017-03-04 07:45 - 00173408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\basecsp.dll
2017-03-15 18:06 - 2017-03-04 07:45 - 00112120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gpapi.dll
2017-03-15 18:06 - 2017-03-04 07:42 - 01415240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2017-03-15 18:06 - 2017-03-04 07:42 - 01260784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2017-03-15 18:06 - 2017-03-04 07:42 - 00545944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2017-03-15 18:06 - 2017-03-04 07:42 - 00276832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\input.dll
2017-03-15 18:06 - 2017-03-04 07:40 - 00306800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.MediaControl.dll
2017-03-15 18:06 - 2017-03-04 07:39 - 00372736 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXTaskFactory.dll
2017-03-15 18:06 - 2017-03-04 07:36 - 00126976 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssitlb.dll
2017-03-15 18:06 - 2017-03-04 07:36 - 00119296 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTimeUtil.dll
2017-03-15 18:06 - 2017-03-04 07:36 - 00101888 _____ (Microsoft Corporation) C:\WINDOWS\system32\DuCsps.dll
2017-03-15 18:06 - 2017-03-04 07:36 - 00073728 _____ (Microsoft Corporation) C:\WINDOWS\system32\usoapi.dll
2017-03-15 18:06 - 2017-03-04 07:35 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\system32\musdialoghandlers.dll
2017-03-15 18:06 - 2017-03-04 07:34 - 00258560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\xboxgip.sys
2017-03-15 18:06 - 2017-03-04 07:34 - 00237568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.Diagnostics.dll
2017-03-15 18:06 - 2017-03-04 07:34 - 00226304 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2017-03-15 18:06 - 2017-03-04 07:34 - 00123904 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2017-03-15 18:06 - 2017-03-04 07:34 - 00085504 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2017-03-15 18:06 - 2017-03-04 07:34 - 00047104 _____ (Microsoft Corporation) C:\WINDOWS\system32\wfdprov.dll
2017-03-15 18:06 - 2017-03-04 07:33 - 00295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\unimdm.tsp
2017-03-15 18:06 - 2017-03-04 07:33 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Gaming.UI.GameBar.dll
2017-03-15 18:06 - 2017-03-04 07:33 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\netiougc.exe
2017-03-15 18:06 - 2017-03-04 07:32 - 00263680 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExSMime.dll
2017-03-15 18:06 - 2017-03-04 07:32 - 00193536 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinRtTracing.dll
2017-03-15 18:06 - 2017-03-04 07:32 - 00179712 _____ (Microsoft Corporation) C:\WINDOWS\system32\MCCSEngineShared.dll
2017-03-15 18:06 - 2017-03-04 07:32 - 00113664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.ServiceDiscovery.Dnssd.dll
2017-03-15 18:06 - 2017-03-04 07:31 - 00467968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Gaming.XboxLive.Storage.dll
2017-03-15 18:06 - 2017-03-04 07:31 - 00322048 _____ (Microsoft Corporation) C:\WINDOWS\system32\accountaccessor.dll
2017-03-15 18:06 - 2017-03-04 07:31 - 00149504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Core.dll
2017-03-15 18:06 - 2017-03-04 07:30 - 01631232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Resources.dll
2017-03-15 18:06 - 2017-03-04 07:30 - 00535552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nwifi.sys
2017-03-15 18:06 - 2017-03-04 07:30 - 00418304 _____ C:\WINDOWS\system32\Windows.Perception.Stub.dll
2017-03-15 18:06 - 2017-03-04 07:30 - 00206336 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFilterHost.exe
2017-03-15 18:06 - 2017-03-04 07:30 - 00127488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Credentials.UI.UserConsentVerifier.dll
2017-03-15 18:06 - 2017-03-04 07:30 - 00120320 _____ (Microsoft Corporation) C:\WINDOWS\system32\DafPrintProvider.dll
2017-03-15 18:06 - 2017-03-04 07:30 - 00095232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTimeUtil.dll
2017-03-15 18:06 - 2017-03-04 07:30 - 00052224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpipreg.sys
2017-03-15 18:06 - 2017-03-04 07:30 - 00051712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usoapi.dll
2017-03-15 18:06 - 2017-03-04 07:30 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LaunchWinApp.exe
2017-03-15 18:06 - 2017-03-04 07:30 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\odbcconf.dll
2017-03-15 18:06 - 2017-03-04 07:29 - 01291264 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVPXENC.dll
2017-03-15 18:06 - 2017-03-04 07:29 - 00730112 _____ (Microsoft Corporation) C:\WINDOWS\system32\nshwfp.dll
2017-03-15 18:06 - 2017-03-04 07:29 - 00249856 _____ (Microsoft Corporation) C:\WINDOWS\system32\cemapi.dll
2017-03-15 18:06 - 2017-03-04 07:29 - 00235008 _____ (Microsoft Corporation) C:\WINDOWS\system32\tapi32.dll
2017-03-15 18:06 - 2017-03-04 07:29 - 00203264 _____ (Microsoft Corporation) C:\WINDOWS\system32\PimIndexMaintenance.dll
2017-03-15 18:06 - 2017-03-04 07:29 - 00126464 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblGameSaveExt.dll
2017-03-15 18:06 - 2017-03-04 07:29 - 00112640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssitlb.dll
2017-03-15 18:06 - 2017-03-04 07:29 - 00091648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctfp.dll
2017-03-15 18:06 - 2017-03-04 07:29 - 00082944 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshost.dll
2017-03-15 18:06 - 2017-03-04 07:29 - 00039424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XInputUap.dll
2017-03-15 18:06 - 2017-03-04 07:29 - 00019968 _____ C:\WINDOWS\SysWOW64\GamePanelExternalHook.dll
2017-03-15 18:06 - 2017-03-04 07:28 - 01507840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.FaceAnalysis.dll
2017-03-15 18:06 - 2017-03-04 07:28 - 00741888 _____ (Microsoft Corporation) C:\WINDOWS\system32\internetmail.dll
2017-03-15 18:06 - 2017-03-04 07:28 - 00556544 _____ (Microsoft Corporation) C:\WINDOWS\system32\iprtrmgr.dll
2017-03-15 18:06 - 2017-03-04 07:28 - 00462848 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansec.dll
2017-03-15 18:06 - 2017-03-04 07:28 - 00390144 _____ (Microsoft Corporation) C:\WINDOWS\system32\Search.ProtocolHandler.MAPI2.dll
2017-03-15 18:06 - 2017-03-04 07:28 - 00224256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExSMime.dll
2017-03-15 18:06 - 2017-03-04 07:28 - 00216576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Scanners.dll
2017-03-15 18:06 - 2017-03-04 07:27 - 06574592 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanmm.dll
2017-03-15 18:06 - 2017-03-04 07:27 - 00778752 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssvp.dll
2017-03-15 18:06 - 2017-03-04 07:27 - 00719872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdiWiFi.sys
2017-03-15 18:06 - 2017-03-04 07:27 - 00590336 _____ (Microsoft Corporation) C:\WINDOWS\system32\efswrt.dll
2017-03-15 18:06 - 2017-03-04 07:27 - 00549376 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2017-03-15 18:06 - 2017-03-04 07:27 - 00456192 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiobj.dll
2017-03-15 18:06 - 2017-03-04 07:27 - 00446976 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapConfiguration.dll
2017-03-15 18:06 - 2017-03-04 07:27 - 00358912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.dll
2017-03-15 18:06 - 2017-03-04 07:27 - 00349184 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2017-03-15 18:06 - 2017-03-04 07:27 - 00292864 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2017-03-15 18:06 - 2017-03-04 07:27 - 00275968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\accountaccessor.dll
2017-03-15 18:06 - 2017-03-04 07:27 - 00252416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Identity.Provider.dll
2017-03-15 18:06 - 2017-03-04 07:27 - 00200192 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiapi.dll
2017-03-15 18:06 - 2017-03-04 07:27 - 00141824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Radios.dll
2017-03-15 18:06 - 2017-03-04 07:27 - 00055296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\findnetprinters.dll
2017-03-15 18:06 - 2017-03-04 07:27 - 00045056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ddrawex.dll
2017-03-15 18:06 - 2017-03-04 07:26 - 00631296 _____ (Microsoft Corporation) C:\WINDOWS\system32\WlanMediaManager.dll
2017-03-15 18:06 - 2017-03-04 07:26 - 00561664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Wallet.dll
2017-03-15 18:06 - 2017-03-04 07:26 - 00468992 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanconn.dll
2017-03-15 18:06 - 2017-03-04 07:26 - 00409600 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanui.dll
2017-03-15 18:06 - 2017-03-04 07:26 - 00383488 _____ (Microsoft Corporation) C:\WINDOWS\system32\DavSyncProvider.dll
2017-03-15 18:06 - 2017-03-04 07:26 - 00366080 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFolder.dll
2017-03-15 18:06 - 2017-03-04 07:26 - 00307200 _____ (Microsoft Corporation) C:\WINDOWS\system32\PrintDialogs3D.dll
2017-03-15 18:06 - 2017-03-04 07:26 - 00177664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.Diagnostics.dll
2017-03-15 18:06 - 2017-03-04 07:26 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDeviceRegistration.dll
2017-03-15 18:06 - 2017-03-04 07:26 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BcastDVRHelper.dll
2017-03-15 18:06 - 2017-03-04 07:26 - 00147456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VCardParser.dll
2017-03-15 18:06 - 2017-03-04 07:26 - 00138240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DisplayManager.dll
2017-03-15 18:06 - 2017-03-04 07:26 - 00123904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.HostName.dll
2017-03-15 18:06 - 2017-03-04 07:26 - 00065024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Gaming.UI.GameBar.dll
2017-03-15 18:06 - 2017-03-04 07:26 - 00047104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Shell.Search.UriHandler.dll
2017-03-15 18:06 - 2017-03-04 07:26 - 00038912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wfdprov.dll
2017-03-15 18:06 - 2017-03-04 07:26 - 00025600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netiougc.exe
2017-03-15 18:06 - 2017-03-04 07:25 - 01388544 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Cred.dll
2017-03-15 18:06 - 2017-03-04 07:25 - 00748544 _____ (Microsoft Corporation) C:\WINDOWS\system32\ChatApis.dll
2017-03-15 18:06 - 2017-03-04 07:25 - 00579584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.UX.EapRequestHandler.dll
2017-03-15 18:06 - 2017-03-04 07:25 - 00548864 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2017-03-15 18:06 - 2017-03-04 07:25 - 00320000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2017-03-15 18:06 - 2017-03-04 07:25 - 00284160 _____ (Microsoft Corporation) C:\WINDOWS\system32\AboveLockAppHost.dll
2017-03-15 18:06 - 2017-03-04 07:25 - 00255488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\unimdm.tsp
2017-03-15 18:06 - 2017-03-04 07:25 - 00251904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mscandui.dll
2017-03-15 18:06 - 2017-03-04 07:25 - 00245760 _____ (Microsoft Corporation) C:\WINDOWS\system32\WwaApi.dll
2017-03-15 18:06 - 2017-03-04 07:25 - 00175104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\puiapi.dll
2017-03-15 18:06 - 2017-03-04 07:25 - 00168448 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssph.dll
2017-03-15 18:06 - 2017-03-04 07:25 - 00152064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MCCSEngineShared.dll
2017-03-15 18:06 - 2017-03-04 07:25 - 00136192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinRtTracing.dll
2017-03-15 18:06 - 2017-03-04 07:25 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BrowserSettingSync.dll
2017-03-15 18:06 - 2017-03-04 07:25 - 00097792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.System.SystemManagement.dll
2017-03-15 18:06 - 2017-03-04 07:25 - 00057344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WPDShServiceObj.dll
2017-03-15 18:06 - 2017-03-04 07:25 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tbauth.dll
2017-03-15 18:06 - 2017-03-04 07:24 - 01293312 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcnwiz.dll
2017-03-15 18:06 - 2017-03-04 07:24 - 00671744 _____ (Microsoft Corporation) C:\WINDOWS\system32\mbsmsapi.dll
2017-03-15 18:06 - 2017-03-04 07:24 - 00328192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2017-03-15 18:06 - 2017-03-04 07:24 - 00223232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scksp.dll
2017-03-15 18:06 - 2017-03-04 07:24 - 00142336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.WiFi.dll
2017-03-15 18:06 - 2017-03-04 07:24 - 00129024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.SerialCommunication.dll
2017-03-15 18:06 - 2017-03-04 07:24 - 00093184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctfui.dll
2017-03-15 18:06 - 2017-03-04 07:24 - 00088576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDeviceRegistration.Ngc.dll
2017-03-15 18:06 - 2017-03-04 07:24 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.ServiceDiscovery.Dnssd.dll
2017-03-15 18:06 - 2017-03-04 07:24 - 00022016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBrokerCookies.exe
2017-03-15 18:06 - 2017-03-04 07:23 - 01184256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Unistore.dll
2017-03-15 18:06 - 2017-03-04 07:23 - 01145856 _____ (Microsoft Corporation) C:\WINDOWS\system32\EmailApis.dll
2017-03-15 18:06 - 2017-03-04 07:23 - 00963584 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebcamUi.dll
2017-03-15 18:06 - 2017-03-04 07:23 - 00945152 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasgcw.dll
2017-03-15 18:06 - 2017-03-04 07:23 - 00820224 _____ (Microsoft Corporation) C:\WINDOWS\system32\PrintRenderAPIHost.DLL
2017-03-15 18:06 - 2017-03-04 07:23 - 00583680 _____ (Microsoft Corporation) C:\WINDOWS\system32\PrintDialogs.dll
2017-03-15 18:06 - 2017-03-04 07:23 - 00531456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iprtrmgr.dll
2017-03-15 18:06 - 2017-03-04 07:23 - 00526336 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2017-03-15 18:06 - 2017-03-04 07:23 - 00506368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcastdvr.exe
2017-03-15 18:06 - 2017-03-04 07:23 - 00392192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Gaming.Input.dll
2017-03-15 18:06 - 2017-03-04 07:23 - 00374784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.LowLevel.dll
2017-03-15 18:06 - 2017-03-04 07:23 - 00334848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DavSyncProvider.dll
2017-03-15 18:06 - 2017-03-04 07:23 - 00330752 _____ (Microsoft Corporation) C:\WINDOWS\system32\NgcCtnrSvc.dll
2017-03-15 18:06 - 2017-03-04 07:23 - 00315904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Gaming.XboxLive.Storage.dll
2017-03-15 18:06 - 2017-03-04 07:23 - 00299520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataAccountApis.dll
2017-03-15 18:06 - 2017-03-04 07:23 - 00291840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Search.ProtocolHandler.MAPI2.dll
2017-03-15 18:06 - 2017-03-04 07:23 - 00231936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.LockScreen.dll
2017-03-15 18:06 - 2017-03-04 07:23 - 00184320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserMgrProxy.dll
2017-03-15 18:06 - 2017-03-04 07:23 - 00172032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netiohlp.dll
2017-03-15 18:06 - 2017-03-04 07:22 - 01299968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVPXENC.dll
2017-03-15 18:06 - 2017-03-04 07:22 - 00332288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapConfiguration.dll
2017-03-15 18:06 - 2017-03-04 07:22 - 00265728 _____ C:\WINDOWS\SysWOW64\Windows.Perception.Stub.dll
2017-03-15 18:06 - 2017-03-04 07:22 - 00254464 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssphtb.dll
2017-03-15 18:06 - 2017-03-04 07:22 - 00237568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SyncSettings.dll
2017-03-15 18:06 - 2017-03-04 07:22 - 00231424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudBackupSettings.dll
2017-03-15 18:06 - 2017-03-04 07:22 - 00230912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\icm32.dll
2017-03-15 18:06 - 2017-03-04 07:22 - 00212992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cemapi.dll
2017-03-15 18:06 - 2017-03-04 07:22 - 00183296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFilterHost.exe
2017-03-15 18:06 - 2017-03-04 07:22 - 00117760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AuthBroker.dll
2017-03-15 18:06 - 2017-03-04 07:22 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DafPrintProvider.dll
2017-03-15 18:06 - 2017-03-04 07:21 - 06285824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2017-03-15 18:06 - 2017-03-04 07:21 - 01937920 _____ (Microsoft Corporation) C:\WINDOWS\system32\mmc.exe
2017-03-15 18:06 - 2017-03-04 07:21 - 01243136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.FaceAnalysis.dll
2017-03-15 18:06 - 2017-03-04 07:21 - 00809984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Storage.Search.dll
2017-03-15 18:06 - 2017-03-04 07:21 - 00670208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.PointOfService.dll
2017-03-15 18:06 - 2017-03-04 07:21 - 00631296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\main.cpl
2017-03-15 18:06 - 2017-03-04 07:21 - 00609280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Import.dll
2017-03-15 18:06 - 2017-03-04 07:21 - 00575488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nshwfp.dll
2017-03-15 18:06 - 2017-03-04 07:21 - 00483840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.AllJoyn.dll
2017-03-15 18:06 - 2017-03-04 07:21 - 00389632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2017-03-15 18:06 - 2017-03-04 07:21 - 00298496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2017-03-15 18:06 - 2017-03-04 07:21 - 00202752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.HumanInterfaceDevice.dll
2017-03-15 18:06 - 2017-03-04 07:21 - 00196608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tapi32.dll
2017-03-15 18:06 - 2017-03-04 07:21 - 00185856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Identity.Provider.dll
2017-03-15 18:06 - 2017-03-04 07:20 - 00632832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sud.dll
2017-03-15 18:06 - 2017-03-04 07:20 - 00611328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Printing.dll
2017-03-15 18:06 - 2017-03-04 07:20 - 00562176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.SmartCards.dll
2017-03-15 18:06 - 2017-03-04 07:20 - 00534528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PCPTpm12.dll
2017-03-15 18:06 - 2017-03-04 07:20 - 00506880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DevicePairing.dll
2017-03-15 18:06 - 2017-03-04 07:20 - 00426496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Wallet.dll
2017-03-15 18:06 - 2017-03-04 07:20 - 00426496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneDriveSettingSyncProvider.dll
2017-03-15 18:06 - 2017-03-04 07:20 - 00424960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msutb.dll
2017-03-15 18:06 - 2017-03-04 07:20 - 00386048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.WiFiDirect.dll
2017-03-15 18:06 - 2017-03-04 07:20 - 00368128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanui.dll
2017-03-15 18:06 - 2017-03-04 07:20 - 00325120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleacc.dll
2017-03-15 18:06 - 2017-03-04 07:20 - 00284672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apprepsync.dll
2017-03-15 18:06 - 2017-03-04 07:20 - 00271360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\deviceaccess.dll
2017-03-15 18:06 - 2017-03-04 07:20 - 00218624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WwaApi.dll
2017-03-15 18:06 - 2017-03-04 07:20 - 00206336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vaultcli.dll
2017-03-15 18:06 - 2017-03-04 07:20 - 00175616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Scanners.dll
2017-03-15 18:06 - 2017-03-04 07:20 - 00125952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apprepapi.dll
2017-03-15 18:06 - 2017-03-04 07:19 - 03777536 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2017-03-15 18:06 - 2017-03-04 07:19 - 01403392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Editing.dll
2017-03-15 18:06 - 2017-03-04 07:19 - 00714752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssvp.dll
2017-03-15 18:06 - 2017-03-04 07:19 - 00498688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mbsmsapi.dll
2017-03-15 18:06 - 2017-03-04 07:19 - 00458752 _____ (Microsoft Corporation) C:\WINDOWS\system32\RTMediaFrame.dll
2017-03-15 18:06 - 2017-03-04 07:19 - 00431616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\efswrt.dll
2017-03-15 18:06 - 2017-03-04 07:19 - 00414208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2017-03-15 18:06 - 2017-03-04 07:19 - 00410112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys
2017-03-15 18:06 - 2017-03-04 07:19 - 00390656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredProvDataModel.dll
2017-03-15 18:06 - 2017-03-04 07:19 - 00318464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFolder.dll
2017-03-15 18:06 - 2017-03-04 07:19 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Picker.dll
2017-03-15 18:06 - 2017-03-04 07:19 - 00226816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore6.dll
2017-03-15 18:06 - 2017-03-04 07:19 - 00181760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tcpipcfg.dll
2017-03-15 18:06 - 2017-03-04 07:18 - 01762816 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSPhotography.dll
2017-03-15 18:06 - 2017-03-04 07:18 - 01231360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wcnwiz.dll
2017-03-15 18:06 - 2017-03-04 07:18 - 01189376 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdengin2.dll
2017-03-15 18:06 - 2017-03-04 07:18 - 00896512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontext.dll
2017-03-15 18:06 - 2017-03-04 07:18 - 00819200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppContracts.dll
2017-03-15 18:06 - 2017-03-04 07:18 - 00747520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Ocr.dll
2017-03-15 18:06 - 2017-03-04 07:18 - 00567808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ChatApis.dll
2017-03-15 18:06 - 2017-03-04 07:18 - 00548352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ddraw.dll
2017-03-15 18:06 - 2017-03-04 07:18 - 00525824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintDialogs.dll
2017-03-15 18:06 - 2017-03-04 07:18 - 00314368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Usb.dll
2017-03-15 18:06 - 2017-03-04 07:18 - 00284672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.dll
2017-03-15 18:06 - 2017-03-04 07:18 - 00254464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssphtb.dll
2017-03-15 18:06 - 2017-03-04 07:18 - 00253952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2017-03-15 18:06 - 2017-03-04 07:18 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\system32\RelPost.exe
2017-03-15 18:06 - 2017-03-04 07:18 - 00140800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssph.dll
2017-03-15 18:06 - 2017-03-04 07:18 - 00074752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\updatepolicy.dll
2017-03-15 18:06 - 2017-03-04 07:17 - 07812096 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2017-03-15 18:06 - 2017-03-04 07:17 - 00864256 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnapps.dll
2017-03-15 18:06 - 2017-03-04 07:17 - 00529920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StructuredQuery.dll
2017-03-15 18:06 - 2017-03-04 07:17 - 00297472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
2017-03-15 18:06 - 2017-03-04 07:17 - 00238080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AboveLockAppHost.dll
2017-03-15 18:06 - 2017-03-04 07:16 - 13441536 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2017-03-15 18:06 - 2017-03-04 07:16 - 01908224 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2017-03-15 18:06 - 2017-03-04 07:16 - 01456640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2017-03-15 18:06 - 2017-03-04 07:16 - 00968704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Unistore.dll
2017-03-15 18:06 - 2017-03-04 07:16 - 00870400 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmkvsrcsnk.dll
2017-03-15 18:06 - 2017-03-04 07:16 - 00858112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EmailApis.dll
2017-03-15 18:06 - 2017-03-04 07:16 - 00850432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasgcw.dll
2017-03-15 18:06 - 2017-03-04 07:16 - 00846336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WebcamUi.dll
2017-03-15 18:06 - 2017-03-04 07:16 - 00816640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NaturalLanguage6.dll
2017-03-15 18:06 - 2017-03-04 07:16 - 00762880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mprddm.dll
2017-03-15 18:06 - 2017-03-04 07:16 - 00760832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\appwiz.cpl
2017-03-15 18:06 - 2017-03-04 07:16 - 00711680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2017-03-15 18:06 - 2017-03-04 07:16 - 00636928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll
2017-03-15 18:06 - 2017-03-04 07:16 - 00626688 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpaceControl.dll
2017-03-15 18:06 - 2017-03-04 07:16 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2017-03-15 18:06 - 2017-03-04 07:16 - 00526336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mscms.dll
2017-03-15 18:06 - 2017-03-04 07:16 - 00500224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.Printing.dll
2017-03-15 18:06 - 2017-03-04 07:16 - 00465920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppBroker.dll
2017-03-15 18:06 - 2017-03-04 07:16 - 00368128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\puiobj.dll
2017-03-15 18:06 - 2017-03-04 07:16 - 00288256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CryptoWinRT.dll
2017-03-15 18:06 - 2017-03-04 07:16 - 00100864 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpninprc.dll
2017-03-15 18:06 - 2017-03-04 07:15 - 01543680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mmc.exe
2017-03-15 18:06 - 2017-03-04 07:15 - 01078784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.dll
2017-03-15 18:06 - 2017-03-04 07:15 - 00509440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2017-03-15 18:06 - 2017-03-04 07:15 - 00336384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\azroleui.dll
2017-03-15 18:06 - 2017-03-04 07:15 - 00313856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2017-03-15 18:06 - 2017-03-04 07:14 - 01534464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.Printing.3D.dll
2017-03-15 18:06 - 2017-03-04 07:14 - 00236032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmWmiPl.dll
2017-03-15 18:06 - 2017-03-04 07:13 - 07626752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2017-03-15 18:06 - 2017-03-04 07:13 - 06474752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mspaint.exe
2017-03-15 18:06 - 2017-03-04 07:13 - 04613120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2017-03-15 18:06 - 2017-03-04 07:13 - 03733504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_47.dll
2017-03-15 18:06 - 2017-03-04 07:13 - 02458112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\themecpl.dll
2017-03-15 18:06 - 2017-03-04 07:13 - 01366016 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2017-03-15 18:06 - 2017-03-04 07:13 - 01228288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usercpl.dll
2017-03-15 18:06 - 2017-03-04 07:13 - 01217024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Audio.dll
2017-03-15 18:06 - 2017-03-04 07:13 - 00858112 _____ (Microsoft Corporation) C:\WINDOWS\system32\mprddm.dll
2017-03-15 18:06 - 2017-03-04 07:13 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppointmentApis.dll
2017-03-15 18:06 - 2017-03-04 07:13 - 00675840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.dll
2017-03-15 18:06 - 2017-03-04 07:13 - 00653312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.AccountsControl.dll
2017-03-15 18:06 - 2017-03-04 07:13 - 00497152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LogonController.dll
2017-03-15 18:06 - 2017-03-04 07:13 - 00256512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\thumbcache.dll
2017-03-15 18:06 - 2017-03-04 07:13 - 00125952 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdshext.dll
2017-03-15 18:06 - 2017-03-04 07:12 - 07654912 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2017-03-15 18:06 - 2017-03-04 07:12 - 04596224 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsrchvw.exe
2017-03-15 18:06 - 2017-03-04 07:12 - 00947712 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVP9DEC.dll
2017-03-15 18:06 - 2017-03-04 07:12 - 00901120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Bluetooth.dll
2017-03-15 18:06 - 2017-03-04 07:12 - 00886272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2017-03-15 18:06 - 2017-03-04 07:12 - 00884224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2017-03-15 18:06 - 2017-03-04 07:12 - 00805888 _____ (Microsoft Corporation) C:\WINDOWS\system32\FrameServer.dll
2017-03-15 18:06 - 2017-03-04 07:12 - 00700416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Storage.Search.dll
2017-03-15 18:06 - 2017-03-04 07:12 - 00589312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Sensors.dll
2017-03-15 18:06 - 2017-03-04 07:12 - 00395264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmenrollengine.dll
2017-03-15 18:06 - 2017-03-04 07:11 - 03441664 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapRouter.dll
2017-03-15 18:06 - 2017-03-04 07:11 - 02953216 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapGeocoder.dll
2017-03-15 18:06 - 2017-03-04 07:11 - 01891328 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnidui.dll
2017-03-15 18:06 - 2017-03-04 07:11 - 01357312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSPhotography.dll
2017-03-15 18:06 - 2017-03-04 07:11 - 01323008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_fs.dll
2017-03-15 18:06 - 2017-03-04 07:11 - 01320448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comsvcs.dll
2017-03-15 18:06 - 2017-03-04 07:11 - 01137152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_health.dll
2017-03-15 18:06 - 2017-03-04 07:11 - 00355328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RTMediaFrame.dll
2017-03-15 18:06 - 2017-03-04 07:10 - 02852864 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll
2017-03-15 18:06 - 2017-03-04 07:10 - 01917440 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActiveSyncProvider.dll
2017-03-15 18:06 - 2017-03-04 07:10 - 01555456 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPDMC.exe
2017-03-15 18:06 - 2017-03-04 07:10 - 01536000 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpeechPal.dll
2017-03-15 18:06 - 2017-03-04 07:10 - 01399296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Pimstore.dll
2017-03-15 18:06 - 2017-03-04 07:10 - 01282048 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2017-03-15 18:06 - 2017-03-04 07:10 - 01077760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Editing.dll
2017-03-15 18:06 - 2017-03-04 07:10 - 01033216 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
2017-03-15 18:06 - 2017-03-04 07:10 - 00816640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
2017-03-15 18:06 - 2017-03-04 07:10 - 00579072 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppBroker.dll
2017-03-15 18:06 - 2017-03-04 07:10 - 00471552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.BackgroundMediaPlayback.dll
2017-03-15 18:06 - 2017-03-04 07:10 - 00300544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\regedit.exe
2017-03-15 18:06 - 2017-03-04 07:10 - 00259584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msdtcuiu.dll
2017-03-15 18:06 - 2017-03-04 07:09 - 01359360 _____ (Microsoft Corporation) C:\WINDOWS\system32\usercpl.dll
2017-03-15 18:06 - 2017-03-04 07:09 - 00846336 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApiPublic.dll
2017-03-15 18:06 - 2017-03-04 07:09 - 00795648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MiracastReceiver.dll
2017-03-15 18:06 - 2017-03-04 07:09 - 00771072 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppointmentApis.dll
2017-03-15 18:06 - 2017-03-04 07:09 - 00765440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Sensors.dll
2017-03-15 18:06 - 2017-03-04 07:09 - 00570368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\clusapi.dll
2017-03-15 18:06 - 2017-03-04 07:09 - 00343040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToDevice.dll
2017-03-15 18:06 - 2017-03-04 07:09 - 00123904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ProximityCommon.dll
2017-03-15 18:06 - 2017-03-04 07:08 - 12349952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2017-03-15 18:06 - 2017-03-04 07:08 - 08076288 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2017-03-15 18:06 - 2017-03-04 07:08 - 03405312 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2017-03-15 18:06 - 2017-03-04 07:08 - 02800128 _____ (Microsoft Corporation) C:\WINDOWS\system32\netshell.dll
2017-03-15 18:06 - 2017-03-04 07:08 - 02424320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Perception.dll
2017-03-15 18:06 - 2017-03-04 07:08 - 01981440 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2017-03-15 18:06 - 2017-03-04 07:08 - 01266176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Input.Inking.dll
2017-03-15 18:06 - 2017-03-04 07:08 - 00834048 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
2017-03-15 18:06 - 2017-03-04 07:08 - 00792576 _____ (Microsoft Corporation) C:\WINDOWS\system32\spoolsv.exe
2017-03-15 18:06 - 2017-03-04 07:08 - 00713216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpnapps.dll
2017-03-15 18:06 - 2017-03-04 07:07 - 02748928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mispace.dll
2017-03-15 18:06 - 2017-03-04 07:07 - 02370048 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2017-03-15 18:06 - 2017-03-04 07:07 - 01792512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wpc.dll
2017-03-15 18:06 - 2017-03-04 07:07 - 01512448 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataService.dll
2017-03-15 18:06 - 2017-03-04 07:07 - 01255936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll
2017-03-15 18:06 - 2017-03-04 07:07 - 00903680 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2017-03-15 18:06 - 2017-03-04 07:07 - 00895488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Streaming.dll
2017-03-15 18:06 - 2017-03-04 07:07 - 00545280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmkvsrcsnk.dll
2017-03-15 18:06 - 2017-03-04 07:07 - 00391168 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2017-03-15 18:06 - 2017-03-04 07:06 - 03198464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll
2017-03-15 18:06 - 2017-03-04 07:06 - 02820096 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
2017-03-15 18:06 - 2017-03-04 07:06 - 02538496 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2017-03-15 18:06 - 2017-03-04 07:06 - 02153984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\storagewmi.dll
2017-03-15 18:06 - 2017-03-04 07:06 - 01424896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Maps.dll
2017-03-15 18:06 - 2017-03-04 07:06 - 01369088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Phone.dll
2017-03-15 18:06 - 2017-03-04 07:06 - 01131008 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2017-03-15 18:06 - 2017-03-04 07:06 - 01013760 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContactApis.dll
2017-03-15 18:06 - 2017-03-04 07:06 - 00842240 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntshrui.dll
2017-03-15 18:06 - 2017-03-04 07:06 - 00220672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToReceiver.dll
2017-03-15 18:06 - 2017-03-04 07:06 - 00090624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll
2017-03-15 18:06 - 2017-03-04 07:05 - 07468544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2017-03-15 18:06 - 2017-03-04 07:05 - 03520512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xpsrchvw.exe
2017-03-15 18:06 - 2017-03-04 07:05 - 01221120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Audio.dll
2017-03-15 18:06 - 2017-03-04 07:05 - 01133568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vssapi.dll
2017-03-15 18:06 - 2017-03-04 07:05 - 00545792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\uReFS.dll
2017-03-15 18:06 - 2017-03-04 07:05 - 00458752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidprov.dll
2017-03-15 18:06 - 2017-03-04 07:05 - 00298496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\resutils.dll
2017-03-15 18:06 - 2017-03-04 07:05 - 00134144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ErrorDetails.dll
2017-03-15 18:06 - 2017-03-04 07:05 - 00089600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CameraCaptureUI.dll
2017-03-15 18:06 - 2017-03-04 07:04 - 01826816 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2017-03-15 18:06 - 2017-03-04 07:04 - 00998912 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWorkspace.dll
2017-03-15 18:06 - 2017-03-04 07:04 - 00753152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\imapi2fs.dll
2017-03-15 18:06 - 2017-03-04 07:04 - 00719872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_sr.dll
2017-03-15 18:06 - 2017-03-04 07:04 - 00640000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MCRecvSrc.dll
2017-03-15 18:06 - 2017-03-04 07:04 - 00531456 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmCoreProvisioning.dll
2017-03-15 18:06 - 2017-03-04 07:04 - 00433152 _____ (Microsoft Corporation) C:\WINDOWS\system32\TextInputFramework.dll
2017-03-15 18:06 - 2017-03-04 07:04 - 00340992 _____ (Microsoft Corporation) C:\WINDOWS\system32\RADCUI.dll
2017-03-15 18:06 - 2017-03-04 07:03 - 02363904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapRouter.dll
2017-03-15 18:06 - 2017-03-04 07:03 - 02109952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapGeocoder.dll
2017-03-15 18:06 - 2017-03-04 07:03 - 01247232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Globalization.dll
2017-03-15 18:06 - 2017-03-04 07:03 - 00409600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVSENCD.DLL
2017-03-15 18:06 - 2017-03-04 07:03 - 00400384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToManager.dll
2017-03-15 18:06 - 2017-03-04 07:03 - 00359936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mtxclu.dll
2017-03-15 18:06 - 2017-03-04 07:02 - 04423680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll
2017-03-15 18:06 - 2017-03-04 07:02 - 02740224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll
2017-03-15 18:06 - 2017-03-04 07:02 - 02484736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gameux.dll
2017-03-15 18:06 - 2017-03-04 07:02 - 02138112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll
2017-03-15 18:06 - 2017-03-04 07:02 - 01709056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActiveSyncProvider.dll
2017-03-15 18:06 - 2017-03-04 07:02 - 01170944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Speech.dll
2017-03-15 18:06 - 2017-03-04 07:02 - 01155072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVP9DEC.dll
2017-03-15 18:06 - 2017-03-04 07:02 - 01004544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Input.Inking.dll
2017-03-15 18:06 - 2017-03-04 07:02 - 00580608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hgcpl.dll
2017-03-15 18:06 - 2017-03-04 07:01 - 02682880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netshell.dll
2017-03-15 18:06 - 2017-03-04 07:01 - 02646528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CertEnroll.dll
2017-03-15 18:06 - 2017-03-04 07:01 - 01993216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2017-03-15 18:06 - 2017-03-04 07:01 - 01988096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2017-03-15 18:06 - 2017-03-04 07:01 - 01656320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Perception.dll
2017-03-15 18:06 - 2017-03-04 07:01 - 01595904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2017-03-15 18:06 - 2017-03-04 07:01 - 01571840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2017-03-15 18:06 - 2017-03-04 07:01 - 01564160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\quartz.dll
2017-03-15 18:06 - 2017-03-04 07:01 - 01556992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2017-03-15 18:06 - 2017-03-04 07:01 - 01493504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Wpc.dll
2017-03-15 18:06 - 2017-03-04 07:01 - 01293312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMPDMC.exe
2017-03-15 18:06 - 2017-03-04 07:01 - 01232384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Maps.dll
2017-03-15 18:06 - 2017-03-04 07:01 - 01154560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Pimstore.dll
2017-03-15 18:06 - 2017-03-04 07:01 - 01013248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.Http.dll
2017-03-15 18:06 - 2017-03-04 07:01 - 00827904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll
2017-03-15 18:06 - 2017-03-04 07:01 - 00773120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2017-03-15 18:06 - 2017-03-04 07:01 - 00620544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll
2017-03-15 18:06 - 2017-03-04 07:01 - 00566784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ShareHost.dll
2017-03-15 18:06 - 2017-03-04 07:01 - 00560640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserLanguagesCpl.dll
2017-03-15 18:06 - 2017-03-04 07:01 - 00422400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.dll
2017-03-15 18:06 - 2017-03-04 07:00 - 04557824 _____ (Microsoft) C:\WINDOWS\SysWOW64\dbgeng.dll
2017-03-15 18:06 - 2017-03-04 07:00 - 02996736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2017-03-15 18:06 - 2017-03-04 07:00 - 02003968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2017-03-15 18:06 - 2017-03-04 07:00 - 01883648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
2017-03-15 18:06 - 2017-03-04 07:00 - 01170944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Phone.dll
2017-03-15 18:06 - 2017-03-04 07:00 - 00862208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2017-03-15 18:06 - 2017-03-04 07:00 - 00850944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ContactApis.dll
2017-03-15 18:06 - 2017-03-04 07:00 - 00798208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2017-03-15 18:06 - 2017-03-04 07:00 - 00751104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.BackgroundTransfer.dll
2017-03-15 18:06 - 2017-03-04 07:00 - 00711680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll
2017-03-15 18:06 - 2017-03-04 07:00 - 00691200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2017-03-15 18:06 - 2017-03-04 07:00 - 00654336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MbaeApiPublic.dll
2017-03-15 18:06 - 2017-03-04 07:00 - 00598528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.dll
2017-03-15 18:06 - 2017-03-04 07:00 - 00444416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSync.dll
2017-03-15 18:06 - 2017-03-04 07:00 - 00348160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Midi.dll
2017-03-15 18:06 - 2017-03-04 06:59 - 00353280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TextInputFramework.dll
2017-03-15 18:06 - 2017-03-04 06:59 - 00206848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Core.TextInput.dll
2017-03-15 18:06 - 2017-03-04 06:57 - 03106304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstsc.exe
2017-03-15 18:06 - 2017-03-04 06:57 - 00783360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TSWorkspace.dll
2017-03-15 18:06 - 2017-03-04 06:57 - 00449024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TpmCoreProvisioning.dll
2017-03-15 18:06 - 2017-03-04 06:57 - 00299008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RADCUI.dll
2017-03-15 18:06 - 2017-03-04 06:36 - 00483840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2017-03-15 18:06 - 2017-02-22 03:17 - 00448285 _____ C:\WINDOWS\system32\ApnDatabase.xml
2017-03-15 18:05 - 2017-03-04 08:57 - 00192352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aepic.dll
2017-03-15 18:05 - 2017-03-04 08:35 - 01617760 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2017-03-15 18:05 - 2017-03-04 08:35 - 01294688 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2017-03-15 18:05 - 2017-03-04 08:35 - 00655200 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2017-03-15 18:05 - 2017-03-04 08:35 - 00590952 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2017-03-15 18:05 - 2017-03-04 08:35 - 00565088 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2017-03-15 18:05 - 2017-03-04 08:35 - 00378720 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2017-03-15 18:05 - 2017-03-04 08:35 - 00343904 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2017-03-15 18:05 - 2017-03-04 08:35 - 00315232 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcntel.dll
2017-03-15 18:05 - 2017-03-04 08:35 - 00242528 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2017-03-15 18:05 - 2017-03-04 08:35 - 00142176 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2017-03-15 18:05 - 2017-03-04 08:35 - 00086368 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2017-03-15 18:05 - 2017-03-04 08:35 - 00038240 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2017-03-15 18:05 - 2017-03-04 08:27 - 00603488 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContentDeliveryManager.Utilities.dll
2017-03-15 18:05 - 2017-03-04 08:25 - 01117024 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReAgent.dll
2017-03-15 18:05 - 2017-03-04 08:24 - 01051112 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2017-03-15 18:05 - 2017-03-04 08:24 - 00894096 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2017-03-15 18:05 - 2017-03-04 08:24 - 00646688 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll
2017-03-15 18:05 - 2017-03-04 08:24 - 00354264 _____ (Microsoft Corporation) C:\WINDOWS\system32\systemreset.exe
2017-03-15 18:05 - 2017-03-04 08:22 - 07786336 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2017-03-15 18:05 - 2017-03-04 08:22 - 01354312 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2017-03-15 18:05 - 2017-03-04 08:22 - 01172984 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2017-03-15 18:05 - 2017-03-04 08:21 - 02255712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2017-03-15 18:05 - 2017-03-04 08:20 - 00379744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Classpnp.sys
2017-03-15 18:05 - 2017-03-04 08:20 - 00128352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\partmgr.sys
2017-03-15 18:05 - 2017-03-04 08:19 - 02681200 _____ C:\WINDOWS\system32\CoreUIComponents.dll
2017-03-15 18:05 - 2017-03-04 08:18 - 00764392 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2017-03-15 18:05 - 2017-03-04 08:18 - 00219040 _____ (Microsoft Corporation) C:\WINDOWS\system32\IPHLPAPI.DLL
2017-03-15 18:05 - 2017-03-04 08:15 - 00404320 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinSetupUI.dll
2017-03-15 18:05 - 2017-03-04 08:15 - 00063328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dam.sys
2017-03-15 18:05 - 2017-03-04 08:13 - 00635456 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2017-03-15 18:05 - 2017-03-04 08:11 - 00328008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Storage.ApplicationData.dll
2017-03-15 18:05 - 2017-03-04 08:11 - 00266544 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanager.dll
2017-03-15 18:05 - 2017-03-04 08:10 - 02828384 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll
2017-03-15 18:05 - 2017-03-04 08:10 - 02189664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2017-03-15 18:05 - 2017-03-04 08:09 - 02750384 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2017-03-15 18:05 - 2017-03-04 08:09 - 01157000 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2017-03-15 18:05 - 2017-03-04 08:09 - 00681312 _____ (Microsoft Corporation) C:\WINDOWS\system32\SHCore.dll
2017-03-15 18:05 - 2017-03-04 08:09 - 00658784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2017-03-15 18:05 - 2017-03-04 08:09 - 00635864 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2017-03-15 18:05 - 2017-03-04 08:09 - 00578392 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2017-03-15 18:05 - 2017-03-04 08:09 - 00402272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2017-03-15 18:05 - 2017-03-04 08:09 - 00178520 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostUser.dll
2017-03-15 18:05 - 2017-03-04 08:08 - 00624048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2017-03-15 18:05 - 2017-03-04 08:08 - 00509280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2017-03-15 18:05 - 2017-03-04 08:08 - 00450400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2017-03-15 18:05 - 2017-03-04 08:08 - 00342456 _____ (Microsoft Corporation) C:\WINDOWS\system32\wintrust.dll
2017-03-15 18:05 - 2017-03-04 08:08 - 00223584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2017-03-15 18:05 - 2017-03-04 08:07 - 02913144 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2017-03-15 18:05 - 2017-03-04 08:07 - 02446704 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2017-03-15 18:05 - 2017-03-04 08:07 - 01267512 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2017-03-15 18:05 - 2017-03-04 08:07 - 01100128 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2017-03-15 18:05 - 2017-03-04 08:07 - 00989016 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2017-03-15 18:05 - 2017-03-04 08:07 - 00947552 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.efi
2017-03-15 18:05 - 2017-03-04 08:07 - 00811872 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.exe
2017-03-15 18:05 - 2017-03-04 08:07 - 00682808 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2017-03-15 18:05 - 2017-03-04 08:07 - 00432992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2017-03-15 18:05 - 2017-03-04 08:07 - 00116064 _____ (Microsoft Corporation) C:\WINDOWS\system32\icfupgd.dll
2017-03-15 18:05 - 2017-03-04 08:07 - 00110944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvsocket.sys
2017-03-15 18:05 - 2017-03-04 08:07 - 00080224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmbkmcl.sys
2017-03-15 18:05 - 2017-03-04 08:03 - 04674360 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2017-03-15 18:05 - 2017-03-04 08:03 - 01694712 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2017-03-15 18:05 - 2017-03-04 08:03 - 01600632 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2017-03-15 18:05 - 2017-03-04 08:03 - 00755648 _____ (Microsoft Corporation) C:\WINDOWS\system32\evr.dll
2017-03-15 18:05 - 2017-03-04 08:03 - 00523712 _____ (Microsoft Corporation) C:\WINDOWS\system32\DMRServer.dll
2017-03-15 18:05 - 2017-03-04 08:03 - 00424616 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFPlay.dll
2017-03-15 18:05 - 2017-03-04 08:03 - 00241496 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHost.dll
2017-03-15 18:05 - 2017-03-04 08:03 - 00160096 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostBroker.dll
2017-03-15 18:05 - 2017-03-04 08:03 - 00038768 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompPkgSup.dll
2017-03-15 18:05 - 2017-03-04 08:01 - 00201568 _____ (Microsoft Corporation) C:\WINDOWS\system32\basecsp.dll
2017-03-15 18:05 - 2017-03-04 08:01 - 00128648 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpapi.dll
2017-03-15 18:05 - 2017-03-04 07:59 - 01570208 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2017-03-15 18:05 - 2017-03-04 07:58 - 01416224 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2017-03-15 18:05 - 2017-03-04 07:58 - 00628552 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2017-03-15 18:05 - 2017-03-04 07:58 - 00322912 _____ (Microsoft Corporation) C:\WINDOWS\system32\input.dll
2017-03-15 18:05 - 2017-03-04 07:57 - 00372432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.MediaControl.dll
2017-03-15 18:05 - 2017-03-04 07:42 - 07216640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2017-03-15 18:05 - 2017-03-04 07:37 - 01631232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll
2017-03-15 18:05 - 2017-03-04 07:37 - 00025088 _____ C:\WINDOWS\system32\GamePanelExternalHook.dll
2017-03-15 18:05 - 2017-03-04 07:36 - 22565376 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2017-03-15 18:05 - 2017-03-04 07:36 - 00217600 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctfp.dll
2017-03-15 18:05 - 2017-03-04 07:36 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
2017-03-15 18:05 - 2017-03-04 07:36 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchWinApp.exe
2017-03-15 18:05 - 2017-03-04 07:36 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mskssrv.sys
2017-03-15 18:05 - 2017-03-04 07:35 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbonRes.dll
2017-03-15 18:05 - 2017-03-04 07:35 - 00047616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ddrawex.dll
2017-03-15 18:05 - 2017-03-04 07:35 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\odbcconf.dll
2017-03-15 18:05 - 2017-03-04 07:34 - 00124416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.System.SystemManagement.dll
2017-03-15 18:05 - 2017-03-04 07:34 - 00116224 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctfui.dll
2017-03-15 18:05 - 2017-03-04 07:34 - 00080896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmbkmclr.sys
2017-03-15 18:05 - 2017-03-04 07:33 - 00259072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Family.SyncEngine.dll
2017-03-15 18:05 - 2017-03-04 07:33 - 00185344 _____ (Microsoft Corporation) C:\WINDOWS\system32\DisplayManager.dll
2017-03-15 18:05 - 2017-03-04 07:33 - 00162304 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcertinst.exe
2017-03-15 18:05 - 2017-03-04 07:33 - 00095232 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzautoupdate.dll
2017-03-15 18:05 - 2017-03-04 07:33 - 00057344 _____ (Microsoft Corporation) C:\WINDOWS\system32\BluetoothDesktopHandlers.dll
2017-03-15 18:05 - 2017-03-04 07:33 - 00046592 _____ (Microsoft Corporation) C:\WINDOWS\system32\XInputUap.dll
2017-03-15 18:05 - 2017-03-04 07:33 - 00035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\tbauth.dll
2017-03-15 18:05 - 2017-03-04 07:32 - 00249856 _____ (Microsoft Corporation) C:\WINDOWS\system32\scksp.dll
2017-03-15 18:05 - 2017-03-04 07:32 - 00196096 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDeviceRegistration.dll
2017-03-15 18:05 - 2017-03-04 07:32 - 00193536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.WiFi.dll
2017-03-15 18:05 - 2017-03-04 07:32 - 00133632 _____ (Microsoft Corporation) C:\WINDOWS\system32\MediaFoundation.DefaultPerceptionProvider.dll
2017-03-15 18:05 - 2017-03-04 07:32 - 00073216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryBroker.dll
2017-03-15 18:05 - 2017-03-04 07:31 - 00567296 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevicePairing.dll
2017-03-15 18:05 - 2017-03-04 07:31 - 00280064 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_WorkAccess.dll
2017-03-15 18:05 - 2017-03-04 07:31 - 00266240 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore6.dll
2017-03-15 18:05 - 2017-03-04 07:31 - 00247808 _____ (Microsoft Corporation) C:\WINDOWS\system32\icm32.dll
2017-03-15 18:05 - 2017-03-04 07:31 - 00187904 _____ (Microsoft Corporation) C:\WINDOWS\system32\VCardParser.dll
2017-03-15 18:05 - 2017-03-04 07:31 - 00122880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryClient.dll
2017-03-15 18:05 - 2017-03-04 07:30 - 00635904 _____ (Microsoft Corporation) C:\WINDOWS\system32\FlightSettings.dll
2017-03-15 18:05 - 2017-03-04 07:30 - 00547840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Gaming.Input.dll
2017-03-15 18:05 - 2017-03-04 07:30 - 00463872 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2017-03-15 18:05 - 2017-03-04 07:30 - 00300544 _____ (Microsoft Corporation) C:\WINDOWS\system32\mscandui.dll
2017-03-15 18:05 - 2017-03-04 07:30 - 00236544 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Flights.dll
2017-03-15 18:05 - 2017-03-04 07:30 - 00231424 _____ (Microsoft Corporation) C:\WINDOWS\system32\shutdownux.dll
2017-03-15 18:05 - 2017-03-04 07:30 - 00205824 _____ (Microsoft Corporation) C:\WINDOWS\system32\netiohlp.dll
2017-03-15 18:05 - 2017-03-04 07:30 - 00186368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Radios.dll
2017-03-15 18:05 - 2017-03-04 07:30 - 00180224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Cortana.OneCore.dll
2017-03-15 18:05 - 2017-03-04 07:30 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dfsc.sys
2017-03-15 18:05 - 2017-03-04 07:30 - 00058880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Shell.Search.UriHandler.dll
2017-03-15 18:05 - 2017-03-04 07:30 - 00025600 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBrokerCookies.exe
2017-03-15 18:05 - 2017-03-04 07:29 - 00505856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.WiFiDirect.dll
2017-03-15 18:05 - 2017-03-04 07:29 - 00418304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.BlockedShutdown.dll
2017-03-15 18:05 - 2017-03-04 07:29 - 00343552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.SmartCards.Phone.dll
2017-03-15 18:05 - 2017-03-04 07:29 - 00289792 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeveloperOptionsSettingsHandlers.dll
2017-03-15 18:05 - 2017-03-04 07:29 - 00171520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.SerialCommunication.dll
2017-03-15 18:05 - 2017-03-04 07:29 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\system32\BrowserSettingSync.dll
2017-03-15 18:05 - 2017-03-04 07:29 - 00125952 _____ (Microsoft Corporation) C:\WINDOWS\system32\appinfo.dll
2017-03-15 18:05 - 2017-03-04 07:28 - 00947712 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll
2017-03-15 18:05 - 2017-03-04 07:28 - 00912384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.SmartCards.dll
2017-03-15 18:05 - 2017-03-04 07:28 - 00651264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.AllJoyn.dll
2017-03-15 18:05 - 2017-03-04 07:28 - 00623104 _____ (Microsoft Corporation) C:\WINDOWS\system32\PCPTpm12.dll
2017-03-15 18:05 - 2017-03-04 07:28 - 00587776 _____ (Microsoft Corporation) C:\WINDOWS\system32\vpnike.dll
2017-03-15 18:05 - 2017-03-04 07:28 - 00568320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.LowLevel.dll
2017-03-15 18:05 - 2017-03-04 07:28 - 00394752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ks.sys
2017-03-15 18:05 - 2017-03-04 07:28 - 00349696 _____ (Microsoft Corporation) C:\WINDOWS\system32\icsvcext.dll
2017-03-15 18:05 - 2017-03-04 07:28 - 00279552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.HumanInterfaceDevice.dll
2017-03-15 18:05 - 2017-03-04 07:28 - 00268800 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserMgrProxy.dll
2017-03-15 18:05 - 2017-03-04 07:28 - 00267264 _____ (Microsoft Corporation) C:\WINDOWS\system32\vaultcli.dll
2017-03-15 18:05 - 2017-03-04 07:28 - 00223744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.HostName.dll
2017-03-15 18:05 - 2017-03-04 07:28 - 00193536 _____ (Microsoft Corporation) C:\WINDOWS\system32\certprop.dll
2017-03-15 18:05 - 2017-03-04 07:28 - 00147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll
2017-03-15 18:05 - 2017-03-04 07:27 - 00852480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Import.dll
2017-03-15 18:05 - 2017-03-04 07:27 - 00460288 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredProvDataModel.dll
2017-03-15 18:05 - 2017-03-04 07:27 - 00432128 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpAXHolder.dll
2017-03-15 18:05 - 2017-03-04 07:27 - 00391168 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleacc.dll
2017-03-15 18:05 - 2017-03-04 07:27 - 00379392 _____ (Microsoft Corporation) C:\WINDOWS\system32\apprepsync.dll
2017-03-15 18:05 - 2017-03-04 07:27 - 00324608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.LockScreen.dll
2017-03-15 18:05 - 2017-03-04 07:27 - 00311296 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncSettings.dll
2017-03-15 18:05 - 2017-03-04 07:27 - 00295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudBackupSettings.dll
2017-03-15 18:05 - 2017-03-04 07:27 - 00252928 _____ (Microsoft Corporation) C:\WINDOWS\system32\ubpm.dll
2017-03-15 18:05 - 2017-03-04 07:27 - 00176128 _____ (Microsoft Corporation) C:\WINDOWS\system32\apprepapi.dll
2017-03-15 18:05 - 2017-03-04 07:26 - 00949248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.PointOfService.dll
2017-03-15 18:05 - 2017-03-04 07:26 - 00658432 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmans.dll
2017-03-15 18:05 - 2017-03-04 07:26 - 00643072 _____ (Microsoft Corporation) C:\WINDOWS\system32\main.cpl
2017-03-15 18:05 - 2017-03-04 07:26 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbonRes.dll
2017-03-15 18:05 - 2017-03-04 07:26 - 00579072 _____ (Microsoft Corporation) C:\WINDOWS\system32\ddraw.dll
2017-03-15 18:05 - 2017-03-04 07:26 - 00476160 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2017-03-15 18:05 - 2017-03-04 07:26 - 00464896 _____ (Microsoft Corporation) C:\WINDOWS\system32\msutb.dll
2017-03-15 18:05 - 2017-03-04 07:26 - 00450048 _____ (Microsoft Corporation) C:\WINDOWS\system32\werui.dll
2017-03-15 18:05 - 2017-03-04 07:26 - 00431616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Cortana.Desktop.dll
2017-03-15 18:05 - 2017-03-04 07:26 - 00407552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2017-03-15 18:05 - 2017-03-04 07:26 - 00337408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Picker.dll
2017-03-15 18:05 - 2017-03-04 07:26 - 00264704 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsrslvr.dll
2017-03-15 18:05 - 2017-03-04 07:26 - 00261632 _____ (Microsoft Corporation) C:\WINDOWS\system32\indexeddbserver.dll
2017-03-15 18:05 - 2017-03-04 07:26 - 00090112 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll
2017-03-15 18:05 - 2017-03-04 07:26 - 00049152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll
2017-03-15 18:05 - 2017-03-04 07:25 - 01060352 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppContracts.dll
2017-03-15 18:05 - 2017-03-04 07:25 - 01016320 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblAuthManager.dll
2017-03-15 18:05 - 2017-03-04 07:25 - 00526848 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneDriveSettingSyncProvider.dll
2017-03-15 18:05 - 2017-03-04 07:25 - 00437248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Usb.dll
2017-03-15 18:05 - 2017-03-04 07:25 - 00425984 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
2017-03-15 18:05 - 2017-03-04 07:24 - 01092096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplicationFrame.dll
2017-03-15 18:05 - 2017-03-04 07:24 - 01025536 _____ (Microsoft Corporation) C:\WINDOWS\system32\XboxNetApiSvc.dll
2017-03-15 18:05 - 2017-03-04 07:24 - 00956416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2017-03-15 18:05 - 2017-03-04 07:24 - 00945664 _____ (Microsoft Corporation) C:\WINDOWS\system32\iphlpsvc.dll
2017-03-15 18:05 - 2017-03-04 07:24 - 00655872 _____ (Microsoft Corporation) C:\WINDOWS\system32\sud.dll
2017-03-15 18:05 - 2017-03-04 07:24 - 00560128 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppReadiness.dll
2017-03-15 18:05 - 2017-03-04 07:24 - 00495104 _____ (Microsoft Corporation) C:\WINDOWS\system32\DataSenseHandlers.dll
2017-03-15 18:05 - 2017-03-04 07:24 - 00478208 _____ (Microsoft Corporation) C:\WINDOWS\system32\DXP.dll
2017-03-15 18:05 - 2017-03-04 07:24 - 00329728 _____ (Microsoft Corporation) C:\WINDOWS\system32\deviceaccess.dll
2017-03-15 18:05 - 2017-03-04 07:23 - 03753984 _____ (Microsoft Corporation) C:\WINDOWS\system32\bootux.dll
2017-03-15 18:05 - 2017-03-04 07:23 - 00896512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.AccountsControl.dll
2017-03-15 18:05 - 2017-03-04 07:23 - 00775168 _____ (Microsoft Corporation) C:\WINDOWS\system32\GamePanel.exe
2017-03-15 18:05 - 2017-03-04 07:23 - 00715776 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2017-03-15 18:05 - 2017-03-04 07:23 - 00634368 _____ (Microsoft Corporation) C:\WINDOWS\system32\StructuredQuery.dll
2017-03-15 18:05 - 2017-03-04 07:23 - 00541696 _____ (Microsoft Corporation) C:\WINDOWS\system32\ipnathlp.dll
2017-03-15 18:05 - 2017-03-04 07:23 - 00496128 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.UserAccountsHandlers.dll
2017-03-15 18:05 - 2017-03-04 07:23 - 00320512 _____ (Microsoft Corporation) C:\WINDOWS\system32\thumbcache.dll
2017-03-15 18:05 - 2017-03-04 07:22 - 00869888 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2017-03-15 18:05 - 2017-03-04 07:22 - 00822784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2017-03-15 18:05 - 2017-03-04 07:22 - 00410112 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2017-03-15 18:05 - 2017-03-04 07:21 - 00945664 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll
2017-03-15 18:05 - 2017-03-04 07:21 - 00776192 _____ (Microsoft Corporation) C:\WINDOWS\system32\TabletPC.cpl
2017-03-15 18:05 - 2017-03-04 07:21 - 00591360 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2017-03-15 18:05 - 2017-03-04 07:21 - 00347648 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascustom.dll
2017-03-15 18:05 - 2017-03-04 07:20 - 01913856 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_fs.dll
2017-03-15 18:05 - 2017-03-04 07:20 - 01361408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModel.dll
2017-03-15 18:05 - 2017-03-04 07:20 - 01280512 _____ (Microsoft Corporation) C:\WINDOWS\system32\werconcpl.dll
2017-03-15 18:05 - 2017-03-04 07:20 - 00893952 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll
2017-03-15 18:05 - 2017-03-04 07:20 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2017-03-15 18:05 - 2017-03-04 07:20 - 00650752 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2017-03-15 18:05 - 2017-03-04 07:20 - 00282112 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmWmiPl.dll
2017-03-15 18:05 - 2017-03-04 07:20 - 00203776 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXApplicabilityBlob.dll
2017-03-15 18:05 - 2017-03-04 07:19 - 23676416 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2017-03-15 18:05 - 2017-03-04 07:19 - 01639424 _____ (Microsoft Corporation) C:\WINDOWS\system32\comsvcs.dll
2017-03-15 18:05 - 2017-03-04 07:19 - 01589760 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdtctm.dll
2017-03-15 18:05 - 2017-03-04 07:19 - 01584128 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_health.dll
2017-03-15 18:05 - 2017-03-04 07:19 - 00635904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2017-03-15 18:05 - 2017-03-04 07:19 - 00376832 _____ (Microsoft Corporation) C:\WINDOWS\system32\CryptoWinRT.dll
2017-03-15 18:05 - 2017-03-04 07:19 - 00166912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Tabbtn.dll
2017-03-15 18:05 - 2017-03-04 07:19 - 00083456 _____ (Microsoft Corporation) C:\WINDOWS\system32\tabcal.exe
2017-03-15 18:05 - 2017-03-04 07:18 - 17198592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2017-03-15 18:05 - 2017-03-04 07:18 - 01227264 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpsvc.dll
2017-03-15 18:05 - 2017-03-04 07:18 - 00320512 _____ (Microsoft Corporation) C:\WINDOWS\regedit.exe
2017-03-15 18:05 - 2017-03-04 07:18 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\indexeddbserver.dll
2017-03-15 18:05 - 2017-03-04 07:17 - 01105408 _____ (Microsoft Corporation) C:\WINDOWS\system32\MiracastReceiver.dll
2017-03-15 18:05 - 2017-03-04 07:17 - 01082368 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2017-03-15 18:05 - 2017-03-04 07:17 - 00730624 _____ (Microsoft Corporation) C:\WINDOWS\system32\clusapi.dll
2017-03-15 18:05 - 2017-03-04 07:17 - 00661504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll
2017-03-15 18:05 - 2017-03-04 07:17 - 00442368 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToDevice.dll
2017-03-15 18:05 - 2017-03-04 07:17 - 00440320 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhcfg.dll
2017-03-15 18:05 - 2017-03-04 07:16 - 03289088 _____ (Microsoft Corporation) C:\WINDOWS\system32\mispace.dll
2017-03-15 18:05 - 2017-03-04 07:16 - 00649216 _____ (Microsoft Corporation) C:\WINDOWS\system32\vds.exe
2017-03-15 18:05 - 2017-03-04 07:16 - 00583168 _____ (Microsoft Corporation) C:\WINDOWS\system32\BootMenuUX.dll
2017-03-15 18:05 - 2017-03-04 07:16 - 00187904 _____ (Microsoft Corporation) C:\WINDOWS\system32\dialclient.dll
2017-03-15 18:05 - 2017-03-04 07:15 - 18362368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2017-03-15 18:05 - 2017-03-04 07:15 - 09130496 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2017-03-15 18:05 - 2017-03-04 07:15 - 02860032 _____ (Microsoft Corporation) C:\WINDOWS\system32\storagewmi.dll
2017-03-15 18:05 - 2017-03-04 07:15 - 01837056 _____ (Microsoft Corporation) C:\WINDOWS\system32\workfolderssvc.dll
2017-03-15 18:05 - 2017-03-04 07:15 - 01443328 _____ (Microsoft Corporation) C:\WINDOWS\system32\VSSVC.exe
2017-03-15 18:05 - 2017-03-04 07:14 - 04749312 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2017-03-15 18:05 - 2017-03-04 07:14 - 01562112 _____ (Microsoft Corporation) C:\WINDOWS\system32\vssapi.dll
2017-03-15 18:05 - 2017-03-04 07:14 - 01547264 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbengine.exe
2017-03-15 18:05 - 2017-03-04 07:14 - 00588288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidprov.dll
2017-03-15 18:05 - 2017-03-04 07:14 - 00374784 _____ (Microsoft Corporation) C:\WINDOWS\system32\resutils.dll
2017-03-15 18:05 - 2017-03-04 07:14 - 00279552 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToReceiver.dll
2017-03-15 18:05 - 2017-03-04 07:14 - 00167936 _____ (Microsoft Corporation) C:\WINDOWS\system32\ErrorDetails.dll
2017-03-15 18:05 - 2017-03-04 07:14 - 00130560 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpaceAgent.exe
2017-03-15 18:05 - 2017-03-04 07:13 - 19411968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2017-03-15 18:05 - 2017-03-04 07:13 - 05114368 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
2017-03-15 18:05 - 2017-03-04 07:13 - 00982528 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2017-03-15 18:05 - 2017-03-04 07:13 - 00961024 _____ (Microsoft Corporation) C:\WINDOWS\system32\imapi2fs.dll
2017-03-15 18:05 - 2017-03-04 07:13 - 00947200 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_sr.dll
2017-03-15 18:05 - 2017-03-04 07:13 - 00937472 _____ (Microsoft Corporation) C:\WINDOWS\system32\MCRecvSrc.dll
2017-03-15 18:05 - 2017-03-04 07:13 - 00628736 _____ (Microsoft Corporation) C:\WINDOWS\system32\uReFS.dll
2017-03-15 18:05 - 2017-03-04 07:13 - 00539136 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToManager.dll
2017-03-15 18:05 - 2017-03-04 07:13 - 00222720 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkFoldersShell.dll
2017-03-15 18:05 - 2017-03-04 07:13 - 00112640 _____ (Microsoft Corporation) C:\WINDOWS\system32\CameraCaptureUI.dll
2017-03-15 18:05 - 2017-03-04 07:13 - 00112128 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkFoldersGPExt.dll
2017-03-15 18:05 - 2017-03-04 07:13 - 00054272 _____ (Microsoft Corporation) C:\WINDOWS\system32\MultiDigiMon.exe
2017-03-15 18:05 - 2017-03-04 07:12 - 13085184 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2017-03-15 18:05 - 2017-03-04 07:12 - 01692160 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2017-03-15 18:05 - 2017-03-04 07:12 - 01040896 _____ (Microsoft Corporation) C:\WINDOWS\system32\NaturalLanguage6.dll
2017-03-15 18:05 - 2017-03-04 07:12 - 00828416 _____ (Microsoft Corporation) C:\WINDOWS\system32\appwiz.cpl
2017-03-15 18:05 - 2017-03-04 07:12 - 00467968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Geolocation.dll
2017-03-15 18:05 - 2017-03-04 07:11 - 04474368 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_47.dll
2017-03-15 18:05 - 2017-03-04 07:11 - 02611200 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameux.dll
2017-03-15 18:05 - 2017-03-04 07:11 - 02278400 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2017-03-15 18:05 - 2017-03-04 07:11 - 01656832 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2017-03-15 18:05 - 2017-03-04 07:11 - 01643008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.dll
2017-03-15 18:05 - 2017-03-04 07:11 - 01312768 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorDataService.exe
2017-03-15 18:05 - 2017-03-04 07:11 - 00975872 _____ (Microsoft Corporation) C:\WINDOWS\HelpPane.exe
2017-03-15 18:05 - 2017-03-04 07:11 - 00821248 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll
2017-03-15 18:05 - 2017-03-04 07:11 - 00818176 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
2017-03-15 18:05 - 2017-03-04 07:11 - 00774656 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkfoldersControl.dll
2017-03-15 18:05 - 2017-03-04 07:11 - 00572416 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhotoScreensaver.scr
2017-03-15 18:05 - 2017-03-04 07:10 - 06664192 _____ (Microsoft Corporation) C:\WINDOWS\system32\mspaint.exe
2017-03-15 18:05 - 2017-03-04 07:10 - 02208768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Printing.3D.dll
2017-03-15 18:05 - 2017-03-04 07:10 - 02095616 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2017-03-15 18:05 - 2017-03-04 07:10 - 01586176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Globalization.dll
2017-03-15 18:05 - 2017-03-04 07:10 - 01275392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Bluetooth.dll
2017-03-15 18:05 - 2017-03-04 07:10 - 00971264 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll
2017-03-15 18:05 - 2017-03-04 07:10 - 00960000 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2017-03-15 18:05 - 2017-03-04 07:10 - 00913920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.dll
2017-03-15 18:05 - 2017-03-04 07:10 - 00770560 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2017-03-15 18:05 - 2017-03-04 07:10 - 00460800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Midi.dll
2017-03-15 18:05 - 2017-03-04 07:10 - 00104960 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkFolders.exe
2017-03-15 18:05 - 2017-03-04 07:09 - 08125952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2017-03-15 18:05 - 2017-03-04 07:09 - 01633792 _____ (Microsoft Corporation) C:\WINDOWS\system32\quartz.dll
2017-03-15 18:05 - 2017-03-04 07:09 - 00653824 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserLanguagesCpl.dll
2017-03-15 18:05 - 2017-03-04 07:08 - 01780224 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2017-03-15 18:05 - 2017-03-04 07:08 - 01714688 _____ (Microsoft Corporation) C:\WINDOWS\system32\dui70.dll
2017-03-15 18:05 - 2017-03-04 07:08 - 00629248 _____ (Microsoft Corporation) C:\WINDOWS\system32\hgcpl.dll
2017-03-15 18:05 - 2017-03-04 07:08 - 00540160 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSync.dll
2017-03-15 18:05 - 2017-03-04 07:07 - 12178944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2017-03-15 18:05 - 2017-03-04 07:07 - 02914816 _____ (Microsoft Corporation) C:\WINDOWS\system32\CertEnroll.dll
2017-03-15 18:05 - 2017-03-04 07:07 - 02895872 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2017-03-15 18:05 - 2017-03-04 07:07 - 02691072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2017-03-15 18:05 - 2017-03-04 07:07 - 02512384 _____ (Microsoft Corporation) C:\WINDOWS\system32\themecpl.dll
2017-03-15 18:05 - 2017-03-04 07:07 - 01840640 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2017-03-15 18:05 - 2017-03-04 07:07 - 01513472 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2017-03-15 18:05 - 2017-03-04 07:07 - 01490944 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2017-03-15 18:05 - 2017-03-04 07:07 - 01348608 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll
2017-03-15 18:05 - 2017-03-04 07:07 - 01064448 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2017-03-15 18:05 - 2017-03-04 07:07 - 00909312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
2017-03-15 18:05 - 2017-03-04 07:07 - 00875520 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2017-03-15 18:05 - 2017-03-04 07:07 - 00774656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.dll
2017-03-15 18:05 - 2017-03-04 07:07 - 00716800 _____ (Microsoft Corporation) C:\WINDOWS\system32\ShareHost.dll
2017-03-15 18:05 - 2017-03-04 07:07 - 00707584 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2017-03-15 18:05 - 2017-03-04 07:07 - 00389632 _____ (Microsoft Corporation) C:\WINDOWS\system32\stobject.dll
2017-03-15 18:05 - 2017-03-04 07:06 - 05384192 _____ (Microsoft) C:\WINDOWS\system32\dbgeng.dll
2017-03-15 18:05 - 2017-03-04 07:06 - 04746752 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2017-03-15 18:05 - 2017-03-04 07:06 - 04708864 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
2017-03-15 18:05 - 2017-03-04 07:06 - 04060672 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbon.dll
2017-03-15 18:05 - 2017-03-04 07:06 - 03614720 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2017-03-15 18:05 - 2017-03-04 07:06 - 03202048 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll
2017-03-15 18:05 - 2017-03-04 07:06 - 02475008 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2017-03-15 18:05 - 2017-03-04 07:06 - 02317824 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2017-03-15 18:05 - 2017-03-04 07:06 - 02287104 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2017-03-15 18:05 - 2017-03-04 07:06 - 00881664 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2017-03-15 18:05 - 2017-03-04 07:06 - 00483328 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.dll
2017-03-15 18:05 - 2017-03-04 07:05 - 01726976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2017-03-15 18:05 - 2017-03-04 07:05 - 01328640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.Http.dll
2017-03-15 18:05 - 2017-03-04 07:05 - 01121280 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2017-03-15 18:05 - 2017-03-04 07:05 - 00924672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.BackgroundTransfer.dll
2017-03-15 18:05 - 2017-03-04 07:05 - 00180224 _____ (Microsoft Corporation) C:\WINDOWS\system32\enrollmentapi.dll
2017-03-15 18:05 - 2017-03-04 07:04 - 00035328 _____ (Microsoft Corporation) C:\WINDOWS\system32\spaceman.exe
2017-03-15 18:05 - 2017-03-04 07:03 - 06044672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2017-03-15 18:05 - 2017-03-04 07:03 - 03666432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2017-03-15 18:05 - 2017-03-04 07:03 - 01817088 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.dll
2017-03-15 18:05 - 2017-03-04 07:02 - 00510464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhotoScreensaver.scr
2017-03-15 18:05 - 2017-03-04 07:01 - 03478528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbon.dll
2017-03-15 18:05 - 2017-03-04 07:00 - 02026496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2017-03-15 18:05 - 2016-07-16 03:29 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\CspCellularSettings.dll
2017-03-15 18:05 - 2016-07-16 03:28 - 00125440 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseAPNCsp.dll
2017-03-15 18:05 - 2016-07-16 03:26 - 00128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\CfgSPCellular.dll
2017-03-15 18:04 - 2016-05-29 19:38 - 08886976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneDriveSetup.exe
2017-03-08 10:19 - 2017-03-21 13:10 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2017-03-06 09:46 - 2017-03-06 09:46 - 00087584 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klupd_klif_kimul.sys


==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2017-03-24 11:31 - 2015-11-09 13:36 - 00024981 _____ C:\Users\Martin_2\Downloads\FRST.txt
2017-03-24 11:19 - 2015-11-09 13:36 - 00037280 _____ C:\Users\Martin_2\Downloads\Addition.txt
2017-03-24 10:43 - 2014-05-07 06:52 - 00000000 ____D C:\ProgramData\Kaspersky Lab
2017-03-24 10:34 - 2016-07-16 23:51 - 02755456 _____ C:\WINDOWS\system32\perfh007.dat
2017-03-24 10:34 - 2016-07-16 23:51 - 00746068 _____ C:\WINDOWS\system32\perfc007.dat
2017-03-24 10:34 - 2016-01-16 11:31 - 05654620 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-03-24 10:29 - 2016-11-16 12:14 - 00000000 ____D C:\Users\Martin_2\AppData\LocalLow\Mozilla
2017-03-24 10:28 - 2016-09-25 17:56 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-03-24 10:28 - 2016-09-25 17:48 - 00000000 ____D C:\ProgramData\NVIDIA
2017-03-24 10:28 - 2016-09-25 17:47 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2017-03-24 10:28 - 2014-05-07 10:53 - 00251840 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2017-03-23 16:17 - 2016-07-16 12:47 - 00000000 ___HD C:\Program Files\WindowsApps
2017-03-23 16:17 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\AppReadiness
2017-03-22 12:07 - 2016-09-25 17:49 - 00000000 ____D C:\Users\Martin_2
2017-03-22 12:07 - 2016-07-16 07:04 - 01572864 _____ C:\WINDOWS\system32\config\BBI
2017-03-21 13:32 - 2016-07-16 12:45 - 00000000 ____D C:\WINDOWS\INF
2017-03-21 13:31 - 2014-03-12 09:41 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2017-03-21 13:10 - 2014-03-12 13:59 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2017-03-21 09:43 - 2014-03-21 19:23 - 00000000 ____D C:\Users\Martin_2\AppData\Roaming\vlc
2017-03-20 11:07 - 2014-05-22 07:28 - 00000000 ____D C:\ProgramData\Malwarebytes
2017-03-20 09:54 - 2015-11-13 17:39 - 00000000 ____D C:\ProgramData\Malwarebytes Anti-Exploit
2017-03-18 14:45 - 2017-02-21 16:58 - 00000000 ____D C:\Users\Martin_2\AppData\Local\CrashDumps
2017-03-17 18:18 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\rescache
2017-03-17 17:24 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\appraiser
2017-03-17 17:24 - 2016-07-16 12:36 - 00000000 ____D C:\WINDOWS\CbsTemp
2017-03-17 09:19 - 2014-03-21 11:24 - 00000000 __RHD C:\Users\Public\AccountPictures
2017-03-17 09:18 - 2016-09-25 17:47 - 04901984 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2017-03-17 09:18 - 2014-03-12 10:00 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2017-03-17 09:18 - 2014-03-12 10:00 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2017-03-16 17:45 - 2016-07-16 12:47 - 00000000 ___SD C:\WINDOWS\SysWOW64\F12
2017-03-16 17:45 - 2016-07-16 12:47 - 00000000 ___SD C:\WINDOWS\system32\F12
2017-03-16 17:45 - 2016-07-16 12:47 - 00000000 ___RD C:\WINDOWS\PrintDialog
2017-03-16 17:45 - 2016-07-16 12:47 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2017-03-16 17:45 - 2016-07-16 12:47 - 00000000 ___RD C:\Program Files\Windows Defender
2017-03-16 17:45 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\SysWOW64\setup
2017-03-16 17:45 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\setup
2017-03-16 17:45 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\oobe
2017-03-16 17:45 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\ShellExperiences
2017-03-16 17:45 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\bcastdvr
2017-03-16 17:45 - 2016-07-16 12:47 - 00000000 ____D C:\Program Files\Windows Photo Viewer
2017-03-16 17:45 - 2016-07-16 12:47 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2017-03-16 17:45 - 2016-07-16 12:47 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2017-03-16 17:35 - 2014-03-12 10:53 - 00000000 ____D C:\WINDOWS\system32\MRT
2017-03-16 17:33 - 2014-03-12 10:53 - 138634176 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-03-16 17:30 - 2014-03-12 10:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2017-03-15 17:53 - 2016-09-25 17:56 - 00004440 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2017-03-15 17:53 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\SysWOW64\Macromed
2017-03-15 17:53 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\Macromed
2017-03-15 17:53 - 2014-08-26 06:58 - 00000000 ____D C:\Users\Martin\AppData\Local\Adobe
2017-03-15 17:53 - 2014-03-13 07:43 - 00000000 ____D C:\Users\Martin_2\AppData\Local\Adobe
2017-03-15 12:09 - 2016-11-04 11:00 - 01017624 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klif.sys
2017-03-15 12:09 - 2016-11-04 11:00 - 00196376 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klflt.sys
2017-03-15 12:09 - 2016-06-14 17:47 - 00199392 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\kneps.sys
2017-03-15 12:09 - 2016-06-02 22:39 - 00136416 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klwtp.sys
2017-03-15 11:44 - 2016-07-16 07:04 - 00032768 _____ C:\WINDOWS\system32\config\ELAM
2017-03-14 13:42 - 2016-09-25 17:49 - 00000000 ____D C:\Users\Martin
2017-03-14 13:42 - 2016-09-25 17:49 - 00000000 ____D C:\Users\Bärbel
2017-03-10 06:17 - 2016-07-16 12:49 - 00835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2017-03-10 06:17 - 2016-07-16 12:49 - 00177656 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2017-03-09 19:17 - 2014-11-22 17:43 - 00000000 ____D C:\ProgramData\tmp
2017-03-09 18:52 - 2014-11-22 17:43 - 00000000 ____D C:\ProgramData\hps
2017-03-09 09:58 - 2016-11-23 12:27 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2017-03-04 08:09 - 2016-09-25 17:47 - 02717184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2017-02-28 16:17 - 2015-10-05 13:50 - 00000000 ____D C:\ProgramData\CanonIJPLM
2017-02-23 12:00 - 2015-11-21 13:12 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2015-07-08 13:09 - 2015-07-08 13:09 - 0099384 _____ () C:\Users\Martin\AppData\Roaming\inst.exe
2015-07-08 13:09 - 2015-07-08 13:09 - 0007859 _____ () C:\Users\Martin\AppData\Roaming\pcouffin.cat
2015-07-08 13:09 - 2015-07-08 13:09 - 0001167 _____ () C:\Users\Martin\AppData\Roaming\pcouffin.inf
2015-07-08 13:09 - 2015-07-08 13:09 - 0000055 _____ () C:\Users\Martin\AppData\Roaming\pcouffin.log
2015-07-08 13:09 - 2015-07-08 13:09 - 0082816 _____ (VSO Software) C:\Users\Martin\AppData\Roaming\pcouffin.sys
2016-09-25 17:48 - 2016-09-25 17:48 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

Einige Dateien in TEMP:
====================
2016-11-01 13:59 - 2016-11-01 13:59 - 0737856 _____ (Oracle Corporation) C:\Users\Martin_2\AppData\Local\Temp\jre-8u111-windows-au.exe
2017-01-21 11:04 - 2017-01-21 11:04 - 0739904 _____ (Oracle Corporation) C:\Users\Martin_2\AppData\Local\Temp\jre-8u121-windows-au.exe

==================== Bamital & volsnap ======================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert

LastRegBack: 2017-03-15 09:39

==================== Ende von FRST.txt ============================

rwasser 24.03.2017 12:10
Und die Zusatzinfos

Code:
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 15-03-2017
durchgeführt von Martin (24-03-2017 11:31:57)
Gestartet von C:\Users\Martin_2\Downloads
Windows 10 Home Version 1607 (X64) (2016-09-25 16:58:01)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-1714761304-533778531-3308288475-500 - Administrator - Disabled)
Bärbel (S-1-5-21-1714761304-533778531-3308288475-1006 - Limited - Enabled) => C:\Users\Bärbel
DefaultAccount (S-1-5-21-1714761304-533778531-3308288475-503 - Limited - Disabled)
Gast (S-1-5-21-1714761304-533778531-3308288475-501 - Limited - Disabled)
Martin (S-1-5-21-1714761304-533778531-3308288475-1001 - Administrator - Enabled) => C:\Users\Martin
Rwasser (S-1-5-21-1714761304-533778531-3308288475-1003 - Limited - Enabled) => C:\Users\Martin_2

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Kaspersky Internet Security (Enabled - Up to date) {86367591-4BE4-AE08-2FD9-7FCB8259CD98}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Kaspersky Internet Security (Enabled - Up to date) {3D579475-6DDE-A186-1569-44B9F9DE8725}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky Internet Security (Enabled) {BE0DF4B4-018B-AF50-0486-D6FE7C8A8AE3}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

7-Zip 16.04 (HKLM-x32\...\7-Zip) (Version: 16.04 - Igor Pavlov)
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.023.20070 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 24.0.0.180 - Adobe Systems Incorporated)
Adobe Community Help (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.0.0.400 - Adobe Systems Incorporated)
Adobe Creative Suite 5 Design Premium (HKLM-x32\...\{02698606-3A21-489D-9D2A-75C9E8D3E5BD}) (Version: 5.0 - Adobe Systems Incorporated)
Adobe Flash Player 25 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 25.0.0.127 - Adobe Systems Incorporated)
Adobe Media Player (HKLM-x32\...\com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.8 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.0 (HKLM-x32\...\{AA3B06B1-E89A-43C6-A26B-7109DB4BEE7B}) (Version: 12.0.7.148 - Adobe Systems, Inc)
Adobe Shockwave Player 12.2 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.2.5.195 - Adobe Systems, Inc.)
Allgemeine Runtime Files (x86) (HKLM\...\{1F6D1DB5-82B5-41A4-85A2-0A382C142A35}_is1) (Version: 1.0.3.7 - Sereby Corporation)
Apple Application Support (32-Bit) (HKLM-x32\...\{29DB9165-5FC1-48F0-9188-26123F526848}) (Version: 5.0.1 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{5905C8CF-1C88-4478-A48E-4E458AD1BC7E}) (Version: 5.0.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{D4D86CB2-2370-4691-8272-3869EDED6C64}) (Version: 10.0.0.18 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: 2.2.0.150 - Apple Inc.)
Audacity 2.0.5 (HKLM-x32\...\Audacity_is1) (Version: 2.0.5 - Audacity Team)
AutoUpdate (HKLM-x32\...\{18D10072035C4515918F7E37EAFAACFC}) (Version: 1.1 - )
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
calibre (HKLM-x32\...\{263E62B9-CB1E-4864-A8A7-37DEAC651484}) (Version: 2.63.0 - Kovid Goyal)
Canon Easy-WebPrint EX (HKLM-x32\...\Easy-WebPrint EX) (Version: 1.6.0.0 - Canon Inc.)
Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version: 1.1.12.0 - Canon Inc.)
Canon Inkjet Printer/Scanner/Fax Extended Survey Program (HKLM-x32\...\CANONIJPLM100) (Version: 4.2.0 - Canon Inc.)
Canon Kurzwahlprogramm (HKLM-x32\...\Speed Dial Utility) (Version: 1.5.0 - Canon Inc.)
Canon MB2300 series Benutzerregistrierung (HKLM-x32\...\Canon MB2300 series Benutzerregistrierung) (Version:  - *Canon Inc.)
Canon MB2300 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MB2300_series) (Version: 1.01 - Canon Inc.)
Canon MB2300 series On-screen Manual (HKLM-x32\...\Canon MB2300 series On-screen Manual) (Version: 7.7.1 - Canon Inc.)
Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: 3.2.1 - Canon Inc.)
Canon Quick Toolbox (HKLM-x32\...\Quick Toolbox) (Version: 1.0.0 - Canon Inc.)
Classic Shell (HKLM\...\{023F92C9-AB10-4C54-BF09-C550AEC37917}) (Version: 4.0.6 - IvoSoft)
Cliqz (HKLM-x32\...\{5A0C0737-6AFE-4DC6-A8B4-6DFE509ACD75}_is1) (Version: 0.5.22 - Cliqz.com)
DirectX 9.0c Extra Files (x86, x64) (HKLM\...\{8729E65B-8C12-4A42-B1FE-E4DA7ED52855}_is1) (Version: 1.10.06.0 - Sereby Corporation)
DivX (HKLM-x32\...\{7B63B2922B174135AFC0E1377DD81EC2}) (Version: 6.0 - DivXNetworks, Inc.)
Druckerdeinstallation für EPSON PX650 Series (HKLM\...\EPSON PX650 Series) (Version:  - SEIKO EPSON Corporation)
ElsterFormular (HKLM-x32\...\ElsterFormular) (Version: 18.1.22140 - Landesfinanzdirektion Thüringen)
Enigma (HKLM-x32\...\Enigma) (Version: 1.20 - Enigma Devel)
GeForce Experience NvStream Client Components (Version: 1.6.28 - NVIDIA Corporation) Hidden
GoldWave v5.70 (HKLM-x32\...\GoldWave v5.70) (Version: 5.70 - GoldWave Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 56.0.2924.87 - Google Inc.)
Google Earth (HKLM-x32\...\{F6430171-B86B-4639-839E-374913E7911D}) (Version: 7.1.8.3036 - Google)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.32.7 - Google Inc.) Hidden
iCloud (HKLM\...\{CE29BC77-C5AE-49D8-A8C0-FDAF6ACF74DF}) (Version: 6.0.1.41 - Apple Inc.)
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1011 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.15.1730 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.0.1016 - Intel Corporation)
iTunes (HKLM\...\{9946A4F7-E0FD-4A33-82D1-06CBFFBBB9F9}) (Version: 12.5.1.21 - Apple Inc.)
Java 8 Update 121 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180121F0}) (Version: 8.0.1210.13 - Oracle Corporation)
Kaspersky Internet Security (HKLM-x32\...\InstallWIX_{E27B1D7B-3B34-43A2-9FC0-9828D5DF46E2}) (Version: 17.0.0.611 - Kaspersky Lab)
Kaspersky Internet Security (x32 Version: 17.0.0.611 - Kaspersky Lab) Hidden
Kaspersky Secure Connection (HKLM-x32\...\InstallWIX_{1CF84962-50F8-48CA-9082-B70F3A02C686}) (Version: 17.0.0.611 - Kaspersky Lab)
Kaspersky Secure Connection (x32 Version: 17.0.0.611 - Kaspersky Lab) Hidden
Kobo (HKLM-x32\...\Kobo) (Version: 4.2.6122 - Rakuten Kobo Inc.)
LoiLoScope Herunterladen (HKLM-x32\...\{C2A254F4-AC74-482F-8F09-DB2843AC2AAE}_is1) (Version: 2.0 - LoiLo inc)
Malwarebytes Version 3.0.6.1469 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.0.6.1469 - Malwarebytes)
Microsoft .NET Framework 1.1 (HKLM-x32\...\Microsoft .NET Framework 1.1  (1033)) (Version:  - )
Microsoft .NET Framework 1.1 Security Update (KB2698023) (HKLM-x32\...\M2698023) (Version:  - )
Microsoft .NET Framework 1.1 Security Update (KB2833941) (HKLM-x32\...\M2833941) (Version:  - )
Microsoft .NET Framework 1.1 Security Update (KB979906) (HKLM-x32\...\M979906) (Version:  - )
Microsoft .NET Framework 1.1 SP1 (HKLM\...\{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}) (Version:  - )
Microsoft .NET Framework 1.1 SP1 (HKLM\...\Microsoft .NET Framework 1.1  (1033)) (Version:  - )
Microsoft Office Professional 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50905.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 ENU (HKLM-x32\...\{3A9FC03D-C685-4831-94CF-4EDFD3749497}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 x64 ENU (HKLM\...\{D4AD39AD-091E-4D33-BB2B-59F6FCB8ADC3}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61187 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61186 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.7523 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.7523 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.7523 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.7523 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{90ffcee5-8608-4e94-8c18-a4feb4f83fb8}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{4fcf070a-daac-45e9-a8b0-6850941f7ed8}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Mozilla Firefox 52.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 52.0.1 (x86 de)) (Version: 52.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 52.0.1.6284 - Mozilla)
Mozilla Thunderbird 45.8.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 45.8.0 (x86 de)) (Version: 45.8.0 - Mozilla)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
Nero Burning ROM 2014 (HKLM-x32\...\{6932EB55-F428-4F47-905B-56C90245FC48}) (Version: 15.0.04700 - Nero AG)
Nero Info (HKLM-x32\...\{B791E0AB-87A9-41A4-8D98-D13C2E37D928}) (Version: 15.1.0030 - Nero AG)
Nero Prerequisite Installer 2.0 (HKLM-x32\...\{10EACC1C-7B87-4F57-ACA6-4EC15E13E4E9}) (Version: 12.0.01300 - Nero AG)
Nero WaveEditor (HKLM-x32\...\{59C6E86A-14A9-47FD-9EE8-8D9DA864E0AF}) (Version: 12.5.01300 - Nero AG)
NVIDIA 3D Vision Controller-Treiber 335.21 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 335.21 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 376.53 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 376.53 - NVIDIA Corporation)
NVIDIA GeForce Experience 1.8.2.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 1.8.2.1 - NVIDIA Corporation)
NVIDIA Grafiktreiber 376.53 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 376.53 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.34.17 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.17 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation)
NVIDIA Virtual Audio 1.2.20 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver) (Version: 1.2.20 - NVIDIA Corporation)
OnlineFotoservice (HKLM-x32\...\OnlineFotoservice) (Version: 6.2.1 - CEWE Stiftung u Co. KGaA)
PDF Settings CS5 (x32 Version: 10.0 - Adobe Systems Incorporated) Hidden
PDF24 Creator 6.3.2 (HKLM-x32\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version:  - PDF24.org)
PHOTOfunSTUDIO 9.3 PE (HKLM-x32\...\{E33B3B6C-5712-4A39-B30D-1391918D920D}) (Version: 9.03.703 - Panasonic Corporation)
Prerequisite installer (x32 Version: 12.0.0004 - Nero AG) Hidden
Prerequisite installer (x32 Version: 15.0.0005 - Nero AG) Hidden
QuickTime 7 (HKLM-x32\...\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}) (Version: 7.76.80.95 - Apple Inc.)
RawTherapee Version 4.2 (HKLM\...\{128459AB-59A7-430A-8BD0-3D8803D50400}_is1) (Version: 4.2 - rawtherapee.com)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.19.726.2013 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7071 - Realtek Semiconductor Corp.)
Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.63.0 - Samsung Electronics Co., Ltd.)
Secunia PSI (3.0.0.9016) (HKLM-x32\...\Secunia PSI) (Version: 3.0.0.9016 - Secunia)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
SHIELD Streaming (Version: 1.7.321 - NVIDIA Corporation) Hidden
SILKYPIX Elements Deutsch (HKLM-x32\...\InstallShield_{064A5335-FCC3-4C41-A450-8ABE44D5A6F1}) (Version: 4 - Ichikawa Soft Laboratory)
SILKYPIX Elements Deutsch (x32 Version: 4 - Ichikawa Soft Laboratory) Hidden
Smart Switch (HKLM-x32\...\InstallShield_{74FA5314-85C8-4E2A-907D-D9ECCCB770A7}) (Version: 4.1.17022.20 - Samsung Electronics Co., Ltd.)
Smart Switch (x32 Version: 4.1.17022.20 - Samsung Electronics Co., Ltd.) Hidden
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.4 - VideoLAN)
VSO ConvertXToDVD (HKLM-x32\...\{CE1F93C0-4353-4C9D-84DA-AB4E7C63ED32}_is1) (Version: 5.3.0.15 - VSO Software)
Vulkan Run Time Libraries 1.0.26.0 (HKLM\...\VulkanRT1.0.26.0) (Version: 1.0.26.0 - LunarG, Inc.)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {05A19622-27B2-458B-94EC-5F0738D90747} - \WPD\SqmUpload_S-1-5-21-1714761304-533778531-3308288475-1004 -> Keine Datei <==== ACHTUNG
Task: {05B1FE50-1BBE-4A33-9CD8-3A36E46C5FCE} - \OfficeSoftwareProtectionPlatform\SvcRestartTask -> Keine Datei <==== ACHTUNG
Task: {06A8E542-407A-4EA6-9F1D-CB6ABD25B9B6} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Keine Datei <==== ACHTUNG
Task: {11555ECC-4DAB-4C7A-8786-A2B1AA78AAEC} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-03-15] (Adobe Systems Incorporated)
Task: {2F0C90EE-959D-4F80-BB80-8BB6AD5C4B7C} - System32\Tasks\AdobeAAMUpdater-1.0-HOME-PC-Martin_2 => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2010-03-06] (Adobe Systems Incorporated)
Task: {352B5E97-CA81-4945-BBEA-F3BAF48FD7E2} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.)
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => %SystemRoot%\System32\AutoWorkplace.exe
Task: {4FC3E649-AFAA-47DF-ADA2-0050F677F31D} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Keine Datei <==== ACHTUNG
Task: {58F41D3E-4CC5-47D9-8DD8-56E989CFBE8E} - System32\Tasks\AdobeAAMUpdater-1.0-HOME-PC-rwasser => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2010-03-06] (Adobe Systems Incorporated)
Task: {6007578F-8556-44E8-8D46-D0838A36A1BF} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Keine Datei <==== ACHTUNG
Task: {62978F72-FD7E-46E1-8FAD-662C4DDD1A16} - System32\Tasks\CreateChoiceProcessTask => C:\Windows\BrowserChoice\browserchoice.exe
Task: {63161965-BE35-45DC-A33F-9A24C35BCDC4} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei <==== ACHTUNG
Task: {6421B00E-2EAB-42CD-8E6A-5E0CF08DE157} - \WPD\SqmUpload_S-1-5-21-1714761304-533778531-3308288475-1003 -> Keine Datei <==== ACHTUNG
Task: {70E9504F-05E6-47AB-BD03-05F56B4E4577} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> Keine Datei <==== ACHTUNG
Task: {7741CEE0-C40B-4A71-8532-F9CDD8E9098D} - \WPD\SqmUpload_S-1-5-21-1714761304-533778531-3308288475-1001 -> Keine Datei <==== ACHTUNG
Task: {7A6600FE-9983-46C7-B293-E1A7230A6AC7} - System32\Tasks\AdobeAAMUpdater-1.0-HOME-PC-Martin => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2010-03-06] (Adobe Systems Incorporated)
Task: {7E0CC4DF-C261-475F-9DCD-C42FE70EC120} - System32\Tasks\AdobeAAMUpdater-1.0-HOME-PC-ps => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2010-03-06] (Adobe Systems Incorporated)
Task: {85653F2F-DA1F-4787-B48F-D1833249A5C6} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Keine Datei <==== ACHTUNG
Task: {88B69007-680F-4862-B696-5C707BA70B8E} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> Keine Datei <==== ACHTUNG
Task: {88FE9FC1-0C26-4E4E-B602-A92BB94ACF72} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2016-02-23] (Apple Inc.)
Task: {8B0A198F-08BC-4989-9681-BAC9CED1D81E} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG
Task: {9DEFAE69-D989-4FF7-85A7-5D14C5035C7C} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine Datei <==== ACHTUNG
Task: {A6EED6BA-3ABF-47D4-904F-1EE1D0761D34} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Keine Datei <==== ACHTUNG
Task: {A9F32772-87D6-4503-AD8D-C389FBB68D77} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.)
Task: {B206CE31-4654-410C-8C14-30683FB7283B} - \WPD\SqmUpload_S-1-5-21-1714761304-533778531-3308288475-1006 -> Keine Datei <==== ACHTUNG
Task: {CDC95D86-E40B-40BF-AC09-B1B8573482FC} - \WPD\SqmUpload_S-1-5-21-1714761304-533778531-3308288475-1005 -> Keine Datei <==== ACHTUNG
Task: {E7A92DED-09A5-460E-930F-CC51F8CA14F6} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2017-03-16] (Microsoft Corporation)
Task: {E83BC045-7468-4326-8ADA-76CB2FA9D3AD} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-12-19] (Adobe Systems Incorporated)
Task: {F284BA0F-A7E2-414B-BE65-A9F812C90CF7} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG
Task: {F9FA216D-395C-4C09-A9A8-226D7AC59200} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Keine Datei <==== ACHTUNG

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)


==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FullHD Videobearbeitung LoiLoScope Herunterladen.lnk -> C:\Program Files (x86)\LoiLo\LoiLoScope Download\WebShortcut.exe () -> hxxp://loilo.tv/product/20?partner_id=14
ShortcutWithArgument: C:\Users\Public\Desktop\FullHD Videobearbeitung LoiLoScope Herunterladen.lnk -> C:\Program Files (x86)\LoiLo\LoiLoScope Download\WebShortcut.exe () -> hxxp://loilo.tv/product/20?partner_id=14

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2016-07-16 12:42 - 2016-07-16 12:42 - 00231424 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2017-03-15 18:05 - 2017-03-04 08:19 - 02681200 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2016-09-25 17:48 - 2016-12-29 13:44 - 00134712 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2016-09-01 17:12 - 2016-09-01 17:12 - 00092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2016-09-01 17:12 - 2016-09-01 17:12 - 01353528 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2016-09-25 17:48 - 2013-05-07 08:45 - 00936728 _____ () C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe
2015-10-05 13:50 - 2013-06-28 16:28 - 00084616 _____ () C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
2017-03-20 11:07 - 2017-02-24 06:23 - 02264352 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\PoliciesControllerImpl.dll
2017-03-20 11:07 - 2017-02-24 06:23 - 02264528 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MwacLib.dll
2017-03-15 18:05 - 2017-03-04 08:19 - 02681200 _____ () C:\WINDOWS\SYSTEM32\CoreUIComponents.dll
2016-09-25 17:59 - 2016-09-25 17:59 - 00959168 _____ () C:\Users\Martin_2\AppData\Local\Microsoft\OneDrive\17.3.6381.0405\amd64\ClientTelemetry.dll
2016-09-25 18:44 - 2016-09-25 18:44 - 00134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll
2017-03-15 18:05 - 2017-03-04 07:31 - 00474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll
2017-03-15 18:05 - 2017-03-04 07:12 - 09760768 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2017-03-15 18:05 - 2017-03-04 07:05 - 01401856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2017-03-15 18:05 - 2017-03-04 07:05 - 00757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll
2017-03-15 18:05 - 2017-03-04 07:05 - 01033216 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Actions.dll
2017-03-15 18:05 - 2017-03-04 07:05 - 02424320 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2017-03-15 18:05 - 2017-03-04 07:08 - 04853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2017-02-28 08:53 - 2017-02-28 08:53 - 00019456 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.214.10010.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
2017-02-28 08:53 - 2017-02-28 08:53 - 21149696 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.214.10010.0_x64__8wekyb3d8bbwe\Microsoft.Photos.dll
2017-02-28 08:53 - 2017-02-28 08:53 - 05380096 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.214.10010.0_x64__8wekyb3d8bbwe\MediaEngine.dll
2016-06-08 09:55 - 2016-06-08 09:55 - 00680448 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.214.10010.0_x64__8wekyb3d8bbwe\Microsoft.DesignCore.dll
2017-02-28 08:53 - 2017-02-28 08:53 - 00387584 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.214.10010.0_x64__8wekyb3d8bbwe\Microsoft.RichMedia.Ink.Controls.dll
2017-02-28 08:53 - 2017-02-28 08:53 - 01047552 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.214.10010.0_x64__8wekyb3d8bbwe\Microsoft.Sharing.dll
2016-03-04 10:54 - 2016-03-04 10:54 - 00291328 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_17.214.10010.0_x64__8wekyb3d8bbwe\StoreRatingPromotion.dll
2016-09-25 17:48 - 2017-03-24 10:28 - 00027648 _____ () C:\Program Files (x86)\ASUS\AXSP\1.01.02\PEbiosinterface32.dll
2016-09-25 17:48 - 2013-05-07 08:45 - 00104448 _____ () C:\Program Files (x86)\ASUS\AXSP\1.01.02\ATKEX.dll
2016-06-28 00:19 - 2016-06-28 00:19 - 00865232 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\kpcengine.2.3.dll
2016-09-25 17:59 - 2016-09-25 17:59 - 00679624 _____ () C:\Users\Martin_2\AppData\Local\Microsoft\OneDrive\17.3.6381.0405\ClientTelemetry.dll
2014-03-12 09:44 - 2013-09-16 05:19 - 01242584 ____R () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)


==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2013-08-22 14:25 - 2013-08-22 14:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-1714761304-533778531-3308288475-1001\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\web\wallpaper\Windows\img0.jpg
HKU\S-1-5-21-1714761304-533778531-3308288475-1003\Control Panel\Desktop\\Wallpaper -> C:\Users\Martin_2\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 192.168.2.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

HKLM\...\StartupApproved\Run32: => "ISUSScheduler"
HKLM\...\StartupApproved\Run32: => "ISUSPM Startup"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{82E5C1B9-3A0D-4114-81E0-B73E28C1D46E}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{B70D8FFF-BFAF-4700-8BDF-3E7E19AAEB42}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{0EBDA247-BC50-43ED-A043-4F69DE8AE38C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{EA56274C-9CBB-4B16-8DB3-C0DCDEEB4FE6}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{508D342C-AC04-48CC-BBBF-B63212F21AA8}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{68287F6E-1230-452D-B4E3-59DB265AAC37}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{4D874E29-02A0-42FF-A0A3-B6F28E439B0E}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{E0B4CD56-DA8E-4E52-B0DA-901547D8CDBA}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{2EA38139-0CDA-450F-A813-FE1D62D36EC1}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{F760303F-D83A-4E6D-8599-19E94800CE57}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{F67C8A0B-22ED-49FA-AB8E-190443718C86}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{B7092773-8893-4B5A-804F-FAA6311F9CB4}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{82683395-D4C3-4B7C-8D2B-CA2847FA53D0}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{B82F3993-D2CC-4DB6-AC06-A1347AF2093E}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{78146481-E77B-4CA1-93C9-4BE7A623395E}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{FB5A7800-A918-4049-A143-08D6DE3A9699}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{86E137A7-7A6A-4A28-92B7-A38DF5A29325}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{52CC8977-82F5-4FC1-9F9D-D17161133C89}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{7535569D-5E23-4229-93ED-2C44EA5DADD0}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{7BF630AA-356D-4B07-9FF5-BBCF2AD206A3}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Wiederherstellungspunkte =========================

01-03-2017 19:36:25 Geplanter Prüfpunkt
10-03-2017 18:01:34 Geplanter Prüfpunkt
16-03-2017 17:29:36 Windows Update
21-03-2017 13:30:44 Installed Smart Switch

==================== Fehlerhafte Geräte im Gerätemanager =============


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (03/24/2017 10:33:47 AM) (Source: SideBySide) (EventID: 75) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "c:\program files (x86)\adobe\adobe media encoder cs5\PhotoshopServer.exe". Fehler in Manifest- oder Richtliniendatei "c:\program files (x86)\adobe\adobe media encoder cs5\PhotoshopServer.exe" in Zeile 2.
Mehrere requestedPrivileges-Elemente sind nicht im Manifest zulässig.

Error: (03/23/2017 04:13:42 PM) (Source: SideBySide) (EventID: 75) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "c:\program files (x86)\adobe\adobe media encoder cs5\PhotoshopServer.exe". Fehler in Manifest- oder Richtliniendatei "c:\program files (x86)\adobe\adobe media encoder cs5\PhotoshopServer.exe" in Zeile 2.
Mehrere requestedPrivileges-Elemente sind nicht im Manifest zulässig.

Error: (03/23/2017 04:09:57 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Unexpected conflict discarding  15 1.0.0.127.in-addr.arpa. PTR HOME-PC.local.

Error: (03/23/2017 04:09:57 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Received from 127.0.0.1:5353  17 1.0.0.127.in-addr.arpa. PTR HOME-PC-2.local.

Error: (03/22/2017 12:03:48 PM) (Source: SideBySide) (EventID: 75) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "c:\program files (x86)\adobe\adobe media encoder cs5\PhotoshopServer.exe". Fehler in Manifest- oder Richtliniendatei "c:\program files (x86)\adobe\adobe media encoder cs5\PhotoshopServer.exe" in Zeile 2.
Mehrere requestedPrivileges-Elemente sind nicht im Manifest zulässig.

Error: (03/21/2017 01:41:51 PM) (Source: SideBySide) (EventID: 75) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "c:\program files (x86)\adobe\adobe media encoder cs5\PhotoshopServer.exe". Fehler in Manifest- oder Richtliniendatei "c:\program files (x86)\adobe\adobe media encoder cs5\PhotoshopServer.exe" in Zeile 2.
Mehrere requestedPrivileges-Elemente sind nicht im Manifest zulässig.

Error: (03/21/2017 01:33:19 PM) (Source: SideBySide) (EventID: 75) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "c:\program files (x86)\adobe\adobe media encoder cs5\PhotoshopServer.exe". Fehler in Manifest- oder Richtliniendatei "c:\program files (x86)\adobe\adobe media encoder cs5\PhotoshopServer.exe" in Zeile 2.
Mehrere requestedPrivileges-Elemente sind nicht im Manifest zulässig.

Error: (03/21/2017 01:30:47 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".

Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.

System Error:
Zugriff verweigert
.

Error: (03/21/2017 08:58:56 AM) (Source: SideBySide) (EventID: 75) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "c:\program files (x86)\adobe\adobe media encoder cs5\PhotoshopServer.exe". Fehler in Manifest- oder Richtliniendatei "c:\program files (x86)\adobe\adobe media encoder cs5\PhotoshopServer.exe" in Zeile 2.
Mehrere requestedPrivileges-Elemente sind nicht im Manifest zulässig.

Error: (03/20/2017 11:16:16 AM) (Source: SideBySide) (EventID: 75) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "c:\program files (x86)\adobe\adobe media encoder cs5\PhotoshopServer.exe". Fehler in Manifest- oder Richtliniendatei "c:\program files (x86)\adobe\adobe media encoder cs5\PhotoshopServer.exe" in Zeile 2.
Mehrere requestedPrivileges-Elemente sind nicht im Manifest zulässig.


Systemfehler:
=============
Error: (03/24/2017 10:43:10 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
 und der APPID
{F72671A9-012C-4725-9D2F-2A4D32D65169}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (03/24/2017 10:28:06 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am ‎23.‎03.‎2017 um 16:32:23 unerwartet heruntergefahren.

Error: (03/24/2017 10:27:59 AM) (Source: Microsoft-Windows-Kernel-Boot) (EventID: 29) (User: NT-AUTORITÄT)
Description: 32212256844762706415512296

Error: (03/23/2017 04:09:51 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
 und der APPID
{F72671A9-012C-4725-9D2F-2A4D32D65169}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (03/22/2017 07:45:15 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 und der APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (03/22/2017 12:23:04 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
 und der APPID
{F72671A9-012C-4725-9D2F-2A4D32D65169}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (03/22/2017 12:07:29 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 und der APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (03/22/2017 11:54:33 AM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
 und der APPID
{F72671A9-012C-4725-9D2F-2A4D32D65169}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (03/22/2017 11:54:30 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am ‎21.‎03.‎2017 um 21:20:52 unerwartet heruntergefahren.

Error: (03/21/2017 01:35:56 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{8D8F4F83-3594-4F07-8369-FC3C3CAE4919}
 und der APPID
{F72671A9-012C-4725-9D2F-2A4D32D65169}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.


CodeIntegrity:
===================================
  Date: 2016-11-04 11:01:19.088
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-11-04 11:01:19.084
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-11-04 11:00:42.601
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-11-04 11:00:15.129
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-11-04 11:00:15.125
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-11-04 11:00:15.120
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-11-04 11:00:15.114
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-11-04 10:58:49.541
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-11-04 10:58:49.538
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-11-04 10:58:49.502
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.


==================== Speicherinformationen ===========================

Prozessor: Intel(R) Core(TM) i5-4440 CPU @ 3.10GHz
Prozentuale Nutzung des RAM: 42%
Installierter physikalischer RAM: 8130.18 MB
Verfügbarer physikalischer RAM: 4661.32 MB
Summe virtueller Speicher: 9410.18 MB
Verfügbarer virtueller Speicher: 5417.52 MB

==================== Laufwerke ================================

Drive c: (boot) (Fixed) (Total:232.1 GB) (Free:102.64 GB) NTFS
Drive d: (Daten) (Fixed) (Total:851.51 GB) (Free:648.26 GB) NTFS
Drive e: (Rocover) (Fixed) (Total:80 GB) (Free:53.49 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 232.9 GB) (Disk ID: 612D9DBB)
Partition 1: (Active) - (Size=350 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=232.1 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=450 MB) - (Type=27)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 612D9DA0)
Partition 1: (Not Active) - (Size=851.5 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=80 GB) - (Type=07 NTFS)

==================== Ende von Addition.txt ============================

cosinus 24.03.2017 12:20
Adware/Junkware/Toolbars entfernen

Alte Versionen von adwCleaner und falls vorhanden JRT vorher löschen, danach neu runterladen auf den Desktop!
Virenscanner jetzt vor dem Einsatz dieser Tools bitte komplett deaktivieren!

1. Schritt: adwCleaner

Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).



Wir haben leider noch ne ältere Anleitung vom adwCleaner, bitte nochmal ausführen und so einstellen:

http://saved.im/mtg4nzk1egdo/malware...r-settings.png




2. Schritt: JRT - Junkware Removal Tool

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.


rwasser 24.03.2017 13:13
AdwCleaner Logfile:
Code:
# AdwCleaner v6.044 - Bericht erstellt am 24/03/2017 um 12:36:29
# Aktualisiert am 28/02/2017 von Malwarebytes
# Datenbank : 2017-03-23.2 [Lokal]
# Betriebssystem : Windows 10 Home  (X64)
# Benutzername : Martin - HOME-PC
# Gestartet von : C:\Users\Martin_2\Downloads\AdwCleaner_6.044.exe
# Modus: Löschen
# Unterstützung : https://www.malwarebytes.com/support



***** [ Dienste ] *****



***** [ Ordner ] *****



***** [ Dateien ] *****



***** [ DLL ] *****



***** [ WMI ] *****



***** [ Verknüpfungen ] *****



***** [ Aufgabenplanung ] *****



***** [ Registrierungsdatenbank ] *****

[-] Schlüssel gelöscht: HKCU\Software\Microsoft\Internet Explorer\DOMStorage\castplatform.com
[-] Schlüssel gelöscht: HKCU\Software\Microsoft\Internet Explorer\DOMStorage\cdn.castplatform.com
[#] Schlüssel mit Neustart gelöscht: [x64] HKCU\Software\Microsoft\Internet Explorer\DOMStorage\castplatform.com
[#] Schlüssel mit Neustart gelöscht: [x64] HKCU\Software\Microsoft\Internet Explorer\DOMStorage\cdn.castplatform.com


***** [ Browser ] *****

[-] Firefox Einstellungen bereinigt: "weboftrust.search.ask.display" -  "Ask.com Web Search"
[-] Firefox Einstellungen bereinigt: "weboftrust.search.avg.url" -  "^hxxp(s)?\\:\\/\\/isearch\\.avg\\.com\\/search\\?"


*************************

:: "Tracing" Schlüssel gelöscht
:: Winsock Einstellungen zurückgesetzt
:: "Prefetch" Dateien gelöscht
:: Proxy Einstellungen zurückgesetzt
:: Internet Explorer Richtlinien gelöscht
:: Chrome Richtlinien gelöscht

*************************

\AdwCleaner\AdwCleaner[C0].txt - [1604 Bytes] - [24/03/2017 12:36:29]
\AdwCleaner\AdwCleaner[S0].txt - [1950 Bytes] - [24/03/2017 12:32:08]
\AdwCleaner\AdwCleaner[S1].txt - [2020 Bytes] - [24/03/2017 12:36:04]

########## EOF - \AdwCleaner\AdwCleaner[C0].txt - [1817 Bytes] ##########
--- --- ---

[/CODE]

Code:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.1.2 (03.10.2017)
Operating System: Windows 10 Home x64
Ran by Martin (Administrator) on 24.03.2017 at 13:10:11,34
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




File System: 1

Successfully deleted: C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\ptzvh2ag.default\extensions\staged (Folder)



Registry: 0





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 24.03.2017 at 13:10:45,41
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Ich hoffe, dass ich alles erstmal richtig gemacht habe.

cosinus 24.03.2017 14:03
adwcleaner zwecks Kontrolle bitte wiederholen :kaffee:

rwasser 24.03.2017 15:16
AdwCleaner Logfile:
Code:
# AdwCleaner v6.044 - Bericht erstellt am 24/03/2017 um 15:13:22
# Aktualisiert am 28/02/2017 von Malwarebytes
# Datenbank : 2017-03-23.2 [Lokal]
# Betriebssystem : Windows 10 Home  (X64)
# Benutzername : Martin - HOME-PC
# Gestartet von : C:\Users\Martin_2\Downloads\AdwCleaner_6.044.exe
# Modus: Löschen
# Unterstützung : https://www.malwarebytes.com/support



***** [ Dienste ] *****



***** [ Ordner ] *****



***** [ Dateien ] *****



***** [ DLL ] *****



***** [ WMI ] *****



***** [ Verknüpfungen ] *****



***** [ Aufgabenplanung ] *****



***** [ Registrierungsdatenbank ] *****



***** [ Browser ] *****



*************************

:: "Tracing" Schlüssel gelöscht
:: Winsock Einstellungen zurückgesetzt
:: "Prefetch" Dateien gelöscht
:: Proxy Einstellungen zurückgesetzt
:: Internet Explorer Richtlinien gelöscht
:: Chrome Richtlinien gelöscht

*************************

\AdwCleaner\AdwCleaner[C0].txt - [1902 Bytes] - [24/03/2017 12:36:29]
\AdwCleaner\AdwCleaner[C2].txt - [1034 Bytes] - [24/03/2017 15:13:22]
\AdwCleaner\AdwCleaner[S0].txt - [1950 Bytes] - [24/03/2017 12:32:08]
\AdwCleaner\AdwCleaner[S1].txt - [2020 Bytes] - [24/03/2017 12:36:04]
\AdwCleaner\AdwCleaner[S2].txt - [1552 Bytes] - [24/03/2017 15:13:00]

########## EOF - \AdwCleaner\AdwCleaner[C2].txt - [1318 Bytes] ##########
--- --- ---


[/CODE]

cosinus 24.03.2017 15:59
Dann zeig mal frische FRST Logs. Haken setzen bei addition.txt dann auf Untersuchen klicken

http://www.trojaner-board.de/picture...&pictureid=611

rwasser 24.03.2017 16:48
Code:
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 15-03-2017
durchgeführt von Martin (Administrator) auf HOME-PC (24-03-2017 16:37:27)
Gestartet von C:\Users\Martin_2\Downloads
Geladene Profile: Martin & Rwasser (Verfügbare Profile: Martin & Rwasser & Bärbel)
Platform: Windows 10 Home Version 1607 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Edge)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\avp.exe
() C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
() C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\psia.exe
(DEVGURU Co., LTD.) C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\avpui.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.32.7\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.32.7\GoogleCrashHandler64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\psi_tray.exe
(Geek Software GmbH) C:\Program Files (x86)\PDF24\pdf24.exe
(CANON INC.) C:\Program Files (x86)\Canon\Quick Toolbox\cnqtbapp.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Secunia) C:\Program Files (x86)\Secunia\PSI\sua.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 1.0\ksde.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.12.112.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 1.0\ksdeui.exe
(Microsoft Corporation) C:\Windows\System32\wbem\WMIADAP.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Farbar) C:\Users\Martin_2\Downloads\FRST64(1).exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe

==================== Registry (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7203032 2013-10-22] (Realtek Semiconductor)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2013-08-07] (Intel Corporation)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2234144 2014-02-05] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [500208 2010-03-06] (Adobe Systems Incorporated)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [176440 2016-09-09] (Apple Inc.)
HKLM\...\Run: [Malwarebytes TrayApp] => C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe [2780112 2017-01-20] (Malwarebytes)
HKLM-x32\...\Run: [ISUSPM Startup] => C:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe [221184 2006-08-25] (Macrovision Corporation)
HKLM-x32\...\Run: [ISUSScheduler] => C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe [81920 2006-08-25] (Macrovision Corporation)
HKLM-x32\...\Run: [AdobeCS5ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [402432 2010-07-22] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [PDFPrint] => C:\Program Files (x86)\PDF24\pdf24.exe [189480 2014-02-06] (Geek Software GmbH)
HKLM-x32\...\Run: [CanonQuickToolbox] => C:\Program Files (x86)\Canon\Quick Toolbox\cnqtbapp.exe [1854544 2014-05-13] (CANON INC.)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-10-02] (Apple Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2016-12-12] (Oracle Corporation)
HKLM-x32\...\RunOnce: [DeleteOnReboot] => C:\Users\Martin\AppData\Local\Temp\DeleteOnReboot.bat [200 2017-03-24] () <===== ACHTUNG
HKU\S-1-5-21-1714761304-533778531-3308288475-1001\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [67384 2016-09-09] (Apple Inc.)
HKU\S-1-5-21-1714761304-533778531-3308288475-1001\...\RunOnce: [Uninstall C:\Users\Martin\AppData\Local\Microsoft\OneDrive\17.3.6386.0412\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Martin\AppData\Local\Microsoft\OneDrive\17.3.6386.0412\amd64"
HKU\S-1-5-21-1714761304-533778531-3308288475-1001\...\RunOnce: [Uninstall C:\Users\Martin\AppData\Local\Microsoft\OneDrive\17.3.6386.0412] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Martin\AppData\Local\Microsoft\OneDrive\17.3.6386.0412"
HKU\S-1-5-21-1714761304-533778531-3308288475-1001\...\RunOnce: [Report] => \AdwCleaner\AdwCleaner[C2].txt
HKU\S-1-5-21-1714761304-533778531-3308288475-1003\...\RunOnce: [Uninstall C:\Users\Martin_2\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Martin_2\AppData\Local\Microsoft\OneDrive\17.3.5892.0626\amd64"
ShellIconOverlayIdentifiers: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer64.dll [2014-04-05] (IvoSoft)
ShellIconOverlayIdentifiers-x32: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer32.dll [2014-04-05] (IvoSoft)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\PHOTOfunSTUDIO 9.3 PE.lnk [2016-02-18]
ShortcutTarget: PHOTOfunSTUDIO 9.3 PE.lnk -> C:\Program Files (x86)\Common Files\Panasonic\PHOTOfunSTUDIO AutoStart\AutoStartupService.exe (Panasonic Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Secunia PSI Tray.lnk [2014-03-20]
ShortcutTarget: Secunia PSI Tray.lnk -> C:\Program Files (x86)\Secunia\PSI\psi_tray.exe (Secunia)
Startup: C:\Users\Martin_2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\JL Seaside Calendar.lnk [2017-01-04]
ShortcutTarget: JL Seaside Calendar.lnk -> C:\Program Files (x86)\JL Seaside Calendar\JL Seaside Calendar.exe (Keine Datei)

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 192.168.2.1 192.168.2.1
Tcpip\..\Interfaces\{9e488231-23b4-42c1-92e7-356bd892bd18}: [DhcpNameServer] 192.168.2.1 192.168.2.1
Tcpip\..\Interfaces\{e5d41687-117d-4ba6-b6b3-f7e6efef78d1}: [DhcpNameServer] 8.8.8.8 8.8.4.4

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-1714761304-533778531-3308288475-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://t.de.msn.com/
HKU\S-1-5-21-1714761304-533778531-3308288475-1003\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-1714761304-533778531-3308288475-1003\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/de-de/?ocid=iehp
BHO: Kaspersky Protection -> {2E38825B-8815-42CF-9126-C58BC28D4591} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\x64\IEExt\ie_plugin.dll [2016-12-08] (AO Kaspersky Lab)
BHO: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll [2015-02-23] (CANON INC.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Kaspersky Protection -> {2E38825B-8815-42CF-9126-C58BC28D4591} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\IEExt\ie_plugin.dll [2016-12-08] (AO Kaspersky Lab)
BHO-x32: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll [2015-02-23] (CANON INC.)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\ssv.dll [2017-01-21] (Oracle Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\jp2ssv.dll [2017-01-21] (Oracle Corporation)
Toolbar: HKLM - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2015-02-23] (CANON INC.)
Toolbar: HKLM - Kaspersky Protection Toolbar - {093F479D-712E-46CD-9E06-62E734A05F68} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\x64\IEExt\ie_plugin.dll [2016-12-08] (AO Kaspersky Lab)
Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll [2015-02-23] (CANON INC.)
Toolbar: HKLM-x32 - Kaspersky Protection Toolbar - {093F479D-712E-46CD-9E06-62E734A05F68} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\IEExt\ie_plugin.dll [2016-12-08] (AO Kaspersky Lab)

FireFox:
========
FF DefaultProfile: ptzvh2ag.default
FF ProfilePath: C:\ProgramData\Kaspersky Lab\SafeBrowser\S-1-5-21-1714761304-533778531-3308288475-1001\FireFox [nicht gefunden]
FF ProfilePath: C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\ptzvh2ag.default [2017-03-20]
FF Homepage: Mozilla\Firefox\Profiles\ptzvh2ag.default -> about:home
FF Extension: (Cliqz Beta) - C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\ptzvh2ag.default\Extensions\cliqz@cliqz.com.xpi [2015-02-13] [ist nicht signiert]
FF Extension: (NoScript) - C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\ptzvh2ag.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2015-10-05]
FF Extension: (WOT) - C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\ptzvh2ag.default\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} [2014-03-12] [ist nicht signiert]
FF Extension: (Adblock Plus) - C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\ptzvh2ag.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2017-03-20]
FF SearchPlugin: C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\ptzvh2ag.default\searchplugins\google-images.xml [2014-12-17]
FF SearchPlugin: C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\ptzvh2ag.default\searchplugins\google-maps.xml [2014-12-17]
FF HKLM\...\Firefox\Extensions: [light_plugin_F6F079488B53499DB99380A7E11A93F6@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\FFExt\light_plugin_firefox\addon.xpi
FF Extension: (Kaspersky Protection) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\FFExt\light_plugin_firefox\addon.xpi [2016-12-08]
FF HKLM-x32\...\Firefox\Extensions: [light_plugin_F6F079488B53499DB99380A7E11A93F6@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\FFExt\light_plugin_firefox\addon.xpi
FF HKU\S-1-5-21-1714761304-533778531-3308288475-1001\...\Firefox\Extensions: [cliqz@cliqz.com] - C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\ptzvh2ag.default\extensions\cliqz@cliqz.com => nicht gefunden
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_25_0_0_127.dll [2017-03-15] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50905.0\npctrl.dll [2017-02-10] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWoW64\Macromed\Flash\NPSWF32_25_0_0_127.dll [2017-03-15] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\WINDOWS\SysWOW64\Adobe\Director\np32dsw_1225195.dll [2016-09-20] (Adobe Systems, Inc.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-09-16] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-09-16] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.121.2 -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\dtplugin\npDeployJava1.dll [2017-01-21] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.121.2 -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\plugin2\npjp2.dll [2017-01-21] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50905.0\npctrl.dll [2017-02-10] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2016-12-29] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2016-12-29] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-17] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-17] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-12-23] (Adobe Systems Inc.)

Chrome:
=======
CHR HKLM\...\Chrome\Extension: [fhoibnponjcgjgcnfacekaijdbbplhib] - hxxps://chrome.google.com/webstore/detail/fhoibnponjcgjgcnfacekaijdbbplhib
CHR HKLM-x32\...\Chrome\Extension: [fhoibnponjcgjgcnfacekaijdbbplhib] - hxxps://chrome.google.com/webstore/detail/fhoibnponjcgjgcnfacekaijdbbplhib

==================== Dienste (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2016-08-05] (Apple Inc.)
R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe [936728 2013-05-07] ()
R2 AVP17.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\avp.exe [241544 2016-06-28] (AO Kaspersky Lab)
S3 ElfoService; C:\Program Files (x86)\ElsterFormular Update Service\bin\ElfoService.exe [1283376 2017-02-13] ()
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-08-07] (Intel Corporation)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [69632 2005-11-14] (Macrovision Corporation) [Datei ist nicht signiert]
R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [84616 2013-06-28] ()
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [Datei ist nicht signiert]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-16] (Intel Corporation)
S3 klvssbrigde64; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\x64\vssbridge64.exe [77328 2016-06-28] (AO Kaspersky Lab)
R2 KSDE1.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 1.0\ksde.exe [241544 2016-06-28] (AO Kaspersky Lab)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [4355024 2017-01-20] (Malwarebytes)
R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [458176 2016-12-29] (NVIDIA Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1593632 2014-02-05] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [16941856 2014-02-05] (NVIDIA Corporation)
R2 Secunia PSI Agent; C:\Program Files (x86)\Secunia\PSI\PSIA.exe [1229528 2013-12-06] (Secunia)
R2 Secunia Update Agent; C:\Program Files (x86)\Secunia\PSI\sua.exe [662232 2013-12-06] (Secunia)
R2 ss_conn_service; C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [752224 2017-01-16] (DEVGURU Co., LTD.)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [Datei ist nicht signiert]
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347328 2016-07-16] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103712 2017-03-04] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ======================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2012-08-22] ()
R0 cm_km; C:\WINDOWS\System32\DRIVERS\cm_km.sys [238936 2016-06-10] (AO Kaspersky Lab)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131712 2017-01-16] (Samsung Electronics Co., Ltd.)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [77408 2017-02-24] ()
R0 kl1; C:\WINDOWS\System32\DRIVERS\kl1.sys [554416 2016-06-02] (AO Kaspersky Lab)
R0 klbackupdisk; C:\WINDOWS\System32\DRIVERS\klbackupdisk.sys [63920 2016-06-07] (AO Kaspersky Lab)
R1 klbackupflt; C:\WINDOWS\System32\DRIVERS\klbackupflt.sys [86352 2016-06-15] (AO Kaspersky Lab)
R2 kldisk; C:\WINDOWS\system32\DRIVERS\kldisk.sys [78216 2016-05-31] (AO Kaspersky Lab)
S0 klelam; C:\WINDOWS\System32\DRIVERS\klelam.sys [28792 2016-03-31] (AO Kaspersky Lab)
R3 klflt; C:\WINDOWS\system32\DRIVERS\klflt.sys [196376 2017-03-15] (AO Kaspersky Lab)
R1 klhk; C:\WINDOWS\System32\drivers\klhk.sys [435032 2016-11-04] (AO Kaspersky Lab)
R3 klids; C:\ProgramData\Kaspersky Lab\AVP17.0.0\Bases\klids.sys [182360 2017-03-15] (AO Kaspersky Lab)
R1 KLIF; C:\WINDOWS\System32\DRIVERS\klif.sys [1017624 2017-03-15] (AO Kaspersky Lab)
R1 KLIM6; C:\WINDOWS\system32\DRIVERS\klim6.sys [57424 2016-12-08] (AO Kaspersky Lab)
R3 klkbdflt; C:\WINDOWS\system32\DRIVERS\klkbdflt.sys [52136 2016-05-19] (AO Kaspersky Lab)
R3 klmouflt; C:\WINDOWS\system32\DRIVERS\klmouflt.sys [41656 2015-06-07] (Kaspersky Lab ZAO)
R1 klpd; C:\WINDOWS\System32\DRIVERS\klpd.sys [45488 2016-05-31] (AO Kaspersky Lab)
R3 kltap; C:\WINDOWS\System32\drivers\kltap.sys [52152 2016-06-07] (The OpenVPN Project)
R0 klupd_klif_arkmon; C:\WINDOWS\System32\Drivers\klupd_klif_arkmon.sys [218920 2016-12-09] (AO Kaspersky Lab)
R3 klupd_klif_kimul; C:\WINDOWS\System32\Drivers\klupd_klif_kimul.sys [87584 2017-03-06] (AO Kaspersky Lab)
S3 klupd_klif_klark; C:\WINDOWS\System32\Drivers\klupd_klif_klark.sys [245512 2016-12-09] (AO Kaspersky Lab)
R0 klupd_klif_klbg; C:\WINDOWS\System32\Drivers\klupd_klif_klbg.sys [104720 2016-12-09] (AO Kaspersky Lab)
R3 klupd_klif_mark; C:\WINDOWS\System32\Drivers\klupd_klif_mark.sys [164888 2016-12-09] (AO Kaspersky Lab)
R1 klwfp; C:\WINDOWS\system32\DRIVERS\klwfp.sys [85320 2016-06-18] (AO Kaspersky Lab)
R1 Klwtp; C:\WINDOWS\system32\DRIVERS\klwtp.sys [136416 2017-03-15] (AO Kaspersky Lab)
R1 kneps; C:\WINDOWS\system32\DRIVERS\kneps.sys [199392 2017-03-15] (AO Kaspersky Lab)
R2 MBAMChameleon; C:\WINDOWS\system32\drivers\MBAMChameleon.sys [186304 2017-03-24] (Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\system32\drivers\farflt.sys [111544 2017-03-24] (Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\drivers\mbam.sys [43968 2017-03-24] (Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [251840 2017-03-24] (Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\drivers\mwac.sys [92088 2017-03-24] (Malwarebytes)
R3 MEIx64; C:\WINDOWS\system32\DRIVERS\TeeDriverx64.sys [99288 2013-09-16] (Intel Corporation)
S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispiwu.inf_amd64_b67dc924fff8de6d\nvlddmkm.sys [14199224 2017-01-04] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [39200 2013-12-27] (NVIDIA Corporation)
R3 PSI; C:\WINDOWS\System32\DRIVERS\psi_mf_amd64.sys [18456 2013-12-06] (Secunia)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [165504 2017-01-16] (Samsung Electronics Co., Ltd.)
S1 VBoxNetAdp; C:\WINDOWS\system32\DRIVERS\VBoxNetAdp6.sys [117768 2015-12-18] (Oracle Corporation)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)
U3 aspnet_state; kein ImagePath
S3 MWAC; \??\C:\WINDOWS\system32\drivers\ [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2017-03-24 13:10 - 2017-03-24 13:10 - 00000673 _____ C:\Users\Martin\Desktop\JRT.txt
2017-03-24 13:09 - 2017-03-24 13:09 - 01663904 _____ (Malwarebytes) C:\Users\Martin_2\Downloads\JRT(1).exe
2017-03-24 12:28 - 2017-03-24 15:13 - 00000000 ____D C:\AdwCleaner
2017-03-24 12:27 - 2017-03-24 12:28 - 04031440 _____ C:\Users\Martin_2\Downloads\AdwCleaner_6.044.exe
2017-03-24 11:17 - 2017-03-24 16:37 - 00000000 ____D C:\FRST
2017-03-24 11:17 - 2017-03-24 11:17 - 02424832 _____ (Farbar) C:\Users\Martin_2\Downloads\FRST64(1).exe
2017-03-21 13:35 - 2017-03-21 13:35 - 00000000 ____D C:\Users\Martin_2\Documents\Samsung
2017-03-21 13:32 - 2017-03-21 13:32 - 00002200 _____ C:\Users\Public\Desktop\Smart Switch.lnk
2017-03-21 13:32 - 2017-03-21 13:32 - 00000000 ____D C:\Users\Public\Documents\NativeFus_Log
2017-03-21 13:32 - 2017-03-21 13:32 - 00000000 ____D C:\Users\Martin_2\AppData\Roaming\Samsung
2017-03-21 13:32 - 2017-03-21 13:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung
2017-03-21 13:32 - 2017-01-16 07:26 - 00165504 _____ (Samsung Electronics Co., Ltd.) C:\WINDOWS\system32\Drivers\ssudmdm.sys
2017-03-21 13:32 - 2017-01-16 07:26 - 00131712 _____ (Samsung Electronics Co., Ltd.) C:\WINDOWS\system32\Drivers\ssudbus.sys
2017-03-21 13:31 - 2017-03-21 13:35 - 00000000 ____D C:\ProgramData\Samsung
2017-03-21 13:31 - 2017-03-21 13:32 - 00000000 ____D C:\Program Files (x86)\Samsung
2017-03-21 13:31 - 2017-03-21 13:31 - 00000000 ____D C:\Users\Martin\AppData\Roaming\Samsung
2017-03-21 13:31 - 2016-12-09 09:04 - 00144664 _____ (MAPILab Ltd. & Add-in Express Ltd.) C:\WINDOWS\SysWOW64\secman.dll
2017-03-21 13:29 - 2017-03-21 13:30 - 39612584 _____ (Samsung Electronics) C:\Users\Martin_2\Downloads\Smart_Switch_pc_setup.exe
2017-03-21 13:19 - 2017-03-21 13:20 - 01496584 _____ C:\Users\Martin_2\Downloads\Samsung Kies - CHIP-Installer.exe
2017-03-20 11:15 - 2017-03-20 11:16 - 00000000 ____D C:\Users\Martin\AppData\LocalLow\Mozilla
2017-03-20 11:07 - 2017-03-24 16:33 - 00186304 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMChameleon.sys
2017-03-20 11:07 - 2017-03-24 16:33 - 00111544 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2017-03-20 11:07 - 2017-03-24 16:33 - 00092088 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2017-03-20 11:07 - 2017-03-24 16:33 - 00043968 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2017-03-20 11:07 - 2017-03-20 11:07 - 00001916 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2017-03-20 11:07 - 2017-03-20 11:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2017-03-20 11:07 - 2017-03-20 11:07 - 00000000 ____D C:\Program Files\Malwarebytes
2017-03-20 11:07 - 2017-02-24 06:23 - 00077408 _____ C:\WINDOWS\system32\Drivers\mbae64.sys
2017-03-15 18:07 - 2017-03-04 07:53 - 05722320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2017-03-15 18:07 - 2017-03-04 07:47 - 06667528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2017-03-15 18:07 - 2017-03-04 07:36 - 05685760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2017-03-15 18:07 - 2017-03-04 07:20 - 13873664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2017-03-15 18:07 - 2017-03-04 07:10 - 03307008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2017-03-15 18:07 - 2017-03-04 07:07 - 02643456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2017-03-15 18:07 - 2017-03-04 07:06 - 06109184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll
2017-03-15 18:07 - 2017-03-04 07:06 - 05380608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2017-03-15 18:07 - 2017-03-04 07:00 - 02483200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2017-03-15 18:06 - 2017-03-04 08:57 - 00484584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2017-03-15 18:06 - 2017-03-04 08:57 - 00315744 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2017-03-15 18:06 - 2017-03-04 08:40 - 00965472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReAgent.dll
2017-03-15 18:06 - 2017-03-04 08:26 - 00794416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Shell.Broker.dll
2017-03-15 18:06 - 2017-03-04 08:24 - 02482280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2017-03-15 18:06 - 2017-03-04 08:24 - 02186896 _____ (Microsoft Corporation) C:\WINDOWS\system32\hevcdecoder.dll
2017-03-15 18:06 - 2017-03-04 08:24 - 00108384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys
2017-03-15 18:06 - 2017-03-04 08:24 - 00090976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\IPMIDrv.sys
2017-03-15 18:06 - 2017-03-04 08:23 - 02512304 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVDECOD.DLL
2017-03-15 18:06 - 2017-03-04 08:22 - 02213760 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2017-03-15 18:06 - 2017-03-04 08:19 - 02049480 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpmde.dll
2017-03-15 18:06 - 2017-03-04 08:18 - 01181024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2017-03-15 18:06 - 2017-03-04 08:18 - 00118624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tdx.sys
2017-03-15 18:06 - 2017-03-04 08:17 - 00409952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2017-03-15 18:06 - 2017-03-04 08:15 - 01000280 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2017-03-15 18:06 - 2017-03-04 08:10 - 00360040 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2017-03-15 18:06 - 2017-03-04 08:09 - 07220696 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2017-03-15 18:06 - 2017-03-04 08:09 - 02206496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
2017-03-15 18:06 - 2017-03-04 08:09 - 01969912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hevcdecoder.dll
2017-03-15 18:06 - 2017-03-04 08:09 - 01860288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2017-03-15 18:06 - 2017-03-04 08:09 - 01293152 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2017-03-15 18:06 - 2017-03-04 08:09 - 00857440 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2017-03-15 18:06 - 2017-03-04 08:09 - 00527808 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWanAPI.dll
2017-03-15 18:06 - 2017-03-04 08:09 - 00497416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll
2017-03-15 18:06 - 2017-03-04 08:09 - 00396168 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanapi.dll
2017-03-15 18:06 - 2017-03-04 08:08 - 00130912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storahci.sys
2017-03-15 18:06 - 2017-03-04 08:07 - 00557400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2017-03-15 18:06 - 2017-03-04 08:06 - 01706488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2017-03-15 18:06 - 2017-03-04 08:04 - 08169536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2017-03-15 18:06 - 2017-03-04 08:04 - 02048496 _____ C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2017-03-15 18:06 - 2017-03-04 08:04 - 01362512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmpmde.dll
2017-03-15 18:06 - 2017-03-04 08:04 - 01063472 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfds.dll
2017-03-15 18:06 - 2017-03-04 08:03 - 22223968 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2017-03-15 18:06 - 2017-03-04 08:03 - 04260576 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2017-03-15 18:06 - 2017-03-04 08:03 - 01989072 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2017-03-15 18:06 - 2017-03-04 08:03 - 01848072 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsrcsnk.dll
2017-03-15 18:06 - 2017-03-04 08:03 - 01723560 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcMon.exe
2017-03-15 18:06 - 2017-03-04 08:03 - 01702392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
2017-03-15 18:06 - 2017-03-04 08:03 - 01473048 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2017-03-15 18:06 - 2017-03-04 08:03 - 01454512 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetsrc.dll
2017-03-15 18:06 - 2017-03-04 08:03 - 01301112 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2017-03-15 18:06 - 2017-03-04 08:03 - 01071736 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetcore.dll
2017-03-15 18:06 - 2017-03-04 08:03 - 01062480 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2017-03-15 18:06 - 2017-03-04 08:03 - 00811416 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFCaptureEngine.dll
2017-03-15 18:06 - 2017-03-04 08:03 - 00596040 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2017-03-15 18:06 - 2017-03-04 08:03 - 00443232 _____ (Microsoft Corporation) C:\WINDOWS\system32\MMDevAPI.dll
2017-03-15 18:06 - 2017-03-04 08:03 - 00382272 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppHost.exe
2017-03-15 18:06 - 2017-03-04 08:02 - 00184416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\IPHLPAPI.DLL
2017-03-15 18:06 - 2017-03-04 08:01 - 00137936 _____ (Microsoft Corporation) C:\WINDOWS\system32\AuthHost.exe
2017-03-15 18:06 - 2017-03-04 07:57 - 02536288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2017-03-15 18:06 - 2017-03-04 07:57 - 00387872 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpps.dll
2017-03-15 18:06 - 2017-03-04 07:56 - 00263472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Storage.ApplicationData.dll
2017-03-15 18:06 - 2017-03-04 07:56 - 00248992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\policymanager.dll
2017-03-15 18:06 - 2017-03-04 07:54 - 02277288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll
2017-03-15 18:06 - 2017-03-04 07:54 - 00524776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2017-03-15 18:06 - 2017-03-04 07:53 - 02256080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2017-03-15 18:06 - 2017-03-04 07:53 - 01431232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2017-03-15 18:06 - 2017-03-04 07:53 - 00975744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll
2017-03-15 18:06 - 2017-03-04 07:53 - 00861024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2017-03-15 18:06 - 2017-03-04 07:53 - 00781152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2017-03-15 18:06 - 2017-03-04 07:53 - 00493912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2017-03-15 18:06 - 2017-03-04 07:53 - 00313568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanapi.dll
2017-03-15 18:06 - 2017-03-04 07:53 - 00136032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudExperienceHostUser.dll
2017-03-15 18:06 - 2017-03-04 07:52 - 00549088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SHCore.dll
2017-03-15 18:06 - 2017-03-04 07:52 - 00272720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wintrust.dll
2017-03-15 18:06 - 2017-03-04 07:51 - 01980768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2017-03-15 18:06 - 2017-03-04 07:51 - 00576408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2017-03-15 18:06 - 2017-03-04 07:50 - 00846560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll
2017-03-15 18:06 - 2017-03-04 07:47 - 20969928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2017-03-15 18:06 - 2017-03-04 07:47 - 04023000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2017-03-15 18:06 - 2017-03-04 07:47 - 01853224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2017-03-15 18:06 - 2017-03-04 07:47 - 01557808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll
2017-03-15 18:06 - 2017-03-04 07:47 - 01360456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetsrc.dll
2017-03-15 18:06 - 2017-03-04 07:47 - 01344448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsrcsnk.dll
2017-03-15 18:06 - 2017-03-04 07:47 - 01277856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll
2017-03-15 18:06 - 2017-03-04 07:47 - 01202384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2017-03-15 18:06 - 2017-03-04 07:47 - 01123912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2017-03-15 18:06 - 2017-03-04 07:47 - 00981376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetcore.dll
2017-03-15 18:06 - 2017-03-04 07:47 - 00976184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfds.dll
2017-03-15 18:06 - 2017-03-04 07:47 - 00952416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2017-03-15 18:06 - 2017-03-04 07:47 - 00640976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\evr.dll
2017-03-15 18:06 - 2017-03-04 07:47 - 00530480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf.dll
2017-03-15 18:06 - 2017-03-04 07:47 - 00374448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFPlay.dll
2017-03-15 18:06 - 2017-03-04 07:47 - 00352760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MMDevAPI.dll
2017-03-15 18:06 - 2017-03-04 07:47 - 00034088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CompPkgSup.dll
2017-03-15 18:06 - 2017-03-04 07:46 - 04312248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2017-03-15 18:06 - 2017-03-04 07:46 - 00321792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppHost.exe
2017-03-15 18:06 - 2017-03-04 07:45 - 00173408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\basecsp.dll
2017-03-15 18:06 - 2017-03-04 07:45 - 00112120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gpapi.dll
2017-03-15 18:06 - 2017-03-04 07:42 - 01415240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2017-03-15 18:06 - 2017-03-04 07:42 - 01260784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2017-03-15 18:06 - 2017-03-04 07:42 - 00545944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2017-03-15 18:06 - 2017-03-04 07:42 - 00276832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\input.dll
2017-03-15 18:06 - 2017-03-04 07:40 - 00306800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.MediaControl.dll
2017-03-15 18:06 - 2017-03-04 07:39 - 00372736 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXTaskFactory.dll
2017-03-15 18:06 - 2017-03-04 07:36 - 00126976 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssitlb.dll
2017-03-15 18:06 - 2017-03-04 07:36 - 00119296 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTimeUtil.dll
2017-03-15 18:06 - 2017-03-04 07:36 - 00101888 _____ (Microsoft Corporation) C:\WINDOWS\system32\DuCsps.dll
2017-03-15 18:06 - 2017-03-04 07:36 - 00073728 _____ (Microsoft Corporation) C:\WINDOWS\system32\usoapi.dll
2017-03-15 18:06 - 2017-03-04 07:35 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\system32\musdialoghandlers.dll
2017-03-15 18:06 - 2017-03-04 07:34 - 00258560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\xboxgip.sys
2017-03-15 18:06 - 2017-03-04 07:34 - 00237568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.Diagnostics.dll
2017-03-15 18:06 - 2017-03-04 07:34 - 00226304 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2017-03-15 18:06 - 2017-03-04 07:34 - 00123904 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2017-03-15 18:06 - 2017-03-04 07:34 - 00085504 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2017-03-15 18:06 - 2017-03-04 07:34 - 00047104 _____ (Microsoft Corporation) C:\WINDOWS\system32\wfdprov.dll
2017-03-15 18:06 - 2017-03-04 07:33 - 00295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\unimdm.tsp
2017-03-15 18:06 - 2017-03-04 07:33 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Gaming.UI.GameBar.dll
2017-03-15 18:06 - 2017-03-04 07:33 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\netiougc.exe
2017-03-15 18:06 - 2017-03-04 07:32 - 00263680 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExSMime.dll
2017-03-15 18:06 - 2017-03-04 07:32 - 00193536 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinRtTracing.dll
2017-03-15 18:06 - 2017-03-04 07:32 - 00179712 _____ (Microsoft Corporation) C:\WINDOWS\system32\MCCSEngineShared.dll
2017-03-15 18:06 - 2017-03-04 07:32 - 00113664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.ServiceDiscovery.Dnssd.dll
2017-03-15 18:06 - 2017-03-04 07:31 - 00467968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Gaming.XboxLive.Storage.dll
2017-03-15 18:06 - 2017-03-04 07:31 - 00322048 _____ (Microsoft Corporation) C:\WINDOWS\system32\accountaccessor.dll
2017-03-15 18:06 - 2017-03-04 07:31 - 00149504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Core.dll
2017-03-15 18:06 - 2017-03-04 07:30 - 01631232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Resources.dll
2017-03-15 18:06 - 2017-03-04 07:30 - 00535552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nwifi.sys
2017-03-15 18:06 - 2017-03-04 07:30 - 00418304 _____ C:\WINDOWS\system32\Windows.Perception.Stub.dll
2017-03-15 18:06 - 2017-03-04 07:30 - 00206336 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFilterHost.exe
2017-03-15 18:06 - 2017-03-04 07:30 - 00127488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Credentials.UI.UserConsentVerifier.dll
2017-03-15 18:06 - 2017-03-04 07:30 - 00120320 _____ (Microsoft Corporation) C:\WINDOWS\system32\DafPrintProvider.dll
2017-03-15 18:06 - 2017-03-04 07:30 - 00095232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTimeUtil.dll
2017-03-15 18:06 - 2017-03-04 07:30 - 00052224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpipreg.sys
2017-03-15 18:06 - 2017-03-04 07:30 - 00051712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usoapi.dll
2017-03-15 18:06 - 2017-03-04 07:30 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LaunchWinApp.exe
2017-03-15 18:06 - 2017-03-04 07:30 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\odbcconf.dll
2017-03-15 18:06 - 2017-03-04 07:29 - 01291264 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVPXENC.dll
2017-03-15 18:06 - 2017-03-04 07:29 - 00730112 _____ (Microsoft Corporation) C:\WINDOWS\system32\nshwfp.dll
2017-03-15 18:06 - 2017-03-04 07:29 - 00249856 _____ (Microsoft Corporation) C:\WINDOWS\system32\cemapi.dll
2017-03-15 18:06 - 2017-03-04 07:29 - 00235008 _____ (Microsoft Corporation) C:\WINDOWS\system32\tapi32.dll
2017-03-15 18:06 - 2017-03-04 07:29 - 00203264 _____ (Microsoft Corporation) C:\WINDOWS\system32\PimIndexMaintenance.dll
2017-03-15 18:06 - 2017-03-04 07:29 - 00126464 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblGameSaveExt.dll
2017-03-15 18:06 - 2017-03-04 07:29 - 00112640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssitlb.dll
2017-03-15 18:06 - 2017-03-04 07:29 - 00091648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctfp.dll
2017-03-15 18:06 - 2017-03-04 07:29 - 00082944 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshost.dll
2017-03-15 18:06 - 2017-03-04 07:29 - 00039424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XInputUap.dll
2017-03-15 18:06 - 2017-03-04 07:29 - 00019968 _____ C:\WINDOWS\SysWOW64\GamePanelExternalHook.dll
2017-03-15 18:06 - 2017-03-04 07:28 - 01507840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.FaceAnalysis.dll
2017-03-15 18:06 - 2017-03-04 07:28 - 00741888 _____ (Microsoft Corporation) C:\WINDOWS\system32\internetmail.dll
2017-03-15 18:06 - 2017-03-04 07:28 - 00556544 _____ (Microsoft Corporation) C:\WINDOWS\system32\iprtrmgr.dll
2017-03-15 18:06 - 2017-03-04 07:28 - 00462848 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansec.dll
2017-03-15 18:06 - 2017-03-04 07:28 - 00390144 _____ (Microsoft Corporation) C:\WINDOWS\system32\Search.ProtocolHandler.MAPI2.dll
2017-03-15 18:06 - 2017-03-04 07:28 - 00224256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExSMime.dll
2017-03-15 18:06 - 2017-03-04 07:28 - 00216576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Scanners.dll
2017-03-15 18:06 - 2017-03-04 07:27 - 06574592 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanmm.dll
2017-03-15 18:06 - 2017-03-04 07:27 - 00778752 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssvp.dll
2017-03-15 18:06 - 2017-03-04 07:27 - 00719872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdiWiFi.sys
2017-03-15 18:06 - 2017-03-04 07:27 - 00590336 _____ (Microsoft Corporation) C:\WINDOWS\system32\efswrt.dll
2017-03-15 18:06 - 2017-03-04 07:27 - 00549376 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2017-03-15 18:06 - 2017-03-04 07:27 - 00456192 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiobj.dll
2017-03-15 18:06 - 2017-03-04 07:27 - 00446976 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapConfiguration.dll
2017-03-15 18:06 - 2017-03-04 07:27 - 00358912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.dll
2017-03-15 18:06 - 2017-03-04 07:27 - 00349184 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2017-03-15 18:06 - 2017-03-04 07:27 - 00292864 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2017-03-15 18:06 - 2017-03-04 07:27 - 00275968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\accountaccessor.dll
2017-03-15 18:06 - 2017-03-04 07:27 - 00252416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Identity.Provider.dll
2017-03-15 18:06 - 2017-03-04 07:27 - 00200192 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiapi.dll
2017-03-15 18:06 - 2017-03-04 07:27 - 00141824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Radios.dll
2017-03-15 18:06 - 2017-03-04 07:27 - 00055296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\findnetprinters.dll
2017-03-15 18:06 - 2017-03-04 07:27 - 00045056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ddrawex.dll
2017-03-15 18:06 - 2017-03-04 07:26 - 00631296 _____ (Microsoft Corporation) C:\WINDOWS\system32\WlanMediaManager.dll
2017-03-15 18:06 - 2017-03-04 07:26 - 00561664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Wallet.dll
2017-03-15 18:06 - 2017-03-04 07:26 - 00468992 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanconn.dll
2017-03-15 18:06 - 2017-03-04 07:26 - 00409600 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanui.dll
2017-03-15 18:06 - 2017-03-04 07:26 - 00383488 _____ (Microsoft Corporation) C:\WINDOWS\system32\DavSyncProvider.dll
2017-03-15 18:06 - 2017-03-04 07:26 - 00366080 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFolder.dll
2017-03-15 18:06 - 2017-03-04 07:26 - 00307200 _____ (Microsoft Corporation) C:\WINDOWS\system32\PrintDialogs3D.dll
2017-03-15 18:06 - 2017-03-04 07:26 - 00177664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.Diagnostics.dll
2017-03-15 18:06 - 2017-03-04 07:26 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDeviceRegistration.dll
2017-03-15 18:06 - 2017-03-04 07:26 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BcastDVRHelper.dll
2017-03-15 18:06 - 2017-03-04 07:26 - 00147456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VCardParser.dll
2017-03-15 18:06 - 2017-03-04 07:26 - 00138240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DisplayManager.dll
2017-03-15 18:06 - 2017-03-04 07:26 - 00123904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.HostName.dll
2017-03-15 18:06 - 2017-03-04 07:26 - 00065024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Gaming.UI.GameBar.dll
2017-03-15 18:06 - 2017-03-04 07:26 - 00047104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Shell.Search.UriHandler.dll
2017-03-15 18:06 - 2017-03-04 07:26 - 00038912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wfdprov.dll
2017-03-15 18:06 - 2017-03-04 07:26 - 00025600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netiougc.exe
2017-03-15 18:06 - 2017-03-04 07:25 - 01388544 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Cred.dll
2017-03-15 18:06 - 2017-03-04 07:25 - 00748544 _____ (Microsoft Corporation) C:\WINDOWS\system32\ChatApis.dll
2017-03-15 18:06 - 2017-03-04 07:25 - 00579584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.UX.EapRequestHandler.dll
2017-03-15 18:06 - 2017-03-04 07:25 - 00548864 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2017-03-15 18:06 - 2017-03-04 07:25 - 00320000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2017-03-15 18:06 - 2017-03-04 07:25 - 00284160 _____ (Microsoft Corporation) C:\WINDOWS\system32\AboveLockAppHost.dll
2017-03-15 18:06 - 2017-03-04 07:25 - 00255488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\unimdm.tsp
2017-03-15 18:06 - 2017-03-04 07:25 - 00251904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mscandui.dll
2017-03-15 18:06 - 2017-03-04 07:25 - 00245760 _____ (Microsoft Corporation) C:\WINDOWS\system32\WwaApi.dll
2017-03-15 18:06 - 2017-03-04 07:25 - 00175104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\puiapi.dll
2017-03-15 18:06 - 2017-03-04 07:25 - 00168448 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssph.dll
2017-03-15 18:06 - 2017-03-04 07:25 - 00152064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MCCSEngineShared.dll
2017-03-15 18:06 - 2017-03-04 07:25 - 00136192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinRtTracing.dll
2017-03-15 18:06 - 2017-03-04 07:25 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BrowserSettingSync.dll
2017-03-15 18:06 - 2017-03-04 07:25 - 00097792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.System.SystemManagement.dll
2017-03-15 18:06 - 2017-03-04 07:25 - 00057344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WPDShServiceObj.dll
2017-03-15 18:06 - 2017-03-04 07:25 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tbauth.dll
2017-03-15 18:06 - 2017-03-04 07:24 - 01293312 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcnwiz.dll
2017-03-15 18:06 - 2017-03-04 07:24 - 00671744 _____ (Microsoft Corporation) C:\WINDOWS\system32\mbsmsapi.dll
2017-03-15 18:06 - 2017-03-04 07:24 - 00328192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2017-03-15 18:06 - 2017-03-04 07:24 - 00223232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scksp.dll
2017-03-15 18:06 - 2017-03-04 07:24 - 00142336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.WiFi.dll
2017-03-15 18:06 - 2017-03-04 07:24 - 00129024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.SerialCommunication.dll
2017-03-15 18:06 - 2017-03-04 07:24 - 00093184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctfui.dll
2017-03-15 18:06 - 2017-03-04 07:24 - 00088576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDeviceRegistration.Ngc.dll
2017-03-15 18:06 - 2017-03-04 07:24 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.ServiceDiscovery.Dnssd.dll
2017-03-15 18:06 - 2017-03-04 07:24 - 00022016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBrokerCookies.exe
2017-03-15 18:06 - 2017-03-04 07:23 - 01184256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Unistore.dll
2017-03-15 18:06 - 2017-03-04 07:23 - 01145856 _____ (Microsoft Corporation) C:\WINDOWS\system32\EmailApis.dll
2017-03-15 18:06 - 2017-03-04 07:23 - 00963584 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebcamUi.dll
2017-03-15 18:06 - 2017-03-04 07:23 - 00945152 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasgcw.dll
2017-03-15 18:06 - 2017-03-04 07:23 - 00820224 _____ (Microsoft Corporation) C:\WINDOWS\system32\PrintRenderAPIHost.DLL
2017-03-15 18:06 - 2017-03-04 07:23 - 00583680 _____ (Microsoft Corporation) C:\WINDOWS\system32\PrintDialogs.dll
2017-03-15 18:06 - 2017-03-04 07:23 - 00531456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iprtrmgr.dll
2017-03-15 18:06 - 2017-03-04 07:23 - 00526336 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv

rwasser 24.03.2017 16:50
Und Teil 2

Code:
2017-03-15 18:06 - 2017-03-04 07:23 - 00506368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcastdvr.exe
2017-03-15 18:06 - 2017-03-04 07:23 - 00392192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Gaming.Input.dll
2017-03-15 18:06 - 2017-03-04 07:23 - 00374784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.LowLevel.dll
2017-03-15 18:06 - 2017-03-04 07:23 - 00334848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DavSyncProvider.dll
2017-03-15 18:06 - 2017-03-04 07:23 - 00330752 _____ (Microsoft Corporation) C:\WINDOWS\system32\NgcCtnrSvc.dll
2017-03-15 18:06 - 2017-03-04 07:23 - 00315904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Gaming.XboxLive.Storage.dll
2017-03-15 18:06 - 2017-03-04 07:23 - 00299520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataAccountApis.dll
2017-03-15 18:06 - 2017-03-04 07:23 - 00291840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Search.ProtocolHandler.MAPI2.dll
2017-03-15 18:06 - 2017-03-04 07:23 - 00231936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.LockScreen.dll
2017-03-15 18:06 - 2017-03-04 07:23 - 00184320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserMgrProxy.dll
2017-03-15 18:06 - 2017-03-04 07:23 - 00172032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netiohlp.dll
2017-03-15 18:06 - 2017-03-04 07:22 - 01299968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVPXENC.dll
2017-03-15 18:06 - 2017-03-04 07:22 - 00332288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapConfiguration.dll
2017-03-15 18:06 - 2017-03-04 07:22 - 00265728 _____ C:\WINDOWS\SysWOW64\Windows.Perception.Stub.dll
2017-03-15 18:06 - 2017-03-04 07:22 - 00254464 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssphtb.dll
2017-03-15 18:06 - 2017-03-04 07:22 - 00237568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SyncSettings.dll
2017-03-15 18:06 - 2017-03-04 07:22 - 00231424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudBackupSettings.dll
2017-03-15 18:06 - 2017-03-04 07:22 - 00230912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\icm32.dll
2017-03-15 18:06 - 2017-03-04 07:22 - 00212992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cemapi.dll
2017-03-15 18:06 - 2017-03-04 07:22 - 00183296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFilterHost.exe
2017-03-15 18:06 - 2017-03-04 07:22 - 00117760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AuthBroker.dll
2017-03-15 18:06 - 2017-03-04 07:22 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DafPrintProvider.dll
2017-03-15 18:06 - 2017-03-04 07:21 - 06285824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2017-03-15 18:06 - 2017-03-04 07:21 - 01937920 _____ (Microsoft Corporation) C:\WINDOWS\system32\mmc.exe
2017-03-15 18:06 - 2017-03-04 07:21 - 01243136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.FaceAnalysis.dll
2017-03-15 18:06 - 2017-03-04 07:21 - 00809984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Storage.Search.dll
2017-03-15 18:06 - 2017-03-04 07:21 - 00670208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.PointOfService.dll
2017-03-15 18:06 - 2017-03-04 07:21 - 00631296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\main.cpl
2017-03-15 18:06 - 2017-03-04 07:21 - 00609280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Import.dll
2017-03-15 18:06 - 2017-03-04 07:21 - 00575488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nshwfp.dll
2017-03-15 18:06 - 2017-03-04 07:21 - 00483840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.AllJoyn.dll
2017-03-15 18:06 - 2017-03-04 07:21 - 00389632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2017-03-15 18:06 - 2017-03-04 07:21 - 00298496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2017-03-15 18:06 - 2017-03-04 07:21 - 00202752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.HumanInterfaceDevice.dll
2017-03-15 18:06 - 2017-03-04 07:21 - 00196608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tapi32.dll
2017-03-15 18:06 - 2017-03-04 07:21 - 00185856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Identity.Provider.dll
2017-03-15 18:06 - 2017-03-04 07:20 - 00632832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sud.dll
2017-03-15 18:06 - 2017-03-04 07:20 - 00611328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Printing.dll
2017-03-15 18:06 - 2017-03-04 07:20 - 00562176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.SmartCards.dll
2017-03-15 18:06 - 2017-03-04 07:20 - 00534528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PCPTpm12.dll
2017-03-15 18:06 - 2017-03-04 07:20 - 00506880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DevicePairing.dll
2017-03-15 18:06 - 2017-03-04 07:20 - 00426496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Wallet.dll
2017-03-15 18:06 - 2017-03-04 07:20 - 00426496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneDriveSettingSyncProvider.dll
2017-03-15 18:06 - 2017-03-04 07:20 - 00424960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msutb.dll
2017-03-15 18:06 - 2017-03-04 07:20 - 00386048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.WiFiDirect.dll
2017-03-15 18:06 - 2017-03-04 07:20 - 00368128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanui.dll
2017-03-15 18:06 - 2017-03-04 07:20 - 00325120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleacc.dll
2017-03-15 18:06 - 2017-03-04 07:20 - 00284672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apprepsync.dll
2017-03-15 18:06 - 2017-03-04 07:20 - 00271360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\deviceaccess.dll
2017-03-15 18:06 - 2017-03-04 07:20 - 00218624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WwaApi.dll
2017-03-15 18:06 - 2017-03-04 07:20 - 00206336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vaultcli.dll
2017-03-15 18:06 - 2017-03-04 07:20 - 00175616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Scanners.dll
2017-03-15 18:06 - 2017-03-04 07:20 - 00125952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apprepapi.dll
2017-03-15 18:06 - 2017-03-04 07:19 - 03777536 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2017-03-15 18:06 - 2017-03-04 07:19 - 01403392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Editing.dll
2017-03-15 18:06 - 2017-03-04 07:19 - 00714752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssvp.dll
2017-03-15 18:06 - 2017-03-04 07:19 - 00498688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mbsmsapi.dll
2017-03-15 18:06 - 2017-03-04 07:19 - 00458752 _____ (Microsoft Corporation) C:\WINDOWS\system32\RTMediaFrame.dll
2017-03-15 18:06 - 2017-03-04 07:19 - 00431616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\efswrt.dll
2017-03-15 18:06 - 2017-03-04 07:19 - 00414208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2017-03-15 18:06 - 2017-03-04 07:19 - 00410112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys
2017-03-15 18:06 - 2017-03-04 07:19 - 00390656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredProvDataModel.dll
2017-03-15 18:06 - 2017-03-04 07:19 - 00318464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFolder.dll
2017-03-15 18:06 - 2017-03-04 07:19 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Picker.dll
2017-03-15 18:06 - 2017-03-04 07:19 - 00226816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore6.dll
2017-03-15 18:06 - 2017-03-04 07:19 - 00181760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tcpipcfg.dll
2017-03-15 18:06 - 2017-03-04 07:18 - 01762816 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSPhotography.dll
2017-03-15 18:06 - 2017-03-04 07:18 - 01231360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wcnwiz.dll
2017-03-15 18:06 - 2017-03-04 07:18 - 01189376 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdengin2.dll
2017-03-15 18:06 - 2017-03-04 07:18 - 00896512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontext.dll
2017-03-15 18:06 - 2017-03-04 07:18 - 00819200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppContracts.dll
2017-03-15 18:06 - 2017-03-04 07:18 - 00747520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Ocr.dll
2017-03-15 18:06 - 2017-03-04 07:18 - 00567808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ChatApis.dll
2017-03-15 18:06 - 2017-03-04 07:18 - 00548352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ddraw.dll
2017-03-15 18:06 - 2017-03-04 07:18 - 00525824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintDialogs.dll
2017-03-15 18:06 - 2017-03-04 07:18 - 00314368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Usb.dll
2017-03-15 18:06 - 2017-03-04 07:18 - 00284672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.dll
2017-03-15 18:06 - 2017-03-04 07:18 - 00254464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssphtb.dll
2017-03-15 18:06 - 2017-03-04 07:18 - 00253952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2017-03-15 18:06 - 2017-03-04 07:18 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\system32\RelPost.exe
2017-03-15 18:06 - 2017-03-04 07:18 - 00140800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssph.dll
2017-03-15 18:06 - 2017-03-04 07:18 - 00074752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\updatepolicy.dll
2017-03-15 18:06 - 2017-03-04 07:17 - 07812096 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2017-03-15 18:06 - 2017-03-04 07:17 - 00864256 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnapps.dll
2017-03-15 18:06 - 2017-03-04 07:17 - 00529920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StructuredQuery.dll
2017-03-15 18:06 - 2017-03-04 07:17 - 00297472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
2017-03-15 18:06 - 2017-03-04 07:17 - 00238080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AboveLockAppHost.dll
2017-03-15 18:06 - 2017-03-04 07:16 - 13441536 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2017-03-15 18:06 - 2017-03-04 07:16 - 01908224 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2017-03-15 18:06 - 2017-03-04 07:16 - 01456640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2017-03-15 18:06 - 2017-03-04 07:16 - 00968704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Unistore.dll
2017-03-15 18:06 - 2017-03-04 07:16 - 00870400 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmkvsrcsnk.dll
2017-03-15 18:06 - 2017-03-04 07:16 - 00858112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EmailApis.dll
2017-03-15 18:06 - 2017-03-04 07:16 - 00850432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasgcw.dll
2017-03-15 18:06 - 2017-03-04 07:16 - 00846336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WebcamUi.dll
2017-03-15 18:06 - 2017-03-04 07:16 - 00816640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NaturalLanguage6.dll
2017-03-15 18:06 - 2017-03-04 07:16 - 00762880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mprddm.dll
2017-03-15 18:06 - 2017-03-04 07:16 - 00760832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\appwiz.cpl
2017-03-15 18:06 - 2017-03-04 07:16 - 00711680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2017-03-15 18:06 - 2017-03-04 07:16 - 00636928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll
2017-03-15 18:06 - 2017-03-04 07:16 - 00626688 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpaceControl.dll
2017-03-15 18:06 - 2017-03-04 07:16 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2017-03-15 18:06 - 2017-03-04 07:16 - 00526336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mscms.dll
2017-03-15 18:06 - 2017-03-04 07:16 - 00500224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.Printing.dll
2017-03-15 18:06 - 2017-03-04 07:16 - 00465920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppBroker.dll
2017-03-15 18:06 - 2017-03-04 07:16 - 00368128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\puiobj.dll
2017-03-15 18:06 - 2017-03-04 07:16 - 00288256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CryptoWinRT.dll
2017-03-15 18:06 - 2017-03-04 07:16 - 00100864 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpninprc.dll
2017-03-15 18:06 - 2017-03-04 07:15 - 01543680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mmc.exe
2017-03-15 18:06 - 2017-03-04 07:15 - 01078784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.dll
2017-03-15 18:06 - 2017-03-04 07:15 - 00509440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2017-03-15 18:06 - 2017-03-04 07:15 - 00336384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\azroleui.dll
2017-03-15 18:06 - 2017-03-04 07:15 - 00313856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2017-03-15 18:06 - 2017-03-04 07:14 - 01534464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.Printing.3D.dll
2017-03-15 18:06 - 2017-03-04 07:14 - 00236032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmWmiPl.dll
2017-03-15 18:06 - 2017-03-04 07:13 - 07626752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2017-03-15 18:06 - 2017-03-04 07:13 - 06474752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mspaint.exe
2017-03-15 18:06 - 2017-03-04 07:13 - 04613120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2017-03-15 18:06 - 2017-03-04 07:13 - 03733504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_47.dll
2017-03-15 18:06 - 2017-03-04 07:13 - 02458112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\themecpl.dll
2017-03-15 18:06 - 2017-03-04 07:13 - 01366016 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2017-03-15 18:06 - 2017-03-04 07:13 - 01228288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usercpl.dll
2017-03-15 18:06 - 2017-03-04 07:13 - 01217024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Audio.dll
2017-03-15 18:06 - 2017-03-04 07:13 - 00858112 _____ (Microsoft Corporation) C:\WINDOWS\system32\mprddm.dll
2017-03-15 18:06 - 2017-03-04 07:13 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppointmentApis.dll
2017-03-15 18:06 - 2017-03-04 07:13 - 00675840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.dll
2017-03-15 18:06 - 2017-03-04 07:13 - 00653312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.AccountsControl.dll
2017-03-15 18:06 - 2017-03-04 07:13 - 00497152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LogonController.dll
2017-03-15 18:06 - 2017-03-04 07:13 - 00256512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\thumbcache.dll
2017-03-15 18:06 - 2017-03-04 07:13 - 00125952 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdshext.dll
2017-03-15 18:06 - 2017-03-04 07:12 - 07654912 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2017-03-15 18:06 - 2017-03-04 07:12 - 04596224 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsrchvw.exe
2017-03-15 18:06 - 2017-03-04 07:12 - 00947712 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVP9DEC.dll
2017-03-15 18:06 - 2017-03-04 07:12 - 00901120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Bluetooth.dll
2017-03-15 18:06 - 2017-03-04 07:12 - 00886272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2017-03-15 18:06 - 2017-03-04 07:12 - 00884224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2017-03-15 18:06 - 2017-03-04 07:12 - 00805888 _____ (Microsoft Corporation) C:\WINDOWS\system32\FrameServer.dll
2017-03-15 18:06 - 2017-03-04 07:12 - 00700416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Storage.Search.dll
2017-03-15 18:06 - 2017-03-04 07:12 - 00589312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Sensors.dll
2017-03-15 18:06 - 2017-03-04 07:12 - 00395264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmenrollengine.dll
2017-03-15 18:06 - 2017-03-04 07:11 - 03441664 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapRouter.dll
2017-03-15 18:06 - 2017-03-04 07:11 - 02953216 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapGeocoder.dll
2017-03-15 18:06 - 2017-03-04 07:11 - 01891328 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnidui.dll
2017-03-15 18:06 - 2017-03-04 07:11 - 01357312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSPhotography.dll
2017-03-15 18:06 - 2017-03-04 07:11 - 01323008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_fs.dll
2017-03-15 18:06 - 2017-03-04 07:11 - 01320448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comsvcs.dll
2017-03-15 18:06 - 2017-03-04 07:11 - 01137152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_health.dll
2017-03-15 18:06 - 2017-03-04 07:11 - 00355328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RTMediaFrame.dll
2017-03-15 18:06 - 2017-03-04 07:10 - 02852864 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll
2017-03-15 18:06 - 2017-03-04 07:10 - 01917440 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActiveSyncProvider.dll
2017-03-15 18:06 - 2017-03-04 07:10 - 01555456 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPDMC.exe
2017-03-15 18:06 - 2017-03-04 07:10 - 01536000 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpeechPal.dll
2017-03-15 18:06 - 2017-03-04 07:10 - 01399296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Pimstore.dll
2017-03-15 18:06 - 2017-03-04 07:10 - 01282048 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2017-03-15 18:06 - 2017-03-04 07:10 - 01077760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Editing.dll
2017-03-15 18:06 - 2017-03-04 07:10 - 01033216 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
2017-03-15 18:06 - 2017-03-04 07:10 - 00816640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
2017-03-15 18:06 - 2017-03-04 07:10 - 00579072 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppBroker.dll
2017-03-15 18:06 - 2017-03-04 07:10 - 00471552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.BackgroundMediaPlayback.dll
2017-03-15 18:06 - 2017-03-04 07:10 - 00300544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\regedit.exe
2017-03-15 18:06 - 2017-03-04 07:10 - 00259584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msdtcuiu.dll
2017-03-15 18:06 - 2017-03-04 07:09 - 01359360 _____ (Microsoft Corporation) C:\WINDOWS\system32\usercpl.dll
2017-03-15 18:06 - 2017-03-04 07:09 - 00846336 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApiPublic.dll
2017-03-15 18:06 - 2017-03-04 07:09 - 00795648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MiracastReceiver.dll
2017-03-15 18:06 - 2017-03-04 07:09 - 00771072 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppointmentApis.dll
2017-03-15 18:06 - 2017-03-04 07:09 - 00765440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Sensors.dll
2017-03-15 18:06 - 2017-03-04 07:09 - 00570368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\clusapi.dll
2017-03-15 18:06 - 2017-03-04 07:09 - 00343040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToDevice.dll
2017-03-15 18:06 - 2017-03-04 07:09 - 00123904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ProximityCommon.dll
2017-03-15 18:06 - 2017-03-04 07:08 - 12349952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2017-03-15 18:06 - 2017-03-04 07:08 - 08076288 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2017-03-15 18:06 - 2017-03-04 07:08 - 03405312 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2017-03-15 18:06 - 2017-03-04 07:08 - 02800128 _____ (Microsoft Corporation) C:\WINDOWS\system32\netshell.dll
2017-03-15 18:06 - 2017-03-04 07:08 - 02424320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Perception.dll
2017-03-15 18:06 - 2017-03-04 07:08 - 01981440 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2017-03-15 18:06 - 2017-03-04 07:08 - 01266176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Input.Inking.dll
2017-03-15 18:06 - 2017-03-04 07:08 - 00834048 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
2017-03-15 18:06 - 2017-03-04 07:08 - 00792576 _____ (Microsoft Corporation) C:\WINDOWS\system32\spoolsv.exe
2017-03-15 18:06 - 2017-03-04 07:08 - 00713216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpnapps.dll
2017-03-15 18:06 - 2017-03-04 07:07 - 02748928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mispace.dll
2017-03-15 18:06 - 2017-03-04 07:07 - 02370048 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2017-03-15 18:06 - 2017-03-04 07:07 - 01792512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wpc.dll
2017-03-15 18:06 - 2017-03-04 07:07 - 01512448 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataService.dll
2017-03-15 18:06 - 2017-03-04 07:07 - 01255936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll
2017-03-15 18:06 - 2017-03-04 07:07 - 00903680 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2017-03-15 18:06 - 2017-03-04 07:07 - 00895488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Streaming.dll
2017-03-15 18:06 - 2017-03-04 07:07 - 00545280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmkvsrcsnk.dll
2017-03-15 18:06 - 2017-03-04 07:07 - 00391168 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2017-03-15 18:06 - 2017-03-04 07:06 - 03198464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll
2017-03-15 18:06 - 2017-03-04 07:06 - 02820096 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
2017-03-15 18:06 - 2017-03-04 07:06 - 02538496 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2017-03-15 18:06 - 2017-03-04 07:06 - 02153984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\storagewmi.dll
2017-03-15 18:06 - 2017-03-04 07:06 - 01424896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Maps.dll
2017-03-15 18:06 - 2017-03-04 07:06 - 01369088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Phone.dll
2017-03-15 18:06 - 2017-03-04 07:06 - 01131008 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2017-03-15 18:06 - 2017-03-04 07:06 - 01013760 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContactApis.dll
2017-03-15 18:06 - 2017-03-04 07:06 - 00842240 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntshrui.dll
2017-03-15 18:06 - 2017-03-04 07:06 - 00220672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToReceiver.dll
2017-03-15 18:06 - 2017-03-04 07:06 - 00090624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll
2017-03-15 18:06 - 2017-03-04 07:05 - 07468544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2017-03-15 18:06 - 2017-03-04 07:05 - 03520512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xpsrchvw.exe
2017-03-15 18:06 - 2017-03-04 07:05 - 01221120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Audio.dll
2017-03-15 18:06 - 2017-03-04 07:05 - 01133568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vssapi.dll
2017-03-15 18:06 - 2017-03-04 07:05 - 00545792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\uReFS.dll
2017-03-15 18:06 - 2017-03-04 07:05 - 00458752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidprov.dll
2017-03-15 18:06 - 2017-03-04 07:05 - 00298496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\resutils.dll
2017-03-15 18:06 - 2017-03-04 07:05 - 00134144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ErrorDetails.dll
2017-03-15 18:06 - 2017-03-04 07:05 - 00089600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CameraCaptureUI.dll
2017-03-15 18:06 - 2017-03-04 07:04 - 01826816 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2017-03-15 18:06 - 2017-03-04 07:04 - 00998912 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWorkspace.dll
2017-03-15 18:06 - 2017-03-04 07:04 - 00753152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\imapi2fs.dll
2017-03-15 18:06 - 2017-03-04 07:04 - 00719872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_sr.dll
2017-03-15 18:06 - 2017-03-04 07:04 - 00640000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MCRecvSrc.dll
2017-03-15 18:06 - 2017-03-04 07:04 - 00531456 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmCoreProvisioning.dll
2017-03-15 18:06 - 2017-03-04 07:04 - 00433152 _____ (Microsoft Corporation) C:\WINDOWS\system32\TextInputFramework.dll
2017-03-15 18:06 - 2017-03-04 07:04 - 00340992 _____ (Microsoft Corporation) C:\WINDOWS\system32\RADCUI.dll
2017-03-15 18:06 - 2017-03-04 07:03 - 02363904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapRouter.dll
2017-03-15 18:06 - 2017-03-04 07:03 - 02109952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapGeocoder.dll
2017-03-15 18:06 - 2017-03-04 07:03 - 01247232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Globalization.dll
2017-03-15 18:06 - 2017-03-04 07:03 - 00409600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVSENCD.DLL
2017-03-15 18:06 - 2017-03-04 07:03 - 00400384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToManager.dll
2017-03-15 18:06 - 2017-03-04 07:03 - 00359936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mtxclu.dll
2017-03-15 18:06 - 2017-03-04 07:02 - 04423680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll
2017-03-15 18:06 - 2017-03-04 07:02 - 02740224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll
2017-03-15 18:06 - 2017-03-04 07:02 - 02484736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gameux.dll
2017-03-15 18:06 - 2017-03-04 07:02 - 02138112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll
2017-03-15 18:06 - 2017-03-04 07:02 - 01709056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActiveSyncProvider.dll
2017-03-15 18:06 - 2017-03-04 07:02 - 01170944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Speech.dll
2017-03-15 18:06 - 2017-03-04 07:02 - 01155072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVP9DEC.dll
2017-03-15 18:06 - 2017-03-04 07:02 - 01004544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Input.Inking.dll
2017-03-15 18:06 - 2017-03-04 07:02 - 00580608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hgcpl.dll
2017-03-15 18:06 - 2017-03-04 07:01 - 02682880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netshell.dll
2017-03-15 18:06 - 2017-03-04 07:01 - 02646528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CertEnroll.dll
2017-03-15 18:06 - 2017-03-04 07:01 - 01993216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2017-03-15 18:06 - 2017-03-04 07:01 - 01988096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2017-03-15 18:06 - 2017-03-04 07:01 - 01656320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Perception.dll
2017-03-15 18:06 - 2017-03-04 07:01 - 01595904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2017-03-15 18:06 - 2017-03-04 07:01 - 01571840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2017-03-15 18:06 - 2017-03-04 07:01 - 01564160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\quartz.dll
2017-03-15 18:06 - 2017-03-04 07:01 - 01556992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2017-03-15 18:06 - 2017-03-04 07:01 - 01493504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Wpc.dll
2017-03-15 18:06 - 2017-03-04 07:01 - 01293312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMPDMC.exe
2017-03-15 18:06 - 2017-03-04 07:01 - 01232384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Maps.dll
2017-03-15 18:06 - 2017-03-04 07:01 - 01154560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Pimstore.dll
2017-03-15 18:06 - 2017-03-04 07:01 - 01013248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.Http.dll
2017-03-15 18:06 - 2017-03-04 07:01 - 00827904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll
2017-03-15 18:06 - 2017-03-04 07:01 - 00773120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2017-03-15 18:06 - 2017-03-04 07:01 - 00620544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll
2017-03-15 18:06 - 2017-03-04 07:01 - 00566784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ShareHost.dll
2017-03-15 18:06 - 2017-03-04 07:01 - 00560640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserLanguagesCpl.dll
2017-03-15 18:06 - 2017-03-04 07:01 - 00422400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.dll
2017-03-15 18:06 - 2017-03-04 07:00 - 04557824 _____ (Microsoft) C:\WINDOWS\SysWOW64\dbgeng.dll
2017-03-15 18:06 - 2017-03-04 07:00 - 02996736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2017-03-15 18:06 - 2017-03-04 07:00 - 02003968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2017-03-15 18:06 - 2017-03-04 07:00 - 01883648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
2017-03-15 18:06 - 2017-03-04 07:00 - 01170944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Phone.dll
2017-03-15 18:06 - 2017-03-04 07:00 - 00862208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2017-03-15 18:06 - 2017-03-04 07:00 - 00850944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ContactApis.dll
2017-03-15 18:06 - 2017-03-04 07:00 - 00798208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2017-03-15 18:06 - 2017-03-04 07:00 - 00751104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.BackgroundTransfer.dll
2017-03-15 18:06 - 2017-03-04 07:00 - 00711680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll
2017-03-15 18:06 - 2017-03-04 07:00 - 00691200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2017-03-15 18:06 - 2017-03-04 07:00 - 00654336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MbaeApiPublic.dll
2017-03-15 18:06 - 2017-03-04 07:00 - 00598528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.dll
2017-03-15 18:06 - 2017-03-04 07:00 - 00444416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSync.dll
2017-03-15 18:06 - 2017-03-04 07:00 - 00348160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Midi.dll
2017-03-15 18:06 - 2017-03-04 06:59 - 00353280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TextInputFramework.dll
2017-03-15 18:06 - 2017-03-04 06:59 - 00206848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Core.TextInput.dll
2017-03-15 18:06 - 2017-03-04 06:57 - 03106304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstsc.exe
2017-03-15 18:06 - 2017-03-04 06:57 - 00783360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TSWorkspace.dll
2017-03-15 18:06 - 2017-03-04 06:57 - 00449024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TpmCoreProvisioning.dll
2017-03-15 18:06 - 2017-03-04 06:57 - 00299008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RADCUI.dll
2017-03-15 18:06 - 2017-03-04 06:36 - 00483840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2017-03-15 18:06 - 2017-02-22 03:17 - 00448285 _____ C:\WINDOWS\system32\ApnDatabase.xml
2017-03-15 18:05 - 2017-03-04 08:57 - 00192352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aepic.dll
2017-03-15 18:05 - 2017-03-04 08:35 - 01617760 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2017-03-15 18:05 - 2017-03-04 08:35 - 01294688 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2017-03-15 18:05 - 2017-03-04 08:35 - 00655200 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2017-03-15 18:05 - 2017-03-04 08:35 - 00590952 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2017-03-15 18:05 - 2017-03-04 08:35 - 00565088 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2017-03-15 18:05 - 2017-03-04 08:35 - 00378720 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2017-03-15 18:05 - 2017-03-04 08:35 - 00343904 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2017-03-15 18:05 - 2017-03-04 08:35 - 00315232 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcntel.dll
2017-03-15 18:05 - 2017-03-04 08:35 - 00242528 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2017-03-15 18:05 - 2017-03-04 08:35 - 00142176 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2017-03-15 18:05 - 2017-03-04 08:35 - 00086368 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2017-03-15 18:05 - 2017-03-04 08:35 - 00038240 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2017-03-15 18:05 - 2017-03-04 08:27 - 00603488 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContentDeliveryManager.Utilities.dll
2017-03-15 18:05 - 2017-03-04 08:25 - 01117024 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReAgent.dll
2017-03-15 18:05 - 2017-03-04 08:24 - 01051112 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2017-03-15 18:05 - 2017-03-04 08:24 - 00894096 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2017-03-15 18:05 - 2017-03-04 08:24 - 00646688 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll
2017-03-15 18:05 - 2017-03-04 08:24 - 00354264 _____ (Microsoft Corporation) C:\WINDOWS\system32\systemreset.exe
2017-03-15 18:05 - 2017-03-04 08:22 - 07786336 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2017-03-15 18:05 - 2017-03-04 08:22 - 01354312 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2017-03-15 18:05 - 2017-03-04 08:22 - 01172984 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2017-03-15 18:05 - 2017-03-04 08:21 - 02255712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2017-03-15 18:05 - 2017-03-04 08:20 - 00379744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Classpnp.sys
2017-03-15 18:05 - 2017-03-04 08:20 - 00128352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\partmgr.sys
2017-03-15 18:05 - 2017-03-04 08:19 - 02681200 _____ C:\WINDOWS\system32\CoreUIComponents.dll
2017-03-15 18:05 - 2017-03-04 08:18 - 00764392 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2017-03-15 18:05 - 2017-03-04 08:18 - 00219040 _____ (Microsoft Corporation) C:\WINDOWS\system32\IPHLPAPI.DLL
2017-03-15 18:05 - 2017-03-04 08:15 - 00404320 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinSetupUI.dll
2017-03-15 18:05 - 2017-03-04 08:15 - 00063328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dam.sys
2017-03-15 18:05 - 2017-03-04 08:13 - 00635456 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2017-03-15 18:05 - 2017-03-04 08:11 - 00328008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Storage.ApplicationData.dll
2017-03-15 18:05 - 2017-03-04 08:11 - 00266544 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanager.dll
2017-03-15 18:05 - 2017-03-04 08:10 - 02828384 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll
2017-03-15 18:05 - 2017-03-04 08:10 - 02189664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2017-03-15 18:05 - 2017-03-04 08:09 - 02750384 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2017-03-15 18:05 - 2017-03-04 08:09 - 01157000 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2017-03-15 18:05 - 2017-03-04 08:09 - 00681312 _____ (Microsoft Corporation) C:\WINDOWS\system32\SHCore.dll
2017-03-15 18:05 - 2017-03-04 08:09 - 00658784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2017-03-15 18:05 - 2017-03-04 08:09 - 00635864 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2017-03-15 18:05 - 2017-03-04 08:09 - 00578392 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2017-03-15 18:05 - 2017-03-04 08:09 - 00402272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2017-03-15 18:05 - 2017-03-04 08:09 - 00178520 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostUser.dll
2017-03-15 18:05 - 2017-03-04 08:08 - 00624048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2017-03-15 18:05 - 2017-03-04 08:08 - 00509280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2017-03-15 18:05 - 2017-03-04 08:08 - 00450400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2017-03-15 18:05 - 2017-03-04 08:08 - 00342456 _____ (Microsoft Corporation) C:\WINDOWS\system32\wintrust.dll
2017-03-15 18:05 - 2017-03-04 08:08 - 00223584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2017-03-15 18:05 - 2017-03-04 08:07 - 02913144 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2017-03-15 18:05 - 2017-03-04 08:07 - 02446704 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2017-03-15 18:05 - 2017-03-04 08:07 - 01267512 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2017-03-15 18:05 - 2017-03-04 08:07 - 01100128 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2017-03-15 18:05 - 2017-03-04 08:07 - 00989016 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2017-03-15 18:05 - 2017-03-04 08:07 - 00947552 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.efi
2017-03-15 18:05 - 2017-03-04 08:07 - 00811872 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.exe
2017-03-15 18:05 - 2017-03-04 08:07 - 00682808 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2017-03-15 18:05 - 2017-03-04 08:07 - 00432992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2017-03-15 18:05 - 2017-03-04 08:07 - 00116064 _____ (Microsoft Corporation) C:\WINDOWS\system32\icfupgd.dll
2017-03-15 18:05 - 2017-03-04 08:07 - 00110944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvsocket.sys
2017-03-15 18:05 - 2017-03-04 08:07 - 00080224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmbkmcl.sys
2017-03-15 18:05 - 2017-03-04 08:03 - 04674360 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2017-03-15 18:05 - 2017-03-04 08:03 - 01694712 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2017-03-15 18:05 - 2017-03-04 08:03 - 01600632 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2017-03-15 18:05 - 2017-03-04 08:03 - 00755648 _____ (Microsoft Corporation) C:\WINDOWS\system32\evr.dll
2017-03-15 18:05 - 2017-03-04 08:03 - 00523712 _____ (Microsoft Corporation) C:\WINDOWS\system32\DMRServer.dll
2017-03-15 18:05 - 2017-03-04 08:03 - 00424616 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFPlay.dll
2017-03-15 18:05 - 2017-03-04 08:03 - 00241496 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHost.dll
2017-03-15 18:05 - 2017-03-04 08:03 - 00160096 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostBroker.dll
2017-03-15 18:05 - 2017-03-04 08:03 - 00038768 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompPkgSup.dll
2017-03-15 18:05 - 2017-03-04 08:01 - 00201568 _____ (Microsoft Corporation) C:\WINDOWS\system32\basecsp.dll
2017-03-15 18:05 - 2017-03-04 08:01 - 00128648 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpapi.dll
2017-03-15 18:05 - 2017-03-04 07:59 - 01570208 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2017-03-15 18:05 - 2017-03-04 07:58 - 01416224 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2017-03-15 18:05 - 2017-03-04 07:58 - 00628552 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2017-03-15 18:05 - 2017-03-04 07:58 - 00322912 _____ (Microsoft Corporation) C:\WINDOWS\system32\input.dll
2017-03-15 18:05 - 2017-03-04 07:57 - 00372432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.MediaControl.dll
2017-03-15 18:05 - 2017-03-04 07:42 - 07216640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2017-03-15 18:05 - 2017-03-04 07:37 - 01631232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll
2017-03-15 18:05 - 2017-03-04 07:37 - 00025088 _____ C:\WINDOWS\system32\GamePanelExternalHook.dll
2017-03-15 18:05 - 2017-03-04 07:36 - 22565376 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2017-03-15 18:05 - 2017-03-04 07:36 - 00217600 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctfp.dll
2017-03-15 18:05 - 2017-03-04 07:36 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
2017-03-15 18:05 - 2017-03-04 07:36 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchWinApp.exe
2017-03-15 18:05 - 2017-03-04 07:36 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mskssrv.sys
2017-03-15 18:05 - 2017-03-04 07:35 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbonRes.dll
2017-03-15 18:05 - 2017-03-04 07:35 - 00047616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ddrawex.dll
2017-03-15 18:05 - 2017-03-04 07:35 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\odbcconf.dll
2017-03-15 18:05 - 2017-03-04 07:34 - 00124416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.System.SystemManagement.dll
2017-03-15 18:05 - 2017-03-04 07:34 - 00116224 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctfui.dll
2017-03-15 18:05 - 2017-03-04 07:34 - 00080896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmbkmclr.sys
2017-03-15 18:05 - 2017-03-04 07:33 - 00259072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Family.SyncEngine.dll
2017-03-15 18:05 - 2017-03-04 07:33 - 00185344 _____ (Microsoft Corporation) C:\WINDOWS\system32\DisplayManager.dll
2017-03-15 18:05 - 2017-03-04 07:33 - 00162304 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcertinst.exe
2017-03-15 18:05 - 2017-03-04 07:33 - 00095232 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzautoupdate.dll
2017-03-15 18:05 - 2017-03-04 07:33 - 00057344 _____ (Microsoft Corporation) C:\WINDOWS\system32\BluetoothDesktopHandlers.dll
2017-03-15 18:05 - 2017-03-04 07:33 - 00046592 _____ (Microsoft Corporation) C:\WINDOWS\system32\XInputUap.dll
2017-03-15 18:05 - 2017-03-04 07:33 - 00035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\tbauth.dll
2017-03-15 18:05 - 2017-03-04 07:32 - 00249856 _____ (Microsoft Corporation) C:\WINDOWS\system32\scksp.dll
2017-03-15 18:05 - 2017-03-04 07:32 - 00196096 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDeviceRegistration.dll
2017-03-15 18:05 - 2017-03-04 07:32 - 00193536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.WiFi.dll
2017-03-15 18:05 - 2017-03-04 07:32 - 00133632 _____ (Microsoft Corporation) C:\WINDOWS\system32\MediaFoundation.DefaultPerceptionProvider.dll
2017-03-15 18:05 - 2017-03-04 07:32 - 00073216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryBroker.dll
2017-03-15 18:05 - 2017-03-04 07:31 - 00567296 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevicePairing.dll
2017-03-15 18:05 - 2017-03-04 07:31 - 00280064 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_WorkAccess.dll
2017-03-15 18:05 - 2017-03-04 07:31 - 00266240 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore6.dll
2017-03-15 18:05 - 2017-03-04 07:31 - 00247808 _____ (Microsoft Corporation) C:\WINDOWS\system32\icm32.dll
2017-03-15 18:05 - 2017-03-04 07:31 - 00187904 _____ (Microsoft Corporation) C:\WINDOWS\system32\VCardParser.dll
2017-03-15 18:05 - 2017-03-04 07:31 - 00122880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryClient.dll
2017-03-15 18:05 - 2017-03-04 07:30 - 00635904 _____ (Microsoft Corporation) C:\WINDOWS\system32\FlightSettings.dll
2017-03-15 18:05 - 2017-03-04 07:30 - 00547840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Gaming.Input.dll
2017-03-15 18:05 - 2017-03-04 07:30 - 00463872 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2017-03-15 18:05 - 2017-03-04 07:30 - 00300544 _____ (Microsoft Corporation) C:\WINDOWS\system32\mscandui.dll
2017-03-15 18:05 - 2017-03-04 07:30 - 00236544 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Flights.dll
2017-03-15 18:05 - 2017-03-04 07:30 - 00231424 _____ (Microsoft Corporation) C:\WINDOWS\system32\shutdownux.dll
2017-03-15 18:05 - 2017-03-04 07:30 - 00205824 _____ (Microsoft Corporation) C:\WINDOWS\system32\netiohlp.dll
2017-03-15 18:05 - 2017-03-04 07:30 - 00186368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Radios.dll
2017-03-15 18:05 - 2017-03-04 07:30 - 00180224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Cortana.OneCore.dll
2017-03-15 18:05 - 2017-03-04 07:30 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dfsc.sys
2017-03-15 18:05 - 2017-03-04 07:30 - 00058880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Shell.Search.UriHandler.dll
2017-03-15 18:05 - 2017-03-04 07:30 - 00025600 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBrokerCookies.exe
2017-03-15 18:05 - 2017-03-04 07:29 - 00505856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.WiFiDirect.dll
2017-03-15 18:05 - 2017-03-04 07:29 - 00418304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.BlockedShutdown.dll
2017-03-15 18:05 - 2017-03-04 07:29 - 00343552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.SmartCards.Phone.dll
2017-03-15 18:05 - 2017-03-04 07:29 - 00289792 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeveloperOptionsSettingsHandlers.dll
2017-03-15 18:05 - 2017-03-04 07:29 - 00171520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.SerialCommunication.dll
2017-03-15 18:05 - 2017-03-04 07:29 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\system32\BrowserSettingSync.dll
2017-03-15 18:05 - 2017-03-04 07:29 - 00125952 _____ (Microsoft Corporation) C:\WINDOWS\system32\appinfo.dll
2017-03-15 18:05 - 2017-03-04 07:28 - 00947712 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll
2017-03-15 18:05 - 2017-03-04 07:28 - 00912384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.SmartCards.dll
2017-03-15 18:05 - 2017-03-04 07:28 - 00651264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.AllJoyn.dll
2017-03-15 18:05 - 2017-03-04 07:28 - 00623104 _____ (Microsoft Corporation) C:\WINDOWS\system32\PCPTpm12.dll
2017-03-15 18:05 - 2017-03-04 07:28 - 00587776 _____ (Microsoft Corporation) C:\WINDOWS\system32\vpnike.dll
2017-03-15 18:05 - 2017-03-04 07:28 - 00568320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.LowLevel.dll
2017-03-15 18:05 - 2017-03-04 07:28 - 00394752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ks.sys
2017-03-15 18:05 - 2017-03-04 07:28 - 00349696 _____ (Microsoft Corporation) C:\WINDOWS\system32\icsvcext.dll
2017-03-15 18:05 - 2017-03-04 07:28 - 00279552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.HumanInterfaceDevice.dll
2017-03-15 18:05 - 2017-03-04 07:28 - 00268800 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserMgrProxy.dll
2017-03-15 18:05 - 2017-03-04 07:28 - 00267264 _____ (Microsoft Corporation) C:\WINDOWS\system32\vaultcli.dll
2017-03-15 18:05 - 2017-03-04 07:28 - 00223744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.HostName.dll
2017-03-15 18:05 - 2017-03-04 07:28 - 00193536 _____ (Microsoft Corporation) C:\WINDOWS\system32\certprop.dll
2017-03-15 18:05 - 2017-03-04 07:28 - 00147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll
2017-03-15 18:05 - 2017-03-04 07:27 - 00852480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Import.dll
2017-03-15 18:05 - 2017-03-04 07:27 - 00460288 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredProvDataModel.dll
2017-03-15 18:05 - 2017-03-04 07:27 - 00432128 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpAXHolder.dll
2017-03-15 18:05 - 2017-03-04 07:27 - 00391168 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleacc.dll
2017-03-15 18:05 - 2017-03-04 07:27 - 00379392 _____ (Microsoft Corporation) C:\WINDOWS\system32\apprepsync.dll
2017-03-15 18:05 - 2017-03-04 07:27 - 00324608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.LockScreen.dll
2017-03-15 18:05 - 2017-03-04 07:27 - 00311296 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncSettings.dll
2017-03-15 18:05 - 2017-03-04 07:27 - 00295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudBackupSettings.dll
2017-03-15 18:05 - 2017-03-04 07:27 - 00252928 _____ (Microsoft Corporation) C:\WINDOWS\system32\ubpm.dll
2017-03-15 18:05 - 2017-03-04 07:27 - 00176128 _____ (Microsoft Corporation) C:\WINDOWS\system32\apprepapi.dll
2017-03-15 18:05 - 2017-03-04 07:26 - 00949248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.PointOfService.dll
2017-03-15 18:05 - 2017-03-04 07:26 - 00658432 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmans.dll
2017-03-15 18:05 - 2017-03-04 07:26 - 00643072 _____ (Microsoft Corporation) C:\WINDOWS\system32\main.cpl
2017-03-15 18:05 - 2017-03-04 07:26 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbonRes.dll
2017-03-15 18:05 - 2017-03-04 07:26 - 00579072 _____ (Microsoft Corporation) C:\WINDOWS\system32\ddraw.dll
2017-03-15 18:05 - 2017-03-04 07:26 - 00476160 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2017-03-15 18:05 - 2017-03-04 07:26 - 00464896 _____ (Microsoft Corporation) C:\WINDOWS\system32\msutb.dll
2017-03-15 18:05 - 2017-03-04 07:26 - 00450048 _____ (Microsoft Corporation) C:\WINDOWS\system32\werui.dll
2017-03-15 18:05 - 2017-03-04 07:26 - 00431616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Cortana.Desktop.dll
2017-03-15 18:05 - 2017-03-04 07:26 - 00407552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2017-03-15 18:05 - 2017-03-04 07:26 - 00337408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Picker.dll
2017-03-15 18:05 - 2017-03-04 07:26 - 00264704 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsrslvr.dll
2017-03-15 18:05 - 2017-03-04 07:26 - 00261632 _____ (Microsoft Corporation) C:\WINDOWS\system32\indexeddbserver.dll
2017-03-15 18:05 - 2017-03-04 07:26 - 00090112 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll
2017-03-15 18:05 - 2017-03-04 07:26 - 00049152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll
2017-03-15 18:05 - 2017-03-04 07:25 - 01060352 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppContracts.dll
2017-03-15 18:05 - 2017-03-04 07:25 - 01016320 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblAuthManager.dll
2017-03-15 18:05 - 2017-03-04 07:25 - 00526848 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneDriveSettingSyncProvider.dll
2017-03-15 18:05 - 2017-03-04 07:25 - 00437248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Usb.dll
2017-03-15 18:05 - 2017-03-04 07:25 - 00425984 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
2017-03-15 18:05 - 2017-03-04 07:24 - 01092096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplicationFrame.dll
2017-03-15 18:05 - 2017-03-04 07:24 - 01025536 _____ (Microsoft Corporation) C:\WINDOWS\system32\XboxNetApiSvc.dll
2017-03-15 18:05 - 2017-03-04 07:24 - 00956416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2017-03-15 18:05 - 2017-03-04 07:24 - 00945664 _____ (Microsoft Corporation) C:\WINDOWS\system32\iphlpsvc.dll
2017-03-15 18:05 - 2017-03-04 07:24 - 00655872 _____ (Microsoft Corporation) C:\WINDOWS\system32\sud.dll
2017-03-15 18:05 - 2017-03-04 07:24 - 00560128 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppReadiness.dll
2017-03-15 18:05 - 2017-03-04 07:24 - 00495104 _____ (Microsoft Corporation) C:\WINDOWS\system32\DataSenseHandlers.dll
2017-03-15 18:05 - 2017-03-04 07:24 - 00478208 _____ (Microsoft Corporation) C:\WINDOWS\system32\DXP.dll
2017-03-15 18:05 - 2017-03-04 07:24 - 00329728 _____ (Microsoft Corporation) C:\WINDOWS\system32\deviceaccess.dll
2017-03-15 18:05 - 2017-03-04 07:23 - 03753984 _____ (Microsoft Corporation) C:\WINDOWS\system32\bootux.dll
2017-03-15 18:05 - 2017-03-04 07:23 - 00896512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.AccountsControl.dll
2017-03-15 18:05 - 2017-03-04 07:23 - 00775168 _____ (Microsoft Corporation) C:\WINDOWS\system32\GamePanel.exe
2017-03-15 18:05 - 2017-03-04 07:23 - 00715776 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2017-03-15 18:05 - 2017-03-04 07:23 - 00634368 _____ (Microsoft Corporation) C:\WINDOWS\system32\StructuredQuery.dll
2017-03-15 18:05 - 2017-03-04 07:23 - 00541696 _____ (Microsoft Corporation) C:\WINDOWS\system32\ipnathlp.dll
2017-03-15 18:05 - 2017-03-04 07:23 - 00496128 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.UserAccountsHandlers.dll
2017-03-15 18:05 - 2017-03-04 07:23 - 00320512 _____ (Microsoft Corporation) C:\WINDOWS\system32\thumbcache.dll
2017-03-15 18:05 - 2017-03-04 07:22 - 00869888 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2017-03-15 18:05 - 2017-03-04 07:22 - 00822784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2017-03-15 18:05 - 2017-03-04 07:22 - 00410112 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2017-03-15 18:05 - 2017-03-04 07:21 - 00945664 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll
2017-03-15 18:05 - 2017-03-04 07:21 - 00776192 _____ (Microsoft Corporation) C:\WINDOWS\system32\TabletPC.cpl
2017-03-15 18:05 - 2017-03-04 07:21 - 00591360 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2017-03-15 18:05 - 2017-03-04 07:21 - 00347648 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascustom.dll
2017-03-15 18:05 - 2017-03-04 07:20 - 01913856 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_fs.dll
2017-03-15 18:05 - 2017-03-04 07:20 - 01361408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModel.dll
2017-03-15 18:05 - 2017-03-04 07:20 - 01280512 _____ (Microsoft Corporation) C:\WINDOWS\system32\werconcpl.dll
2017-03-15 18:05 - 2017-03-04 07:20 - 00893952 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll
2017-03-15 18:05 - 2017-03-04 07:20 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2017-03-15 18:05 - 2017-03-04 07:20 - 00650752 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2017-03-15 18:05 - 2017-03-04 07:20 - 00282112 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmWmiPl.dll
2017-03-15 18:05 - 2017-03-04 07:20 - 00203776 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXApplicabilityBlob.dll
2017-03-15 18:05 - 2017-03-04 07:19 - 23676416 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2017-03-15 18:05 - 2017-03-04 07:19 - 01639424 _____ (Microsoft Corporation) C:\WINDOWS\system32\comsvcs.dll
2017-03-15 18:05 - 2017-03-04 07:19 - 01589760 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdtctm.dll
2017-03-15 18:05 - 2017-03-04 07:19 - 01584128 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_health.dll
2017-03-15 18:05 - 2017-03-04 07:19 - 00635904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2017-03-15 18:05 - 2017-03-04 07:19 - 00376832 _____ (Microsoft Corporation) C:\WINDOWS\system32\CryptoWinRT.dll
2017-03-15 18:05 - 2017-03-04 07:19 - 00166912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Tabbtn.dll
2017-03-15 18:05 - 2017-03-04 07:19 - 00083456 _____ (Microsoft Corporation) C:\WINDOWS\system32\tabcal.exe
2017-03-15 18:05 - 2017-03-04 07:18 - 17198592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2017-03-15 18:05 - 2017-03-04 07:18 - 01227264 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpsvc.dll
2017-03-15 18:05 - 2017-03-04 07:18 - 00320512 _____ (Microsoft Corporation) C:\WINDOWS\regedit.exe
2017-03-15 18:05 - 2017-03-04 07:18 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\indexeddbserver.dll
2017-03-15 18:05 - 2017-03-04 07:17 - 01105408 _____ (Microsoft Corporation) C:\WINDOWS\system32\MiracastReceiver.dll
2017-03-15 18:05 - 2017-03-04 07:17 - 01082368 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2017-03-15 18:05 - 2017-03-04 07:17 - 00730624 _____ (Microsoft Corporation) C:\WINDOWS\system32\clusapi.dll
2017-03-15 18:05 - 2017-03-04 07:17 - 00661504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll
2017-03-15 18:05 - 2017-03-04 07:17 - 00442368 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToDevice.dll
2017-03-15 18:05 - 2017-03-04 07:17 - 00440320 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhcfg.dll
2017-03-15 18:05 - 2017-03-04 07:16 - 03289088 _____ (Microsoft Corporation) C:\WINDOWS\system32\mispace.dll
2017-03-15 18:05 - 2017-03-04 07:16 - 00649216 _____ (Microsoft Corporation) C:\WINDOWS\system32\vds.exe
2017-03-15 18:05 - 2017-03-04 07:16 - 00583168 _____ (Microsoft Corporation) C:\WINDOWS\system32\BootMenuUX.dll
2017-03-15 18:05 - 2017-03-04 07:16 - 00187904 _____ (Microsoft Corporation) C:\WINDOWS\system32\dialclient.dll
2017-03-15 18:05 - 2017-03-04 07:15 - 18362368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2017-03-15 18:05 - 2017-03-04 07:15 - 09130496 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2017-03-15 18:05 - 2017-03-04 07:15 - 02860032 _____ (Microsoft Corporation) C:\WINDOWS\system32\storagewmi.dll
2017-03-15 18:05 - 2017-03-04 07:15 - 01837056 _____ (Microsoft Corporation) C:\WINDOWS\system32\workfolderssvc.dll
2017-03-15 18:05 - 2017-03-04 07:15 - 01443328 _____ (Microsoft Corporation) C:\WINDOWS\system32\VSSVC.exe
2017-03-15 18:05 - 2017-03-04 07:14 - 04749312 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2017-03-15 18:05 - 2017-03-04 07:14 - 01562112 _____ (Microsoft Corporation) C:\WINDOWS\system32\vssapi.dll
2017-03-15 18:05 - 2017-03-04 07:14 - 01547264 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbengine.exe
2017-03-15 18:05 - 2017-03-04 07:14 - 00588288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidprov.dll
2017-03-15 18:05 - 2017-03-04 07:14 - 00374784 _____ (Microsoft Corporation) C:\WINDOWS\system32\resutils.dll
2017-03-15 18:05 - 2017-03-04 07:14 - 00279552 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToReceiver.dll
2017-03-15 18:05 - 2017-03-04 07:14 - 00167936 _____ (Microsoft Corporation) C:\WINDOWS\system32\ErrorDetails.dll
2017-03-15 18:05 - 2017-03-04 07:14 - 00130560 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpaceAgent.exe
2017-03-15 18:05 - 2017-03-04 07:13 - 19411968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2017-03-15 18:05 - 2017-03-04 07:13 - 05114368 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
2017-03-15 18:05 - 2017-03-04 07:13 - 00982528 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2017-03-15 18:05 - 2017-03-04 07:13 - 00961024 _____ (Microsoft Corporation) C:\WINDOWS\system32\imapi2fs.dll
2017-03-15 18:05 - 2017-03-04 07:13 - 00947200 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_sr.dll
2017-03-15 18:05 - 2017-03-04 07:13 - 00937472 _____ (Microsoft Corporation) C:\WINDOWS\system32\MCRecvSrc.dll
2017-03-15 18:05 - 2017-03-04 07:13 - 00628736 _____ (Microsoft Corporation) C:\WINDOWS\system32\uReFS.dll
2017-03-15 18:05 - 2017-03-04 07:13 - 00539136 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToManager.dll
2017-03-15 18:05 - 2017-03-04 07:13 - 00222720 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkFoldersShell.dll
2017-03-15 18:05 - 2017-03-04 07:13 - 00112640 _____ (Microsoft Corporation) C:\WINDOWS\system32\CameraCaptureUI.dll
2017-03-15 18:05 - 2017-03-04 07:13 - 00112128 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkFoldersGPExt.dll
2017-03-15 18:05 - 2017-03-04 07:13 - 00054272 _____ (Microsoft Corporation) C:\WINDOWS\system32\MultiDigiMon.exe
2017-03-15 18:05 - 2017-03-04 07:12 - 13085184 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2017-03-15 18:05 - 2017-03-04 07:12 - 01692160 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2017-03-15 18:05 - 2017-03-04 07:12 - 01040896 _____ (Microsoft Corporation) C:\WINDOWS\system32\NaturalLanguage6.dll
2017-03-15 18:05 - 2017-03-04 07:12 - 00828416 _____ (Microsoft Corporation) C:\WINDOWS\system32\appwiz.cpl
2017-03-15 18:05 - 2017-03-04 07:12 - 00467968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Geolocation.dll
2017-03-15 18:05 - 2017-03-04 07:11 - 04474368 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_47.dll
2017-03-15 18:05 - 2017-03-04 07:11 - 02611200 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameux.dll
2017-03-15 18:05 - 2017-03-04 07:11 - 02278400 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2017-03-15 18:05 - 2017-03-04 07:11 - 01656832 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2017-03-15 18:05 - 2017-03-04 07:11 - 01643008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.dll
2017-03-15 18:05 - 2017-03-04 07:11 - 01312768 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorDataService.exe
2017-03-15 18:05 - 2017-03-04 07:11 - 00975872 _____ (Microsoft Corporation) C:\WINDOWS\HelpPane.exe
2017-03-15 18:05 - 2017-03-04 07:11 - 00821248 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll
2017-03-15 18:05 - 2017-03-04 07:11 - 00818176 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
2017-03-15 18:05 - 2017-03-04 07:11 - 00774656 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkfoldersControl.dll
2017-03-15 18:05 - 2017-03-04 07:11 - 00572416 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhotoScreensaver.scr
2017-03-15 18:05 - 2017-03-04 07:10 - 06664192 _____ (Microsoft Corporation) C:\WINDOWS\system32\mspaint.exe
2017-03-15 18:05 - 2017-03-04 07:10 - 02208768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Printing.3D.dll
2017-03-15 18:05 - 2017-03-04 07:10 - 02095616 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2017-03-15 18:05 - 2017-03-04 07:10 - 01586176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Globalization.dll
2017-03-15 18:05 - 2017-03-04 07:10 - 01275392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Bluetooth.dll
2017-03-15 18:05 - 2017-03-04 07:10 - 00971264 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll
2017-03-15 18:05 - 2017-03-04 07:10 - 00960000 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2017-03-15 18:05 - 2017-03-04 07:10 - 00913920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.dll
2017-03-15 18:05 - 2017-03-04 07:10 - 00770560 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2017-03-15 18:05 - 2017-03-04 07:10 - 00460800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Midi.dll
2017-03-15 18:05 - 2017-03-04 07:10 - 00104960 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkFolders.exe
2017-03-15 18:05 - 2017-03-04 07:09 - 08125952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2017-03-15 18:05 - 2017-03-04 07:09 - 01633792 _____ (Microsoft Corporation) C:\WINDOWS\system32\quartz.dll
2017-03-15 18:05 - 2017-03-04 07:09 - 00653824 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserLanguagesCpl.dll
2017-03-15 18:05 - 2017-03-04 07:08 - 01780224 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2017-03-15 18:05 - 2017-03-04 07:08 - 01714688 _____ (Microsoft Corporation) C:\WINDOWS\system32\dui70.dll
2017-03-15 18:05 - 2017-03-04 07:08 - 00629248 _____ (Microsoft Corporation) C:\WINDOWS\system32\hgcpl.dll
2017-03-15 18:05 - 2017-03-04 07:08 - 00540160 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSync.dll
2017-03-15 18:05 - 2017-03-04 07:07 - 12178944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2017-03-15 18:05 - 2017-03-04 07:07 - 02914816 _____ (Microsoft Corporation) C:\WINDOWS\system32\CertEnroll.dll
2017-03-15 18:05 - 2017-03-04 07:07 - 02895872 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2017-03-15 18:05 - 2017-03-04 07:07 - 02691072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2017-03-15 18:05 - 2017-03-04 07:07 - 02512384 _____ (Microsoft Corporation) C:\WINDOWS\system32\themecpl.dll
2017-03-15 18:05 - 2017-03-04 07:07 - 01840640 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2017-03-15 18:05 - 2017-03-04 07:07 - 01513472 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2017-03-15 18:05 - 2017-03-04 07:07 - 01490944 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2017-03-15 18:05 - 2017-03-04 07:07 - 01348608 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll
2017-03-15 18:05 - 2017-03-04 07:07 - 01064448 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2017-03-15 18:05 - 2017-03-04 07:07 - 00909312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
2017-03-15 18:05 - 2017-03-04 07:07 - 00875520 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2017-03-15 18:05 - 2017-03-04 07:07 - 00774656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.dll
2017-03-15 18:05 - 2017-03-04 07:07 - 00716800 _____ (Microsoft Corporation) C:\WINDOWS\system32\ShareHost.dll
2017-03-15 18:05 - 2017-03-04 07:07 - 00707584 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2017-03-15 18:05 - 2017-03-04 07:07 - 00389632 _____ (Microsoft Corporation) C:\WINDOWS\system32\stobject.dll
2017-03-15 18:05 - 2017-03-04 07:06 - 05384192 _____ (Microsoft) C:\WINDOWS\system32\dbgeng.dll
2017-03-15 18:05 - 2017-03-04 07:06 - 04746752 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2017-03-15 18:05 - 2017-03-04 07:06 - 04708864 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
2017-03-15 18:05 - 2017-03-04 07:06 - 04060672 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbon.dll
2017-03-15 18:05 - 2017-03-04 07:06 - 03614720 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2017-03-15 18:05 - 2017-03-04 07:06 - 03202048 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll
2017-03-15 18:05 - 2017-03-04 07:06 - 02475008 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2017-03-15 18:05 - 2017-03-04 07:06 - 02317824 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2017-03-15 18:05 - 2017-03-04 07:06 - 02287104 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2017-03-15 18:05 - 2017-03-04 07:06 - 00881664 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2017-03-15 18:05 - 2017-03-04 07:06 - 00483328 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.dll
2017-03-15 18:05 - 2017-03-04 07:05 - 01726976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2017-03-15 18:05 - 2017-03-04 07:05 - 01328640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.Http.dll
2017-03-15 18:05 - 2017-03-04 07:05 - 01121280 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2017-03-15 18:05 - 2017-03-04 07:05 - 00924672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.BackgroundTransfer.dll
2017-03-15 18:05 - 2017-03-04 07:05 - 00180224 _____ (Microsoft Corporation) C:\WINDOWS\system32\enrollmentapi.dll
2017-03-15 18:05 - 2017-03-04 07:04 - 00035328 _____ (Microsoft Corporation) C:\WINDOWS\system32\spaceman.exe
2017-03-15 18:05 - 2017-03-04 07:03 - 06044672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2017-03-15 18:05 - 2017-03-04 07:03 - 03666432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2017-03-15 18:05 - 2017-03-04 07:03 - 01817088 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.dll
2017-03-15 18:05 - 2017-03-04 07:02 - 00510464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhotoScreensaver.scr
2017-03-15 18:05 - 2017-03-04 07:01 - 03478528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbon.dll
2017-03-15 18:05 - 2017-03-04 07:00 - 02026496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2017-03-15 18:05 - 2016-07-16 03:29 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\CspCellularSettings.dll
2017-03-15 18:05 - 2016-07-16 03:28 - 00125440 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseAPNCsp.dll
2017-03-15 18:05 - 2016-07-16 03:26 - 00128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\CfgSPCellular.dll
2017-03-15 18:04 - 2016-05-29 19:38 - 08886976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneDriveSetup.exe
2017-03-08 10:19 - 2017-03-21 13:10 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2017-03-06 09:46 - 2017-03-06 09:46 - 00087584 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klupd_klif_kimul.sys

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2017-03-24 16:37 - 2015-11-09 13:36 - 00025091 _____ C:\Users\Martin_2\Downloads\FRST.txt
2017-03-24 16:35 - 2015-11-09 13:36 - 00033518 _____ C:\Users\Martin_2\Downloads\Addition.txt
2017-03-24 16:35 - 2014-05-07 06:52 - 00000000 ____D C:\ProgramData\Kaspersky Lab
2017-03-24 16:33 - 2016-11-16 12:14 - 00000000 ____D C:\Users\Martin_2\AppData\LocalLow\Mozilla
2017-03-24 16:33 - 2016-09-25 17:56 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-03-24 16:33 - 2016-09-25 17:48 - 00000000 ____D C:\ProgramData\NVIDIA
2017-03-24 16:33 - 2016-09-25 17:47 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2017-03-24 16:33 - 2014-05-07 10:53 - 00251840 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2017-03-24 15:13 - 2017-02-21 16:58 - 00000000 ____D C:\Users\Martin_2\AppData\Local\CrashDumps
2017-03-24 15:13 - 2016-07-16 07:04 - 01572864 _____ C:\WINDOWS\system32\config\BBI
2017-03-24 12:46 - 2016-07-16 12:47 - 00000000 ___HD C:\Program Files\WindowsApps
2017-03-24 12:46 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\AppReadiness
2017-03-24 12:44 - 2016-07-16 23:51 - 02771144 _____ C:\WINDOWS\system32\perfh007.dat
2017-03-24 12:44 - 2016-07-16 23:51 - 00750586 _____ C:\WINDOWS\system32\perfc007.dat
2017-03-24 12:44 - 2016-01-16 11:31 - 05683810 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-03-22 12:07 - 2016-09-25 17:49 - 00000000 ____D C:\Users\Martin_2
2017-03-21 13:32 - 2016-07-16 12:45 - 00000000 ____D C:\WINDOWS\INF
2017-03-21 13:31 - 2014-03-12 09:41 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2017-03-21 13:10 - 2014-03-12 13:59 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2017-03-21 09:43 - 2014-03-21 19:23 - 00000000 ____D C:\Users\Martin_2\AppData\Roaming\vlc
2017-03-20 11:07 - 2014-05-22 07:28 - 00000000 ____D C:\ProgramData\Malwarebytes
2017-03-20 09:54 - 2015-11-13 17:39 - 00000000 ____D C:\ProgramData\Malwarebytes Anti-Exploit
2017-03-17 18:18 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\rescache
2017-03-17 17:24 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\appraiser
2017-03-17 17:24 - 2016-07-16 12:36 - 00000000 ____D C:\WINDOWS\CbsTemp
2017-03-17 09:19 - 2014-03-21 11:24 - 00000000 __RHD C:\Users\Public\AccountPictures
2017-03-17 09:18 - 2016-09-25 17:47 - 04901984 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2017-03-17 09:18 - 2014-03-12 10:00 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2017-03-17 09:18 - 2014-03-12 10:00 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2017-03-16 17:45 - 2016-07-16 12:47 - 00000000 ___SD C:\WINDOWS\SysWOW64\F12
2017-03-16 17:45 - 2016-07-16 12:47 - 00000000 ___SD C:\WINDOWS\system32\F12
2017-03-16 17:45 - 2016-07-16 12:47 - 00000000 ___RD C:\WINDOWS\PrintDialog
2017-03-16 17:45 - 2016-07-16 12:47 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2017-03-16 17:45 - 2016-07-16 12:47 - 00000000 ___RD C:\Program Files\Windows Defender
2017-03-16 17:45 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\SysWOW64\setup
2017-03-16 17:45 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\setup
2017-03-16 17:45 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\oobe
2017-03-16 17:45 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\ShellExperiences
2017-03-16 17:45 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\bcastdvr
2017-03-16 17:45 - 2016-07-16 12:47 - 00000000 ____D C:\Program Files\Windows Photo Viewer
2017-03-16 17:45 - 2016-07-16 12:47 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2017-03-16 17:45 - 2016-07-16 12:47 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2017-03-16 17:35 - 2014-03-12 10:53 - 00000000 ____D C:\WINDOWS\system32\MRT
2017-03-16 17:33 - 2014-03-12 10:53 - 138634176 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-03-16 17:30 - 2014-03-12 10:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2017-03-15 17:53 - 2016-09-25 17:56 - 00004440 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2017-03-15 17:53 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\SysWOW64\Macromed
2017-03-15 17:53 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\Macromed
2017-03-15 17:53 - 2014-08-26 06:58 - 00000000 ____D C:\Users\Martin\AppData\Local\Adobe
2017-03-15 17:53 - 2014-03-13 07:43 - 00000000 ____D C:\Users\Martin_2\AppData\Local\Adobe
2017-03-15 12:09 - 2016-11-04 11:00 - 01017624 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klif.sys
2017-03-15 12:09 - 2016-11-04 11:00 - 00196376 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klflt.sys
2017-03-15 12:09 - 2016-06-14 17:47 - 00199392 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\kneps.sys
2017-03-15 12:09 - 2016-06-02 22:39 - 00136416 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klwtp.sys
2017-03-15 11:44 - 2016-07-16 07:04 - 00032768 _____ C:\WINDOWS\system32\config\ELAM
2017-03-14 13:42 - 2016-09-25 17:49 - 00000000 ____D C:\Users\Martin
2017-03-14 13:42 - 2016-09-25 17:49 - 00000000 ____D C:\Users\Bärbel
2017-03-10 06:17 - 2016-07-16 12:49 - 00835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2017-03-10 06:17 - 2016-07-16 12:49 - 00177656 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2017-03-09 19:17 - 2014-11-22 17:43 - 00000000 ____D C:\ProgramData\tmp
2017-03-09 18:52 - 2014-11-22 17:43 - 00000000 ____D C:\ProgramData\hps
2017-03-09 09:58 - 2016-11-23 12:27 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2017-03-04 08:09 - 2016-09-25 17:47 - 02717184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2017-02-28 16:17 - 2015-10-05 13:50 - 00000000 ____D C:\ProgramData\CanonIJPLM
2017-02-23 12:00 - 2015-11-21 13:12 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2015-07-08 13:09 - 2015-07-08 13:09 - 0099384 _____ () C:\Users\Martin\AppData\Roaming\inst.exe
2015-07-08 13:09 - 2015-07-08 13:09 - 0007859 _____ () C:\Users\Martin\AppData\Roaming\pcouffin.cat
2015-07-08 13:09 - 2015-07-08 13:09 - 0001167 _____ () C:\Users\Martin\AppData\Roaming\pcouffin.inf
2015-07-08 13:09 - 2015-07-08 13:09 - 0000055 _____ () C:\Users\Martin\AppData\Roaming\pcouffin.log
2015-07-08 13:09 - 2015-07-08 13:09 - 0082816 _____ (VSO Software) C:\Users\Martin\AppData\Roaming\pcouffin.sys
2016-09-25 17:48 - 2016-09-25 17:48 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

Dateien, die verschoben oder gelöscht werden sollten:
====================
C:\Users\Martin\AppData\Local\Temp\DeleteOnReboot.bat


Einige Dateien in TEMP:
====================
2016-11-01 13:59 - 2016-11-01 13:59 - 0737856 _____ (Oracle Corporation) C:\Users\Martin_2\AppData\Local\Temp\jre-8u111-windows-au.exe
2017-01-21 11:04 - 2017-01-21 11:04 - 0739904 _____ (Oracle Corporation) C:\Users\Martin_2\AppData\Local\Temp\jre-8u121-windows-au.exe

==================== Bamital & volsnap ======================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert

LastRegBack: 2017-03-15 09:39

==================== Ende von FRST.txt ============================
Hier die Addition:

Code:
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 15-03-2017
durchgeführt von Martin (24-03-2017 16:37:58)
Gestartet von C:\Users\Martin_2\Downloads
Windows 10 Home Version 1607 (X64) (2016-09-25 16:58:01)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-1714761304-533778531-3308288475-500 - Administrator - Disabled)
Bärbel (S-1-5-21-1714761304-533778531-3308288475-1006 - Limited - Enabled) => C:\Users\Bärbel
DefaultAccount (S-1-5-21-1714761304-533778531-3308288475-503 - Limited - Disabled)
Gast (S-1-5-21-1714761304-533778531-3308288475-501 - Limited - Disabled)
Martin (S-1-5-21-1714761304-533778531-3308288475-1001 - Administrator - Enabled) => C:\Users\Martin
Rwasser (S-1-5-21-1714761304-533778531-3308288475-1003 - Limited - Enabled) => C:\Users\Martin_2

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Kaspersky Internet Security (Enabled - Up to date) {86367591-4BE4-AE08-2FD9-7FCB8259CD98}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Kaspersky Internet Security (Enabled - Up to date) {3D579475-6DDE-A186-1569-44B9F9DE8725}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky Internet Security (Enabled) {BE0DF4B4-018B-AF50-0486-D6FE7C8A8AE3}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

7-Zip 16.04 (HKLM-x32\...\7-Zip) (Version: 16.04 - Igor Pavlov)
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.023.20070 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 24.0.0.180 - Adobe Systems Incorporated)
Adobe Community Help (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.0.0.400 - Adobe Systems Incorporated)
Adobe Creative Suite 5 Design Premium (HKLM-x32\...\{02698606-3A21-489D-9D2A-75C9E8D3E5BD}) (Version: 5.0 - Adobe Systems Incorporated)
Adobe Flash Player 25 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 25.0.0.127 - Adobe Systems Incorporated)
Adobe Media Player (HKLM-x32\...\com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.8 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.0 (HKLM-x32\...\{AA3B06B1-E89A-43C6-A26B-7109DB4BEE7B}) (Version: 12.0.7.148 - Adobe Systems, Inc)
Adobe Shockwave Player 12.2 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.2.5.195 - Adobe Systems, Inc.)
Allgemeine Runtime Files (x86) (HKLM\...\{1F6D1DB5-82B5-41A4-85A2-0A382C142A35}_is1) (Version: 1.0.3.7 - Sereby Corporation)
Apple Application Support (32-Bit) (HKLM-x32\...\{29DB9165-5FC1-48F0-9188-26123F526848}) (Version: 5.0.1 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{5905C8CF-1C88-4478-A48E-4E458AD1BC7E}) (Version: 5.0.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{D4D86CB2-2370-4691-8272-3869EDED6C64}) (Version: 10.0.0.18 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: 2.2.0.150 - Apple Inc.)
Audacity 2.0.5 (HKLM-x32\...\Audacity_is1) (Version: 2.0.5 - Audacity Team)
AutoUpdate (HKLM-x32\...\{18D10072035C4515918F7E37EAFAACFC}) (Version: 1.1 - )
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
calibre (HKLM-x32\...\{263E62B9-CB1E-4864-A8A7-37DEAC651484}) (Version: 2.63.0 - Kovid Goyal)
Canon Easy-WebPrint EX (HKLM-x32\...\Easy-WebPrint EX) (Version: 1.6.0.0 - Canon Inc.)
Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version: 1.1.12.0 - Canon Inc.)
Canon Inkjet Printer/Scanner/Fax Extended Survey Program (HKLM-x32\...\CANONIJPLM100) (Version: 4.2.0 - Canon Inc.)
Canon Kurzwahlprogramm (HKLM-x32\...\Speed Dial Utility) (Version: 1.5.0 - Canon Inc.)
Canon MB2300 series Benutzerregistrierung (HKLM-x32\...\Canon MB2300 series Benutzerregistrierung) (Version:  - *Canon Inc.)
Canon MB2300 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MB2300_series) (Version: 1.01 - Canon Inc.)
Canon MB2300 series On-screen Manual (HKLM-x32\...\Canon MB2300 series On-screen Manual) (Version: 7.7.1 - Canon Inc.)
Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: 3.2.1 - Canon Inc.)
Canon Quick Toolbox (HKLM-x32\...\Quick Toolbox) (Version: 1.0.0 - Canon Inc.)
Classic Shell (HKLM\...\{023F92C9-AB10-4C54-BF09-C550AEC37917}) (Version: 4.0.6 - IvoSoft)
Cliqz (HKLM-x32\...\{5A0C0737-6AFE-4DC6-A8B4-6DFE509ACD75}_is1) (Version: 0.5.22 - Cliqz.com)
DirectX 9.0c Extra Files (x86, x64) (HKLM\...\{8729E65B-8C12-4A42-B1FE-E4DA7ED52855}_is1) (Version: 1.10.06.0 - Sereby Corporation)
DivX (HKLM-x32\...\{7B63B2922B174135AFC0E1377DD81EC2}) (Version: 6.0 - DivXNetworks, Inc.)
Druckerdeinstallation für EPSON PX650 Series (HKLM\...\EPSON PX650 Series) (Version:  - SEIKO EPSON Corporation)
ElsterFormular (HKLM-x32\...\ElsterFormular) (Version: 18.1.22140 - Landesfinanzdirektion Thüringen)
Enigma (HKLM-x32\...\Enigma) (Version: 1.20 - Enigma Devel)
GeForce Experience NvStream Client Components (Version: 1.6.28 - NVIDIA Corporation) Hidden
GoldWave v5.70 (HKLM-x32\...\GoldWave v5.70) (Version: 5.70 - GoldWave Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 56.0.2924.87 - Google Inc.)
Google Earth (HKLM-x32\...\{F6430171-B86B-4639-839E-374913E7911D}) (Version: 7.1.8.3036 - Google)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.32.7 - Google Inc.) Hidden
iCloud (HKLM\...\{CE29BC77-C5AE-49D8-A8C0-FDAF6ACF74DF}) (Version: 6.0.1.41 - Apple Inc.)
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1011 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.15.1730 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.0.1016 - Intel Corporation)
iTunes (HKLM\...\{9946A4F7-E0FD-4A33-82D1-06CBFFBBB9F9}) (Version: 12.5.1.21 - Apple Inc.)
Java 8 Update 121 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180121F0}) (Version: 8.0.1210.13 - Oracle Corporation)
Kaspersky Internet Security (HKLM-x32\...\InstallWIX_{E27B1D7B-3B34-43A2-9FC0-9828D5DF46E2}) (Version: 17.0.0.611 - Kaspersky Lab)
Kaspersky Internet Security (x32 Version: 17.0.0.611 - Kaspersky Lab) Hidden
Kaspersky Secure Connection (HKLM-x32\...\InstallWIX_{1CF84962-50F8-48CA-9082-B70F3A02C686}) (Version: 17.0.0.611 - Kaspersky Lab)
Kaspersky Secure Connection (x32 Version: 17.0.0.611 - Kaspersky Lab) Hidden
Kobo (HKLM-x32\...\Kobo) (Version: 4.2.6122 - Rakuten Kobo Inc.)
LoiLoScope Herunterladen (HKLM-x32\...\{C2A254F4-AC74-482F-8F09-DB2843AC2AAE}_is1) (Version: 2.0 - LoiLo inc)
Malwarebytes Version 3.0.6.1469 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.0.6.1469 - Malwarebytes)
Microsoft .NET Framework 1.1 (HKLM-x32\...\Microsoft .NET Framework 1.1  (1033)) (Version:  - )
Microsoft .NET Framework 1.1 Security Update (KB2698023) (HKLM-x32\...\M2698023) (Version:  - )
Microsoft .NET Framework 1.1 Security Update (KB2833941) (HKLM-x32\...\M2833941) (Version:  - )
Microsoft .NET Framework 1.1 Security Update (KB979906) (HKLM-x32\...\M979906) (Version:  - )
Microsoft .NET Framework 1.1 SP1 (HKLM\...\{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}) (Version:  - )
Microsoft .NET Framework 1.1 SP1 (HKLM\...\Microsoft .NET Framework 1.1  (1033)) (Version:  - )
Microsoft Office Professional 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50905.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 ENU (HKLM-x32\...\{3A9FC03D-C685-4831-94CF-4EDFD3749497}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 x64 ENU (HKLM\...\{D4AD39AD-091E-4D33-BB2B-59F6FCB8ADC3}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61187 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61186 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.7523 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.7523 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.7523 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.7523 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{90ffcee5-8608-4e94-8c18-a4feb4f83fb8}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{4fcf070a-daac-45e9-a8b0-6850941f7ed8}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Mozilla Firefox 52.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 52.0.1 (x86 de)) (Version: 52.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 52.0.1.6284 - Mozilla)
Mozilla Thunderbird 45.8.0 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 45.8.0 (x86 de)) (Version: 45.8.0 - Mozilla)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
Nero Burning ROM 2014 (HKLM-x32\...\{6932EB55-F428-4F47-905B-56C90245FC48}) (Version: 15.0.04700 - Nero AG)
Nero Info (HKLM-x32\...\{B791E0AB-87A9-41A4-8D98-D13C2E37D928}) (Version: 15.1.0030 - Nero AG)
Nero Prerequisite Installer 2.0 (HKLM-x32\...\{10EACC1C-7B87-4F57-ACA6-4EC15E13E4E9}) (Version: 12.0.01300 - Nero AG)
Nero WaveEditor (HKLM-x32\...\{59C6E86A-14A9-47FD-9EE8-8D9DA864E0AF}) (Version: 12.5.01300 - Nero AG)
NVIDIA 3D Vision Controller-Treiber 335.21 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 335.21 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 376.53 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 376.53 - NVIDIA Corporation)
NVIDIA GeForce Experience 1.8.2.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 1.8.2.1 - NVIDIA Corporation)
NVIDIA Grafiktreiber 376.53 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 376.53 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.34.17 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.17 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation)
NVIDIA Virtual Audio 1.2.20 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver) (Version: 1.2.20 - NVIDIA Corporation)
OnlineFotoservice (HKLM-x32\...\OnlineFotoservice) (Version: 6.2.1 - CEWE Stiftung u Co. KGaA)
PDF Settings CS5 (x32 Version: 10.0 - Adobe Systems Incorporated) Hidden
PDF24 Creator 6.3.2 (HKLM-x32\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version:  - PDF24.org)
PHOTOfunSTUDIO 9.3 PE (HKLM-x32\...\{E33B3B6C-5712-4A39-B30D-1391918D920D}) (Version: 9.03.703 - Panasonic Corporation)
Prerequisite installer (x32 Version: 12.0.0004 - Nero AG) Hidden
Prerequisite installer (x32 Version: 15.0.0005 - Nero AG) Hidden
QuickTime 7 (HKLM-x32\...\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}) (Version: 7.76.80.95 - Apple Inc.)
RawTherapee Version 4.2 (HKLM\...\{128459AB-59A7-430A-8BD0-3D8803D50400}_is1) (Version: 4.2 - rawtherapee.com)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.19.726.2013 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7071 - Realtek Semiconductor Corp.)
Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.63.0 - Samsung Electronics Co., Ltd.)
Secunia PSI (3.0.0.9016) (HKLM-x32\...\Secunia PSI) (Version: 3.0.0.9016 - Secunia)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
SHIELD Streaming (Version: 1.7.321 - NVIDIA Corporation) Hidden
SILKYPIX Elements Deutsch (HKLM-x32\...\InstallShield_{064A5335-FCC3-4C41-A450-8ABE44D5A6F1}) (Version: 4 - Ichikawa Soft Laboratory)
SILKYPIX Elements Deutsch (x32 Version: 4 - Ichikawa Soft Laboratory) Hidden
Smart Switch (HKLM-x32\...\InstallShield_{74FA5314-85C8-4E2A-907D-D9ECCCB770A7}) (Version: 4.1.17022.20 - Samsung Electronics Co., Ltd.)
Smart Switch (x32 Version: 4.1.17022.20 - Samsung Electronics Co., Ltd.) Hidden
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.4 - VideoLAN)
VSO ConvertXToDVD (HKLM-x32\...\{CE1F93C0-4353-4C9D-84DA-AB4E7C63ED32}_is1) (Version: 5.3.0.15 - VSO Software)
Vulkan Run Time Libraries 1.0.26.0 (HKLM\...\VulkanRT1.0.26.0) (Version: 1.0.26.0 - LunarG, Inc.)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {05A19622-27B2-458B-94EC-5F0738D90747} - \WPD\SqmUpload_S-1-5-21-1714761304-533778531-3308288475-1004 -> Keine Datei <==== ACHTUNG
Task: {05B1FE50-1BBE-4A33-9CD8-3A36E46C5FCE} - \OfficeSoftwareProtectionPlatform\SvcRestartTask -> Keine Datei <==== ACHTUNG
Task: {06A8E542-407A-4EA6-9F1D-CB6ABD25B9B6} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Keine Datei <==== ACHTUNG
Task: {11555ECC-4DAB-4C7A-8786-A2B1AA78AAEC} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-03-15] (Adobe Systems Incorporated)
Task: {2F0C90EE-959D-4F80-BB80-8BB6AD5C4B7C} - System32\Tasks\AdobeAAMUpdater-1.0-HOME-PC-Martin_2 => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2010-03-06] (Adobe Systems Incorporated)
Task: {352B5E97-CA81-4945-BBEA-F3BAF48FD7E2} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.)
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => %SystemRoot%\System32\AutoWorkplace.exe
Task: {4FC3E649-AFAA-47DF-ADA2-0050F677F31D} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Keine Datei <==== ACHTUNG
Task: {58F41D3E-4CC5-47D9-8DD8-56E989CFBE8E} - System32\Tasks\AdobeAAMUpdater-1.0-HOME-PC-rwasser => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2010-03-06] (Adobe Systems Incorporated)
Task: {6007578F-8556-44E8-8D46-D0838A36A1BF} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Keine Datei <==== ACHTUNG
Task: {62978F72-FD7E-46E1-8FAD-662C4DDD1A16} - System32\Tasks\CreateChoiceProcessTask => C:\Windows\BrowserChoice\browserchoice.exe
Task: {63161965-BE35-45DC-A33F-9A24C35BCDC4} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei <==== ACHTUNG
Task: {6421B00E-2EAB-42CD-8E6A-5E0CF08DE157} - \WPD\SqmUpload_S-1-5-21-1714761304-533778531-3308288475-1003 -> Keine Datei <==== ACHTUNG
Task: {70E9504F-05E6-47AB-BD03-05F56B4E4577} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> Keine Datei <==== ACHTUNG
Task: {7741CEE0-C40B-4A71-8532-F9CDD8E9098D} - \WPD\SqmUpload_S-1-5-21-1714761304-533778531-3308288475-1001 -> Keine Datei <==== ACHTUNG
Task: {7A6600FE-9983-46C7-B293-E1A7230A6AC7} - System32\Tasks\AdobeAAMUpdater-1.0-HOME-PC-Martin => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2010-03-06] (Adobe Systems Incorporated)
Task: {7E0CC4DF-C261-475F-9DCD-C42FE70EC120} - System32\Tasks\AdobeAAMUpdater-1.0-HOME-PC-ps => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2010-03-06] (Adobe Systems Incorporated)
Task: {85653F2F-DA1F-4787-B48F-D1833249A5C6} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Keine Datei <==== ACHTUNG
Task: {88B69007-680F-4862-B696-5C707BA70B8E} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> Keine Datei <==== ACHTUNG
Task: {88FE9FC1-0C26-4E4E-B602-A92BB94ACF72} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2016-02-23] (Apple Inc.)
Task: {8B0A198F-08BC-4989-9681-BAC9CED1D81E} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG
Task: {9DEFAE69-D989-4FF7-85A7-5D14C5035C7C} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine Datei <==== ACHTUNG
Task: {A6EED6BA-3ABF-47D4-904F-1EE1D0761D34} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Keine Datei <==== ACHTUNG
Task: {A9F32772-87D6-4503-AD8D-C389FBB68D77} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.)
Task: {B206CE31-4654-410C-8C14-30683FB7283B} - \WPD\SqmUpload_S-1-5-21-1714761304-533778531-3308288475-1006 -> Keine Datei <==== ACHTUNG
Task: {CDC95D86-E40B-40BF-AC09-B1B8573482FC} - \WPD\SqmUpload_S-1-5-21-1714761304-533778531-3308288475-1005 -> Keine Datei <==== ACHTUNG
Task: {E7A92DED-09A5-460E-930F-CC51F8CA14F6} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2017-03-16] (Microsoft Corporation)
Task: {E83BC045-7468-4326-8ADA-76CB2FA9D3AD} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-12-19] (Adobe Systems Incorporated)
Task: {F284BA0F-A7E2-414B-BE65-A9F812C90CF7} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG
Task: {F9FA216D-395C-4C09-A9A8-226D7AC59200} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Keine Datei <==== ACHTUNG

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)


==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FullHD Videobearbeitung LoiLoScope Herunterladen.lnk -> C:\Program Files (x86)\LoiLo\LoiLoScope Download\WebShortcut.exe () -> hxxp://loilo.tv/product/20?partner_id=14
ShortcutWithArgument: C:\Users\Public\Desktop\FullHD Videobearbeitung LoiLoScope Herunterladen.lnk -> C:\Program Files (x86)\LoiLo\LoiLoScope Download\WebShortcut.exe () -> hxxp://loilo.tv/product/20?partner_id=14

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2016-07-16 12:42 - 2016-07-16 12:42 - 00231424 _____ () C:\WINDOWS\SYSTEM32\ism32k.dll
2017-03-15 18:05 - 2017-03-04 08:19 - 02681200 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2016-09-25 17:48 - 2016-12-29 13:44 - 00134712 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2016-09-01 17:12 - 2016-09-01 17:12 - 00092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2016-09-01 17:12 - 2016-09-01 17:12 - 01353528 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2015-10-05 13:50 - 2013-06-28 16:28 - 00084616 _____ () C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
2016-09-25 17:48 - 2013-05-07 08:45 - 00936728 _____ () C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe
2017-03-20 11:07 - 2017-02-24 06:23 - 02264352 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\PoliciesControllerImpl.dll
2017-03-20 11:07 - 2017-02-24 06:23 - 02264528 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MwacLib.dll
2017-03-15 18:05 - 2017-03-04 08:19 - 02681200 _____ () C:\WINDOWS\SYSTEM32\CoreUIComponents.dll
2016-09-25 17:59 - 2016-09-25 17:59 - 00959168 _____ () C:\Users\Martin_2\AppData\Local\Microsoft\OneDrive\17.3.6381.0405\amd64\ClientTelemetry.dll
2016-09-25 18:44 - 2016-09-25 18:44 - 00134656 _____ () C:\Windows\ShellExperiences\Windows.UI.Shell.SharedUtilities.dll
2017-03-15 18:05 - 2017-03-04 07:31 - 00474112 _____ () C:\Windows\ShellExperiences\QuickActions.dll
2017-03-15 18:05 - 2017-03-04 07:12 - 09760768 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2017-03-15 18:05 - 2017-03-04 07:05 - 01401856 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2017-03-15 18:05 - 2017-03-04 07:05 - 00757248 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CSGSuggestLib.dll
2017-03-15 18:05 - 2017-03-04 07:05 - 01033216 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Actions.dll
2017-03-15 18:05 - 2017-03-04 07:05 - 02424320 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2017-03-15 18:05 - 2017-03-04 07:08 - 04853760 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2017-03-13 13:07 - 2017-03-13 13:07 - 00077312 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.12.112.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2017-03-13 13:07 - 2017-03-13 13:07 - 00182784 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.12.112.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2017-03-13 13:07 - 2017-03-13 13:07 - 41048064 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.12.112.0_x64__kzf8qxf38zg5c\SkyWrap.dll
2017-03-13 13:07 - 2017-03-13 13:07 - 02236896 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.12.112.0_x64__kzf8qxf38zg5c\roottools.dll
2016-06-28 00:19 - 2016-06-28 00:19 - 00865232 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 17.0.0\kpcengine.2.3.dll
2016-09-25 17:48 - 2017-03-24 16:33 - 00027648 _____ () C:\Program Files (x86)\ASUS\AXSP\1.01.02\PEbiosinterface32.dll
2016-09-25 17:48 - 2013-05-07 08:45 - 00104448 _____ () C:\Program Files (x86)\ASUS\AXSP\1.01.02\ATKEX.dll
2016-09-25 17:59 - 2016-09-25 17:59 - 00679624 _____ () C:\Users\Martin_2\AppData\Local\Microsoft\OneDrive\17.3.6381.0405\ClientTelemetry.dll
2014-03-12 09:44 - 2013-09-16 05:19 - 01242584 ____R () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)


==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2013-08-22 14:25 - 2013-08-22 14:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-1714761304-533778531-3308288475-1001\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\web\wallpaper\Windows\img0.jpg
HKU\S-1-5-21-1714761304-533778531-3308288475-1003\Control Panel\Desktop\\Wallpaper -> C:\Users\Martin_2\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 192.168.2.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

HKLM\...\StartupApproved\Run32: => "ISUSScheduler"
HKLM\...\StartupApproved\Run32: => "ISUSPM Startup"

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{82E5C1B9-3A0D-4114-81E0-B73E28C1D46E}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{B70D8FFF-BFAF-4700-8BDF-3E7E19AAEB42}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{0EBDA247-BC50-43ED-A043-4F69DE8AE38C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{EA56274C-9CBB-4B16-8DB3-C0DCDEEB4FE6}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{508D342C-AC04-48CC-BBBF-B63212F21AA8}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{68287F6E-1230-452D-B4E3-59DB265AAC37}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{4D874E29-02A0-42FF-A0A3-B6F28E439B0E}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{E0B4CD56-DA8E-4E52-B0DA-901547D8CDBA}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{2EA38139-0CDA-450F-A813-FE1D62D36EC1}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{F760303F-D83A-4E6D-8599-19E94800CE57}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{F67C8A0B-22ED-49FA-AB8E-190443718C86}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{B7092773-8893-4B5A-804F-FAA6311F9CB4}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{82683395-D4C3-4B7C-8D2B-CA2847FA53D0}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{B82F3993-D2CC-4DB6-AC06-A1347AF2093E}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{78146481-E77B-4CA1-93C9-4BE7A623395E}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{FB5A7800-A918-4049-A143-08D6DE3A9699}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{86E137A7-7A6A-4A28-92B7-A38DF5A29325}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{52CC8977-82F5-4FC1-9F9D-D17161133C89}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{7535569D-5E23-4229-93ED-2C44EA5DADD0}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{7BF630AA-356D-4B07-9FF5-BBCF2AD206A3}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Wiederherstellungspunkte =========================

10-03-2017 18:01:34 Geplanter Prüfpunkt
16-03-2017 17:29:36 Windows Update
21-03-2017 13:30:44 Installed Smart Switch
24-03-2017 13:10:11 JRT Pre-Junkware Removal

==================== Fehlerhafte Geräte im Gerätemanager =============


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (03/24/2017 04:33:24 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Local Hostname HOME-PC.local already in use; will try HOME-PC-2.local instead

Error: (03/24/2017 04:33:24 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: ProbeCount 2; will deregister  16 HOME-PC.local. AAAA FE80:0000:0000:0000:CC07:C2E5:4E5B:6D7F

Error: (03/24/2017 04:33:24 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Received from FE80:0000:0000:0000:CC07:C2E5:4E5B:6D7F:5353  16 HOME-PC.local. AAAA 2003:007A:A973:BCC5:CC07:C2E5:4E5B:6D7F

Error: (03/24/2017 03:13:10 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: firefox.exe, Version: 52.0.1.6284, Zeitstempel: 0x58cb7774
Name des fehlerhaften Moduls: mozglue.dll, Version: 52.0.1.6284, Zeitstempel: 0x58cb7766
Ausnahmecode: 0x80000003
Fehleroffset: 0x0000f74f
ID des fehlerhaften Prozesses: 0x3b0
Startzeit der fehlerhaften Anwendung: 0x01d2a4a8400be868
Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\Mozilla Firefox\firefox.exe
Pfad des fehlerhaften Moduls: C:\Program Files (x86)\Mozilla Firefox\mozglue.dll
Berichtskennung: 2c94fda2-ae3b-4469-b72d-038de6a1d50f
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:

Error: (03/24/2017 01:10:12 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".

Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.

System Error:
Zugriff verweigert
.

Error: (03/24/2017 10:33:47 AM) (Source: SideBySide) (EventID: 75) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "c:\program files (x86)\adobe\adobe media encoder cs5\PhotoshopServer.exe". Fehler in Manifest- oder Richtliniendatei "c:\program files (x86)\adobe\adobe media encoder cs5\PhotoshopServer.exe" in Zeile 2.
Mehrere requestedPrivileges-Elemente sind nicht im Manifest zulässig.

Error: (03/23/2017 04:13:42 PM) (Source: SideBySide) (EventID: 75) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "c:\program files (x86)\adobe\adobe media encoder cs5\PhotoshopServer.exe". Fehler in Manifest- oder Richtliniendatei "c:\program files (x86)\adobe\adobe media encoder cs5\PhotoshopServer.exe" in Zeile 2.
Mehrere requestedPrivileges-Elemente sind nicht im Manifest zulässig.

Error: (03/23/2017 04:09:57 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Unexpected conflict discarding  15 1.0.0.127.in-addr.arpa. PTR HOME-PC.local.

Error: (03/23/2017 04:09:57 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Received from 127.0.0.1:5353  17 1.0.0.127.in-addr.arpa. PTR HOME-PC-2.local.

Error: (03/22/2017 12:03:48 PM) (Source: SideBySide) (EventID: 75) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "c:\program files (x86)\adobe\adobe media encoder cs5\PhotoshopServer.exe". Fehler in Manifest- oder Richtliniendatei "c:\program files (x86)\adobe\adobe media encoder cs5\PhotoshopServer.exe" in Zeile 2.
Mehrere requestedPrivileges-Elemente sind nicht im Manifest zulässig.


Systemfehler:
=============
Error: (03/24/2017 04:33:21 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am ‎24.‎03.‎2017 um 15:13:48 unerwartet heruntergefahren.

Error: (03/24/2017 04:33:14 PM) (Source: Microsoft-Windows-Kernel-Boot) (EventID: 29) (User: NT-AUTORITÄT)
Description: 32212256844762706415512296

Error: (03/24/2017 03:13:27 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\SYSTEM" (SID: S-1-5-18) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 und der APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
 im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.

Error: (03/24/2017 03:13:08 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Secunia Update Agent" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (03/24/2017 03:13:08 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Nero Update" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (03/24/2017 03:13:08 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Kaspersky Secure Connection Service 1.0.0" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (03/24/2017 03:13:08 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Intel(R) Dynamic Application Loader Host Interface Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (03/24/2017 03:13:08 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Intel(R) Rapid Storage Technology" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (03/24/2017 03:13:08 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "iPod-Dienst" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (03/24/2017 03:13:08 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Search" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts.


CodeIntegrity:
===================================
  Date: 2016-11-04 11:01:19.088
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-11-04 11:01:19.084
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-11-04 11:00:42.601
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-11-04 11:00:15.129
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-11-04 11:00:15.125
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-11-04 11:00:15.120
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-11-04 11:00:15.114
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-11-04 10:58:49.541
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-11-04 10:58:49.538
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2016-11-04 10:58:49.502
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.


==================== Speicherinformationen ===========================

Prozessor: Intel(R) Core(TM) i5-4440 CPU @ 3.10GHz
Prozentuale Nutzung des RAM: 32%
Installierter physikalischer RAM: 8130.18 MB
Verfügbarer physikalischer RAM: 5462.86 MB
Summe virtueller Speicher: 9410.18 MB
Verfügbarer virtueller Speicher: 6610.75 MB

==================== Laufwerke ================================

Drive c: (boot) (Fixed) (Total:232.1 GB) (Free:104.52 GB) NTFS
Drive d: (Daten) (Fixed) (Total:851.51 GB) (Free:648.26 GB) NTFS
Drive e: (Rocover) (Fixed) (Total:80 GB) (Free:53.49 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 232.9 GB) (Disk ID: 612D9DBB)
Partition 1: (Active) - (Size=350 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=232.1 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=450 MB) - (Type=27)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 612D9DA0)
Partition 1: (Not Active) - (Size=851.5 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=80 GB) - (Type=07 NTFS)

==================== Ende von Addition.txt ============================

cosinus 25.03.2017 00:22
FRST-Fix

Virenscanner jetzt bitte komplett deaktivieren, damit sichergestellt ist, dass der Fix sauber durchläuft!

Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:
Task: {05A19622-27B2-458B-94EC-5F0738D90747} - \WPD\SqmUpload_S-1-5-21-1714761304-533778531-3308288475-1004 -> Keine Datei <==== ACHTUNG
Task: {05B1FE50-1BBE-4A33-9CD8-3A36E46C5FCE} - \OfficeSoftwareProtectionPlatform\SvcRestartTask -> Keine Datei <==== ACHTUNG
Task: {06A8E542-407A-4EA6-9F1D-CB6ABD25B9B6} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Keine Datei <==== ACHTUNG
Task: {4FC3E649-AFAA-47DF-ADA2-0050F677F31D} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Keine Datei <==== ACHTUNG
Task: {6007578F-8556-44E8-8D46-D0838A36A1BF} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Keine Datei <==== ACHTUNG
Task: {63161965-BE35-45DC-A33F-9A24C35BCDC4} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei <==== ACHTUNG
Task: {6421B00E-2EAB-42CD-8E6A-5E0CF08DE157} - \WPD\SqmUpload_S-1-5-21-1714761304-533778531-3308288475-1003 -> Keine Datei <==== ACHTUNG
Task: {70E9504F-05E6-47AB-BD03-05F56B4E4577} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> Keine Datei <==== ACHTUNG
Task: {7741CEE0-C40B-4A71-8532-F9CDD8E9098D} - \WPD\SqmUpload_S-1-5-21-1714761304-533778531-3308288475-1001 -> Keine Datei <==== ACHTUNG
Task: {85653F2F-DA1F-4787-B48F-D1833249A5C6} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Keine Datei <==== ACHTUNG
Task: {88B69007-680F-4862-B696-5C707BA70B8E} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> Keine Datei <==== ACHTUNG
Task: {8B0A198F-08BC-4989-9681-BAC9CED1D81E} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG
Task: {9DEFAE69-D989-4FF7-85A7-5D14C5035C7C} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine Datei <==== ACHTUNG
Task: {A6EED6BA-3ABF-47D4-904F-1EE1D0761D34} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Keine Datei <==== ACHTUNG
Task: {B206CE31-4654-410C-8C14-30683FB7283B} - \WPD\SqmUpload_S-1-5-21-1714761304-533778531-3308288475-1006 -> Keine Datei <==== ACHTUNG
Task: {CDC95D86-E40B-40BF-AC09-B1B8573482FC} - \WPD\SqmUpload_S-1-5-21-1714761304-533778531-3308288475-1005 -> Keine Datei <==== ACHTUNG
Task: {F284BA0F-A7E2-414B-BE65-A9F812C90CF7} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG
Task: {F9FA216D-395C-4C09-A9A8-226D7AC59200} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Keine Datei <==== ACHTUNG
emptytemp:

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
  • Starte nun FRST erneut und klicke den Entfernen Button.
  • Das Tool erstellt eine Fixlog.txt.
  • Poste mir deren Inhalt.



Alle Zeitangaben in WEZ +1. Es ist jetzt 08:18 Uhr.
Seite 1 von 2 1 2
100 Beiträge dieses Themas auf einer Seite anzeigen

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131