Jump to content

Not running on Windows 10 PC


Recommended Posts

Hello there,

I am new here.

Used to run Malwarebytes AntiMalware on my Computer for months without problems.

Since some weeks, it did not start any more. I de-installed it, rebooted, used Malwarebytes Cleaning tool, installed freshly, run as administrator - but it will not run any more. After starting, the blue Malwarebytes symbol appears in the taskbar for some seconds and then disappears again. 

System ist Windows 10 Home 64bit on a Microsoft surface, Build 14393.351, No antivirus suite, only windows defender running. Turning it off did not change anything.

Has anybody some idea?

Thanx a lot!

Link to post
Share on other sites

Hello Etojok and welcome to Malwarebytes,

My screen name is kevinf80, i`m here to help clean up your system. Make sure to run all scans from accounts with Administrator status, continue as follows please:

Anyone other than the original starter of this thread please DO NOT follow the instructions and advice posted as replies here, my help and advice is NOT related to your system and will probably cause more harm than good...

Change the download folder setting in the default Browser so all tools we may use are saved to the Desktop:

user posted imageGoogle Chrome - Click the "Customize and control Google Chrome" button in the upper right-corner of the browser. user posted image
Choose Settings. at the bottom of the screen click the
"Show advanced settings..." link. Scroll down to find the Downloads section and click the Change... button. Select your desktop and click OK.

user posted imageMozilla Firefox - Click the "Open Menu" button in the upper right-corner of the browser. user posted image Choose Options. In the downloads section, click the Browse button, click on the Desktop folder and the click the "Select Folder" button. Click OK to get out of the Options menu.

user posted imageInternet Explorer - Click the Tools menu in the upper right-corner of the browser. user posted image Select View downloads. Select the Options link in the lower left of the window. Click Browse and select the Desktop and then choose the Select Folder button. Click OK to get out of the download options screen and then click Close to get out of the View Downloads screen.
NOTE: IE8 Does not support changing download locations in this manner. You will need to download the tool(s) to the default folder, usually Downloads, then copy them to the desktop.

user posted imageChange default download folder location in Edge -Boot to a user account with admin status, select start > file explorer > right click on "Downloads" folder and select "Properties"

In the new window select "Location" tab > clear the text field box and type in or copy/paste %userprofile%\Desktop > select "Apply" then "OK"

Be aware you are not changing the Browser download folder location, you are changing the user’s download directory location.....

Next,

Follow the instructions in the following link to show hidden files:

http://www.howtogeek.com/howto/windows-vista/show-hidden-files-and-folders-in-windows-vista/

Next,

Download Farbar Recovery Scan Tool and save it to your desktop.

Note: You need to run the version compatible with your system (32 bit or 64 bit). If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.

If your security alerts to FRST either, accept the alert or turn your security off to allow FRST to run. It is not malicious or infected in any way...
 
  • Double-click to run it. When the tool opens click Yes to disclaimer.(Windows 8/10 users will be prompted about Windows SmartScreen protection - click More information and Run.)
  • Make sure Addition.txt is checkmarked under "Optional scans"
  • Press Scan button to run the tool....
  • It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
  • The tool will also make a log named (Addition.txt) Please attach those logs to your reply.


Let me see those logs in your reply...

Thank you,

Kevin...
Link to post
Share on other sites

Good morning Kevin,

 

thank you very much for your fast response and advice!

Through the morning I still tried some times to run Malwarebytes, and ONE time it started and made a scan (0 results). After this, it will not run and has the same behaviour as before (some seconds in taskbar and then vanishes.)

So I did what you recommended, here are the FRST logs:

Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 30-10-2016
durchgeführt von Bernhard (Administrator) auf BERNHARD (02-11-2016 10:23:29)
Gestartet von C:\Users\Bernhard\Desktop
Geladene Profile: Bernhard (Verfügbare Profile: Bernhard)
Platform: Windows 10 Home Version 1607 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Edge)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(Intel Corporation) C:\Windows\System32\DptfPolicyCriticalService.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Garmin Ltd. or its subsidiaries) C:\Program Files (x86)\Garmin\Device Interaction Service\GarminService.exe
(Intel Corporation) C:\Windows\System32\DptfParticipantProcessorService.exe
(Intel Corporation) C:\Windows\System32\DptfPolicyLpmService.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Intel Corporation) C:\Windows\System32\DptfPolicyLpmServiceHelper.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCui.exe
(Secomba GmbH) C:\Program Files (x86)\Boxcryptor\Boxcryptor.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTEM.EXE
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Vivaldi Technologies AS) C:\Users\Bernhard\AppData\Local\Vivaldi\Application\vivaldi.exe
(Vivaldi Technologies AS) C:\Users\Bernhard\AppData\Local\Vivaldi\Application\vivaldi.exe
(Vivaldi Technologies AS) C:\Users\Bernhard\AppData\Local\Vivaldi\Application\vivaldi.exe
(Vivaldi Technologies AS) C:\Users\Bernhard\AppData\Local\Vivaldi\Application\vivaldi.exe
(Vivaldi Technologies AS) C:\Users\Bernhard\AppData\Local\Vivaldi\Application\vivaldi.exe
(Vivaldi Technologies AS) C:\Users\Bernhard\AppData\Local\Vivaldi\Application\vivaldi.exe
(Vivaldi Technologies AS) C:\Users\Bernhard\AppData\Local\Vivaldi\Application\vivaldi.exe
(Vivaldi Technologies AS) C:\Users\Bernhard\AppData\Local\Vivaldi\Application\vivaldi.exe
(Vivaldi Technologies AS) C:\Users\Bernhard\AppData\Local\Vivaldi\Application\vivaldi.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Vivaldi Technologies AS) C:\Users\Bernhard\AppData\Local\Vivaldi\Application\vivaldi.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Farbar) C:\Users\Bernhard\Desktop\FRST64 (1).exe


==================== Registry (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [DptfPolicyLpmServiceHelper] => C:\WINDOWS\system32\DptfPolicyLpmServiceHelper.exe [129520 2015-09-25] (Intel Corporation)
HKLM\...\Run: [WindowsDefender] => C:\Program Files\Windows Defender\MSASCuiL.exe [631808 2016-09-07] (Microsoft Corporation)
HKLM-x32\...\Run: [IJNetworkScannerSelectorEX] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [438888 2014-01-15] (CANON INC.)
HKLM-x32\...\Run: [CanonQuickMenu] => C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE [1285704 2014-08-08] (CANON INC.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2016-09-22] (Oracle Corporation)
HKU\S-1-5-21-3251535169-2457551212-2053284645-1001\...\Run: [Windows Defender] => C:\Program Files\Windows Defender\MSASCui.exe [1299968 2016-09-07] (Microsoft Corporation)
HKU\S-1-5-21-3251535169-2457551212-2053284645-1001\...\Run: [GarminExpressTrayApp] => C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [1402792 2016-08-31] (Garmin Ltd. or its subsidiaries)
HKU\S-1-5-21-3251535169-2457551212-2053284645-1001\...\Run: [Boxcryptor.exe] => C:\Program Files (x86)\Boxcryptor\Boxcryptor.exe [2268256 2016-09-26] (Secomba GmbH)
HKU\S-1-5-21-3251535169-2457551212-2053284645-1001\...\RunOnce: [Uninstall C:\Users\Bernhard\AppData\Local\Microsoft\OneDrive\17.3.6390.0509_1\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Bernhard\AppData\Local\Microsoft\OneDrive\17.3.6390.0509_1\amd64"
HKU\S-1-5-21-3251535169-2457551212-2053284645-1001\...\RunOnce: [Application Restart #1] => C:\Users\Bernhard\AppData\Local\Vivaldi\Application\vivaldi.exe [1094264 2016-10-01] (Vivaldi Technologies AS)
SSODL: EldosMountNotificator-cbfs5 - {1568E045-B7C0-4A56-B07E-85C16D21FBB7} - C:\WINDOWS\system32\cbfsMntNtf5.dll (EldoS Corporation)
SSODL: EldosMountNotificator-cbfs6 - {F14DF7AF-F87D-4187-A711-C61F2680DD07} - C:\WINDOWS\system32\cbfsMntNtf6.dll (EldoS Corporation)
SSODL-x32: EldosMountNotificator-cbfs5 - {1568E045-B7C0-4A56-B07E-85C16D21FBB7} - C:\WINDOWS\SysWOW64\cbfsMntNtf5.dll (EldoS Corporation)
SSODL-x32: EldosMountNotificator-cbfs6 - {F14DF7AF-F87D-4187-A711-C61F2680DD07} - C:\WINDOWS\SysWOW64\cbfsMntNtf6.dll (EldoS Corporation)
ShellIconOverlayIdentifiers: [     "CryptorShellExtHandler.IconOverlayExt0"] -> {3F72D166-F72C-4233-8DFF-C1AE9912EE00} => C:\Program Files (x86)\Boxcryptor\ShellExt\x64\Boxcryptor.Ext.dll [2016-09-26] (Secomba GmbH)
ShellIconOverlayIdentifiers: [     "CryptorShellExtHandler.IconOverlayExt1"] -> {2C98CA8D-A52F-45E3-AE6E-2A92C8BAE147} => C:\Program Files (x86)\Boxcryptor\ShellExt\x64\Boxcryptor.Ext.dll [2016-09-26] (Secomba GmbH)
ShellIconOverlayIdentifiers: [     "CryptorShellExtHandler.IconOverlayExt8"] -> {997CC261-6729-4956-A09B-818EA137FFE9} => C:\Program Files (x86)\Boxcryptor\ShellExt\x64\Boxcryptor.Ext.dll [2016-09-26] (Secomba GmbH)
ShellIconOverlayIdentifiers: [     "CryptorShellExtHandler.IconOverlayExt9"] -> {F61B4933-D8AF-40DE-A335-F9B3BE1FF878} => C:\Program Files (x86)\Boxcryptor\ShellExt\x64\Boxcryptor.Ext.dll [2016-09-26] (Secomba GmbH)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  Keine Datei
ShellIconOverlayIdentifiers: [EldosIconOverlay-cbfs5] -> {085E04C6-5E85-4BC1-A356-2D7524395AE9} => C:\WINDOWS\system32\cbfsMntNtf5.dll [2015-10-04] (EldoS Corporation)
ShellIconOverlayIdentifiers: [EldosIconOverlay-cbfs6] -> {AD594406-DD40-4585-8DA0-144C8A3CA14C} => C:\WINDOWS\system32\cbfsMntNtf6.dll [2016-06-13] (EldoS Corporation)
ShellIconOverlayIdentifiers-x32: [     "CryptorShellExtHandler.IconOverlayExt0"] -> {3F72D166-F72C-4233-8DFF-C1AE9912EE00} => C:\Program Files (x86)\Boxcryptor\ShellExt\x86\Boxcryptor.Ext.dll [2016-09-26] (Secomba GmbH)
ShellIconOverlayIdentifiers-x32: [     "CryptorShellExtHandler.IconOverlayExt1"] -> {2C98CA8D-A52F-45E3-AE6E-2A92C8BAE147} => C:\Program Files (x86)\Boxcryptor\ShellExt\x86\Boxcryptor.Ext.dll [2016-09-26] (Secomba GmbH)
ShellIconOverlayIdentifiers-x32: [     "CryptorShellExtHandler.IconOverlayExt8"] -> {997CC261-6729-4956-A09B-818EA137FFE9} => C:\Program Files (x86)\Boxcryptor\ShellExt\x86\Boxcryptor.Ext.dll [2016-09-26] (Secomba GmbH)
ShellIconOverlayIdentifiers-x32: [     "CryptorShellExtHandler.IconOverlayExt9"] -> {F61B4933-D8AF-40DE-A335-F9B3BE1FF878} => C:\Program Files (x86)\Boxcryptor\ShellExt\x86\Boxcryptor.Ext.dll [2016-09-26] (Secomba GmbH)
ShellIconOverlayIdentifiers-x32: [EldosIconOverlay-cbfs5] -> {085E04C6-5E85-4BC1-A356-2D7524395AE9} => C:\WINDOWS\SysWOW64\cbfsMntNtf5.dll [2015-10-04] (EldoS Corporation)
ShellIconOverlayIdentifiers-x32: [EldosIconOverlay-cbfs6] -> {AD594406-DD40-4585-8DA0-144C8A3CA14C} => C:\WINDOWS\SysWOW64\cbfsMntNtf6.dll [2016-06-13] (EldoS Corporation)
Startup: C:\Users\Bernhard\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\An OneNote senden.lnk [2015-10-30]
ShortcutTarget: An OneNote senden.lnk -> C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTEM.EXE (Microsoft Corporation)

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{4cb36dfb-2b6c-42db-8b13-54e808d48b1e}: [DhcpNameServer] 192.168.178.1

Internet Explorer:
==================
HKU\S-1-5-21-3251535169-2457551212-2053284645-1001\Software\Microsoft\Internet Explorer\Main,start page = hxxp://www.google.de/
SearchScopes: HKU\S-1-5-21-3251535169-2457551212-2053284645-1001 -> {F58E184A-22FD-4D57-9103-48ECB8A91DE6} URL = hxxps://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?}
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2016-10-08] (Microsoft Corporation)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL [2016-10-08] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\ssv.dll [2016-10-27] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\jp2ssv.dll [2016-10-27] (Oracle Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-10-24] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-10-24] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-10-24] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2016-10-24] (Microsoft Corporation)

Edge: 
======
Edge HomeButtonPage: HKU\S-1-5-21-3251535169-2457551212-2053284645-1001 -> hxxps://news.google.de/nwshp?hl=de&tab=wn&ei=HxDQVtXuB-aZygOUuLHoCQ&ved=0EKkuCAUoBQ
Edge Extension: (AdBlock) -> EdgeExtension_BetaFishAdBlock_c1wakc4j0nefm => C:\Program Files\WindowsApps\BetaFish.AdBlock_1.4.0.0_neutral__c1wakc4j0nefm [2016-11-01]
Edge Extension: (Save to Pocket) -> EdgeExtension_PocketSavetoPocket_v63j13wrfzj3t => C:\Program Files\WindowsApps\Pocket.SavetoPocket_2.0.37.0_neutral__v63j13wrfzj3t [2016-08-18]

FireFox:
========
FF DefaultProfile: ggbdnq7p.default
FF ProfilePath: C:\Users\Bernhard\AppData\Roaming\Mozilla\Firefox\Profiles\ggbdnq7p.default [2016-11-02]
FF Homepage: Mozilla\Firefox\Profiles\ggbdnq7p.default -> hxxps://startpage.com
FF Extension: (Papyrus Autor Recherche) - C:\Users\Bernhard\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\{de54d057-a919-42bd-bd12-402c0de91fc9}.xpi [2015-12-10] [ist nicht signiert]
FF Extension: (Firebug) - C:\Users\Bernhard\AppData\Roaming\Mozilla\Firefox\Profiles\ggbdnq7p.default\Extensions\firebug@software.joehewitt.com.xpi [2016-10-26]
FF Extension: (Firefox Hotfix) - C:\Users\Bernhard\AppData\Roaming\Mozilla\Firefox\Profiles\ggbdnq7p.default\Extensions\firefox-hotfix@mozilla.org.xpi [2016-08-31]
FF Extension: (Silvermel) - C:\Users\Bernhard\AppData\Roaming\Mozilla\Firefox\Profiles\ggbdnq7p.default\Extensions\silvermel@pardal.de.xpi [2015-07-03] [ist nicht signiert]
FF Extension: (Silvermel and Charamel XT) - C:\Users\Bernhard\AppData\Roaming\Mozilla\Firefox\Profiles\ggbdnq7p.default\Extensions\silvermelxt@pardal.de.xpi [2015-07-03]
FF Extension: (Test Pilot) - C:\Users\Bernhard\AppData\Roaming\Mozilla\Firefox\Profiles\ggbdnq7p.default\Extensions\testpilot@labs.mozilla.com.xpi [2016-08-29]
FF Extension: (FireShot) - C:\Users\Bernhard\AppData\Roaming\Mozilla\Firefox\Profiles\ggbdnq7p.default\Extensions\{0b457cAA-602d-484a-8fe7-c1d894a011ba} [2016-08-31]
FF Extension: (Microsoft .NET Framework Assistant) - C:\Users\Bernhard\AppData\Roaming\Mozilla\Firefox\Profiles\ggbdnq7p.default\Extensions\{20a82645-c095-46ed-80e3-08825760534b}.xpi [2015-06-10]
FF Extension: (NoScript) - C:\Users\Bernhard\AppData\Roaming\Mozilla\Firefox\Profiles\ggbdnq7p.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2016-08-15]
FF Extension: (ReloadEvery) - C:\Users\Bernhard\AppData\Roaming\Mozilla\Firefox\Profiles\ggbdnq7p.default\Extensions\{888d99e7-e8b5-46a3-851e-1ec45da1e644}.xpi [2016-03-24]
FF Extension: (TinyUrl Creator) - C:\Users\Bernhard\AppData\Roaming\Mozilla\Firefox\Profiles\ggbdnq7p.default\Extensions\{89736E8E-4B14-4042-8C75-AD00B6BD3900}.xpi [2015-06-10] [ist nicht signiert]
FF Extension: (NewsFox) - C:\Users\Bernhard\AppData\Roaming\Mozilla\Firefox\Profiles\ggbdnq7p.default\Extensions\{899DF1F8-2F43-4394-8315-37F6744E6319}.xpi [2016-02-29]
FF Extension: (Charamel) - C:\Users\Bernhard\AppData\Roaming\Mozilla\Firefox\Profiles\ggbdnq7p.default\Extensions\{961408A3-C970-4577-970A-D97C29839A67}.xpi [2015-07-02] [ist nicht signiert]
FF Extension: (Adblock Edge) - C:\Users\Bernhard\AppData\Roaming\Mozilla\Firefox\Profiles\ggbdnq7p.default\Extensions\{fe272bd1-5f76-4ea4-8501-a05d35d823fc}.xpi [2016-04-30]
FF Extension: (DSL Soforthilfe) - C:\Users\Bernhard\AppData\Roaming\Mozilla\Firefox\Profiles\ggbdnq7p.default\Extensions\{} [2016-01-13] [ist nicht signiert]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_23_0_0_205.dll [2016-10-26] ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWoW64\Macromed\Flash\NPSWF32_23_0_0_205.dll [2016-10-26] ()
FF Plugin-x32: @java.com/DTPlugin,version=11.111.2 -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\dtplugin\npDeployJava1.dll [2016-10-27] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.111.2 -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\plugin2\npjp2.dll [2016-10-27] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2016-10-08] (Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-10-01] (Adobe Systems Inc.)

==================== Dienste (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [3291848 2016-10-08] (Microsoft Corporation)
R2 DptfParticipantProcessorService; C:\WINDOWS\system32\DptfParticipantProcessorService.exe [134128 2015-09-25] (Intel Corporation)
S2 DptfParticipantWirelessService; C:\WINDOWS\System32\DptfParticipantWirelessService.exe [337392 2015-09-25] (Intel Corporation)
R2 DptfPolicyCriticalService; C:\WINDOWS\system32\DptfPolicyCriticalService.exe [137704 2015-09-25] (Intel Corporation)
R2 DptfPolicyLpmService; C:\WINDOWS\system32\DptfPolicyLpmService.exe [141296 2015-09-25] (Intel Corporation)
R2 Garmin Device Interaction Service; C:\Program Files (x86)\Garmin\Device Interaction Service\GarminService.exe [928272 2016-08-31] (Garmin Ltd. or its subsidiaries)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347328 2016-07-16] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103720 2016-07-16] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ======================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R3 ar0330; C:\WINDOWS\System32\drivers\ar0330.sys [138232 2016-06-13] (Intel(R) Corporation)
R3 camera; C:\WINDOWS\system32\DRIVERS\iacamera64.sys [950776 2016-06-13] (Intel(R) Corporation)
R1 cbfs5; C:\WINDOWS\system32\drivers\cbfs5.sys [422080 2015-10-04] (EldoS Corporation)
R1 cbfs6; C:\WINDOWS\system32\drivers\cbfs6.sys [460992 2016-06-13] (EldoS Corporation)
S3 DptfDevAmbient; C:\WINDOWS\System32\drivers\DptfDevAmbient.sys [77800 2015-09-25] (Intel Corporation)
R3 DptfDevDBPT; C:\WINDOWS\System32\drivers\DptfDevPower.sys [60400 2015-09-25] (Intel Corporation)
S3 DptfDevDisplay; C:\WINDOWS\System32\drivers\DptfDevDisplay.sys [62960 2015-09-25] (Intel Corporation)
R3 DptfDevGen; C:\WINDOWS\System32\drivers\DptfDevGen.sys [76272 2015-09-25] (Intel Corporation)
R3 DptfDevProc; C:\WINDOWS\System32\drivers\DptfDevProc.sys [125936 2015-09-25] (Intel Corporation)
S3 DptfDevWireless; C:\WINDOWS\System32\drivers\DptfDevWireless.sys [78320 2015-09-25] (Intel Corporation)
R3 DptfManager; C:\WINDOWS\System32\drivers\DptfManager.sys [259056 2015-09-25] (Intel Corporation)
S3 iagpioe; C:\WINDOWS\System32\drivers\iagpioe.sys [50184 2015-09-25] (Intel(R) Corporation)
S3 iai2ce; C:\WINDOWS\System32\drivers\iai2ce.sys [98824 2015-09-25] (Intel(R) Corporation)
U5 iaiouart; C:\Windows\System32\Drivers\iaiouart.sys [101376 2015-03-14] (Intel(R) Corporation)
R3 iaisp; C:\WINDOWS\System32\drivers\iaisp64.sys [47608 2016-06-13] (Intel(R) Corporation)
U5 iaLPSS_I2C; C:\Windows\System32\Drivers\iaLPSS_I2C.sys [78848 2015-03-14] (Intel(R) Corporation)
R3 iaspie; C:\WINDOWS\System32\drivers\iaspie.sys [80392 2015-09-25] (Intel(R) Corporation)
R3 iauarte; C:\WINDOWS\System32\drivers\iauarte.sys [121360 2015-09-25] (Intel(R) Corporation)
R3 igfxLP; C:\WINDOWS\system32\DRIVERS\igdkmd64lp.sys [7383016 2016-08-08] (Intel Corporation)
R3 IntelSST; C:\WINDOWS\system32\drivers\isstrtc.sys [667656 2016-01-12] ()
S3 iusb3adp; C:\WINDOWS\System32\drivers\iusb3adp.sys [12288 2015-03-13] (Intel)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [192216 2016-11-02] (Malwarebytes)
R0 MBI; C:\WINDOWS\System32\drivers\MBI.sys [50160 2015-09-25] (Intel(R) Corporation)
S0 megasas2i; C:\WINDOWS\System32\drivers\MegaSas2i.sys [64352 2016-10-05] (Avago Technologies)
R3 mrvlpcie8897; C:\WINDOWS\System32\drivers\mrvlpcie8897.sys [1041408 2016-07-16] (Marvell Semiconductors Inc.)
S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
R3 ov8835; C:\WINDOWS\System32\drivers\ov8835.sys [143864 2016-06-13] (Intel(R) Corporation)
R3 PMIC; C:\WINDOWS\System32\drivers\PMIC.sys [103424 2015-03-14] (Intel(R) Corporation)
R3 rtii2sac64; C:\WINDOWS\system32\DRIVERS\rtii2sac.sys [179928 2015-03-14] (Realtek Semiconductor Corp.)
S3 ssudcdf; C:\WINDOWS\System32\drivers\ssudcdf.sys [36608 2014-01-22] (DEVGURU Co., LTD.(www.devguru.co.kr))
S3 ssuddmgr; C:\WINDOWS\System32\drivers\ssuddmgr.sys [206080 2014-01-22] (DEVGURU Co., LTD.(www.devguru.co.kr))
S3 ssudobex; C:\WINDOWS\System32\drivers\ssudobex.sys [206080 2014-01-22] (DEVGURU Co., LTD.(www.devguru.co.kr))
S3 ssudrmnet; C:\WINDOWS\System32\drivers\ssudrmnet.sys [70400 2014-01-22] (DEVGURU Co., LTD.)
S3 ssudserd; C:\WINDOWS\System32\drivers\ssudserd.sys [206080 2014-01-22] (DEVGURU Co., LTD.(www.devguru.co.kr))
S3 ss_conn_usb_driver; C:\WINDOWS\System32\Drivers\ss_conn_usb_driver.sys [26368 2014-01-22] (DEVGURU Co., LTD.)
R3 Surface3TypeCoverIntegration; C:\WINDOWS\System32\drivers\Surface3TypeCoverIntegration.sys [30320 2015-03-12] (Microsoft Corporation)
R3 SurfaceAccessoryDevice; C:\WINDOWS\System32\drivers\SurfaceAccessoryDevice.sys [54376 2015-03-12] (Microsoft Corporation)
R3 SurfaceDigitizerIntegration; C:\WINDOWS\System32\drivers\SurfaceDigitizerIntegration.sys [48280 2016-01-12] (Microsoft Corporation)
R3 SurfaceDisplayCalibration; C:\WINDOWS\System32\drivers\SurfaceDisplayCalibration.sys [40560 2015-03-14] (Microsoft Corporation)
R3 SurfaceHomeButton; C:\WINDOWS\System32\drivers\SurfaceHomeButton.sys [53360 2015-03-12] (Microsoft Corporation)
R3 SurfaceIntegrationDriver; C:\WINDOWS\System32\drivers\SurfaceIntegrationDriver.sys [36968 2015-03-12] (Microsoft Corporation)
R0 SurfacePciController; C:\WINDOWS\System32\drivers\SurfacePciController.sys [35952 2015-03-12] (Microsoft Corporation)
R3 SurfacePenDriver; C:\WINDOWS\System32\drivers\SurfacePenDriver.sys [115600 2016-07-14] (Microsoft Corporation)
R3 SurfacePlatformPowerDriver; C:\WINDOWS\System32\drivers\SurfacePlatformPowerDriver.sys [92400 2016-06-13] (Microsoft Corporation)
R3 SurfaceTouchScreenDriver; C:\WINDOWS\System32\drivers\SurfaceTouchScreenDriver.sys [61040 2015-03-12] (Microsoft Corporation)
S3 SurfaceTypeCover; C:\WINDOWS\System32\drivers\SurfaceTypeCover.sys [35944 2015-03-12] (Microsoft Corporation)
R3 TXEIx64; C:\WINDOWS\System32\drivers\TXEIx64.sys [156976 2015-09-25] (Intel Corporation)
R3 vpnpbus; C:\WINDOWS\System32\drivers\vpnpbus.sys [18624 2015-08-24] (EldoS Corporation)
S0 WdBoot; C:\WINDOWS\System32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-11-02 10:23 - 2016-11-02 10:24 - 00021923 _____ C:\Users\Bernhard\Desktop\FRST.txt
2016-11-02 10:22 - 2016-11-02 10:23 - 00000000 ____D C:\FRST
2016-11-02 10:08 - 2016-11-02 10:08 - 00000000 ___HD C:\OneDriveTemp
2016-11-02 09:40 - 2016-11-02 10:21 - 02408960 _____ (Farbar) C:\Users\Bernhard\Desktop\FRST64 (1).exe
2016-11-01 19:52 - 2016-11-01 19:52 - 00000000 ____D C:\Users\Bernhard\AppData\Local\ESET
2016-11-01 19:09 - 2016-11-01 19:09 - 02408960 _____ (Farbar) C:\Users\Bernhard\Downloads\FRST64.exe
2016-11-01 18:53 - 2016-11-02 10:21 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2016-11-01 18:53 - 2016-11-01 18:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2016-11-01 18:53 - 2016-11-01 18:53 - 00000000 ____D C:\ProgramData\Malwarebytes
2016-11-01 18:53 - 2016-11-01 18:53 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2016-11-01 18:53 - 2016-03-10 14:09 - 00065408 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2016-11-01 18:53 - 2016-03-10 14:08 - 00140672 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2016-11-01 18:53 - 2016-03-10 14:08 - 00027008 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2016-11-01 18:51 - 2016-11-01 18:52 - 22851472 _____ (Malwarebytes ) C:\Users\Bernhard\Downloads\mbam-setup-2.2.1.1043 (1).exe
2016-11-01 18:35 - 2016-11-01 18:35 - 01885968 _____ (Malwarebytes ) C:\Users\Bernhard\Downloads\mbae-setup-1.09.1.1235.exe
2016-11-01 18:18 - 2016-11-01 18:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Synapsen
2016-11-01 17:41 - 2016-11-01 17:41 - 00000000 ____D C:\Users\Bernhard\AppData\Roaming\Geek Uninstaller
2016-11-01 17:39 - 2016-11-01 17:39 - 00000000 ____D C:\Users\Bernhard\Downloads\geek88
2016-11-01 17:38 - 2016-11-01 17:38 - 02626201 _____ C:\Users\Bernhard\Downloads\geek88.zip
2016-11-01 17:37 - 2016-11-01 17:37 - 01474568 _____ C:\Users\Bernhard\Downloads\GeekUninstaller - CHIP-Installer.exe
2016-11-01 17:28 - 2016-11-01 17:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Programme
2016-11-01 17:20 - 2016-11-01 17:20 - 00000000 ___HD C:\$SysReset
2016-11-01 17:07 - 2016-11-01 17:13 - 00000000 ____D C:\Users\Bernhard\.ResophNotes
2016-11-01 17:06 - 2016-11-01 17:06 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ResophNotes
2016-11-01 17:06 - 2016-11-01 17:06 - 00000000 ____D C:\Program Files (x86)\ResophNotes
2016-11-01 17:05 - 2016-11-01 17:05 - 00000000 ____D C:\Users\Bernhard\Downloads\ResophNotes157
2016-11-01 17:04 - 2016-11-01 17:04 - 06958054 _____ C:\Users\Bernhard\Downloads\ResophNotes157.zip
2016-11-01 16:56 - 2016-11-01 16:56 - 00001121 _____ C:\Users\Bernhard\Desktop\Zettelkasten - Verknüpfung.lnk
2016-11-01 16:45 - 2016-11-01 16:45 - 00000000 ____D C:\Users\Bernhard\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Programme
2016-11-01 16:42 - 2016-11-01 16:43 - 109363078 _____ C:\Users\Bernhard\Downloads\Synapsen-install.exe
2016-11-01 11:28 - 2016-11-01 11:28 - 00000000 ____D C:\Users\Bernhard\OX Drive4
2016-11-01 11:15 - 2016-11-01 11:15 - 00000000 ____D C:\Users\Bernhard\OX Drive3
2016-10-31 23:47 - 2016-10-31 23:47 - 00000065 _____ C:\Users\Bernhard\Downloads\listen.pls
2016-10-31 23:47 - 2016-10-31 23:47 - 00000059 _____ C:\Users\Bernhard\Downloads\listen (2).m3u
2016-10-31 23:46 - 2016-10-31 23:46 - 00000059 _____ C:\Users\Bernhard\Downloads\listen (1).m3u
2016-10-31 23:45 - 2016-10-31 23:45 - 00000059 _____ C:\Users\Bernhard\Downloads\listen.m3u
2016-10-31 13:34 - 2016-10-31 13:34 - 00000000 ____D C:\Users\Bernhard\OX Drive2
2016-10-31 12:59 - 2016-10-31 12:59 - 00000000 ____D C:\Users\Bernhard\OX Drive
2016-10-31 12:58 - 2016-11-01 12:00 - 00000000 ____D C:\Users\Bernhard\AppData\Local\OXSTORE2
2016-10-31 12:58 - 2016-11-01 11:27 - 00000020 _____ C:\WINDOWS\oxstor32.ini
2016-10-31 12:55 - 2016-11-01 12:01 - 00000000 ____D C:\Users\Bernhard\AppData\Local\Open-Xchange
2016-10-31 12:55 - 2016-10-31 12:55 - 02163166 _____ (Igor Pavlov) C:\Users\Bernhard\Downloads\OXConnector.exe
2016-10-31 09:27 - 2016-10-31 09:27 - 00026971 _____ C:\Users\Bernhard\Downloads\feiertage.ics
2016-10-28 14:40 - 2016-11-01 18:28 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-10-28 13:47 - 2016-10-15 05:51 - 01051112 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2016-10-28 13:47 - 2016-10-15 05:51 - 00894088 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2016-10-28 13:47 - 2016-10-15 05:48 - 07817568 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2016-10-28 13:47 - 2016-10-15 05:48 - 00498952 _____ (Microsoft Corporation) C:\WINDOWS\system32\DolbyDecMFT.dll
2016-10-28 13:47 - 2016-10-15 05:47 - 01883784 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2016-10-28 13:47 - 2016-10-15 05:26 - 22224480 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2016-10-28 13:47 - 2016-10-15 05:26 - 04129928 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2016-10-28 13:47 - 2016-10-15 05:26 - 01990648 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2016-10-28 13:47 - 2016-10-15 05:26 - 01472536 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2016-10-28 13:47 - 2016-10-15 05:26 - 01274712 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2016-10-28 13:47 - 2016-10-15 05:26 - 01062480 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2016-10-28 13:47 - 2016-10-15 05:26 - 00811416 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFCaptureEngine.dll
2016-10-28 13:47 - 2016-10-15 05:26 - 00691080 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll
2016-10-28 13:47 - 2016-10-15 05:22 - 01608896 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d9.dll
2016-10-28 13:47 - 2016-10-15 05:22 - 01461200 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2016-10-28 13:47 - 2016-10-15 05:22 - 01418312 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2016-10-28 13:47 - 2016-10-15 05:22 - 00628040 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2016-10-28 13:47 - 2016-10-15 05:18 - 00749920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\drvstore.dll
2016-10-28 13:47 - 2016-10-15 05:18 - 00576400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2016-10-28 13:47 - 2016-10-15 05:18 - 00186424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\weretw.dll
2016-10-28 13:47 - 2016-10-15 05:15 - 01557808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll
2016-10-28 13:47 - 2016-10-15 05:11 - 01424488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d9.dll
2016-10-28 13:47 - 2016-10-15 05:11 - 01263848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2016-10-28 13:47 - 2016-10-15 05:01 - 01631232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll
2016-10-28 13:47 - 2016-10-15 04:57 - 00186880 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2016-10-28 13:47 - 2016-10-15 04:56 - 00095232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BluetoothApis.dll
2016-10-28 13:47 - 2016-10-15 04:54 - 00555008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll
2016-10-28 13:47 - 2016-10-15 04:54 - 00211456 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2016-10-28 13:47 - 2016-10-15 04:54 - 00179712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
2016-10-28 13:47 - 2016-10-15 04:54 - 00043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmTasks.dll
2016-10-28 13:47 - 2016-10-15 04:53 - 00744448 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2016-10-28 13:47 - 2016-10-15 04:53 - 00222720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgentUserBroker.exe
2016-10-28 13:47 - 2016-10-15 04:53 - 00147456 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll
2016-10-28 13:47 - 2016-10-15 04:52 - 06285312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2016-10-28 13:47 - 2016-10-15 04:52 - 00274432 _____ (Microsoft Corporation) C:\WINDOWS\system32\ListSvc.dll
2016-10-28 13:47 - 2016-10-15 04:50 - 00509440 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Bluetooth.dll
2016-10-28 13:47 - 2016-10-15 04:48 - 03778560 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2016-10-28 13:47 - 2016-10-15 04:46 - 00471552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.BackgroundMediaPlayback.dll
2016-10-28 13:47 - 2016-10-15 04:45 - 00406016 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2016-10-28 13:47 - 2016-10-15 04:44 - 00747008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RemoteNaturalLanguage.dll
2016-10-28 13:47 - 2016-10-15 04:44 - 00470016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Playback.BackgroundMediaPlayer.dll
2016-10-28 13:47 - 2016-10-15 04:43 - 00574976 _____ (Microsoft Corporation) C:\WINDOWS\system32\energy.dll
2016-10-28 13:47 - 2016-10-15 04:42 - 00539136 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2016-10-28 13:47 - 2016-10-15 04:42 - 00459776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Playback.MediaPlayer.dll
2016-10-28 13:47 - 2016-10-15 04:42 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\system32\asycfilt.dll
2016-10-28 13:47 - 2016-10-15 04:41 - 12174848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2016-10-28 13:47 - 2016-10-15 04:41 - 00067584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iscsiwmi.dll
2016-10-28 13:47 - 2016-10-15 04:40 - 13081600 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2016-10-28 13:47 - 2016-10-15 04:39 - 04749312 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2016-10-28 13:47 - 2016-10-15 04:39 - 01228288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usercpl.dll
2016-10-28 13:47 - 2016-10-15 04:39 - 00982528 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2016-10-28 13:47 - 2016-10-15 04:38 - 07468032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2016-10-28 13:47 - 2016-10-15 04:38 - 00913920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.dll
2016-10-28 13:47 - 2016-10-15 04:37 - 08075776 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2016-10-28 13:47 - 2016-10-15 04:37 - 01643008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.dll
2016-10-28 13:47 - 2016-10-15 04:36 - 03617792 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2016-10-28 13:47 - 2016-10-15 04:36 - 02290176 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2016-10-28 13:47 - 2016-10-15 04:36 - 01880576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
2016-10-28 13:47 - 2016-10-15 04:35 - 00701952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Connectivity.dll
2016-10-28 13:47 - 2016-10-15 04:34 - 00842240 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntshrui.dll
2016-10-28 13:47 - 2016-10-15 04:31 - 00227328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ahcache.sys
2016-10-28 13:47 - 2016-08-27 06:12 - 00244816 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2016-10-28 13:46 - 2016-10-15 06:11 - 00484584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2016-10-28 13:46 - 2016-10-15 05:51 - 02186896 _____ (Microsoft Corporation) C:\WINDOWS\system32\hevcdecoder.dll
2016-10-28 13:46 - 2016-10-15 05:51 - 01637728 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2016-10-28 13:46 - 2016-10-15 05:51 - 01235296 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2016-10-28 13:46 - 2016-10-15 05:51 - 00595296 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2016-10-28 13:46 - 2016-10-15 05:51 - 00590960 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2016-10-28 13:46 - 2016-10-15 05:51 - 00584032 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2016-10-28 13:46 - 2016-10-15 05:51 - 00322912 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2016-10-28 13:46 - 2016-10-15 05:51 - 00232800 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2016-10-28 13:46 - 2016-10-15 05:51 - 00137568 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2016-10-28 13:46 - 2016-10-15 05:51 - 00078688 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2016-10-28 13:46 - 2016-10-15 05:48 - 01354320 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2016-10-28 13:46 - 2016-10-15 05:48 - 01173496 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2016-10-28 13:46 - 2016-10-15 05:48 - 00773712 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2016-10-28 13:46 - 2016-10-15 05:43 - 01356352 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipUp.exe
2016-10-28 13:46 - 2016-10-15 05:41 - 05622088 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2016-10-28 13:46 - 2016-10-15 05:38 - 00500064 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcasvc.dll
2016-10-28 13:46 - 2016-10-15 05:37 - 00063328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dam.sys
2016-10-28 13:46 - 2016-10-15 05:33 - 00455040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DolbyDecMFT.dll
2016-10-28 13:46 - 2016-10-15 05:32 - 01570680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2016-10-28 13:46 - 2016-10-15 05:30 - 00682816 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2016-10-28 13:46 - 2016-10-15 05:30 - 00509280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2016-10-28 13:46 - 2016-10-15 05:30 - 00341936 _____ (Microsoft Corporation) C:\WINDOWS\system32\wintrust.dll
2016-10-28 13:46 - 2016-10-15 05:30 - 00238056 _____ (Microsoft Corporation) C:\WINDOWS\system32\weretw.dll
2016-10-28 13:46 - 2016-10-15 05:29 - 00908640 _____ (Microsoft Corporation) C:\WINDOWS\system32\drvstore.dll
2016-10-28 13:46 - 2016-10-15 05:29 - 00079200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\crashdmp.sys
2016-10-28 13:46 - 2016-10-15 05:26 - 04673304 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2016-10-28 13:46 - 2016-10-15 05:26 - 01600632 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2016-10-28 13:46 - 2016-10-15 05:25 - 00882680 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditionUpgradeManagerObj.dll
2016-10-28 13:46 - 2016-10-15 05:25 - 00742704 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppwinob.dll
2016-10-28 13:46 - 2016-10-15 05:21 - 00292872 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpeffects.dll
2016-10-28 13:46 - 2016-10-15 05:19 - 02256592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2016-10-28 13:46 - 2016-10-15 05:15 - 20969928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2016-10-28 13:46 - 2016-10-15 05:14 - 04311736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2016-10-28 13:46 - 2016-10-15 05:11 - 00545944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2016-10-28 13:46 - 2016-10-15 05:10 - 00254656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmpeffects.dll
2016-10-28 13:46 - 2016-10-15 05:06 - 05685760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2016-10-28 13:46 - 2016-10-15 05:05 - 07216640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2016-10-28 13:46 - 2016-10-15 05:00 - 01631232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Resources.dll
2016-10-28 13:46 - 2016-10-15 05:00 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
2016-10-28 13:46 - 2016-10-15 05:00 - 00018432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\stdole2.tlb
2016-10-28 13:46 - 2016-10-15 04:59 - 00272384 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfksproxy.dll
2016-10-28 13:46 - 2016-10-15 04:59 - 00187904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfksproxy.dll
2016-10-28 13:46 - 2016-10-15 04:59 - 00130560 _____ (Microsoft Corporation) C:\WINDOWS\splwow64.exe
2016-10-28 13:46 - 2016-10-15 04:58 - 00258560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\xboxgip.sys
2016-10-28 13:46 - 2016-10-15 04:58 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\efsext.dll
2016-10-28 13:46 - 2016-10-15 04:57 - 00217600 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpdxm.dll
2016-10-28 13:46 - 2016-10-15 04:57 - 00175104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmpdxm.dll
2016-10-28 13:46 - 2016-10-15 04:56 - 00339968 _____ (Microsoft Corporation) C:\WINDOWS\system32\esentutl.exe
2016-10-28 13:46 - 2016-10-15 04:56 - 00306688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\esentutl.exe
2016-10-28 13:46 - 2016-10-15 04:56 - 00081408 _____ (Microsoft Corporation) C:\WINDOWS\system32\HttpsDataSource.dll
2016-10-28 13:46 - 2016-10-15 04:56 - 00065024 _____ (Microsoft Corporation) C:\WINDOWS\system32\OnDemandConnRouteHelper.dll
2016-10-28 13:46 - 2016-10-15 04:55 - 00567296 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevicePairing.dll
2016-10-28 13:46 - 2016-10-15 04:55 - 00236544 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Flights.dll
2016-10-28 13:46 - 2016-10-15 04:55 - 00182784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsensorgroup.dll
2016-10-28 13:46 - 2016-10-15 04:55 - 00126464 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpshell.dll
2016-10-28 13:46 - 2016-10-15 04:54 - 00717312 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskbarcpl.dll
2016-10-28 13:46 - 2016-10-15 04:54 - 00217088 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevicePairingFolder.dll
2016-10-28 13:46 - 2016-10-15 04:54 - 00102912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmpshell.dll
2016-10-28 13:46 - 2016-10-15 04:53 - 00549376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActionCenterCPL.dll
2016-10-28 13:46 - 2016-10-15 04:53 - 00240640 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkDesktopSettings.dll
2016-10-28 13:46 - 2016-10-15 04:53 - 00198144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FSClient.dll
2016-10-28 13:46 - 2016-10-15 04:52 - 00432128 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpAXHolder.dll
2016-10-28 13:46 - 2016-10-15 04:52 - 00163328 _____ (Microsoft Corporation) C:\WINDOWS\system32\autoplay.dll
2016-10-28 13:46 - 2016-10-15 04:52 - 00115200 _____ (Microsoft Corporation) C:\WINDOWS\system32\IdCtrls.dll
2016-10-28 13:46 - 2016-10-15 04:51 - 13868544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2016-10-28 13:46 - 2016-10-15 04:51 - 00429568 _____ (Microsoft Corporation) C:\WINDOWS\system32\SndVolSSO.dll
2016-10-28 13:46 - 2016-10-15 04:50 - 17188352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2016-10-28 13:46 - 2016-10-15 04:50 - 02716672 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmSvc.dll
2016-10-28 13:46 - 2016-10-15 04:50 - 02333184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmSvc.dll
2016-10-28 13:46 - 2016-10-15 04:50 - 00967168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2016-10-28 13:46 - 2016-10-15 04:50 - 00310272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2016-10-28 13:46 - 2016-10-15 04:50 - 00090112 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll
2016-10-28 13:46 - 2016-10-15 04:50 - 00074752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\updatepolicy.dll
2016-10-28 13:46 - 2016-10-15 04:49 - 09131008 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2016-10-28 13:46 - 2016-10-15 04:49 - 01913344 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_fs.dll
2016-10-28 13:46 - 2016-10-15 04:49 - 00838144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JpMapControl.dll
2016-10-28 13:46 - 2016-10-15 04:49 - 00495104 _____ (Microsoft Corporation) C:\WINDOWS\system32\DataSenseHandlers.dll
2016-10-28 13:46 - 2016-10-15 04:49 - 00187904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscsvc.dll
2016-10-28 13:46 - 2016-10-15 04:49 - 00033280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSManHTTPConfig.exe
2016-10-28 13:46 - 2016-10-15 04:49 - 00032256 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSManHTTPConfig.exe
2016-10-28 13:46 - 2016-10-15 04:48 - 01554944 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_health.dll
2016-10-28 13:46 - 2016-10-15 04:48 - 01323008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_fs.dll
2016-10-28 13:46 - 2016-10-15 04:48 - 01054208 _____ (Microsoft Corporation) C:\WINDOWS\system32\qmgr.dll
2016-10-28 13:46 - 2016-10-15 04:47 - 07626752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2016-10-28 13:46 - 2016-10-15 04:47 - 01113600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_health.dll
2016-10-28 13:46 - 2016-10-15 04:47 - 00558080 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnprv.dll
2016-10-28 13:46 - 2016-10-15 04:46 - 03287552 _____ (Microsoft Corporation) C:\WINDOWS\system32\mispace.dll
2016-10-28 13:46 - 2016-10-15 04:46 - 00336896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msinfo32.exe
2016-10-28 13:46 - 2016-10-15 04:45 - 00942080 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2016-10-28 13:46 - 2016-10-15 04:44 - 00465920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppBroker.dll
2016-10-28 13:46 - 2016-10-15 04:44 - 00090112 _____ (Microsoft Corporation) C:\WINDOWS\system32\powercfg.exe
2016-10-28 13:46 - 2016-10-15 04:43 - 02748928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mispace.dll
2016-10-28 13:46 - 2016-10-15 04:43 - 01365504 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2016-10-28 13:46 - 2016-10-15 04:43 - 00078336 _____ (Microsoft Corporation) C:\WINDOWS\system32\iscsiwmi.dll
2016-10-28 13:46 - 2016-10-15 04:42 - 12349440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2016-10-28 13:46 - 2016-10-15 04:42 - 06108672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll
2016-10-28 13:46 - 2016-10-15 04:42 - 00130560 _____ (Microsoft Corporation) C:\WINDOWS\system32\chartv.dll
2016-10-28 13:46 - 2016-10-15 04:42 - 00090624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll
2016-10-28 13:46 - 2016-10-15 04:41 - 07654912 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2016-10-28 13:46 - 2016-10-15 04:41 - 05376000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2016-10-28 13:46 - 2016-10-15 04:41 - 00940032 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontext.dll
2016-10-28 13:46 - 2016-10-15 04:41 - 00655872 _____ (Microsoft Corporation) C:\WINDOWS\system32\sud.dll
2016-10-28 13:46 - 2016-10-15 04:41 - 00496128 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.UserAccountsHandlers.dll
2016-10-28 13:46 - 2016-10-15 04:39 - 04474368 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_47.dll
2016-10-28 13:46 - 2016-10-15 04:39 - 03400192 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncCenter.dll
2016-10-28 13:46 - 2016-10-15 04:39 - 00869888 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2016-10-28 13:46 - 2016-10-15 04:39 - 00357376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Geolocation.dll
2016-10-28 13:46 - 2016-10-15 04:39 - 00109568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\chartv.dll
2016-10-28 13:46 - 2016-10-15 04:39 - 00079360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\asycfilt.dll
2016-10-28 13:46 - 2016-10-15 04:38 - 13441024 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2016-10-28 13:46 - 2016-10-15 04:38 - 01993216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2016-10-28 13:46 - 2016-10-15 04:38 - 00828416 _____ (Microsoft Corporation) C:\WINDOWS\system32\appwiz.cpl
2016-10-28 13:46 - 2016-10-15 04:38 - 00675840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.dll
2016-10-28 13:46 - 2016-10-15 04:37 - 02611200 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameux.dll
2016-10-28 13:46 - 2016-10-15 04:37 - 02256896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2016-10-28 13:46 - 2016-10-15 04:37 - 01980416 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2016-10-28 13:46 - 2016-10-15 04:37 - 00715264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapControlCore.dll
2016-10-28 13:46 - 2016-10-15 04:37 - 00093184 _____ (Microsoft Corporation) C:\WINDOWS\system32\cmifw.dll
2016-10-28 13:46 - 2016-10-15 04:36 - 02512384 _____ (Microsoft Corporation) C:\WINDOWS\system32\themecpl.dll
2016-10-28 13:46 - 2016-10-15 04:36 - 01595392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2016-10-28 13:46 - 2016-10-15 04:36 - 00881664 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2016-10-28 13:46 - 2016-10-15 04:36 - 00792064 _____ (Microsoft Corporation) C:\WINDOWS\system32\spoolsv.exe
2016-10-28 13:46 - 2016-10-15 04:36 - 00629248 _____ (Microsoft Corporation) C:\WINDOWS\system32\hgcpl.dll
2016-10-28 13:46 - 2016-10-15 04:36 - 00542208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.Connectivity.dll
2016-10-28 13:46 - 2016-10-15 04:36 - 00347136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Display.dll
2016-10-28 13:46 - 2016-10-15 04:36 - 00338944 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhcpl.dll
2016-10-28 13:46 - 2016-10-15 04:36 - 00081408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cmifw.dll
2016-10-28 13:46 - 2016-10-15 04:35 - 03054080 _____ (Microsoft Corporation) C:\WINDOWS\system32\esent.dll
2016-10-28 13:46 - 2016-10-15 04:35 - 02999808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2016-10-28 13:46 - 2016-10-15 04:35 - 02708992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\esent.dll
2016-10-28 13:46 - 2016-10-15 04:35 - 02315264 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2016-10-28 13:46 - 2016-10-15 04:35 - 00772608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntshrui.dll
2016-10-28 13:46 - 2016-10-15 04:35 - 00760832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NMAA.dll
2016-10-28 13:46 - 2016-10-15 04:35 - 00483328 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.dll
2016-10-28 13:46 - 2016-10-15 04:35 - 00391168 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2016-10-28 13:46 - 2016-10-15 04:35 - 00389632 _____ (Microsoft Corporation) C:\WINDOWS\system32\stobject.dll
2016-10-28 13:46 - 2016-10-15 04:34 - 02688512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2016-10-28 13:46 - 2016-10-15 04:34 - 01840640 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2016-10-28 13:46 - 2016-10-15 04:34 - 01726976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2016-10-28 13:46 - 2016-09-10 14:21 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\capimg.sys
2016-10-28 13:45 - 2016-10-15 05:51 - 00283488 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2016-10-28 13:45 - 2016-10-15 05:38 - 00409952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2016-10-28 13:45 - 2016-10-15 05:34 - 01969912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hevcdecoder.dll
2016-10-28 13:45 - 2016-10-15 05:32 - 00601712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2016-10-28 13:45 - 2016-10-15 05:31 - 02827864 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll
2016-10-28 13:45 - 2016-10-15 05:31 - 02750384 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2016-10-28 13:45 - 2016-10-15 05:31 - 02190688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2016-10-28 13:45 - 2016-10-15 05:31 - 00658272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2016-10-28 13:45 - 2016-10-15 05:31 - 00402272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2016-10-28 13:45 - 2016-10-15 05:30 - 01851696 _____ (Microsoft Corporation) C:\WINDOWS\system32\crypt32.dll
2016-10-28 13:45 - 2016-10-15 05:30 - 00557408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2016-10-28 13:45 - 2016-10-15 05:29 - 02913104 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2016-10-28 13:45 - 2016-10-15 05:29 - 01267504 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2016-10-28 13:45 - 2016-10-15 05:29 - 00335712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2016-10-28 13:45 - 2016-10-15 05:26 - 01694712 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2016-10-28 13:45 - 2016-10-15 05:26 - 00534096 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2016-10-28 13:45 - 2016-10-15 05:26 - 00160096 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostBroker.dll
2016-10-28 13:45 - 2016-10-15 05:21 - 02537824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2016-10-28 13:45 - 2016-10-15 05:21 - 01100128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys
2016-10-28 13:45 - 2016-10-15 05:21 - 00584032 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afd.sys
2016-10-28 13:45 - 2016-10-15 05:20 - 02276736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll
2016-10-28 13:45 - 2016-10-15 05:19 - 00272720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wintrust.dll
2016-10-28 13:45 - 2016-10-15 05:18 - 02166232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2016-10-28 13:45 - 2016-10-15 05:18 - 01556712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\crypt32.dll
2016-10-28 13:45 - 2016-10-15 05:18 - 00846560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll
2016-10-28 13:45 - 2016-10-15 05:15 - 03892352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2016-10-28 13:45 - 2016-10-15 05:15 - 01853776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2016-10-28 13:45 - 2016-10-15 05:15 - 01123368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2016-10-28 13:45 - 2016-10-15 05:15 - 00959112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2016-10-28 13:45 - 2016-10-15 05:15 - 00952416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2016-10-28 13:45 - 2016-10-15 05:15 - 00687936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvproc.dll
2016-10-28 13:45 - 2016-10-15 05:11 - 01435896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2016-10-28 13:45 - 2016-10-15 05:02 - 22568960 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2016-10-28 13:45 - 2016-10-15 05:00 - 00323584 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
2016-10-28 13:45 - 2016-10-15 04:59 - 00018432 _____ (Microsoft Corporation) C:\WINDOWS\system32\stdole2.tlb
2016-10-28 13:45 - 2016-10-15 04:58 - 00040448 _____ (Microsoft Corporation) C:\WINDOWS\system32\efsext.dll
2016-10-28 13:45 - 2016-10-15 04:57 - 00081408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2016-10-28 13:45 - 2016-10-15 04:57 - 00039424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dtdump.exe
2016-10-28 13:45 - 2016-10-15 04:56 - 00327680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2016-10-28 13:45 - 2016-10-15 04:56 - 00227328 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll
2016-10-28 13:45 - 2016-10-15 04:56 - 00219648 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSrvPolicyManager.dll
2016-10-28 13:45 - 2016-10-15 04:56 - 00193536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.WiFi.dll
2016-10-28 13:45 - 2016-10-15 04:56 - 00120832 _____ (Microsoft Corporation) C:\WINDOWS\system32\BluetoothApis.dll
2016-10-28 13:45 - 2016-10-15 04:56 - 00098816 _____ (Microsoft Corporation) C:\WINDOWS\system32\BthRadioMedia.dll
2016-10-28 13:45 - 2016-10-15 04:55 - 00635904 _____ (Microsoft Corporation) C:\WINDOWS\system32\FlightSettings.dll
2016-10-28 13:45 - 2016-10-15 04:55 - 00329216 _____ (Microsoft Corporation) C:\WINDOWS\system32\wc_storage.dll
2016-10-28 13:45 - 2016-10-15 04:55 - 00265728 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore6.dll
2016-10-28 13:45 - 2016-10-15 04:55 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidclass.sys
2016-10-28 13:45 - 2016-10-15 04:55 - 00142336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.WiFi.dll
2016-10-28 13:45 - 2016-10-15 04:54 - 00463872 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2016-10-28 13:45 - 2016-10-15 04:54 - 00410112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SndVolSSO.dll
2016-10-28 13:45 - 2016-10-15 04:54 - 00314880 _____ (Microsoft Corporation) C:\WINDOWS\system32\FSClient.dll
2016-10-28 13:45 - 2016-10-15 04:54 - 00296960 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsensorgroup.dll
2016-10-28 13:45 - 2016-10-15 04:54 - 00241152 _____ (Microsoft Corporation) C:\WINDOWS\system32\dafBth.dll
2016-10-28 13:45 - 2016-10-15 04:54 - 00152064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\autoplay.dll
2016-10-28 13:45 - 2016-10-15 04:53 - 00566784 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActionCenterCPL.dll
2016-10-28 13:45 - 2016-10-15 04:53 - 00313856 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshostcore.dll
2016-10-28 13:45 - 2016-10-15 04:53 - 00270336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2016-10-28 13:45 - 2016-10-15 04:52 - 00690176 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2016-10-28 13:45 - 2016-10-15 04:52 - 00632832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sud.dll
2016-10-28 13:45 - 2016-10-15 04:52 - 00523776 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2016-10-28 13:45 - 2016-10-15 04:52 - 00506880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DevicePairing.dll
2016-10-28 13:45 - 2016-10-15 04:52 - 00410624 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpsvc.dll
2016-10-28 13:45 - 2016-10-15 04:52 - 00339456 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpusersvc.dll
2016-10-28 13:45 - 2016-10-15 04:52 - 00306176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2016-10-28 13:45 - 2016-10-15 04:52 - 00288256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\systemcpl.dll
2016-10-28 13:45 - 2016-10-15 04:52 - 00088576 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2016-10-28 13:45 - 2016-10-15 04:51 - 00261632 _____ (Microsoft Corporation) C:\WINDOWS\system32\indexeddbserver.dll
2016-10-28 13:45 - 2016-10-15 04:51 - 00226304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore6.dll
2016-10-28 13:45 - 2016-10-15 04:50 - 00896512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontext.dll
2016-10-28 13:45 - 2016-10-15 04:50 - 00438784 _____ (Microsoft Corporation) C:\WINDOWS\system32\EncDec.dll
2016-10-28 13:45 - 2016-10-15 04:50 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\indexeddbserver.dll
2016-10-28 13:45 - 2016-10-15 04:49 - 00388608 _____ (Microsoft Corporation) C:\WINDOWS\system32\zipfldr.dll
2016-10-28 13:45 - 2016-10-15 04:49 - 00348672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\zipfldr.dll
2016-10-28 13:45 - 2016-10-15 04:49 - 00111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAppInstaller.exe
2016-10-28 13:45 - 2016-10-15 04:48 - 23680000 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-10-28 13:45 - 2016-10-15 04:47 - 07792640 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2016-10-28 13:45 - 2016-10-15 04:47 - 04612608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2016-10-28 13:45 - 2016-10-15 04:47 - 00720896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.BackgroundMediaPlayback.dll
2016-10-28 13:45 - 2016-10-15 04:47 - 00369664 _____ (Microsoft Corporation) C:\WINDOWS\system32\msinfo32.exe
2016-10-28 13:45 - 2016-10-15 04:46 - 19418112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2016-10-28 13:45 - 2016-10-15 04:46 - 19416576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2016-10-28 13:45 - 2016-10-15 04:46 - 00718848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Playback.BackgroundMediaPlayer.dll
2016-10-28 13:45 - 2016-10-15 04:45 - 01790464 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationFramework.dll
2016-10-28 13:45 - 2016-10-15 04:45 - 00702464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Playback.MediaPlayer.dll
2016-10-28 13:45 - 2016-10-15 04:45 - 00337920 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2016-10-28 13:45 - 2016-10-15 04:44 - 03307520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2016-10-28 13:45 - 2016-10-15 04:44 - 00636928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll
2016-10-28 13:45 - 2016-10-15 04:42 - 00956416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2016-10-28 13:45 - 2016-10-15 04:42 - 00805376 _____ (Microsoft Corporation) C:\WINDOWS\system32\FrameServer.dll
2016-10-28 13:45 - 2016-10-15 04:42 - 00467968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Geolocation.dll
2016-10-28 13:45 - 2016-10-15 04:42 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\powercfg.exe
2016-10-28 13:45 - 2016-10-15 04:41 - 00945664 _____ (Microsoft Corporation) C:\WINDOWS\system32\iphlpsvc.dll
2016-10-28 13:45 - 2016-10-15 04:41 - 00161792 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditionUpgradeHelper.dll
2016-10-28 13:45 - 2016-10-15 04:40 - 01690112 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2016-10-28 13:45 - 2016-10-15 04:39 - 02266624 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2016-10-28 13:45 - 2016-10-15 04:39 - 01060864 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpMapControl.dll
2016-10-28 13:45 - 2016-10-15 04:39 - 01005568 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3D12.dll
2016-10-28 13:45 - 2016-10-15 04:39 - 00817664 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
2016-10-28 13:45 - 2016-10-15 04:39 - 00806400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3D12.dll
2016-10-28 13:45 - 2016-10-15 04:39 - 00631296 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll
2016-10-28 13:45 - 2016-10-15 04:39 - 00243712 _____ (Microsoft Corporation) C:\WINDOWS\system32\shdocvw.dll
2016-10-28 13:45 - 2016-10-15 04:38 - 02458112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\themecpl.dll
2016-10-28 13:45 - 2016-10-15 04:38 - 00579072 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppBroker.dll
2016-10-28 13:45 - 2016-10-15 04:37 - 04708864 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
2016-10-28 13:45 - 2016-10-15 04:37 - 03733504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_47.dll
2016-10-28 13:45 - 2016-10-15 04:37 - 01029632 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
2016-10-28 13:45 - 2016-10-15 04:37 - 00884224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2016-10-28 13:45 - 2016-10-15 04:37 - 00712192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll
2016-10-28 13:45 - 2016-10-15 04:37 - 00709120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CPFilters.dll
2016-10-28 13:45 - 2016-10-15 04:36 - 04423680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll
2016-10-28 13:45 - 2016-10-15 04:36 - 02484736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gameux.dll
2016-10-28 13:45 - 2016-10-15 04:36 - 01637888 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2016-10-28 13:45 - 2016-10-15 04:36 - 01556992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2016-10-28 13:45 - 2016-10-15 04:36 - 01492480 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2016-10-28 13:45 - 2016-10-15 04:36 - 01359360 _____ (Microsoft Corporation) C:\WINDOWS\system32\usercpl.dll
2016-10-28 13:45 - 2016-10-15 04:36 - 01170944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Speech.dll
2016-10-28 13:45 - 2016-10-15 04:36 - 00983040 _____ (Microsoft Corporation) C:\WINDOWS\system32\RemoteNaturalLanguage.dll
2016-10-28 13:45 - 2016-10-15 04:36 - 00909824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
2016-10-28 13:45 - 2016-10-15 04:36 - 00673792 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2016-10-28 13:45 - 2016-10-15 04:36 - 00580608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hgcpl.dll
2016-10-28 13:45 - 2016-10-15 04:36 - 00358912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\stobject.dll
2016-10-28 13:45 - 2016-10-15 04:35 - 02670592 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2016-10-28 13:45 - 2016-10-15 04:35 - 02005504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2016-10-28 13:45 - 2016-10-15 04:35 - 01779712 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2016-10-28 13:45 - 2016-10-15 04:35 - 01512960 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2016-10-28 13:45 - 2016-10-15 04:35 - 01509376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2016-10-28 13:45 - 2016-10-15 04:35 - 00905216 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlCore.dll
2016-10-28 13:45 - 2016-10-15 04:35 - 00798208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2016-10-28 13:45 - 2016-10-15 04:35 - 00422400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.dll
2016-10-28 13:45 - 2016-10-15 04:34 - 02476544 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2016-10-28 13:45 - 2016-10-15 04:34 - 00936448 _____ (Microsoft Corporation) C:\WINDOWS\system32\NMAA.dll
2016-10-28 13:45 - 2016-10-15 04:32 - 00886784 _____ (Microsoft Corporation) C:\WINDOWS\system32\CPFilters.dll
2016-10-28 13:45 - 2016-08-06 05:17 - 00619368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2016-10-27 12:10 - 2016-10-27 12:13 - 00566128 _____ (Malwarebytes) C:\Users\Bernhard\Downloads\mbam-clean-2.3.0.1001.exe
2016-10-27 12:07 - 2016-10-27 12:07 - 22851472 _____ (Malwarebytes ) C:\Users\Bernhard\Downloads\mbam-setup-2.2.1.1043.exe
2016-10-27 11:49 - 2016-10-27 11:49 - 00054236 _____ C:\Users\Bernhard\Downloads\Konto_1064186250-Auszug_2016_007.PDF
2016-10-26 19:27 - 2016-10-26 19:30 - 00000000 ____D C:\Users\Bernhard\AppData\Roaming\freac
2016-10-26 19:26 - 2016-10-26 19:26 - 07534391 _____ C:\Users\Bernhard\Downloads\freac-1.0.26.exe
2016-10-26 19:17 - 2016-10-26 19:18 - 31291560 _____ (Digital Wave Ltd ) C:\Users\Bernhard\Downloads\FreeAudioConverterBase.exe
2016-10-26 19:15 - 2016-10-26 19:22 - 00000000 ____D C:\Program Files (x86)\AVG
2016-10-26 19:14 - 2016-10-26 19:22 - 00000000 ____D C:\Users\Bernhard\AppData\Local\AvgSetupLog
2016-10-26 19:14 - 2016-10-26 19:22 - 00000000 ____D C:\ProgramData\Avg
2016-10-26 19:14 - 2016-10-26 19:17 - 00000000 ____D C:\Users\Bernhard\AppData\Local\Avg
2016-10-21 13:11 - 2016-10-21 13:36 - 00000946 _____ C:\WINDOWS\Tasks\Adobe Flash Player PPAPI Notifier.job
2016-10-21 13:11 - 2016-10-21 13:11 - 00004018 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player PPAPI Notifier
2016-10-19 11:31 - 2016-10-19 11:32 - 08270712 _____ (Piriform Ltd) C:\Users\Bernhard\Downloads\ccsetup523.exe
2016-10-14 22:20 - 2016-10-19 11:33 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2016-10-13 11:23 - 2016-10-05 11:17 - 01322848 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpx.dll
2016-10-13 11:23 - 2016-10-05 11:12 - 02446696 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2016-10-13 11:23 - 2016-10-05 10:33 - 00268800 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserMgrProxy.dll
2016-10-13 11:23 - 2016-10-05 10:33 - 00157696 _____ (Microsoft Corporation) C:\WINDOWS\system32\credprovs.dll
2016-10-13 11:23 - 2016-10-05 10:31 - 00425472 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcdedit.exe
2016-10-13 11:23 - 2016-10-05 10:30 - 00396800 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncsi.dll
2016-10-13 11:23 - 2016-10-05 10:29 - 00368640 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlasvc.dll
2016-10-13 11:23 - 2016-10-05 10:25 - 01589248 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdtctm.dll
2016-10-13 11:23 - 2016-10-05 10:18 - 00759296 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2016-10-13 11:23 - 2016-10-05 10:17 - 02914304 _____ (Microsoft Corporation) C:\WINDOWS\system32\CertEnroll.dll
2016-10-13 11:23 - 2016-10-05 10:09 - 00691712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2016-10-13 11:23 - 2016-10-05 10:07 - 00566784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ShareHost.dll
2016-10-13 11:22 - 2016-10-05 11:13 - 01859264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2016-10-13 11:22 - 2016-10-05 11:13 - 00146784 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostCommon.dll
2016-10-13 11:22 - 2016-10-05 11:09 - 00064352 _____ (Avago Technologies) C:\WINDOWS\system32\Drivers\MegaSas2i.sys
2016-10-13 11:22 - 2016-10-05 10:51 - 01430720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2016-10-13 11:22 - 2016-10-05 10:46 - 00980824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetcore.dll
2016-10-13 11:22 - 2016-10-05 10:38 - 00237568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.Diagnostics.dll
2016-10-13 11:22 - 2016-10-05 10:36 - 00113664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.ServiceDiscovery.Dnssd.dll
2016-10-13 11:22 - 2016-10-05 10:35 - 00196096 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDeviceRegistration.dll
2016-10-13 11:22 - 2016-10-05 10:35 - 00101888 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDeviceRegistration.Ngc.dll
2016-10-13 11:22 - 2016-10-05 10:33 - 00651264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.AllJoyn.dll
2016-10-13 11:22 - 2016-10-05 10:32 - 00590336 _____ (Microsoft Corporation) C:\WINDOWS\system32\efswrt.dll
2016-10-13 11:22 - 2016-10-05 10:32 - 00379904 _____ (Microsoft Corporation) C:\WINDOWS\system32\apprepsync.dll
2016-10-13 11:22 - 2016-10-05 10:32 - 00146432 _____ (Microsoft Corporation) C:\WINDOWS\system32\AuthBroker.dll
2016-10-13 11:22 - 2016-10-05 10:31 - 00837632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbiosrvc.dll
2016-10-13 11:22 - 2016-10-05 10:31 - 00480768 _____ (Microsoft Corporation) C:\WINDOWS\system32\dsreg.dll
2016-10-13 11:22 - 2016-10-05 10:28 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDeviceRegistration.dll
2016-10-13 11:22 - 2016-10-05 10:27 - 00945664 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll
2016-10-13 11:22 - 2016-10-05 10:26 - 00590848 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2016-10-13 11:22 - 2016-10-05 10:26 - 00184320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserMgrProxy.dll
2016-10-13 11:22 - 2016-10-05 10:26 - 00137216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\credprovs.dll
2016-10-13 11:22 - 2016-10-05 10:26 - 00088576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDeviceRegistration.Ngc.dll
2016-10-13 11:22 - 2016-10-05 10:25 - 00822784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2016-10-13 11:22 - 2016-10-05 10:25 - 00404992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dsreg.dll
2016-10-13 11:22 - 2016-10-05 10:25 - 00299520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataAccountApis.dll
2016-10-13 11:22 - 2016-10-05 10:25 - 00117760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AuthBroker.dll
2016-10-13 11:22 - 2016-10-05 10:24 - 00483840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.AllJoyn.dll
2016-10-13 11:22 - 2016-10-05 10:24 - 00099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\adsmsext.dll
2016-10-13 11:22 - 2016-10-05 10:23 - 00431616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\efswrt.dll
2016-10-13 11:22 - 2016-10-05 10:23 - 00426496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Wallet.dll
2016-10-13 11:22 - 2016-10-05 10:23 - 00284672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apprepsync.dll
2016-10-13 11:22 - 2016-10-05 10:23 - 00187904 _____ (Microsoft Corporation) C:\WINDOWS\system32\dialclient.dll
2016-10-13 11:22 - 2016-10-05 10:23 - 00125952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apprepapi.dll
2016-10-13 11:22 - 2016-10-05 10:21 - 03689984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2016-10-13 11:22 - 2016-10-05 10:21 - 00567808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ChatApis.dll
2016-10-13 11:22 - 2016-10-05 10:20 - 00661504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll
2016-10-13 11:22 - 2016-10-05 10:20 - 00143872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxdav.sys
2016-10-13 11:22 - 2016-10-05 10:19 - 02390016 _____ (Microsoft Corporation) C:\WINDOWS\system32\smartscreen.exe
2016-10-13 11:22 - 2016-10-05 10:18 - 00983040 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcsvc.dll
2016-10-13 11:22 - 2016-10-05 10:18 - 00858112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EmailApis.dll
2016-10-13 11:22 - 2016-10-05 10:17 - 08126464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2016-10-13 11:22 - 2016-10-05 10:16 - 04747776 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2016-10-13 11:22 - 2016-10-05 10:16 - 00765440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Sensors.dll
2016-10-13 11:22 - 2016-10-05 10:16 - 00508416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2016-10-13 11:22 - 2016-10-05 10:15 - 02800128 _____ (Microsoft Corporation) C:\WINDOWS\system32\netshell.dll
2016-10-13 11:22 - 2016-10-05 10:15 - 00141312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dialclient.dll
2016-10-13 11:22 - 2016-10-05 10:14 - 01456640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2016-10-13 11:22 - 2016-10-05 10:14 - 01255936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll
2016-10-13 11:22 - 2016-10-05 10:13 - 00055808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offreg.dll
2016-10-13 11:22 - 2016-10-05 10:12 - 01107456 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2016-10-13 11:22 - 2016-10-05 10:11 - 06043136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2016-10-13 11:22 - 2016-10-05 10:11 - 00640000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MCRecvSrc.dll
2016-10-13 11:22 - 2016-10-05 10:10 - 06474752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mspaint.exe
2016-10-13 11:22 - 2016-10-05 10:09 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppointmentApis.dll
2016-10-13 11:22 - 2016-10-05 10:08 - 00873472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2016-10-13 11:22 - 2016-10-05 10:07 - 03667456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2016-10-13 11:22 - 2016-10-05 10:07 - 02682880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netshell.dll
2016-10-13 11:22 - 2016-10-05 10:07 - 02646016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CertEnroll.dll
2016-10-13 11:22 - 2016-10-05 10:06 - 00850944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ContactApis.dll
2016-10-13 11:22 - 2016-10-05 10:05 - 03105792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstsc.exe
2016-10-13 11:22 - 2016-09-07 06:34 - 00360040 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2016-10-13 11:21 - 2016-10-05 11:35 - 00279904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2016-10-13 11:21 - 2016-10-05 11:33 - 00128864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tm.sys
2016-10-13 11:21 - 2016-10-05 11:31 - 02213248 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2016-10-13 11:21 - 2016-10-05 11:22 - 01181536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2016-10-13 11:21 - 2016-10-05 11:16 - 00187232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2016-10-13 11:21 - 2016-10-05 11:12 - 01112928 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxPackaging.dll
2016-10-13 11:21 - 2016-10-05 11:09 - 01071728 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetcore.dll
2016-10-13 11:21 - 2016-10-05 11:08 - 00241504 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHost.dll
2016-10-13 11:21 - 2016-10-05 11:03 - 01705976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2016-10-13 11:21 - 2016-10-05 10:50 - 00116576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudExperienceHostCommon.dll
2016-10-13 11:21 - 2016-10-05 10:49 - 01980768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2016-10-13 11:21 - 2016-10-05 10:48 - 01022304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxPackaging.dll
2016-10-13 11:21 - 2016-10-05 10:46 - 01360456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetsrc.dll
2016-10-13 11:21 - 2016-10-05 10:38 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbonRes.dll
2016-10-13 11:21 - 2016-10-05 10:36 - 00128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthpan.sys
2016-10-13 11:21 - 2016-10-05 10:36 - 00073216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryBroker.dll
2016-10-13 11:21 - 2016-10-05 10:35 - 00352768 _____ (Microsoft Corporation) C:\WINDOWS\system32\cloudAP.dll
2016-10-13 11:21 - 2016-10-05 10:35 - 00122880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryClient.dll
2016-10-13 11:21 - 2016-10-05 10:34 - 00144896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dfsc.sys
2016-10-13 11:21 - 2016-10-05 10:32 - 00223744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.HostName.dll
2016-10-13 11:21 - 2016-10-05 10:31 - 00748544 _____ (Microsoft Corporation) C:\WINDOWS\system32\ChatApis.dll
2016-10-13 11:21 - 2016-10-05 10:31 - 00561664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Wallet.dll
2016-10-13 11:21 - 2016-10-05 10:31 - 00176128 _____ (Microsoft Corporation) C:\WINDOWS\system32\apprepapi.dll
2016-10-13 11:21 - 2016-10-05 10:31 - 00058880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ConfigureExpandedStorage.dll
2016-10-13 11:21 - 2016-10-05 10:29 - 01145856 _____ (Microsoft Corporation) C:\WINDOWS\system32\EmailApis.dll
2016-10-13 11:21 - 2016-10-05 10:28 - 03059200 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2016-10-13 11:21 - 2016-10-05 10:28 - 00775168 _____ (Microsoft Corporation) C:\WINDOWS\system32\GamePanel.exe
2016-10-13 11:21 - 2016-10-05 10:28 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbonRes.dll
2016-10-13 11:21 - 2016-10-05 10:28 - 00123904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.HostName.dll
2016-10-13 11:21 - 2016-10-05 10:27 - 00094208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryClient.dll
2016-10-13 11:21 - 2016-10-05 10:27 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.ServiceDiscovery.Dnssd.dll
2016-10-13 11:21 - 2016-10-05 10:23 - 01908224 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2016-10-13 11:21 - 2016-10-05 10:22 - 00073216 _____ (Microsoft Corporation) C:\WINDOWS\system32\offreg.dll
2016-10-13 11:21 - 2016-10-05 10:21 - 00167936 _____ (Microsoft Corporation) C:\WINDOWS\system32\ErrorDetails.dll
2016-10-13 11:21 - 2016-10-05 10:20 - 00936960 _____ (Microsoft Corporation) C:\WINDOWS\system32\MCRecvSrc.dll
2016-10-13 11:21 - 2016-10-05 10:18 - 01656832 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2016-10-13 11:21 - 2016-10-05 10:17 - 04136960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepository.dll
2016-10-13 11:21 - 2016-10-05 10:17 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\adsmsext.dll
2016-10-13 11:21 - 2016-10-05 10:16 - 06664192 _____ (Microsoft Corporation) C:\WINDOWS\system32\mspaint.exe
2016-10-13 11:21 - 2016-10-05 10:16 - 00771072 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppointmentApis.dll
2016-10-13 11:21 - 2016-10-05 10:15 - 00833024 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
2016-10-13 11:21 - 2016-10-05 10:15 - 00774656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.dll
2016-10-13 11:21 - 2016-10-05 10:15 - 00716800 _____ (Microsoft Corporation) C:\WINDOWS\system32\ShareHost.dll
2016-10-13 11:21 - 2016-10-05 10:14 - 01013760 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContactApis.dll
2016-10-13 11:21 - 2016-10-05 10:13 - 01328128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.Http.dll
2016-10-13 11:21 - 2016-10-05 10:12 - 00998912 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWorkspace.dll
2016-10-13 11:21 - 2016-10-05 10:12 - 00924672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.BackgroundTransfer.dll
2016-10-13 11:21 - 2016-10-05 10:11 - 03496960 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVidCtl.dll
2016-10-13 11:21 - 2016-10-05 10:09 - 03369984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepository.dll
2016-10-13 11:21 - 2016-10-05 10:08 - 02356736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVidCtl.dll
2016-10-13 11:21 - 2016-10-05 10:08 - 00598528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.dll
2016-10-13 11:21 - 2016-10-05 10:07 - 00589312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Sensors.dll
2016-10-13 11:21 - 2016-10-05 10:06 - 01013248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.Http.dll
2016-10-13 11:21 - 2016-10-05 10:05 - 00751104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.BackgroundTransfer.dll
2016-10-13 11:21 - 2016-10-05 01:01 - 00446124 _____ C:\WINDOWS\system32\ApnDatabase.xml
2016-10-07 21:52 - 2016-10-07 21:52 - 00443632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcp140.dll
2016-10-07 21:52 - 2016-10-07 21:52 - 00394496 _____ (Microsoft Corporation) C:\WINDOWS\system32\vccorlib140.dll
2016-10-07 21:52 - 2016-10-07 21:52 - 00334608 _____ (Microsoft Corporation) C:\WINDOWS\system32\concrt140.dll
2016-10-07 21:52 - 2016-10-07 21:52 - 00089328 _____ (Microsoft Corporation) C:\WINDOWS\system32\vcruntime140.dll
2016-10-07 21:52 - 2016-10-07 21:52 - 00085744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vcruntime140.dll
2016-10-07 21:49 - 2016-10-07 21:49 - 00639728 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcp140.dll
2016-10-07 21:49 - 2016-10-07 21:49 - 00244504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\concrt140.dll
2016-10-07 21:45 - 2016-10-07 21:45 - 00271112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vccorlib140.dll
2016-10-06 14:08 - 2016-10-06 14:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Boxcryptor
2016-10-06 14:08 - 2016-10-06 14:08 - 00000000 ____D C:\Program Files (x86)\Boxcryptor

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2016-11-02 10:19 - 2016-07-16 12:45 - 00000000 ____D C:\WINDOWS\INF
2016-11-02 10:12 - 2016-07-16 23:51 - 02028824 _____ C:\WINDOWS\system32\perfh007.dat
2016-11-02 10:12 - 2016-07-16 23:51 - 00579224 _____ C:\WINDOWS\system32\perfc007.dat
2016-11-02 10:12 - 2015-09-10 12:39 - 04661694 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-11-02 10:08 - 2015-06-10 11:35 - 00000000 __RDO C:\Users\Bernhard\OneDrive
2016-11-02 10:07 - 2016-08-16 16:58 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-11-02 10:07 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-11-02 10:06 - 2016-08-16 16:39 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2016-11-02 10:06 - 2016-07-16 07:04 - 00786432 _____ C:\WINDOWS\system32\config\BBI
2016-11-02 09:34 - 2016-02-12 14:32 - 00000000 ____D C:\Users\Bernhard\Documents\My Kindle Content
2016-11-01 19:58 - 2016-07-16 12:47 - 00000000 ___HD C:\Program Files\WindowsApps
2016-11-01 19:58 - 2015-06-10 11:28 - 00000000 ____D C:\Users\Bernhard\AppData\Local\Packages
2016-11-01 18:28 - 2015-06-10 13:18 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-11-01 17:07 - 2016-08-16 16:44 - 00000000 ____D C:\Users\Bernhard
2016-11-01 17:06 - 2013-10-14 23:48 - 07165952 _____ C:\Users\Bernhard\Downloads\ResophNotes.msi
2016-11-01 16:47 - 2016-03-01 11:34 - 00000000 ____D C:\Users\Bernhard\.Zettelkasten
2016-10-31 14:16 - 2015-07-31 17:06 - 00271360 _____ C:\Users\Bernhard\Documents\Meine Outlook-Datendatei(1).pst.txt
2016-10-29 18:59 - 2015-09-10 12:51 - 00000000 ____D C:\Users\Bernhard\AppData\Local\Comms
2016-10-29 11:53 - 2015-12-04 12:35 - 00425472 ___SH C:\Users\Bernhard\Desktop\Thumbs.db
2016-10-29 11:44 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\rescache
2016-10-29 10:35 - 2015-09-29 19:29 - 00000000 ____D C:\Users\Bernhard\AppData\Roaming\PhotoScape
2016-10-28 19:55 - 2015-06-10 11:23 - 00000000 __RHD C:\Users\Public\AccountPictures
2016-10-28 19:54 - 2016-08-16 16:39 - 00338184 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2016-10-28 18:47 - 2016-07-16 12:47 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2016-10-28 18:47 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2016-10-28 18:47 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\oobe
2016-10-28 18:47 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\appraiser
2016-10-28 18:46 - 2016-07-16 12:47 - 00015425 _____ C:\WINDOWS\system32\OEMDefaultAssociations.xml
2016-10-28 16:19 - 2016-07-16 12:36 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-10-28 13:23 - 2015-06-10 12:26 - 00485032 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2016-10-27 10:52 - 2016-03-01 11:31 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2016-10-27 10:52 - 2016-03-01 11:31 - 00000000 ____D C:\Program Files (x86)\Java
2016-10-27 10:52 - 2016-01-22 21:52 - 00000000 ____D C:\ProgramData\Oracle
2016-10-27 10:51 - 2016-03-01 11:31 - 00097856 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2016-10-26 16:09 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\SysWOW64\Macromed
2016-10-26 16:09 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\Macromed
2016-10-26 16:09 - 2015-06-18 10:50 - 00000000 ____D C:\Users\Bernhard\AppData\Local\Adobe
2016-10-26 10:59 - 2015-12-28 19:08 - 00000000 ____D C:\Users\Bernhard\AppData\Roaming\Papyrus Autor
2016-10-25 00:30 - 2016-07-16 12:49 - 00828408 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2016-10-25 00:30 - 2016-07-16 12:49 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2016-10-24 12:21 - 2016-07-16 12:47 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2016-10-24 12:19 - 2015-03-14 14:41 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2016-10-18 15:54 - 2016-08-17 16:17 - 00000000 ____D C:\WINDOWS\Microsoft Antimalware
2016-10-15 19:45 - 2016-07-16 12:47 - 00000000 ___SD C:\WINDOWS\system32\DiagSvcs
2016-10-15 19:45 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\migwiz
2016-10-15 19:45 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\ShellExperiences
2016-10-15 19:45 - 2016-07-16 12:47 - 00000000 ____D C:\Program Files\Windows Photo Viewer
2016-10-15 19:45 - 2016-07-16 12:47 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2016-10-15 11:15 - 2015-06-10 12:32 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-10-15 11:11 - 2015-06-10 12:32 - 143495576 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-10-14 15:10 - 2016-08-16 16:58 - 00004562 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2016-10-14 15:09 - 2015-11-02 11:07 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2016-10-06 13:50 - 2016-08-31 11:04 - 00000000 ____D C:\Users\Bernhard\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Vivaldi-Apps
2016-10-06 13:37 - 2016-03-09 10:30 - 00002395 _____ C:\Users\Bernhard\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Vivaldi.lnk
2016-10-06 13:37 - 2016-03-09 10:30 - 00000000 ____D C:\Users\Bernhard\AppData\Local\Vivaldi
2016-10-06 08:31 - 2016-07-16 12:47 - 00000000 ___SD C:\WINDOWS\SysWOW64\F12
2016-10-06 08:31 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\SysWOW64\setup
2016-10-06 08:31 - 2016-07-16 07:04 - 00000000 ____D C:\WINDOWS\SysWOW64\Dism
2016-10-06 08:30 - 2016-07-16 12:47 - 00000000 ___SD C:\WINDOWS\system32\F12
2016-10-06 08:30 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\system32\setup
2016-10-06 08:30 - 2016-07-16 07:04 - 00000000 ____D C:\WINDOWS\system32\Sysprep
2016-10-06 08:30 - 2016-07-16 07:04 - 00000000 ____D C:\WINDOWS\system32\Dism
2016-10-06 08:29 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\Provisioning
2016-10-06 08:29 - 2016-07-16 12:47 - 00000000 ____D C:\WINDOWS\bcastdvr

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2015-06-10 14:42 - 2015-06-10 14:42 - 0220679 _____ () C:\ProgramData\1433943608.bdinstall.bin
2015-06-12 20:00 - 2015-06-12 20:00 - 0037671 _____ () C:\ProgramData\1434135610.bdinstall.bin
2015-06-12 20:00 - 2015-06-12 20:00 - 0097850 _____ () C:\ProgramData\1434135616.bdinstall.bin
2015-06-14 13:18 - 2015-06-14 13:18 - 0211838 _____ () C:\ProgramData\1434284237.bdinstall.bin
2015-06-14 18:29 - 2015-06-14 18:29 - 0037671 _____ () C:\ProgramData\1434302971.bdinstall.bin
2015-06-14 18:30 - 2015-06-14 18:30 - 0098360 _____ () C:\ProgramData\1434302989.bdinstall.bin
2016-08-16 16:41 - 2016-08-16 16:41 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

==================== Bamital & volsnap ======================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2016-10-25 12:21

==================== Ende von FRST.txt ============================

 

Addition.txt

FRST.txt

Link to post
Share on other sites

oops: Yesterday evening Malwarebytes DID run once after I had been several times trying to start. It did run a full scan (0  results).

After rebooting my computer this morning, MW will not run again, with the same behaviour  as before: Icon appearing in taskbar for seconds, then vanishing.

Strange...

Link to post
Share on other sites

Thanks for those logs, continue:

Download attached fixlist.txt file (end of reply) and save it to the Desktop, or the folder you saved FRST into.
NOTE. It's important that both FRST and fixlist.txt are in the same location or the fix will not work.

Open FRST and press the Fix button just once and wait.
The tool will make a log on the Desktop (Fixlog.txt) or the folder it was ran from. Please post it to your reply.

Next,

Please download MBAM-clean and save it to your desktop.
 
  • Right-click on mbam-clean.exe icon and select user posted image Run as Administrator to start the tool.
  • It will ask you to reboot the machine - please do so.
  • Run the cleaner tool again, re-boot when complete. <<<---do not miss this step


Download & install the newset MBAM version.

Please download user posted imageMalwarebytes Anti-Malware
 
  • Install the progam and select update.
  • Once updated, click the Settings tab, in the left panel choose Detctions & protection and tick Scan for rootkits.
  • In the same tab, under PUP and PUM detections make sure it is set to Treat detections as malware.
  • Click the Scan tab, choose Threat Scan is checked and click Scan Now.
  • If threats are detected, click the Apply Actions button. You will now be prompted to reboot. Click Yes.
  • Upon completion of the scan (or after the reboot), click the History tab.
  • Click Application Logs and double-click the Scan Log.
  • At the bottom click Export and choose Text file.


Save the file to your desktop and include its content in your next reply.

Next,

Download Sophos Free Virus Removal Tool and save it to your desktop.

If your security alerts to this scan either accept the alert or turn off your security to allow Sophos to run and complete.....
 
  • Double click the icon and select Run
  • Click Next
  • Select I accept the terms in this license agreement, then click Next twice
  • Click Install
  • Click Finish to launch the program
  • Once the virus database has been updated click Start Scanning
  • If any threats are found click Details, then View log file... (bottom left hand corner)
  • Copy and paste the results in your reply
  • Close the Notepad document, close the Threat Details screen, then click Start cleanup
  • Click Exit to close the program
  • If no threats were found please confirm that result....


Let me see those logs in your reply....

Thank you,

Kevin...

 

Fixlist.txt

Link to post
Share on other sites

Hi Kevin

thank you again for your avdvice. I did everything as you told in your post above.

Sophos Virus Removal Tool says "System is clean".

But..... Malwarebyte got installed, but does not run  -- same behaviour as before. Strange...

 

Here ist the Fixlog:

durchgeführt von Bernhard (04-11-2016 20:39:10) Run:1
Gestartet von C:\Users\Bernhard\Desktop
Geladene Profile: Bernhard (Verfügbare Profile: Bernhard)
Start-Modus: Normal
==============================================

fixlist Inhalt:
*****************
Start
CreateRestorePoint:
CloseProcesses:
2015-06-10 14:42 - 2015-06-10 14:42 - 0220679 _____ () C:\ProgramData\1433943608.bdinstall.bin
2015-06-12 20:00 - 2015-06-12 20:00 - 0037671 _____ () C:\ProgramData\1434135610.bdinstall.bin
2015-06-12 20:00 - 2015-06-12 20:00 - 0097850 _____ () C:\ProgramData\1434135616.bdinstall.bin
2015-06-14 13:18 - 2015-06-14 13:18 - 0211838 _____ () C:\ProgramData\1434284237.bdinstall.bin
2015-06-14 18:29 - 2015-06-14 18:29 - 0037671 _____ () C:\ProgramData\1434302971.bdinstall.bin
2015-06-14 18:30 - 2015-06-14 18:30 - 0098360 _____ () C:\ProgramData\1434302989.bdinstall.bin
CMD: ipconfig /flushdns 
EmptyTemp:
end

*****************

Wiederherstellungspunkt wurde erfolgreich erstellt.
Prozess erfolgreich geschlossen.
C:\ProgramData\1433943608.bdinstall.bin => erfolgreich verschoben
C:\ProgramData\1434135610.bdinstall.bin => erfolgreich verschoben
C:\ProgramData\1434135616.bdinstall.bin => erfolgreich verschoben
C:\ProgramData\1434284237.bdinstall.bin => erfolgreich verschoben
C:\ProgramData\1434302971.bdinstall.bin => erfolgreich verschoben
C:\ProgramData\1434302989.bdinstall.bin => erfolgreich verschoben

========= ipconfig /flushdns =========


Windows-IP-Konfiguration

Der DNS-Aufl”sungscache wurde geleert.

========= Ende von CMD: =========


=========== EmptyTemp: ==========

BITS transfer queue => 1418160 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 17161450 B
Java, Flash, Steam htmlcache => 785 B
Windows/system/drivers => 654819 B
Edge => 69585045 B
Chrome => 0 B
Firefox => 13507750 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 0 B
NetworkService => 74752 B
Bernhard => 88285769 B

RecycleBin => 26948977 B
EmptyTemp: => 207.6 MB temporäre Dateien entfernt.

================================


Das System musste neu gestartet werden.

==== Ende von Fixlog 20:39:52 ====

 

 

Link to post
Share on other sites

Run this please:

Please create an mbam-check log:
 
  • Download mbam-check.exe from here: https://downloads.malwarebytes.org/file/mbam_check and save it to your desktop
  • Double-click on mbam-check.exe to run it, it should then open a log file
  • Please do not copy and paste the entire contents of the log into your next post, instead, please attach the log CheckResults.txt file which should now be located on your desktop to your next post.
  • Attach the log to your reply
Edited by kevinf80
code error...
Link to post
Share on other sites

Quote

Pending File Rename Operations: 
================================
If any Malwarebytes Anti-Malware items are listed below, the user must reboot to complete a Malwarebytes Anti-Malware upgrade installation.
Pending File Rename Operations: 
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\
    PendingFileRenameOperations    REG_MULTI_SZ    \??\C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamext.dll.old

 

Can you re-boot your system twice, when complete navigate to the following folder:

C:\Program Files (x86)\Malwarebytes Anti-Malware\\Plugins

Inside the "Plugins" folder run the following executable

fixdamage.exe   

Re-boot again when complete, will Malwarebytes run now...?  

 

Link to post
Share on other sites

The logs would not seem to indicate a malware problem holding back Malwarebytes, obviously something is however... See if you use the following instructions to run Malwarebytes Chameleon:

https://support.malwarebytes.com/customer/portal/articles/1833358-how-do-i-use-malwarebytes-chameleon-to-run-malwarebytes-anti-malware-on-an-infected-system-?b_id=6447

If it runs successfully post the produced log..

Link to post
Share on other sites

1 hour ago, kevinf80 said:

See if you use the following instructions to run Malwarebytes Chameleon:

https://support.malwarebytes.com/customer/portal/articles/1833358-how-do-i-use-malwarebytes-chameleon-to-run-malwarebytes-anti-malware-on-an-infected-system-?b_id=6447

If it runs successfully post the produced log..

I did the procedure, and Malwarebytes started. Soon after starting, there came a pop-up alert saying

Quote

Error: Malwarebytes could not load the rootkit driver. Error Code 20026. Continue Scan without Anti-Rootkit-Support?"

>> yes. The log is attached.

mbam_log_withCham.txt

Link to post
Share on other sites

6 minutes ago, kevinf80 said:

Was a log produced?

Sorry, did not save. But look what happened now:

I tried some more times, without rebooting or doing anything at all inbetween.

Try 1 : Runs

Try 2: Does not run

Try 3: Does not run

Try 4: Runs (scanning just now, after finishing I will post le log, give it 10 minutes approx. to finish!)

 

Edited by Etojok
Link to post
Share on other sites

Guest
This topic is now closed to further replies.
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.