| |
| |||||||
Log-Analyse und Auswertung: Windows 10 Werbung am ganzen PCWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
23.12.2015, 00:20
| #1 |
| |  Windows 10 Werbung am ganzen PC Hallo, Seit heute habe ich ein sehr großes Problem mit den Adwares, es öffnen sich im jeden Browser Werbungen, selbst im Spiel (Cs:go) öffnet sich die werbung im ingame browser. Auch in Steam werde ich mit der Werbung zu geballert. Ich habe alles probiert was mir dazu eingefallen ist: Adwclear, CC cleaner, browser neu zurückgesetzt, aber leider erfolglos. Ich würde mich sehr freuen wen ihr mir dabei weiterhelfen könnt. Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:20-12-2015
durchgeführt von dlehn (Administrator) auf DESKTOP-UPDA33C (23-12-2015 00:08:04)
Gestartet von C:\Users\dlehn\Downloads
Geladene Profile: dlehn (Verfügbare Profile: dlehn & DefaultAppPool)
Platform: Windows 10 Home (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: Chrome)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(NVIDIA Corporation) C:\WINDOWS\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Intel Corporation) C:\WINDOWS\System32\igfxCUIService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\WINDOWS\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Microsoft Corporation) C:\WINDOWS\System32\mqsvc.exe
(Microsoft Corporation) C:\WINDOWS\System32\inetsrv\inetinfo.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(Microsoft Corporation) C:\WINDOWS\System32\mqtgsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(Microsoft Corporation) C:\WINDOWS\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Intel Corporation) C:\WINDOWS\System32\igfxEM.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.29.1\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.29.1\GoogleCrashHandler64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\WINDOWS\System32\SettingSyncHost.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe
() C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\CCXProcess.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Joyent, Inc) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\libs\node.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\WINDOWS\System32\rundll32.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(VS Revo Group) C:\Program Files (x86)\VS Revo Group\Revo Uninstaller\Revouninstaller.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Registry (Nicht auf der Ausnahmeliste) ===========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [16404224 2015-12-21] (Realtek Semiconductor)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508104 2015-10-30] (Adobe Systems Incorporated)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2757424 2015-11-25] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => "C:\WINDOWS\system32\rundll32.exe" C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2304688 2015-11-25] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [7021880 2015-12-22] (AVAST Software)
HKLM-x32\...\RunOnce: [20150107] => C:\Program Files\AVAST Software\Avast\setup\emupdate\29821b53-d43a-47ca-842d-adafada643e0.exe [183232 2015-12-22] (AVAST Software)
HKU\S-1-5-21-4099521793-58611733-3230023784-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3013712 2015-12-14] (Valve Corporation)
HKU\S-1-5-21-4099521793-58611733-3230023784-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [50749056 2015-12-08] (Skype Technologies S.A.)
HKU\S-1-5-21-4099521793-58611733-3230023784-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8461224 2015-09-16] (Piriform Ltd)
HKU\S-1-5-21-4099521793-58611733-3230023784-1001\...\Run: [GoogleChromeAutoLaunch_2524FC75FB40A63E2F8100B1D0EAD42C] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [741704 2015-12-11] (Google Inc.)
HKU\S-1-5-21-4099521793-58611733-3230023784-1001\...\MountPoints2: {1b2bcebf-9ee9-11e5-952d-806e6f6e6963} - "F:\autorun.exe"
HKU\S-1-5-21-4099521793-58611733-3230023784-1001\...\MountPoints2: {6989ad5d-9ee2-11e5-9531-94de80b0d5e1} - "H:\HTC_Sync_Manager_PC.exe"
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2015-11-14] ()
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2015-11-14] ()
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2015-11-14] ()
ShellIconOverlayIdentifiers: [ SkyDrivePro1 (ErrorConflict)] -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => D:\MS Office 2013\Office15\GROOVEEX.DLL [2012-10-01] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ SkyDrivePro2 (SyncInProgress)] -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => D:\MS Office 2013\Office15\GROOVEEX.DLL [2012-10-01] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ SkyDrivePro3 (InSync)] -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => D:\MS Office 2013\Office15\GROOVEEX.DLL [2012-10-01] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2015-12-22] (AVAST Software)
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{e89f596a-b42e-4928-8e94-06d701659fab}: [DhcpNameServer] 192.168.1.1
Internet Explorer:
==================
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
SearchScopes: HKLM -> DefaultScope {F94F0DF1-11E7-4490-BAA9-7AB2F1395AAB} URL = hxxp://www.sm.de/?q={searchTerms}
SearchScopes: HKLM -> {F94F0DF1-11E7-4490-BAA9-7AB2F1395AAB} URL = hxxp://www.sm.de/?q={searchTerms}
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> D:\MS Office 2013\Office15\OCHelper.dll [2012-10-01] (Microsoft Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-12-22] (AVAST Software)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> D:\MS Office 2013\Office15\URLREDIR.DLL [2012-10-01] (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> D:\MS Office 2013\Office15\GROOVEEX.DLL [2012-10-01] (Microsoft Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2012-10-01] (Microsoft Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-12-22] (AVAST Software)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL [2012-10-01] (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2012-10-01] (Microsoft Corporation)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - D:\MS Office 2013\Office15\MSOSB.DLL [2012-10-01] (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)
FireFox:
========
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> D:\MS Office 2013\Office15\NPSPWRAP.DLL [2012-10-01] (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.2.1 -> D:\Programme\VLC\npvlc.dll [2015-04-16] (VideoLAN)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2015-11-25] (Adobe Systems)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2012-10-01] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2012-10-01] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-11-24] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-11-24] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-09] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-09] (Google Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2015-11-25] (Adobe Systems)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2012-10-01] (Microsoft Corporation)
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2015-12-22]
Chrome:
=======
CHR Profile: C:\Users\dlehn\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Magic Actions for YouTube™) - C:\Users\dlehn\AppData\Local\Google\Chrome\User Data\Default\Extensions\abjcfabbhafbcdfjoecdgepllmpfceif [2015-12-10]
CHR Extension: (BetterTTV) - C:\Users\dlehn\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajopnjidmegmdimjlfnijceegpefgped [2015-12-09]
CHR Extension: (Google Drive) - C:\Users\dlehn\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-12-09]
CHR Extension: (Oddshot to Youtube on Reddit) - C:\Users\dlehn\AppData\Local\Google\Chrome\User Data\Default\Extensions\bjgbiggjemblnceibgagelajlkianbkm [2015-12-09]
CHR Extension: (YouTube) - C:\Users\dlehn\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-12-09]
CHR Extension: (Steam inventory helper) - C:\Users\dlehn\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmeakgjggjdlcpncigglobpjbkabhmjl [2015-12-09]
CHR Extension: (Google-Suche) - C:\Users\dlehn\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-12-09]
CHR Extension: (LoungeDestroyer) - C:\Users\dlehn\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghahcnmfjfckcedfajbhekgknjdplfcl [2015-12-17]
CHR Extension: (AdBlock) - C:\Users\dlehn\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2015-12-09]
CHR Extension: (Reddit Enhancement Suite) - C:\Users\dlehn\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbmfpngjjgdllneeigpgjifpgocmfgmb [2015-12-09]
CHR Extension: (Chrome Web Store-Zahlungen) - C:\Users\dlehn\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-12-09]
CHR Extension: (Hover Zoom+) - C:\Users\dlehn\AppData\Local\Google\Chrome\User Data\Default\Extensions\pccckmaobkjjboncdfnnofkonhgpceea [2015-12-09]
CHR Extension: (Reverse Playlist for YouTube™ (BETA)) - C:\Users\dlehn\AppData\Local\Google\Chrome\User Data\Default\Extensions\phmkjpaalnpngdifcgejpakhfleamlag [2015-12-09]
CHR Extension: (Google Mail) - C:\Users\dlehn\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-12-09]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-12-22]
==================== Dienste (Nicht auf der Ausnahmeliste) ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [683696 2015-11-16] (Adobe Systems Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2016448 2015-11-25] (Adobe Systems, Incorporated)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [226440 2015-12-22] (AVAST Software)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1156400 2015-11-25] (NVIDIA Corporation)
R2 igfxCUIService2.0.0.0; C:\Windows\system32\igfxCUIService.exe [351120 2015-10-08] (Intel Corporation)
R2 IISADMIN; C:\Windows\system32\inetsrv\inetinfo.exe [16896 2015-12-11] (Microsoft Corporation)
R2 MSMQTriggers; C:\Windows\system32\mqtgsvc.exe [164864 2015-12-11] (Microsoft Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1872688 2015-11-25] (NVIDIA Corporation)
R3 NvStreamNetworkSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [8133424 2015-11-25] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [5915440 2015-11-25] (NVIDIA Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [362928 2015-07-10] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-07-10] (Microsoft Corporation)
S2 CsrBtOBEX-Dienst; "C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrBtOBEXService.exe" [X]
===================== Treiber (Nicht auf der Ausnahmeliste) ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [28656 2015-12-22] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [97648 2015-12-22] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-12-22] (AVAST Software)
S0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65224 2015-12-22] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1055560 2015-12-22] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [451040 2015-12-22] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [155304 2015-12-22] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [273784 2015-12-22] (AVAST Software)
S3 csravrcp; C:\Windows\System32\drivers\csravrcp.sys [26304 2012-03-22] (Cambridge Silicon Radio Limited)
S3 CsrBthAudioHF; C:\Windows\system32\DRIVERS\CsrBthAudioHF.sys [39120 2012-03-22] (Cambridge Silicon Radio Limited)
S3 CsrBtPort; C:\Windows\system32\DRIVERS\CsrBtPort.sys [2784968 2012-03-22] (Cambridge Silicon Radio Limited)
S3 csrhfgcc; C:\Windows\System32\drivers\csrhfgcc.sys [38080 2012-03-22] (Cambridge Silicon Radio Limited)
S3 csrpan; C:\Windows\System32\drivers\csrpan.sys [39616 2012-03-22] (Cambridge Silicon Radio Limited)
S3 csrserial; C:\Windows\system32\DRIVERS\csrserial.sys [61128 2012-03-22] (Cambridge Silicon Radio Limited)
S3 csrusb; C:\Windows\System32\Drivers\csrusb.sys [47296 2012-03-22] (Cambridge Silicon Radio Limited)
S3 csrusbfilter; C:\Windows\System32\Drivers\csrusbfilter.sys [23752 2012-03-22] (Cambridge Silicon Radio Limited)
S3 csr_bthav; C:\Windows\system32\drivers\csrbthav.sys [99520 2012-03-22] (Cambridge Silicon Radio Limited)
R3 dc1-controller; C:\Windows\System32\drivers\dc1-controller.sys [50688 2015-07-10] (Microsoft Corp.)
S3 FlashUSB; C:\Windows\System32\drivers\FlashUSB.sys [19968 2014-12-03] (Intel Mobile Communications)
S3 HtcVCom32; C:\Windows\System32\drivers\HtcVComV64.sys [121800 2010-03-09] (QUALCOMM Incorporated)
R1 HWiNFO32; C:\WINDOWS\SysWOW64\drivers\HWiNFO64A.SYS [26528 2015-12-21] (REALiX(tm))
R3 ISCT; C:\Windows\System32\drivers\ISCTD64.sys [46568 2013-01-19] ()
R3 MEIx64; C:\Windows\System32\drivers\TeeDriverW8x64.sys [185088 2015-12-21] (Intel Corporation)
S0 ngvss; C:\Windows\System32\Drivers\ngvss.sys [147088 2015-12-22] (AVAST Software)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19760 2015-11-25] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [50472 2015-11-25] (NVIDIA Corporation)
R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [935168 2015-12-21] (Realtek )
S3 shspusb; C:\Windows\System32\drivers\HSPUSB.sys [24064 2014-12-03] (MobileTop)
S3 SmbDrv; C:\Windows\System32\drivers\Smb_driver_AMDASF.sys [29936 2015-04-01] (Synaptics Incorporated)
S3 SmbDrvI; C:\Windows\System32\drivers\Smb_driver_Intel.sys [31472 2015-04-01] (Synaptics Incorporated)
S3 sscdserd; C:\Windows\System32\drivers\sscdserd.sys [158024 2014-12-03] (MCCI Corporation)
S3 ssceserd; C:\Windows\System32\drivers\ssceserd.sys [158024 2014-12-03] (MCCI Corporation)
S3 ssdudfu; C:\Windows\System32\drivers\ssdudfu.sys [101960 2014-12-03] (MCCI)
R3 sshid; C:\Windows\System32\drivers\sshid.sys [51392 2015-12-09] (SteelSeries ApS)
S3 ssm_bus; C:\Windows\System32\drivers\ssm_bus.sys [136192 2014-12-03] (MCCI Corporation)
S3 ssm_mdm; C:\Windows\System32\drivers\ssm_mdm.sys [172032 2014-12-03] (MCCI Corporation)
S3 ssudcdf; C:\Windows\System32\drivers\ssudcdf.sys [36608 2014-01-22] (DEVGURU Co., LTD.(www.devguru.co.kr))
S3 ssuddmgr; C:\Windows\System32\drivers\ssuddmgr.sys [206104 2014-12-03] (DEVGURU Co., LTD.(www.devguru.co.kr))
S3 ssudobex; C:\Windows\System32\drivers\ssudobex.sys [206104 2014-12-03] (DEVGURU Co., LTD.(www.devguru.co.kr))
S3 ssudqcfilter; C:\Windows\System32\drivers\ssudqcfilter.sys [48920 2014-12-03] (QUALCOMM Incorporated)
S3 ssudserd; C:\Windows\System32\drivers\ssudserd.sys [206104 2014-12-03] (DEVGURU Co., LTD.(www.devguru.co.kr))
S3 ss_bserd; C:\Windows\System32\drivers\ss_bserd.sys [128000 2014-12-03] (MCCI Corporation)
S3 ss_conn_usb_driver; C:\Windows\System32\Drivers\ss_conn_usb_driver.sys [26392 2014-12-03] (DEVGURU Co., LTD.)
S3 UdeCx; C:\Windows\System32\drivers\udecx.sys [44032 2015-07-10] ()
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-07-10] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [291680 2015-07-10] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [119648 2015-07-10] (Microsoft Corporation)
S3 wfpcapture; \SystemRoot\System32\drivers\wfpcapture.sys [X]
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2015-12-23 00:08 - 2015-12-23 00:08 - 00023464 _____ C:\Users\dlehn\Downloads\FRST.txt
2015-12-23 00:07 - 2015-12-23 00:08 - 00000000 ____D C:\FRST
2015-12-23 00:07 - 2015-12-23 00:07 - 02370560 _____ (Farbar) C:\Users\dlehn\Downloads\FRST64.exe
2015-12-23 00:03 - 2015-12-23 00:03 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\dlehn\Downloads\revosetup95.exe
2015-12-23 00:03 - 2015-12-23 00:03 - 00001344 _____ C:\Users\dlehn\Desktop\Revo Uninstaller.lnk
2015-12-23 00:03 - 2015-12-23 00:03 - 00000000 ____D C:\Users\dlehn\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller
2015-12-23 00:03 - 2015-12-23 00:03 - 00000000 ____D C:\Program Files (x86)\VS Revo Group
2015-12-22 23:53 - 2015-12-22 23:53 - 00016148 _____ C:\WINDOWS\system32\DESKTOP-UPDA33C_dlehn_HistoryPrediction.bin
2015-12-22 21:53 - 2015-12-22 23:30 - 631778962 _____ C:\Users\dlehn\Downloads\gfuifuzivugisouthpaw.avi.mp4
2015-12-22 20:53 - 2015-12-22 20:53 - 00139793 _____ C:\Users\dlehn\Downloads\Download.htm
2015-12-22 19:22 - 2015-12-22 19:22 - 00002383 _____ C:\Users\dlehn\Desktop\Chrome App Launcher.lnk
2015-12-22 19:22 - 2015-12-22 19:22 - 00000000 ____D C:\Users\dlehn\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-12-22 16:13 - 2015-12-22 16:13 - 00147088 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\ngvss.sys
2015-12-22 16:13 - 2015-12-22 16:12 - 01055560 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswBE3E.tmp
2015-12-22 16:13 - 2015-12-22 16:12 - 00451040 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswBE53.tmp
2015-12-22 16:13 - 2015-12-22 16:12 - 00386096 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2015-12-22 16:13 - 2015-12-22 16:12 - 00273784 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswBE54.tmp
2015-12-22 16:13 - 2015-12-22 16:12 - 00155304 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswBE55.tmp
2015-12-22 16:13 - 2015-12-22 16:12 - 00097648 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswBE51.tmp
2015-12-22 16:13 - 2015-12-22 16:12 - 00093528 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswBE3F.tmp
2015-12-22 16:13 - 2015-12-22 16:12 - 00065224 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswBE52.tmp
2015-12-22 16:13 - 2015-12-22 16:12 - 00028656 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswBE40.tmp
2015-12-22 16:12 - 2015-12-22 16:13 - 00004006 _____ C:\WINDOWS\System32\Tasks\avast! Emergency Update
2015-12-22 16:12 - 2015-12-22 16:12 - 01055560 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2015-12-22 16:12 - 2015-12-22 16:12 - 00451040 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2015-12-22 16:12 - 2015-12-22 16:12 - 00450504 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswsp.sys.1450797164265
2015-12-22 16:12 - 2015-12-22 16:12 - 00273784 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2015-12-22 16:12 - 2015-12-22 16:12 - 00155304 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2015-12-22 16:12 - 2015-12-22 16:12 - 00097648 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswmonflt.sys.1450797164265
2015-12-22 16:12 - 2015-12-22 16:12 - 00097648 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2015-12-22 16:12 - 2015-12-22 16:12 - 00093528 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2015-12-22 16:12 - 2015-12-22 16:12 - 00065224 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2015-12-22 16:12 - 2015-12-22 16:12 - 00043112 _____ (AVAST Software) C:\WINDOWS\avastSS.scr
2015-12-22 16:12 - 2015-12-22 16:12 - 00028656 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHwid.sys
2015-12-22 16:12 - 2015-12-22 16:12 - 00001986 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Free Antivirus.lnk
2015-12-22 16:12 - 2015-12-22 16:12 - 00001974 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2015-12-22 16:12 - 2015-12-22 16:12 - 00000000 ____D C:\Users\dlehn\AppData\Roaming\AVAST Software
2015-12-22 16:11 - 2015-12-22 16:11 - 05066096 _____ (AVAST Software) C:\Users\dlehn\Downloads\avast_free_antivirus_setup_online.exe
2015-12-22 16:11 - 2015-12-22 16:11 - 00000000 ____D C:\ProgramData\AVAST Software
2015-12-22 16:11 - 2015-12-22 16:11 - 00000000 ____D C:\Program Files\AVAST Software
2015-12-22 15:48 - 2015-12-22 15:48 - 00002870 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2015-12-22 15:48 - 2015-12-22 15:48 - 00000870 _____ C:\Users\Public\Desktop\CCleaner.lnk
2015-12-22 15:48 - 2015-12-22 15:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2015-12-22 15:47 - 2015-12-22 15:48 - 00000000 ____D C:\Program Files\CCleaner
2015-12-22 15:44 - 2015-12-22 15:45 - 06677440 _____ (Piriform Ltd) C:\Users\dlehn\Downloads\ccsetup510.exe
2015-12-22 15:43 - 2015-12-22 15:56 - 00000000 ____D C:\AdwCleaner
2015-12-22 15:43 - 2015-12-22 15:53 - 01743360 _____ C:\Users\dlehn\Downloads\adwcleaner_5.026.exe
2015-12-22 15:43 - 2015-12-22 15:44 - 00584776 _____ C:\Users\dlehn\Downloads\ccsetup513_CB-DL-Manager.exe
2015-12-22 15:43 - 2015-12-22 15:43 - 01743360 _____ C:\Users\dlehn\Downloads\adwcleaner_5.026 (1).exe
2015-12-21 12:42 - 2015-12-21 12:42 - 00000000 ____D C:\WINDOWS\LastGood
2015-12-21 12:38 - 2015-12-21 12:38 - 72121872 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RCoRes64.dat
2015-12-21 12:38 - 2015-12-21 12:38 - 07172912 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EEP64A.dll
2015-12-21 12:38 - 2015-12-21 12:38 - 07096192 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPP64A.dll
2015-12-21 12:38 - 2015-12-21 12:38 - 03741396 _____ C:\WINDOWS\system32\Drivers\RTAIODAT.DAT
2015-12-21 12:38 - 2015-12-21 12:38 - 03271912 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkApi64.dll
2015-12-21 12:38 - 2015-12-21 12:38 - 02997504 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtPgEx64.dll
2015-12-21 12:38 - 2015-12-21 12:38 - 02711296 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RTSnMg64.cpl
2015-12-21 12:38 - 2015-12-21 12:38 - 01965816 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPD64A.dll
2015-12-21 12:38 - 2015-12-21 12:38 - 01839360 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RCoInstII64.dll
2015-12-21 12:38 - 2015-12-21 12:38 - 01780624 _____ (DTS) C:\WINDOWS\system32\DTSS2SpeakerDLL64.dll
2015-12-21 12:38 - 2015-12-21 12:38 - 01591064 _____ (DTS) C:\WINDOWS\system32\DTSS2HeadphoneDLL64.dll
2015-12-21 12:38 - 2015-12-21 12:38 - 01508936 _____ (DTS) C:\WINDOWS\system32\DTSBoostDLL64.dll
2015-12-21 12:38 - 2015-12-21 12:38 - 01350456 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RTCOM64.dll
2015-12-21 12:38 - 2015-12-21 12:38 - 00743968 _____ (DTS) C:\WINDOWS\system32\DTSBassEnhancementDLL64.dll
2015-12-21 12:38 - 2015-12-21 12:38 - 00727440 _____ (DTS) C:\WINDOWS\system32\DTSSymmetryDLL64.dll
2015-12-21 12:38 - 2015-12-21 12:38 - 00708312 _____ (DTS) C:\WINDOWS\system32\DTSVoiceClarityDLL64.dll
2015-12-21 12:38 - 2015-12-21 12:38 - 00645456 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtDataProc64.dll
2015-12-21 12:38 - 2015-12-21 12:38 - 00504312 _____ (DTS) C:\WINDOWS\system32\DTSNeoPCDLL64.dll
2015-12-21 12:38 - 2015-12-21 12:38 - 00447728 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EED64A.dll
2015-12-21 12:38 - 2015-12-21 12:38 - 00445408 _____ (DTS) C:\WINDOWS\system32\DTSLimiterDLL64.dll
2015-12-21 12:38 - 2015-12-21 12:38 - 00441272 _____ (DTS) C:\WINDOWS\system32\DTSGainCompensatorDLL64.dll
2015-12-21 12:38 - 2015-12-21 12:38 - 00343712 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtlCPAPI64.dll
2015-12-21 12:38 - 2015-12-21 12:38 - 00327464 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPO64A.dll
2015-12-21 12:38 - 2015-12-21 12:38 - 00272720 _____ (Dolby Laboratories) C:\WINDOWS\system32\DDPA64.dll
2015-12-21 12:38 - 2015-12-21 12:38 - 00253904 _____ (DTS) C:\WINDOWS\system32\DTSGFXAPO64.dll
2015-12-21 12:38 - 2015-12-21 12:38 - 00253864 _____ (DTS) C:\WINDOWS\system32\DTSLFXAPO64.dll
2015-12-21 12:38 - 2015-12-21 12:38 - 00252880 _____ (DTS) C:\WINDOWS\system32\DTSGFXAPONS64.dll
2015-12-21 12:38 - 2015-12-21 12:38 - 00151792 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EEL64A.dll
2015-12-21 12:38 - 2015-12-21 12:38 - 00134208 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EEA64A.dll
2015-12-21 12:38 - 2015-12-21 12:38 - 00118592 _____ C:\WINDOWS\system32\AcpiServiceVnA64.dll
2015-12-21 12:38 - 2015-12-21 12:38 - 00105312 _____ C:\WINDOWS\system32\audioLibVc.dll
2015-12-21 12:38 - 2015-12-21 12:38 - 00084616 _____ (Dolby Laboratories) C:\WINDOWS\system32\R4EEG64A.dll
2015-12-21 12:38 - 2015-12-21 12:38 - 00000000 ____D C:\WINDOWS\LastGood.Tmp
2015-12-21 12:37 - 2015-12-21 12:37 - 00935168 _____ (Realtek ) C:\WINDOWS\system32\Drivers\rt640x64.sys
2015-12-21 12:37 - 2015-12-21 12:37 - 00082544 _____ (Realtek Semiconductor Corporation) C:\WINDOWS\system32\RtNicProp64.dll
2015-12-21 12:35 - 2015-12-21 12:35 - 00475384 _____ (Intel(R) Corporation) C:\WINDOWS\system32\Drivers\IntcDAud.sys
2015-12-21 12:35 - 2015-12-21 12:35 - 00185088 _____ (Intel Corporation) C:\WINDOWS\system32\Drivers\TeeDriverW8x64.sys
2015-12-21 12:31 - 2015-12-22 16:05 - 00000000 ____D C:\ProgramData\ProductData
2015-12-21 12:31 - 2015-12-21 12:31 - 00026528 _____ (REALiX(tm)) C:\WINDOWS\SysWOW64\Drivers\HWiNFO64A.SYS
2015-12-21 12:31 - 2015-12-21 12:31 - 00003072 _____ C:\WINDOWS\System32\Tasks\Driver Booster SkipUAC (dlehn)
2015-12-21 12:31 - 2015-12-21 12:31 - 00000000 ____D C:\WINDOWS\Tasks\ImCleanDisabled
2015-12-21 12:31 - 2015-12-21 12:31 - 00000000 ____D C:\Users\dlehn\AppData\Roaming\IObit
2015-12-21 12:31 - 2015-12-21 12:31 - 00000000 ____D C:\Users\dlehn\AppData\LocalLow\IObit
2015-12-21 12:31 - 2015-12-21 12:31 - 00000000 ____D C:\ProgramData\IObit
2015-12-21 12:30 - 2015-12-21 12:30 - 01466656 _____ C:\Users\dlehn\Downloads\Iobit Driver Booster 3 Pro - CHIP-Installer.exe
2015-12-21 02:06 - 2015-12-21 02:08 - 00003698 _____ C:\Users\dlehn\Desktop\knife history.txt
2015-12-21 00:28 - 2015-12-21 00:30 - 314080340 _____ C:\Users\dlehn\Downloads\P-05.rar
2015-12-20 23:02 - 2015-12-20 23:02 - 00219946 _____ C:\Users\dlehn\Downloads\^FEB2EC0B5D1349D5C95B5C7C3DBEF6227881B7F7962B51775C^pimgpsh_fullsize_distr.png
2015-12-20 15:25 - 2015-12-20 15:25 - 00000000 ____D C:\Users\dlehn\OneDrive\Documents\Benutzerdefinierte Office-Vorlagen
2015-12-20 13:46 - 2015-12-20 13:46 - 00078896 _____ C:\Users\dlehn\Downloads\Hausarbeiten-Skript_AG_SR-AT.pdf
2015-12-19 21:49 - 2015-12-19 21:49 - 00044628 _____ C:\Users\dlehn\Downloads\BankGothic Bold.ttf
2015-12-19 21:48 - 2015-12-19 21:48 - 00015396 _____ C:\Users\dlehn\Downloads\9BlackOps2Fontiiamjosh13.TTF
2015-12-19 17:05 - 2015-12-19 17:05 - 00000365 _____ C:\Users\dlehn\Desktop\skins.txt
2015-12-19 00:08 - 2015-12-19 00:20 - 327421628 _____ C:\Users\dlehn\Downloads\NSPS141avi.mp4
2015-12-18 12:57 - 2015-12-18 12:57 - 01412032 _____ C:\Users\dlehn\Downloads\portable.zip
2015-12-18 12:57 - 2015-12-18 12:57 - 00000000 ____D C:\Users\dlehn\AppData\Local\IdleMaster
2015-12-17 19:53 - 2015-12-17 19:53 - 00000000 ____D C:\ProgramData\Age of Empires 3
2015-12-16 14:45 - 2015-12-16 14:45 - 00001908 _____ C:\WINDOWS\diagwrn.xml
2015-12-16 14:45 - 2015-12-16 14:45 - 00001908 _____ C:\WINDOWS\diagerr.xml
2015-12-15 19:30 - 2015-12-15 19:30 - 00016074 _____ C:\Users\dlehn\Downloads\bomb-timer-master.zip
2015-12-15 19:30 - 2015-12-15 05:58 - 00000000 ____D C:\Users\dlehn\Desktop\bomb-timer-master
2015-12-15 13:57 - 2015-12-15 14:01 - 688078282 _____ C:\Users\dlehn\Downloads\d7f68z9u0ihitman47-x264.mkv.mp4
2015-12-15 13:56 - 2015-12-15 13:56 - 00000020 ___SH C:\Users\DefaultAppPool\ntuser.ini
2015-12-15 13:56 - 2015-12-15 13:56 - 00000000 _SHDL C:\Users\DefaultAppPool\Vorlagen
2015-12-15 13:56 - 2015-12-15 13:56 - 00000000 _SHDL C:\Users\DefaultAppPool\Startmenü
2015-12-15 13:56 - 2015-12-15 13:56 - 00000000 _SHDL C:\Users\DefaultAppPool\Netzwerkumgebung
2015-12-15 13:56 - 2015-12-15 13:56 - 00000000 _SHDL C:\Users\DefaultAppPool\Lokale Einstellungen
2015-12-15 13:56 - 2015-12-15 13:56 - 00000000 _SHDL C:\Users\DefaultAppPool\Eigene Dateien
2015-12-15 13:56 - 2015-12-15 13:56 - 00000000 _SHDL C:\Users\DefaultAppPool\Druckumgebung
2015-12-15 13:56 - 2015-12-15 13:56 - 00000000 _SHDL C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2015-12-15 13:56 - 2015-12-15 13:56 - 00000000 _SHDL C:\Users\DefaultAppPool\AppData\Local\Verlauf
2015-12-15 13:56 - 2015-12-15 13:56 - 00000000 _SHDL C:\Users\DefaultAppPool\AppData\Local\Anwendungsdaten
2015-12-15 13:56 - 2015-12-15 13:56 - 00000000 _SHDL C:\Users\DefaultAppPool\Anwendungsdaten
2015-12-15 13:56 - 2015-12-15 13:56 - 00000000 ____D C:\Users\DefaultAppPool
2015-12-14 00:01 - 2015-12-14 00:01 - 00731445 _____ C:\Users\dlehn\Downloads\Windows_10_Login_Changer_1.3.zip
2015-12-14 00:01 - 2015-09-18 23:16 - 00001222 _____ C:\Users\dlehn\Desktop\ReadMe.txt
2015-12-13 22:10 - 2015-12-23 00:07 - 00000000 ____D C:\Users\dlehn\AppData\Roaming\NetSpeedMonitor
2015-12-13 22:10 - 2015-12-13 22:10 - 00000000 ____D C:\Program Files\NetSpeedMonitor
2015-12-13 22:08 - 2015-12-13 22:08 - 03652608 _____ C:\Users\dlehn\Downloads\netspeedmonitor_2_5_4_0_x64_setup.msi
2015-12-12 23:58 - 2011-09-19 23:30 - 1562320896 _____ C:\Users\dlehn\Desktop\Star Wars Episode V – Das Imperium schlägt zurück.avi
2015-12-12 23:58 - 2011-09-19 23:30 - 1561827328 _____ C:\Users\dlehn\Desktop\Star Wars Episode VI – Die Rückkehr der Jedi-Ritter.avi
2015-12-12 23:57 - 2011-09-19 23:30 - 1562349568 _____ C:\Users\dlehn\Desktop\Star Wars Episode IV – Eine neue Hoffnung.avi
2015-12-12 23:57 - 2011-09-19 23:30 - 1562347520 _____ C:\Users\dlehn\Desktop\Star Wars Episode I – Die dunkle Bedrohung.avi
2015-12-12 23:57 - 2011-09-19 23:30 - 1562324992 _____ C:\Users\dlehn\Desktop\Star Wars Episode II – Angriff der Klonkrieger.avi
2015-12-12 23:57 - 2011-09-19 23:30 - 1562144768 _____ C:\Users\dlehn\Desktop\Star Wars Episode III – Die Rache der Sith.avi
2015-12-12 23:31 - 2015-12-22 21:57 - 00004168 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{082A6E9D-E35D-4A11-898A-C9F252CADA11}
2015-12-12 18:28 - 2015-12-12 18:28 - 00894595 _____ C:\Users\dlehn\Downloads\MiponySetup.zip
2015-12-12 13:55 - 2015-12-12 13:55 - 01978368 _____ (Microsoft) C:\Users\dlehn\Desktop\Matchmaking Server Picker.exe
2015-12-12 13:43 - 2015-12-12 13:43 - 00000000 ____D C:\Program Files\mmpicker
2015-12-12 13:42 - 2015-12-12 13:42 - 01073990 _____ C:\Users\dlehn\Downloads\matchmaking_server_picker_36.zip
2015-12-12 13:41 - 2015-12-12 13:41 - 00035939 _____ C:\Users\dlehn\Downloads\Matchmaking Server Picker 34.zip - Google Drive.html
2015-12-12 13:41 - 2015-12-12 13:41 - 00000000 ____D C:\Users\dlehn\Downloads\Matchmaking Server Picker 34.zip - Google Drive_files
2015-12-11 21:55 - 2015-12-11 21:55 - 00000000 ____D C:\WINDOWS\SysWOW64\BestPractices
2015-12-11 21:55 - 2015-12-11 21:55 - 00000000 ____D C:\WINDOWS\system32\msmq
2015-12-11 21:55 - 2015-12-11 21:55 - 00000000 ____D C:\WINDOWS\system32\BestPractices
2015-12-11 21:55 - 2015-12-11 21:55 - 00000000 ____D C:\inetpub
2015-12-11 16:51 - 2015-12-11 16:51 - 00000000 ____D C:\WINDOWS\system32\SleepStudy
2015-12-11 14:52 - 2015-12-11 14:52 - 00000000 ____D C:\Users\dlehn\AppData\Roaming\Macromedia
2015-12-10 23:02 - 2015-12-21 14:00 - 00005328 _____ C:\WINDOWS\System32\Tasks\Microsoft Office 15 Sync Maintenance for DESKTOP-UPDA33C-dlehn DESKTOP-UPDA33C
2015-12-10 22:24 - 2015-12-10 22:24 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
2015-12-10 17:34 - 2015-12-10 17:34 - 00000000 ____D C:\WINDOWS\PCHEALTH
2015-12-10 17:34 - 2015-12-10 17:34 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2015-12-10 17:34 - 2015-12-10 17:34 - 00000000 ____D C:\Program Files\Microsoft SQL Server
2015-12-10 17:34 - 2015-12-10 17:34 - 00000000 ____D C:\Program Files\Common Files\DESIGNER
2015-12-10 17:34 - 2015-12-10 17:34 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-12-10 17:34 - 2015-12-10 17:34 - 00000000 ____D C:\Program Files (x86)\Microsoft SQL Server
2015-12-10 17:31 - 2015-12-10 17:31 - 00000000 ____D C:\Users\dlehn\AppData\Local\Microsoft Help
2015-12-10 17:31 - 2015-12-10 17:31 - 00000000 ____D C:\Program Files\Microsoft Analysis Services
2015-12-10 17:31 - 2015-12-10 17:31 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2015-12-10 17:31 - 2015-12-10 17:31 - 00000000 ____D C:\Program Files (x86)\Microsoft Analysis Services
2015-12-10 17:28 - 2015-12-10 17:28 - 00000000 ____D C:\ProgramData\Microsoft Toolkit
2015-12-10 17:26 - 2015-12-10 17:31 - 00000000 ____D C:\Users\dlehn\Desktop\MS office 2013
2015-12-10 17:21 - 2015-12-10 17:26 - 820998144 _____ C:\Users\dlehn\Downloads\OfficeProfessionalPlus.img
2015-12-10 15:27 - 2015-12-22 03:13 - 00000000 ____D C:\Users\dlehn\AppData\Roaming\vlc
2015-12-10 14:35 - 2015-12-10 14:52 - 1279902788 _____ C:\Users\dlehn\Downloads\w54e6rd7tf8zg9crimson.peak.720p.mkv.mp4
2015-12-10 13:28 - 2015-12-10 13:28 - 00000000 ____D C:\Users\dlehn\AppData\Local\NVIDIA Corporation
2015-12-10 13:28 - 2015-12-10 13:28 - 00000000 ____D C:\Users\dlehn\AppData\Local\NVIDIA
2015-12-10 13:28 - 2015-12-10 13:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2015-12-10 13:28 - 2015-11-25 00:07 - 01828160 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspcap64.dll
2015-12-10 13:28 - 2015-11-25 00:07 - 01756424 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspbridge64.dll
2015-12-10 13:28 - 2015-11-25 00:07 - 01509824 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspcap.dll
2015-12-10 13:28 - 2015-11-25 00:07 - 01316000 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspbridge.dll
2015-12-10 13:28 - 2015-11-25 00:07 - 00112712 _____ C:\WINDOWS\system32\NvRtmpStreamer64.dll
2015-12-10 13:27 - 2015-11-24 19:42 - 00102704 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvStreaming.exe
2015-12-10 13:26 - 2015-11-25 00:07 - 42913912 _____ C:\WINDOWS\system32\nvcompiler.dll
2015-12-10 13:26 - 2015-11-25 00:07 - 37882672 _____ C:\WINDOWS\SysWOW64\nvcompiler.dll
2015-12-10 13:26 - 2015-11-25 00:07 - 22345336 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll
2015-12-10 13:26 - 2015-11-25 00:07 - 18389624 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll
2015-12-10 13:26 - 2015-11-25 00:07 - 16561320 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll
2015-12-10 13:26 - 2015-11-25 00:07 - 15839392 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvd3dumx.dll
2015-12-10 13:26 - 2015-11-25 00:07 - 14844304 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2015-12-10 13:26 - 2015-11-25 00:07 - 13533416 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll
2015-12-10 13:26 - 2015-11-25 00:07 - 12040952 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2015-12-10 13:26 - 2015-11-25 00:07 - 03540360 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2015-12-10 13:26 - 2015-11-25 00:07 - 03126800 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2015-12-10 13:26 - 2015-11-25 00:07 - 02876536 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2015-12-10 13:26 - 2015-11-25 00:07 - 02496816 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2015-12-10 13:26 - 2015-11-25 00:07 - 01905272 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6435906.dll
2015-12-10 13:26 - 2015-11-25 00:07 - 01564792 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6435906.dll
2015-12-10 13:26 - 2015-11-25 00:07 - 01016360 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncMFTH264.dll
2015-12-10 13:26 - 2015-11-25 00:07 - 00877872 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2015-12-10 13:26 - 2015-11-25 00:07 - 00861816 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2015-12-10 13:26 - 2015-11-25 00:07 - 00823232 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncMFTH264.dll
2015-12-10 13:26 - 2015-11-25 00:07 - 00689784 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2015-12-10 13:26 - 2015-11-25 00:07 - 00673912 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2015-12-10 13:26 - 2015-11-25 00:07 - 00539464 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvumdshimx.dll
2015-12-10 13:26 - 2015-11-25 00:07 - 00503416 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvDecMFTMjpeg.dll
2015-12-10 13:26 - 2015-11-25 00:07 - 00501056 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2015-12-10 13:26 - 2015-11-25 00:07 - 00446768 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvDecMFTMjpeg.dll
2015-12-10 13:26 - 2015-11-25 00:07 - 00445400 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvumdshim.dll
2015-12-10 13:26 - 2015-11-25 00:07 - 00422752 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2015-12-10 13:26 - 2015-11-25 00:07 - 00413816 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2015-12-10 13:26 - 2015-11-25 00:07 - 00369272 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2015-12-10 13:26 - 2015-11-25 00:07 - 00177416 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvinitx.dll
2015-12-10 13:26 - 2015-11-25 00:07 - 00155976 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvinit.dll
2015-12-10 13:26 - 2015-11-25 00:07 - 00151368 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglshim64.dll
2015-12-10 13:26 - 2015-11-25 00:07 - 00128512 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglshim32.dll
2015-12-10 13:26 - 2015-11-25 00:07 - 00072504 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvaudcap64v.dll
2015-12-10 13:26 - 2015-11-25 00:07 - 00069416 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvaudcap32v.dll
2015-12-10 13:26 - 2015-11-25 00:07 - 00050472 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvad64v.sys
2015-12-10 13:26 - 2015-11-25 00:07 - 00039240 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvhdap64.dll
2015-12-10 07:19 - 2015-12-17 19:53 - 00000000 ____D C:\Users\dlehn\OneDrive\Documents\My Games
2015-12-10 03:55 - 2015-12-22 15:57 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-12-10 03:55 - 2015-12-10 03:55 - 00000000 _SHDL C:\Users\Default\Vorlagen
2015-12-10 03:55 - 2015-12-10 03:55 - 00000000 _SHDL C:\Users\Default\Startmenü
2015-12-10 03:55 - 2015-12-10 03:55 - 00000000 _SHDL C:\Users\Default\Netzwerkumgebung
2015-12-10 03:55 - 2015-12-10 03:55 - 00000000 _SHDL C:\Users\Default\Lokale Einstellungen
2015-12-10 03:55 - 2015-12-10 03:55 - 00000000 _SHDL C:\Users\Default\Eigene Dateien
2015-12-10 03:55 - 2015-12-10 03:55 - 00000000 _SHDL C:\Users\Default\Druckumgebung
2015-12-10 03:55 - 2015-12-10 03:55 - 00000000 _SHDL C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2015-12-10 03:55 - 2015-12-10 03:55 - 00000000 _SHDL C:\Users\Default\AppData\Local\Verlauf
2015-12-10 03:55 - 2015-12-10 03:55 - 00000000 _SHDL C:\Users\Default\AppData\Local\Anwendungsdaten
2015-12-10 03:55 - 2015-12-10 03:55 - 00000000 _SHDL C:\Users\Default\Anwendungsdaten
2015-12-10 03:55 - 2015-12-10 03:55 - 00000000 _SHDL C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2015-12-10 03:55 - 2015-12-10 03:55 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Verlauf
2015-12-10 03:55 - 2015-12-10 03:55 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Anwendungsdaten
2015-12-10 03:55 - 2015-12-10 03:55 - 00000000 _SHDL C:\Users\Default User
2015-12-10 03:55 - 2015-12-10 03:55 - 00000000 _SHDL C:\Users\All Users
2015-12-10 03:55 - 2015-12-10 03:55 - 00000000 _SHDL C:\Programme
2015-12-10 03:55 - 2015-12-10 03:55 - 00000000 _SHDL C:\ProgramData\Vorlagen
2015-12-10 03:55 - 2015-12-10 03:55 - 00000000 _SHDL C:\ProgramData\Startmenü
2015-12-10 03:55 - 2015-12-10 03:55 - 00000000 _SHDL C:\ProgramData\Microsoft\Windows\Start Menu\Programme
2015-12-10 03:55 - 2015-12-10 03:55 - 00000000 _SHDL C:\ProgramData\Dokumente
2015-12-10 03:55 - 2015-12-10 03:55 - 00000000 _SHDL C:\ProgramData\Anwendungsdaten
2015-12-10 03:55 - 2015-12-10 03:55 - 00000000 _SHDL C:\Program Files\Gemeinsame Dateien
2015-12-10 03:55 - 2015-12-10 03:55 - 00000000 _SHDL C:\Dokumente und Einstellungen
2015-12-10 03:54 - 2015-12-22 15:57 - 00000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2015-12-10 03:54 - 2015-12-22 15:57 - 00000000 ____D C:\ProgramData\NVIDIA
2015-12-10 03:54 - 2015-12-21 12:38 - 00000000 ____D C:\WINDOWS\SysWOW64\RTCOM
2015-12-10 03:54 - 2015-12-16 14:57 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2015-12-10 03:54 - 2015-12-16 14:57 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2015-12-10 03:54 - 2015-12-16 14:57 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2015-12-10 03:54 - 2015-12-10 03:54 - 00000200 _____ C:\WINDOWS\system32\{EC94D02F-D200-4428-9531-05AF7F9799CB}.bat
2015-12-10 03:54 - 2015-12-10 03:54 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2015-12-10 03:54 - 2015-12-10 03:54 - 00000000 ____H C:\ProgramData\DP45977C.lfl
2015-12-10 03:54 - 2015-12-10 03:54 - 00000000 ____D C:\Program Files\Realtek
2015-12-10 03:54 - 2015-12-09 18:58 - 00000000 ____D C:\Intel
2015-12-10 03:54 - 2015-11-24 20:32 - 06358648 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2015-12-10 03:54 - 2015-11-24 20:32 - 02983032 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2015-12-10 03:54 - 2015-11-24 20:32 - 02554672 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2015-12-10 03:54 - 2015-11-24 20:32 - 00938616 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvvsvc.exe
2015-12-10 03:54 - 2015-11-24 20:32 - 00385328 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2015-12-10 03:54 - 2015-11-24 20:32 - 00062768 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2015-12-10 03:54 - 2015-11-23 21:35 - 06049858 _____ C:\WINDOWS\system32\nvcoproc.bin
2015-12-10 03:54 - 2015-10-08 17:56 - 00086528 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.DLL
2015-12-10 03:54 - 2015-10-08 17:56 - 00082432 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.DLL
2015-12-10 03:53 - 2015-12-21 12:42 - 00341744 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2015-12-10 03:53 - 2015-12-10 03:53 - 00018960 _____ (Logitech, Inc.) C:\WINDOWS\system32\Drivers\LNonPnP.sys
2015-12-10 03:53 - 2015-12-10 03:53 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_TeeDriverx64_01011.Wdf
2015-12-10 03:53 - 2015-12-10 03:53 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_Smb_driver_Intel_01011.Wdf
2015-12-10 03:53 - 2015-12-10 03:53 - 00000000 ____D C:\WINDOWS\ServiceProfiles
2015-12-10 03:53 - 2015-12-10 03:53 - 00000000 ____D C:\Program Files\Intel
2015-12-10 02:57 - 2015-12-10 02:57 - 00000222 _____ C:\Users\dlehn\Desktop\Valiant Hearts The Great War Soldats Inconnus Mmoires de la Grande Guerre.url
2015-12-10 02:57 - 2015-12-10 02:57 - 00000222 _____ C:\Users\dlehn\Desktop\TrackMania Stadium.url
2015-12-10 02:57 - 2015-12-10 02:57 - 00000222 _____ C:\Users\dlehn\Desktop\A Story About My Uncle.url
2015-12-10 02:56 - 2015-12-10 02:56 - 00000221 _____ C:\Users\dlehn\Desktop\Sonic Generations.url
2015-12-10 02:55 - 2015-12-10 02:55 - 00000222 _____ C:\Users\dlehn\Desktop\Orcs Must Die! 2.url
2015-12-10 02:55 - 2015-12-10 02:55 - 00000222 _____ C:\Users\dlehn\Desktop\H1Z1.url
2015-12-10 02:55 - 2015-12-10 02:55 - 00000222 _____ C:\Users\dlehn\Desktop\Far Cry 3.url
2015-12-10 02:53 - 2015-12-10 02:53 - 00000222 _____ C:\Users\dlehn\Desktop\DiRT Showdown.url
2015-12-10 02:53 - 2015-12-10 02:53 - 00000222 _____ C:\Users\dlehn\Desktop\Borderlands The Pre-Sequel.url
2015-12-09 23:01 - 2015-12-22 23:54 - 00000000 ____D C:\Users\dlehn\AppData\Roaming\TS3Client
2015-12-09 22:56 - 2015-12-09 22:56 - 00000000 ____D C:\Users\dlehn\AppData\LocalLow\Adobe
2015-12-09 22:54 - 2010-06-02 04:55 - 00527192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_7.dll
2015-12-09 22:54 - 2010-06-02 04:55 - 00518488 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_7.dll
2015-12-09 22:54 - 2010-06-02 04:55 - 00239960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_7.dll
2015-12-09 22:54 - 2010-06-02 04:55 - 00176984 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_7.dll
2015-12-09 22:54 - 2010-06-02 04:55 - 00077656 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_5.dll
2015-12-09 22:54 - 2010-06-02 04:55 - 00074072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_5.dll
2015-12-09 22:54 - 2010-05-26 11:41 - 02526056 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_43.dll
2015-12-09 22:54 - 2010-05-26 11:41 - 02401112 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_43.dll
2015-12-09 22:54 - 2010-05-26 11:41 - 02106216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_43.dll
2015-12-09 22:54 - 2010-05-26 11:41 - 01998168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_43.dll
2015-12-09 22:54 - 2010-05-26 11:41 - 01907552 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dcsx_43.dll
2015-12-09 22:54 - 2010-05-26 11:41 - 01868128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dcsx_43.dll
2015-12-09 22:54 - 2010-05-26 11:41 - 00511328 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_43.dll
2015-12-09 22:54 - 2010-05-26 11:41 - 00470880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_43.dll
2015-12-09 22:54 - 2010-05-26 11:41 - 00276832 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx11_43.dll
2015-12-09 22:54 - 2010-05-26 11:41 - 00248672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx11_43.dll
2015-12-09 22:54 - 2010-02-04 10:01 - 00530776 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_6.dll
2015-12-09 22:54 - 2010-02-04 10:01 - 00528216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_6.dll
2015-12-09 22:54 - 2010-02-04 10:01 - 00238936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_6.dll
2015-12-09 22:54 - 2010-02-04 10:01 - 00176984 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_6.dll
2015-12-09 22:54 - 2010-02-04 10:01 - 00078680 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_4.dll
2015-12-09 22:54 - 2010-02-04 10:01 - 00074072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_4.dll
2015-12-09 22:54 - 2010-02-04 10:01 - 00024920 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_7.dll
2015-12-09 22:54 - 2010-02-04 10:01 - 00022360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_7.dll
2015-12-09 22:54 - 2009-09-04 17:44 - 00517960 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_5.dll
2015-12-09 22:54 - 2009-09-04 17:44 - 00515416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_5.dll
2015-12-09 22:54 - 2009-09-04 17:44 - 00238936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_5.dll
2015-12-09 22:54 - 2009-09-04 17:44 - 00176968 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_5.dll
2015-12-09 22:54 - 2009-09-04 17:44 - 00073544 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_3.dll
2015-12-09 22:54 - 2009-09-04 17:44 - 00069464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_3.dll
2015-12-09 22:54 - 2009-09-04 17:29 - 05554512 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dcsx_42.dll
2015-12-09 22:54 - 2009-09-04 17:29 - 05501792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dcsx_42.dll
2015-12-09 22:54 - 2009-09-04 17:29 - 02582888 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_42.dll
2015-12-09 22:54 - 2009-09-04 17:29 - 02475352 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_42.dll
2015-12-09 22:54 - 2009-09-04 17:29 - 01974616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_42.dll
2015-12-09 22:54 - 2009-09-04 17:29 - 01892184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_42.dll
2015-12-09 22:54 - 2009-09-04 17:29 - 00523088 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_42.dll
2015-12-09 22:54 - 2009-09-04 17:29 - 00453456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_42.dll
2015-12-09 22:54 - 2009-09-04 17:29 - 00285024 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx11_42.dll
2015-12-09 22:54 - 2009-09-04 17:29 - 00235344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx11_42.dll
2015-12-09 22:54 - 2009-03-16 14:18 - 00521560 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_4.dll
2015-12-09 22:54 - 2009-03-16 14:18 - 00517448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_4.dll
2015-12-09 22:54 - 2009-03-16 14:18 - 00235352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_4.dll
2015-12-09 22:54 - 2009-03-16 14:18 - 00174936 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_4.dll
2015-12-09 22:54 - 2009-03-16 14:18 - 00024920 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_6.dll
2015-12-09 22:54 - 2009-03-16 14:18 - 00022360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_6.dll
2015-12-09 22:54 - 2009-03-09 15:27 - 05425496 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_41.dll
2015-12-09 22:54 - 2009-03-09 15:27 - 04178264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_41.dll
2015-12-09 22:54 - 2009-03-09 15:27 - 02430312 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_41.dll
2015-12-09 22:54 - 2009-03-09 15:27 - 01846632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_41.dll
2015-12-09 22:54 - 2009-03-09 15:27 - 00520544 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_41.dll
2015-12-09 22:54 - 2009-03-09 15:27 - 00453456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_41.dll
2015-12-09 22:54 - 2008-10-15 06:22 - 02605920 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_40.dll
2015-12-09 22:54 - 2008-10-15 06:22 - 02036576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_40.dll
2015-12-09 22:54 - 2008-10-15 06:22 - 00519000 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_40.dll
2015-12-09 22:54 - 2008-10-15 06:22 - 00452440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_40.dll
2015-12-09 22:53 - 2008-10-27 10:04 - 00518480 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_3.dll
2015-12-09 22:53 - 2008-10-27 10:04 - 00514384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_3.dll
2015-12-09 22:53 - 2008-10-27 10:04 - 00235856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_3.dll
2015-12-09 22:53 - 2008-10-27 10:04 - 00175440 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_3.dll
2015-12-09 22:53 - 2008-10-27 10:04 - 00074576 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_2.dll
2015-12-09 22:53 - 2008-10-27 10:04 - 00070992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_2.dll
2015-12-09 22:53 - 2008-10-27 10:04 - 00025936 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_5.dll
2015-12-09 22:53 - 2008-10-27 10:04 - 00023376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_5.dll
2015-12-09 22:53 - 2008-10-15 06:22 - 05631312 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_40.dll
2015-12-09 22:53 - 2008-10-15 06:22 - 04379984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_40.dll
2015-12-09 22:53 - 2008-07-31 10:41 - 00238088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_2.dll
2015-12-09 22:53 - 2008-07-31 10:41 - 00177672 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_2.dll
2015-12-09 22:53 - 2008-07-31 10:41 - 00072200 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_1.dll
2015-12-09 22:53 - 2008-07-31 10:41 - 00068616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_1.dll
2015-12-09 22:53 - 2008-07-31 10:40 - 00513544 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_2.dll
2015-12-09 22:53 - 2008-07-31 10:40 - 00509448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_2.dll
2015-12-09 22:53 - 2008-07-10 11:01 - 00467984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_39.dll
2015-12-09 22:53 - 2008-07-10 11:00 - 04992520 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_39.dll
2015-12-09 22:53 - 2008-07-10 11:00 - 03851784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_39.dll
2015-12-09 22:53 - 2008-07-10 11:00 - 01942552 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_39.dll
2015-12-09 22:53 - 2008-07-10 11:00 - 01493528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_39.dll
2015-12-09 22:53 - 2008-07-10 11:00 - 00540688 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_39.dll
2015-12-09 22:53 - 2008-05-30 14:19 - 00511496 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_1.dll
2015-12-09 22:53 - 2008-05-30 14:19 - 00507400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_1.dll
2015-12-09 22:53 - 2008-05-30 14:18 - 00238088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_1.dll
2015-12-09 22:53 - 2008-05-30 14:18 - 00177672 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_1.dll
2015-12-09 22:53 - 2008-05-30 14:17 - 00068104 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_0.dll
2015-12-09 22:53 - 2008-05-30 14:17 - 00065032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_0.dll
2015-12-09 22:53 - 2008-05-30 14:17 - 00025608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_4.dll
2015-12-09 22:53 - 2008-05-30 14:16 - 00028168 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_4.dll
2015-12-09 22:53 - 2008-05-30 14:11 - 04991496 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_38.dll
2015-12-09 22:53 - 2008-05-30 14:11 - 03850760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_38.dll
2015-12-09 22:53 - 2008-05-30 14:11 - 01941528 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_38.dll
2015-12-09 22:53 - 2008-05-30 14:11 - 01491992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_38.dll
2015-12-09 22:53 - 2008-05-30 14:11 - 00540688 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_38.dll
2015-12-09 22:53 - 2008-05-30 14:11 - 00467984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_38.dll
2015-12-09 22:53 - 2008-03-05 16:04 - 00489480 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_0.dll
2015-12-09 22:53 - 2008-03-05 16:03 - 00479752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_0.dll
2015-12-09 22:53 - 2008-03-05 16:03 - 00238088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_0.dll
2015-12-09 22:53 - 2008-03-05 16:03 - 00177672 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_0.dll
2015-12-09 22:53 - 2008-03-05 16:00 - 00028168 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_3.dll
2015-12-09 22:53 - 2008-03-05 16:00 - 00025608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_3.dll
2015-12-09 22:53 - 2008-03-05 15:56 - 04910088 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_37.dll
2015-12-09 22:53 - 2008-03-05 15:56 - 03786760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_37.dll
2015-12-09 22:53 - 2008-03-05 15:56 - 01860120 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_37.dll
2015-12-09 22:53 - 2008-03-05 15:56 - 01420824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_37.dll
2015-12-09 22:53 - 2008-02-05 23:07 - 00529424 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_37.dll
2015-12-09 22:53 - 2008-02-05 23:07 - 00462864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_37.dll
2015-12-09 22:53 - 2007-10-22 03:40 - 00411656 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_10.dll
2015-12-09 22:53 - 2007-10-22 03:39 - 00267272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_10.dll
2015-12-09 22:53 - 2007-10-22 03:37 - 00021000 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_2.dll
2015-12-09 22:53 - 2007-10-22 03:37 - 00017928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_2.dll
2015-12-09 22:53 - 2007-10-12 15:14 - 05081608 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_36.dll
2015-12-09 22:53 - 2007-10-12 15:14 - 03734536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_36.dll
2015-12-09 22:53 - 2007-10-12 15:14 - 02006552 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_36.dll
2015-12-09 22:53 - 2007-10-12 15:14 - 01374232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_36.dll
2015-12-09 22:53 - 2007-10-02 09:56 - 00508264 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_36.dll
2015-12-09 22:53 - 2007-10-02 09:56 - 00444776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_36.dll
2015-12-09 22:53 - 2007-07-20 00:57 - 00411496 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_9.dll
2015-12-09 22:53 - 2007-07-20 00:57 - 00267112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_9.dll
2015-12-09 22:53 - 2007-07-19 18:14 - 05073256 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_35.dll
2015-12-09 22:53 - 2007-07-19 18:14 - 03727720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_35.dll
2015-12-09 22:53 - 2007-07-19 18:14 - 01985904 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_35.dll
2015-12-09 22:53 - 2007-07-19 18:14 - 01358192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_35.dll
2015-12-09 22:53 - 2007-07-19 18:14 - 00508264 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_35.dll
2015-12-09 22:53 - 2007-07-19 18:14 - 00444776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_35.dll
2015-12-09 22:53 - 2007-06-20 20:49 - 00409960 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_8.dll
2015-12-09 22:53 - 2007-06-20 20:46 - 00266088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_8.dll
2015-12-09 22:53 - 2007-05-16 16:45 - 04496232 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_34.dll
2015-12-09 22:53 - 2007-05-16 16:45 - 03497832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_34.dll
2015-12-09 22:53 - 2007-05-16 16:45 - 01401200 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_34.dll
2015-12-09 22:53 - 2007-05-16 16:45 - 01124720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_34.dll
2015-12-09 22:53 - 2007-05-16 16:45 - 00506728 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_34.dll
2015-12-09 22:53 - 2007-05-16 16:45 - 00443752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_34.dll
2015-12-09 22:53 - 2007-04-04 18:55 - 00403304 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_7.dll
2015-12-09 22:53 - 2007-04-04 18:55 - 00261480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_7.dll
2015-12-09 22:53 - 2007-04-04 18:54 - 00107368 _____ (Microsoft Corporation) C:\WINDOWS\system32\xinput1_3.dll
2015-12-09 22:53 - 2007-04-04 18:53 - 00081768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xinput1_3.dll
2015-12-09 22:53 - 2007-03-15 16:57 - 00506728 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_33.dll
2015-12-09 22:53 - 2007-03-15 16:57 - 00443752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_33.dll
2015-12-09 22:53 - 2007-03-12 16:42 - 04494184 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_33.dll
2015-12-09 22:53 - 2007-03-12 16:42 - 03495784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_33.dll
2015-12-09 22:53 - 2007-03-12 16:42 - 01400176 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_33.dll
2015-12-09 22:53 - 2007-03-12 16:42 - 01123696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_33.dll
2015-12-09 22:53 - 2007-03-05 12:42 - 00017688 _____ (Microsoft Corporation) C:\WINDOWS\system32\x3daudio1_1.dll
2015-12-09 22:53 - 2007-03-05 12:42 - 00015128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\x3daudio1_1.dll
2015-12-09 22:53 - 2007-01-24 15:27 - 00393576 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_6.dll
2015-12-09 22:53 - 2007-01-24 15:27 - 00255848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_6.dll
2015-12-09 22:53 - 2006-12-08 12:02 - 00251672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_5.dll
2015-12-09 22:53 - 2006-12-08 12:00 - 00390424 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_5.dll
2015-12-09 22:53 - 2006-11-29 13:06 - 04398360 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_32.dll
2015-12-09 22:53 - 2006-11-29 13:06 - 03426072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_32.dll
2015-12-09 22:53 - 2006-11-29 13:06 - 00469264 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10.dll
2015-12-09 22:53 - 2006-11-29 13:06 - 00440080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10.dll
2015-12-09 22:53 - 2006-09-28 16:05 - 03977496 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_31.dll
2015-12-09 22:53 - 2006-09-28 16:05 - 02414360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_31.dll
2015-12-09 22:53 - 2006-09-28 16:05 - 00237848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_4.dll
2015-12-09 22:53 - 2006-09-28 16:04 - 00364824 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_4.dll
2015-12-09 22:53 - 2006-07-28 09:31 - 00083736 _____ (Microsoft Corporation) C:\WINDOWS\system32\xinput1_2.dll
2015-12-09 22:53 - 2006-07-28 09:30 - 00363288 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_3.dll
2015-12-09 22:53 - 2006-07-28 09:30 - 00236824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_3.dll
2015-12-09 22:53 - 2006-07-28 09:30 - 00062744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xinput1_2.dll
2015-12-09 22:53 - 2006-05-31 07:24 - 00230168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_2.dll
2015-12-09 22:53 - 2006-05-31 07:22 - 00354072 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_2.dll
2015-12-09 22:53 - 2006-03-31 12:41 - 03927248 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_30.dll
2015-12-09 22:53 - 2006-03-31 12:40 - 02388176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_30.dll
2015-12-09 22:53 - 2006-03-31 12:40 - 00352464 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_1.dll
2015-12-09 22:53 - 2006-03-31 12:39 - 00229584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_1.dll
2015-12-09 22:53 - 2006-03-31 12:39 - 00083664 _____ (Microsoft Corporation) C:\WINDOWS\system32\xinput1_1.dll
2015-12-09 22:53 - 2006-03-31 12:39 - 00062672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xinput1_1.dll
2015-12-09 22:53 - 2006-02-03 08:43 - 03830992 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_29.dll
2015-12-09 22:53 - 2006-02-03 08:43 - 02332368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_29.dll
2015-12-09 22:53 - 2006-02-03 08:42 - 00355536 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_0.dll
2015-12-09 22:53 - 2006-02-03 08:42 - 00230096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_0.dll
2015-12-09 22:53 - 2006-02-03 08:41 - 00016592 _____ (Microsoft Corporation) C:\WINDOWS\system32\x3daudio1_0.dll
2015-12-09 22:53 - 2006-02-03 08:41 - 00014032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\x3daudio1_0.dll
2015-12-09 22:53 - 2005-12-05 18:09 - 03815120 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_28.dll
2015-12-09 22:53 - 2005-12-05 18:09 - 02323664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_28.dll
2015-12-09 22:53 - 2005-07-22 19:59 - 03807440 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_27.dll
2015-12-09 22:53 - 2005-07-22 19:59 - 02319568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_27.dll
2015-12-09 22:53 - 2005-05-26 15:34 - 03767504 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_26.dll
2015-12-09 22:53 - 2005-05-26 15:34 - 02297552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_26.dll
2015-12-09 22:53 - 2005-03-18 17:19 - 03823312 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_25.dll
2015-12-09 22:53 - 2005-03-18 17:19 - 02337488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_25.dll
2015-12-09 22:53 - 2005-02-05 19:45 - 03544272 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_24.dll
2015-12-09 22:53 - 2005-02-05 19:45 - 02222800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_24.dll
2015-12-09 22:44 - 2015-12-09 22:44 - 00000000 ____D C:\Users\dlehn\Tracing
2015-12-09 22:43 - 2015-12-23 00:06 - 00000000 ____D C:\Users\dlehn\AppData\Roaming\Skype
2015-12-09 22:43 - 2015-12-09 22:43 - 00002642 _____ C:\Users\Public\Desktop\Skype.lnk
2015-12-09 22:43 - 2015-12-09 22:43 - 00000000 ___RD C:\Program Files (x86)\Skype
2015-12-09 22:43 - 2015-12-09 22:43 - 00000000 ____D C:\ProgramData\Skype
2015-12-09 22:43 - 2015-12-09 22:43 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2015-12-09 22:41 - 2015-12-09 22:41 - 00001092 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CC 2015.lnk
2015-12-09 22:40 - 2015-12-09 22:44 - 00000000 ____D C:\Program Files\Adobe
2015-12-09 22:38 - 2015-12-09 22:38 - 00000661 _____ C:\Users\Public\Desktop\VLC media player.lnk
2015-12-09 22:38 - 2015-12-09 22:38 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2015-12-09 22:37 - 2015-12-09 22:37 - 00000673 _____ C:\Users\Public\Desktop\TeamSpeak 3 Client.lnk
2015-12-09 22:37 - 2015-12-09 22:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client
2015-12-09 22:18 - 2015-12-09 22:18 - 00000000 ____D C:\Users\dlehn\AppData\Roaming\WinRAR
2015-12-09 22:18 - 2015-12-09 22:18 - 00000000 ____D C:\Users\dlehn\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2015-12-09 22:18 - 2015-12-09 22:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2015-12-09 22:18 - 2015-12-09 22:18 - 00000000 ____D C:\Program Files\WinRAR
2015-12-09 22:15 - 2015-12-09 22:15 - 00000000 ____D C:\Users\dlehn\AppData\Roaming\NVIDIA
2015-12-09 22:15 - 2015-12-09 22:15 - 00000000 ____D C:\ProgramData\regid.1986-12.com.adobe
2015-12-09 22:09 - 2015-12-09 22:41 - 00000000 ____D C:\Users\dlehn\OneDrive\Documents\Adobe
2015-12-09 22:08 - 2015-12-09 22:47 - 00000000 ____D C:\Program Files\Common Files\Adobe
2015-12-09 22:01 - 2015-12-12 13:25 - 00000000 ___RD C:\Users\dlehn\Creative Cloud Files
2015-12-09 22:01 - 2015-12-11 22:08 - 00000000 ____D C:\ProgramData\boost_interprocess
2015-12-09 22:01 - 2015-12-09 04:39 - 00301728 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2015-12-09 21:59 - 2015-12-09 22:01 - 00000000 ____D C:\WINDOWS\system32\MRT
2015-12-09 21:59 - 2015-11-23 19:10 - 140158008 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2015-12-09 21:57 - 2015-12-09 22:46 - 00000000 ____D C:\Program Files (x86)\Adobe
2015-12-09 21:57 - 2015-12-09 22:40 - 00000000 ____D C:\ProgramData\Adobe
2015-12-09 21:57 - 2015-12-09 21:57 - 00001305 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Creative Cloud.lnk
2015-12-09 21:57 - 2015-12-09 21:57 - 00000000 ____D C:\ProgramData\Package Cache
2015-12-09 21:53 - 2015-12-22 13:23 - 00000000 ____D C:\Users\dlehn\AppData\Local\Adobe
2015-12-09 21:09 - 2015-12-09 21:09 - 00000000 ____H C:\WINDOWS\system32\Drivers\Msft_Kernel_csrserial_01009.Wdf
2015-12-09 21:09 - 2015-12-09 21:09 - 00000000 ____D C:\BluetoothExchangeFolder
2015-12-09 20:25 - 2015-12-09 20:25 - 00000189 _____ C:\siw_debug.txt
2015-12-09 20:20 - 2015-12-09 20:20 - 00000000 ____D C:\Users\dlehn\AppData\Local\CrashRpt
2015-12-09 20:06 - 2015-12-09 20:06 - 00000000 ____D C:\Users\dlehn\AppData\LocalLow\Temp
2015-12-09 19:36 - 2015-12-09 19:36 - 00000000 ___RD C:\Users\dlehn\3D Objects
2015-12-09 19:20 - 2015-12-09 19:20 - 00000222 _____ C:\Users\dlehn\Desktop\Just Cause 3.url
2015-12-09 19:19 - 2015-12-09 19:19 - 00000222 _____ C:\Users\dlehn\Desktop\Broforce.url
2015-12-09 19:19 - 2015-12-09 19:19 - 00000222 _____ C:\Users\dlehn\Desktop\Age of Empires III Complete Collection.url
2015-12-09 19:19 - 2015-12-09 19:19 - 00000219 _____ C:\Users\dlehn\Desktop\Counter-Strike Global Offensive.url
2015-12-09 19:18 - 2015-12-09 19:18 - 00000222 _____ C:\Users\dlehn\Desktop\Call of Duty Black Ops III.url
2015-12-09 19:09 - 2015-12-18 12:59 - 00000000 ____D C:\Users\dlehn\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2015-12-09 19:05 - 2015-12-09 19:05 - 00000000 ____D C:\Users\dlehn\AppData\Local\Steam
2015-12-09 19:05 - 2015-12-09 19:05 - 00000000 ____D C:\Users\dlehn\AppData\Local\CEF
2015-12-09 19:03 - 2015-12-22 21:19 - 00000000 ____D C:\Program Files (x86)\Steam
2015-12-09 19:03 - 2015-12-22 16:03 - 01884808 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2015-12-09 19:03 - 2015-12-09 19:03 - 00001039 _____ C:\Users\Public\Desktop\Steam.lnk
2015-12-09 19:03 - 2015-12-09 19:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2015-12-09 19:02 - 2015-12-23 00:07 - 00001140 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-12-09 19:02 - 2015-12-22 19:07 - 00001136 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-12-09 19:02 - 2015-12-16 23:08 - 00002259 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2015-12-09 19:02 - 2015-12-09 19:02 - 00004198 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2015-12-09 19:02 - 2015-12-09 19:02 - 00003966 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2015-12-09 19:02 - 2015-12-09 19:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-12-09 19:02 - 2015-12-09 19:02 - 00000000 ____D C:\Program Files (x86)\Google
2015-12-09 19:01 - 2015-12-17 00:56 - 00000000 ___RD C:\Users\dlehn\OneDrive
2015-12-09 19:01 - 2015-12-14 14:22 - 00002390 _____ C:\Users\dlehn\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2015-12-09 19:01 - 2015-12-09 19:43 - 00000000 ____D C:\Users\dlehn\AppData\Local\Google
2015-12-09 19:01 - 2015-12-09 19:01 - 00051392 _____ (SteelSeries ApS) C:\WINDOWS\system32\Drivers\sshid.sys
2015-12-09 19:01 - 2015-12-09 19:01 - 00000000 ____D C:\Users\dlehn\AppData\Local\MicrosoftEdge
2015-12-09 19:01 - 2015-12-09 19:01 - 00000000 ____D C:\ProgramData\Microsoft OneDrive
2015-12-09 19:01 - 2015-06-15 18:43 - 00000159 _____ C:\Users\dlehn\OneDrive\Documents\wunsch.txt
2015-12-09 19:01 - 2015-01-23 20:42 - 00000210 _____ C:\Users\dlehn\OneDrive\Documents\12.txt
2015-12-09 19:01 - 2015-01-16 02:11 - 00000413 _____ C:\Users\dlehn\OneDrive\Documents\1.txt
2015-12-09 19:01 - 2015-01-01 01:27 - 00000079 _____ C:\Users\dlehn\OneDrive\Documents\Strafe.txt
2015-12-09 19:01 - 2014-12-28 02:22 - 00000712 _____ C:\Users\dlehn\OneDrive\Documents\Monstercat Colors.txt
2015-12-09 19:01 - 2014-12-26 16:09 - 00007250 _____ C:\Users\dlehn\OneDrive\Documents\Privatrecht.txt
2015-12-09 19:00 - 2015-12-09 19:02 - 00000000 ____D C:\Users\dlehn\AppData\Local\Comms
2015-12-09 19:00 - 2015-12-09 19:00 - 00001054 _____ C:\Users\dlehn\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Optionale Features.lnk
2015-12-09 19:00 - 2015-12-09 19:00 - 00000000 ____D C:\Users\dlehn\AppData\Local\Publishers
2015-12-09 19:00 - 2015-07-09 20:39 - 04847104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NlsData0009.dll
2015-12-09 19:00 - 2015-07-09 20:36 - 02629632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NlsLexicons0009.dll
2015-12-09 19:00 - 2015-07-09 20:28 - 06358016 _____ (Microsoft Corporation) C:\WINDOWS\system32\NlsData0009.dll
2015-12-09 19:00 - 2015-07-09 20:25 - 05739520 _____ (Microsoft Corporation) C:\WINDOWS\system32\prm0009.dll
2015-12-09 19:00 - 2015-07-09 20:25 - 02629632 _____ (Microsoft Corporation) C:\WINDOWS\system32\NlsLexicons0009.dll
2015-12-09 18:59 - 2015-12-22 15:57 - 00000000 __SHD C:\Users\dlehn\IntelGraphicsProfiles
2015-12-09 18:59 - 2015-12-21 16:56 - 00000000 ____D C:\Users\dlehn\AppData\Local\Packages
2015-12-09 18:59 - 2015-12-19 03:46 - 00000000 ____D C:\Users\dlehn
2015-12-09 18:59 - 2015-12-16 14:57 - 00000000 __RHD C:\Users\Public\AccountPictures
2015-12-09 18:59 - 2015-12-09 22:49 - 00000000 ____D C:\Users\dlehn\AppData\Roaming\Adobe
2015-12-09 18:59 - 2015-12-09 22:01 - 00000000 ____D C:\Users\dlehn\AppData\Local\VirtualStore
2015-12-09 18:59 - 2015-12-09 19:12 - 00000000 ____D C:\Users\dlehn\AppData\Local\PackageStaging
2015-12-09 18:59 - 2015-12-09 18:59 - 00016148 _____ C:\WINDOWS\system32\DESKTOP-UPDA33C_defaultuser0_HistoryPrediction.bin
2015-12-09 18:59 - 2015-12-09 18:59 - 00000020 ___SH C:\Users\dlehn\ntuser.ini
2015-12-09 18:59 - 2015-12-09 18:59 - 00000000 _SHDL C:\Users\dlehn\Vorlagen
2015-12-09 18:59 - 2015-12-09 18:59 - 00000000 _SHDL C:\Users\dlehn\Startmenü
2015-12-09 18:59 - 2015-12-09 18:59 - 00000000 _SHDL C:\Users\dlehn\Netzwerkumgebung
2015-12-09 18:59 - 2015-12-09 18:59 - 00000000 _SHDL C:\Users\dlehn\Lokale Einstellungen
2015-12-09 18:59 - 2015-12-09 18:59 - 00000000 _SHDL C:\Users\dlehn\Eigene Dateien
2015-12-09 18:59 - 2015-12-09 18:59 - 00000000 _SHDL C:\Users\dlehn\Druckumgebung
2015-12-09 18:59 - 2015-12-09 18:59 - 00000000 _SHDL C:\Users\dlehn\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2015-12-09 18:59 - 2015-12-09 18:59 - 00000000 _SHDL C:\Users\dlehn\AppData\Local\Verlauf
2015-12-09 18:59 - 2015-12-09 18:59 - 00000000 _SHDL C:\Users\dlehn\AppData\Local\Anwendungsdaten
2015-12-09 18:59 - 2015-12-09 18:59 - 00000000 _SHDL C:\Users\dlehn\Anwendungsdaten
2015-12-09 18:59 - 2015-12-09 18:59 - 00000000 ____D C:\Users\dlehn\AppData\Local\TileDataLayer
2015-12-09 18:56 - 2015-12-09 18:56 - 00000000 ____D C:\ProgramData\USOShared
2015-12-09 18:56 - 2015-07-10 11:59 - 02718208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2015-12-09 18:51 - 2015-12-09 18:51 - 00000000 _____ C:\Recovery.txt
2015-12-09 18:50 - 2015-12-22 15:48 - 00000000 ___DC C:\WINDOWS\Panther
2015-12-09 18:50 - 2015-12-09 18:50 - 00008192 _____ C:\WINDOWS\system32\config\userdiff
2015-12-09 18:50 - 2015-12-09 18:50 - 00000000 ____D C:\WINDOWS\InfusedApps
2015-12-09 18:49 - 2015-12-09 18:49 - 00000000 ____D C:\Program Files\Synaptics
2015-12-09 18:48 - 2015-12-09 18:48 - 00000000 ____D C:\WINDOWS\Setup
2015-12-09 18:47 - 2015-12-09 19:00 - 00000000 ____D C:\WINDOWS\OCR
2015-12-09 18:47 - 2015-12-09 18:47 - 00000000 ____D C:\WINDOWS\SysWOW64\XPSViewer
2015-12-09 18:47 - 2015-12-09 18:47 - 00000000 ____D C:\Program Files\Reference Assemblies
2015-12-09 18:47 - 2015-12-09 18:47 - 00000000 ____D C:\Program Files\MSBuild
2015-12-09 18:47 - 2015-12-09 18:47 - 00000000 ____D C:\Program Files (x86)\Reference Assemblies
2015-12-09 18:47 - 2015-12-09 18:47 - 00000000 ____D C:\Program Files (x86)\MSBuild
2015-12-09 18:46 - 2015-12-22 16:03 - 00811168 _____ C:\WINDOWS\system32\perfh007.dat
2015-12-09 18:46 - 2015-12-22 16:03 - 00165100 _____ C:\WINDOWS\system32\perfc007.dat
2015-12-09 18:46 - 2015-12-09 18:46 - 00305634 _____ C:\WINDOWS\system32\perfi007.dat
2015-12-09 18:46 - 2015-12-09 18:46 - 00040390 _____ C:\WINDOWS\system32\perfd007.dat
2015-12-09 18:46 - 2015-12-09 18:46 - 00000000 ____D C:\WINDOWS\SysWOW64\winrm
2015-12-09 18:46 - 2015-12-09 18:46 - 00000000 ____D C:\WINDOWS\SysWOW64\WCN
2015-12-09 18:46 - 2015-12-09 18:46 - 00000000 ____D C:\WINDOWS\SysWOW64\sysprep
2015-12-09 18:46 - 2015-12-09 18:46 - 00000000 ____D C:\WINDOWS\SysWOW64\slmgr
2015-12-09 18:46 - 2015-12-09 18:46 - 00000000 ____D C:\WINDOWS\SysWOW64\Printing_Admin_Scripts
2015-12-09 18:46 - 2015-12-09 18:46 - 00000000 ____D C:\WINDOWS\SysWOW64\de
2015-12-09 18:46 - 2015-12-09 18:46 - 00000000 ____D C:\WINDOWS\SysWOW64\0409
2015-12-09 18:46 - 2015-12-09 18:46 - 00000000 ____D C:\WINDOWS\system32\winrm
2015-12-09 18:46 - 2015-12-09 18:46 - 00000000 ____D C:\WINDOWS\system32\WCN
2015-12-09 18:46 - 2015-12-09 18:46 - 00000000 ____D C:\WINDOWS\system32\slmgr
2015-12-09 18:46 - 2015-12-09 18:46 - 00000000 ____D C:\WINDOWS\system32\Printing_Admin_Scripts
2015-12-09 18:46 - 2015-12-09 18:46 - 00000000 ____D C:\WINDOWS\system32\de
2015-12-09 18:46 - 2015-12-09 18:46 - 00000000 ____D C:\WINDOWS\system32\0409
2015-12-09 18:46 - 2015-12-09 18:46 - 00000000 ____D C:\WINDOWS\DigitalLocker
2015-12-09 18:45 - 2015-12-01 01:32 - 00826872 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2015-12-09 18:45 - 2015-12-01 01:32 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2015-12-09 18:44 - 2015-12-22 16:11 - 00000000 ____D C:\WINDOWS\INF
2015-12-09 18:44 - 2015-12-22 15:59 - 00000000 ____D C:\WINDOWS\system32\inetsrv
2015-12-09 18:44 - 2015-12-22 13:28 - 00000000 ___HD C:\Program Files\WindowsApps
2015-12-09 18:44 - 2015-12-22 13:28 - 00000000 ____D C:\WINDOWS\AppReadiness
2015-12-09 18:44 - 2015-12-19 16:02 - 00000000 ____D C:\WINDOWS\rescache
2015-12-09 18:44 - 2015-12-16 14:57 - 00000000 ___RD C:\WINDOWS\PurchaseDialog
2015-12-09 18:44 - 2015-12-16 14:57 - 00000000 ____D C:\WINDOWS\system32\spool
2015-12-09 18:44 - 2015-12-16 14:57 - 00000000 ____D C:\WINDOWS\LiveKernelReports
2015-12-09 18:44 - 2015-12-16 14:57 - 00000000 ____D C:\ProgramData\USOPrivate
2015-12-09 18:44 - 2015-12-16 14:57 - 00000000 ____D C:\Program Files\Common Files\System
2015-12-09 18:44 - 2015-12-16 14:57 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2015-12-09 18:44 - 2015-12-16 14:45 - 00000000 ____D C:\WINDOWS\Registration
2015-12-09 18:44 - 2015-12-11 21:55 - 00000000 ____D C:\WINDOWS\SysWOW64\inetsrv
2015-12-09 18:44 - 2015-12-10 17:34 - 00000000 ____D C:\WINDOWS\ShellNew
2015-12-09 18:44 - 2015-12-10 17:34 - 00000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2015-12-09 18:44 - 2015-12-10 17:31 - 00000167 _____ C:\WINDOWS\win.ini
2015-12-09 18:44 - 2015-12-10 03:55 - 00000000 ____D C:\Program Files\Windows NT
2015-12-09 18:44 - 2015-12-10 03:54 - 00000000 ____D C:\WINDOWS\system32\Sysprep
2015-12-09 18:44 - 2015-12-10 03:54 - 00000000 ____D C:\WINDOWS\Help
2015-12-09 18:44 - 2015-12-10 03:09 - 00000000 ____D C:\WINDOWS\appcompat
2015-12-09 18:44 - 2015-12-10 03:03 - 00000000 ___SD C:\WINDOWS\SysWOW64\F12
2015-12-09 18:44 - 2015-12-10 03:03 - 00000000 ___SD C:\WINDOWS\system32\F12
2015-12-09 18:44 - 2015-12-10 03:03 - 00000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2015-12-09 18:44 - 2015-12-10 03:03 - 00000000 ___RD C:\WINDOWS\DevicesFlow
2015-12-09 18:44 - 2015-12-10 03:03 - 00000000 ____D C:\WINDOWS\SysWOW64\oobe
2015-12-09 18:44 - 2015-12-10 03:03 - 00000000 ____D C:\WINDOWS\SysWOW64\Dism
2015-12-09 18:44 - 2015-12-10 03:03 - 00000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2015-12-09 18:44 - 2015-12-10 03:03 - 00000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2015-12-09 18:44 - 2015-12-10 03:03 - 00000000 ____D C:\WINDOWS\system32\oobe
2015-12-09 18:44 - 2015-12-10 03:03 - 00000000 ____D C:\WINDOWS\system32\Dism
2015-12-09 18:44 - 2015-12-10 03:03 - 00000000 ____D C:\WINDOWS\system32\appraiser
2015-12-09 18:44 - 2015-12-10 03:03 - 00000000 ____D C:\WINDOWS\Provisioning
2015-12-09 18:44 - 2015-12-10 03:03 - 00000000 ____D C:\WINDOWS\L2Schemas
2015-12-09 18:44 - 2015-12-10 03:03 - 00000000 ____D C:\Program Files\Windows Journal
2015-12-09 18:44 - 2015-12-09 18:59 - 00000000 ___RD C:\WINDOWS\PrintDialog
2015-12-09 18:44 - 2015-12-09 18:59 - 00000000 ___RD C:\WINDOWS\MiracastView
2015-12-09 18:44 - 2015-12-09 18:56 - 00000000 ____D C:\WINDOWS\system32\FxsTmp
2015-12-09 18:44 - 2015-12-09 18:50 - 00028672 _____ C:\WINDOWS\system32\config\BCD-Template
2015-12-09 18:44 - 2015-12-09 18:47 - 00000000 ____D C:\WINDOWS\SysWOW64\MUI
2015-12-09 18:44 - 2015-12-09 18:47 - 00000000 ____D C:\WINDOWS\system32\MUI
2015-12-09 18:44 - 2015-12-09 18:46 - 00000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs
2015-12-09 18:44 - 2015-12-09 18:46 - 00000000 ___SD C:\WINDOWS\system32\dsc
2015-12-09 18:44 - 2015-12-09 18:46 - 00000000 ___SD C:\WINDOWS\system32\DiagSvcs
2015-12-09 18:44 - 2015-12-09 18:46 - 00000000 ____D C:\WINDOWS\SysWOW64\setup
2015-12-09 18:44 - 2015-12-09 18:46 - 00000000 ____D C:\WINDOWS\SysWOW64\Com
2015-12-09 18:44 - 2015-12-09 18:46 - 00000000 ____D C:\WINDOWS\system32\setup
2015-12-09 18:44 - 2015-12-09 18:46 - 00000000 ____D C:\WINDOWS\system32\migwiz
2015-12-09 18:44 - 2015-12-09 18:46 - 00000000 ____D C:\WINDOWS\system32\Com
2015-12-09 18:44 - 2015-12-09 18:46 - 00000000 ____D C:\WINDOWS\PolicyDefinitions
2015-12-09 18:44 - 2015-12-09 18:46 - 00000000 ____D C:\WINDOWS\IME
2015-12-09 18:44 - 2015-12-09 18:46 - 00000000 ____D C:\Program Files\Windows Photo Viewer
2015-12-09 18:44 - 2015-12-09 18:46 - 00000000 ____D C:\Program Files\Windows Defender
2015-12-09 18:44 - 2015-12-09 18:46 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2015-12-09 18:44 - 2015-12-09 18:46 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2015-12-09 18:44 - 2015-12-09 18:44 - 00000000 __SHD C:\Program Files\Windows Sidebar
2015-12-09 18:44 - 2015-12-09 18:44 - 00000000 __SHD C:\Program Files (x86)\Windows Sidebar
2015-12-09 18:44 - 2015-12-09 18:44 - 00000000 __RSD C:\WINDOWS\Media
2015-12-09 18:44 - 2015-12-09 18:44 - 00000000 __RHD C:\Users\Public\Libraries
2015-12-09 18:44 - 2015-12-09 18:44 - 00000000 ___SD C:\WINDOWS\SysWOW64\Nui
2015-12-09 18:44 - 2015-12-09 18:44 - 00000000 ___SD C:\WINDOWS\SysWOW64\Configuration
2015-12-09 18:44 - 2015-12-09 18:44 - 00000000 ___SD C:\WINDOWS\system32\Nui
2015-12-09 18:44 - 2015-12-09 18:44 - 00000000 ___SD C:\WINDOWS\system32\Configuration
2015-12-09 18:44 - 2015-12-09 18:44 - 00000000 ___SD C:\WINDOWS\Downloaded Program Files
2015-12-09 18:44 - 2015-12-09 18:44 - 00000000 ___RD C:\WINDOWS\Offline Web Pages
2015-12-09 18:44 - 2015-12-09 18:44 - 00000000 ___RD C:\WINDOWS\DesktopTileResources
2015-12-09 18:44 - 2015-12-09 18:44 - 00000000 ___HD C:\WINDOWS\ELAMBKUP
2015-12-09 18:44 - 2015-12-09 18:44 - 00000000 ____D C:\WINDOWS\Web
2015-12-09 18:44 - 2015-12-09 18:44 - 00000000 ____D C:\WINDOWS\Vss
2015-12-09 18:44 - 2015-12-09 18:44 - 00000000 ____D C:\WINDOWS\tracing
2015-12-09 18:44 - 2015-12-09 18:44 - 00000000 ____D C:\WINDOWS\TAPI
2015-12-09 18:44 - 2015-12-09 18:44 - 00000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2015-12-09 18:44 - 2015-12-09 18:44 - 00000000 ____D C:\WINDOWS\SysWOW64\SMI
2015-12-09 18:44 - 2015-12-09 18:44 - 00000000 ____D C:\WINDOWS\SysWOW64\ras
2015-12-09 18:44 - 2015-12-09 18:44 - 00000000 ____D C:\WINDOWS\SysWOW64\NDF
2015-12-09 18:44 - 2015-12-09 18:44 - 00000000 ____D C:\WINDOWS\SysWOW64\MsDtc
2015-12-09 18:44 - 2015-12-09 18:44 - 00000000 ____D C:\WINDOWS\SysWOW64\migwiz
2015-12-09 18:44 - 2015-12-09 18:44 - 00000000 ____D C:\WINDOWS\SysWOW64\Macromed
2015-12-09 18:44 - 2015-12-09 18:44 - 00000000 ____D C:\WINDOWS\SysWOW64\Ipmi
2015-12-09 18:44 - 2015-12-09 18:44 - 00000000 ____D C:\WINDOWS\SysWOW64\InputMethod
2015-12-09 18:44 - 2015-12-09 18:44 - 00000000 ____D C:\WINDOWS\SysWOW64\IME
2015-12-09 18:44 - 2015-12-09 18:44 - 00000000 ____D C:\WINDOWS\SysWOW64\icsxml
2015-12-09 18:44 - 2015-12-09 18:44 - 00000000 ____D C:\WINDOWS\SysWOW64\GroupPolicyUsers
2015-12-09 18:44 - 2015-12-09 18:44 - 00000000 ____D C:\WINDOWS\SysWOW64\GroupPolicy
2015-12-09 18:44 - 2015-12-09 18:44 - 00000000 ____D C:\WINDOWS\SysWOW64\FxsTmp
2015-12-09 18:44 - 2015-12-09 18:44 - 00000000 ____D C:\WINDOWS\SysWOW64\downlevel
2015-12-09 18:44 - 2015-12-09 18:44 - 00000000 ____D C:\WINDOWS\SysWOW64\Bthprops
2015-12-09 18:44 - 2015-12-09 18:44 - 00000000 ____D C:\WINDOWS\SysWOW64\AppLocker
2015-12-09 18:44 - 2015-12-09 18:44 - 00000000 ____D C:\WINDOWS\SysWOW64\AdvancedInstallers
2015-12-09 18:44 - 2015-12-09 18:44 - 00000000 ____D C:\WINDOWS\SystemResources
2015-12-09 18:44 - 2015-12-09 18:44 - 00000000 ____D C:\WINDOWS\SystemApps
2015-12-09 18:44 - 2015-12-09 18:44 - 00000000 ____D C:\WINDOWS\system32\WinMetadata
2015-12-09 18:44 - 2015-12-09 18:44 - 00000000 ____D C:\WINDOWS\system32\winevt
2015-12-09 18:44 - 2015-12-09 18:44 - 00000000 ____D C:\WINDOWS\system32\WinBioDatabase
2015-12-09 18:44 - 2015-12-09 18:44 - 00000000 ____D C:\WINDOWS\system32\SecureBootUpdates
2015-12-09 18:44 - 2015-12-09 18:44 - 00000000 ____D C:\WINDOWS\system32\ras
2015-12-09 18:44 - 2015-12-09 18:44 - 00000000 ____D C:\WINDOWS\system32\ProximityToast
2015-12-09 18:44 - 2015-12-09 18:44 - 00000000 ____D C:\WINDOWS\system32\PointOfService
2015-12-09 18:44 - 2015-12-09 18:44 - 00000000 ____D C:\WINDOWS\system32\NDF
2015-12-09 18:44 - 2015-12-09 18:44 - 00000000 ____D C:\WINDOWS\system32\MsDtc
2015-12-09 18:44 - 2015-12-09 18:44 - 00000000 ____D C:\WINDOWS\system32\MailContactsCalendarSync
2015-12-09 18:44 - 2015-12-09 18:44 - 00000000 ____D C:\WINDOWS\system32\Macromed
2015-12-09 18:44 - 2015-12-09 18:44 - 00000000 ____D C:\WINDOWS\system32\Ipmi
2015-12-09 18:44 - 2015-12-09 18:44 - 00000000 ____D C:\WINDOWS\system32\InputMethod
2015-12-09 18:44 - 2015-12-09 18:44 - 00000000 ____D C:\WINDOWS\system32\IME
2015-12-09 18:44 - 2015-12-09 18:44 - 00000000 ____D C:\WINDOWS\system32\icsxml
2015-12-09 18:44 - 2015-12-09 18:44 - 00000000 ____D C:\WINDOWS\system32\ias
2015-12-09 18:44 - 2015-12-09 18:44 - 00000000 ____D C:\WINDOWS\system32\downlevel
2015-12-09 18:44 - 2015-12-09 18:44 - 00000000 ____D C:\WINDOWS\system32\config\Journal
2015-12-09 18:44 - 2015-12-09 18:44 - 00000000 ____D C:\WINDOWS\system32\Bthprops
2015-12-09 18:44 - 2015-12-09 18:44 - 00000000 ____D C:\WINDOWS\system32\AppLocker
2015-12-09 18:44 - 2015-12-09 18:44 - 00000000 ____D C:\WINDOWS\system32\AdvancedInstallers
2015-12-09 18:44 - 2015-12-09 18:44 - 00000000 ____D C:\WINDOWS\System
2015-12-09 18:44 - 2015-12-09 18:44 - 00000000 ____D C:\WINDOWS\SKB
2015-12-09 18:44 - 2015-12-09 18:44 - 00000000 ____D C:\WINDOWS\security
2015-12-09 18:44 - 2015-12-09 18:44 - 00000000 ____D C:\WINDOWS\schemas
2015-12-09 18:44 - 2015-12-09 18:44 - 00000000 ____D C:\WINDOWS\SchCache
2015-12-09 18:44 - 2015-12-09 18:44 - 00000000 ____D C:\WINDOWS\Resources
2015-12-09 18:44 - 2015-12-09 18:44 - 00000000 ____D C:\WINDOWS\PLA
2015-12-09 18:44 - 2015-12-09 18:44 - 00000000 ____D C:\WINDOWS\Performance
2015-12-09 18:44 - 2015-12-09 18:44 - 00000000 ____D C:\WINDOWS\ModemLogs
2015-12-09 18:44 - 2015-12-09 18:44 - 00000000 ____D C:\WINDOWS\InputMethod
2015-12-09 18:44 - 2015-12-09 18:44 - 00000000 ____D C:\WINDOWS\Globalization
2015-12-09 18:44 - 2015-12-09 18:44 - 00000000 ____D C:\WINDOWS\Cursors
2015-12-09 18:44 - 2015-12-09 18:44 - 00000000 ____D C:\WINDOWS\Branding
2015-12-09 18:44 - 2015-12-09 18:44 - 00000000 ____D C:\WINDOWS\addins
2015-12-09 18:44 - 2015-12-09 18:44 - 00000000 ____D C:\ProgramData\Comms
2015-12-09 18:44 - 2015-12-09 18:44 - 00000000 ____D C:\Program Files\Windows Portable Devices
2015-12-09 18:44 - 2015-12-09 18:44 - 00000000 ____D C:\Program Files\Windows Multimedia Platform
2015-12-09 18:44 - 2015-12-09 18:44 - 00000000 ____D C:\Program Files\Common Files\Services
2015-12-09 18:44 - 2015-12-09 18:44 - 00000000 ____D C:\Program Files (x86)\Windows Portable Devices
2015-12-09 18:44 - 2015-12-09 18:44 - 00000000 ____D C:\Program Files (x86)\Windows NT
2015-12-09 18:44 - 2015-12-09 18:44 - 00000000 ____D C:\Program Files (x86)\Windows Multimedia Platform
2015-12-09 18:44 - 2015-12-09 18:43 - 00229888 _____ (Microsoft Corporation) C:\WINDOWS\system32\msclmd.dll
2015-12-09 18:44 - 2015-12-09 18:43 - 00215943 _____ C:\WINDOWS\SysWOW64\dssec.dat
2015-12-09 18:44 - 2015-12-09 18:43 - 00215943 _____ C:\WINDOWS\system32\dssec.dat
2015-12-09 18:44 - 2015-12-09 18:43 - 00208384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msclmd.dll
2015-12-09 18:44 - 2015-12-09 18:43 - 00017463 _____ C:\WINDOWS\system32\Drivers\etc\services
2015-12-09 18:44 - 2015-12-09 18:43 - 00015462 _____ C:\WINDOWS\system32\OEMDefaultAssociations.xml
2015-12-09 18:44 - 2015-12-09 18:43 - 00008798 _____ C:\WINDOWS\SysWOW64\icrav03.rat
2015-12-09 18:44 - 2015-12-09 18:43 - 00008798 _____ C:\WINDOWS\system32\icrav03.rat
2015-12-09 18:44 - 2015-12-09 18:43 - 00003683 _____ C:\WINDOWS\system32\Drivers\etc\lmhosts.sam
2015-12-09 18:44 - 2015-12-09 18:43 - 00001988 _____ C:\WINDOWS\SysWOW64\ticrf.rat
2015-12-09 18:44 - 2015-12-09 18:43 - 00001988 _____ C:\WINDOWS\system32\ticrf.rat
2015-12-09 18:44 - 2015-12-09 18:43 - 00001358 _____ C:\WINDOWS\system32\Drivers\etc\protocol
2015-12-09 18:44 - 2015-12-09 18:43 - 00000858 _____ C:\WINDOWS\system32\DefaultQuestions.json
2015-12-09 18:44 - 2015-12-09 18:43 - 00000741 _____ C:\WINDOWS\SysWOW64\NOISE.DAT
2015-12-09 18:44 - 2015-12-09 18:43 - 00000741 _____ C:\WINDOWS\system32\NOISE.DAT
2015-12-09 18:44 - 2015-12-09 18:43 - 00000407 _____ C:\WINDOWS\system32\Drivers\etc\networks
2015-12-09 18:44 - 2015-12-09 18:43 - 00000389 _____ C:\WINDOWS\system32\AutoWorkplace.exe.config
2015-12-09 18:44 - 2015-12-09 18:43 - 00000219 _____ C:\WINDOWS\system.ini
2015-12-09 18:41 - 2015-12-17 19:55 - 00000000 ____D C:\WINDOWS\CbsTemp
2015-12-09 18:39 - 2015-12-22 15:56 - 00131072 ___SH C:\WINDOWS\system32\config\BBI
2015-12-09 18:39 - 2015-12-10 03:55 - 00032768 ___SH C:\WINDOWS\system32\config\ELAM
2015-12-09 18:39 - 2015-12-09 18:46 - 00000000 ____D C:\WINDOWS\servicing
2015-12-09 18:39 - 2015-12-09 18:44 - 00000000 ____D C:\WINDOWS\system32\SMI
2015-12-09 18:39 - 2015-07-10 10:11 - 00000164 _____ C:\WINDOWS\system32\config\FP
2015-12-09 13:47 - 2015-12-01 08:01 - 02115936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2015-12-09 13:47 - 2015-12-01 07:03 - 00008192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\gpuenergydrv.sys
2015-12-09 13:47 - 2015-12-01 06:54 - 00771072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2015-12-09 13:47 - 2015-12-01 06:51 - 07523840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2015-12-09 13:47 - 2015-12-01 06:49 - 04792320 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2015-12-09 13:47 - 2015-12-01 06:02 - 03580416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2015-12-09 13:47 - 2015-12-01 05:59 - 05455360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2015-12-09 13:47 - 2015-11-25 06:42 - 04532304 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2015-12-09 13:47 - 2015-11-25 06:42 - 00168288 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkUXBroker.exe
2015-12-09 13:47 - 2015-11-25 06:41 - 01822280 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2015-12-09 13:47 - 2015-11-25 06:40 - 00516448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2015-12-09 13:47 - 2015-11-25 06:33 - 03622272 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-12-09 13:47 - 2015-11-25 06:32 - 00113184 _____ (Microsoft Corporation) C:\WINDOWS\system32\userenv.dll
2015-12-09 13:47 - 2015-11-25 06:27 - 01366680 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2015-12-09 13:47 - 2015-11-25 06:12 - 04047288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2015-12-09 13:47 - 2015-11-25 06:11 - 01532984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2015-12-09 13:47 - 2015-11-25 06:09 - 01310880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2015-12-09 13:47 - 2015-11-25 06:01 - 02879024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2015-12-09 13:47 - 2015-11-25 05:59 - 00092992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\userenv.dll
2015-12-09 13:47 - 2015-11-25 05:49 - 01569280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Globalization.dll
2015-12-09 13:47 - 2015-11-25 05:49 - 00498688 _____ (Microsoft Corporation) C:\WINDOWS\system32\WlanMediaManager.dll
2015-12-09 13:47 - 2015-11-25 05:49 - 00467456 _____ (Microsoft Corporation) C:\WINDOWS\system32\MBMediaManager.dll
2015-12-09 13:47 - 2015-11-25 05:49 - 00270336 _____ (Microsoft Corporation) C:\WINDOWS\system32\RasMediaManager.dll
2015-12-09 13:47 - 2015-11-25 05:48 - 00146944 _____ (Microsoft Corporation) C:\WINDOWS\system32\EthernetMediaManager.dll
2015-12-09 13:47 - 2015-11-25 05:48 - 00126464 _____ (Microsoft Corporation) C:\WINDOWS\system32\DAMediaManager.dll
2015-12-09 13:47 - 2015-11-25 05:44 - 21872640 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2015-12-09 13:47 - 2015-11-25 05:42 - 24592384 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-12-09 13:47 - 2015-11-25 05:37 - 02350592 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2015-12-09 13:47 - 2015-11-25 05:36 - 01710592 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRHInproc.dll
2015-12-09 13:47 - 2015-11-25 05:36 - 00022528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usb8023.sys
2015-12-09 13:47 - 2015-11-25 05:35 - 00929792 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2015-12-09 13:47 - 2015-11-25 05:35 - 00845824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Magnify.exe
2015-12-09 13:47 - 2015-11-25 05:34 - 12504576 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-12-09 13:47 - 2015-11-25 05:31 - 00121344 _____ (Microsoft Corporation) C:\WINDOWS\system32\DAMM.dll
2015-12-09 13:47 - 2015-11-25 05:30 - 00171008 _____ (Microsoft Corporation) C:\WINDOWS\system32\dot3mm.dll
2015-12-09 13:47 - 2015-11-25 05:30 - 00147968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rmcast.sys
2015-12-09 13:47 - 2015-11-25 05:30 - 00080896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hdaudbus.sys
2015-12-09 13:47 - 2015-11-25 05:29 - 01649152 _____ (Microsoft Corporation) C:\WINDOWS\system32\comsvcs.dll
2015-12-09 13:47 - 2015-11-25 05:29 - 00355328 _____ (Microsoft Corporation) C:\WINDOWS\system32\ninput.dll
2015-12-09 13:47 - 2015-11-25 05:28 - 00572928 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2015-12-09 13:47 - 2015-11-25 05:28 - 00523776 _____ (Microsoft Corporation) C:\WINDOWS\system32\catsrvut.dll
2015-12-09 13:47 - 2015-11-25 05:27 - 02180608 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2015-12-09 13:47 - 2015-11-25 05:26 - 00849408 _____ (Microsoft Corporation) C:\WINDOWS\system32\comdlg32.dll
2015-12-09 13:47 - 2015-11-25 05:26 - 00181760 _____ (Microsoft Corporation) C:\WINDOWS\system32\shutdownux.dll
2015-12-09 13:47 - 2015-11-25 05:25 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2015-12-09 13:47 - 2015-11-25 05:25 - 00067072 _____ (Microsoft Corporation) C:\WINDOWS\system32\profext.dll
2015-12-09 13:47 - 2015-11-25 05:23 - 19323392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-12-09 13:47 - 2015-11-25 05:23 - 03588096 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2015-12-09 13:47 - 2015-11-25 05:23 - 00587776 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieui.dll
2015-12-09 13:47 - 2015-11-25 05:22 - 01717248 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2015-12-09 13:47 - 2015-11-25 05:22 - 01383424 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2015-12-09 13:47 - 2015-11-25 05:22 - 00603648 _____ (Microsoft Corporation) C:\WINDOWS\system32\duser.dll
2015-12-09 13:47 - 2015-11-25 05:22 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\kbdgeoqw.dll
2015-12-09 13:47 - 2015-11-25 05:22 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDAZST.DLL
2015-12-09 13:47 - 2015-11-25 05:22 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDAZEL.DLL
2015-12-09 13:47 - 2015-11-25 05:22 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDAZE.DLL
2015-12-09 13:47 - 2015-11-25 05:19 - 01795584 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2015-12-09 13:47 - 2015-11-25 05:19 - 00185344 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll
2015-12-09 13:47 - 2015-11-25 05:18 - 01233920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Globalization.dll
2015-12-09 13:47 - 2015-11-25 05:17 - 00774656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRH.dll
2015-12-09 13:47 - 2015-11-25 05:16 - 01442816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRHInproc.dll
2015-12-09 13:47 - 2015-11-25 05:16 - 00786432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Magnify.exe
2015-12-09 13:47 - 2015-11-25 05:13 - 02153984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2015-12-09 13:47 - 2015-11-25 05:11 - 00296960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ninput.dll
2015-12-09 13:47 - 2015-11-25 05:10 - 18801664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2015-12-09 13:47 - 2015-11-25 05:10 - 01328128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comsvcs.dll
2015-12-09 13:47 - 2015-11-25 05:10 - 00503296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2015-12-09 13:47 - 2015-11-25 05:10 - 00415744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\catsrvut.dll
2015-12-09 13:47 - 2015-11-25 05:08 - 00749568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comdlg32.dll
2015-12-09 13:47 - 2015-11-25 05:07 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\profext.dll
2015-12-09 13:47 - 2015-11-25 05:05 - 11263488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-12-09 13:47 - 2015-11-25 05:04 - 01467392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2015-12-09 13:47 - 2015-11-25 05:04 - 00480768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\duser.dll
2015-12-09 13:47 - 2015-11-25 05:04 - 00474624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieui.dll
2015-12-09 13:47 - 2015-11-25 05:04 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kbdgeoqw.dll
2015-12-09 13:47 - 2015-11-25 05:04 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDAZST.DLL
2015-12-09 13:47 - 2015-11-25 05:04 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDAZEL.DLL
2015-12-09 13:47 - 2015-11-25 05:04 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDAZE.DLL
2015-12-09 13:47 - 2015-11-25 03:52 - 00775312 _____ C:\WINDOWS\SysWOW64\locale.nls
2015-12-09 13:47 - 2015-11-25 03:52 - 00775312 _____ C:\WINDOWS\system32\locale.nls
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2015-12-21 12:38 - 2015-10-08 17:54 - 04592384 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\Drivers\RTKVHD64.sys
2015-12-21 12:38 - 2015-10-08 17:54 - 02954224 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RltkAPO64.dll
2015-12-21 12:38 - 2015-10-08 17:54 - 00195192 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkCfg64.dll
2015-12-21 12:38 - 2015-10-08 17:54 - 00023696 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkCoLDR64.dll
2015-12-21 12:35 - 2014-12-04 19:22 - 01455552 _____ (Intel Corporation) C:\WINDOWS\system32\Drivers\iaStorA.sys
2015-12-18 12:27 - 2015-10-30 20:27 - 00000000 ___HD C:\$WINDOWS.~BT
2015-12-17 19:55 - 2015-07-10 11:59 - 00480256 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnet.dll
2015-12-17 19:55 - 2015-07-10 11:59 - 00395264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnet.dll
2015-12-17 19:55 - 2015-07-10 11:59 - 00220160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dplayx.dll
2015-12-17 19:55 - 2015-07-10 11:59 - 00069120 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnathlp.dll
2015-12-17 19:55 - 2015-07-10 11:59 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnathlp.dll
2015-12-17 19:55 - 2015-07-10 11:59 - 00047104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpwsockx.dll
2015-12-17 19:55 - 2015-07-10 11:59 - 00027648 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnsvr.exe
2015-12-17 19:55 - 2015-07-10 11:59 - 00025088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpmodemx.dll
2015-12-17 19:55 - 2015-07-10 11:59 - 00023040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnsvr.exe
2015-12-17 19:55 - 2015-07-10 11:59 - 00020992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dplaysvr.exe
2015-12-17 19:55 - 2015-07-10 11:59 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnhupnp.dll
2015-12-17 19:55 - 2015-07-10 11:59 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnhpast.dll
2015-12-17 19:55 - 2015-07-10 11:59 - 00008704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnhupnp.dll
2015-12-17 19:55 - 2015-07-10 11:59 - 00008704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnhpast.dll
2015-12-17 19:55 - 2015-07-10 11:59 - 00005632 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnlobby.dll
2015-12-17 19:55 - 2015-07-10 11:59 - 00005120 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpnaddr.dll
2015-12-17 19:55 - 2015-07-10 11:59 - 00004608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnlobby.dll
2015-12-17 19:55 - 2015-07-10 11:59 - 00004096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dpnaddr.dll
2015-12-11 21:55 - 2015-07-10 12:01 - 00635904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqsnap.dll
2015-12-11 21:55 - 2015-07-10 12:01 - 00562176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqutil.dll
2015-12-11 21:55 - 2015-07-10 12:01 - 00265728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa.dll
2015-12-11 21:55 - 2015-07-10 12:01 - 00217088 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqtrig.dll
2015-12-11 21:55 - 2015-07-10 12:01 - 00168960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisRtl.dll
2015-12-11 21:55 - 2015-07-10 12:01 - 00165376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqtrig.dll
2015-12-11 21:55 - 2015-07-10 12:01 - 00161792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqrt.dll
2015-12-11 21:55 - 2015-07-10 12:01 - 00096768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa.tlb
2015-12-11 21:55 - 2015-07-10 12:01 - 00091136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa30.tlb
2015-12-11 21:55 - 2015-07-10 12:01 - 00055808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa20.tlb
2015-12-11 21:55 - 2015-07-10 12:01 - 00050688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\admwprox.dll
2015-12-11 21:55 - 2015-07-10 12:01 - 00050176 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqise.dll
2015-12-11 21:55 - 2015-07-10 12:01 - 00038912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqise.dll
2015-12-11 21:55 - 2015-07-10 12:01 - 00037376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqoa10.tlb
2015-12-11 21:55 - 2015-07-10 12:01 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ahadmin.dll
2015-12-11 21:55 - 2015-07-10 12:01 - 00018432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\infoadmn.dll
2015-12-11 21:55 - 2015-07-10 12:01 - 00016896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisreset.exe
2015-12-11 21:55 - 2015-07-10 12:01 - 00014848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mqcertui.dll
2015-12-11 21:55 - 2015-07-10 12:01 - 00011264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wamregps.dll
2015-12-11 21:55 - 2015-07-10 12:01 - 00011264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\infoctrs.dll
2015-12-11 21:55 - 2015-07-10 12:01 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iisrstap.dll
2015-12-11 21:55 - 2015-07-10 12:01 - 00009096 _____ C:\WINDOWS\SysWOW64\msmqtrc.mof
2015-12-11 21:55 - 2015-07-10 12:00 - 01417728 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqqm.dll
2015-12-11 21:55 - 2015-07-10 12:00 - 00813056 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqsnap.dll
2015-12-11 21:55 - 2015-07-10 12:00 - 00564224 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqutil.dll
2015-12-11 21:55 - 2015-07-10 12:00 - 00316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa.dll
2015-12-11 21:55 - 2015-07-10 12:00 - 00229888 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqrt.dll
2015-12-11 21:55 - 2015-07-10 12:00 - 00202240 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisRtl.dll
2015-12-11 21:55 - 2015-07-10 12:00 - 00175104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mqac.sys
2015-12-11 21:55 - 2015-07-10 12:00 - 00164864 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqtgsvc.exe
2015-12-11 21:55 - 2015-07-10 12:00 - 00130048 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqlogmgr.dll
2015-12-11 21:55 - 2015-07-10 12:00 - 00096768 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa.tlb
2015-12-11 21:55 - 2015-07-10 12:00 - 00091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa30.tlb
2015-12-11 21:55 - 2015-07-10 12:00 - 00055808 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa20.tlb
2015-12-11 21:55 - 2015-07-10 12:00 - 00055808 _____ (Microsoft Corporation) C:\WINDOWS\system32\admwprox.dll
2015-12-11 21:55 - 2015-07-10 12:00 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\system32\ahadmin.dll
2015-12-11 21:55 - 2015-07-10 12:00 - 00052736 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqbkup.exe
2015-12-11 21:55 - 2015-07-10 12:00 - 00037376 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqoa10.tlb
2015-12-11 21:55 - 2015-07-10 12:00 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqsvc.exe
2015-12-11 21:55 - 2015-07-10 12:00 - 00023040 _____ (Microsoft Corporation) C:\WINDOWS\system32\infoadmn.dll
2015-12-11 21:55 - 2015-07-10 12:00 - 00018944 _____ (Microsoft Corporation) C:\WINDOWS\system32\mqcertui.dll
2015-12-11 21:55 - 2015-07-10 12:00 - 00018432 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisreset.exe
2015-12-11 21:55 - 2015-07-10 12:00 - 00015360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wamregps.dll
2015-12-11 21:55 - 2015-07-10 12:00 - 00013312 _____ (Microsoft Corporation) C:\WINDOWS\system32\infoctrs.dll
2015-12-11 21:55 - 2015-07-10 12:00 - 00013312 _____ (Microsoft Corporation) C:\WINDOWS\system32\iisrstap.dll
2015-12-11 21:55 - 2015-07-10 12:00 - 00009096 _____ C:\WINDOWS\system32\msmqtrc.mof
2015-12-10 03:03 - 2015-08-31 18:20 - 00404480 _____ C:\WINDOWS\system32\diagtrack_wininternal.dll
2015-12-09 18:51 - 2015-10-08 17:28 - 00000000 ___HD C:\$SysReset
2015-12-09 18:43 - 2015-10-08 16:10 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthmodem.sys
2015-12-09 18:43 - 2015-07-10 12:00 - 01026560 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingOnlineServices.dll
2015-12-09 18:43 - 2015-07-10 12:00 - 00924672 _____ (Microsoft Corporation) C:\WINDOWS\system32\NMAA.dll
2015-12-09 18:43 - 2015-07-10 12:00 - 00363664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AUDIOKSE.dll
2015-12-09 18:43 - 2015-07-10 12:00 - 00253952 _____ (Nokia) C:\WINDOWS\system32\NmaDirect.dll
2015-12-09 18:43 - 2015-07-10 12:00 - 00232448 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationPeComposite.dll
2015-12-09 18:43 - 2015-07-10 12:00 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\system32\GnssAdapter.dll
2015-12-09 18:43 - 2015-07-10 12:00 - 00148992 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshostcore.dll
2015-12-09 18:43 - 2015-07-10 12:00 - 00130560 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationCellAdapter.dll
2015-12-09 18:43 - 2015-07-10 12:00 - 00118112 _____ (Microsoft Corporation) C:\WINDOWS\system32\icfupgd.dll
2015-12-09 18:43 - 2015-07-10 12:00 - 00115712 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsBtSvc.dll
2015-12-09 18:43 - 2015-07-10 12:00 - 00110040 _____ (Microsoft Corporation) C:\WINDOWS\system32\EncDump.dll
2015-12-09 18:43 - 2015-07-10 12:00 - 00107520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft-Windows-MapControls.dll
2015-12-09 18:43 - 2015-07-10 12:00 - 00080896 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationSystemIntegration.dll
2015-12-09 18:43 - 2015-07-10 12:00 - 00062464 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshost.dll
2015-12-09 18:43 - 2015-07-10 12:00 - 00054784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Suplcsps.dll
2015-12-09 18:43 - 2015-07-10 12:00 - 00054272 _____ (Microsoft Corporation) C:\WINDOWS\system32\MosHostClient.dll
2015-12-09 18:43 - 2015-07-10 12:00 - 00034816 _____ (Microsoft Corporation) C:\WINDOWS\system32\mapstoasttask.dll
2015-12-09 18:43 - 2015-07-10 12:00 - 00025600 _____ (Microsoft Corporation) C:\WINDOWS\system32\nativemap.dll
2015-12-09 18:43 - 2015-07-10 12:00 - 00023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\mapsupdatetask.dll
2015-12-09 18:43 - 2015-07-10 12:00 - 00019456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wfapigp.dll
2015-12-09 18:43 - 2015-07-10 12:00 - 00013312 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsBtSvcProxy.dll
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2015-12-10 03:54 - 2015-12-10 03:54 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
Einige Dateien in TEMP:
====================
C:\Users\dlehn\AppData\Local\Temp\sqlite3.dll
==================== Bamital & volsnap =================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2015-12-19 21:15
==================== Ende von FRST.txt ============================
|
|
23.12.2015, 20:15
| #2 |
| | Windows 10 Werbung am ganzen PCCode:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:20-12-2015
durchgeführt von dlehn (2015-12-23 00:08:25)
Gestartet von C:\Users\dlehn\Downloads
Windows 10 Home (X64) (2015-12-09 17:58:21)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-4099521793-58611733-3230023784-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-4099521793-58611733-3230023784-503 - Limited - Disabled)
dlehn (S-1-5-21-4099521793-58611733-3230023784-1001 - Administrator - Enabled) => C:\Users\dlehn
Gast (S-1-5-21-4099521793-58611733-3230023784-501 - Limited - Disabled)
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
A Story About My Uncle (HKLM-x32\...\Steam App 278360) (Version: - Gone North Games)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 3.4.1.181 - Adobe Systems Incorporated)
Adobe Photoshop CC 2015 (HKLM-x32\...\{793C2BF7-A4FE-4608-91C9-9282C5801C21}) (Version: 16.1 - Adobe Systems Incorporated)
Age of Empires® III: Complete Collection (HKLM-x32\...\Steam App 105450) (Version: - Ensemble Studios)
Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 11.1.2245 - AVAST Software)
Borderlands: The Pre-Sequel (HKLM-x32\...\Steam App 261640) (Version: - 2K Australia)
Broforce (HKLM-x32\...\Steam App 274190) (Version: - Free Lives)
Call of Duty: Black Ops III (HKLM-x32\...\Steam App 311210) (Version: - Treyarch)
CCleaner (HKLM\...\CCleaner) (Version: 5.10 - Piriform)
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version: - Valve)
DiRT Showdown (HKLM-x32\...\Steam App 201700) (Version: - Codemasters Racing Studio)
Far Cry® 3 (HKLM-x32\...\Steam App 220240) (Version: - Ubisoft Montreal, Massive Entertainment, and Ubisoft Shanghai)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 47.0.2526.106 - Google Inc.)
Google Update Helper (x32 Version: 1.3.29.1 - Google Inc.) Hidden
H1Z1 (HKLM-x32\...\Steam App 295110) (Version: - Daybreak Games)
Just Cause 3 (HKLM-x32\...\Steam App 225540) (Version: - Avalanche Studios)
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4420.1017 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
NetSpeedMonitor 2.5.4.0 x64 (HKLM\...\{88F41EE2-949B-4B52-933D-C7F8F67BC1D2}) (Version: 2.5.4.0 - Florian Gilles)
NVIDIA 3D Vision Controller-Treiber 352.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 352.65 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 359.06 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 359.06 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.7.4.10 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.7.4.10 - NVIDIA Corporation)
NVIDIA Grafiktreiber 359.06 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 359.06 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.34.4 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.4 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
Orcs Must Die! 2 (HKLM-x32\...\Steam App 201790) (Version: - Robot Entertainment)
Outils de vérification linguistique 2013 de Microsoft Office*- Français (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7644 - Realtek Semiconductor Corp.)
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
SHIELD Streaming (Version: 4.1.0240 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.7.4.10 - NVIDIA Corporation) Hidden
Skype™ 7.16 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.16.102 - Skype Technologies S.A.)
Sonic Generations (HKLM-x32\...\Steam App 71340) (Version: - Devil's Details)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.18 - TeamSpeak Systems GmbH)
TrackMania² Stadium (HKLM-x32\...\Steam App 232910) (Version: - Nadeo)
Valiant Hearts: The Great War™ / Soldats Inconnus : Mémoires de la Grande Guerre™ (HKLM-x32\...\Steam App 260230) (Version: - Ubisoft Montpellier)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.1 - VideoLAN)
WinRAR 5.30 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.30.0 - win.rar GmbH)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
CustomCLSID: HKU\S-1-5-21-4099521793-58611733-3230023784-1001_Classes\CLSID\{0E270DAA-1BE6-48F2-AC49-602957A1362D}\InprocServer32 -> %%systemroot%%\system32\shell32.dll => Keine Datei
CustomCLSID: HKU\S-1-5-21-4099521793-58611733-3230023784-1001_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\dlehn\AppData\Local\Microsoft\OneDrive\17.3.6281.1202\FileCoAuth.exe (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-4099521793-58611733-3230023784-1001_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)
==================== Wiederherstellungspunkte =========================
21-12-2015 12:34:11 Driver Booster : Intel(R) 4th Gen Core processor DRAM Controller - 0C00
22-12-2015 15:51:23 Removed CSR Harmony Wireless Software Stack.
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2015-12-09 18:44 - 2015-12-09 18:43 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {1D382A4A-C51F-4134-B07E-CF6732713FAA} - System32\Tasks\Driver Booster SkipUAC (dlehn) => C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe
Task: {34B758CE-5954-4745-B8FC-FCAC89B5F8D4} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2012-10-01] (Microsoft Corporation)
Task: {35A28965-579D-41CD-8089-9102391E1C92} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-12-22] (AVAST Software)
Task: {546AB173-9F88-439E-A876-4D8533022795} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-09-16] (Piriform Ltd)
Task: {5D689260-5A9A-44BB-848C-C410979F25DE} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-11-23] (Microsoft Corporation)
Task: {979103EC-B866-4335-AD00-AD3F52556266} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-12-09] (Google Inc.)
Task: {AB9C6C71-1E90-4112-B0D9-724C30226519} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => D:\MS Office 2013\Office15\msoia.exe [2012-10-01] (Microsoft Corporation)
Task: {AED18049-7907-4A4F-9A93-62C04292ADB1} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-12-09] (Google Inc.)
Task: {EA9C6344-D5F4-473A-8955-2895A80C5B8C} - System32\Tasks\Microsoft Office 15 Sync Maintenance for DESKTOP-UPDA33C-dlehn DESKTOP-UPDA33C => D:\MS Office 2013\Office15\MsoSync.exe [2012-10-01] (Microsoft Corporation)
Task: {FBE54425-64F7-4029-8ED6-D9904DB33EDD} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => D:\MS Office 2013\Office15\msoia.exe [2012-10-01] (Microsoft Corporation)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Verknüpfungen =============================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2015-08-06 15:35 - 2015-08-06 15:35 - 00032768 _____ () C:\WINDOWS\SYSTEM32\licensemanagerapi.dll
2015-12-10 03:54 - 2015-11-24 20:32 - 00116344 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2015-08-31 18:20 - 2015-12-10 03:03 - 00404480 _____ () C:\WINDOWS\System32\diagtrack_wininternal.dll
2015-10-01 16:52 - 2015-09-17 07:48 - 02494712 _____ () C:\WINDOWS\system32\CoreUIComponents.dll
2015-10-01 16:52 - 2015-09-17 07:48 - 02494712 _____ () C:\WINDOWS\System32\CoreUIComponents.dll
2015-11-14 04:23 - 2015-11-14 04:23 - 00553120 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll
2015-10-01 16:52 - 2015-09-17 06:48 - 00429056 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll
2015-07-10 11:59 - 2015-12-09 18:43 - 00143360 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\XamlTileRendering.dll
2015-11-14 04:22 - 2015-11-14 04:22 - 31401120 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
2015-09-16 20:33 - 2015-09-16 20:33 - 00057344 _____ () C:\Program Files\CCleaner\lang\lang-1031.dll
2015-12-09 13:47 - 2015-11-25 05:20 - 06569472 _____ () C:\WINDOWS\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2015-12-09 13:47 - 2015-11-25 05:17 - 00471040 _____ () C:\WINDOWS\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2015-12-09 13:47 - 2015-11-25 05:17 - 01808384 _____ () C:\WINDOWS\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.BackgroundTask.dll
2015-10-01 16:52 - 2015-09-17 06:43 - 02274816 _____ () C:\WINDOWS\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll
2015-07-10 12:00 - 2015-12-09 18:43 - 00210432 _____ () C:\WINDOWS\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.ProxyStub.dll
2015-12-10 13:28 - 2015-11-25 00:07 - 00012080 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2015-12-16 23:08 - 2015-12-11 04:54 - 01583432 _____ () C:\Program Files (x86)\Google\Chrome\Application\47.0.2526.106\libglesv2.dll
2015-12-16 23:08 - 2015-12-11 04:54 - 00081224 _____ () C:\Program Files (x86)\Google\Chrome\Application\47.0.2526.106\libegl.dll
2015-11-25 20:18 - 2015-11-25 20:18 - 00147136 ____R () C:\Program Files (x86)\Skype\Phone\ssScreenVVS2.dll
2015-11-16 17:43 - 2015-11-16 17:43 - 40523440 _____ () C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\CEF\libcef.dll
2015-11-16 17:43 - 2015-11-16 17:43 - 01365680 _____ () C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\CEF\libglesv2.dll
2015-11-16 17:43 - 2015-11-16 17:43 - 00219312 _____ () C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\CEF\libegl.dll
2015-11-25 19:35 - 2015-11-25 19:35 - 00124416 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\fs-ext\build\Release\fs-ext.node
2015-11-25 19:35 - 2015-11-25 19:35 - 00188416 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\node-vulcanjs\build\Release\VulcanJS.node
2015-11-25 19:35 - 2015-11-25 19:35 - 00121344 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\ref\build\Release\binding.node
2015-11-25 19:35 - 2015-11-25 19:35 - 00129536 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\ffi\build\Release\ffi_bindings.node
2015-11-25 13:22 - 2015-11-25 13:22 - 00158384 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\node-ProxyResolver\native\ProxyResolverWin.dll
2015-11-25 19:35 - 2015-11-25 19:35 - 00081408 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\js\node_modules\idle-gc\build\Release\idle-gc.node
2015-12-22 16:12 - 2015-12-22 16:12 - 00103888 _____ () C:\Program Files\AVAST Software\Avast\log.dll
2015-12-22 16:12 - 2015-12-22 16:12 - 00125512 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2015-12-22 16:12 - 2015-12-22 16:12 - 02990080 _____ () C:\Program Files\AVAST Software\Avast\defs\15110499\algo.dll
2015-12-22 16:12 - 2015-12-22 16:12 - 00469008 _____ () C:\Program Files\AVAST Software\Avast\ffl2.dll
2015-12-22 16:12 - 2015-12-22 16:12 - 00241896 _____ () C:\Program Files\AVAST Software\Avast\browser_pass.dll
2015-12-22 16:13 - 2015-12-22 16:13 - 02806272 _____ () C:\Program Files\AVAST Software\Avast\defs\15122201\algo.dll
2015-12-22 16:12 - 2015-12-22 16:12 - 40539648 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2015-12-09 19:05 - 2015-11-10 20:55 - 00778752 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2015-12-09 19:05 - 2015-07-03 17:12 - 04962816 _____ () C:\Program Files (x86)\Steam\v8.dll
2015-12-09 19:05 - 2015-12-14 21:01 - 02547280 _____ () C:\Program Files (x86)\Steam\video.dll
2015-12-09 19:05 - 2015-09-24 01:33 - 02549248 _____ () C:\Program Files (x86)\Steam\libavcodec-56.dll
2015-12-09 19:05 - 2015-09-24 01:33 - 00491008 _____ () C:\Program Files (x86)\Steam\libavformat-56.dll
2015-12-09 19:05 - 2015-09-24 01:33 - 00332800 _____ () C:\Program Files (x86)\Steam\libavresample-2.dll
2015-12-09 19:05 - 2015-09-24 01:33 - 00442880 _____ () C:\Program Files (x86)\Steam\libavutil-54.dll
2015-12-09 19:05 - 2015-09-24 01:33 - 00485888 _____ () C:\Program Files (x86)\Steam\libswscale-3.dll
2015-12-09 19:05 - 2015-07-03 17:12 - 01556992 _____ () C:\Program Files (x86)\Steam\icui18n.dll
2015-12-09 19:05 - 2015-07-03 17:12 - 01187840 _____ () C:\Program Files (x86)\Steam\icuuc.dll
2015-12-09 19:05 - 2015-12-14 21:01 - 00804432 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2015-12-09 19:05 - 2015-11-03 23:00 - 00201728 _____ () C:\Program Files (x86)\Steam\bin\openvr_api.dll
2015-12-09 19:05 - 2015-11-17 01:31 - 47846176 _____ () C:\Program Files (x86)\Steam\bin\libcef.dll
2015-12-09 19:05 - 2015-09-25 00:56 - 00119208 _____ () C:\Program Files (x86)\Steam\winh264.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
AlternateDataStreams: C:\WINDOWS\Temp:$DATA
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-4099521793-58611733-3230023784-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\dlehn\AppData\Local\Packages\Microsoft.Windows.Photos_8wekyb3d8bbwe\LocalState\PhotosAppBackground\{c778d28e-1122-419f-8f90-05e051d9b7ed}.png
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{0DF1D56B-E7E2-4008-AEA2-EFEC45ECB84D}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{47ED46F7-6BF2-40E8-B77E-5F8F65FAF3FF}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{35144438-FC86-44BE-9802-203F47A1DE86}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{249977D4-B126-40BB-BD34-9034F0202972}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{44912747-F8BF-4463-969F-76308D962687}] => (Allow) D:\SteamLibrary\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{F5E49645-969F-4746-9C8F-A342E40BAC3C}] => (Allow) D:\SteamLibrary\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{96FE6D24-B04F-491D-AD54-8641A1F8FCAE}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{4576A90A-A320-4BC5-A58A-B9D4B0444F98}] => (Allow) D:\SteamLibrary\steamapps\common\Call of Duty Black Ops III\BlackOps3.exe
FirewallRules: [{F2BAA7A4-4B36-47FC-800E-62796628C3A5}] => (Allow) D:\SteamLibrary\steamapps\common\Call of Duty Black Ops III\BlackOps3.exe
FirewallRules: [{DC92E22C-CA01-4938-A5D7-0C2DD593C1AA}] => (Allow) D:\SteamLibrary\steamapps\common\Age Of Empires 3\bin\age3.exe
FirewallRules: [{D9B92B4E-4133-4C7F-9680-A0C5C688BD18}] => (Allow) D:\SteamLibrary\steamapps\common\Age Of Empires 3\bin\age3.exe
FirewallRules: [{A3519FD8-79E0-4F6C-93E6-20006B1D4E59}] => (Allow) D:\SteamLibrary\steamapps\common\Age Of Empires 3\bin\age3x.exe
FirewallRules: [{1C88C95A-75F2-43D4-9472-96085A4C6CBE}] => (Allow) D:\SteamLibrary\steamapps\common\Age Of Empires 3\bin\age3x.exe
FirewallRules: [{0EE86CC0-C57C-4B4A-97ED-912B9ABB2B20}] => (Allow) D:\SteamLibrary\steamapps\common\Age Of Empires 3\bin\age3y.exe
FirewallRules: [{AECF14A7-2DE9-4587-95F3-0023BAB84B3E}] => (Allow) D:\SteamLibrary\steamapps\common\Age Of Empires 3\bin\age3y.exe
FirewallRules: [{88119874-AE11-4A60-BD47-62300438CD01}] => (Allow) D:\SteamLibrary\steamapps\common\Broforce\Broforce_beta.exe
FirewallRules: [{6314193D-4CB2-436D-BE40-518220B88CE6}] => (Allow) D:\SteamLibrary\steamapps\common\Broforce\Broforce_beta.exe
FirewallRules: [{0EFE96C3-CBF4-4D74-94E7-566B97DF0971}] => (Allow) D:\SteamLibrary\steamapps\common\Far Cry 3\bin\FC3UpdaterSteam.exe
FirewallRules: [{2725F90E-4E73-42DF-9556-467F7080991E}] => (Allow) D:\SteamLibrary\steamapps\common\Far Cry 3\bin\FC3UpdaterSteam.exe
FirewallRules: [{EFEE633A-01C0-47B7-95AB-D4DC59381AB9}] => (Allow) D:\SteamLibrary\steamapps\common\ManiaPlanet_TMStadium\ManiaPlanetLauncher.exe
FirewallRules: [{ADD0174E-BD14-4995-863A-EAB7650FB981}] => (Allow) D:\SteamLibrary\steamapps\common\ManiaPlanet_TMStadium\ManiaPlanetLauncher.exe
FirewallRules: [{A2C7A7F3-625F-4273-A86A-EF28C6305EF3}] => (Allow) D:\SteamLibrary\steamapps\common\Sonic Generations\SonicGenerations.exe
FirewallRules: [{679EAEFC-3ACB-475F-8961-388651F602F0}] => (Allow) D:\SteamLibrary\steamapps\common\Sonic Generations\SonicGenerations.exe
FirewallRules: [{4D4407DE-2E35-4CB3-AB0A-E0D9EA1359D5}] => (Allow) D:\SteamLibrary\steamapps\common\Sonic Generations\ConfigurationTool.exe
FirewallRules: [{45E8FA52-3ED9-40FD-A5FA-CE11625DC7AB}] => (Allow) D:\SteamLibrary\steamapps\common\Sonic Generations\ConfigurationTool.exe
FirewallRules: [{229AE740-5CEB-4DA4-9EFC-2B34A748A807}] => (Allow) D:\SteamLibrary\steamapps\common\DiRT Showdown\showdown.exe
FirewallRules: [{2C58EB7B-67BC-4CC6-AB09-EEF28CEE26D9}] => (Allow) D:\SteamLibrary\steamapps\common\DiRT Showdown\showdown.exe
FirewallRules: [{FCB7D68C-27A1-40D2-AF73-72DF24734448}] => (Allow) D:\SteamLibrary\steamapps\common\Orcs Must Die 2\build\release\OrcsMustDie2.exe
FirewallRules: [{BDFA33C4-47C1-45CE-9D56-364910E10425}] => (Allow) D:\SteamLibrary\steamapps\common\Orcs Must Die 2\build\release\OrcsMustDie2.exe
FirewallRules: [{71F6107D-D90C-4836-8024-30AABE37A6D6}] => (Allow) D:\SteamLibrary\steamapps\common\Valiant Hearts\Valiant Hearts.exe
FirewallRules: [{146E0879-6CF2-44BA-8383-B47E36FF9EBC}] => (Allow) D:\SteamLibrary\steamapps\common\Valiant Hearts\Valiant Hearts.exe
FirewallRules: [{A8B231C1-B8EC-432F-B635-48ECA5E986C5}] => (Allow) D:\SteamLibrary\steamapps\common\BorderlandsPreSequel\Binaries\Win32\Launcher.exe
FirewallRules: [{E5C96400-0B50-4D89-A1DE-AC7883DB0653}] => (Allow) D:\SteamLibrary\steamapps\common\BorderlandsPreSequel\Binaries\Win32\Launcher.exe
FirewallRules: [{A1890ECF-B8CD-4335-BB25-492BBB6D1280}] => (Allow) D:\SteamLibrary\steamapps\common\A Story About My Uncle\Binaries\Win32\ASAMU-Win32-Shipping.exe
FirewallRules: [{6BBB1FA1-D3CF-4595-8E40-D0A4F86F808D}] => (Allow) D:\SteamLibrary\steamapps\common\A Story About My Uncle\Binaries\Win32\ASAMU-Win32-Shipping.exe
FirewallRules: [{E3980BD1-5556-4E6F-A11F-49DF806E339F}] => (Allow) D:\SteamLibrary\steamapps\common\H1Z1\LaunchPad.exe
FirewallRules: [{34AB62A1-C158-497A-9738-B09DA07DA33B}] => (Allow) D:\SteamLibrary\steamapps\common\H1Z1\LaunchPad.exe
FirewallRules: [{22168787-356C-4F03-B676-51DF20B93C83}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{5AE6EB0E-E066-403B-AA1B-DCF49EB8EEE7}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{79E903B3-02B5-4D47-B11A-56AA372DB389}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{E00AAC1A-E758-49C4-8B87-DEB7EF28A1A9}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{5ED4672F-A556-40B7-B07F-6D509CC945CC}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{423FCF73-20CC-4FA1-80C6-B61D39E3A67F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{8B8F3434-946E-4D96-980E-EC5C5DD0D0EB}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{02B17DC8-FA26-4166-8552-8177EAEA88BC}] => (Allow) D:\MS Office 2013\Office15\lync.exe
FirewallRules: [{41D73071-2416-432A-9BBE-F87DFCF7FA61}] => (Allow) D:\MS Office 2013\Office15\lync.exe
FirewallRules: [{C002B12D-855E-42FA-8E60-E1B3E1CBCBD1}] => (Allow) D:\MS Office 2013\Office15\UcMapi.exe
FirewallRules: [{C209A1F7-0A08-444B-903C-F10E07E85BAF}] => (Allow) D:\MS Office 2013\Office15\UcMapi.exe
FirewallRules: [{16BF7A5A-C68C-4C21-B895-63EAB30320A9}] => (Allow) D:\MS Office 2013\Office15\outlook.exe
FirewallRules: [{4080F98C-4715-4DF5-A86F-702A69E2CCF3}] => (Allow) D:\SteamLibrary\steamapps\common\Just Cause 3\JustCause3.exe
FirewallRules: [{D503C115-380C-42E6-8841-F208F1C87712}] => (Allow) D:\SteamLibrary\steamapps\common\Just Cause 3\JustCause3.exe
FirewallRules: [MSMQ-In-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-TCP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-In-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [MSMQ-Out-UDP] => (Allow) %systemroot%\system32\mqsvc.exe
FirewallRules: [{8F0373AE-3D58-4A4D-90C4-F435217A0382}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Fehlerhafte Geräte im Gerätemanager =============
Name: USB-Massenspeichergerät
Description: USB-Massenspeichergerät
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: Kompatibles USB-Speichergerät
Service: USBSTOR
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (12/22/2015 03:56:15 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Adobe CEF Helper.exe, Version: 3.4.0.175, Zeitstempel: 0x564a80aa
Name des fehlerhaften Moduls: libcef.dll, Version: 3.2171.2069.0, Zeitstempel: 0x551bdc44
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00444106
ID des fehlerhaften Prozesses: 0x23cc
Startzeit der fehlerhaften Anwendung: 0xAdobe CEF Helper.exe0
Pfad der fehlerhaften Anwendung: Adobe CEF Helper.exe1
Pfad des fehlerhaften Moduls: Adobe CEF Helper.exe2
Berichtskennung: Adobe CEF Helper.exe3
Vollständiger Name des fehlerhaften Pakets: Adobe CEF Helper.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: Adobe CEF Helper.exe5
Error: (12/22/2015 03:51:24 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".
Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft-Verbindungsschichterkennungsprotokoll.
System Error:
Zugriff verweigert
.
Error: (12/22/2015 03:45:19 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-UPDA33C)
Description: Bei der Aktivierung der App „Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
Error: (12/22/2015 03:45:14 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Adobe CEF Helper.exe, Version: 3.4.0.175, Zeitstempel: 0x564a80aa
Name des fehlerhaften Moduls: libcef.dll, Version: 3.2171.2069.0, Zeitstempel: 0x551bdc44
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00444106
ID des fehlerhaften Prozesses: 0x213c
Startzeit der fehlerhaften Anwendung: 0xAdobe CEF Helper.exe0
Pfad der fehlerhaften Anwendung: Adobe CEF Helper.exe1
Pfad des fehlerhaften Moduls: Adobe CEF Helper.exe2
Berichtskennung: Adobe CEF Helper.exe3
Vollständiger Name des fehlerhaften Pakets: Adobe CEF Helper.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: Adobe CEF Helper.exe5
Error: (12/22/2015 05:03:54 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-UPDA33C)
Description: Bei der Aktivierung der App „Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI“ ist folgender Fehler aufgetreten: -2144927141. Weitere Informationen finden Sie im Protokoll „Microsoft-Windows-TWinUI/Betriebsbereit“.
Error: (12/21/2015 12:53:35 PM) (Source: ESENT) (EventID: 413) (User: )
Description: SettingSyncHost (9404) Es konnte keine neue Protokolldatei erstellt werden, weil die Datenbank nicht auf das Protokolllaufwerk schreiben kann. Das Laufwerk ist möglicherweise schreibgeschützt, falsch konfiguriert, beschädigt oder hat zu wenig freien Speicherplatz. Fehler -1032.
Error: (12/21/2015 12:53:35 PM) (Source: ESENT) (EventID: 488) (User: )
Description: SettingSyncHost (9404) Der Versuch, die Datei "C:\WINDOWS\system32\edbtmp.log" zu erstellen, ist mit Systemfehler 5 (0x00000005): "Zugriff verweigert " fehlgeschlagen. Fehler -1032 (0xfffffbf8) beim Erstellen von Dateien.
Error: (12/21/2015 12:53:24 PM) (Source: ESENT) (EventID: 413) (User: )
Description: SettingSyncHost (9404) Es konnte keine neue Protokolldatei erstellt werden, weil die Datenbank nicht auf das Protokolllaufwerk schreiben kann. Das Laufwerk ist möglicherweise schreibgeschützt, falsch konfiguriert, beschädigt oder hat zu wenig freien Speicherplatz. Fehler -1032.
Error: (12/21/2015 12:53:24 PM) (Source: ESENT) (EventID: 488) (User: )
Description: SettingSyncHost (9404) Der Versuch, die Datei "C:\WINDOWS\system32\edbtmp.log" zu erstellen, ist mit Systemfehler 5 (0x00000005): "Zugriff verweigert " fehlgeschlagen. Fehler -1032 (0xfffffbf8) beim Erstellen von Dateien.
Error: (12/21/2015 12:53:14 PM) (Source: ESENT) (EventID: 413) (User: )
Description: SettingSyncHost (9404) Es konnte keine neue Protokolldatei erstellt werden, weil die Datenbank nicht auf das Protokolllaufwerk schreiben kann. Das Laufwerk ist möglicherweise schreibgeschützt, falsch konfiguriert, beschädigt oder hat zu wenig freien Speicherplatz. Fehler -1032.
Systemfehler:
=============
Error: (12/22/2015 07:51:50 PM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert und an den Remoteendpunkt gesendet. Dies kann dazu führen, dass die Verbindung beendet wird. Die schwerwiegende Warnung hat folgenden für das TLS-Protokoll definierten Code: 10. Der Windows-SChannel-Fehlerstatus lautet: 10.
Error: (12/22/2015 04:13:41 PM) (Source: Schannel) (EventID: 4120) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung generiert und an den Remoteendpunkt gesendet. Dies kann dazu führen, dass die Verbindung beendet wird. Die schwerwiegende Warnung hat folgenden für das TLS-Protokoll definierten Code: 10. Der Windows-SChannel-Fehlerstatus lautet: 10.
Error: (12/22/2015 03:57:27 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "CSR OBEX-Dienst" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error: (12/22/2015 03:56:45 PM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: Der Versuch des Dienststeuerungs-Managers, nach dem unerwarteten Beenden des Dienstes "Windows Search" Korrekturmaßnahmen (Neustart des Diensts) durchzuführen, ist fehlgeschlagen. Fehler:
%%1056
Error: (12/22/2015 03:56:44 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Benutzerdatenzugriff_Session1" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (12/22/2015 03:56:44 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Benutzerdatenspeicher _Session1" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (12/22/2015 03:56:44 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Kontaktdaten_Session1" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (12/22/2015 03:56:44 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Synchronisierungshost_Session1" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 10000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (12/22/2015 03:56:16 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Installer" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 120000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (12/22/2015 03:56:15 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "Steam Client Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
CodeIntegrity:
===================================
Date: 2015-12-21 14:00:31.815
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2015-12-18 13:38:08.732
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
==================== Speicherinformationen ===========================
Prozessor: Intel(R) Core(TM) i7-4770 CPU @ 3.40GHz
Prozentuale Nutzung des RAM: 26%
Installierter physikalischer RAM: 16259.99 MB
Verfügbarer physikalischer RAM: 11923.05 MB
Summe virtueller Speicher: 18691.99 MB
Verfügbarer virtueller Speicher: 13281.19 MB
==================== Laufwerke ================================
Drive c: (Windows) (Fixed) (Total:110.91 GB) (Free:61.41 GB) NTFS
Drive d: (Festplatte) (Fixed) (Total:2794.39 GB) (Free:541.14 GB) NTFS
Drive f: (49218_BT_Stick) (CDROM) (Total:0.44 GB) (Free:0 GB) CDFS
Drive g: (PULSE) (Fixed) (Total:596.16 GB) (Free:76.19 GB) NTFS
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 111.8 GB) (Disk ID: 163D8216)
Partition 1: (Active) - (Size=450 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=110.9 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=450 MB) - (Type=27)
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 2794.5 GB) (Disk ID: C078C078)
Partition: GPT.
Attempted reading MBR returned 0 bytes.
Could not read MBR for disk 2.
==================== Ende von Addition.txt ============================
|
|
24.12.2015, 13:57
| #3 |
| /// Malwareteam   | Windows 10 Werbung am ganzen PC Mein Name ist Rafael und ich werde dir bei der Bereinigung helfen. Damit ich dir optimal helfen kann, halte dich bitte an folgende Regeln:
 Frohe Weihnachten wünsche ich dir! Schritt 1 Downloade dir bitte  TDSSKiller.exe und speichere diese Datei auf dem Desktop
__________________ Geändert von burningice (24.12.2015 um 14:46 Uhr) |
|
24.12.2015, 17:04
| #4 |
| | Windows 10 Werbung am ganzen PC Hallo, vielen Dank für deine Hilfer, leider wurde nichts gefunden. Code:
ATTFilter 16:58:22.0046 0x1990 TDSS rootkit removing tool 3.1.0.9 Dec 11 2015 22:49:12
16:58:39.0283 0x1990 ============================================================
16:58:39.0283 0x1990 Current date / time: 2015/12/24 16:58:39.0283
16:58:39.0283 0x1990 SystemInfo:
16:58:39.0283 0x1990
16:58:39.0283 0x1990 OS Version: 10.0.10240 ServicePack: 0.0
16:58:39.0283 0x1990 Product type: Workstation
16:58:39.0283 0x1990 ComputerName: DESKTOP-UPDA33C
16:58:39.0283 0x1990 UserName: dlehn
16:58:39.0283 0x1990 Windows directory: C:\WINDOWS
16:58:39.0283 0x1990 System windows directory: C:\WINDOWS
16:58:39.0283 0x1990 Running under WOW64
16:58:39.0283 0x1990 Processor architecture: Intel x64
16:58:39.0283 0x1990 Number of processors: 8
16:58:39.0283 0x1990 Page size: 0x1000
16:58:39.0283 0x1990 Boot type: Normal boot
16:58:39.0283 0x1990 ============================================================
16:58:39.0344 0x1990 KLMD registered as C:\WINDOWS\system32\drivers\48152304.sys
16:58:39.0399 0x1990 System UUID: {09A08AC5-87BF-1E10-70C8-FD1924B25E45}
16:58:39.0640 0x1990 Drive \Device\Harddisk0\DR0 - Size: 0x1BF2976000 ( 111.79 Gb ), SectorSize: 0x200, Cylinders: 0x3901, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
16:58:40.0385 0x1990 Drive \Device\Harddisk1\DR1 - Size: 0x2BAA1476000 ( 2794.52 Gb ), SectorSize: 0x200, Cylinders: 0x59101, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
16:58:40.0390 0x1990 Drive \Device\Harddisk2\DR2 - Size: 0x950B056000 ( 596.17 Gb ), SectorSize: 0x400, Cylinders: 0x9800, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
16:58:43.0461 0x1990 ============================================================
16:58:43.0461 0x1990 \Device\Harddisk0\DR0:
16:58:43.0462 0x1990 MBR partitions:
16:58:43.0462 0x1990 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0xE1000
16:58:43.0462 0x1990 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0xE1800, BlocksNum 0xDDD1800
16:58:43.0463 0x1990 \Device\Harddisk1\DR1:
16:58:43.0463 0x1990 GPT partitions:
16:58:43.0463 0x1990 \Device\Harddisk1\DR1\Partition1: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {71561ECF-FEB2-46DB-B27B-F2BC246E78AE}, Name: Microsoft reserved partition, StartLBA 0x22, BlocksNum 0x40000
16:58:43.0463 0x1990 \Device\Harddisk1\DR1\Partition2: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {3ADB3597-434C-498F-9222-2D2BCDBA19BC}, Name: Basic data partition, StartLBA 0x40800, BlocksNum 0x5D4C9800
16:58:43.0463 0x1990 MBR partitions:
16:58:43.0463 0x1990 \Device\Harddisk2\DR2:
16:58:43.0463 0x1990 MBR partitions:
16:58:43.0463 0x1990 \Device\Harddisk2\DR2\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x254297C1
16:58:43.0463 0x1990 ============================================================
16:58:43.0464 0x1990 C: <-> \Device\Harddisk0\DR0\Partition2
16:58:43.0494 0x1990 D: <-> \Device\Harddisk1\DR1\Partition2
16:58:43.0518 0x1990 G: <-> \Device\Harddisk2\DR2\Partition1
16:58:43.0518 0x1990 ============================================================
16:58:43.0518 0x1990 Initialize success
16:58:43.0518 0x1990 ============================================================
16:58:46.0294 0x18d8 ============================================================
16:58:46.0294 0x18d8 Scan started
16:58:46.0294 0x18d8 Mode: Manual;
16:58:46.0294 0x18d8 ============================================================
16:58:46.0294 0x18d8 KSN ping started
16:58:48.0687 0x18d8 KSN ping finished: true
16:58:49.0584 0x18d8 ================ Scan system memory ========================
16:58:49.0584 0x18d8 System memory - ok
16:58:49.0584 0x18d8 ================ Scan services =============================
16:58:49.0606 0x18d8 1394ohci - ok
16:58:49.0609 0x18d8 3ware - ok
16:58:49.0611 0x18d8 ACPI - ok
16:58:49.0614 0x18d8 acpiex - ok
16:58:49.0616 0x18d8 acpipagr - ok
16:58:49.0619 0x18d8 AcpiPmi - ok
16:58:49.0622 0x18d8 acpitime - ok
16:58:49.0636 0x18d8 [ 46E0C109E564333992B89F2A62AD6B39, D3FE97FAF1D2AACD835BAB281C8BB9642DAF5F267377C857825ACCFA094BAB1A ] AdobeUpdateService C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
16:58:49.0646 0x18d8 AdobeUpdateService - ok
16:58:49.0656 0x18d8 ADP80XX - ok
16:58:49.0661 0x18d8 AFD - ok
16:58:49.0666 0x18d8 agp440 - ok
16:58:49.0699 0x18d8 [ A9F3294F6939172C45D6C5AF2E563714, 5A3C1CFF254222D210974E974D4E5FEC38CA83D855E3DF341719CD0E3BA67171 ] AGSService C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
16:58:49.0726 0x18d8 AGSService - ok
16:58:49.0731 0x18d8 ahcache - ok
16:58:49.0733 0x18d8 AJRouter - ok
16:58:49.0736 0x18d8 ALG - ok
16:58:49.0738 0x18d8 AmdK8 - ok
16:58:49.0741 0x18d8 AmdPPM - ok
16:58:49.0744 0x18d8 amdsata - ok
16:58:49.0747 0x18d8 amdsbs - ok
16:58:49.0749 0x18d8 amdxata - ok
16:58:49.0753 0x18d8 AppHostSvc - ok
16:58:49.0755 0x18d8 AppID - ok
16:58:49.0758 0x18d8 AppIDSvc - ok
16:58:49.0760 0x18d8 Appinfo - ok
16:58:49.0763 0x18d8 AppReadiness - ok
16:58:49.0765 0x18d8 AppXSvc - ok
16:58:49.0767 0x18d8 arcsas - ok
16:58:49.0770 0x18d8 [ 7BC1F2FC2A9D79E1EBBBF6D69AC3BA1F, 236265BE3F1B2130025A3A10152893BD0D18AD8965732361058B775F010539A2 ] aswHwid C:\WINDOWS\system32\drivers\aswHwid.sys
16:58:49.0775 0x18d8 aswHwid - ok
16:58:49.0779 0x18d8 [ 68E76C1675AC171A84F5B7230652E19D, A707A4E51110B15FF7D73C95D4D9C1E457FC9D93E1479BDB67EBDDDD6AC28D8E ] aswMonFlt C:\WINDOWS\system32\drivers\aswMonFlt.sys
16:58:49.0783 0x18d8 aswMonFlt - ok
16:58:49.0786 0x18d8 [ 2D6B49A071216796106E7804AB2BA7DC, 6A58A3B36EA05A24333482F87CFD315F73E56A64E46493E82E0FE9115E284168 ] aswRdr C:\WINDOWS\system32\drivers\aswRdr2.sys
16:58:49.0788 0x18d8 aswRdr - ok
16:58:49.0793 0x18d8 [ E46B51C99BB750A81AC6A68362475A5C, 2A61C09902B39696D151B9D5E6A60FFC3CF3EA02613EC64BBAB4DEE3C78838E2 ] aswRvrt C:\WINDOWS\system32\drivers\aswRvrt.sys
16:58:49.0795 0x18d8 aswRvrt - ok
16:58:49.0811 0x18d8 [ A428CC308673A5E74F91D92E4A2B205D, 0A768AA4BD1CD22B5181EDA692F7CB9A43F627BB4FFEEFBB8CBC77A45107A443 ] aswSnx C:\WINDOWS\system32\drivers\aswSnx.sys
16:58:49.0825 0x18d8 aswSnx - ok
16:58:49.0835 0x18d8 [ C24A42A7689DB63EEF157797AA7012B5, AC25AFAD13E59DFBF68B9F9B9527F266F4671A5E0A1F04D9EA71D36C00AC21E9 ] aswSP C:\WINDOWS\system32\drivers\aswSP.sys
16:58:49.0843 0x18d8 aswSP - ok
16:58:49.0848 0x18d8 [ D9079E1A1C2A1F8ED5F37AF8E6CD3161, 629E3A642C5E3BEA65CDD2E08CAD69F9649A98BDA906678B51D3D2C9DB5BB253 ] aswStm C:\WINDOWS\system32\drivers\aswStm.sys
16:58:49.0850 0x18d8 aswStm - ok
16:58:49.0856 0x18d8 [ 3BEC32A0B646D914921FD56AA39998C1, 8DB7CBF3DEF8EAE1D7D28C38B3A0FCD5C2A04D772078B907F35C66451355A04A ] aswVmm C:\WINDOWS\system32\drivers\aswVmm.sys
16:58:49.0860 0x18d8 aswVmm - ok
16:58:49.0863 0x18d8 AsyncMac - ok
16:58:49.0865 0x18d8 atapi - ok
16:58:49.0866 0x18d8 AudioEndpointBuilder - ok
16:58:49.0869 0x18d8 Audiosrv - ok
16:58:49.0875 0x18d8 [ F5CB8703A4F51EE30E5C090C78073AA4, 90683F39E9AA315FFB66A9F014AD1BEBF19EA62908247C133455815F6632E578 ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
16:58:49.0878 0x18d8 avast! Antivirus - ok
16:58:49.0881 0x18d8 AxInstSV - ok
16:58:49.0883 0x18d8 b06bdrv - ok
16:58:49.0887 0x18d8 BasicDisplay - ok
16:58:49.0889 0x18d8 BasicRender - ok
16:58:49.0892 0x18d8 bcmfn2 - ok
16:58:49.0895 0x18d8 BDESVC - ok
16:58:49.0897 0x18d8 Beep - ok
16:58:49.0900 0x18d8 BFE - ok
16:58:49.0902 0x18d8 BITS - ok
16:58:49.0903 0x18d8 bowser - ok
16:58:49.0906 0x18d8 BrokerInfrastructure - ok
16:58:49.0909 0x18d8 Browser - ok
16:58:49.0911 0x18d8 BthAvrcpTg - ok
16:58:49.0914 0x18d8 BthEnum - ok
16:58:49.0916 0x18d8 BthHFEnum - ok
16:58:49.0919 0x18d8 bthhfhid - ok
16:58:49.0921 0x18d8 BthHFSrv - ok
16:58:49.0923 0x18d8 BthLEEnum - ok
16:58:49.0925 0x18d8 BTHMODEM - ok
16:58:49.0928 0x18d8 BthPan - ok
16:58:49.0931 0x18d8 BTHPORT - ok
16:58:49.0933 0x18d8 bthserv - ok
16:58:49.0935 0x18d8 BTHUSB - ok
16:58:49.0937 0x18d8 buttonconverter - ok
16:58:49.0941 0x18d8 CapImg - ok
16:58:49.0943 0x18d8 cdfs - ok
16:58:49.0945 0x18d8 CDPSvc - ok
16:58:49.0948 0x18d8 cdrom - ok
16:58:49.0950 0x18d8 CertPropSvc - ok
16:58:49.0952 0x18d8 circlass - ok
16:58:49.0954 0x18d8 CLFS - ok
16:58:49.0957 0x18d8 ClipSVC - ok
16:58:49.0964 0x18d8 CmBatt - ok
16:58:49.0967 0x18d8 CNG - ok
16:58:49.0969 0x18d8 cnghwassist - ok
16:58:49.0980 0x18d8 CompositeBus - ok
16:58:49.0983 0x18d8 COMSysApp - ok
16:58:49.0985 0x18d8 condrv - ok
16:58:49.0987 0x18d8 CoreMessagingRegistrar - ok
16:58:50.0004 0x18d8 [ A6B9FD89353D6005DD74485F591F2A83, 1148FDAC0C4B01E9F7C925E22F0E13CA0ECA3DB8AE13F3303E99AB03D4E7B644 ] cphs C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
16:58:50.0099 0x18d8 cphs - ok
16:58:50.0103 0x18d8 CryptSvc - ok
16:58:50.0108 0x18d8 [ DA2926CFC160698D3C4335A58385EE03, 03A9ADDC43D8B6ACB31B44D9FF9C2F7883C577D0E0D683D08C4FCB1C57F75E3C ] csravrcp C:\WINDOWS\System32\drivers\csravrcp.sys
16:58:50.0111 0x18d8 csravrcp - ok
16:58:50.0115 0x18d8 [ 0D22E6DDFDFCE01CAB40A708989F4513, 92709F2A258D3FF2699C493BB330828A435198DF1A41E04E05D6847DC9D3DE4D ] CsrBthAudioHF C:\WINDOWS\system32\DRIVERS\CsrBthAudioHF.sys
16:58:50.0117 0x18d8 CsrBthAudioHF - ok
16:58:50.0119 0x18d8 CsrBtOBEX-Dienst - ok
16:58:50.0163 0x18d8 [ 6AA077D6CC426476E349DF8BFAB2DD0A, 5D24CE14881DD6D1C5003FDE45036DB8894546D26BAEA29D50A6F73B3BE78050 ] CsrBtPort C:\WINDOWS\system32\DRIVERS\CsrBtPort.sys
16:58:50.0201 0x18d8 CsrBtPort - ok
16:58:50.0207 0x18d8 [ 965FB144CA3970F7C2F0DF346155C25D, AC30DEF9673E9DFD07B0665C5302961F6F591F5A038249E84CF08F39642FE6F1 ] csrhfgcc C:\WINDOWS\System32\drivers\csrhfgcc.sys
16:58:50.0208 0x18d8 csrhfgcc - ok
16:58:50.0211 0x18d8 [ B869927FB411004CCD98B7DF30A8AEDC, 4E72AE1EDFA55A8577B56ADAEF196910A915F619E121BCC98155439984FA2AE3 ] csrpan C:\WINDOWS\System32\drivers\csrpan.sys
16:58:50.0213 0x18d8 csrpan - ok
16:58:50.0216 0x18d8 [ 7DB081CD5AFF021666444D7CEFFBDB1B, F32E7D217B0BB6091D808BE413D548A2C66584BA3625F189C81090DC0CC1F0F9 ] csrserial C:\WINDOWS\system32\DRIVERS\csrserial.sys
16:58:50.0218 0x18d8 csrserial - ok
16:58:50.0221 0x18d8 [ 19A0B8F1CE67E5E0E0CDF315F9DA29D6, 3A2E289F8E227D60F6211C5B62170F2F446DBD86ED7BE014B543F24D394600AF ] csrusb C:\WINDOWS\System32\Drivers\csrusb.sys
16:58:50.0222 0x18d8 csrusb - ok
16:58:50.0224 0x18d8 [ D2EF74C29A95E8814BC0BCFF3F21D4D1, 1D70B391B0C3FE50C96932580302353BB290D589F7834407C4DA7FCFAF3B4B06 ] csrusbfilter C:\WINDOWS\System32\Drivers\csrusbfilter.sys
16:58:50.0226 0x18d8 csrusbfilter - ok
16:58:50.0229 0x18d8 [ 244B34E4A0646BEBE254F67BD830B184, C71D2DA4FF16127E47749834D4F7DE91E12637BAB9458E1AEBC7CC0AD76628F1 ] csr_bthav C:\WINDOWS\system32\drivers\csrbthav.sys
16:58:50.0233 0x18d8 csr_bthav - ok
16:58:50.0236 0x18d8 dam - ok
16:58:50.0239 0x18d8 dc1-controller - ok
16:58:50.0243 0x18d8 DcomLaunch - ok
16:58:50.0245 0x18d8 DcpSvc - ok
16:58:50.0248 0x18d8 defragsvc - ok
16:58:50.0250 0x18d8 DeviceAssociationService - ok
16:58:50.0252 0x18d8 DeviceInstall - ok
16:58:50.0254 0x18d8 DevQueryBroker - ok
16:58:50.0256 0x18d8 Dfsc - ok
16:58:50.0260 0x18d8 [ 58425D987F155F44C0BD4D0DB230327E, 9F4F5711325118D4C165F7BAC96D8248A387E14363662F735E7B9331FC222C30 ] dg_ssudbus C:\WINDOWS\System32\drivers\ssudbus.sys
16:58:50.0281 0x18d8 dg_ssudbus - ok
16:58:50.0284 0x18d8 Dhcp - ok
16:58:50.0287 0x18d8 diagnosticshub.standardcollector.service - ok
16:58:50.0289 0x18d8 DiagTrack - ok
16:58:50.0291 0x18d8 disk - ok
16:58:50.0293 0x18d8 DmEnrollmentSvc - ok
16:58:50.0296 0x18d8 dmvsc - ok
16:58:50.0298 0x18d8 dmwappushservice - ok
16:58:50.0300 0x18d8 Dnscache - ok
16:58:50.0303 0x18d8 dot3svc - ok
16:58:50.0305 0x18d8 DPS - ok
16:58:50.0308 0x18d8 drmkaud - ok
16:58:50.0310 0x18d8 DsmSvc - ok
16:58:50.0312 0x18d8 DsSvc - ok
16:58:50.0314 0x18d8 DXGKrnl - ok
16:58:50.0317 0x18d8 Eaphost - ok
16:58:50.0320 0x18d8 ebdrv - ok
16:58:50.0323 0x18d8 EFS - ok
16:58:50.0326 0x18d8 EhStorClass - ok
16:58:50.0329 0x18d8 EhStorTcgDrv - ok
16:58:50.0331 0x18d8 embeddedmode - ok
16:58:50.0333 0x18d8 EntAppSvc - ok
16:58:50.0336 0x18d8 ErrDev - ok
16:58:50.0343 0x18d8 EventSystem - ok
16:58:50.0346 0x18d8 exfat - ok
16:58:50.0349 0x18d8 fastfat - ok
16:58:50.0351 0x18d8 Fax - ok
16:58:50.0353 0x18d8 fcvsc - ok
16:58:50.0356 0x18d8 fdc - ok
16:58:50.0358 0x18d8 fdPHost - ok
16:58:50.0360 0x18d8 FDResPub - ok
16:58:50.0362 0x18d8 fhsvc - ok
16:58:50.0364 0x18d8 FileCrypt - ok
16:58:50.0366 0x18d8 FileInfo - ok
16:58:50.0368 0x18d8 Filetrace - ok
16:58:50.0371 0x18d8 [ 322761FBC5D9439EE46FA997B4F88064, 78A5C82F3155F82728E3CDCB0D5085133E7B6E86A51DFF1DA9731383BF919965 ] FlashUSB C:\WINDOWS\System32\drivers\FlashUSB.sys
16:58:50.0372 0x18d8 FlashUSB - ok
16:58:50.0375 0x18d8 flpydisk - ok
16:58:50.0377 0x18d8 FltMgr - ok
16:58:50.0379 0x18d8 FontCache - ok
16:58:50.0382 0x18d8 FontCache3.0.0.0 - ok
16:58:50.0385 0x18d8 FsDepends - ok
16:58:50.0387 0x18d8 Fs_Rec - ok
16:58:50.0389 0x18d8 fvevol - ok
16:58:50.0392 0x18d8 gagp30kx - ok
16:58:50.0394 0x18d8 gencounter - ok
16:58:50.0397 0x18d8 genericusbfn - ok
16:58:50.0416 0x18d8 [ 5E42BDFF22707E577AD82BE4C43C3BCE, 4C0BBF6AAA7EB30A789D91A4F29726C2A6D941D457B59CF376EF96571F3E1BB4 ] GfExperienceService C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
16:58:50.0433 0x18d8 GfExperienceService - ok
16:58:50.0437 0x18d8 GPIOClx0101 - ok
16:58:50.0440 0x18d8 gpsvc - ok
16:58:50.0443 0x18d8 GpuEnergyDrv - ok
16:58:50.0447 0x18d8 [ 88FBBB1C601A6BC42054E57C2897FA45, 928C5BAB515035DE659C4255C209D33C407716DA325798951B2E8DA9BB230A9F ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
16:58:50.0449 0x18d8 gupdate - ok
16:58:50.0454 0x18d8 [ 88FBBB1C601A6BC42054E57C2897FA45, 928C5BAB515035DE659C4255C209D33C407716DA325798951B2E8DA9BB230A9F ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
16:58:50.0455 0x18d8 gupdatem - ok
16:58:50.0458 0x18d8 HDAudBus - ok
16:58:50.0460 0x18d8 HidBatt - ok
16:58:50.0464 0x18d8 HidBth - ok
16:58:50.0467 0x18d8 hidi2c - ok
16:58:50.0470 0x18d8 hidinterrupt - ok
16:58:50.0472 0x18d8 HidIr - ok
16:58:50.0474 0x18d8 hidserv - ok
16:58:50.0476 0x18d8 HidUsb - ok
16:58:50.0478 0x18d8 HomeGroupListener - ok
16:58:50.0481 0x18d8 HomeGroupProvider - ok
16:58:50.0483 0x18d8 HpSAMD - ok
16:58:50.0487 0x18d8 [ 7C7C986776D00E575BFBDE5DCBDC615D, 4CF12851A5A45917C3A9139B19D79434F2038611B617F83A714506CC7A1A6C61 ] HtcVCom32 C:\WINDOWS\System32\drivers\HtcVComV64.sys
16:58:50.0490 0x18d8 HtcVCom32 - ok
16:58:50.0492 0x18d8 HTTP - ok
16:58:50.0503 0x18d8 [ E5805896A55D4166C20F216249F40FA3, F426BF60D5B916E7A778EF24C49FE1FFE1B2977C2ABD2977FD5C38C6E6CB139F ] HWiNFO32 C:\WINDOWS\SysWOW64\drivers\HWiNFO64A.SYS
16:58:50.0504 0x18d8 HWiNFO32 - ok
16:58:50.0507 0x18d8 hwpolicy - ok
16:58:50.0509 0x18d8 hyperkbd - ok
16:58:50.0511 0x18d8 i8042prt - ok
16:58:50.0514 0x18d8 iaLPSSi_GPIO - ok
16:58:50.0516 0x18d8 iaLPSSi_I2C - ok
16:58:50.0537 0x18d8 [ 12859E1215AA083A42E7ADCDE5C061D1, 262F9C65C3FA7EB69C4FA7C6547E1C79DB49697A083309909BC78726A116557F ] iaStorA C:\WINDOWS\system32\drivers\iaStorA.sys
16:58:50.0555 0x18d8 iaStorA - ok
16:58:50.0560 0x18d8 iaStorAV - ok
16:58:50.0562 0x18d8 iaStorV - ok
16:58:50.0565 0x18d8 ibbus - ok
16:58:50.0568 0x18d8 icssvc - ok
16:58:50.0570 0x18d8 IEEtwCollectorService - ok
16:58:50.0657 0x18d8 [ 6FFC445E0D38C3C880125F2C201C9BC6, 488A427239B55394359751FCB8CBAEA8E2AE1CB2AE03C04590E7B8C80EF3F709 ] igfx C:\WINDOWS\system32\DRIVERS\igdkmd64.sys
16:58:50.0742 0x18d8 igfx - ok
16:58:50.0757 0x18d8 [ AC4F72ABB5ED596A0F3D9D1EDDC4B27C, F48BFF192B523709DEF64578EA7217EED59E2C1D2627E7BD54E59DABC25B8C36 ] igfxCUIService2.0.0.0 C:\WINDOWS\system32\igfxCUIService.exe
16:58:50.0858 0x18d8 igfxCUIService2.0.0.0 - ok
16:58:50.0862 0x18d8 IISADMIN - ok
16:58:50.0867 0x18d8 IKEEXT - ok
16:58:50.0936 0x18d8 [ 71EDE424B930F50B46C684D71C1C1CDE, 932E18114563E652DE0B64ECC6CDABE7144D5EF7BB065A7B4ACFB020B89D1BE7 ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RTKVHD64.sys
16:58:51.0001 0x18d8 IntcAzAudAddService - ok
16:58:51.0017 0x18d8 [ B1679D907958C3F62EFDAA8BF1093209, DBAC2E49A4888AC8DC479279C2E67DAFF1D9153D4167325057C8DF53119A6E6D ] IntcDAud C:\WINDOWS\system32\DRIVERS\IntcDAud.sys
16:58:51.0024 0x18d8 IntcDAud - ok
16:58:51.0029 0x18d8 intelide - ok
16:58:51.0033 0x18d8 intelpep - ok
16:58:51.0036 0x18d8 intelppm - ok
16:58:51.0041 0x18d8 IoQos - ok
16:58:51.0044 0x18d8 IpFilterDriver - ok
16:58:51.0050 0x18d8 iphlpsvc - ok
16:58:51.0054 0x18d8 IPMIDRV - ok
16:58:51.0056 0x18d8 IPNAT - ok
16:58:51.0058 0x18d8 IRENUM - ok
16:58:51.0063 0x18d8 isapnp - ok
16:58:51.0066 0x18d8 iScsiPrt - ok
16:58:51.0071 0x18d8 [ 4EE2423C38F43D37F8497A672FD10BDC, 031C5272DD28809255CF4FA8E6DE45DBFBD9A363BBD5156D0AEE0787C4297980 ] ISCT C:\WINDOWS\System32\drivers\ISCTD64.sys
16:58:51.0073 0x18d8 ISCT - ok
16:58:51.0077 0x18d8 [ F1D3A377ED9BA1CA449824C41CAF104C, EA0E90D5D827664CFDB644753C6DC134C3F8F852F24175EC8328A9FA925B25BF ] iwdbus C:\WINDOWS\System32\drivers\iwdbus.sys
16:58:51.0079 0x18d8 iwdbus - ok
16:58:51.0082 0x18d8 kbdclass - ok
16:58:51.0084 0x18d8 kbdhid - ok
16:58:51.0088 0x18d8 kdnic - ok
16:58:51.0092 0x18d8 KeyIso - ok
16:58:51.0095 0x18d8 KSecDD - ok
16:58:51.0098 0x18d8 KSecPkg - ok
16:58:51.0100 0x18d8 ksthunk - ok
16:58:51.0104 0x18d8 KtmRm - ok
16:58:51.0107 0x18d8 LanmanServer - ok
16:58:51.0111 0x18d8 LanmanWorkstation - ok
16:58:51.0120 0x18d8 [ 5EA1731968F2FD0E950DDCE6D36C5134, 16C47AA60CB62F206DBF3B4FAF99FCA667E7193178D1B7ECB162FA87C008BAA3 ] LEqdUsb C:\WINDOWS\System32\drivers\LEqdUsb.Sys
16:58:51.0123 0x18d8 LEqdUsb - ok
16:58:51.0126 0x18d8 lfsvc - ok
16:58:51.0131 0x18d8 [ FA529FB35694C24BF98A9EF67C1CD9D0, 7B3C587C38CF13D514140F0A55E58997D6071D1DEFD97E274E3F490660AC6075 ] LGBusEnum C:\WINDOWS\system32\drivers\LGBusEnum.sys
16:58:51.0132 0x18d8 LGBusEnum - ok
16:58:51.0136 0x18d8 [ 94B29CE153765E768F004FB3440BE2B0, E74C01CEBDA589CDDE35CBCBAA18700E3742DD3B48A90DB3630992467FFC5024 ] LGVirHid C:\WINDOWS\system32\drivers\LGVirHid.sys
16:58:51.0138 0x18d8 LGVirHid - ok
16:58:51.0141 0x18d8 [ 50AC0930F05DFB996F085B49E112E5C9, C5147E92656506981705AFCAA97B7BDAD0929FF39C1666E774BE1BD32FB08387 ] LHidEqd C:\WINDOWS\System32\drivers\LHidEqd.Sys
16:58:51.0142 0x18d8 LHidEqd - ok
16:58:51.0151 0x18d8 [ 96EB043E2843B5A87A486D0BC6921094, 0B339A18B2F536F12B2C1B4FEDEB3A815DC7F8E7B082144EE084B3E6ED067FBC ] LHidFilt C:\WINDOWS\System32\drivers\LHidFilt.Sys
16:58:51.0154 0x18d8 LHidFilt - ok
16:58:51.0156 0x18d8 LicenseManager - ok
16:58:51.0161 0x18d8 lltdio - ok
16:58:51.0164 0x18d8 lltdsvc - ok
16:58:51.0169 0x18d8 lmhosts - ok
16:58:51.0174 0x18d8 [ A5C1DA229B3B660BBF3BDC30ADBFBB61, B657092424C6BF418A6FA56353370C195D9CA67999B355E8EDD6AFCFD9FEF8E5 ] LMouFilt C:\WINDOWS\System32\drivers\LMouFilt.Sys
16:58:51.0177 0x18d8 LMouFilt - ok
16:58:51.0185 0x18d8 LSI_SAS - ok
16:58:51.0187 0x18d8 LSI_SAS2i - ok
16:58:51.0190 0x18d8 LSI_SAS3i - ok
16:58:51.0193 0x18d8 LSI_SSS - ok
16:58:51.0198 0x18d8 LSM - ok
16:58:51.0202 0x18d8 luafv - ok
16:58:51.0207 0x18d8 [ 9659AA75AC920EF6393B8CF77E21D1B9, 76706516DF281B48ABB2A43CA81B6EA0551937BE1C21AEA0A522AA717C27FD0A ] LUsbFilt C:\WINDOWS\System32\Drivers\LUsbFilt.Sys
16:58:51.0210 0x18d8 LUsbFilt - ok
16:58:51.0212 0x18d8 MapsBroker - ok
16:58:51.0216 0x18d8 megasas - ok
16:58:51.0220 0x18d8 megasr - ok
16:58:51.0225 0x18d8 [ 6ECDA51525C123C55ABC470F2144F925, 7B2E8976F126219AF0953FD641E613A9336CCC80843AF4A37AA71067D55CCBBB ] MEIx64 C:\WINDOWS\System32\drivers\TeeDriverW8x64.sys
16:58:51.0232 0x18d8 MEIx64 - ok
16:58:51.0234 0x18d8 mlx4_bus - ok
16:58:51.0238 0x18d8 MMCSS - ok
16:58:51.0240 0x18d8 Modem - ok
16:58:51.0244 0x18d8 monitor - ok
16:58:51.0248 0x18d8 mouclass - ok
16:58:51.0251 0x18d8 mouhid - ok
16:58:51.0253 0x18d8 mountmgr - ok
16:58:51.0261 0x18d8 [ EB4B5C8AB9DA5585CCC975CD3D072115, BEED5B7478F92C9FB1BBB62FFCEB5321A5C12A7C1AA9B20151BF22064589CD46 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
16:58:51.0264 0x18d8 MozillaMaintenance - ok
16:58:51.0267 0x18d8 mpsdrv - ok
16:58:51.0271 0x18d8 MpsSvc - ok
16:58:51.0274 0x18d8 MQAC - ok
16:58:51.0277 0x18d8 MRxDAV - ok
16:58:51.0284 0x18d8 mrxsmb - ok
16:58:51.0290 0x18d8 mrxsmb10 - ok
16:58:51.0294 0x18d8 mrxsmb20 - ok
16:58:51.0302 0x18d8 MsBridge - ok
16:58:51.0306 0x18d8 MSDTC - ok
16:58:51.0314 0x18d8 Msfs - ok
16:58:51.0321 0x18d8 msgpiowin32 - ok
16:58:51.0327 0x18d8 mshidkmdf - ok
16:58:51.0333 0x18d8 mshidumdf - ok
16:58:51.0335 0x18d8 msisadrv - ok
16:58:51.0339 0x18d8 MSiSCSI - ok
16:58:51.0341 0x18d8 msiserver - ok
16:58:51.0345 0x18d8 MSKSSRV - ok
16:58:51.0348 0x18d8 MsLldp - ok
16:58:51.0350 0x18d8 MSMQ - ok
16:58:51.0353 0x18d8 MSMQTriggers - ok
16:58:51.0355 0x18d8 MSPCLOCK - ok
16:58:51.0357 0x18d8 MSPQM - ok
16:58:51.0359 0x18d8 MsRPC - ok
16:58:51.0362 0x18d8 mssmbios - ok
16:58:51.0363 0x18d8 MSTEE - ok
16:58:51.0366 0x18d8 MTConfig - ok
16:58:51.0367 0x18d8 Mup - ok
16:58:51.0370 0x18d8 mvumis - ok
16:58:51.0373 0x18d8 NativeWifiP - ok
16:58:51.0375 0x18d8 NcaSvc - ok
16:58:51.0377 0x18d8 NcbService - ok
16:58:51.0380 0x18d8 NcdAutoSetup - ok
16:58:51.0382 0x18d8 ndfltr - ok
16:58:51.0384 0x18d8 NDIS - ok
16:58:51.0385 0x18d8 NdisCap - ok
16:58:51.0388 0x18d8 NdisImPlatform - ok
16:58:51.0390 0x18d8 NdisTapi - ok
16:58:51.0392 0x18d8 Ndisuio - ok
16:58:51.0394 0x18d8 NdisVirtualBus - ok
16:58:51.0396 0x18d8 NdisWan - ok
16:58:51.0398 0x18d8 ndiswanlegacy - ok
16:58:51.0400 0x18d8 ndproxy - ok
16:58:51.0402 0x18d8 Ndu - ok
16:58:51.0405 0x18d8 NetBIOS - ok
16:58:51.0408 0x18d8 NetBT - ok
16:58:51.0409 0x18d8 Netlogon - ok
16:58:51.0412 0x18d8 Netman - ok
16:58:51.0414 0x18d8 netprofm - ok
16:58:51.0416 0x18d8 NetSetupSvc - ok
16:58:51.0421 0x18d8 NetTcpPortSharing - ok
16:58:51.0424 0x18d8 NgcCtnrSvc - ok
16:58:51.0425 0x18d8 NgcSvc - ok
16:58:51.0429 0x18d8 [ 106C6E31F54E7C973E903508A27F26FC, A39CE7057E92BCC7ECECD86B0EE956CA5C275FFC5CB04FA181D6995894EF9FBD ] ngvss C:\WINDOWS\system32\drivers\ngvss.sys
16:58:51.0433 0x18d8 ngvss - ok
16:58:51.0435 0x18d8 NlaSvc - ok
16:58:51.0437 0x18d8 Npfs - ok
16:58:51.0439 0x18d8 npsvctrig - ok
16:58:51.0441 0x18d8 nsi - ok
16:58:51.0443 0x18d8 nsiproxy - ok
16:58:51.0446 0x18d8 NTFS - ok
16:58:51.0448 0x18d8 Null - ok
16:58:51.0453 0x18d8 [ D812362E8AF615B521AD4DF19A93BD5A, B1F04122DFE9FCC3FC56BE327D86912D624C89F2EFB9684BE66FC22115D0E19F ] NVHDA C:\WINDOWS\system32\drivers\nvhda64v.sys
16:58:51.0457 0x18d8 NVHDA - ok
16:58:51.0621 0x18d8 [ 4D1C57D613F277B432188A10DFF85C2C, 04F451468BBFB417F0214CCC1EB99F5F0DBD74A438845E2F4D10934681DD229A ] nvlddmkm C:\WINDOWS\system32\DRIVERS\nvlddmkm.sys
16:58:51.0769 0x18d8 nvlddmkm - ok
16:58:51.0805 0x18d8 [ 2CCD9A74A0F9C7605EAFA3F3AC8DC476, DEE95B0C0CA4525850E06AD3C1233A6C6E88D97EE874F83801686B87FD23F0BC ] NvNetworkService C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
16:58:51.0832 0x18d8 NvNetworkService - ok
16:58:51.0837 0x18d8 nvraid - ok
16:58:51.0840 0x18d8 nvstor - ok
16:58:51.0844 0x18d8 [ 2F61DB46C84CCBB5D9F75065A85D2173, 79049D42F0D82BD3C5A9C8231CF2F412B50C9E6483DB14F41CD48301D85C166C ] NvStreamKms C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys
16:58:51.0846 0x18d8 NvStreamKms - ok
16:58:51.0967 0x18d8 [ 6F5AC1C495DA6D19AF99A59DC44BC13F, 61E8C0C0B9EEEF6ADE86AD4BC8D43256A6B20AEEB43BBC3C44B3B6140544259F ] NvStreamNetworkSvc C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
16:58:52.0091 0x18d8 NvStreamNetworkSvc - ok
16:58:52.0184 0x18d8 [ 73FA6B2DF3348AF05E1F98310854BD4F, F0B7CF54495C81EE4C8B44580E399F3B22E190CB553AC7BA8E2DC13A28477566 ] NvStreamSvc C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
16:58:52.0262 0x18d8 NvStreamSvc - ok
16:58:52.0275 0x18d8 [ 4398DCC9BA21E1BE911A13BD18C63481, 251DF1EF6101AC071100665686811915C3B306055C3901BDA96F99612FD001B2 ] NvStUSB C:\WINDOWS\System32\drivers\nvstusb.sys
16:58:52.0282 0x18d8 NvStUSB - ok
16:58:52.0298 0x18d8 [ 44C787E5661B40B78D59E0EB8B73C412, F88E919190C1ADB9AB266DE41C71DFC87F5AAE407783EDB70001D18B15D1052A ] nvsvc C:\WINDOWS\system32\nvvsvc.exe
16:58:52.0390 0x18d8 nvsvc - ok
16:58:52.0394 0x18d8 [ 35DFC12FD7E44B7CB8CCD7E5A2B3975A, 36E0E39646636F6E027691E5C3903C51479B3F707BDEA40F460FD27E357DA14E ] nvvad_WaveExtensible C:\WINDOWS\system32\drivers\nvvad64v.sys
16:58:52.0396 0x18d8 nvvad_WaveExtensible - ok
16:58:52.0399 0x18d8 nv_agp - ok
16:58:52.0401 0x18d8 OneSyncSvc - ok
16:58:52.0406 0x18d8 [ B9C125314A025127FE562C116D614AA3, 79C46C0BACEBBB5B8E1C162766B21587365A100BBAD01171C77B995C514BC7D6 ] ose64 C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
16:58:52.0409 0x18d8 ose64 - ok
16:58:52.0413 0x18d8 p2pimsvc - ok
16:58:52.0416 0x18d8 p2psvc - ok
16:58:52.0418 0x18d8 Parport - ok
16:58:52.0420 0x18d8 partmgr - ok
16:58:52.0422 0x18d8 PcaSvc - ok
16:58:52.0424 0x18d8 pci - ok
16:58:52.0427 0x18d8 pciide - ok
16:58:52.0429 0x18d8 pcmcia - ok
16:58:52.0431 0x18d8 pcw - ok
16:58:52.0434 0x18d8 pdc - ok
16:58:52.0436 0x18d8 PEAUTH - ok
16:58:52.0440 0x18d8 percsas2i - ok
16:58:52.0442 0x18d8 percsas3i - ok
16:58:52.0454 0x18d8 PerfHost - ok
16:58:52.0459 0x18d8 PimIndexMaintenanceSvc - ok
16:58:52.0462 0x18d8 pla - ok
16:58:52.0465 0x18d8 PlugPlay - ok
16:58:52.0467 0x18d8 PNRPAutoReg - ok
16:58:52.0469 0x18d8 PNRPsvc - ok
16:58:52.0471 0x18d8 PolicyAgent - ok
16:58:52.0474 0x18d8 Power - ok
16:58:52.0476 0x18d8 PptpMiniport - ok
16:58:52.0527 0x18d8 [ 12E2582F69ACA40A6BAE91DA578CBF34, 648C6394763906AA4163976DA2C3308F8B706486D9D8F16258CB1D61C2929930 ] PrintNotify C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfig.dll
16:58:52.0573 0x18d8 PrintNotify - ok
16:58:52.0579 0x18d8 Processor - ok
16:58:52.0581 0x18d8 ProfSvc - ok
16:58:52.0583 0x18d8 Psched - ok
16:58:52.0585 0x18d8 QWAVE - ok
16:58:52.0587 0x18d8 QWAVEdrv - ok
16:58:52.0590 0x18d8 RasAcd - ok
16:58:52.0592 0x18d8 RasAgileVpn - ok
16:58:52.0594 0x18d8 RasAuto - ok
16:58:52.0596 0x18d8 Rasl2tp - ok
16:58:52.0599 0x18d8 RasMan - ok
16:58:52.0600 0x18d8 RasPppoe - ok
16:58:52.0603 0x18d8 RasSstp - ok
16:58:52.0605 0x18d8 rdbss - ok
16:58:52.0609 0x18d8 rdpbus - ok
16:58:52.0610 0x18d8 RDPDR - ok
16:58:52.0615 0x18d8 RdpVideoMiniport - ok
16:58:52.0617 0x18d8 rdyboost - ok
16:58:52.0619 0x18d8 ReFSv1 - ok
16:58:52.0622 0x18d8 RemoteAccess - ok
16:58:52.0624 0x18d8 RemoteRegistry - ok
16:58:52.0626 0x18d8 RetailDemo - ok
16:58:52.0628 0x18d8 RFCOMM - ok
16:58:52.0630 0x18d8 RMCAST - ok
16:58:52.0632 0x18d8 RpcEptMapper - ok
16:58:52.0635 0x18d8 RpcLocator - ok
16:58:52.0637 0x18d8 RpcSs - ok
16:58:52.0639 0x18d8 rspndr - ok
16:58:52.0653 0x18d8 [ AD4E81B1041A75216167DA27B0F91717, D629E62F8B03F05F5E445A08EF9BCA43018B986C82C1504917681CA8409DFCE0 ] rt640x64 C:\WINDOWS\System32\drivers\rt640x64.sys
16:58:52.0666 0x18d8 rt640x64 - ok
16:58:52.0669 0x18d8 s3cap - ok
16:58:52.0672 0x18d8 SamSs - ok
16:58:52.0674 0x18d8 sbp2port - ok
16:58:52.0676 0x18d8 SCardSvr - ok
16:58:52.0679 0x18d8 ScDeviceEnum - ok
16:58:52.0681 0x18d8 scfilter - ok
16:58:52.0683 0x18d8 Schedule - ok
16:58:52.0686 0x18d8 SCPolicySvc - ok
16:58:52.0688 0x18d8 sdbus - ok
16:58:52.0690 0x18d8 SDRSVC - ok
16:58:52.0692 0x18d8 sdstor - ok
16:58:52.0695 0x18d8 seclogon - ok
16:58:52.0697 0x18d8 SENS - ok
16:58:52.0699 0x18d8 SensorDataService - ok
16:58:52.0702 0x18d8 SensorService - ok
16:58:52.0703 0x18d8 SensrSvc - ok
16:58:52.0705 0x18d8 SerCx - ok
16:58:52.0708 0x18d8 SerCx2 - ok
16:58:52.0710 0x18d8 Serenum - ok
16:58:52.0712 0x18d8 Serial - ok
16:58:52.0715 0x18d8 sermouse - ok
16:58:52.0719 0x18d8 SessionEnv - ok
16:58:52.0722 0x18d8 sfloppy - ok
16:58:52.0724 0x18d8 SharedAccess - ok
16:58:52.0726 0x18d8 ShellHWDetection - ok
16:58:52.0729 0x18d8 [ 16BD2CECA46F955C1362564D83662E58, B79959273329656C952BC550C1FF33AC9BE4DDD4080CBA5EB87253AE90E25497 ] shspusb C:\WINDOWS\System32\drivers\HSPUSB.sys
16:58:52.0730 0x18d8 shspusb - ok
16:58:52.0733 0x18d8 SiSRaid2 - ok
16:58:52.0735 0x18d8 SiSRaid4 - ok
16:58:52.0741 0x18d8 [ 52F7E8603E888E3DB0A8B3D1804098E9, 4E23DC9442C0C14AAE7146DACBB0B39743F1FFAA463EE7069CCDF866AD27BD77 ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
16:58:52.0746 0x18d8 SkypeUpdate - ok
16:58:52.0749 0x18d8 [ 1363457E96A29B24D9855C084603F84B, 653B920B5FACE90E43464F10EFEDE88F0BB41C97BF653A91EE8E612A5AA41CEF ] SmbDrv C:\WINDOWS\System32\drivers\Smb_driver_AMDASF.sys
16:58:52.0751 0x18d8 SmbDrv - ok
16:58:52.0754 0x18d8 [ 5A474BBF8689F73BD28AD224A4BD0102, 20FDEAE8EF71B6503BDF13035CF5A2C11B19347B54D684F6399DDBBC83413593 ] SmbDrvI C:\WINDOWS\System32\drivers\Smb_driver_Intel.sys
16:58:52.0755 0x18d8 SmbDrvI - ok
16:58:52.0758 0x18d8 smphost - ok
16:58:52.0760 0x18d8 SmsRouter - ok
16:58:52.0766 0x18d8 SNMPTRAP - ok
16:58:52.0768 0x18d8 spaceport - ok
16:58:52.0770 0x18d8 SpbCx - ok
16:58:52.0772 0x18d8 Spooler - ok
16:58:52.0775 0x18d8 sppsvc - ok
16:58:52.0776 0x18d8 srv - ok
16:58:52.0779 0x18d8 srv2 - ok
16:58:52.0781 0x18d8 srvnet - ok
16:58:52.0785 0x18d8 [ 52D6F40B50ECFC051979FEC68E74F0F8, 9C8C65AC69BA5C9885CF2A4BD72B869754948377AA3FED2680E7BF8C5639F2A2 ] ssadbus C:\WINDOWS\System32\drivers\ssadbus.sys
16:58:52.0789 0x18d8 ssadbus - ok
16:58:52.0793 0x18d8 [ FF20F67DD5644BD1D2E7FCD95AF7F03B, 23615E776D6A8C406C7DDF0E694ED3B5A2D30913AFD3C0F86A788C5004299845 ] ssadserd C:\WINDOWS\System32\drivers\ssadserd.sys
16:58:52.0797 0x18d8 ssadserd - ok
16:58:52.0801 0x18d8 [ DF11D259C10C9D0DFCCBA1093C5DB1BD, A9AEF5D88DDDCE27A4640FE82CED92A4957C42F8E9EEDFC52DC128A66E0B43ED ] sscdbus C:\WINDOWS\System32\drivers\sscdbus.sys
16:58:52.0805 0x18d8 sscdbus - ok
16:58:52.0810 0x18d8 [ 1381D76044350F327539E47B67367992, 78D6D9D5382F53579760A7E8E0E9DF0FCA2156C7E480FAF4C349E7E4A0C18504 ] sscdserd C:\WINDOWS\System32\drivers\sscdserd.sys
16:58:52.0814 0x18d8 sscdserd - ok
16:58:52.0819 0x18d8 [ FA03D4C16F2F7ACD43E6317767764E0C, 36D66A3B128D27B31FD2DEE82AEBF6305C927ECBA63074EC3C15A7EDB5BD2191 ] sscebus C:\WINDOWS\System32\drivers\sscebus.sys
16:58:52.0822 0x18d8 sscebus - ok
16:58:52.0827 0x18d8 [ EB5818115562D45A66E23C85C90E9442, 97616466732666CB1C8DCD0ED2A79E1BD4557038191A0C48293EAE4047B46B9B ] ssceserd C:\WINDOWS\System32\drivers\ssceserd.sys
16:58:52.0831 0x18d8 ssceserd - ok
16:58:52.0833 0x18d8 SSDPSRV - ok
16:58:52.0837 0x18d8 [ 29011AE5334C1E1A3141B7BE199858FC, EDF026B8C57536381A54C7D1066ED5FE01DE4DECC76E406E55298E5AA7361AEB ] ssdudfu C:\WINDOWS\System32\drivers\ssdudfu.sys
16:58:52.0840 0x18d8 ssdudfu - ok
16:58:52.0842 0x18d8 [ AC8A46E5B77E6E81C0E204F2CAFEEDE7, B335EADD7446CECF90A6CEA54A4E4DBF84C24239F9C63BA8F739DDFA770F9987 ] sshid C:\WINDOWS\System32\drivers\sshid.sys
16:58:52.0844 0x18d8 sshid - ok
16:58:52.0849 0x18d8 [ 8E1B485AEBF4743F05B4FB162F6ED430, 89CB6756E71E5F11E58CA42D08BF3D011618D4CFFA6335BA3EAB8B7DC441BFB8 ] ssm_bus C:\WINDOWS\System32\drivers\ssm_bus.sys
16:58:52.0852 0x18d8 ssm_bus - ok
16:58:52.0856 0x18d8 [ 1FFCC272F19BD84596378780F5C9843D, 4896DBC4B53D9CFA93E9A3A46BBC327A795A83844CA404520EF9F95D0A87802F ] ssm_mdm C:\WINDOWS\System32\drivers\ssm_mdm.sys
16:58:52.0860 0x18d8 ssm_mdm - ok
16:58:52.0862 0x18d8 SstpSvc - ok
16:58:52.0865 0x18d8 [ 32C73F69519D51B8775874E0F2808AA1, 591726261239A69CD9054A521B55E675C69EEE34BB93F54D2748B78680D17F83 ] ssudcdf C:\WINDOWS\System32\drivers\ssudcdf.sys
16:58:52.0867 0x18d8 ssudcdf - ok
16:58:52.0872 0x18d8 [ 550A9E8F2DE37A0EE8D67F9245FC617E, 3CD6D2CC54F2DE72ACFDA5B6DD0DFE633B8B3A663D19EED2A540C5D958E17643 ] ssuddmgr C:\WINDOWS\System32\drivers\ssuddmgr.sys
16:58:52.0876 0x18d8 ssuddmgr - ok
16:58:52.0881 0x18d8 [ 042F005536B9F45D84BC7AF2CF2D784F, 8E8306F0A06B60B995C26FC861DD7ED19786DEC93069942685AA2F648002CDCB ] ssudobex C:\WINDOWS\System32\drivers\ssudobex.sys
16:58:52.0885 0x18d8 ssudobex - ok
16:58:52.0888 0x18d8 [ E53FCC4249DD4E48D32ED6D0FB53643D, B8804DAB0EEB5231445925B8332F79AF02AE86C27B1EE452BC1770A38C13E713 ] ssudqcfilter C:\WINDOWS\System32\drivers\ssudqcfilter.sys
16:58:52.0890 0x18d8 ssudqcfilter - ok
16:58:52.0895 0x18d8 [ FCDBD15E4978C79BF464E4233F3C1364, 8CF10C5616520926449AC6E850A3BE22F2157BB63252FDA33D2F234BC2F8A5B0 ] ssudserd C:\WINDOWS\System32\drivers\ssudserd.sys
16:58:52.0899 0x18d8 ssudserd - ok
16:58:52.0903 0x18d8 [ EF806D212D34B0E173BAEB3564D53E37, 6EF229A7B7AFF0268CDF47B77F961BD44335C3B35499BB00CBA494A22B2BA39E ] ss_bbus C:\WINDOWS\System32\drivers\ss_bbus.sys
16:58:52.0906 0x18d8 ss_bbus - ok
16:58:52.0910 0x18d8 [ 677CDC98F8363ACCAAE783FDE1599C2A, 2ED5125A93AF824CA4D394A36F79996F9EBC84305F565F6024ECDD490A4A1FE2 ] ss_bserd C:\WINDOWS\System32\drivers\ss_bserd.sys
16:58:52.0913 0x18d8 ss_bserd - ok
16:58:52.0917 0x18d8 [ D21FF3592DAEE244EE8376830A672B52, 8CFD9CD93D3B30D21AE1F25D8F0D78EC2876D85BF622D638BBD3809A3373BAFF ] ss_bus C:\WINDOWS\System32\drivers\ss_bus.sys
16:58:52.0920 0x18d8 ss_bus - ok
16:58:52.0924 0x18d8 [ 1D424B821BF84218F07158571DBD38AA, F50552C892A50AD62C48A526BFB7A35D8E45EE61A74EC50CD58944F688641AE3 ] ss_conn_usb_driver C:\WINDOWS\System32\Drivers\ss_conn_usb_driver.sys
16:58:52.0926 0x18d8 ss_conn_usb_driver - ok
16:58:52.0928 0x18d8 StateRepository - ok
16:58:52.0943 0x18d8 [ A831D5A4D2F5138E332AC1B98315EBB1, 2FF5C256A83ACFB5CEC17B9FA7875048F770B793C37657D6D4E37C70B2F857A8 ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
16:58:52.0954 0x18d8 Steam Client Service - ok
16:58:52.0963 0x18d8 [ 44CC3BCE853025D9D221CB02040B7DB6, 7A2DA3DB36DDED82C6D0CCBF7F5343F4BA997CA47B0185488098E4C55E9D3D7E ] Stereo Service C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
16:58:52.0969 0x18d8 Stereo Service - ok
16:58:52.0975 0x18d8 stexstor - ok
16:58:52.0979 0x18d8 stisvc - ok
16:58:52.0982 0x18d8 storahci - ok
16:58:52.0984 0x18d8 storflt - ok
16:58:52.0986 0x18d8 stornvme - ok
16:58:52.0990 0x18d8 storqosflt - ok
16:58:52.0992 0x18d8 StorSvc - ok
16:58:52.0995 0x18d8 storufs - ok
16:58:52.0999 0x18d8 storvsc - ok
16:58:53.0001 0x18d8 svsvc - ok
16:58:53.0013 0x18d8 swenum - ok
16:58:53.0015 0x18d8 swprv - ok
16:58:53.0017 0x18d8 Synth3dVsc - ok
16:58:53.0020 0x18d8 SysMain - ok
16:58:53.0022 0x18d8 SystemEventsBroker - ok
16:58:53.0025 0x18d8 TabletInputService - ok
16:58:53.0027 0x18d8 TapiSrv - ok
16:58:53.0030 0x18d8 Tcpip - ok
16:58:53.0032 0x18d8 Tcpip6 - ok
16:58:53.0035 0x18d8 tcpipreg - ok
16:58:53.0039 0x18d8 tdx - ok
16:58:53.0041 0x18d8 terminpt - ok
16:58:53.0044 0x18d8 TermService - ok
16:58:53.0046 0x18d8 Themes - ok
16:58:53.0049 0x18d8 tiledatamodelsvc - ok
16:58:53.0052 0x18d8 TimeBroker - ok
16:58:53.0055 0x18d8 TPM - ok
16:58:53.0058 0x18d8 TrkWks - ok
16:58:53.0061 0x18d8 TrustedInstaller - ok
16:58:53.0065 0x18d8 TsUsbFlt - ok
16:58:53.0067 0x18d8 TsUsbGD - ok
16:58:53.0070 0x18d8 tunnel - ok
16:58:53.0073 0x18d8 uagp35 - ok
16:58:53.0076 0x18d8 UASPStor - ok
16:58:53.0081 0x18d8 UcmCx0101 - ok
16:58:53.0084 0x18d8 UcmUcsi - ok
16:58:53.0086 0x18d8 Ucx01000 - ok
16:58:53.0089 0x18d8 UdeCx - ok
16:58:53.0093 0x18d8 udfs - ok
16:58:53.0097 0x18d8 UEFI - ok
16:58:53.0099 0x18d8 Ufx01000 - ok
16:58:53.0102 0x18d8 UfxChipidea - ok
16:58:53.0105 0x18d8 ufxsynopsys - ok
16:58:53.0110 0x18d8 UI0Detect - ok
16:58:53.0113 0x18d8 uliagpkx - ok
16:58:53.0116 0x18d8 umbus - ok
16:58:53.0119 0x18d8 UmPass - ok
16:58:53.0122 0x18d8 UmRdpService - ok
16:58:53.0125 0x18d8 UnistoreSvc - ok
16:58:53.0129 0x18d8 upnphost - ok
16:58:53.0131 0x18d8 UrsChipidea - ok
16:58:53.0134 0x18d8 UrsCx01000 - ok
16:58:53.0137 0x18d8 UrsSynopsys - ok
16:58:53.0140 0x18d8 [ F957092C63CD71D85903CA0D8370F473, 4DEC2FC20329F248135DA24CB6694FD972DCCE8B1BBEA8D872FDE41939E96AAF ] USBAAPL64 C:\WINDOWS\System32\Drivers\usbaapl64.sys
16:58:53.0146 0x18d8 USBAAPL64 - ok
16:58:53.0148 0x18d8 usbaudio - ok
16:58:53.0151 0x18d8 usbccgp - ok
16:58:53.0154 0x18d8 usbcir - ok
16:58:53.0157 0x18d8 usbehci - ok
16:58:53.0159 0x18d8 usbhub - ok
16:58:53.0161 0x18d8 USBHUB3 - ok
16:58:53.0164 0x18d8 usbohci - ok
16:58:53.0166 0x18d8 usbprint - ok
16:58:53.0168 0x18d8 usbser - ok
16:58:53.0170 0x18d8 USBSTOR - ok
16:58:53.0173 0x18d8 usbuhci - ok
16:58:53.0175 0x18d8 USBXHCI - ok
16:58:53.0177 0x18d8 UserDataSvc - ok
16:58:53.0181 0x18d8 UserManager - ok
16:58:53.0183 0x18d8 UsoSvc - ok
16:58:53.0186 0x18d8 VaultSvc - ok
16:58:53.0188 0x18d8 vdrvroot - ok
16:58:53.0191 0x18d8 vds - ok
16:58:53.0193 0x18d8 VerifierExt - ok
16:58:53.0196 0x18d8 vhdmp - ok
16:58:53.0198 0x18d8 vhf - ok
16:58:53.0201 0x18d8 vmbus - ok
16:58:53.0204 0x18d8 VMBusHID - ok
16:58:53.0206 0x18d8 vmicguestinterface - ok
16:58:53.0208 0x18d8 vmicheartbeat - ok
16:58:53.0211 0x18d8 vmickvpexchange - ok
16:58:53.0213 0x18d8 vmicrdv - ok
16:58:53.0215 0x18d8 vmicshutdown - ok
16:58:53.0217 0x18d8 vmictimesync - ok
16:58:53.0220 0x18d8 vmicvmsession - ok
16:58:53.0222 0x18d8 vmicvss - ok
16:58:53.0224 0x18d8 volmgr - ok
16:58:53.0226 0x18d8 volmgrx - ok
16:58:53.0229 0x18d8 volsnap - ok
16:58:53.0232 0x18d8 vpci - ok
16:58:53.0234 0x18d8 vsmraid - ok
16:58:53.0236 0x18d8 VSS - ok
16:58:53.0239 0x18d8 VSTXRAID - ok
16:58:53.0241 0x18d8 vwifibus - ok
16:58:53.0243 0x18d8 vwififlt - ok
16:58:53.0246 0x18d8 W32Time - ok
16:58:53.0249 0x18d8 w3logsvc - ok
16:58:53.0252 0x18d8 W3SVC - ok
16:58:53.0255 0x18d8 WacomPen - ok
16:58:53.0257 0x18d8 WalletService - ok
16:58:53.0260 0x18d8 wanarp - ok
16:58:53.0262 0x18d8 wanarpv6 - ok
16:58:53.0264 0x18d8 WAS - ok
16:58:53.0267 0x18d8 wbengine - ok
16:58:53.0270 0x18d8 WbioSrvc - ok
16:58:53.0273 0x18d8 Wcmsvc - ok
16:58:53.0275 0x18d8 wcncsvc - ok
16:58:53.0278 0x18d8 WcsPlugInService - ok
16:58:53.0281 0x18d8 WdBoot - ok
16:58:53.0284 0x18d8 Wdf01000 - ok
16:58:53.0286 0x18d8 WdFilter - ok
16:58:53.0289 0x18d8 WdiServiceHost - ok
16:58:53.0291 0x18d8 WdiSystemHost - ok
16:58:53.0294 0x18d8 wdiwifi - ok
16:58:53.0296 0x18d8 WdNisDrv - ok
16:58:53.0299 0x18d8 WdNisSvc - ok
16:58:53.0302 0x18d8 WebClient - ok
16:58:53.0305 0x18d8 Wecsvc - ok
16:58:53.0308 0x18d8 WEPHOSTSVC - ok
16:58:53.0310 0x18d8 wercplsupport - ok
16:58:53.0314 0x18d8 WerSvc - ok
16:58:53.0316 0x18d8 wfpcapture - ok
16:58:53.0320 0x18d8 WFPLWFS - ok
16:58:53.0323 0x18d8 WiaRpc - ok
16:58:53.0326 0x18d8 WIMMount - ok
16:58:53.0328 0x18d8 WinDefend - ok
16:58:53.0334 0x18d8 WindowsTrustedRT - ok
16:58:53.0337 0x18d8 WindowsTrustedRTProxy - ok
16:58:53.0341 0x18d8 WinHttpAutoProxySvc - ok
16:58:53.0344 0x18d8 WinMad - ok
16:58:53.0349 0x18d8 Winmgmt - ok
16:58:53.0352 0x18d8 WinRM - ok
16:58:53.0357 0x18d8 WINUSB - ok
16:58:53.0360 0x18d8 WinVerbs - ok
16:58:53.0363 0x18d8 WlanSvc - ok
16:58:53.0367 0x18d8 wlidsvc - ok
16:58:53.0370 0x18d8 WmiAcpi - ok
16:58:53.0374 0x18d8 wmiApSrv - ok
16:58:53.0377 0x18d8 WMPNetworkSvc - ok
16:58:53.0380 0x18d8 Wof - ok
16:58:53.0385 0x18d8 workfolderssvc - ok
16:58:53.0388 0x18d8 wpcfltr - ok
16:58:53.0392 0x18d8 WPDBusEnum - ok
16:58:53.0395 0x18d8 WpdUpFltr - ok
16:58:53.0398 0x18d8 WpnService - ok
16:58:53.0401 0x18d8 ws2ifsl - ok
16:58:53.0404 0x18d8 wscsvc - ok
16:58:53.0407 0x18d8 WSearch - ok
16:58:53.0411 0x18d8 WSService - ok
16:58:53.0414 0x18d8 wuauserv - ok
16:58:53.0417 0x18d8 WudfPf - ok
16:58:53.0419 0x18d8 WUDFRd - ok
16:58:53.0422 0x18d8 wudfsvc - ok
16:58:53.0424 0x18d8 WUDFWpdFs - ok
16:58:53.0426 0x18d8 WUDFWpdMtp - ok
16:58:53.0429 0x18d8 WwanSvc - ok
16:58:53.0433 0x18d8 XblAuthManager - ok
16:58:53.0435 0x18d8 XblGameSave - ok
16:58:53.0439 0x18d8 xboxgip - ok
16:58:53.0441 0x18d8 XboxNetApiSvc - ok
16:58:53.0444 0x18d8 xinputhid - ok
16:58:53.0446 0x18d8 ================ Scan global ===============================
16:58:53.0455 0x18d8 [ Global ] - ok
16:58:53.0455 0x18d8 ================ Scan MBR ==================================
16:58:53.0457 0x18d8 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
16:58:53.0510 0x18d8 \Device\Harddisk0\DR0 - ok
16:58:53.0513 0x18d8 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1
16:58:53.0516 0x18d8 \Device\Harddisk1\DR1 - ok
16:58:53.0518 0x18d8 [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk2\DR2
16:58:53.0522 0x18d8 \Device\Harddisk2\DR2 - ok
16:58:53.0523 0x18d8 ================ Scan VBR ==================================
16:58:53.0524 0x18d8 [ F54390B80A3C991AFE4BB048602AB3AF ] \Device\Harddisk0\DR0\Partition1
16:58:53.0525 0x18d8 \Device\Harddisk0\DR0\Partition1 - ok
16:58:53.0526 0x18d8 [ 450249274434C3E9EBC44ACBDE868376 ] \Device\Harddisk0\DR0\Partition2
16:58:53.0527 0x18d8 \Device\Harddisk0\DR0\Partition2 - ok
16:58:53.0529 0x18d8 [ B1E27AA018409DE6BFD73F8AFB883A65 ] \Device\Harddisk1\DR1\Partition1
16:58:53.0529 0x18d8 \Device\Harddisk1\DR1\Partition1 - ok
16:58:53.0531 0x18d8 [ 45C98E7581092F1E297EAEA2981776DF ] \Device\Harddisk1\DR1\Partition2
16:58:53.0573 0x18d8 \Device\Harddisk1\DR1\Partition2 - ok
16:58:53.0575 0x18d8 [ 0CC1CCC71BCB2F83A60FC5DDA52093C3 ] \Device\Harddisk2\DR2\Partition1
16:58:53.0577 0x18d8 \Device\Harddisk2\DR2\Partition1 - ok
16:58:53.0578 0x18d8 ================ Scan generic autorun ======================
16:58:53.0794 0x18d8 [ 6B5829B512683F9505975AC312646AAA, A58282F60C62911BF45B29ECA52A451F1ABB90C052BA6C708007BB6C9AFD0AC3 ] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
16:58:53.0996 0x18d8 RTHDVCPL - ok
16:58:54.0017 0x18d8 [ F4B462319256598A123CA6A661FA935B, 7949CCC9C634B9A04B941DB870A8E2F2B193028B4F7D54488AD302C35DB18FAA ] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe
16:58:54.0024 0x18d8 AdobeAAMUpdater-1.0 - ok
16:58:54.0062 0x18d8 [ DD37DC13DF1224A8719208AE5CDE2B63, EA365A7358637C555D8CDEDD59BCA574C8B6EB8BB3C1B8790FEC7D76A37FC4AB ] C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
16:58:54.0091 0x18d8 NvBackend - ok
16:58:54.0095 0x18d8 ShadowPlay - ok
16:58:54.0128 0x18d8 [ 9DA1DA12855A1CA6BEF78185552F1DFA, 1A76AE144009DFAAEC560DDECBDE0FFFB2B9466236A369BCCB5A16D5FDE5EDA6 ] C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
16:58:54.0160 0x18d8 Adobe Creative Cloud - ok
16:58:54.0256 0x18d8 [ 8A312D5764B4FC4C55CEDDEED4652CF1, C4E726C9C77614CD32D5B76DA2E9A049EC490C2392D9A94B84712BCBF47BA7C6 ] C:\Program Files\AVAST Software\Avast\AvastUI.exe
16:58:54.0350 0x18d8 AvastUI.exe - ok
16:58:54.0366 0x18d8 OneDriveSetup - ok
16:58:54.0367 0x18d8 OneDriveSetup - ok
16:58:54.0408 0x18d8 [ 7AB06BB56EA5AAB7340CDCED56A0486F, 2992F9DD854ADE90EA734F01B41FEE12C4080A82B564BF3D20B08ED54380AFB9 ] C:\Program Files (x86)\Steam\steam.exe
16:58:54.0451 0x18d8 Steam - ok
16:58:54.0455 0x18d8 Skype - ok
16:58:54.0577 0x18d8 [ 15914F30482983E349FF9544B2DCAF11, 457833C665AB340D6DEE6B489947EE2D5202D4C93097C194A9DF196AFE4E4898 ] C:\Program Files\CCleaner\CCleaner64.exe
16:58:54.0682 0x18d8 CCleaner Monitoring - ok
16:58:54.0699 0x18d8 [ 1E827B1C08007E18424315DDA4756279, ED151A4C669E2F240D2E15DC70F49BCE2A244A4E8060B9E0869E15C15CFC04C6 ] C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
16:58:54.0708 0x18d8 GoogleChromeAutoLaunch_2524FC75FB40A63E2F8100B1D0EAD42C - ok
16:58:54.0710 0x18d8 OneDriveSetup - ok
16:58:54.0711 0x18d8 Waiting for KSN requests completion. In queue: 63
16:58:54.0991 0x0c44 Object required for P2P: [ 6F5AC1C495DA6D19AF99A59DC44BC13F ] NvStreamNetworkSvc
16:58:55.0712 0x18d8 Waiting for KSN requests completion. In queue: 42
16:58:56.0713 0x18d8 Waiting for KSN requests completion. In queue: 42
16:58:57.0131 0x03f8 Object required for P2P: [ 8A312D5764B4FC4C55CEDDEED4652CF1 ] C:\Program Files\AVAST Software\Avast\AvastUI.exe
16:58:57.0493 0x0c44 Object send P2P result: true
16:58:57.0495 0x0c44 Object required for P2P: [ 73FA6B2DF3348AF05E1F98310854BD4F ] NvStreamSvc
16:58:57.0713 0x18d8 Waiting for KSN requests completion. In queue: 9
16:58:58.0714 0x18d8 Waiting for KSN requests completion. In queue: 9
16:58:59.0577 0x03f8 Object send P2P result: true
16:58:59.0577 0x03f8 Object required for P2P: [ 7AB06BB56EA5AAB7340CDCED56A0486F ] C:\Program Files (x86)\Steam\steam.exe
16:58:59.0714 0x18d8 Waiting for KSN requests completion. In queue: 8
16:58:59.0948 0x0c44 Object send P2P result: true
16:58:59.0949 0x0c44 Object required for P2P: [ 44C787E5661B40B78D59E0EB8B73C412 ] nvsvc
16:59:00.0715 0x18d8 Waiting for KSN requests completion. In queue: 6
16:59:01.0716 0x18d8 Waiting for KSN requests completion. In queue: 6
16:59:02.0012 0x03f8 Object send P2P result: true
16:59:02.0012 0x03f8 Object required for P2P: [ 15914F30482983E349FF9544B2DCAF11 ] C:\Program Files\CCleaner\CCleaner64.exe
16:59:02.0371 0x0c44 Object send P2P result: true
16:59:02.0716 0x18d8 Waiting for KSN requests completion. In queue: 2
16:59:03.0717 0x18d8 Waiting for KSN requests completion. In queue: 2
16:59:04.0454 0x03f8 Object send P2P result: true
16:59:04.0734 0x18d8 AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.8.10240.16384 ), 0x60100 ( disabled : updated )
16:59:04.0735 0x18d8 AV detected via SS2: avast! Antivirus, C:\Program Files\AVAST Software\Avast\VisthAux.exe ( 11.1.2245.1540 ), 0x41000 ( enabled : updated )
16:59:04.0757 0x18d8 Win FW state via NFP2: enabled ( trusted )
16:59:07.0167 0x18d8 ============================================================
16:59:07.0167 0x18d8 Scan finished
16:59:07.0167 0x18d8 ============================================================
16:59:07.0172 0x1280 Detected object count: 0
16:59:07.0172 0x1280 Actual detected object count: 0
Natürlich habe ich die ganzen Werbung-Offers abgelehnt, aber dennoch hatte ich immer das Gefühl dass es an dem Download liegt. (Falls du dich fragst was ich mit chip downloadmanager meine, dass ist der Download Manager den man bekommt wenn man sich eine Software bei Chip.de herunterladet, manchmal hat man die Auswahl ohne, aber meistens kann man die Software nur mit dem Programm herunterladen) Ist halt nur so ein Gefühl von mir, aber naja ich kenne mich nicht wirklich mit den ganzen Adwares/Viren aus, deshalb bin ich ja hier. |
|
24.12.2015, 20:23
| #5 |
| /// Malwareteam | Windows 10 Werbung am ganzen PC Sind ja a ned fertig  Downloade Dir bitte  Malwarebytes Anti-Malware
__________________ Mfg, Rafael ~ I'm storm. I'm calm. I'm fire. I'm ice. I'm burningice. ~  Unterstütze uns mit einer Spende ......... Lob, Kritik oder Wünsche ......... .......... Folge uns auf Facebook .......... |
|
24.12.2015, 22:33
| #6 |
| | Windows 10 Werbung am ganzen PC Hallo, leider wieder nichts gefunden: Code:
ATTFilter Malwarebytes Anti-Malware www.malwarebytes.org Suchlaufdatum: 24.12.2015 Suchlaufzeit: 22:26 Protokolldatei: mbam.txt Administrator: Ja Version: 2.2.0.1024 Malware-Datenbank: v2015.12.24.07 Rootkit-Datenbank: v2015.12.18.01 Lizenz: Testversion Malware-Schutz: Aktiviert Schutz vor bösartigen Websites: Aktiviert Selbstschutz: Deaktiviert Betriebssystem: Windows 10 CPU: x64 Dateisystem: NTFS Benutzer: dlehn Suchlauftyp: Bedrohungssuchlauf Ergebnis: Abgeschlossen Durchsuchte Objekte: 363793 Abgelaufene Zeit: 3 Min., 8 Sek. Speicher: Aktiviert Start: Aktiviert Dateisystem: Aktiviert Archive: Aktiviert Rootkits: Deaktiviert Heuristik: Aktiviert PUP: Aktiviert PUM: Aktiviert Prozesse: 0 (keine bösartigen Elemente erkannt) Module: 0 (keine bösartigen Elemente erkannt) Registrierungsschlüssel: 0 (keine bösartigen Elemente erkannt) Registrierungswerte: 0 (keine bösartigen Elemente erkannt) Registrierungsdaten: 0 (keine bösartigen Elemente erkannt) Ordner: 0 (keine bösartigen Elemente erkannt) Dateien: 0 (keine bösartigen Elemente erkannt) Physische Sektoren: 0 (keine bösartigen Elemente erkannt) (end) Geändert von Drift (24.12.2015 um 22:43 Uhr) |
|
25.12.2015, 19:20
| #7 |
| /// Malwareteam | Windows 10 Werbung am ganzen PC Okay. Schritt 1 ESET Online Scanner
__________________ Mfg, Rafael ~ I'm storm. I'm calm. I'm fire. I'm ice. I'm burningice. ~ Unterstütze uns mit einer Spende ......... Lob, Kritik oder Wünsche ......... .......... Folge uns auf Facebook .......... |
|
25.12.2015, 20:34
| #8 |
| | Windows 10 Werbung am ganzen PC Jetzt wurden Daten gefunden, ich weiß jetzt aber nicht wie ich damit umgehen soll, es handelt sich hier um nicht legal heruntergeladen Spiele die noch von meinem Bruder am pc gelassen worden sind. Ich weiß nicht ob das hier in diesem Forum erlaubt ist, aber ich habe wirklich nichts mit diesen Spielen zu tun und würde gerne nur meinen PC säubern. Mein Bruder meinte er hätte noch nie Adware probleme gehabt mit diesen Spielen. Er hat mir den PC verkauft, und wollte die Datein zu einem anderen Zeitraum abholen, Ich hoffe du glaubst mir und kannst mir trotzdem weiterhelfen und mein Problem lösen. MfG Code:
ATTFilter ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=f7f3a7a04e4d9b4dac7ac7c892c6f424
# end=init
# utc_time=2015-12-25 06:23:42
# local_time=2015-12-25 07:23:42 (+0100, Mitteleuropäische Zeit)
# country="Austria"
# osver=6.2.9200 NT
Update Init
Update Download
Update Finalize
Updated modules version: 27357
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=f7f3a7a04e4d9b4dac7ac7c892c6f424
# end=updated
# utc_time=2015-12-25 06:26:28
# local_time=2015-12-25 07:26:28 (+0100, Mitteleuropäische Zeit)
# country="Austria"
# osver=6.2.9200 NT
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7777
# api_version=3.1.1
# EOSSerial=f7f3a7a04e4d9b4dac7ac7c892c6f424
# engine=27357
# end=finished
# remove_checked=true
# archives_checked=false
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2015-12-25 07:10:29
# local_time=2015-12-25 08:10:29 (+0100, Mitteleuropäische Zeit)
# country="Austria"
# lang=1031
# osver=6.2.9200 NT
# compatibility_mode_1='avast! Antivirus'
# compatibility_mode=783 16777213 71 88 277025 2093383 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776574 100 94 287363 14544641 0 0
# scanned=313676
# found=16
# cleaned=16
# scan_time=2640
sh=2808572458167B692A713E2C339D6CD383E27CC8 ft=1 fh=c71c0011348cf113 vn="Variante von Win32/InstallCore.OG evtl. unerwünschte Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="D:\Oli´s sachen\Internet Downloads\3DS0451 - Pokemon Y -MULTi7-.exe"
sh=4CF6D90F922673DD5C744A514F88E81626FBFE92 ft=1 fh=ab6276c12845f1bf vn="Variante von Win32/InstallCore.ACZ evtl. unerwünschte Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="D:\Oli´s sachen\Internet Downloads\3DS1123 - Pokemon Alpha Sapphire.exe"
sh=5F11903F806AB6DC35D46921D4E9DCF066008617 ft=1 fh=ab6276c10c3ac19c vn="Variante von Win32/InstallCore.ACZ evtl. unerwünschte Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="D:\Oli´s sachen\Internet Downloads\3DSZ023 - Pokemon Omega Ruby.exe"
sh=C5E675003697DFD1561075102F32204774D498D5 ft=1 fh=8d911791e4f94ea8 vn="Variante von Win32/ExpressDownloader.K evtl. unerwünschte Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="D:\Oli´s sachen\Internet Downloads\dragonball_z_alle_291_folgen_dbz_in_deutsch_uncut_downloader.exe"
sh=7429190413DAA670D867E11873BA8226750E491C ft=1 fh=cb6ce99f61e122f0 vn="Mehrere Bedrohungen (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="D:\Oli´s sachen\Internet Downloads\eMu3Ds_Setup (1).exe"
sh=7429190413DAA670D867E11873BA8226750E491C ft=1 fh=cb6ce99f61e122f0 vn="Mehrere Bedrohungen (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="D:\Oli´s sachen\Internet Downloads\eMu3Ds_Setup.exe"
sh=2AC5498ECD1B53830799CF86DA31EBC3E9FD5443 ft=1 fh=75fac78432cbf532 vn="Variante von Win32/DownloadSponsor.A evtl. unerwünschte Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="D:\Oli´s sachen\Internet Downloads\Kaspersky Internet Security 2014 - CHIP-Installer.exe"
sh=52008517C41F07930B2027FDAA14393BA38481FD ft=1 fh=aa8c75a03c582129 vn="Variante von Win32/InstallCore.PK evtl. unerwünschte Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="D:\Oli´s sachen\Internet Downloads\r4_3ds_emulator.exe"
sh=E68734FABC4BB0229F12AE95BEA0BFB7344BFD07 ft=1 fh=94566ebfe54eadba vn="Variante von Win32/DownloadSponsor.A evtl. unerwünschte Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="D:\Oli´s sachen\Internet Downloads\SketchUp Make 2014 - CHIP-Installer.exe"
sh=E0D69AA8A393FD98AC9899EF3A143C90DF1503F1 ft=1 fh=47978917b33c8b08 vn="NSIS/StartPage.CC Trojaner (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="D:\Oli´s sachen\Internet Downloads\vlc-2.1.2-win32.exe"
sh=86FD2D88F3C4675471D14644D2A2D8A0B08BA2F4 ft=1 fh=5d2300031434a965 vn="NSIS/StartPage.CC Trojaner (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="D:\Oli´s sachen\Internet Downloads\vlc-2.1.2-win64.exe"
sh=8FCF97C2F1FE60E407CCEB0E19CF28B0C96C8CC1 ft=1 fh=35272a6e1d023cfd vn="Variante von Win32/Toolbar.Widgi.B evtl. unerwünschte Anwendung (gelöscht - in Quarantäne kopiert)" ac=C fn="D:\Oli´s sachen\Internet Downloads\YTD471Setup.exe"
sh=43FAC9E9DA946E2B84CEB71D10CBA8C25A8D2047 ft=0 fh=0000000000000000 vn="JS/Trackware.Agent.A evtl. unerwünschte Anwendung (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="D:\Oli´s sachen\Internet Downloads\Küche P.MAX Maßmöbel - Tischlerqualität aus Österreich_files\det.js"
sh=82CF0AF902CCDDFC6E6DB907741ED72C625D5802 ft=1 fh=4c3a77b9d48715c4 vn="Variante von Win32/Packed.VMProtect.ABR Trojaner (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="D:\Oli´s sachen\Spiele\Far Cry 4\bin\uplay_r1_loader64.dll"
sh=82CF0AF902CCDDFC6E6DB907741ED72C625D5802 ft=1 fh=4c3a77b9d48715c4 vn="Variante von Win32/Packed.VMProtect.ABR Trojaner (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="D:\Oli´s sachen\Spiele\Far Cry 4\bin\SKIDROW\uplay_r1_loader64.dll"
sh=82CF0AF902CCDDFC6E6DB907741ED72C625D5802 ft=1 fh=4c3a77b9d48715c4 vn="Variante von Win32/Packed.VMProtect.ABR Trojaner (Gesäubert durch Löschen - in Quarantäne kopiert)" ac=C fn="D:\Oli´s sachen\Spiele\Far Cry 4repack\SKIDROW\uplay_r1_loader64.dll"
|
|
25.12.2015, 20:46
| #9 |
| /// Malwareteam | Windows 10 Werbung am ganzen PC *gg* Die Dateien wurden schon entfernt, das passt schon. Und nein, Cracks sind hier nicht erlaubt. Durch das Entfernen der Datei sollten diese Cracks jetzt aber eh nicht mehr 100% richtig laufen bzw. sich installieren lassen. Frage Kann es sein, dass du nur dann Probleme hast, wenn Skype geöffnet ist? Probiere es mal aus. Stelle sicher, dass Skype komplett beendet ist (nicht nur abmelden sondern wirklich, auch im Taskmanager taucht es nicht mehr auf) und schaue, ob noch immer Probleme auftreten. Bitte berichte mir von deinen Beobachtungen.
__________________ Mfg, Rafael ~ I'm storm. I'm calm. I'm fire. I'm ice. I'm burningice. ~ Unterstütze uns mit einer Spende ......... Lob, Kritik oder Wünsche ......... .......... Folge uns auf Facebook .......... |
|
25.12.2015, 20:53
| #10 |
| | Windows 10 Werbung am ganzen PC Ich werde weiterhin mit solchen hxxp://imgur.com/PX6KnVl Nachrichten bombardiert wenn ich den Steam Store (am client) verwende. |
|
25.12.2015, 20:57
| #11 |
| /// Malwareteam | Windows 10 Werbung am ganzen PC Okay, ist das immer die selbe Meldung? Merkst du außer den Meldungen von Malwarebytes wie in deinem Foto noch andere Probleme? Internetbrowser, surfen usw. passt alles?
__________________ Mfg, Rafael ~ I'm storm. I'm calm. I'm fire. I'm ice. I'm burningice. ~ Unterstütze uns mit einer Spende ......... Lob, Kritik oder Wünsche ......... .......... Folge uns auf Facebook .......... |
|
25.12.2015, 21:02
| #12 |
| | Windows 10 Werbung am ganzen PC Also bemerkt habe ich es am Anfang an meinem Browser (google chrome). Ich habe danach den Adw Cleaner, CC cleaner etc benützt, doch ohne Erfolg. Dann habe ich die Einstellungen an meinem Browser zurückgesetzt ("Einstellungen auf ursprüngliche Standardwerte zurücksetzen"). Danach ging der Browser, jetzt kann ich es nur schwer sagen, da ich keine Werbung mehr sehe, da Malwarebytes die Werbung blockiert (denk ich mal?) Trotzdem bekomme ich auch manchmal die Benachrichtigungen an meinem Browser. (Gleiche gilt auch für das Spiel "Cs:Go" wo ich auch Werbung bekomme) |
|
25.12.2015, 22:50
| #13 |
| /// Malwareteam | Windows 10 Werbung am ganzen PC Okay, aber kannst du mir sagen, ob die Meldung von Malwarebytes immer die selbe ist? kannst du bitte auch mal einen Screenshot von Steam oder CS machen, wo du da die Werbung siehst?
__________________ Mfg, Rafael ~ I'm storm. I'm calm. I'm fire. I'm ice. I'm burningice. ~ Unterstütze uns mit einer Spende ......... Lob, Kritik oder Wünsche ......... .......... Folge uns auf Facebook .......... |
|
26.12.2015, 04:00
| #14 |
| | Windows 10 Werbung am ganzen PC Steam ist leider derzeit, down, ich bekomme auch unterschiedliche Meldungen, also sind nicht immer die selben (würde ja gerne sagen welche, aber Steam ist derzeit down). Also seitdem ich dieses Programm Malwarebytes habe, sehe ich keine Werbung mehr, ich bekomme nur Benachrichtigungen von Seiten, aber bevor dem, habe ich Pop ups bekommen wo mir ein Video vorgespielt wurde, oder Werbung links und rechts auf den Seiten und ganz oben. Soll ich Malwarebytes desinstallieren um zu sehen welche Werbung kommt? Steam ist wieder online, ich bekomme doch immer die gleiche Meldung von der gleichen Domäne. (ich bilde mir aber ein dass ich auch einmal eine andere Domäne hatte, ich werde dich informieren wenn ich eine Benachrichtigung sehe. Eine Frage habe ich da noch, wie kann es sein dass kein Programm diese Adware findet, handelt es sich hierbei überhaupt um ein Virus? Edit2: ich bekomme auch von anderen Domänen werbung, eine heißt "Adcash.com" |
|
26.12.2015, 11:21
| #15 |
| /// Malwareteam | Windows 10 Werbung am ganzen PC Naja zu 98% wird dieses Problem jedenfalls gerade nicht von irgendwelcher unerwünschten "Drittsoftware" auf deinem Rechner verursacht. Schritt 1 - Beende Steam - Gehe zu folgendem Pfad und benenne den jeweligen Ordner um (z.B. httpcache_old) falls vorhanden:
Den Ordner Program Files siehst du evtl. nicht, tippe den Namen einfach oben in die Navigationsleiste ein oder lass dir die versteckten Dateien und Ordner einblenden. (den Pfad zu deiner Steam Installation musst du etvl. anpassen) Schritt 2 Danach folge noch bitte folgender Anleitung: https://support.steampowered.com/kb_...-4638&l=german
__________________ Mfg, Rafael ~ I'm storm. I'm calm. I'm fire. I'm ice. I'm burningice. ~ Unterstütze uns mit einer Spende ......... Lob, Kritik oder Wünsche ......... .......... Folge uns auf Facebook .......... Geändert von burningice (26.12.2015 um 11:30 Uhr) |
|
| Themen zu Windows 10 Werbung am ganzen PC |
| browser, cc cleaner, ccsetup, cleaner, cs:go, dnsapi.dll, driver booster, freue, gen, großes, heute, neu, onedrive, probiert, problem, revo uninstaller, spiel, steam, weiterhelfen, werbung, werbungen, windows, windows 10, würde, zurückgesetzt, öffnen, öffnet |
Linear-Darstellung
